Examples of org.apache.jackrabbit.api.security.user.Authorizable

• org.apache.jackrabbit.api.security.user.Authorizable
  The Authorizable is the common base interface for {@link User} and{@link Group}. It provides access to the Principals associated with an Authorizable (see below) and allow to access and modify additional properties such as e.g. full name, e-mail or address.

  Please note the difference between Authorizable and {@link java.security.Principal Principal}:
  An Authorizable is repository object that is neither associated with nor depending from a particular Session and thus independent of the login mechanisms creating Sessions.
  

  On the other hand Principals are representations of user identities. In other words: each Principal within the set associated with the Session's Subject upon login represents an identity for that user. An the set of Principals may differ between different login mechanisms.
  

  Consequently an one-to-many relationship exists between Authorizable and Principal (see also {@link #getPrincipal()}.

  The interfaces derived from Authorizable are defined as follows:

  • {@link User}: defined to be an Authorizable that can be authenticated (by using Credentials) and impersonated.
  • {@link Group}: defined to be a collection of other Authorizables.

  @see User @see Group

        doImport(getTargetPath(), xml);

        assertTrue(target.isModified());
        assertTrue(adminSession.hasPendingChanges());

        Authorizable newUser = userMgr.getAuthorizable("t");
        Node n = adminSession.getNode(newUser.getPath());

        String pwValue = n.getProperty(UserConstants.REP_PASSWORD).getString();
        assertFalse(plainPw.equals(pwValue));
        assertTrue(pwValue.toLowerCase().startsWith("{sha"));
    }

        doImport(getTargetPath(), xml);

        assertTrue(target.isModified());
        assertTrue(adminSession.hasPendingChanges());

        Authorizable newUser = userMgr.getAuthorizable("t");
        assertNotNull(newUser);

        assertTrue(target.hasNode("t"));
        assertTrue(target.hasProperty("t/rep:password"));
        assertFalse(target.getProperty("t/rep:password").getDefinition().isProtected());

                "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>t</sv:value></sv:property>" +
                "</sv:node>";

        doImport(getTargetPath(), xml);

        Authorizable user = userMgr.getAuthorizable("t");
        assertNotNull(user);
        assertFalse(user.isGroup());
        assertFalse(adminSession.propertyExists(user.getPath() + "/rep:password"));
    }

        // to determine the userID.
        try {
            UserManager umgr = getSystemUserManager(workspaceName);
            for (Principal p : subject.getPrincipals()) {
                if (!(p instanceof Group)) {
                    Authorizable authorz = umgr.getAuthorizable(p);
                    if (authorz != null && !authorz.isGroup()) {
                        uid = authorz.getID();
                        break;
                    }
                }
            }
        } catch (RepositoryException e) {

    static void createSystemUsers(UserManager userManager,
                                  SystemSession session,
                                  String adminId,
                                  String anonymousId) throws RepositoryException {

        Authorizable admin = null;
        if (adminId != null) {
            admin = userManager.getAuthorizable(adminId);
            if (admin == null) {
                admin = userManager.createUser(adminId, adminId);
                if (!userManager.isAutoSave()) {
                    session.save();
                }
                log.info("... created admin-user with id \'" + adminId + "\' ...");
            }
        }

        // assume administrators groupID and principalName are the same.
        // and avoid retrieving group by principal.
        Group admins = (Group) userManager.getAuthorizable(SecurityConstants.ADMINISTRATORS_NAME);
        if (admins == null) {
            admins = userManager.createGroup(new PrincipalImpl(SecurityConstants.ADMINISTRATORS_NAME));
            if (!userManager.isAutoSave()) {
                session.save();
            }
            log.info("... created administrators group with name '"+SecurityConstants.ADMINISTRATORS_NAME+"'");
        }

        try {
            if (admins != null && admins.addMember(admin)) {
                if (!userManager.isAutoSave()) {
                    session.save();
                }
                log.info("... added admin '" + adminId + "' as member of the administrators group.");
            }
        } catch (RepositoryException e) {
            // administrator has full permissions anyway. just log a
            // warning and ignore the error.
            log.warn("Unexpected error while adding admin to the administrators group", e);
        }

        if (anonymousId != null) {
            Authorizable anonymous = userManager.getAuthorizable(anonymousId);
            if (anonymous == null) {
                userManager.createUser(anonymousId, "");
                if (!userManager.isAutoSave()) {
                    session.save();
                }

            adminPw = adminId; // The default value as defined upon #createSystemUsers
        }

        @Override
        public Authorizable getAuthorizable(String id) throws RepositoryException {
            Authorizable a = super.getAuthorizable(id);
            if (a == null && adminId.equals(id)) {
                log.info("Admin user does not exist.");
                a = createAdmin(adminId, adminPw);
            }
            return a;

            throw new NotExecutableException();
        }
    }

    public void testGetPrincipal() throws RepositoryException {
        Authorizable admin = userMgr.getAuthorizable(adminId);
        assertNotNull(admin);
        assertFalse(admin.isGroup());
        assertTrue(admin.getPrincipal() instanceof AdminPrincipal);
    }

        assertFalse(admin.isGroup());
        assertTrue(admin.getPrincipal() instanceof AdminPrincipal);
    }

    public void testMemberOfAdministrators() throws RepositoryException {
        Authorizable admins = userMgr.getAuthorizable(SecurityConstants.ADMINISTRATORS_NAME);
        if (admins != null && admins.isGroup()) {
            assertTrue(((Group) admins).isMember(userMgr.getAuthorizable(adminId)));
        }
    }

            assertTrue(((Group) admins).isMember(userMgr.getAuthorizable(adminId)));
        }
    }

    public void testRemoveSelf() throws RepositoryException, NotExecutableException {
        Authorizable admin = userMgr.getAuthorizable(adminId);
        if (admin == null) {
            throw new NotExecutableException();
        }
        try {
            admin.remove();
            fail("The Administrator should not be allowed to remove the own authorizable.");
        } catch (RepositoryException e) {
            // success
        }
    }

            // success
        }
    }

    public void testRemoveAdminNode() throws RepositoryException, NotExecutableException {
        Authorizable admin = userMgr.getAuthorizable(adminId);

        if (admin == null || !(admin instanceof AuthorizableImpl)) {
            throw new NotExecutableException();
        }