Package org.apache.jackrabbit.api.jsr283.security

Examples of org.apache.jackrabbit.api.jsr283.security.AccessControlPolicyIterator

44
45
46
47
48
49
50
51
52
53
54
55
56
        super.setUp();

        Node n = testRootNode.addNode(nodeName1, testNodeType);
        superuser.save();

        AccessControlPolicyIterator it = acMgr.getApplicablePolicies(n.getPath());
        if (it.hasNext()) {
            AccessControlPolicy p = it.nextAccessControlPolicy();
            if (p instanceof JackrabbitAccessControlList) {
                templ = (JackrabbitAccessControlList) p;
            } else {
                throw new NotExecutableException("No JackrabbitAccessControlList to test.");
            }
View Full Code Here
50
51
52
53
54
55
56
57
58
59
60
61
62
    private static void changeReadPermission(Principal principal, Node n, boolean allowRead) throws RepositoryException, NotExecutableException {
        SessionImpl s = (SessionImpl) n.getSession();
        JackrabbitAccessControlList acl = null;
        AccessControlManager acMgr = s.getAccessControlManager();
        AccessControlPolicyIterator it = acMgr.getApplicablePolicies(n.getPath());
        while (it.hasNext()) {
            AccessControlPolicy acp = it.nextAccessControlPolicy();
            if (acp instanceof JackrabbitAccessControlList) {
                acl = (JackrabbitAccessControlList) acp;
                break;
            }
        }
View Full Code Here
46
47
48
49
50
51
52
53
54
55
56
57
58
    }

    static JackrabbitAccessControlList getPolicy(AccessControlManager acM, String path, Principal principal) throws RepositoryException,
            AccessDeniedException, NotExecutableException {
        // try applicable (new) acls first
        AccessControlPolicyIterator itr = acM.getApplicablePolicies(path);
        while (itr.hasNext()) {
            AccessControlPolicy policy = itr.nextAccessControlPolicy();
            if (policy instanceof ACLTemplate) {
                return (ACLTemplate) policy;
            }
        }
        // try if there is an acl that has been set before:
View Full Code Here
44
45
46
47
48
49
50
51
52
53
54
55
56
        return EvaluationUtil.isExecutable(acMgr);
    }

    protected JackrabbitAccessControlList getPolicy(AccessControlManager acM, String path, Principal principal) throws RepositoryException, AccessDeniedException, NotExecutableException {
        // first try if there is a new applicable policy
        AccessControlPolicyIterator it = acM.getApplicablePolicies(path);
        while (it.hasNext()) {
            AccessControlPolicy acp = it.nextAccessControlPolicy();
            if (acp instanceof ACLTemplate) {
                return (ACLTemplate) acp;
            }
        }
        // try if there is an acl that has been set before:
View Full Code Here
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
        assertFalse(getTestSession().hasPermission(policyPath, org.apache.jackrabbit.api.jsr283.Session.ACTION_REMOVE));
        assertTrue(testAcMgr.hasPrivileges(policyPath, new Privilege[] {rmChildNodes[0], rmNode[0]}));
    }

    public void testApplicablePolicies() throws RepositoryException {
        AccessControlPolicyIterator it = acMgr.getApplicablePolicies(childNPath);
        assertTrue(it.hasNext());

        // the same should be true, if the rep:AccessControllable mixin has
        // been manually added
        Node n = (Node) superuser.getItem(childNPath);
        n.addMixin(((SessionImpl) superuser).getJCRName(AccessControlConstants.NT_REP_ACCESS_CONTROLLABLE));
        it = acMgr.getApplicablePolicies(childNPath);
        assertTrue(it.hasNext());
    }
View Full Code Here
45
46
47
48
49
50
51
52
53
54
55
56
57
        super.setUp();

        Node n = testRootNode.addNode(nodeName1, testNodeType);
        superuser.save();

        AccessControlPolicyIterator it = acMgr.getApplicablePolicies(n.getPath());
        while (it.hasNext() && templ == null) {
            AccessControlPolicy p = it.nextAccessControlPolicy();
            if (p instanceof JackrabbitAccessControlList) {
                templ = (JackrabbitAccessControlList) p;
            }
        }
        if (templ == null) {
View Full Code Here
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
      List<Privilege> grantedPrivilegeList = new ArrayList<Privilege>();
      for (String name : grantedPrivilegeNames) {
        if (name.length() == 0) {
          continue; //empty, skip it.
        }
        Privilege privilege = accessControlManager.privilegeFromName(name);
        grantedPrivilegeList.add(privilege);
         
        if (log.isDebugEnabled()) {
          if (newPrivileges.length() > 0) {
            newPrivileges.append(", "); //separate entries by commas
          }
          newPrivileges.append("granted=");
          newPrivileges.append(privilege.getName());
        }
      }
      if (grantedPrivilegeList.size() > 0) {
        Principal principal = authorizable.getPrincipal();
        updatedAcl.addAccessControlEntry(principal, grantedPrivilegeList.toArray(new Privilege[grantedPrivilegeList.size()]));
      }

