Examples with Session org.apache.wiki.api.core.Session used on opensource projects

Search in sources :

Example 36 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class AuthorizationManagerTest method testInheritedPermissions.

@Test
public void testInheritedPermissions() throws Exception {
    // Create test page & attachment
    final String src = "[{ALLOW edit Alice}] ";
    m_engine.saveText("Test", src);
    final File f = m_engine.makeAttachmentFile();
    final Attachment att = Wiki.contents().attachment(m_engine, "Test", "test1.txt");
    att.setAuthor("FirstPost");
    m_engine.getManager(AttachmentManager.class).storeAttachment(att, f);
    final Attachment p = (Attachment) m_engine.getManager(PageManager.class).getPage("Test/test1.txt");
    final Permission view = PermissionFactory.getPagePermission(p, "view");
    final Permission edit = PermissionFactory.getPagePermission(p, "edit");
    // Create authenticated session with user 'Alice', who can read & edit (in ACL)
    Session session = WikiSessionTest.authenticatedSession(m_engine, Users.ALICE, Users.ALICE_PASS);
    Assertions.assertTrue(m_auth.checkPermission(session, view), "Alice view Test/test1.txt");
    Assertions.assertTrue(m_auth.checkPermission(session, edit), "Alice view Test/test1.txt");
    // Create authenticated session with user 'Bob', who can't read or edit (not in ACL)
    session = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
    Assertions.assertFalse(m_auth.checkPermission(session, view), "Bob !view Test/test1.txt");
    Assertions.assertFalse(m_auth.checkPermission(session, edit), "Bob !view Test/test1.txt");
    // Delete test page & attachment
    m_engine.getManager(AttachmentManager.class).deleteAttachment(att);
    m_engine.getManager(PageManager.class).deletePage("Test");
}
Also used : PageManager(org.apache.wiki.pages.PageManager) WikiPermission(org.apache.wiki.auth.permissions.WikiPermission) PagePermission(org.apache.wiki.auth.permissions.PagePermission) AllPermission(org.apache.wiki.auth.permissions.AllPermission) Permission(java.security.Permission) Attachment(org.apache.wiki.api.core.Attachment) AttachmentManager(org.apache.wiki.attachment.AttachmentManager) File(java.io.File) Session(org.apache.wiki.api.core.Session) WikiSessionTest(org.apache.wiki.WikiSessionTest) Test(org.junit.jupiter.api.Test)

Example 37 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class AuthorizationManagerTest method testPrincipalAcl.

@Test
public void testPrincipalAcl() throws Exception {
    // Create test page & attachment
    final String src = "[{ALLOW edit Alice}] ";
    m_engine.saveText("Test", src);
    final Page p = m_engine.getManager(PageManager.class).getPage("Test");
    final Permission view = PermissionFactory.getPagePermission(p, "view");
    final Permission edit = PermissionFactory.getPagePermission(p, "edit");
    // Create session with authenticated user 'Alice', who can read & edit (in ACL)
    Session session = WikiSessionTest.authenticatedSession(m_engine, Users.ALICE, Users.ALICE_PASS);
    Assertions.assertTrue(m_auth.checkPermission(session, view), "Alice view Test");
    Assertions.assertTrue(m_auth.checkPermission(session, edit), "Alice edit Test");
    // Create session with authenticated user 'Bob', who can't read or edit (not in ACL)
    session = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
    Assertions.assertFalse(m_auth.checkPermission(session, view), "Bob !view Test");
    Assertions.assertFalse(m_auth.checkPermission(session, edit), "Bob !edit Test");
    // Cleanup
    try {
        m_engine.getManager(PageManager.class).deletePage("Test");
    } catch (final ProviderException e) {
        Assertions.fail("Could not delete page");
    }
}
Also used : PageManager(org.apache.wiki.pages.PageManager) ProviderException(org.apache.wiki.api.exceptions.ProviderException) WikiPermission(org.apache.wiki.auth.permissions.WikiPermission) PagePermission(org.apache.wiki.auth.permissions.PagePermission) AllPermission(org.apache.wiki.auth.permissions.AllPermission) Permission(java.security.Permission) Page(org.apache.wiki.api.core.Page) Session(org.apache.wiki.api.core.Session) WikiSessionTest(org.apache.wiki.WikiSessionTest) Test(org.junit.jupiter.api.Test)

Example 38 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class AuthorizationManagerTest method testAuthenticatedSession.

