Package org.apache.jackrabbit.api.security.user

Examples of org.apache.jackrabbit.api.security.user.Impersonation


        assertNotNull(u2);

        Subject subj = new Subject();
        subj.getPrincipals().add(u2.getPrincipal());

        Impersonation imp = ((User) newUser).getImpersonation();
        assertTrue(imp.allows(subj));
    }
View Full Code Here


        try {
            Principal p = getTestPrincipal();
            u = umgr.createUser(p.getName(), buildPassword(p));
            save(otherSession);

            Impersonation impers = u.getImpersonation();
            assertFalse(impers.allows(buildSubject(otherP)));

            assertTrue(impers.grantImpersonation(otherP));
            save(otherSession);

            assertTrue(impers.allows(buildSubject(otherP)));
        } finally {
            // impersonation get removed while removing the user u.
            if (u != null) {
                u.remove();
                save(otherSession);
            }
        }

        // modify impersonation of another user
        u = (User) umgr.getAuthorizable(uID);
        Impersonation uImpl = u.getImpersonation();

        if (!uImpl.allows(buildSubject(otherP))) {
            // ... trying to modify 'impersonators of another user must succeed
            assertTrue(uImpl.grantImpersonation(otherP));
            save(otherSession);

            assertTrue(uImpl.allows(buildSubject(otherP)));

            uImpl.revokeImpersonation(otherP);
            save(otherSession);
        } else {
            throw new NotExecutableException("Cannot execute test. OtherP can already impersonate UID-user.");
        }
    }
View Full Code Here

                    Authorizable a = userManager.getAuthorizable(((Impersonators) reference).userId);
                    if (a == null || a.isGroup()) {
                        throw new RepositoryException(((Impersonators) reference).userId + " does not represent a valid user.");
                    }

                    Impersonation imp = ((User) a).getImpersonation();

                    // 1. collect principals to add and to remove.
                    Map<String, Principal> toRemove = new HashMap();
                    for (PrincipalIterator pit = imp.getImpersonators(); pit.hasNext();) {
                        Principal princ = pit.nextPrincipal();
                        toRemove.put(princ.getName(), princ);
                    }

                    List<Principal> toAdd = new ArrayList();
                    Value[] vs = ((Impersonators) reference).values;
                    for (Value v : vs) {
                        String princName = v.getString();
                        if (toRemove.remove(princName) == null) {
                            // add it to the list of new impersonators to be added.
                            toAdd.add(new PrincipalImpl(princName));
                        } // else: no need to revoke impersonation for the given principal.
                    }

                    // 2. adjust set of impersonators
                    for (Principal princ : toRemove.values()) {
                        if (!imp.revokeImpersonation(princ)) {
                            handleFailure("Failed to revoke impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    for (Principal princ : toAdd) {
                        if (!imp.grantImpersonation(princ)) {
                            handleFailure("Failed to grant impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    // NOTE: no best effort handling so far. (TODO)
View Full Code Here

    public void testImpersonationOfOtherUser() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);
        Principal selfPrinc = umgr.getAuthorizable(uID).getPrincipal();

        User child = (User) umgr.getAuthorizable(getYetAnotherID());
        Impersonation impers = child.getImpersonation();
        assertFalse(impers.allows(buildSubject(selfPrinc)));
        try {
            assertFalse(impers.grantImpersonation(selfPrinc));
            save(uSession);
        } catch (AccessDeniedException e) {
            // ok.
        }
        assertFalse(impers.allows(buildSubject(selfPrinc)));

        User parent = (User) umgr.getAuthorizable(otherUID);
        impers = parent.getImpersonation();
        assertFalse(impers.allows(buildSubject(selfPrinc)));
        try {
            assertFalse(impers.grantImpersonation(selfPrinc));
            save(uSession);
        } catch (AccessDeniedException e) {
            // ok.
        }
        assertFalse(impers.allows(buildSubject(selfPrinc)));
    }
View Full Code Here

            assertNotNull(u2);
           
            Subject subj = new Subject();
            subj.getPrincipals().add(u2.getPrincipal());

            Impersonation imp = ((User) newUser).getImpersonation();
            assertTrue(imp.allows(subj));

        } finally {
            sImpl.refresh(false);
        }
    }
View Full Code Here

                doImport(target, xml, UserImporter.ImportBehavior.IGNORE);
                // no exception during import: no impersonation must be granted
                // for the invalid principal name
                Authorizable a = umgr.getAuthorizable("t");
                if (!a.isGroup()) {
                    Impersonation imp = ((User)a).getImpersonation();
                    Subject s = new Subject();
                    s.getPrincipals().add(new PrincipalImpl(principalName));
                    assertFalse(imp.allows(s));
                    for (PrincipalIterator it = imp.getImpersonators(); it.hasNext();) {
                        assertFalse(principalName.equals(it.nextPrincipal().getName()));
                    }
                } else {
                    fail("Importing 't' didn't create a User.");
                }
View Full Code Here

            assertNotNull(u2);
           
