Examples with Context org.apache.wiki.api.core.Context used on opensource projects

Example 26 with Context

use of org.apache.wiki.api.core.Context in project jspwiki by apache.

the class DefaultAclManager method getPermissions.

/**
 * {@inheritDoc}
 */
@Override
public Acl getPermissions(final Page page) {
    // Does the page already have cached ACLs?
    Acl acl = page.getAcl();
    log.debug("page=" + page.getName() + "\n" + acl);
    if (acl == null) {
        // If null, try the parent.
        if (page instanceof Attachment) {
            final Page parent = m_engine.getManager(PageManager.class).getPage(((Attachment) page).getParentName());
            acl = getPermissions(parent);
        } else {
            // Or, try parsing the page
            final Context ctx = Wiki.context().create(m_engine, page);
            ctx.setVariable(Context.VAR_EXECUTE_PLUGINS, Boolean.FALSE);
            m_engine.getManager(RenderingManager.class).getHTML(ctx, page);
            if (page.getAcl() == null) {
                page.setAcl(Wiki.acls().acl());
            }
            acl = page.getAcl();
        }
    }
    return acl;
}

Example 27 with Context

use of org.apache.wiki.api.core.Context in project jspwiki by apache.

the class UserManagerTest method testSetUserProfile.

@Test
public void testSetUserProfile() throws Exception {
    // First, count the number of users in the db now.
    final int oldUserCount = m_db.getWikiNames().length;
    // Create a new user with random name
    final Context context = Wiki.context().create(m_engine, m_engine.newHttpRequest(), "");
    final String loginName = "TestUser" + String.valueOf(System.currentTimeMillis());
    UserProfile profile = m_db.newProfile();
    profile.setEmail("jspwiki.tests@mailinator.com");
    profile.setLoginName(loginName);
    profile.setFullname("FullName" + loginName);
    profile.setPassword("password");
    m_mgr.setUserProfile(context, profile);
    // Make sure the profile saved successfully
    profile = m_mgr.getUserProfile(context.getWikiSession());
    Assertions.assertEquals(loginName, profile.getLoginName());
    Assertions.assertEquals(oldUserCount + 1, m_db.getWikiNames().length);
    // Now delete the profile; should be back to old count
    m_db.deleteByLoginName(loginName);
    Assertions.assertEquals(oldUserCount, m_db.getWikiNames().length);
}

Example 28 with Context

use of org.apache.wiki.api.core.Context in project jspwiki by apache.

the class UserManagerTest method testSetUserProfileWithDenial.

@Test
public void testSetUserProfileWithDenial() throws Exception {
    setUpWithWorkflow();
    // First, count the number of users in the db now.
    final int oldUserCount = m_db.getWikiNames().length;
    // Create a new user with random name
    final Context context = Wiki.context().create(m_engine, m_engine.newHttpRequest(), "");
    final String loginName = "TestUser" + String.valueOf(System.currentTimeMillis());
    final UserProfile profile = m_db.newProfile();
    profile.setEmail("jspwiki.tests@mailinator.com");
    profile.setLoginName(loginName);
    profile.setFullname("FullName" + loginName);
    profile.setPassword("password");
    // Because user profile saves require approvals, we will catch a Redirect
    try {
        m_mgr.setUserProfile(context, profile);
        Assertions.fail("We should have caught a DecisionRequiredException caused by approval!");
    } catch (final DecisionRequiredException e) {
    }
    // The user should NOT be saved yet
    Assertions.assertEquals(oldUserCount, m_db.getWikiNames().length);
    // Now, look in Admin's queue, and verify there's a pending Decision there
    final DecisionQueue dq = m_engine.getManager(WorkflowManager.class).getDecisionQueue();
    final Collection<Decision> decisions = dq.getActorDecisions(m_engine.adminSession());
    Assertions.assertEquals(1, decisions.size());
    // Verify that the Decision has all the facts and attributes we need
    final Decision d = decisions.iterator().next();
    final List<Fact> facts = d.getFacts();
    Assertions.assertEquals(new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_PREFS_FULL_NAME, profile.getFullname()), facts.get(0));
    Assertions.assertEquals(new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_PREFS_LOGIN_NAME, profile.getLoginName()), facts.get(1));
    Assertions.assertEquals(new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_SUBMITTER, context.getWikiSession().getUserPrincipal().getName()), facts.get(2));
    Assertions.assertEquals(new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_PREFS_EMAIL, profile.getEmail()), facts.get(3));
    Assertions.assertEquals(profile, d.getWorkflowContext().get(WorkflowManager.WF_UP_CREATE_SAVE_ATTR_SAVED_PROFILE));
    // Approve the profile
    d.decide(Outcome.DECISION_DENY, context);
    // Make sure the profile did NOT save
    Assertions.assertEquals(oldUserCount, m_db.getWikiNames().length);
}

Example 29 with Context

use of org.apache.wiki.api.core.Context in project jspwiki by apache.

the class UserManagerTest method testSetRenamedUserProfile.

