Search in sources :

Example 86 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class JcrUUIDTest method testModifyNonReferenceableJcrUuid.

/**
     * Creating a non-referenceable tree with a jcr:uuid must fail
     * with AccessDeniedException unless the REP_ADD_PROPERTY privilege
     * is granted
     */
@Test
public void testModifyNonReferenceableJcrUuid() throws Exception {
    NodeUtil a = new NodeUtil(root.getTree("/a"));
    a.setString(JCR_UUID, "some-value");
    setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_ADD_CHILD_NODES);
    try {
        Root testRoot = getTestRoot();
        a = new NodeUtil(testRoot.getTree("/a"));
        assertNotNull(a.getString(JCR_UUID, null));
        a.setString(JCR_UUID, IdentifierManager.generateUUID());
        testRoot.commit();
        fail("Modifying a jcr:uuid property for an unstructured node without MODIFY_PROPERTY permission must fail.");
    } catch (CommitFailedException e) {
        assertTrue(e.isAccessViolation());
    }
}
Also used : Root(org.apache.jackrabbit.oak.api.Root) CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) Test(org.junit.Test)

Example 87 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class JcrUUIDTest method testCreateBooleanJcrUuid.

/**
     * Creating a referenceable tree with an invalid jcr:uuid must fail.
     */
@Test
public void testCreateBooleanJcrUuid() throws Exception {
    setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_ADD_CHILD_NODES);
    try {
        Root testRoot = getTestRoot();
        testRoot.refresh();
        NodeUtil a = new NodeUtil(testRoot.getTree("/a"));
        NodeUtil test = a.addChild("referenceable2", NT_NAME);
        test.setBoolean(JcrConstants.JCR_UUID, false);
        testRoot.commit();
        fail("Creating a referenceable node with an boolean uuid must fail.");
    } catch (CommitFailedException e) {
        assertTrue(e.isConstraintViolation());
    }
}
Also used : Root(org.apache.jackrabbit.oak.api.Root) CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) Test(org.junit.Test)

Example 88 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class ShadowInvisibleContentTest method testAddNodeCollidingWithInvisibleNode.

public void testAddNodeCollidingWithInvisibleNode() throws Exception {
    setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_ALL);
    setupPermission("/a/b", testPrincipal, false, PrivilegeConstants.JCR_READ);
    setupPermission("/a/b/c", testPrincipal, true, PrivilegeConstants.JCR_ALL);
    Root testRoot = getTestRoot();
    Tree a = testRoot.getTree("/a");
    assertFalse(a.getChild("b").exists());
    assertTrue(a.getChild("b").getChild("c").exists());
    new NodeUtil(a).addChild("b", JcrConstants.NT_UNSTRUCTURED);
    assertTrue(a.getChild("b").exists());
    // now shadowed
    assertFalse(a.getChild("b").getChild("c").exists());
    // since we have write access, the old content gets replaced
    // note that also the deny-read ACL gets replaced
    testRoot.commit();
    assertTrue(a.getChild("b").exists());
    assertFalse(a.getChild("b").getChild("c").exists());
}
Also used : Root(org.apache.jackrabbit.oak.api.Root) Tree(org.apache.jackrabbit.oak.api.Tree) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil)

Example 89 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class JcrUUIDTest method testCreateJcrUuid.

/**
     * Creating a tree which is referenceable doesn't require any property
     * related privilege to be granted as the jcr:uuid property is defined to
     * be autocreated and protected.
     */
@Test
public void testCreateJcrUuid() throws Exception {
    setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_ADD_CHILD_NODES);
    Root testRoot = getTestRoot();
    testRoot.refresh();
    NodeUtil a = new NodeUtil(testRoot.getTree("/a"));
    NodeUtil test = a.addChild("referenceable2", NT_NAME);
    test.setString(JcrConstants.JCR_UUID, IdentifierManager.generateUUID());
    testRoot.commit();
}
Also used : Root(org.apache.jackrabbit.oak.api.Root) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) Test(org.junit.Test)

Example 90 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class JcrUUIDTest method testCreateNonReferenceableJcrUuid.

/**
     * Creating a non-referenceable tree with an jcr:uuid must fail
     * with AccessDeniedException unless the REP_ADD_PROPERTY privilege
     * is granted
     */
@Test
public void testCreateNonReferenceableJcrUuid() throws Exception {
    setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_ADD_CHILD_NODES);
    try {
        Root testRoot = getTestRoot();
        NodeUtil a = new NodeUtil(testRoot.getTree("/a"));
        a.setString(JCR_UUID, IdentifierManager.generateUUID());
        testRoot.commit();
        fail("Creating a jcr:uuid property for an unstructured node without ADD_PROPERTY permission must fail.");
    } catch (CommitFailedException e) {
        assertTrue(e.isAccessViolation());
    }
}
Also used : Root(org.apache.jackrabbit.oak.api.Root) CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) Test(org.junit.Test)

Aggregations

NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)183 Test (org.junit.Test)149 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)74 Tree (org.apache.jackrabbit.oak.api.Tree)67 CommitFailedException (org.apache.jackrabbit.oak.api.CommitFailedException)59 Root (org.apache.jackrabbit.oak.api.Root)28 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)14 Before (org.junit.Before)14 JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)13 TokenInfo (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)13 AccessControlManager (javax.jcr.security.AccessControlManager)12 Principal (java.security.Principal)10 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)8 AccessControlException (javax.jcr.security.AccessControlException)7 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)7 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)6 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)6 Privilege (javax.jcr.security.Privilege)5 Restriction (org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction)5 AccessControlList (javax.jcr.security.AccessControlList)4