use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.
the class AccessControlValidatorTest method testAddAceWithAcContent.
@Test
public void testAddAceWithAcContent() throws Exception {
NodeUtil acl = createAcl();
NodeUtil ace = acl.getChild(aceName);
NodeUtil[] acContent = new NodeUtil[] { ace, ace.getChild(REP_RESTRICTIONS) };
for (NodeUtil node : acContent) {
NodeUtil entry = node.addChild("invalidACE", NT_REP_DENY_ACE);
try {
root.commit();
fail("Adding an ACE below an ACE or restriction should fail");
} catch (CommitFailedException e) {
// success
assertTrue(e.isConstraintViolation());
assertThat(e.getMessage(), containsString("/testRoot/rep:policy/validAce"));
} finally {
entry.getTree().remove();
}
}
}
use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.
the class AccessControlValidatorTest method testAddRestrictionWithAcContent.
@Test
public void testAddRestrictionWithAcContent() throws Exception {
NodeUtil acl = createAcl();
NodeUtil ace = acl.getChild(aceName);
NodeUtil[] acContent = new NodeUtil[] { acl, ace.getChild(REP_RESTRICTIONS) };
for (NodeUtil node : acContent) {
NodeUtil entry = node.addChild("invalidRestriction", NT_REP_RESTRICTIONS);
try {
root.commit();
fail("Adding an ACE below an ACE or restriction should fail");
} catch (CommitFailedException e) {
// success
assertTrue(e.isConstraintViolation());
assertThat(e.getMessage(), containsString("/testRoot/rep:policy"));
} finally {
entry.getTree().remove();
}
}
}
use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.
the class TreeTypeProviderTest method before.
@Override
public void before() throws Exception {
super.before();
typeProvider = new TreeTypeProvider(getConfig(AuthorizationConfiguration.class).getContext());
tests = new ArrayList<TypeTest>();
tests.add(new TypeTest("/", TreeType.DEFAULT));
tests.add(new TypeTest("/content", TreeType.DEFAULT));
tests.add(new TypeTest('/' + JcrConstants.JCR_SYSTEM, TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH, TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH + "/rep:system/rep:namedChildNodeDefinitions/jcr:versionStorage", TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH + "/rep:system/rep:namedChildNodeDefinitions/jcr:activities", TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH + "/rep:system/rep:namedChildNodeDefinitions/jcr:configurations", TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH + "/rep:AccessControllable/rep:namedChildNodeDefinitions/rep:policy", TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH + "/rep:AccessControllable/rep:namedChildNodeDefinitions/rep:policy/rep:Policy", TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH + "/rep:ACL/rep:residualChildNodeDefinitions/rep:ACE", TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH + "/rep:GrantACE/rep:namedChildNodeDefinitions/rep:restrictions", TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH + "/rep:RepoAccessControllable/rep:namedChildNodeDefinitions/rep:repoPolicy", TreeType.DEFAULT));
tests.add(new TypeTest(NodeTypeConstants.NODE_TYPES_PATH + "/rep:PermissionStore", TreeType.DEFAULT));
tests.add(new TypeTest("/:hidden", TreeType.HIDDEN));
tests.add(new TypeTest("/:hidden/child", TreeType.HIDDEN, TreeType.HIDDEN));
tests.add(new TypeTest("/oak:index/nodetype/:index", TreeType.HIDDEN));
tests.add(new TypeTest("/oak:index/nodetype/:index/child", TreeType.HIDDEN, TreeType.HIDDEN));
for (String versionPath : VersionConstants.SYSTEM_PATHS) {
tests.add(new TypeTest(versionPath, TreeType.VERSION));
tests.add(new TypeTest(versionPath + "/a/b/child", TreeType.VERSION, TreeType.VERSION));
}
tests.add(new TypeTest(PermissionConstants.PERMISSIONS_STORE_PATH, TreeType.INTERNAL));
tests.add(new TypeTest(PermissionConstants.PERMISSIONS_STORE_PATH + "/a/b/child", TreeType.INTERNAL, TreeType.INTERNAL));
NodeUtil testTree = new NodeUtil(root.getTree("/")).addChild("test", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
for (String name : AccessControlConstants.POLICY_NODE_NAMES) {
NodeUtil acl = testTree.addChild(name, AccessControlConstants.NT_REP_ACL);
tests.add(new TypeTest(acl.getTree().getPath(), TreeType.ACCESS_CONTROL));
NodeUtil ace = acl.addChild("ace", AccessControlConstants.NT_REP_DENY_ACE);
tests.add(new TypeTest(ace.getTree().getPath(), TreeType.ACCESS_CONTROL, TreeType.ACCESS_CONTROL));
NodeUtil ace2 = acl.addChild("ace2", AccessControlConstants.NT_REP_GRANT_ACE);
tests.add(new TypeTest(ace2.getTree().getPath(), TreeType.ACCESS_CONTROL, TreeType.ACCESS_CONTROL));
NodeUtil rest = ace2.addChild(AccessControlConstants.REP_RESTRICTIONS, AccessControlConstants.NT_REP_RESTRICTIONS);
tests.add(new TypeTest(rest.getTree().getPath(), TreeType.ACCESS_CONTROL, TreeType.ACCESS_CONTROL));
NodeUtil invalid = rest.addChild("invalid", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
tests.add(new TypeTest(invalid.getTree().getPath(), TreeType.ACCESS_CONTROL, TreeType.ACCESS_CONTROL));
}
}
use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.
the class ReadOnlyVersionManagerTest method testPreserveHistoryAfterMovingVersionable.
@Test
public void testPreserveHistoryAfterMovingVersionable() throws RepositoryException, CommitFailedException {
NodeUtil node = new NodeUtil(root.getTree("/"));
NodeUtil testVersionable = node.addChild("testVersionable", NodeTypeConstants.NT_OAK_UNSTRUCTURED);
TreeUtil.addMixin(testVersionable.getTree(), JcrConstants.MIX_VERSIONABLE, root.getTree(NodeTypeConstants.NODE_TYPES_PATH), null);
root.commit();
Tree history = versionManager.getVersionHistory(testVersionable.getTree());
assertTrue(history.exists());
String historyUuid = history.getProperty(JCR_UUID).getValue(Type.STRING);
assertTrue(root.move("/testVersionable", "/testVersionable2"));
root.commit();
history = versionManager.getVersionHistory(root.getTree("/testVersionable2"));
assertTrue(history.exists());
assertEquals(historyUuid, history.getProperty(JCR_UUID).getValue(Type.STRING));
}
use of org.apache.jackrabbit.oak.util.NodeUtil in project jackrabbit-oak by apache.
the class AccessControlManagerImplTest method testTestSessionGetEffectivePoliciesByPrincipal.
@Test
public void testTestSessionGetEffectivePoliciesByPrincipal() throws Exception {
NodeUtil child = new NodeUtil(root.getTree(testPath)).addChild("child", JcrConstants.NT_UNSTRUCTURED);
String childPath = child.getTree().getPath();
Privilege[] privs = privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL);
setupPolicy(testPath, privs);
setupPolicy(childPath, privs);
root.commit();
Root testRoot = getTestRoot();
testRoot.refresh();
JackrabbitAccessControlManager testAcMgr = getTestAccessControlManager();
AccessControlPolicy[] effective = testAcMgr.getEffectivePolicies(Collections.singleton(testPrincipal));
assertNotNull(effective);
assertEquals(2, effective.length);
}
Aggregations