Package javax.jcr.security

Examples of javax.jcr.security.AccessControlEntry


            assertTrue(getTestSession().hasPermission(path, actions));
            Privilege[] privs = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
            assertTrue(testAcMgr.hasPrivileges(path, privs));

            // reorder the ACEs
            AccessControlEntry srcEntry = null;
            AccessControlEntry destEntry = null;
            JackrabbitAccessControlList acl = (JackrabbitAccessControlList) acMgr.getPolicies(path)[0];
            for (AccessControlEntry entry : acl.getAccessControlEntries()) {
                Principal princ = entry.getPrincipal();
                if (testGroup.getPrincipal().equals(princ)) {
                    destEntry = entry;
View Full Code Here


      }
     
      // Combine all existing ACEs for the target principal.
      AccessControlEntry[] accessControlEntries = acl.getAccessControlEntries();
      for (int i=0; i < accessControlEntries.length; i++) {
        AccessControlEntry ace = accessControlEntries[i];
        if (principal.equals(ace.getPrincipal())) {
          if (log.isDebugEnabled()) {
            log.debug("Found Existing ACE for principal {} on resource {}", new Object[] {principal.getName(), resourcePath});
          }
          if (order == null || order.length() == 0) {
            //order not specified, so keep track of the original ACE position.
            order = String.valueOf(i);
          }
         
          boolean isAllow = isAllow(ace);
          Privilege[] privileges = ace.getPrivileges();
          if (log.isDebugEnabled()) {
            if (isAllow) {
              oldGrants.addAll(Arrays.asList(privileges));
            } else {
              oldDenies.addAll(Arrays.asList(privileges));
View Full Code Here

      AccessControlEntry[] accessControlEntries = jacl.getAccessControlEntries();
      if (accessControlEntries.length <= 1) {
        return; //only one ACE, so nothing to reorder.
      }

      AccessControlEntry beforeEntry = null;
      if ("first".equals(order)) {
        beforeEntry = accessControlEntries[0];
      } else if ("last".equals(order)) {
        beforeEntry = null;
      } else if (order.startsWith("before ")) {
        String beforePrincipalName = order.substring(7);
       
        //find the index of the ACE of the 'before' principal
        for (int i=0; i < accessControlEntries.length; i++) {
          if (beforePrincipalName.equals(accessControlEntries[i].getPrincipal().getName())) {
            //found it!
            beforeEntry = accessControlEntries[i];
            break;
          }
        }
       
        if (beforeEntry == null) {
          //didn't find an ACE that matched the 'before' principal
          throw new IllegalArgumentException("No ACE was found for the specified principal: " + beforePrincipalName);
        }
      } else if (order.startsWith("after ")) {
        String afterPrincipalName = order.substring(6);
       
        //find the index of the ACE of the 'after' principal
        for (int i = accessControlEntries.length - 1; i >= 0; i--) {
          if (afterPrincipalName.equals(accessControlEntries[i].getPrincipal().getName())) {
            //found it!
           
            // the 'before' ACE is the next one after the 'after' ACE
            if (i >= accessControlEntries.length - 1) {
              //the after is the last one in the list
              beforeEntry = null;
            } else {
              beforeEntry = accessControlEntries[i + 1];
            }
            break;
          }
        }
       
        if (beforeEntry == null) {
          //didn't find an ACE that matched the 'after' principal
          throw new IllegalArgumentException("No ACE was found for the specified principal: " + afterPrincipalName);
        }
      } else {
        try {
          int index = Integer.parseInt(order);
          if (index > accessControlEntries.length) {
            //invalid index
            throw new IndexOutOfBoundsException("Index value is too large: " + index);
          }
         
          if (index == 0) {
            beforeEntry = accessControlEntries[0];
          } else {
            //the index value is the index of the principal.  A principal may have more
            // than one ACEs (deny + grant), so we need to compensate.
            Set<Principal> processedPrincipals = new HashSet<Principal>();
            for (int i = 0; i < accessControlEntries.length; i++) {
              Principal principal2 = accessControlEntries[i].getPrincipal();
              if (processedPrincipals.size() == index &&
                  !processedPrincipals.contains(principal2)) {
                //we are now at the correct position in the list
                beforeEntry = accessControlEntries[i];
                break;
              }

              processedPrincipals.add(principal2);
            }         
          }
        } catch (NumberFormatException nfe) {
          //not a number.
          throw new IllegalArgumentException("Illegal value for the order parameter: " + order);
        }
      }
     
      //now loop through the entries to move the affected ACEs to the specified
      // position.
      for (int i = accessControlEntries.length - 1; i >= 0; i--) {
        AccessControlEntry ace = accessControlEntries[i];
        if (principal.equals(ace.getPrincipal())) {
          //this ACE is for the specified principal.
          jacl.orderBefore(ace, beforeEntry);
        }
      }
    } else {
View Full Code Here

                map.put("order", sequence++);
            }
        }
        //evaluate these in reverse order so the most entries with highest specificity are last
        for (int i = declaredAccessControlEntries.length - 1; i >= 0; i--) {
      AccessControlEntry ace = declaredAccessControlEntries[i];

