Examples of SecurityEntry

Examples of org.apache.jetspeed.om.registry.SecurityEntry

371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
            assertNotNull(fragment);
            Vector securityEntries = fragment.getSecurityEntries();
            assertTrue("Security Entries exist", !securityEntries.isEmpty());

            // test abstract
            SecurityEntry securityEntry = (SecurityEntry) securityEntries.firstElement();
            assertNotNull("Got first Security Entry", securityEntry);
            assertTrue("Getting expect security entry", securityEntry.getName().equals("basic_testcase"));

            // Get the action
            Vector securityAccesses = securityEntry.getAccesses();
            assertNotNull("Got SecurityAccesses", securityAccesses);
            SecurityAccess securityAccess = (SecurityAccess) securityAccesses.firstElement();
            assertNotNull("Got SecurityAccess", securityAccess);
            assertEquals("Verify action", "view", securityAccess.getAction());

            // Get allows
            Vector securityAllows = securityAccess.getAllows();
            assertNotNull("Got SecurityAllows", securityAllows);
            SecurityAllow securityAllow = (SecurityAllow) securityAllows.firstElement();
            assertNotNull("Got SecurityAllow", securityAllow);
            assertEquals("Verify role", "clerk", securityAllow.getRole());
            assertNull("Verify user" , securityAllow.getUser());

            securityAllow = (SecurityAllow) securityAllows.elementAt(1);
            assertNotNull("Got SecurityAllow", securityAllow);
            assertNull("Verify role", securityAllow.getRole());
            assertEquals("Verify user", "joe", securityAllow.getUser());

            securityAllow = (SecurityAllow) securityAllows.elementAt(2);
            assertNotNull("Got SecurityAllow", securityAllow);
            assertEquals("Verify role", "manager", securityAllow.getRole());
            assertEquals("Verify user", "fred", securityAllow.getUser());

            // test allows
            assertEquals("clerk role can view", true, securityEntry.allowsRole("clerk", "view"));
            assertEquals("manager role can view", true, securityEntry.allowsRole("manager", "view"));
            assertEquals("anonymous role can NOT view", false, securityEntry.allowsRole("anonymous", "view"));
            assertEquals("fred user can view", true, securityEntry.allowsUser("fred", "view"));
            assertEquals("joe user can view", true, securityEntry.allowsUser("joe", "view"));
            assertEquals("anonymous user can NOT view", false, securityEntry.allowsUser("anonymous", "view"));

            // Customize has <allow-id user="*"/>
            assertEquals("clerk role can NOT customize", false, securityEntry.allowsRole("clerk", "customize"));
            assertEquals("joe user can customize", true, securityEntry.allowsUser("joe", "customize"));

            // Minimize has no <allows-if .../>
            assertEquals("clerk role can NOT minimize", true, securityEntry.allowsRole("clerk", "minimize"));
            assertEquals("joe user can NOT minimize", true, securityEntry.allowsUser("joe", "minimize"));

            // Maximixe is not defined
            assertEquals("clerk role can NOT maximize", false, securityEntry.allowsRole("clerk", "maximize"));
            assertEquals("joe user can NOT maximize", false, securityEntry.allowsUser("joe", "maximize"));

            // Test the wide-open entry
            entryFound = false;
            for (Iterator securityIterator = securityEntries.iterator(); securityIterator.hasNext();)
            {
                securityEntry = (SecurityEntry) securityIterator.next();
                if (securityEntry.getName().equals("wide_open") == true)
                {
                    entryFound = true;
                    assertEquals("any role is NOT allowed", false, securityEntry.allowsRole("customer", "do_any_thing"));
                    assertEquals("any user is allowed", true, securityEntry.allowsUser("joe_customer", "do_any_thing"));
                }
            }
            assertTrue("Found wide_open security entry", entryFound);

            // Test the owner-only entry
            entryFound = false;
            for (Iterator securityIterator = securityEntries.iterator(); securityIterator.hasNext();)
            {
                securityEntry = (SecurityEntry) securityIterator.next();
                if (securityEntry.getName().equals("owner_only") == true)
                {
                    entryFound = true;
                    assertEquals("User joe_customer is not allowed", false,
                                 securityEntry.allowsUser("joe_customer", "do_any_thing"));
                    assertEquals("User joe_customer is not allowed", false,
                                 securityEntry.allowsUser("joe_customer", "do_any_thing", "joe_owner"));
                    assertEquals("User joe_owner is allowed", true,
                                 securityEntry.allowsUser("joe_owner", "do_any_thing", "joe_owner"));
                }
            }
            assertTrue("Found owner_only security entry", entryFound);
        }
    }
View Full Code Here

Examples of org.apache.jetspeed.om.registry.SecurityEntry

481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
            // Test the wide-open entry
            boolean entryFound = false;
            Iterator securityIterator = null;
            for (securityIterator = securityEntries.iterator(); securityIterator.hasNext();)
            {
                SecurityEntry securityEntry = (SecurityEntry) securityIterator.next();
                if (securityEntry.getName().equals("wide_open") == true)
                {
                    entryFound = true;
                    SecurityReference securityReference = securityEntry.getSecurityRef();
                    assertNotNull("Security entry 'wide_open' has a SecurityReference", securityReference);
                    assertEquals("Got parent", "admin_only", securityReference.getParent());
                }
            }
            assertTrue("Found wide_open security entry", entryFound);