            Subject subj = new Subject();
            subj.getPrincipals().add(u2.getPrincipal());

            Impersonation imp = ((User) newUser).getImpersonation();
            assertTrue(imp.allows(subj));

        } finally {
            sImpl.refresh(false);
        }
    }
View Full Code Here

                doImport(target, xml, UserImporter.ImportBehavior.IGNORE);
                // no exception during import: no impersonation must be granted
                // for the invalid principal name
                Authorizable a = umgr.getAuthorizable("t");
                if (!a.isGroup()) {
                    Impersonation imp = ((User)a).getImpersonation();
                    Subject s = new Subject();
                    s.getPrincipals().add(new PrincipalImpl(principalName));
                    assertFalse(imp.allows(s));
                    for (PrincipalIterator it = imp.getImpersonators(); it.hasNext();) {
                        assertFalse(principalName.equals(it.nextPrincipal().getName()));
                    }
                } else {
                    fail("Importing 't' didn't create a User.");
                }
View Full Code Here

                    Authorizable a = userManager.getAuthorizable(((Impersonators) reference).userId);
                    if (a == null || a.isGroup()) {
                        throw new RepositoryException(((Impersonators) reference).userId + " does not represent a valid user.");
                    }

                    Impersonation imp = ((User) a).getImpersonation();

                    // 1. collect principals to add and to remove.
                    Map<String, Principal> toRemove = new HashMap<String, Principal>();
                    for (PrincipalIterator pit = imp.getImpersonators(); pit.hasNext();) {
                        Principal princ = pit.nextPrincipal();
                        toRemove.put(princ.getName(), princ);
                    }

                    List<Principal> toAdd = new ArrayList<Principal>();
                    Value[] vs = ((Impersonators) reference).values;
                    for (Value v : vs) {
                        String princName = v.getString();
                        if (toRemove.remove(princName) == null) {
                            // add it to the list of new impersonators to be added.
                            toAdd.add(new PrincipalImpl(princName));
                        } // else: no need to revoke impersonation for the given principal.
                    }

                    // 2. adjust set of impersonators
                    for (Principal princ : toRemove.values()) {
                        if (!imp.revokeImpersonation(princ)) {
                            handleFailure("Failed to revoke impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    for (Principal princ : toAdd) {
                        if (!imp.grantImpersonation(princ)) {
                            handleFailure("Failed to grant impersonation for " + princ.getName() + " on " + a);
                        }
                    }
                    // NOTE: no best effort handling so far. (TODO)
View Full Code Here

            Authorizable a = userManager.getAuthorizable(userId);
            if (a == null || a.isGroup()) {
                throw new RepositoryException(userId + " does not represent a valid user.");
            }

            Impersonation imp = checkNotNull(((User) a).getImpersonation());

            // 1. collect principals to add and to remove.
            Map<String, Principal> toRemove = new HashMap<String, Principal>();
            for (PrincipalIterator pit = imp.getImpersonators(); pit.hasNext(); ) {
                Principal princ = pit.nextPrincipal();
                toRemove.put(princ.getName(), princ);
            }

            List<String> toAdd = new ArrayList<String>();
            for (final String principalName : principalNames) {
                if (toRemove.remove(principalName) == null) {
                    // add it to the list of new impersonators to be added.
                    toAdd.add(principalName);
                } // else: no need to revoke impersonation for the given principal.
            }

            // 2. adjust set of impersonators
            for (Principal princicpal : toRemove.values()) {
                if (!imp.revokeImpersonation(princicpal)) {
                    String principalName = princicpal.getName();
                    handleFailure("Failed to revoke impersonation for " + principalName + " on " + a);
                }
            }
            List<String> nonExisting = new ArrayList<String>();
            for (String principalName : toAdd) {
                Principal principal = (principals.containsKey(principalName)) ?
                        principals.get(principalName) :
                        new PrincipalImpl(principalName);
                if (!imp.grantImpersonation(principal)) {
                    handleFailure("Failed to grant impersonation for " + principalName + " on " + a);
                    if (importBehavior == ImportBehavior.BESTEFFORT &&
                            getPrincipalManager().getPrincipal(principalName) == null) {
                        log.info("ImportBehavior.BESTEFFORT: Remember non-existing impersonator for special processing.");
                        nonExisting.add(principalName);
View Full Code Here

TOP

Related Classes of org.apache.jackrabbit.api.security.user.Impersonation

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.