@Test
public void testSetRenamedUserProfile() throws Exception {
    // First, count the number of users, groups, and pages
    final int oldUserCount = m_db.getWikiNames().length;
    final GroupManager groupManager = m_engine.getManager(GroupManager.class);
    final PageManager pageManager = m_engine.getManager(PageManager.class);
    final AuthorizationManager authManager = m_engine.getManager(AuthorizationManager.class);
    final int oldGroupCount = groupManager.getRoles().length;
    final int oldPageCount = pageManager.getTotalPageCount();
    // Setup Step 1: create a new user with random name
    final Context context = Wiki.context().create(m_engine, m_engine.newHttpRequest(), "");
    final Session session = context.getWikiSession();
    final long now = System.currentTimeMillis();
    final String oldLogin = "TestLogin" + now;
    final String oldName = "Test User " + now;
    final String newLogin = "RenamedLogin" + now;
    final String newName = "Renamed User " + now;
    UserProfile profile = m_db.newProfile();
    profile.setEmail("jspwiki.tests@mailinator.com");
    profile.setLoginName(oldLogin);
    profile.setFullname(oldName);
    profile.setPassword("password");
    m_mgr.setUserProfile(context, profile);
    // 1a. Make sure the profile saved successfully and that we're logged in
    profile = m_mgr.getUserProfile(session);
    Assertions.assertEquals(oldLogin, profile.getLoginName());
    Assertions.assertEquals(oldName, profile.getFullname());
    Assertions.assertEquals(oldUserCount + 1, m_db.getWikiNames().length);
    Assertions.assertTrue(session.isAuthenticated());
    // Setup Step 2: create a new group with our test user in it
    Group group = groupManager.parseGroup(m_groupName, "Alice \n Bob \n Charlie \n " + oldLogin + "\n" + oldName, true);
    groupManager.setGroup(session, group);
    // 2a. Make sure the group is created with the user in it, and the role is added to the Subject
    Assertions.assertEquals(oldGroupCount + 1, groupManager.getRoles().length);
    Assertions.assertTrue(group.isMember(new WikiPrincipal(oldLogin)));
    Assertions.assertTrue(group.isMember(new WikiPrincipal(oldName)));
    Assertions.assertFalse(group.isMember(new WikiPrincipal(newLogin)));
    Assertions.assertFalse(group.isMember(new WikiPrincipal(newName)));
    Assertions.assertTrue(groupManager.isUserInRole(session, group.getPrincipal()));
    // Setup Step 3: create a new page with our test user in the ACL
    String pageName = "TestPage" + now;
    m_engine.saveText(pageName, "Test text. [{ALLOW view " + oldName + ", " + oldLogin + ", Alice}] More text.");
    // 3a. Make sure the page got saved, and that ONLY our test user has permission to read it.
    Page p = m_engine.getManager(PageManager.class).getPage(pageName);
    Assertions.assertEquals(oldPageCount + 1, pageManager.getTotalPageCount());
    Assertions.assertNotNull(p.getAcl().getAclEntry(new WikiPrincipal(oldLogin)));
    Assertions.assertNotNull(p.getAcl().getAclEntry(new WikiPrincipal(oldName)));
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(newLogin)));
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(newName)));
    Assertions.assertTrue(authManager.checkPermission(session, PermissionFactory.getPagePermission(p, "view")), "Test User view page");
    final Session bobSession = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
    Assertions.assertFalse(authManager.checkPermission(bobSession, PermissionFactory.getPagePermission(p, "view")), "Bob !view page");
    // Setup Step 4: change the user name in the profile and see what happens
    profile = m_db.newProfile();
    profile.setEmail("jspwiki.tests@mailinator.com");
    profile.setLoginName(oldLogin);
    profile.setFullname(newName);
    profile.setPassword("password");
    m_mgr.setUserProfile(context, profile);
    // Test 1: the wiki session should have the new wiki name in Subject
    Principal[] principals = session.getPrincipals();
    Assertions.assertTrue(ArrayUtils.contains(principals, new WikiPrincipal(oldLogin)));
    Assertions.assertFalse(ArrayUtils.contains(principals, new WikiPrincipal(oldName)));
    Assertions.assertFalse(ArrayUtils.contains(principals, new WikiPrincipal(newLogin)));
    Assertions.assertTrue(ArrayUtils.contains(principals, new WikiPrincipal(newName)));
    // Test 2: our group should not contain the old name OR login name any more
    // (the full name is always used)
    group = groupManager.getGroup(m_groupName);
    Assertions.assertFalse(group.isMember(new WikiPrincipal(oldLogin)));
    Assertions.assertFalse(group.isMember(new WikiPrincipal(oldName)));
    Assertions.assertFalse(group.isMember(new WikiPrincipal(newLogin)));
    Assertions.assertTrue(group.isMember(new WikiPrincipal(newName)));
    // Test 3: our page should not contain the old wiki name OR login name
    // in the ACL any more (the full name is always used)
    p = m_engine.getManager(PageManager.class).getPage(pageName);
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(oldLogin)));
