Examples of JackrabbitAccessControlManager

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

395
396
397
398
399
400
401
402
403
404
405
406
407
        if (principalbased) {
            // try to access policies
            List<AccessControlPolicy> policies = new ArrayList<AccessControlPolicy>();
            if (acMgr instanceof JackrabbitAccessControlManager) {
                JackrabbitAccessControlManager jacMgr = (JackrabbitAccessControlManager) acMgr;
                policies.addAll(Arrays.asList(jacMgr.getPolicies(principal)));
                policies.addAll(Arrays.asList(jacMgr.getApplicablePolicies(principal)));
            }
            for (AccessControlPolicy policy : policies) {
                if (policy instanceof JackrabbitAccessControlList) {
                    JackrabbitAccessControlList acl = (JackrabbitAccessControlList) policy;
                    Map<String, Value> restr = new HashMap<String, Value>();
View Full Code Here

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
    }

    public void testPermissions() throws Exception {
        Session superuser2 = getHelper().getSuperuserSession();
        try {
            JackrabbitAccessControlManager acM = (JackrabbitAccessControlManager) acMgr;
            JackrabbitAccessControlManager acM2 = (JackrabbitAccessControlManager) superuser2.getAccessControlManager();
            Set<Principal> principals = Collections.singleton(testGroup.getPrincipal());

            // --- test1 : add an ACE at path ----------------------------------
            Privilege[] privs = privilegesFromName(Privilege.JCR_LOCK_MANAGEMENT);
            modifyPrivileges(path, testGroup.getPrincipal(), privs, true);

            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));

            // --- test2: modify the policy at 'path' ------------------------------
            modifyPrivileges(path, testGroup.getPrincipal(), privilegesFromName(Privilege.JCR_WRITE), true);

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_WRITE});
            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));

            // --- test3: add an policy at childNPath ------------------------------
            modifyPrivileges(childNPath, testGroup.getPrincipal(),
                    privilegesFromName(Privilege.JCR_ADD_CHILD_NODES), false);

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_WRITE});
            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_MODIFY_PROPERTIES,
                    Privilege.JCR_REMOVE_CHILD_NODES,
                    Privilege.JCR_REMOVE_NODE});
            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));


            // --- test4: modify policy at childNPath --------------------------
            modifyPrivileges(childNPath, testGroup.getPrincipal(),
                    privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES), false);

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_WRITE});
            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_MODIFY_PROPERTIES,
                    Privilege.JCR_REMOVE_NODE});
            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));

            // --- test4: remove policy at childNPath --------------------------
            acMgr.removePolicy(childNPath, acMgr.getPolicies(childNPath)[0]);
            superuser.save();

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_WRITE});
           
            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));
           
        } finally {
            superuser2.logout();
        }
    }
View Full Code Here

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
    public void testGetEffectivePoliciesByPrincipal() throws Exception {
        if (!(acMgr instanceof JackrabbitAccessControlManager)) {
            throw new NotExecutableException();
        }
        JackrabbitAccessControlManager jAcMgr = (JackrabbitAccessControlManager) acMgr;
        Set<Principal> principalSet = Collections.singleton(testUser.getPrincipal());

        try {
            // initial state: no repo level policy
            AccessControlPolicy[] policies = acMgr.getPolicies(null);
            assertNotNull(policies);
            assertEquals(0, policies.length);

            AccessControlPolicy[] effective = jAcMgr.getEffectivePolicies(principalSet);
            assertNotNull(effective);
            assertEquals(0, effective.length);

            AccessControlPolicyIterator it = acMgr.getApplicablePolicies(null);
            assertTrue(it.hasNext());

            // modify the repo level policy
            modifyPrivileges(null, NameConstants.JCR_NODE_TYPE_DEFINITION_MANAGEMENT.toString(), false);
            modifyPrivileges(null, NameConstants.JCR_NAMESPACE_MANAGEMENT.toString(), true);