@Test
public void testAuthenticatedSession() throws Exception {
    // Create Alice and her roles
    final Principal alice = new WikiPrincipal(Users.ALICE);
    final Role it = new Role("IT");
    final Role engineering = new Role("Engineering");
    final Role finance = new Role("Finance");
    final Principal admin = new GroupPrincipal("Admin");
    final Session session = WikiSessionTest.containerAuthenticatedSession(m_engine, Users.ALICE, new Principal[] { it, engineering, admin });
    // Create two groups: Alice should be part of group Bar, but not Foo
    final Group fooGroup = m_groupMgr.parseGroup("Foo", "", true);
    final Group barGroup = m_groupMgr.parseGroup("Bar", "", true);
    barGroup.add(alice);
    m_groupMgr.setGroup(m_session, fooGroup);
    m_groupMgr.setGroup(m_session, barGroup);
    // Test user principal posession: user principals of different
    // types should still be "the same" if their names are equal
    Assertions.assertTrue(m_auth.hasRoleOrPrincipal(session, new WikiPrincipal(Users.ALICE)), "Alice has Alice");
    Assertions.assertTrue(m_auth.hasRoleOrPrincipal(session, new TestPrincipal(Users.ALICE)), "Alice has Alice");
    Assertions.assertFalse(m_auth.hasRoleOrPrincipal(session, new WikiPrincipal(Users.BOB)), "Alice not has Bob");
    Assertions.assertFalse(m_auth.hasRoleOrPrincipal(session, new TestPrincipal(Users.BOB)), "Alice not has Bob");
    // Built-in role membership
    Assertions.assertTrue(m_auth.hasRoleOrPrincipal(session, Role.ALL), "Alice in ALL");
    Assertions.assertFalse(m_auth.hasRoleOrPrincipal(session, Role.ANONYMOUS), "Alice not in ANONYMOUS");
    Assertions.assertFalse(m_auth.hasRoleOrPrincipal(session, Role.ASSERTED), "Alice not in ASSERTED");
    Assertions.assertTrue(m_auth.hasRoleOrPrincipal(session, Role.AUTHENTICATED), "Alice in AUTHENTICATED");
    // Custom roles
    Assertions.assertTrue(m_auth.hasRoleOrPrincipal(session, it), "Alice in IT");
    Assertions.assertTrue(m_auth.hasRoleOrPrincipal(session, engineering), "Alice in Engineering");
    Assertions.assertFalse(m_auth.hasRoleOrPrincipal(session, finance), "Alice not in Finance");
    // Group memberships
    Assertions.assertFalse(m_auth.hasRoleOrPrincipal(session, fooGroup.getPrincipal()), "Alice not in Foo");
    Assertions.assertTrue(m_auth.hasRoleOrPrincipal(session, barGroup.getPrincipal()), "Alice in Bar");
    // Cleanup
    m_groupMgr.removeGroup("Foo");
    m_groupMgr.removeGroup("Bar");
}
Also used : Role(org.apache.wiki.auth.authorize.Role) Group(org.apache.wiki.auth.authorize.Group) Principal(java.security.Principal) UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal) Session(org.apache.wiki.api.core.Session) WikiSessionTest(org.apache.wiki.WikiSessionTest) Test(org.junit.jupiter.api.Test)

Example 39 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class AuthorizationManagerTest method testAdminView.

