Search in sources :

Example 16 with PrivilegeBitsProvider

use of org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBitsProvider in project jackrabbit-oak by apache.

the class CugPermissionProviderTest method testSupportedPrivileges.

//---------------------------------------< AggregatedPermissionProvider >---
/**
     * @see org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider#supportedPrivileges(org.apache.jackrabbit.oak.api.Tree, org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits)
     */
@Test
public void testSupportedPrivileges() {
    PrivilegeBits readBits = PrivilegeBits.BUILT_IN.get(PrivilegeConstants.JCR_READ);
    PrivilegeBits readNodeBits = PrivilegeBits.BUILT_IN.get(PrivilegeConstants.REP_READ_NODES);
    PrivilegeBits readPropBits = PrivilegeBits.BUILT_IN.get(PrivilegeConstants.REP_READ_PROPERTIES);
    PrivilegeBitsProvider provider = new PrivilegeBitsProvider(root);
    for (String path : PATH_INCUG_MAP.keySet()) {
        boolean isInCug = PATH_INCUG_MAP.get(path);
        Tree tree = root.getTree(path);
        if (isInCug) {
            assertPrivilegeBits(readBits, cugPermProvider.supportedPrivileges(tree, readBits));
            assertPrivilegeBits(readNodeBits, cugPermProvider.supportedPrivileges(tree, readNodeBits));
            assertPrivilegeBits(readPropBits, cugPermProvider.supportedPrivileges(tree, readPropBits));
            assertPrivilegeBits(readBits, cugPermProvider.supportedPrivileges(tree, provider.getBits(PrivilegeConstants.JCR_ALL)));
            assertPrivilegeBits(readNodeBits, cugPermProvider.supportedPrivileges(tree, provider.getBits(PrivilegeConstants.REP_READ_NODES, PrivilegeConstants.JCR_READ_ACCESS_CONTROL)));
        } else {
            assertTrue(cugPermProvider.supportedPrivileges(tree, readBits).isEmpty());
            assertTrue(cugPermProvider.supportedPrivileges(tree, readNodeBits).isEmpty());
            assertTrue(cugPermProvider.supportedPrivileges(tree, readPropBits).isEmpty());
            assertTrue(cugPermProvider.supportedPrivileges(tree, provider.getBits(PrivilegeConstants.JCR_ALL)).isEmpty());
            assertTrue(cugPermProvider.supportedPrivileges(tree, provider.getBits(PrivilegeConstants.REP_READ_NODES, PrivilegeConstants.JCR_READ_ACCESS_CONTROL)).isEmpty());
        }
        assertTrue(cugPermProvider.supportedPrivileges(tree, provider.getBits(PrivilegeConstants.REP_WRITE)).isEmpty());
        assertTrue(cugPermProvider.supportedPrivileges(tree, provider.getBits(PrivilegeConstants.JCR_ADD_CHILD_NODES, PrivilegeConstants.JCR_REMOVE_CHILD_NODES, PrivilegeConstants.JCR_REMOVE_NODE)).isEmpty());
        assertTrue(cugPermProvider.supportedPrivileges(tree, provider.getBits(PrivilegeConstants.JCR_READ_ACCESS_CONTROL)).isEmpty());
    }
}
Also used : PrivilegeBitsProvider(org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBitsProvider) Tree(org.apache.jackrabbit.oak.api.Tree) PrivilegeBits(org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits) Test(org.junit.Test)

Aggregations

PrivilegeBitsProvider (org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBitsProvider)16 PrivilegeBits (org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeBits)6 Test (org.junit.Test)6 Tree (org.apache.jackrabbit.oak.api.Tree)5 Before (org.junit.Before)3 Nonnull (javax.annotation.Nonnull)2 AccessControlManager (javax.jcr.security.AccessControlManager)1 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)1 PrivilegeManager (org.apache.jackrabbit.api.security.authorization.PrivilegeManager)1 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)1 Root (org.apache.jackrabbit.oak.api.Root)1 L4_PrivilegesAndPermissionsTest (org.apache.jackrabbit.oak.exercise.security.authorization.permission.L4_PrivilegesAndPermissionsTest)1 L7_PermissionContentTest (org.apache.jackrabbit.oak.exercise.security.authorization.permission.L7_PermissionContentTest)1 TypePredicate (org.apache.jackrabbit.oak.plugins.nodetype.TypePredicate)1 AuthorizationConfiguration (org.apache.jackrabbit.oak.spi.security.authorization.AuthorizationConfiguration)1 AggregatedPermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.AggregatedPermissionProvider)1 PermissionProvider (org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider)1 RestrictionProvider (org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider)1 PrivilegeConfiguration (org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration)1 DefaultNodeStateDiff (org.apache.jackrabbit.oak.spi.state.DefaultNodeStateDiff)1