Examples of javax.jcr.security.Privilege

• javax.jcr.security.Privilege

     */
    public PrivilegeRegistry(NameResolver resolver) {
        this.resolver = resolver;
        localCache = new HashMap<Name, Privilege>(REGISTERED_PRIVILEGES.size());
        for (InternalPrivilege ip : REGISTERED_PRIVILEGES) {
            Privilege priv = new PrivilegeImpl(ip, resolver);
            localCache.put(ip.name, priv);
        }
    }

     */
    public Privilege[] getPrivileges(String absPath) throws PathNotFoundException, RepositoryException {
        checkInitialized();
        checkValidNodePath(absPath);

        Privilege priv;
        if (anonymous) {
            priv = privilegeRegistry.getPrivilege(Privilege.JCR_READ);
        } else if (system) {
            priv = privilegeRegistry.getPrivilege(Privilege.JCR_ALL);
        } else {

    }

    public void testAddAggregatePrivilege() throws NotExecutableException, RepositoryException {
        checkCanModifyAc(path);

        Privilege aggregate = null;
        for (int i = 0; i < privs.length; i++) {
            if (privs[i].isAggregate()) {
                aggregate = privs[i];
                break;
            }
        }
        if (aggregate == null) {
            throw new NotExecutableException("No aggregate privilege supported at " + path);
        }

        AccessControlList acl = getList(acMgr, path);
        acl.addAccessControlEntry(testPrincipal, new Privilege[] {aggregate});

        // make sure all privileges are present now
        List privs = currentPrivileges(acl, testPrincipal);
        assertTrue("Privileges added through 'addAccessControlEntry' must be " +
                "reflected upon getAccessControlEntries",
                privs.contains(aggregate) || privs.containsAll(Arrays.asList(aggregate.getAggregatePrivileges())));
    }

    }

    public void testAddAggregatedPrivilegesSeparately() throws NotExecutableException, RepositoryException {
        checkCanModifyAc(path);

        Privilege aggregate = null;
        for (int i = 0; i < privs.length; i++) {
            if (privs[i].isAggregate()) {
                aggregate = privs[i];
                break;
            }
        }
        if (aggregate == null) {
            throw new NotExecutableException("No aggregate privilege supported at " + path);
        }

        AccessControlList acl = getList(acMgr, path);
        acl.addAccessControlEntry(testPrincipal, new Privilege[] {aggregate});

        Privilege[] privs = aggregate.getAggregatePrivileges();
        for (int i = 0; i < privs.length; i++) {
            boolean modified = acl.addAccessControlEntry(testPrincipal, new Privilege[] {privs[i]});
            assertFalse("Adding the aggregated privs individually later on must not modify the policy", modified);
        }
    }

    }

    public void testAddAbstractPrivilege() throws NotExecutableException, RepositoryException {
        checkCanModifyAc(path);

        Privilege abstractPriv = null;
        Privilege[] allPrivs = acMgr.privilegeFromName(Privilege.JCR_ALL).getAggregatePrivileges();
        for (int i = 0; i < allPrivs.length; i++) {
            if (allPrivs[i].isAbstract()) {
                abstractPriv = allPrivs[i];
                break;

    public void testAddAccessControlEntryInvalidPrivilege() throws NotExecutableException, RepositoryException {
        checkCanModifyAc(path);

        try {
            Privilege[] invalidPrivs = new Privilege[] {new Privilege() {
                public String getName() {
                    return null;
                }
                public boolean isAbstract() {
                    return false;

        if (twoPrivs.size() < 2) {
            throw new NotExecutableException("At least 2 supported, non-aggregate privileges required at " + path);
        }

        AccessControlList acl = getList(acMgr, path);
        Privilege privilege = (Privilege) twoPrivs.get(0);
        // add first privilege:
        acl.addAccessControlEntry(testPrincipal, new Privilege[] {privilege});

        // add a second privilege (but not specifying the privilege added before)
        // -> the first privilege must not be removed.
        Privilege privilege2 = (Privilege) twoPrivs.get(1);
        acl.addAccessControlEntry(testPrincipal, new Privilege[] {privilege2});

        List currentPrivileges = currentPrivileges(acl, testPrincipal);
        assertTrue("'AccessControlList.addAccessControlEntry' must not remove privileges added before", currentPrivileges.containsAll(twoPrivs));
    }

    private String getNewPrivilegeName(Workspace wsp) throws RepositoryException, NotExecutableException {
        String privName = null;
        AccessControlManager acMgr = wsp.getSession().getAccessControlManager();
        for (int i = 0; i < 100; i++) {
            try {
                Privilege p = acMgr.privilegeFromName(privName);
                privName = "privilege-" + i;
            } catch (Exception e) {
                break;
            }
        }

    //--------------------------------------------------< privilegeFromName >---
    @Test
    public void testPrivilegeFromName() throws Exception {
        List<Privilege> allPrivileges = Arrays.asList(getPrivilegeManager(root).getRegisteredPrivileges());
        for (Privilege privilege : allPrivileges) {
            Privilege p = acMgr.privilegeFromName(privilege.getName());
            assertEquals(privilege, p);
        }
    }

        }
    }

    @Test
    public void testPrivilegeFromExpandedName() throws Exception {
        Privilege readPriv = getPrivilegeManager(root).getPrivilege(PrivilegeConstants.JCR_READ);
        assertEquals(readPriv, acMgr.privilegeFromName(Privilege.JCR_READ));
    }