Package org.apache.jetspeed.om.page

Examples of org.apache.jetspeed.om.page.PageSecurity


            // remove page security
            filter = new Criteria();
            filter.addEqualTo("parent", new Integer(folderImpl.getIdentity()));
            query = QueryFactory.newQuery(PageSecurityImpl.class, filter);
            PageSecurity document = (PageSecurity)getPersistenceBrokerTemplate().getObjectByQuery(query);
            if (document != null)
            {
                removePageSecurity(document);
            }
        }
View Full Code Here


    public boolean checkConstraint(String securityConstraintName, String actions)
    {
        try
        {
            PageSecurity security = this.getPageSecurity();
            SecurityConstraintsDef def = security.getSecurityConstraintsDef(securityConstraintName);
            if (def != null)
            {
                return PageManagerSecurityUtils.checkConstraint(def, actions);
            }
        }
View Full Code Here

                            constraintsRefs.add("public-view");
                            constraints.setSecurityConstraintsRefs(constraintsRefs);
                            folder.setSecurityConstraints(constraints);
                            pageManager.updateFolder(folder);
                       
                            PageSecurity pageSecurity = pageManager.newPageSecurity();
                            List constraintsDefs = new ArrayList(2);
                            SecurityConstraintsDef constraintsDef = pageManager.newSecurityConstraintsDef();
                            constraintsDef.setName("public-view");
                            List defConstraints = new ArrayList(1);
                            SecurityConstraint defConstraint = pageManager.newPageSecuritySecurityConstraint();
                            defConstraint.setUsers(Shared.makeListFromCSV("*"));
                            defConstraint.setPermissions(Shared.makeListFromCSV("view"));
                            defConstraints.add(defConstraint);
                            constraintsDef.setSecurityConstraints(defConstraints);
                            constraintsDefs.add(constraintsDef);
                            constraintsDef = pageManager.newSecurityConstraintsDef();
                            constraintsDef.setName("admin-all");
                            defConstraints = new ArrayList(1);
                            defConstraint = pageManager.newPageSecuritySecurityConstraint();
                            defConstraint.setRoles(Shared.makeListFromCSV("admin"));
                            defConstraint.setPermissions(Shared.makeListFromCSV("view,edit"));
                            defConstraints.add(defConstraint);
                            constraintsDef.setSecurityConstraints(defConstraints);
                            constraintsDefs.add(constraintsDef);
                            pageSecurity.setSecurityConstraintsDefs(constraintsDefs);
                            List globalConstraintsRefs = new ArrayList(1);
                            globalConstraintsRefs.add("admin-all");
                            pageSecurity.setGlobalSecurityConstraintsRefs(globalConstraintsRefs);
                            pageManager.updatePageSecurity(pageSecurity);
                       
                            Page page = pageManager.newPage("/default-page.psml");
                            constraints = pageManager.newSecurityConstraints();
                            constraints.setOwner("admin");
                            List inlineConstraints = new ArrayList(1);
                            SecurityConstraint constraint = pageManager.newPageSecurityConstraint();
                            constraint.setRoles(Shared.makeListFromCSV("manager"));
                            constraint.setPermissions(Shared.makeListFromCSV("edit"));
                            inlineConstraints.add(constraint);
                            constraints.setSecurityConstraints(inlineConstraints);
                            constraintsRefs = new ArrayList(1);
                            constraintsRefs.add("public-view");
                            constraints.setSecurityConstraintsRefs(constraintsRefs);
                            page.setSecurityConstraints(constraints);                       
                            Fragment root = page.getRootFragment();
                            root.setName("jetspeed-layouts::VelocityTwoColumns");
                            Fragment portlet = pageManager.newPortletFragment();
                            portlet.setName("security::LoginPortlet");
                            root.getFragments().add(portlet);
                            portlet = pageManager.newPortletFragment();
                            portlet.setName("some-app::SomePortlet");
                            SecurityConstraints fragmentConstraints = pageManager.newSecurityConstraints();
                            fragmentConstraints.setOwner("user");
                            portlet.setSecurityConstraints(fragmentConstraints);
                            root.getFragments().add(portlet);
                            pageManager.updatePage(page);
                            TestCase.assertNotNull(page.getRootFragment());
                            TestCase.assertNotNull(page.getRootFragment().getFragments());
                            TestCase.assertEquals(2, page.getRootFragment().getFragments().size());
                            TestCase.assertEquals("some-app::SomePortlet", ((Fragment)page.getRootFragment().getFragments().get(1)).getName());
                            TestCase.assertFalse("0".equals(((Fragment)page.getRootFragment().getFragments().get(1)).getId()));
                            somePortletId[0] = ((Fragment)page.getRootFragment().getFragments().get(1)).getId();
                       