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(oldName)));
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(newLogin)));
    Assertions.assertNotNull(p.getAcl().getAclEntry(new WikiPrincipal(newName)));
    Assertions.assertTrue(authManager.checkPermission(session, PermissionFactory.getPagePermission(p, "view")), "Test User view page");
    Assertions.assertFalse(authManager.checkPermission(bobSession, PermissionFactory.getPagePermission(p, "view")), "Bob !view page");
    // Test 4: our page text should have been re-written
    // (The new full name should be in the ACL, but the login name should have been removed)
    String expectedText = "[{ALLOW view Alice," + newName + "}]\nTest text.  More text.\r\n";
    String actualText = m_engine.getManager(PageManager.class).getText(pageName);
    Assertions.assertEquals(expectedText, actualText);
    // Remove our test page
    m_engine.getManager(PageManager.class).deletePage(pageName);
    // Setup Step 6: re-create the group with our old test user names in it
    group = groupManager.parseGroup(m_groupName, "Alice \n Bob \n Charlie \n " + oldLogin + "\n" + oldName, true);
    groupManager.setGroup(session, group);
    // Setup Step 7: Save a new page with the old login/wiki names in the ACL again
    // The test user should still be able to see the page (because the login name matches...)
    pageName = "TestPage2" + now;
    m_engine.saveText(pageName, "More test text. [{ALLOW view " + oldName + ", " + oldLogin + ", Alice}] More text.");
    p = m_engine.getManager(PageManager.class).getPage(pageName);
    Assertions.assertEquals(oldPageCount + 1, pageManager.getTotalPageCount());
    Assertions.assertNotNull(p.getAcl().getAclEntry(new WikiPrincipal(oldLogin)));
    Assertions.assertNotNull(p.getAcl().getAclEntry(new WikiPrincipal(oldName)));
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(newLogin)));
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(newName)));
    Assertions.assertTrue(authManager.checkPermission(session, PermissionFactory.getPagePermission(p, "view")), "Test User view page");
    Assertions.assertFalse(authManager.checkPermission(bobSession, PermissionFactory.getPagePermission(p, "view")), "Bob !view page");
    // Setup Step 8: re-save the profile with the new login name
    profile = m_db.newProfile();
    profile.setEmail("jspwiki.tests@mailinator.com");
    profile.setLoginName(newLogin);
    profile.setFullname(oldName);
    profile.setPassword("password");
    m_mgr.setUserProfile(context, profile);
    // Test 5: the wiki session should have the new login name in Subject
    principals = session.getPrincipals();
    Assertions.assertFalse(ArrayUtils.contains(principals, new WikiPrincipal(oldLogin)));
    Assertions.assertTrue(ArrayUtils.contains(principals, new WikiPrincipal(oldName)));
    Assertions.assertTrue(ArrayUtils.contains(principals, new WikiPrincipal(newLogin)));
    Assertions.assertFalse(ArrayUtils.contains(principals, new WikiPrincipal(newName)));
    // Test 6: our group should not contain the old name OR login name any more
    // (the full name is always used)
    group = groupManager.getGroup(m_groupName);
    Assertions.assertFalse(group.isMember(new WikiPrincipal(oldLogin)));
    Assertions.assertTrue(group.isMember(new WikiPrincipal(oldName)));
    Assertions.assertFalse(group.isMember(new WikiPrincipal(newLogin)));
    Assertions.assertFalse(group.isMember(new WikiPrincipal(newName)));
    // Test 7: our page should not contain the old wiki name OR login name
    // in the ACL any more (the full name is always used)
    p = m_engine.getManager(PageManager.class).getPage(pageName);
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(oldLogin)));
    Assertions.assertNotNull(p.getAcl().getAclEntry(new WikiPrincipal(oldName)));
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(newLogin)));
    Assertions.assertNull(p.getAcl().getAclEntry(new WikiPrincipal(newName)));
    Assertions.assertTrue(authManager.checkPermission(session, PermissionFactory.getPagePermission(p, "view")), "Test User view page");
    Assertions.assertFalse(authManager.checkPermission(bobSession, PermissionFactory.getPagePermission(p, "view")), "Bob !view page");
    // Test 8: our page text should have been re-written
    // (The new full name should be in the ACL, but the login name should have been removed)
    expectedText = "[{ALLOW view Alice," + oldName + "}]\nMore test text.  More text.\r\n";
    actualText = m_engine.getManager(PageManager.class).getText(pageName);
    Assertions.assertEquals(expectedText, actualText);
    // CLEANUP: delete the profile; user and page; should be back to old counts
    m_db.deleteByLoginName(newLogin);
    Assertions.assertEquals(oldUserCount, m_db.getWikiNames().length);
    groupManager.removeGroup(group.getName());
    Assertions.assertEquals(oldGroupCount, groupManager.getRoles().length);
    m_engine.getManager(PageManager.class).deletePage(pageName);
    Assertions.assertEquals(oldPageCount, pageManager.getTotalPageCount());
}

