Search in sources :

Example 1 with AuthorizableType

use of org.apache.jackrabbit.oak.spi.security.user.AuthorizableType in project jackrabbit-oak by apache.

the class UserValidator method childNodeDeleted.

@Override
public Validator childNodeDeleted(String name, NodeState before) throws CommitFailedException {
    Tree tree = parentBefore.getChild(name);
    AuthorizableType type = UserUtil.getType(tree);
    if (type == AuthorizableType.USER || type == AuthorizableType.GROUP) {
        if (isAdminUser(tree)) {
            String msg = "The admin user cannot be removed.";
            throw constraintViolation(27, msg);
        }
        return null;
    } else {
        return newValidator(tree, null, provider);
    }
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) AuthorizableType(org.apache.jackrabbit.oak.spi.security.user.AuthorizableType)

Example 2 with AuthorizableType

use of org.apache.jackrabbit.oak.spi.security.user.AuthorizableType in project jackrabbit-oak by apache.

the class QueryUtilTest method testGetSearchRoot.

@Test
public void testGetSearchRoot() {
    ConfigurationParameters params = ConfigurationParameters.of(UserConstants.PARAM_USER_PATH, "/configured/user/path", UserConstants.PARAM_GROUP_PATH, "/configured/group/path");
    Map<AuthorizableType, String> paths = ImmutableMap.of(AuthorizableType.USER, "/configured/user/path", AuthorizableType.GROUP, "/configured/group/path", AuthorizableType.AUTHORIZABLE, "/configured");
    assertSearchRoot(paths, params);
}
Also used : ConfigurationParameters(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters) AuthorizableType(org.apache.jackrabbit.oak.spi.security.user.AuthorizableType) Test(org.junit.Test)

Example 3 with AuthorizableType

use of org.apache.jackrabbit.oak.spi.security.user.AuthorizableType in project jackrabbit-oak by apache.

the class UserQueryManagerTest method testFindWithRelPathMultipleSelectorNames.

@Test
public void testFindWithRelPathMultipleSelectorNames() throws Exception {
    user.setProperty(propertyName, v);
    Group g = createGroup("g", null);
    g.setProperty("rel/path/to/" + propertyName, v);
    root.commit();
    for (AuthorizableType type : new AuthorizableType[] { AuthorizableType.AUTHORIZABLE, AuthorizableType.GROUP }) {
        Iterator<Authorizable> result = queryMgr.findAuthorizables("rel/path/to/" + propertyName, v.getString(), AuthorizableType.AUTHORIZABLE, false);
        assertResultContainsAuthorizables(result, g);
    }
}
Also used : Group(org.apache.jackrabbit.api.security.user.Group) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AuthorizableType(org.apache.jackrabbit.oak.spi.security.user.AuthorizableType) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 4 with AuthorizableType

use of org.apache.jackrabbit.oak.spi.security.user.AuthorizableType in project jackrabbit-oak by apache.

the class QueryUtilTest method testGetSearchRootGroupPathParentOfUser.

@Test
public void testGetSearchRootGroupPathParentOfUser() {
    ConfigurationParameters params = ConfigurationParameters.of(UserConstants.PARAM_USER_PATH, "/configured/groups/users", UserConstants.PARAM_GROUP_PATH, "/configured/groups");
    Map<AuthorizableType, String> paths = ImmutableMap.of(AuthorizableType.USER, "/configured/groups/users", AuthorizableType.GROUP, "/configured/groups", AuthorizableType.AUTHORIZABLE, "/configured/groups");
    assertSearchRoot(paths, params);
}
Also used : ConfigurationParameters(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters) AuthorizableType(org.apache.jackrabbit.oak.spi.security.user.AuthorizableType) Test(org.junit.Test)

Example 5 with AuthorizableType

use of org.apache.jackrabbit.oak.spi.security.user.AuthorizableType in project jackrabbit-oak by apache.

the class UserPrincipalProvider method findPrincipals.

@Nonnull
@Override
public Iterator<? extends Principal> findPrincipals(final String nameHint, final int searchType) {
    try {
        AuthorizableType type = AuthorizableType.getType(searchType);
        StringBuilder statement = new StringBuilder().append(QueryUtil.getSearchRoot(type, config.getParameters())).append("//element(*,").append(QueryUtil.getNodeTypeName(type)).append(')').append("[jcr:like(@rep:principalName,'").append(buildSearchPattern(nameHint)).append("')]");
        Result result = root.getQueryEngine().executeQuery(statement.toString(), javax.jcr.query.Query.XPATH, NO_BINDINGS, namePathMapper.getSessionLocalMappings());
        Iterator<Principal> principals = Iterators.filter(Iterators.transform(result.getRows().iterator(), new ResultRowToPrincipal()), Predicates.notNull());
        if (matchesEveryone(nameHint, searchType)) {
            principals = Iterators.concat(principals, Iterators.singletonIterator(EveryonePrincipal.getInstance()));
            return Iterators.filter(principals, new EveryonePredicate());
        } else {
            return principals;
        }
    } catch (ParseException e) {
        log.debug(e.getMessage());
        return Iterators.emptyIterator();
    }
}
Also used : ParseException(java.text.ParseException) AuthorizableType(org.apache.jackrabbit.oak.spi.security.user.AuthorizableType) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) SystemPrincipal(org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal) Principal(java.security.Principal) Result(org.apache.jackrabbit.oak.api.Result) Nonnull(javax.annotation.Nonnull)

Aggregations

AuthorizableType (org.apache.jackrabbit.oak.spi.security.user.AuthorizableType)10 Test (org.junit.Test)6 ConfigurationParameters (org.apache.jackrabbit.oak.spi.security.ConfigurationParameters)4 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)2 Tree (org.apache.jackrabbit.oak.api.Tree)2 Principal (java.security.Principal)1 ParseException (java.text.ParseException)1 CheckForNull (javax.annotation.CheckForNull)1 Nonnull (javax.annotation.Nonnull)1 RepositoryException (javax.jcr.RepositoryException)1 Group (org.apache.jackrabbit.api.security.user.Group)1 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)1 Result (org.apache.jackrabbit.oak.api.Result)1 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)1 SystemPrincipal (org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal)1