Examples of org.apache.jackrabbit.api.security.user.Authorizable

• org.apache.jackrabbit.api.security.user.Authorizable
  The Authorizable is the common base interface for {@link User} and{@link Group}. It provides access to the Principals associated with an Authorizable (see below) and allow to access and modify additional properties such as e.g. full name, e-mail or address.

  Please note the difference between Authorizable and {@link java.security.Principal Principal}:
  An Authorizable is repository object that is neither associated with nor depending from a particular Session and thus independent of the login mechanisms creating Sessions.
  

  On the other hand Principals are representations of user identities. In other words: each Principal within the set associated with the Session's Subject upon login represents an identity for that user. An the set of Principals may differ between different login mechanisms.
  

  Consequently an one-to-many relationship exists between Authorizable and Principal (see also {@link #getPrincipal()}.

  The interfaces derived from Authorizable are defined as follows:

  • {@link User}: defined to be an Authorizable that can be authenticated (by using Credentials) and impersonated.
  • {@link Group}: defined to be a collection of other Authorizables.

  @see User @see Group

     *
     * @throws RepositoryException
     * @throws NotExecutableException
     */
    public void testCollidingAdminNode() throws RepositoryException, NotExecutableException {
        Authorizable admin = userMgr.getAuthorizable(adminId);

        if (admin == null || !(admin instanceof AuthorizableImpl)) {
            throw new NotExecutableException();
        }

        save(superuser);

        otherUID = other.getID();

        // make other user a user-administrator:
        Authorizable ua = userMgr.getAuthorizable(UserConstants.USER_ADMIN_GROUP_NAME);
        if (ua == null || !ua.isGroup()) {
            throw new NotExecutableException("Cannot execute test. No user-administrator group found.");
        }
        uAdministrators = (Group) ua;
        uAdministrators.addMember(other);

        try {
            if (otherSession != null) {
                otherSession.logout();
            }
        } finally {
            Authorizable a = userMgr.getAuthorizable(otherUID);
            if (a != null) {
                for (Iterator<Group> it = a.memberOf(); it.hasNext();) {
                    Group gr = it.next();
                    if (!gr.getPrincipal().equals(EveryonePrincipal.getInstance())) {
                        gr.removeMember(a);
                    }
                }
                a.remove();
            }
            a = userMgr.getAuthorizable(uID);
            if (a != null) {
                a.remove();
            }
            save(superuser);
        }
        super.tearDown();
    }

        }
        super.tearDown();
    }

    private Group getGroupAdminGroup(UserManager uMgr) throws RepositoryException, NotExecutableException {
        Authorizable auth = uMgr.getAuthorizable(UserConstants.GROUP_ADMIN_GROUP_NAME);
        if (auth == null || !auth.isGroup()) {
            throw new NotExecutableException();
        }
        return (Group) auth;
    }

    }

    public void testRemoveHimSelf() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(otherSession);

        Authorizable himself = umgr.getAuthorizable(otherUID);
        try {
            himself.remove();
            save(otherSession);

            fail("A UserAdministrator should not be allowed to remove himself.");
        } catch (AccessDeniedException e) {
            // success

     * @throws NotExecutableException
     */
    public void testRemoveAnotherUser() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(otherSession);

        Authorizable user = umgr.getAuthorizable(uID);
        user.remove();
        save(otherSession);
    }

        } catch (RepositoryException e) {
            // success.
        } finally {
            // let superuser clean up
            if (grId != null) {
                Authorizable gr = userMgr.getAuthorizable(grId);
                if (gr != null) {
                    gr.remove();
                    save(superuser);
                }
            }
        }
    }

        } catch (RepositoryException e) {
            // success.
        } finally {
            // let superuser clean up
            if (grId != null) {
                Authorizable gr = userMgr.getAuthorizable(grId);
                if (gr != null) {
                    gr.remove();
                    save(superuser);
                }
            }
        }
    }

    public void testAddToGroup() throws NotExecutableException, RepositoryException {
        UserManager umgr = getUserManager(otherSession);
        Group gr = getGroupAdminGroup(umgr);

        Authorizable auth = umgr.getAuthorizable(uID);
        try {
            assertFalse(gr.addMember(auth));
            // omit cond-save call.
        } catch (AccessDeniedException e) {
            // success as well.

        try {
            Principal p = getTestPrincipal();
            u = (UserImpl) umgr.createUser(p.getName(), buildPassword(p));
            save(otherSession);

            Authorizable az = userMgr.getAuthorizable(u.getID());
            assertNotNull(az);
            assertEquals(u.getID(), az.getID());
        } finally {
            if (u != null) {
                u.remove();
                save(otherSession);
            }