      //if the authorizable is a user (not a group) process any denied privileges
      if (!authorizable.isGroup()) {
        //add a fresh ACE with the denied privileges
        List<Privilege> deniedPrivilegeList = new ArrayList<Privilege>();
        for (String name : deniedPrivilegeNames) {
          if (name.length() == 0) {
            continue; //empty, skip it.
          }
          Privilege privilege = accessControlManager.privilegeFromName(name);
          deniedPrivilegeList.add(privilege);

          if (log.isDebugEnabled()) {
            if (newPrivileges.length() > 0) {
              newPrivileges.append(", "); //separate entries by commas
            }
            newPrivileges.append("denied=");
            newPrivileges.append(privilege.getName());
          }
        }
        if (deniedPrivilegeList.size() > 0) {
          Principal principal = authorizable.getPrincipal();
          AccessControlUtil.addEntry(updatedAcl, principal, deniedPrivilegeList.toArray(new Privilege[deniedPrivilegeList.size()]), false);
View Full Code Here
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
        }
         
        if (granted.size() == 1) {
          //check if the single privilege is jcr:all or jcr:read
          Iterator<Privilege> iterator = granted.iterator();
          Privilege next = iterator.next();
          if ("jcr:all".equals(next.getName())) {
            //full control privilege set
            return getResourceBundle(locale).getString("privilegeset.all");
          } else if ("jcr:read".equals(next.getName())) {
            //readonly privilege set
            return getResourceBundle(locale).getString("privilegeset.readonly");
          }
        } else if (granted.size() == 2) {
          //check if the two privileges are jcr:read and jcr:write
          Iterator<Privilege> iterator = granted.iterator();
          Privilege next = iterator.next();
          Privilege next2 = iterator.next();
          if ( ("jcr:read".equals(next.getName()) && "jcr:write".equals(next2.getName())) ||
              ("jcr:read".equals(next2.getName()) && "jcr:write".equals(next.getName())) ) {
            //read/write privileges
            return getResourceBundle(locale).getString("privilegeset.readwrite");
          }
        }
View Full Code Here
97
98
99
100
101
102
103
104
105
    public PrivilegeRegistry(NameResolver resolver) {
        this.resolver = resolver;
        localCache = new HashMap(REGISTERED_PRIVILEGES.size());
        for (Iterator it = REGISTERED_PRIVILEGES.iterator(); it.hasNext();) {
            InternalPrivilege ip = (InternalPrivilege) it.next();
            Privilege priv = new PrivilegeImpl(ip, resolver);
            localCache.put(ip.name, priv);
        }
    }
View Full Code Here
167
168
169
170
171
172
173
174
175
176
177
178
179
180
        if (privileges == null || privileges.length == 0) {
            throw new AccessControlException();
        }
        int bits = NO_PRIVILEGE;
        for (int i = 0; i < privileges.length; i++) {
            Privilege priv = privileges[i];
            if (priv instanceof PrivilegeImpl) {
                bits |= ((PrivilegeImpl) priv).internalPrivilege.getBits();
            } else {
                throw new AccessControlException("Unknown privilege '" + priv.getName() + "'.");
            }
        }
        return bits;
    }
View Full Code Here
TOP

Related Classes of org.apache.jackrabbit.api.jsr283.security.AccessControlPolicyIterator

  • junit.framework.TestSuite
  • org.apache.camel.component.jcr.JcrAuthTestBase
  • org.apache.jackrabbit.api.jsr283.version.simple.CopyTest
  • org.apache.jackrabbit.api.jsr283.version.simple.FrozenNodeTest
  • org.apache.jackrabbit.api.jsr283.version.Version
  • org.apache.jackrabbit.core.DefaultSecurityManager
  • org.apache.jackrabbit.core.lock.LockManagerImpl
  • org.apache.jackrabbit.core.NodeImpl
  • org.apache.jackrabbit.core.NodeImplTest
  • org.apache.jackrabbit.core.nodetype.NodeTypeManagerImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.