use of org.apache.jena.permissions.SecurityEvaluator.Action in project jena by apache.
the class SecuredRDFListImpl method removeList.
@Override
public void removeList() throws UpdateDeniedException, AuthenticationRequiredException {
checkUpdate();
final Triple t = new Triple(Node.ANY, listFirst().asNode(), Node.ANY);
// have to be able to read and delete to delete all.
final Set<Action> perms = SecurityEvaluator.Util.asSet(new Action[] { Action.Delete, Action.Read });
if (getSecurityEvaluator().evaluate(getSecurityEvaluator().getPrincipal(), perms, this.getModelNode(), t)) {
holder.getBaseItem().removeList();
} else {
for (final Statement s : collectStatements(perms)) {
if (canDelete(s)) {
s.remove();
}
}
}
}
use of org.apache.jena.permissions.SecurityEvaluator.Action in project jena by apache.
the class SecuredModelTest method testReadEmpty.
@Test
public void testReadEmpty() throws Exception {
final Set<Action> createAndUpdate = SecurityEvaluator.Util.asSet(new Action[] { Action.Update, Action.Create });
final String XML_INPUT = "<rdf:RDF" + " xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#' " + " xmlns:rt='http://example.com/readTest#' " + " xmlns:j.0='http://example.com/readTest#3' > " + " <rdf:Description rdf:about='http://example.com/readTest#1'> " + " <rdf:type rdf:resource='http://example.com/readTest#3'/>" + " </rdf:Description>" + "</rdf:RDF>";
final String TTL_INPUT = "@prefix rt: <http://example.com/readTest#> . rt:1 a rt:3 .";
final String base = "http://example.com/test";
final String lang = "TURTLE";
try {
final URL url = SecuredModelTest.class.getResource("./test.xml");
securedModel.read(url.toString());
if (!securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
} finally {
baseModel.removeAll();
}
try {
final InputStream in = new ByteArrayInputStream(XML_INPUT.getBytes());
securedModel.read(in, base);
if (!securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
} finally {
baseModel.removeAll();
}
try {
final Reader reader = new StringReader(XML_INPUT);
securedModel.read(reader, base);
if (!securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
} finally {
baseModel.removeAll();
}
try {
final URL url = SecuredModelTest.class.getResource("./test.ttl");
securedModel.read(url.toString(), lang);
if (!securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
} finally {
baseModel.removeAll();
}
try {
final InputStream in = new ByteArrayInputStream(TTL_INPUT.getBytes());
securedModel.read(in, base, lang);
if (!securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
} finally {
baseModel.removeAll();
}
try {
final Reader reader = new StringReader(TTL_INPUT);
securedModel.read(reader, base, lang);
if (!securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
} finally {
baseModel.removeAll();
}
try {
final URL url = SecuredModelTest.class.getResource("./test.ttl");
securedModel.read(url.toString(), base, lang);
if (!securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(createAndUpdate)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
} finally {
baseModel.removeAll();
}
}
use of org.apache.jena.permissions.SecurityEvaluator.Action in project jena by apache.
the class SecuredResourceTest method testAddProperty.
@Test
public void testAddProperty() {
final Set<Action> perms = SecurityEvaluator.Util.asSet(new Action[] { Action.Update, Action.Create });
final RDFNode rdfNode = ResourceFactory.createResource("http://example.com/newResource");
try {
getSecuredResource().addLiteral(SecuredRDFNodeTest.p, rdfNode);
if (!securityEvaluator.evaluate(perms)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(perms)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
}
try {
getSecuredResource().addLiteral(SecuredRDFNodeTest.p, "string");
if (!securityEvaluator.evaluate(perms)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(perms)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
}
final Literal l = ResourceFactory.createTypedLiteral(3.14F);
try {
getSecuredResource().addProperty(SecuredRDFNodeTest.p, l.getLexicalForm(), l.getDatatype());
if (!securityEvaluator.evaluate(perms)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(perms)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
}
try {
getSecuredResource().addProperty(SecuredRDFNodeTest.p, "dos", "sp");
if (!securityEvaluator.evaluate(perms)) {
Assert.fail("Should have thrown AccessDeniedException Exception");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(perms)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException Exception: %s - %s", e, e.getTriple()));
}
}
}
use of org.apache.jena.permissions.SecurityEvaluator.Action in project jena by apache.
the class SecuredContainerTest method testRemove.
@Test
public void testRemove() {
final Set<Action> perms = SecurityEvaluator.Util.asSet(new Action[] { Action.Update, Action.Delete });
final Statement s = baseModel.listStatements().next();
try {
getSecuredContainer().remove(s);
if (!securityEvaluator.evaluate(perms)) {
Assert.fail("Should have thrown AccessDeniedException");
}
} catch (final AccessDeniedException e) {
if (securityEvaluator.evaluate(perms)) {
Assert.fail(String.format("Should not have thrown AccessDeniedException: %s - %s", e, e.getTriple()));
}
}
}
use of org.apache.jena.permissions.SecurityEvaluator.Action in project jena by apache.
the class SecuredRDFListTest method testReduce.
@Test
public void testReduce() {
final ReduceFn fn = new ReduceFn() {
@Override
public Object reduce(final RDFNode node, final Object accumulator) {
return accumulator;
}
};
try {
getSecuredRDFList().reduce(fn, "Hello");
if (!securityEvaluator.evaluate(Action.Read)) {
Assert.fail("Should have thrown ReadDeniedException Exception");
}
} catch (final ReadDeniedException e) {
if (securityEvaluator.evaluate(Action.Read)) {
Assert.fail(String.format("Should not have thrown ReadDeniedException Exception: %s - %s", e, e.getTriple()));
}
}
final Set<Action> perms = SecurityEvaluator.Util.asSet(new Action[] { Action.Update, Action.Create });
try {
getSecuredRDFList().reduce(perms, fn, "Hello");
if (!securityEvaluator.evaluate(Action.Read)) {
Assert.fail("Should have thrown ReadDeniedException Exception");
}
} catch (final ReadDeniedException e) {
if (securityEvaluator.evaluate(Action.Read)) {
Assert.fail(String.format("Should not have thrown ReadDeniedException Exception: %s - %s", e, e.getTriple()));
}
}
}
Aggregations