                            page = pageManager.newPage("/user-page.psml");
                            constraints = pageManager.newSecurityConstraints();
                            inlineConstraints = new ArrayList(1);
                            constraint = pageManager.newPageSecurityConstraint();
                            constraint.setUsers(Shared.makeListFromCSV("user"));
                            constraint.setPermissions(Shared.makeListFromCSV("view,edit"));
                            inlineConstraints.add(constraint);
                            constraints.setSecurityConstraints(inlineConstraints);
                            page.setSecurityConstraints(constraints);
                            pageManager.updatePage(page);

                            Link link = pageManager.newLink("/default.link");
                            link.setUrl("http://www.default.org/");
                            constraints = pageManager.newSecurityConstraints();
                            constraints.setOwner("admin");
                            inlineConstraints = new ArrayList(1);
                            constraint = pageManager.newLinkSecurityConstraint();
                            constraint.setRoles(Shared.makeListFromCSV("manager"));
                            constraint.setPermissions(Shared.makeListFromCSV("edit"));
                            inlineConstraints.add(constraint);
                            constraints.setSecurityConstraints(inlineConstraints);
                            link.setSecurityConstraints(constraints);                       
                            pageManager.updateLink(link);

                            return null;
                        }
                        catch (Exception e)
                        {
                            return e;
                        }
                    }
                }, null);
            if (setup != null)
            {
                throw setup;
            }

            // reset page manager cache
            pageManager.reset();

            // access test as admin user
            Exception adminAccess = (Exception)JSSubject.doAsPrivileged(adminSubject, new PrivilegedAction()
                {
                    public Object run()
                    {
                        try
                        {
                            // test view access
                            Folder folder = pageManager.getFolder("/");
                            TestCase.assertNotNull(folder.getPageSecurity());
                            TestCase.assertNotNull(folder.getPages());
                            TestCase.assertEquals(2, folder.getPages().size());
                            TestCase.assertNotNull(pageManager.getPages(folder));
                            TestCase.assertEquals(2, pageManager.getPages(folder).size());
                            PageSecurity pageSecurity = pageManager.getPageSecurity();
                            Page page0 = pageManager.getPage("/default-page.psml");
                            TestCase.assertNotNull(page0.getRootFragment());
                            TestCase.assertNotNull(page0.getRootFragment().getFragments());
                            TestCase.assertEquals(2, page0.getRootFragment().getFragments().size());
                            TestCase.assertNotNull(page0.getFragmentById(somePortletId[0]));
                            TestCase.assertNotNull(page0.getFragmentsByName("some-app::SomePortlet"));
                            TestCase.assertEquals(1, page0.getFragmentsByName("some-app::SomePortlet").size());
                            Page page1 = pageManager.getPage("/user-page.psml");
                            Link link = pageManager.getLink("/default.link");
                            // test edit access
                            pageManager.updateFolder(folder);
                            pageManager.updatePageSecurity(pageSecurity);
                            pageManager.updatePage(page0);
                            pageManager.updatePage(page1);
                            pageManager.updateLink(link);
                            return null;
                        }
                        catch (Exception e)
                        {
                            return e;
                        }
                    }
                }, null);
            if (adminAccess != null)
            {
                throw adminAccess;
            }

            // access test as user user
            Exception userAccess = (Exception)JSSubject.doAsPrivileged(userSubject, new PrivilegedAction()
                {
                    public Object run()
                    {
                        try
                        {
                            // test view access
                            Folder folder = pageManager.getFolder("/");
                            TestCase.assertNotNull(folder.getPageSecurity());
                            TestCase.assertNotNull(folder.getPages());
                            TestCase.assertEquals(2, folder.getPages().size());
                            PageSecurity pageSecurity = pageManager.getPageSecurity();
                            Page page0 = pageManager.getPage("/default-page.psml");
                            TestCase.assertNotNull(page0.getRootFragment());
                            TestCase.assertNotNull(page0.getRootFragment().getFragments());
                            TestCase.assertEquals(2, page0.getRootFragment().getFragments().size());
                            TestCase.assertNotNull(page0.getFragmentById(somePortletId[0]));
                            TestCase.assertNotNull(page0.getFragmentsByName("some-app::SomePortlet"));
                            TestCase.assertEquals(1, page0.getFragmentsByName("some-app::SomePortlet").size());
                            Page page1 = pageManager.getPage("/user-page.psml");
                            Link link = pageManager.getLink("/default.link");
                            // test edit access
                            try
                            {
                                pageManager.updateFolder(folder);
                                TestCase.assertTrue("Folder / not editable for user", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            try
                            {
                                pageManager.updatePageSecurity(pageSecurity);
                                TestCase.assertTrue("PageSecurity not editable for user", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            try
                            {
                                pageManager.updatePage(page0);
                                TestCase.assertTrue("Page /default-page.psml not editable for user", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            pageManager.updatePage(page1);
                            try
                            {
                                pageManager.updateLink(link);
                                TestCase.assertTrue("Page /default.link not editable for user", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            return null;
                        }
                        catch (Exception e)
                        {
                            return e;
                        }
                    }
                }, null);
            if (userAccess != null)
            {
                throw userAccess;
            }

