Package javax.jcr.security

Examples of javax.jcr.security.AccessControlList

169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
        Version v = n.checkin();
        n.checkout();

        testSession.refresh(false);
        assertFalse(testAcMgr.hasPrivileges(n.getPath(), versionPrivileges));
        AccessControlList acl = allow(SYSTEM, versionPrivileges);

        try {
            Node testNode = testSession.getNode(n.getPath());
            testNode.getVersionHistory().removeVersion(v.getName());

            fail("Missing jcr:versionManagement privilege -> remove a version must fail.");
        } catch (AccessDeniedException e) {
            // success
        } finally {
            // revert privilege modification (manually remove the ACE added)
            for (AccessControlEntry entry : acl.getAccessControlEntries()) {
                if (entry.getPrincipal().equals(testUser.getPrincipal())) {
                    acl.removeAccessControlEntry(entry);
                }
            }
            acMgr.setPolicy(SYSTEM, acl);
            superuser.save();
        }
View Full Code Here
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
        Version v2 = n.checkin();
        n.checkout();

        testSession.refresh(false);
        assertFalse(testAcMgr.hasPrivileges(n.getPath(), versionPrivileges));
        AccessControlList acl = deny(SYSTEM, privilegesFromName(Privilege.JCR_READ));

        try {
            // version information must still be accessible
            assertTrue(testSession.nodeExists(v.getPath()));
            assertTrue(testSession.nodeExists(v2.getPath()));
            assertTrue(testSession.nodeExists(vh.getPath()));

        } finally {
            for (AccessControlEntry entry : acl.getAccessControlEntries()) {
                if (entry.getPrincipal().equals(testUser.getPrincipal())) {
                    acl.removeAccessControlEntry(entry);
                }
            }
            acMgr.setPolicy(SYSTEM, acl);
            superuser.save();
        }
View Full Code Here
93
94
95
96
97
98
99
100
101
    private void assertAcAction(Authorizable a, String expectedPrivName) throws Exception {
        AccessControlManager acMgr = getAccessControlManager(root);
            AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
            assertEquals(1, policies.length);
            assertTrue(policies[0] instanceof AccessControlList);
            AccessControlList acl = (AccessControlList) policies[0];
            assertEquals(1, acl.getAccessControlEntries().length);
            assertArrayEquals(new Privilege[]{getPrivilegeManager(root).getPrivilege(expectedPrivName)}, acl.getAccessControlEntries()[0].getPrivileges());
    }
View Full Code Here
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
    }

    protected void tearDown() throws Exception {
        try {
            // restore original entries (remove others).
            AccessControlList list = getList(acMgr, path);
            AccessControlEntry[] entries = list.getAccessControlEntries();
            for (int i = 0; i < entries.length; i++) {
                AccessControlEntry ace = entries[i];
                if (testPrincipal.equals(ace.getPrincipal())) {
                    list.removeAccessControlEntry(ace);
                }
            }
            if (!privilegesToRestore.isEmpty()) {
                list.addAccessControlEntry(testPrincipal, (Privilege[]) privilegesToRestore.toArray(new Privilege[privilegesToRestore.size()]));
            }
            if (list.getAccessControlEntries().length > 0 && acMgr.getPolicies(path).length > 0) {
                acMgr.setPolicy(path, list);
                superuser.save();               
            }
        } catch (Exception e) {
            log.warn("Unexpected error while removing test entries.", e);
View Full Code Here
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
    public void testAddAccessControlEntry() throws NotExecutableException, RepositoryException {
        checkCanModifyAc(path);

        Privilege[] privileges = new Privilege[] {privs[0]};
        AccessControlList acl = getList(acMgr, path);

        AccessControlEntry entry = null;
        if (acl.addAccessControlEntry(testPrincipal, privileges)) {
            AccessControlEntry[] aces = acl.getAccessControlEntries();
            for (int i = 0; i < aces.length; i++) {
                if (aces[i].getPrincipal().equals(testPrincipal) &&
                    Arrays.asList(privileges).equals(Arrays.asList(aces[i].getPrivileges()))) {
                    entry = aces[i];
                }
View Full Code Here
187
188
189
190
191
192
193
194
195
196
197
198
        }
        if (aggregate == null) {
            throw new NotExecutableException("No aggregate privilege supported at " + path);
        }

