Package org.apache.jackrabbit.api.security.user

Examples of org.apache.jackrabbit.api.security.user.Impersonation

725
726
727
728
729
730
731
732
733
734
735
736
            assertNotNull(u2);

            Subject subj = new Subject();
            subj.getPrincipals().add(u2.getPrincipal());

            Impersonation imp = ((User) newUser).getImpersonation();
            assertTrue(imp.allows(subj));

        } finally {
            adminSession.refresh(false);
        }
    }
View Full Code Here
282
283
284
285
286
287
288
289
290
291
292
293
            assertNotNull(u2);

            Subject subj = new Subject();
            subj.getPrincipals().add(u2.getPrincipal());

            Impersonation imp = ((User) newUser).getImpersonation();
            assertTrue(imp.allows(subj));

        } finally {
            superuser.refresh(false);
        }
    }
View Full Code Here
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
                    Authorizable a = userManager.getAuthorizable(((Impersonators) reference).userId);
                    if (a == null || a.isGroup()) {
                        throw new RepositoryException(((Impersonators) reference).userId + " does not represent a valid user.");
                    }

                    Impersonation imp = ((User) a).getImpersonation();

                    // 1. collect principals to add and to remove.
                    Map<String, Principal> toRemove = new HashMap<String, Principal>();
                    for (PrincipalIterator pit = imp.getImpersonators(); pit.hasNext();) {
                        Principal princ = pit.nextPrincipal();
                        toRemove.put(princ.getName(), princ);
                    }

                    List<Principal> toAdd = new ArrayList<Principal>();
                    Value[] vs = ((Impersonators) reference).values;
                    for (Value v : vs) {
                        String princName = v.getString();
                        if (toRemove.remove(princName) == null) {
                            // add it to the list of new impersonators to be added.
                            toAdd.add(new PrincipalImpl(princName));
                        } // else: no need to revoke impersonation for the given principal.
                    }

                    // 2. adjust set of impersonators
                    for (Principal princ : toRemove.values()) {
                        if (!imp.revokeImpersonation(princ)) {
                            handleFailure("Failed to revoke impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    for (Principal princ : toAdd) {
                        if (!imp.grantImpersonation(princ)) {
                            handleFailure("Failed to grant impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    // NOTE: no best effort handling so far. (TODO)
View Full Code Here
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
    @Test
    public void testImpersonation() throws RepositoryException, NotExecutableException {
        Principal user2Principal = user2.getPrincipal();
        Subject subject = new Subject(true, Collections.singleton(user2Principal), Collections.<Object>emptySet(), Collections.<Object>emptySet());

        Impersonation impers = user.getImpersonation();
        assertFalse(impers.allows(subject));

        assertTrue(impers.grantImpersonation(user2Principal));
        assertFalse(impers.grantImpersonation(user2Principal));
        superuser.save();

        assertTrue(impers.allows(subject));

        assertTrue(impers.revokeImpersonation(user2Principal));
        assertFalse(impers.revokeImpersonation(user2Principal));
        superuser.save();

        assertFalse(impers.allows(subject));
    }
View Full Code Here
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
        Principal adminPrincipal = admin.getPrincipal();

        // admin cannot be add/remove to set of impersonators of 'u' but is
        // always allowed to impersonate that user.
        Impersonation impersonation = user.getImpersonation();

        assertFalse(impersonation.grantImpersonation(adminPrincipal));
        assertFalse(impersonation.revokeImpersonation(adminPrincipal));
        assertTrue(impersonation.allows(buildSubject(adminPrincipal)));

        // same if the impersonation object of the admin itself is used.
        Impersonation adminImpersonation = ((User) admin).getImpersonation();

        assertFalse(adminImpersonation.grantImpersonation(adminPrincipal));
        assertFalse(adminImpersonation.revokeImpersonation(adminPrincipal));
        assertTrue(impersonation.allows(buildSubject(adminPrincipal)));
    }
View Full Code Here
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
                    Authorizable a = userManager.getAuthorizable(((Impersonators) reference).userId);
                    if (a == null || a.isGroup()) {
                        throw new RepositoryException(((Impersonators) reference).userId + " does not represent a valid user.");
                    }

                    Impersonation imp = ((User) a).getImpersonation();

                    // 1. collect principals to add and to remove.
                    Map<String, Principal> toRemove = new HashMap<String, Principal>();
                    for (PrincipalIterator pit = imp.getImpersonators(); pit.hasNext();) {
                        Principal princ = pit.nextPrincipal();
                        toRemove.put(princ.getName(), princ);
                    }

                    List<Principal> toAdd = new ArrayList<Principal>();
                    Value[] vs = ((Impersonators) reference).values;
                    for (Value v : vs) {
                        String princName = v.getString();
                        if (toRemove.remove(princName) == null) {
                            // add it to the list of new impersonators to be added.
                            toAdd.add(new PrincipalImpl(princName));
                        } // else: no need to revoke impersonation for the given principal.
                    }

