Search in sources :

Example 91 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class JcrUUIDTest method testCreateInvalidJcrUuid.

/**
     * Creating a referenceable tree with an invalid jcr:uuid must fail.
     */
@Test
public void testCreateInvalidJcrUuid() throws Exception {
    setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_ADD_CHILD_NODES);
    try {
        Root testRoot = getTestRoot();
        testRoot.refresh();
        NodeUtil a = new NodeUtil(testRoot.getTree("/a"));
        NodeUtil test = a.addChild("referenceable2", NT_NAME);
        test.setString(JcrConstants.JCR_UUID, "not a uuid");
        testRoot.commit();
        fail("Creating a referenceable node with an invalid uuid must fail.");
    } catch (CommitFailedException e) {
        assertTrue(e.isConstraintViolation());
        assertEquals(12, e.getCode());
    }
}
Also used : Root(org.apache.jackrabbit.oak.api.Root) CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) Test(org.junit.Test)

Example 92 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class AccessControlManagerImplTest method testGetEffectivePolicies.

//---------------------------------------< getEffectivePolicies(String) >---
@Test
public void testGetEffectivePolicies() throws Exception {
    AccessControlPolicy[] policies = acMgr.getEffectivePolicies(testPath);
    assertNotNull(policies);
    assertEquals(0, policies.length);
    setupPolicy(testPath);
    root.commit();
    policies = acMgr.getEffectivePolicies(testPath);
    assertNotNull(policies);
    assertEquals(1, policies.length);
    NodeUtil child = new NodeUtil(root.getTree(testPath)).addChild("child", JcrConstants.NT_UNSTRUCTURED);
    String childPath = child.getTree().getPath();
    policies = acMgr.getEffectivePolicies(childPath);
    assertNotNull(policies);
    assertEquals(1, policies.length);
    setupPolicy(childPath);
    root.commit();
    policies = acMgr.getEffectivePolicies(childPath);
    assertNotNull(policies);
    assertEquals(2, policies.length);
}
Also used : JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 93 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class UserValidatorTest method testCreateNestedUser2Steps.

@Test
public void testCreateNestedUser2Steps() throws Exception {
    Tree userTree = root.getTree(getTestUser().getPath());
    NodeUtil userNode = new NodeUtil(userTree);
    NodeUtil profile = userNode.addChild("profile", JcrConstants.NT_UNSTRUCTURED);
    NodeUtil nested = profile.addChild("nested", JcrConstants.NT_UNSTRUCTURED);
    nested.setString(UserConstants.REP_PRINCIPAL_NAME, "nested");
    nested.setString(UserConstants.REP_AUTHORIZABLE_ID, "nested");
    nested.setString(JcrConstants.JCR_UUID, IdentifierManager.generateUUID("nested"));
    root.commit();
    try {
        nested.setName(JcrConstants.JCR_PRIMARYTYPE, UserConstants.NT_REP_USER);
        root.commit();
        fail("Creating nested users must be detected.");
    } catch (CommitFailedException e) {
        // success
        assertEquals(29, e.getCode());
    } finally {
        root.refresh();
    }
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 94 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class UserValidatorTest method testCreateNestedUser.

@Test
public void testCreateNestedUser() throws Exception {
    Tree userTree = root.getTree(getTestUser().getPath());
    NodeUtil userNode = new NodeUtil(userTree);
    NodeUtil profile = userNode.addChild("profile", JcrConstants.NT_UNSTRUCTURED);
    NodeUtil nested = profile.addChild("nested", UserConstants.NT_REP_USER);
    nested.setString(UserConstants.REP_PRINCIPAL_NAME, "nested");
    nested.setString(UserConstants.REP_AUTHORIZABLE_ID, "nested");
    nested.setString(JcrConstants.JCR_UUID, IdentifierManager.generateUUID("nested"));
    try {
        root.commit();
        fail("Creating nested users must be detected.");
    } catch (CommitFailedException e) {
        // success
        assertEquals(29, e.getCode());
    } finally {
        root.refresh();
    }
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 95 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class AbstractCugTest method setupCugsAndAcls.

void setupCugsAndAcls() throws Exception {
    UserManager uMgr = getUserManager(root);
    Principal testGroupPrincipal = getTestGroupPrincipal();
    User testUser2 = uMgr.createUser(TEST_USER2_ID, TEST_USER2_ID);
    ((Group) uMgr.getAuthorizable(testGroupPrincipal)).addMember(testUser2);
    root.commit();
    User testUser = getTestUser();
    // add more child nodes
    NodeUtil n = new NodeUtil(root.getTree(SUPPORTED_PATH));
    n.addChild("a", NT_OAK_UNSTRUCTURED).addChild("b", NT_OAK_UNSTRUCTURED).addChild("c", NT_OAK_UNSTRUCTURED);
    n.addChild("aa", NT_OAK_UNSTRUCTURED).addChild("bb", NT_OAK_UNSTRUCTURED).addChild("cc", NT_OAK_UNSTRUCTURED);
    // create cugs
    // - /content/a     : allow testGroup, deny everyone
    // - /content/aa/bb : allow testGroup, deny everyone
    // - /content/a/b/c : allow everyone,  deny testGroup (isolated)
    // - /content2      : allow everyone,  deny testGroup (isolated)
    createCug("/content/a", testGroupPrincipal);
    createCug("/content/aa/bb", testGroupPrincipal);
    createCug("/content/a/b/c", EveryonePrincipal.getInstance());
    createCug("/content2", EveryonePrincipal.getInstance());
    // setup regular acl at /content:
    // - testUser  ; allow ; jcr:read
    // - testGroup ; allow ; jcr:read, jcr:write, jcr:readAccessControl
    AccessControlManager acMgr = getAccessControlManager(root);
    AccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/content");
    acl.addAccessControlEntry(testUser.getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_READ));
    acl.addAccessControlEntry(testGroupPrincipal, privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_WRITE, PrivilegeConstants.JCR_READ_ACCESS_CONTROL));
    acMgr.setPolicy("/content", acl);
    root.commit();
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) Group(org.apache.jackrabbit.api.security.user.Group) User(org.apache.jackrabbit.api.security.user.User) UserManager(org.apache.jackrabbit.api.security.user.UserManager) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) Principal(java.security.Principal) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil)

Aggregations

NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)183 Test (org.junit.Test)149 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)74 Tree (org.apache.jackrabbit.oak.api.Tree)67 CommitFailedException (org.apache.jackrabbit.oak.api.CommitFailedException)59 Root (org.apache.jackrabbit.oak.api.Root)28 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)14 Before (org.junit.Before)14 JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)13 TokenInfo (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)13 AccessControlManager (javax.jcr.security.AccessControlManager)12 Principal (java.security.Principal)10 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)8 AccessControlException (javax.jcr.security.AccessControlException)7 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)7 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)6 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)6 Privilege (javax.jcr.security.Privilege)5 Restriction (org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction)5 AccessControlList (javax.jcr.security.AccessControlList)4