Search in sources :

Example 31 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class AccessControlValidatorTest method testDuplicateAce.

@Test
public void testDuplicateAce() throws Exception {
    AccessControlManager acMgr = getAccessControlManager(root);
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testPath);
    acl.addAccessControlEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_ADD_CHILD_NODES));
    acMgr.setPolicy(testPath, acl);
    // add duplicate ac-entry on OAK-API
    NodeUtil policy = new NodeUtil(root.getTree(testPath + "/rep:policy"));
    NodeUtil ace = policy.addChild("duplicateAce", NT_REP_GRANT_ACE);
    ace.setString(REP_PRINCIPAL_NAME, testPrincipal.getName());
    ace.setNames(AccessControlConstants.REP_PRIVILEGES, PrivilegeConstants.JCR_ADD_CHILD_NODES);
    try {
        root.commit();
        fail("Creating duplicate ACE must be detected");
    } catch (CommitFailedException e) {
        assertTrue(e.isAccessControlViolation());
        assertThat(e.getMessage(), containsString("/testRoot/rep:policy/duplicateAce"));
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) JackrabbitAccessControlList(org.apache.jackrabbit.api.security.JackrabbitAccessControlList) CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 32 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class AccessControlValidatorTest method testAbstractPrivilege.

@Test
public void testAbstractPrivilege() throws Exception {
    PrivilegeManager pMgr = getPrivilegeManager(root);
    pMgr.registerPrivilege("abstractPrivilege", true, new String[0]);
    NodeUtil acl = createAcl();
    createACE(acl, "invalid", NT_REP_GRANT_ACE, testPrincipal.getName(), "abstractPrivilege");
    try {
        root.commit();
        fail("Creating an ACE with an abstract privilege should fail.");
    } catch (CommitFailedException e) {
        // success
        assertTrue(e.isAccessControlViolation());
        assertThat(e.getMessage(), containsString("/testRoot/rep:policy"));
    }
}
Also used : PrivilegeManager(org.apache.jackrabbit.api.security.authorization.PrivilegeManager) CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 33 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class ImmutableTreeTest method setUp.

@Before
public void setUp() throws Exception {
    Tree tree = root.getTree("/");
    NodeUtil node = new NodeUtil(tree);
    node.addChild("x", JcrConstants.NT_UNSTRUCTURED).addChild("y", JcrConstants.NT_UNSTRUCTURED).addChild("z", JcrConstants.NT_UNSTRUCTURED);
    Tree orderable = node.addChild("orderable", JcrConstants.NT_UNSTRUCTURED).getTree();
    orderable.setOrderableChildren(true);
    root.commit();
    immutable = new ImmutableTree(((AbstractTree) root.getTree("/")).getNodeState());
}
Also used : Tree(org.apache.jackrabbit.oak.api.Tree) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) Before(org.junit.Before)

Example 34 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class ReadOnlyVersionManagerTest method before.

@Override
@Before
public void before() throws Exception {
    super.before();
    NodeUtil node = new NodeUtil(root.getTree("/"));
    NodeUtil a = node.addChild("a", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
    a.addChild("b", NodeTypeConstants.NT_OAK_UNSTRUCTURED).addChild("c", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
    TreeUtil.addMixin(a.getTree(), JcrConstants.MIX_VERSIONABLE, root.getTree(NodeTypeConstants.NODE_TYPES_PATH), null);
    root.commit();
    versionable = root.getTree("/a");
    // force the creation of a version that has a frozen node
    versionable.setProperty(JCR_ISCHECKEDOUT, Boolean.FALSE, Type.BOOLEAN);
    root.commit();
    versionable.setProperty(JCR_ISCHECKEDOUT, Boolean.TRUE, Type.BOOLEAN);
    root.commit();
    versionManager = ReadOnlyVersionManager.getInstance(root, NamePathMapper.DEFAULT);
    workspaceName = root.getContentSession().getWorkspaceName();
}
Also used : NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) Before(org.junit.Before)

Example 35 with NodeUtil

use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.

the class AccessControlValidatorTest method testAddPolicyWithAcContent.

@Test
public void testAddPolicyWithAcContent() throws Exception {
    NodeUtil acl = createAcl();
    NodeUtil ace = acl.getChild(aceName);
    NodeUtil[] acContent = new NodeUtil[] { acl, ace, ace.getChild(REP_RESTRICTIONS) };
    for (NodeUtil node : acContent) {
        NodeUtil policy = node.addChild(REP_POLICY, NT_REP_ACL);
        try {
            root.commit();
            fail("Adding an ACL below access control content should fail");
        } catch (CommitFailedException e) {
            // success
            assertTrue(e.isConstraintViolation());
            assertThat(e.getMessage(), containsString("/testRoot/rep:policy"));
        } finally {
            policy.getTree().remove();
        }
    }
}
Also used : CommitFailedException(org.apache.jackrabbit.oak.api.CommitFailedException) NodeUtil(org.apache.jackrabbit.oak.util.NodeUtil) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Aggregations

NodeUtil (org.apache.jackrabbit.oak.util.NodeUtil)183 Test (org.junit.Test)149 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)74 Tree (org.apache.jackrabbit.oak.api.Tree)67 CommitFailedException (org.apache.jackrabbit.oak.api.CommitFailedException)59 Root (org.apache.jackrabbit.oak.api.Root)28 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)14 Before (org.junit.Before)14 JackrabbitAccessControlPolicy (org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy)13 TokenInfo (org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo)13 AccessControlManager (javax.jcr.security.AccessControlManager)12 Principal (java.security.Principal)10 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)8 AccessControlException (javax.jcr.security.AccessControlException)7 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)7 JackrabbitAccessControlManager (org.apache.jackrabbit.api.security.JackrabbitAccessControlManager)6 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)6 Privilege (javax.jcr.security.Privilege)5 Restriction (org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction)5 AccessControlList (javax.jcr.security.AccessControlList)4