@Test
public void testAdminView() throws Exception {
    m_engine.saveText("TestDefaultPage", "Foo [{ALLOW view FooBar}]");
    final Principal admin = new GroupPrincipal("Admin");
    final Session session = WikiSessionTest.containerAuthenticatedSession(m_engine, Users.ALICE, new Principal[] { admin });
    Assertions.assertTrue(m_auth.checkPermission(session, new AllPermission(m_engine.getApplicationName())), "Alice has AllPermission");
    Assertions.assertTrue(m_auth.checkPermission(session, new PagePermission("TestDefaultPage", "view")), "Alice cannot read");
}
Also used : AllPermission(org.apache.wiki.auth.permissions.AllPermission) Principal(java.security.Principal) UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal) PagePermission(org.apache.wiki.auth.permissions.PagePermission) Session(org.apache.wiki.api.core.Session) WikiSessionTest(org.apache.wiki.WikiSessionTest) Test(org.junit.jupiter.api.Test)

Example 40 with Session

use of org.apache.wiki.api.core.Session in project jspwiki by apache.

the class AuthorizationManagerTest method testInheritedAclPermissions.

@Test
public void testInheritedAclPermissions() throws Exception {
    // Create test page & attachment
    final String src = "[{ALLOW view Alice}] ";
    m_engine.saveText("Test", src);
    final File f = m_engine.makeAttachmentFile();
    final Attachment att = Wiki.contents().attachment(m_engine, "Test", "test1.txt");
    att.setAuthor("FirstPost");
    m_engine.getManager(AttachmentManager.class).storeAttachment(att, f);
    final Attachment p = (Attachment) m_engine.getManager(PageManager.class).getPage("Test/test1.txt");
    final Permission view = PermissionFactory.getPagePermission(p, "view");
    final Permission edit = PermissionFactory.getPagePermission(p, "edit");
    // Create session with user 'Alice', who can read (in ACL)
    Session session = WikiSessionTest.authenticatedSession(m_engine, Users.ALICE, Users.ALICE_PASS);
    Assertions.assertTrue(m_auth.checkPermission(session, view), "Foo view Test");
    Assertions.assertFalse(m_auth.checkPermission(session, edit), "Foo !edit Test");
    // Create session with user 'Bob', who can't read or edit (not in ACL)
    session = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
    Assertions.assertFalse(m_auth.checkPermission(session, view), "Bar !view Test");
    Assertions.assertFalse(m_auth.checkPermission(session, view), "Bar !edit Test");
    // Delete test page & attachment
    m_engine.getManager(AttachmentManager.class).deleteAttachment(att);
    m_engine.getManager(PageManager.class).deletePage("Test");
}
Also used : PageManager(org.apache.wiki.pages.PageManager) WikiPermission(org.apache.wiki.auth.permissions.WikiPermission) PagePermission(org.apache.wiki.auth.permissions.PagePermission) AllPermission(org.apache.wiki.auth.permissions.AllPermission) Permission(java.security.Permission) Attachment(org.apache.wiki.api.core.Attachment) AttachmentManager(org.apache.wiki.attachment.AttachmentManager) File(java.io.File) Session(org.apache.wiki.api.core.Session) WikiSessionTest(org.apache.wiki.WikiSessionTest) Test(org.junit.jupiter.api.Test)

Aggregations

Session (org.apache.wiki.api.core.Session)51 Test (org.junit.jupiter.api.Test)25 WikiSessionTest (org.apache.wiki.WikiSessionTest)19 Principal (java.security.Principal)18 MockHttpServletRequest (net.sourceforge.stripes.mock.MockHttpServletRequest)11 AllPermission (org.apache.wiki.auth.permissions.AllPermission)9 PageManager (org.apache.wiki.pages.PageManager)9 HttpSession (javax.servlet.http.HttpSession)8 Group (org.apache.wiki.auth.authorize.Group)8 PagePermission (org.apache.wiki.auth.permissions.PagePermission)8 Permission (java.security.Permission)7 Page (org.apache.wiki.api.core.Page)7 AuthenticationManager (org.apache.wiki.auth.AuthenticationManager)7 WikiPermission (org.apache.wiki.auth.permissions.WikiPermission)7 UnresolvedPrincipal (org.apache.wiki.auth.acl.UnresolvedPrincipal)6 UserProfile (org.apache.wiki.auth.user.UserProfile)6 GroupPrincipal (org.apache.wiki.auth.GroupPrincipal)5 WikiPrincipal (org.apache.wiki.auth.WikiPrincipal)5 Role (org.apache.wiki.auth.authorize.Role)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial