Examples of org.apache.jackrabbit.api.security.user.Authorizable

• org.apache.jackrabbit.api.security.user.Authorizable
  The Authorizable is the common base interface for {@link User} and{@link Group}. It provides access to the Principals associated with an Authorizable (see below) and allow to access and modify additional properties such as e.g. full name, e-mail or address.

  Please note the difference between Authorizable and {@link java.security.Principal Principal}:
  An Authorizable is repository object that is neither associated with nor depending from a particular Session and thus independent of the login mechanisms creating Sessions.
  

  On the other hand Principals are representations of user identities. In other words: each Principal within the set associated with the Session's Subject upon login represents an identity for that user. An the set of Principals may differ between different login mechanisms.
  

  Consequently an one-to-many relationship exists between Authorizable and Principal (see also {@link #getPrincipal()}.

  The interfaces derived from Authorizable are defined as follows:

  • {@link User}: defined to be an Authorizable that can be authenticated (by using Credentials) and impersonated.
  • {@link Group}: defined to be a collection of other Authorizables.

  @see User @see Group

        } finally {
            // remove group member ship
            groupAdmin.removeMember(userMgr.getAuthorizable(uID));

            // remove all users that have been created
            Authorizable a = userMgr.getAuthorizable(otherUID);
            if (a != null) {
                a.remove();
            }
            save(superuser);
        }
        super.tearDown();
    }

    }

    public void testRemoveSelf() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);

        Authorizable himself = umgr.getAuthorizable(uID);
        try {
            himself.remove();
            save(uSession);
            fail("A GroupAdministrator should not be allowed to remove the own authorizable.");
        } catch (AccessDeniedException e) {
            // success
        }

    }

    public void testRemoveGroupAdmin() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);

        Authorizable groupAdmin = umgr.getAuthorizable(grID);
        try {
            groupAdmin.remove();
            save(uSession);
            fail("A GroupAdministrator should not be allowed to remove the group admin.");
        } catch (AccessDeniedException e) {
            // success
        }

        }
    }

    public void testAddToGroup() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);
        Authorizable cU = umgr.getAuthorizable(getYetAnotherID());
        Group gr = (Group) umgr.getAuthorizable(grID);

        // adding and removing the test user as member of a group must succeed.
        try {
            assertTrue("Modifying group membership requires GroupAdmin membership.",gr.addMember(cU));

        }
    }

    public void testAddToGroup2() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);
        Authorizable cU = umgr.getAuthorizable(getYetAnotherID());

        Group gr = (Group) umgr.getAuthorizable(groupAdmin.getID());
        assertTrue(gr.addMember(cU));
        save(uSession);
        assertTrue(gr.removeMember(cU));

            // editing session adds itself to that group -> must succeed.
            assertTrue(testGroup.addMember(self));
            save(uSession);

            // add child-user to test group
            Authorizable testUser = umgr.getAuthorizable(getYetAnotherID());
            assertFalse(testGroup.isMember(testUser));
            assertTrue(testGroup.addMember(testUser));
            save(uSession);
        } finally {
            if (testGroup != null) {

        }
    }

    public void testAddMembersUserAdmins() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);
        Authorizable auth = umgr.getAuthorizable(UserConstants.USER_ADMIN_GROUP_NAME);
        if (auth == null || !auth.isGroup()) {
            throw new NotExecutableException("Cannot execute test. No User-Admin group found.");
        }
        Group userAdmin = (Group) auth;
        Group testGroup = null;
        User self = (User) umgr.getAuthorizable(uID);

    }

    public void testAddOtherUserToGroup() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);

        Authorizable pU = umgr.getAuthorizable(otherUID);
        Group gr = (Group) umgr.getAuthorizable(groupAdmin.getID());

        try {
            assertTrue(gr.addMember(pU));
            save(uSession);

    }

    public void testAddOwnAuthorizableAsGroupAdmin() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);

        Authorizable user = umgr.getAuthorizable(uID);
        Group gr = (Group) umgr.getAuthorizable(groupAdmin.getID());

        // user is already group-admin -> adding must return false.
        // but should not throw exception.
        assertFalse(gr.addMember(user));

    }

    public void testRemoveMembershipForOwnAuthorizable() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);

        Authorizable user = umgr.getAuthorizable(uID);
        Group gr = (Group) umgr.getAuthorizable(groupAdmin.getID());

        // removing himself from group. should succeed.
        assertTrue(gr.removeMember(user));
    }