Search in sources :

Example 66 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class UserImporterBaseTest method createGroupTree.

Tree createGroupTree() throws Exception {
    String groupPath = getUserConfiguration().getParameters().getConfigValue(PARAM_GROUP_PATH, DEFAULT_GROUP_PATH);
    NodeUtil node = new NodeUtil(root.getTree(PathUtils.ROOT_PATH));
    NodeUtil groupRoot = node.getOrAddTree(PathUtils.relativize(PathUtils.ROOT_PATH, groupPath), NT_REP_AUTHORIZABLE_FOLDER);
    Tree groupTree = groupRoot.addChild("testGroup", NT_REP_GROUP).getTree();
    groupTree.setProperty(JcrConstants.JCR_UUID, new UserProvider(root, ConfigurationParameters.EMPTY).getContentID(TEST_GROUP_ID));
    return groupTree;
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil)

Example 67 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class UserManagerImplTest method testEnforceAuthorizableFolderHierarchy.

@Test
public void testEnforceAuthorizableFolderHierarchy() throws RepositoryException, CommitFailedException {
    User user = userMgr.createUser(testUserId, null);
    root.commit();
    NodeUtil userNode = new NodeUtil(root.getTree(user.getPath()));
    NodeUtil folder = userNode.addChild("folder", UserConstants.NT_REP_AUTHORIZABLE_FOLDER);
    String path = folder.getTree().getPath();
    // authNode - authFolder -> create User
    try {
        Principal p = new PrincipalImpl("test2");
        userMgr.createUser(p.getName(), p.getName(), p, path);
        root.commit();
        fail("Users may not be nested.");
    } catch (CommitFailedException e) {
    // success
    } finally {
        Authorizable a = userMgr.getAuthorizable("test2");
        if (a != null) {
            a.remove();
            root.commit();
        }
    }
    NodeUtil someContent = userNode.addChild("mystuff", JcrConstants.NT_UNSTRUCTURED);
    path = someContent.getTree().getPath();
    try {
        // authNode - anyNode -> create User
        try {
            Principal p = new PrincipalImpl("test3");
            userMgr.createUser(p.getName(), p.getName(), p, path);
            root.commit();
            fail("Users may not be nested.");
        } catch (CommitFailedException e) {
        // success
        } finally {
            Authorizable a = userMgr.getAuthorizable("test3");
            if (a != null) {
                a.remove();
                root.commit();
            }
        }
        // authNode - anyNode - authFolder -> create User
        folder = someContent.addChild("folder", UserConstants.NT_REP_AUTHORIZABLE_FOLDER);
        // this time save node structure
        root.commit();
        try {
            Principal p = new PrincipalImpl("test4");
            userMgr.createUser(p.getName(), p.getName(), p, folder.getTree().getPath());
            root.commit();
            fail("Users may not be nested.");
        } catch (CommitFailedException e) {
        // success
        } finally {
            root.refresh();
            Authorizable a = userMgr.getAuthorizable("test4");
            if (a != null) {
                a.remove();
                root.commit();
            }
        }
    } finally {
        root.refresh();
        Tree t = root.getTree(path);
        if (t.exists()) {
            t.remove();
            root.commit();
        }
    }
}
Also used : User(org.apache.jackrabbit.api.security.user.User) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) Tree(org.apache.jackrabbit.oak.api.Tree) CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) Principal(java.security.Principal) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 68 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class L6_AdministratativeAccessTest method testAdministrativeConfiguration.

@Test
public void testAdministrativeConfiguration() throws Exception {
    // EXERCISE once you have defined the right permission-eval configuration options
    // EXERCISE the test principal should be treated as 'administrative' principal and the test should pass.
    ContentSession testSession = createTestSession();
    try {
        Root testRoot = testSession.getLatestRoot();
        Tree rootTree = testRoot.getTree("/");
        // EXERCISE walk through the add + remove
        NodeUtil child = new NodeUtil(rootTree).addChild("test", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
        child.setString("prop", "val");
        testRoot.commit();
        child.getTree().remove();
        testRoot.commit();
    } finally {
        testSession.close();
    }
}
Also used : Root(org.apache.jackrabbit.oak.api.Root) ContentSession(org.apache.jackrabbit.oak.api.ContentSession) Tree(org.apache.jackrabbit.oak.api.Tree) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 69 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class L6_AdministratativeAccessTest method testAdmininistrativePermissions.

@Test
public void testAdmininistrativePermissions() throws AccessDeniedException, CommitFailedException {
    // EXERCISE walk through the read access
    Tree rootTree = root.getTree("/");
    // EXERCISE walk through the add + remove
    NodeUtil child = new NodeUtil(rootTree).addChild("test", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
    root.commit();
    child.getTree().remove();
    root.commit();
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 70 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class PasswordHistoryTest method testSingleTypeHistoryProperty.

@Test
public void testSingleTypeHistoryProperty() throws Exception {
    Tree userTree = root.getTree(getTestUser().getPath());
    Tree pwdNode = new NodeUtil(userTree).getOrAddChild(REP_PWD, NT_REP_PASSWORD).getTree();
    pwdNode.setProperty(REP_PWD_HISTORY, "singleValuedProperty");
    assertFalse(pwdNode.getProperty(REP_PWD_HISTORY).isArray());
    assertFalse(pwdNode.getProperty(REP_PWD_HISTORY).getType().isArray());
    PasswordHistory history = new PasswordHistory(CONFIG);
    assertTrue(history.updatePasswordHistory(userTree, "anyOtherPassword"));
    assertTrue(pwdNode.getProperty(REP_PWD_HISTORY).isArray());
    assertTrue(pwdNode.getProperty(REP_PWD_HISTORY).getType().isArray());
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Aggregations

NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)183 Test (org.junit.Test)149 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)74 Tree (org.apache.jackrabbit.oak.api.Tree)67 CommitFailedException (org.apache.jackrabbit.oak.api.CommitFailedException)59 Root (org.apache.jackrabbit.oak.api.Root)28 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)14 Before (org.junit.Before)14 JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)13 TokenInfo (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)13 AccessControlManager (javax.jcr.security.AccessControlManager)12 Principal (java.security.Principal)10 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)8 AccessControlException (javax.jcr.security.AccessControlException)7 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)7 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)6 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)6 Privilege (javax.jcr.security.Privilege)5 Restriction (org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction)5 AccessControlList (javax.jcr.security.AccessControlList)4