      Principal principal = ace.getPrincipal();
            Map<String, Object> map = aclMap.get(principal.getName());

            Set<Privilege> grantedSet = (Set<Privilege>) map.get("granted");
            if (grantedSet == null) {
                grantedSet = new LinkedHashSet<Privilege>();
                map.put("granted", grantedSet);
            }
            Set<Privilege> deniedSet = (Set<Privilege>) map.get("denied");
            if (deniedSet == null) {
                deniedSet = new LinkedHashSet<Privilege>();
                map.put("denied", deniedSet);
            }

            boolean allow = AccessControlUtil.isAllow(ace);
            if (allow) {
                Privilege[] privileges = ace.getPrivileges();
                for (Privilege privilege : privileges) {
                  mergePrivilegeSets(privilege,
                      privilegeToAncestorMap,
              grantedSet, deniedSet);
                }
            } else {
                Privilege[] privileges = ace.getPrivileges();
                for (Privilege privilege : privileges) {
                  mergePrivilegeSets(privilege,
                      privilegeToAncestorMap,
              deniedSet, grantedSet);
                }
View Full Code Here

    @Test
    public void testAddEntry() throws NotExecutableException, RepositoryException {
        List<AccessControlEntry> entriesBefore = Arrays.asList(acl.getAccessControlEntries());
        if (acl.addEntry(testPrincipal, testPrivileges, true, Collections.<String, Value>emptyMap())) {
            AccessControlEntry[] entries = acl.getAccessControlEntries();
            AccessControlEntry ace = null;
            for (AccessControlEntry entry : entries) {
                if (testPrincipal.equals(entry.getPrincipal())) {
                    ace = entry;
                }
            }
View Full Code Here

            assertTrue(policies[0] instanceof JackrabbitAccessControlList);

            AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
            assertEquals(1, entries.length);

            AccessControlEntry entry = entries[0];
            assertEquals("everyone", entry.getPrincipal().getName());
            assertEquals(1, entry.getPrivileges().length);
            assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);

            if(entry instanceof JackrabbitAccessControlEntry) {
                assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
            }
View Full Code Here

            assertTrue(policies[0] instanceof JackrabbitAccessControlList);

            AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
            assertEquals(2, entries.length);

            AccessControlEntry entry = entries[0];
            assertEquals("everyone", entry.getPrincipal().getName());
            assertEquals(1, entry.getPrivileges().length);
            assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);

            entry = entries[1];
            assertEquals("admin", entry.getPrincipal().getName());
            assertEquals(1, entry.getPrivileges().length);
            assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);

            if(entry instanceof JackrabbitAccessControlEntry) {
                assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
            }
        } finally {
View Full Code Here

            assertTrue(policies[0] instanceof JackrabbitAccessControlList);

            AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
            assertEquals(1, entries.length);

            AccessControlEntry entry = entries[0];
            assertEquals("admin", entry.getPrincipal().getName());
            assertEquals(1, entry.getPrivileges().length);
            assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);

            if(entry instanceof JackrabbitAccessControlEntry) {
                assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
            }
        } finally {
View Full Code Here

            assertTrue(policies[0] instanceof JackrabbitAccessControlList);

            AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
            assertEquals(2, entries.length);

            AccessControlEntry entry = entries[0];
            assertEquals("unknownprincipal", entry.getPrincipal().getName());
            assertEquals(1, entry.getPrivileges().length);
            assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);

            entry = entries[1];
            assertEquals("admin", entry.getPrincipal().getName());
            assertEquals(1, entry.getPrivileges().length);
            assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);

            if(entry instanceof JackrabbitAccessControlEntry) {
                assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
            }
        } finally {
View Full Code Here

            assertTrue(policies[0] instanceof JackrabbitAccessControlList);

            AccessControlEntry[] entries = ((JackrabbitAccessControlList) policies[0]).getAccessControlEntries();
            assertEquals(1, entries.length);

            AccessControlEntry entry = entries[0];
            assertEquals("everyone", entry.getPrincipal().getName());
            List<Privilege> privs = Arrays.asList(entry.getPrivileges());
            assertEquals(2, privs.size());
            assertTrue(privs.contains(acMgr.privilegeFromName(Privilege.JCR_WRITE)) &&
                    privs.contains(acMgr.privilegeFromName(Privilege.JCR_LOCK_MANAGEMENT)));

            assertEquals(acMgr.privilegeFromName(Privilege.JCR_WRITE), entry.getPrivileges()[0]);

            if(entry instanceof JackrabbitAccessControlEntry) {
                assertTrue(((JackrabbitAccessControlEntry) entry).isAllow());
            }
View Full Code Here

TOP

Related Classes of javax.jcr.security.AccessControlEntry

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.