            // Test the use_only entry
            entryFound = false;
            for (securityIterator = securityEntries.iterator(); securityIterator.hasNext();)
            {
                SecurityEntry securityEntry = (SecurityEntry) securityIterator.next();
                if (securityEntry.getName().equals("user_only") == true)
                {
                    entryFound = true;
                    SecurityReference securityReference = securityEntry.getSecurityRef();
                    assertNull("Security entry 'user_open' has no SecurityReference", securityReference);
                }
            }
            assertEquals("Found user_only security entry", true, entryFound);
        }
View Full Code Here

Examples of org.apache.jetspeed.om.registry.SecurityEntry

889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
     */
    public SecurityReference getDefaultSecurityRef(String type)
    {
        BaseSecurityReference result = null;

        SecurityEntry entry = null;

        String defaultRef = null;
        if (type.equals(Profiler.PARAM_USER))
        {
            defaultRef = this.defaultUserSecurityRef;
        }
        else if (type.equals(Profiler.PARAM_ANON))
        {
            defaultRef = this.defaultAnonSecurityRef;
        }
        else if (type.equals(Profiler.PARAM_ROLE))
        {
            defaultRef = this.defaultRoleSecurityRef;
        }
        else if (type.equals(Profiler.PARAM_GROUP))
        {
            defaultRef = this.defaultGroupSecurityRef;
        }

        entry = (SecurityEntry) Registry.getEntry(Registry.SECURITY, defaultRef);
        if (Log.getLogger().isDebugEnabled())
        {
            Log.debug(
                "JetspeedPortalToolkit: default security for type: " + type + " is " + defaultRef);
        }
        if (entry != null)
        {
            result = new BaseSecurityReference();
            result.setParent(entry.getName());
            if (Log.getLogger().isDebugEnabled())
            {
                Log.debug(
                    "JetspeedPortalToolkit: default security for type: "
                        + type
                        + " was set to "
                        + entry.getName());
            }
        }

        return result;

View Full Code Here

Examples of org.apache.jetspeed.om.registry.SecurityEntry

167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
         *   </access>
         * </security-entry>
         */
        Registry.addEntry(Registry.SECURITY, (RegistryEntry) createSecurityEntry( "all_users-view_anon", "user", "*"));
        assertNotNull( "Getting all_users-view_anon security " , Registry.getEntry( Registry.SECURITY, "all_users-view_anon"));
        SecurityEntry secEntry = (SecurityEntry) Registry.getEntry( Registry.SECURITY, "all_users-view_anon");
        Vector accessVector = secEntry.getAccesses();
        assertEquals( "Getting number of accesses for all_users-view_anon", 1, accessVector.size());
        BaseSecurityAllow allowElement = new BaseSecurityAllow();
        allowElement.setRole("guest");
        Vector allowVector = new Vector();
        allowVector.addElement(allowElement);
        BaseSecurityAccess accessElement  = new BaseSecurityAccess();
        accessElement.setAction("view");
        accessElement.setAllows( allowVector );
        accessVector.addElement(accessElement);
        secEntry.setAccesses(accessVector);
        assertEquals( "Getting number of accesses for all_users-view_anon", 2, secEntry.getAccesses().size());
       
        // Verify users and their groups
        assertNotNull( "Getting admin user", JetspeedSecurity.getUser("admin"));
        assertTrue( "Admin user has Admin role", JetspeedRoleManagement.hasRole("admin","admin"));
        assertTrue( "Admin user has User role", JetspeedRoleManagement.hasRole("admin","user"));
View Full Code Here

Examples of org.apache.jetspeed.om.registry.SecurityEntry

240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
     * @param securityRef the security reference to check
     * @param action the jetspeed-action (view, edit, customize, delete...) for which permission is being checked.
     */
    private boolean checkPermission(JetspeedUser user, SecurityReference securityRef, String action, String owner)
    {
        SecurityEntry securityEntry = (SecurityEntry) Registry.getEntry( Registry.SECURITY, securityRef.getParent());
        if (securityEntry == null)
        {
            Log.warn("Security id " + securityRef.getParent() + " does not exist.  This was requested by the user " + user.getUserName());
            return false;
        }

        if (securityEntry.allowsUser(user.getUserName(), action, owner))
        {
            return true;
        }

        try
        {
            for( Iterator roles = JetspeedRoleManagement.getRoles(user.getUserName()); roles.hasNext();)
            {
                Role role = (Role) roles.next();
                if (securityEntry.allowsRole((String) role.getName(), action))
                    return true;
            }
        }
        catch (Exception e)
        {
View Full Code Here