                    // 2. adjust set of impersonators
                    for (Principal princ : toRemove.values()) {
                        if (!imp.revokeImpersonation(princ)) {
                            handleFailure("Failed to revoke impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    for (Principal princ : toAdd) {
                        if (!imp.grantImpersonation(princ)) {
                            handleFailure("Failed to grant impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    // NOTE: no best effort handling so far. (TODO)
View Full Code Here
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
                    Authorizable a = userManager.getAuthorizable(((Impersonators) reference).userId);
                    if (a == null || a.isGroup()) {
                        throw new RepositoryException(((Impersonators) reference).userId + " does not represent a valid user.");
                    }

                    Impersonation imp = ((User) a).getImpersonation();

                    // 1. collect principals to add and to remove.
                    Map<String, Principal> toRemove = new HashMap<String, Principal>();
                    for (PrincipalIterator pit = imp.getImpersonators(); pit.hasNext();) {
                        Principal princ = pit.nextPrincipal();
                        toRemove.put(princ.getName(), princ);
                    }

                    List<Principal> toAdd = new ArrayList<Principal>();
                    Value[] vs = ((Impersonators) reference).values;
                    for (Value v : vs) {
                        String princName = v.getString();
                        if (toRemove.remove(princName) == null) {
                            // add it to the list of new impersonators to be added.
                            toAdd.add(new PrincipalImpl(princName));
                        } // else: no need to revoke impersonation for the given principal.
                    }

                    // 2. adjust set of impersonators
                    for (Principal princ : toRemove.values()) {
                        if (!imp.revokeImpersonation(princ)) {
                            handleFailure("Failed to revoke impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    for (Principal princ : toAdd) {
                        if (!imp.grantImpersonation(princ)) {
                            handleFailure("Failed to grant impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    // NOTE: no best effort handling so far. (TODO)
View Full Code Here
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
    public void testImpersonationOfOtherUser() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);
        Principal selfPrinc = umgr.getAuthorizable(uID).getPrincipal();

        User child = (User) umgr.getAuthorizable(getYetAnotherID());
        Impersonation impers = child.getImpersonation();
        assertFalse(impers.allows(buildSubject(selfPrinc)));
        try {
            assertFalse(impers.grantImpersonation(selfPrinc));
            save(uSession);
        } catch (AccessDeniedException e) {
            // ok.
        }
        assertFalse(impers.allows(buildSubject(selfPrinc)));

        User parent = (User) umgr.getAuthorizable(otherUID);
        impers = parent.getImpersonation();
        assertFalse(impers.allows(buildSubject(selfPrinc)));
        try {
            assertFalse(impers.grantImpersonation(selfPrinc));
            save(uSession);
        } catch (AccessDeniedException e) {
            // ok.
        }
        assertFalse(impers.allows(buildSubject(selfPrinc)));
    }
View Full Code Here
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
            assertNotNull(u2);

            Subject subj = new Subject();
            subj.getPrincipals().add(u2.getPrincipal());

            Impersonation imp = ((User) newUser).getImpersonation();
            assertTrue(imp.allows(subj));

        } finally {
            sImpl.refresh(false);
        }
    }
View Full Code Here
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
                doImport(target, xml, UserImporter.ImportBehavior.IGNORE);
                // no exception during import: no impersonation must be granted
                // for the invalid principal name
                Authorizable a = umgr.getAuthorizable("t");
                if (!a.isGroup()) {
                    Impersonation imp = ((User)a).getImpersonation();
                    Subject s = new Subject();
                    s.getPrincipals().add(new PrincipalImpl(principalName));
                    assertFalse(imp.allows(s));
                    for (PrincipalIterator it = imp.getImpersonators(); it.hasNext();) {
                        assertFalse(principalName.equals(it.nextPrincipal().getName()));
                    }
                } else {
                    fail("Importing 't' didn't create a User.");
                }
View Full Code Here
TOP

Related Classes of org.apache.jackrabbit.api.security.user.Impersonation

  • org.apache.jackrabbit.core.security.user.GroupAdministratorTest
  • org.apache.jackrabbit.core.security.user.ImpersonationImplTest
  • org.apache.jackrabbit.core.security.user.NotUserAdministratorTest
  • org.apache.jackrabbit.core.security.user.UserAdministratorTest
  • org.apache.jackrabbit.core.security.user.UserImporter
  • org.apache.jackrabbit.core.security.user.UserImporterTest
  • org.apache.jackrabbit.oak.jcr.delegate.UserDelegator
  • org.apache.jackrabbit.oak.jcr.security.user.ImpersonationImplTest
  • org.apache.jackrabbit.oak.jcr.security.user.ImpersonationTest
  • org.apache.jackrabbit.oak.jcr.security.user.SystemUserImportTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.