        AccessControlList acl = getList(acMgr, path);
        acl.addAccessControlEntry(testPrincipal, new Privilege[] {aggregate});

        // make sure all privileges are present now
        List privs = currentPrivileges(acl, testPrincipal);
        assertTrue("Privileges added through 'addAccessControlEntry' must be " +
                "reflected upon getAccessControlEntries",
View Full Code Here
211
212
213
214
215
216
217
218
219
220
221
222
223
224
        }
        if (aggregate == null) {
            throw new NotExecutableException("No aggregate privilege supported at " + path);
        }

        AccessControlList acl = getList(acMgr, path);
        acl.addAccessControlEntry(testPrincipal, new Privilege[] {aggregate});

        Privilege[] privs = aggregate.getAggregatePrivileges();
        for (int i = 0; i < privs.length; i++) {
            boolean modified = acl.addAccessControlEntry(testPrincipal, new Privilege[] {privs[i]});
            assertFalse("Adding the aggregated privs individually later on must not modify the policy", modified);
        }
    }
View Full Code Here
236
237
238
239
240
241
242
243
244
245
246
247
248
        }
        if (abstractPriv == null) {
            throw new NotExecutableException("No abstract privilege found.");
        }

        AccessControlList acl = getList(acMgr, path);
        try {
            acl.addAccessControlEntry(testPrincipal, new Privilege[] {abstractPriv});
            fail("Adding an ACE with an abstract privilege must fail.");
        } catch (AccessControlException e) {
            // success
        }
    }
View Full Code Here
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
    }

    public void testAddPrivilegesPresentInEntries() throws NotExecutableException, RepositoryException {
        checkCanModifyAc(path);

        AccessControlList acl = getList(acMgr, path);
        acl.addAccessControlEntry(testPrincipal, privs);

        Set assignedPrivs = new HashSet();
        AccessControlEntry[] entries = acl.getAccessControlEntries();
        for (int i = 0; i < entries.length; i++) {
            if (entries[i].getPrincipal().equals(testPrincipal)) {
                Privilege[] prvs = entries[i].getPrivileges();
                for (int j = 0; j < prvs.length; j++) {
                    if (prvs[j].isAggregate()) {
View Full Code Here
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
    }

    public void testAddAccessControlEntryAndSetPolicy() throws RepositoryException, NotExecutableException {
        checkCanModifyAc(path);

        AccessControlList acl = getList(acMgr, path);
        List originalAces = Arrays.asList(acl.getAccessControlEntries());

        if (!acl.addAccessControlEntry(testPrincipal, privs)) {
            throw new NotExecutableException();
        }

        // re-access ACL from AC-Manager -> must not yet have changed
        assertEquals("Before calling setPolicy any modifications to an ACL must not be reflected in the policies", originalAces, Arrays.asList(getList(acMgr, path).getAccessControlEntries()));

        // setting the modified policy -> policy must change.
        acMgr.setPolicy(path, acl);
        assertEquals("Before calling setPolicy any modifications to an ACL must not be reflected in the policies", Arrays.asList(acl.getAccessControlEntries()), Arrays.asList(getList(acMgr, path).getAccessControlEntries()));
    }
View Full Code Here
TOP

Related Classes of javax.jcr.security.AccessControlList

  • org.apache.camel.component.jcr.JcrAuthTestBase
  • org.apache.jackrabbit.core.security.authorization.AbstractRepositoryOperationTest
  • org.apache.jackrabbit.core.security.authorization.acl.ACLProvider
  • org.apache.jackrabbit.core.security.authorization.acl.AcReadWriteTest
  • org.apache.jackrabbit.core.security.authorization.acl.EntryCollectorTest
  • org.apache.jackrabbit.core.security.authorization.acl.PentahoACLProvider
  • org.apache.jackrabbit.oak.benchmark.ConcurrentReadAccessControlledTreeTest
  • org.apache.jackrabbit.oak.jcr.random.RandomizedReadTest
  • org.apache.jackrabbit.oak.jcr.security.authorization.AbstractEvaluationTest
  • org.apache.jackrabbit.oak.jcr.security.authorization.AccessControlManagementTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.