Examples of org.apache.jetspeed.om.registry.SecurityEntry

192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
     * @param String newName Name to give the cloned entry
     * @return SecurityEntry The cloned entry.
     */
    public SecurityEntry cloneSecurityEntry(String original, String newName)
    {
        SecurityEntry baseEntry = getSecurityEntry(original);
        if (baseEntry != null)
        {
            SecurityEntry newEntry = cloneEntry(baseEntry);
            newEntry.setName(newName);
            return newEntry;
        }

        return null;
    }
View Full Code Here

Examples of org.apache.jetspeed.om.registry.SecurityEntry

212
213
214
215
216
217
218
219
220
221
222
     * @param SecurityEntry secEntry the entry to clone
     * @return SecurityEntry the cloned entry.
     */
    private static SecurityEntry cloneEntry(SecurityEntry secEntry)
    {
        SecurityEntry clonedEntry = null;
        try
        {
            ByteArrayOutputStream bytearrayoutputstream = new ByteArrayOutputStream(100);
            ObjectOutputStream objectoutputstream = new ObjectOutputStream(bytearrayoutputstream);
            objectoutputstream.writeObject(secEntry);
View Full Code Here

Examples of org.apache.jetspeed.om.registry.SecurityEntry

67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
    public void testGroupCache()
    throws Exception
    {
        System.out.println("Testing Group Security Registry Cache...");
       
        SecurityEntry entry = createSecurityEntry("test-group-security");
        entry.grantGroupAccess("view", "users");
        entry.grantGroupAccess("view", "hackers");
        entry.grantGroupAccess("edit", "managers");
        entry.grantGroupAccess("view", "managers");
       
        assertTrue("group-assert: view/users", entry.allowsGroup("users", "view"));
        assertTrue("group-assert: view/hackers", entry.allowsGroup("hackers", "view"));
        assertTrue("group-assert: view/managers", entry.allowsGroup("managers", "view"));
        assertTrue("group-assert: edit/managers", entry.allowsGroup("managers", "edit"));
       
        assertTrue("false group-assert: edit/hackers", !entry.allowsGroup("hackers", "edit"));
       
        entry.revokeGroupAccess("view", "hackers");

        assertTrue("false group-revoked-assert: view/hackers", !entry.allowsGroup("hackers", "view"));
        assertTrue("group-assert: view/users", entry.allowsGroup("users", "view"));

        assertTrue("group-specific: view/managers", entry.allowsSpecificGroup("view", "managers"));
       
        System.out.println("Security Group Registry Cache Test done.");       
    }
View Full Code Here

Examples of org.apache.jetspeed.om.registry.SecurityEntry

102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
    public void testRoleCache()
    throws Exception
    {
        System.out.println("Testing Role Security Registry Cache...");
       
        SecurityEntry entry = createSecurityEntry("test-role-security");
        entry.grantRoleAccess("view", "users");
        entry.grantRoleAccess("view", "hackers");
        entry.grantRoleAccess("edit", "managers");
        entry.grantRoleAccess("view", "managers");
       
        assertTrue("Role-assert: view/users", entry.allowsRole("users", "view"));
        assertTrue("Role-assert: view/hackers", entry.allowsRole("hackers", "view"));
        assertTrue("Role-assert: view/managers", entry.allowsRole("managers", "view"));
        assertTrue("Role-assert: edit/managers", entry.allowsRole("managers", "edit"));
       
        assertTrue("false Role-assert: edit/hackers", !entry.allowsRole("hackers", "edit"));
       
        entry.revokeRoleAccess("view", "hackers");

        assertTrue("false Role-revoked-assert: view/hackers", !entry.allowsRole("hackers", "view"));
        assertTrue("Role-assert: view/users", entry.allowsRole("users", "view"));

        assertTrue("Role-specific: view/managers", entry.allowsSpecificRole("view", "managers"));
       
        System.out.println("Security Role Registry Cache Test done.");       
    }
View Full Code Here

Examples of org.apache.jetspeed.om.registry.SecurityEntry

130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
    public void testUserCache()
    throws Exception
    {
        System.out.println("Testing User Security Registry Cache...");
       
        SecurityEntry entry = createSecurityEntry("test-user-security");
        entry.grantUserAccess("view", "joey");
        entry.grantUserAccess("view", "deedee");
        entry.grantUserAccess("edit", "johnny");
        entry.grantUserAccess("view", "johnny");
       
        assertTrue("User-assert: view/joey", entry.allowsUser("joey", "view"));
        assertTrue("User-assert: view/deedee", entry.allowsUser("deedee", "view"));
        assertTrue("User-assert: view/johnny", entry.allowsUser("johnny", "view"));
        assertTrue("User-assert: edit/johnny", entry.allowsUser("johnny", "edit"));
       
        assertTrue("false User-assert: edit/deedee", !entry.allowsUser("deedee", "edit"));
       
        entry.revokeUserAccess("view", "deedee");

        assertTrue("false User-revoked-assert: view/deedee", !entry.allowsUser("deedee", "view"));
        assertTrue("User-assert: view/joey", entry.allowsUser("joey", "view"));

        assertTrue("User-specific: view/johnny", entry.allowsSpecificUser("view", "johnny"));
       
        System.out.println("Security User Registry Cache Test done.");       
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.