Example 30 with Context

use of org.apache.wiki.api.core.Context in project jspwiki by apache.

the class UserManagerTest method testSetUserProfileWithApproval.

@Test
public void testSetUserProfileWithApproval() throws Exception {
    setUpWithWorkflow();
    // First, count the number of users in the db now.
    final int oldUserCount = m_db.getWikiNames().length;
    // Create a new user with random name
    final Context context = Wiki.context().create(m_engine, m_engine.newHttpRequest(), "");
    final String loginName = "TestUser" + String.valueOf(System.currentTimeMillis());
    final UserProfile profile = m_db.newProfile();
    profile.setEmail("jspwiki.tests@mailinator.com");
    profile.setLoginName(loginName);
    profile.setFullname("FullName" + loginName);
    profile.setPassword("password");
    // Because user profile saves require approvals, we will catch a Redirect
    try {
        m_mgr.setUserProfile(context, profile);
        Assertions.fail("We should have caught a DecisionRequiredException caused by approval!");
    } catch (final DecisionRequiredException e) {
    }
    // The user should NOT be saved yet
    Assertions.assertEquals(oldUserCount, m_db.getWikiNames().length);
    // Now, look in Admin's queue, and verify there's a pending Decision there
    final DecisionQueue dq = m_engine.getManager(WorkflowManager.class).getDecisionQueue();
    final Collection<Decision> decisions = dq.getActorDecisions(m_engine.adminSession());
    Assertions.assertEquals(1, decisions.size());
    // Verify that the Decision has all the facts and attributes we need
    final Decision d = decisions.iterator().next();
    final List<Fact> facts = d.getFacts();
    Assertions.assertEquals(new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_PREFS_FULL_NAME, profile.getFullname()), facts.get(0));
    Assertions.assertEquals(new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_PREFS_LOGIN_NAME, profile.getLoginName()), facts.get(1));
    Assertions.assertEquals(new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_SUBMITTER, context.getWikiSession().getUserPrincipal().getName()), facts.get(2));
    Assertions.assertEquals(new Fact(WorkflowManager.WF_UP_CREATE_SAVE_FACT_PREFS_EMAIL, profile.getEmail()), facts.get(3));
    Assertions.assertEquals(profile, d.getWorkflowContext().get(WorkflowManager.WF_UP_CREATE_SAVE_ATTR_SAVED_PROFILE));
    // Approve the profile
    d.decide(Outcome.DECISION_APPROVE, context);
    // Make sure the profile saved successfully
    Assertions.assertEquals(oldUserCount + 1, m_db.getWikiNames().length);
    // Now delete the profile; should be back to old count
    m_db.deleteByLoginName(loginName);
    Assertions.assertEquals(oldUserCount, m_db.getWikiNames().length);
}