            // verify that the effective policies for the given principal set
            // is properly calculated.
            AccessControlPolicy[] eff = jAcMgr.getEffectivePolicies(principalSet);
            assertNotNull(eff);
            assertEquals(1, eff.length);
            assertTrue(eff[0] instanceof AccessControlList);

            AccessControlList acl = (AccessControlList) eff[0];
View Full Code Here

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

678
679
680
681
682
683
684
685
686
687
688
689
690
     * the default configuration.
     *
     * @throws Exception
     */
    public void testImportPrincipalBasedACL() throws Exception {
        JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) sImpl.getAccessControlManager();
        if (acMgr.getApplicablePolicies(EveryonePrincipal.getInstance()).length > 0 ||
                acMgr.getPolicies(EveryonePrincipal.getInstance()).length > 0) {
            // test expects that only resource-based acl is supported
            throw new NotExecutableException();
        }

        PrincipalManager pmgr = sImpl.getPrincipalManager();
View Full Code Here

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
    }

    public void testPermissions() throws Exception {
        Session superuser2 = getHelper().getSuperuserSession();
        try {
            JackrabbitAccessControlManager acM = (JackrabbitAccessControlManager) acMgr;
            JackrabbitAccessControlManager acM2 = (JackrabbitAccessControlManager) superuser2.getAccessControlManager();
            Set<Principal> principals = Collections.singleton(testGroup.getPrincipal());

            // --- test1 : add an ACE at path ----------------------------------
            Privilege[] privs = privilegesFromName(Privilege.JCR_LOCK_MANAGEMENT);
            modifyPrivileges(path, testGroup.getPrincipal(), privs, true);

            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));

            // --- test2: modify the policy at 'path' ------------------------------
            modifyPrivileges(path, testGroup.getPrincipal(), privilegesFromName(Privilege.JCR_WRITE), true);

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_WRITE});
            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));

            // --- test3: add an policy at childNPath ------------------------------
            modifyPrivileges(childNPath, testGroup.getPrincipal(),
                    privilegesFromName(Privilege.JCR_ADD_CHILD_NODES), false);

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_WRITE});
            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_MODIFY_PROPERTIES,
                    Privilege.JCR_REMOVE_CHILD_NODES,
                    Privilege.JCR_REMOVE_NODE});
            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));


            // --- test4: modify policy at childNPath --------------------------
            modifyPrivileges(childNPath, testGroup.getPrincipal(),
                    privilegesFromName(Privilege.JCR_REMOVE_CHILD_NODES), false);

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_WRITE});
            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_MODIFY_PROPERTIES,
                    Privilege.JCR_REMOVE_NODE});
            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));

            // --- test4: remove policy at childNPath --------------------------
            acMgr.removePolicy(childNPath, acMgr.getPolicies(childNPath)[0]);
            superuser.save();

            privs = privilegesFromNames(new String[] {
                    Privilege.JCR_LOCK_MANAGEMENT,
                    Privilege.JCR_WRITE});
           
            assertTrue(acM.hasPrivileges(path, principals, privs));
            assertTrue(acM2.hasPrivileges(path, principals, privs));

            assertTrue(acM.hasPrivileges(childNPath, principals, privs));
            assertTrue(acM2.hasPrivileges(childNPath, principals, privs));
           
        } finally {
            superuser2.logout();
        }
       
View Full Code Here

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
                superuser.save();
            }

            Principal p = u.getPrincipal();

            JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) getAccessControlManager(superuser);
            JackrabbitAccessControlPolicy[] acls = acMgr.getApplicablePolicies(p);

            assertEquals(1, acls.length);
            assertTrue(acls[0] instanceof ACLTemplate);

