use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class ExternalLoginModuleAutoMembershipTest method testLoginSyncAutoMembershipSetup1.
@Test
public void testLoginSyncAutoMembershipSetup1() throws Exception {
ContentSession cs = null;
try {
cs = login(new SimpleCredentials(USER_ID, new char[0]));
// the login must set the existing auto-membership principals to the subject
Set<Principal> principals = cs.getAuthInfo().getPrincipals();
assertTrue(principals.contains(setup1.gr.getPrincipal()));
assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
assertFalse(principals.contains(setup2.gr.getPrincipal()));
assertFalse(principals.contains(setup3.gr.getPrincipal()));
// however, the existing auto-membership group must _not_ have changed
// and the test user must not be a stored member of this group.
root.refresh();
UserManager uMgr = getUserManager(root);
User user = uMgr.getAuthorizable(USER_ID, User.class);
Group gr = uMgr.getAuthorizable(setup1.gr.getID(), Group.class);
assertFalse(gr.isDeclaredMember(user));
assertFalse(gr.isMember(user));
} finally {
options.clear();
if (cs != null) {
cs.close();
}
}
}
use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class ExternalLoginModuleAutoMembershipTest method testLoginAfterSyncSetup3.
@Test
public void testLoginAfterSyncSetup3() throws Exception {
setup3.sync(USER_ID, false);
ContentSession cs = null;
try {
cs = login(new SimpleCredentials(USER_ID, new char[0]));
// the login must set the existing auto-membership principals to the subject
Set<Principal> principals = cs.getAuthInfo().getPrincipals();
assertTrue(principals.contains(setup3.gr.getPrincipal()));
assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
assertFalse(principals.contains(setup1.gr.getPrincipal()));
assertFalse(principals.contains(setup2.gr.getPrincipal()));
// however, the existing auto-membership group must _not_ have changed
// and the test user must not be a stored member of this group.
root.refresh();
UserManager uMgr = getUserManager(root);
User user = uMgr.getAuthorizable(USER_ID, User.class);
Group gr = uMgr.getAuthorizable(setup3.gr.getID(), Group.class);
assertTrue(gr.isDeclaredMember(user));
assertTrue(gr.isMember(user));
} finally {
options.clear();
if (cs != null) {
cs.close();
}
}
}
use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class ExternalLoginModuleAutoMembershipTest method testLoginAfterSyncSetup2.
@Test
public void testLoginAfterSyncSetup2() throws Exception {
setup2.sync(USER_ID, false);
ContentSession cs = null;
try {
cs = login(new SimpleCredentials(USER_ID, new char[0]));
// the login must set the existing auto-membership principals to the subject
Set<Principal> principals = cs.getAuthInfo().getPrincipals();
assertTrue(principals.contains(setup2.gr.getPrincipal()));
assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
assertFalse(principals.contains(setup1.gr.getPrincipal()));
assertFalse(principals.contains(setup3.gr.getPrincipal()));
// however, the existing auto-membership group must _not_ have changed
// and the test user must not be a stored member of this group.
root.refresh();
UserManager uMgr = getUserManager(root);
User user = uMgr.getAuthorizable(USER_ID, User.class);
Group gr = uMgr.getAuthorizable(setup2.gr.getID(), Group.class);
assertFalse(gr.isDeclaredMember(user));
assertFalse(gr.isMember(user));
} finally {
options.clear();
if (cs != null) {
cs.close();
}
}
}
use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class ExternalLoginModuleAutoMembershipTest method testLoginAfterSyncSetup4.
@Test
public void testLoginAfterSyncSetup4() throws Exception {
setup4.sync(USER_ID, false);
ContentSession cs = null;
try {
cs = login(new SimpleCredentials(USER_ID, new char[0]));
// the login must set the existing auto-membership principals to the subject
Set<Principal> principals = cs.getAuthInfo().getPrincipals();
assertTrue(principals.contains(setup4.gr.getPrincipal()));
assertTrue(principals.contains(setup2.gr.getPrincipal()));
assertFalse(principals.contains(new PrincipalImpl(NON_EXISTING_NAME)));
assertFalse(principals.contains(setup1.gr.getPrincipal()));
assertFalse(principals.contains(setup3.gr.getPrincipal()));
// however, the existing auto-membership group must _not_ have changed
// and the test user must not be a stored member of this group.
root.refresh();
UserManager uMgr = getUserManager(root);
User user = uMgr.getAuthorizable(USER_ID, User.class);
Group gr = uMgr.getAuthorizable(setup4.gr.getID(), Group.class);
assertFalse(gr.isDeclaredMember(user));
assertFalse(gr.isMember(user));
} finally {
options.clear();
if (cs != null) {
cs.close();
}
}
}
use of org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl in project jackrabbit-oak by apache.
the class DefaultSyncContext method createGroup.
/**
* Creates a new repository group for the given external one.
* Note that this method only creates the authorizable but does not perform any synchronization.
*
* @param externalGroup the external group
* @return the repository group
* @throws RepositoryException if an error occurs
*/
@Nonnull
protected Group createGroup(@Nonnull ExternalGroup externalGroup) throws RepositoryException {
Principal principal = new PrincipalImpl(externalGroup.getPrincipalName());
Group group = userManager.createGroup(externalGroup.getId(), principal, PathUtils.concatRelativePaths(config.group().getPathPrefix(), externalGroup.getIntermediatePath()));
setExternalId(group, externalGroup);
return group;
}
Aggregations