            // access again
            acls = acMgr.getApplicablePolicies(p);

            assertEquals(1, acls.length);           
            assertEquals(1, acMgr.getApplicablePolicies(acls[0].getPath()).getSize());

            assertEquals(0, acMgr.getPolicies(p).length);
            assertEquals(0, acMgr.getPolicies(acls[0].getPath()).length);

            acMgr.setPolicy(acls[0].getPath(), acls[0]);

            assertEquals(0, acMgr.getApplicablePolicies(p).length);
            assertEquals(1, acMgr.getPolicies(p).length);
            assertEquals(1, acMgr.getPolicies(acls[0].getPath()).length);
        } finally {
            superuser.refresh(false);
            if (u != null) {
                u.remove();
                if (!uMgr.isAutoSave()) {
View Full Code Here

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
            Principal p2 = u2.getPrincipal();

            if (p instanceof ItemBasedPrincipal && p2 instanceof ItemBasedPrincipal &&
                    Text.isDescendant(((ItemBasedPrincipal) p).getPath(), ((ItemBasedPrincipal) p2).getPath())) {

                JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) getAccessControlManager(superuser);

                JackrabbitAccessControlPolicy[] acls = acMgr.getApplicablePolicies(p2);
                acMgr.setPolicy(acls[0].getPath(), acls[0]);

                acls = acMgr.getApplicablePolicies(p);
                String path = acls[0].getPath();

                Node n = superuser.getNode(path);
                assertEquals("rep:PrincipalAccessControl", n.getPrimaryNodeType().getName());
            } else {
View Full Code Here

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

540
541
542
543
544
545
546
547
548
549
550
551
552
     * the default configuration.
     *
     * @throws Exception
     */
    public void testImportPrincipalBasedACL() throws Exception {
        JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) sImpl.getAccessControlManager();
        if (acMgr.getApplicablePolicies(EveryonePrincipal.getInstance()).length > 0 ||
                acMgr.getPolicies(EveryonePrincipal.getInstance()).length > 0) {
            // test expects that only resource-based acl is supported
            throw new NotExecutableException();
        }

        PrincipalManager pmgr = sImpl.getPrincipalManager();
View Full Code Here

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
        try {
            UserManager uMgr = getUserManager(superuser);
            u = uMgr.createUser("t", "t");
            Principal p = u.getPrincipal();

            JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) getAccessControlManager(superuser);
            JackrabbitAccessControlPolicy[] acls = acMgr.getApplicablePolicies(p);

            assertEquals(1, acls.length);
            assertTrue(acls[0] instanceof ACLTemplate);

            // access again
            acls = acMgr.getApplicablePolicies(p);

            assertEquals(1, acls.length);           
            assertEquals(1, acMgr.getApplicablePolicies(acls[0].getPath()).getSize());

            assertEquals(0, acMgr.getPolicies(p).length);
            assertEquals(0, acMgr.getPolicies(acls[0].getPath()).length);

            acMgr.setPolicy(acls[0].getPath(), acls[0]);

            assertEquals(0, acMgr.getApplicablePolicies(p).length);
            assertEquals(1, acMgr.getPolicies(p).length);
            assertEquals(1, acMgr.getPolicies(acls[0].getPath()).length);
        } finally {
            superuser.refresh(false);
            if (u != null) {
                u.remove();
            }
View Full Code Here

Examples of org.apache.jackrabbit.api.security.JackrabbitAccessControlManager

121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
            Principal p2 = u2.getPrincipal();

            if (p instanceof ItemBasedPrincipal && p2 instanceof ItemBasedPrincipal &&
                    Text.isDescendant(((ItemBasedPrincipal) p).getPath(), ((ItemBasedPrincipal) p2).getPath())) {

                JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) getAccessControlManager(superuser);

                JackrabbitAccessControlPolicy[] acls = acMgr.getApplicablePolicies(p2);
                acMgr.setPolicy(acls[0].getPath(), acls[0]);

                acls = acMgr.getApplicablePolicies(p);
                String path = acls[0].getPath();

                Node n = superuser.getNode(path);
                assertEquals("rep:PrincipalAccessControl", n.getPrimaryNodeType().getName());
            } else {
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.