            // access test as manager user
            Exception managerAccess = (Exception)JSSubject.doAsPrivileged(managerSubject, new PrivilegedAction()
                {
                    public Object run()
                    {
                        try
                        {
                            // test view access
                            Folder folder = pageManager.getFolder("/");
                            TestCase.assertNotNull(folder.getPageSecurity());
                            TestCase.assertNotNull(folder.getPages());
                            TestCase.assertEquals(1, folder.getPages().size());
                            PageSecurity pageSecurity = pageManager.getPageSecurity();
                            Page page0 = pageManager.getPage("/default-page.psml");
                            TestCase.assertNotNull(page0.getRootFragment());
                            TestCase.assertNotNull(page0.getRootFragment().getFragments());
                            TestCase.assertEquals(1, page0.getRootFragment().getFragments().size());
                            TestCase.assertNull(page0.getFragmentById(somePortletId[0]));
                            TestCase.assertTrue(page0.getFragmentsByName("some-app::SomePortlet").isEmpty());
                            Link link = pageManager.getLink("/default.link");
                            try
                            {
                                pageManager.getPage("/user-page.psml");
                                TestCase.assertTrue("Page /user-page.psml not viewable for manager", false);
                            }
                            catch (SecurityException se)
                            {
                            }                       
                            // test edit access
                            try
                            {
                                pageManager.updateFolder(folder);
                                TestCase.assertTrue("Folder / not editable for manager", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            try
                            {
                                pageManager.updatePageSecurity(pageSecurity);
                                TestCase.assertTrue("PageSecurity not editable for manager", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            pageManager.updatePage(page0);
                            pageManager.updateLink(link);
                            return null;
                        }
                        catch (Exception e)
                        {
                            return e;
                        }
                    }
                }, null);
            if (managerAccess != null)
            {
                throw managerAccess;
            }

            // access test as guest user
            Exception guestAccess = (Exception)JSSubject.doAsPrivileged(guestSubject, new PrivilegedAction()
                {
                    public Object run()
                    {
                        try
                        {
                            // test view access
                            Folder folder = pageManager.getFolder("/");
                            TestCase.assertNotNull(folder.getPageSecurity());
                            TestCase.assertNotNull(folder.getPages());
                            TestCase.assertEquals(1, folder.getPages().size());
                            PageSecurity pageSecurity = pageManager.getPageSecurity();
                            Page page0 = pageManager.getPage("/default-page.psml");
                            TestCase.assertNotNull(page0.getRootFragment());
                            TestCase.assertNotNull(page0.getRootFragment().getFragments());
                            TestCase.assertEquals(1, page0.getRootFragment().getFragments().size());
                            TestCase.assertNull(page0.getFragmentById(somePortletId[0]));
View Full Code Here

    {
        // reset page manager cache
        pageManager.reset();
       
        // update documents and folders in persisted store
        PageSecurity pageSecurity = pageManager.getPageSecurity();
        assertEquals("/page.security", pageSecurity.getPath());
        pageSecurity.getGlobalSecurityConstraintsRefs().add("UPDATED");
        pageManager.updatePageSecurity(pageSecurity);

        Page page = pageManager.getPage("/default-page.psml");
        assertEquals("/default-page.psml", page.getPath());
        page.setTitle("UPDATED");
View Full Code Here

        assertNotNull(folder.getLinks());
        assertEquals(1, folder.getLinks().size());
        assertNotNull(pageManager.getLinks(folder));
        assertEquals(1, pageManager.getLinks(folder).size());

        PageSecurity pageSecurity = pageManager.newPageSecurity();
        List constraintsDefs = new ArrayList(2);
        SecurityConstraintsDef constraintsDef = pageManager.newSecurityConstraintsDef();
        constraintsDef.setName("public-view");
        List defConstraints = new ArrayList(1);
        SecurityConstraint defConstraint = pageSecurity.newSecurityConstraint();
        defConstraint.setUsers(Shared.makeListFromCSV("*"));
        defConstraint.setPermissions(Shared.makeListFromCSV("view"));
        defConstraints.add(defConstraint);
        constraintsDef.setSecurityConstraints(defConstraints);
        constraintsDefs.add(constraintsDef);
        constraintsDef = pageSecurity.newSecurityConstraintsDef();
        constraintsDef.setName("admin-all");
        defConstraints = new ArrayList(2);
        defConstraint = pageSecurity.newSecurityConstraint();
        defConstraint.setRoles(Shared.makeListFromCSV("admin"));
        defConstraint.setPermissions(Shared.makeListFromCSV("view,edit"));
        defConstraints.add(defConstraint);
        defConstraint = pageSecurity.newSecurityConstraint();
        defConstraint.setRoles(Shared.makeListFromCSV("nobody"));
        defConstraints.add(defConstraint);
        constraintsDef.setSecurityConstraints(defConstraints);
        constraintsDefs.add(constraintsDef);
        pageSecurity.setSecurityConstraintsDefs(constraintsDefs);
        List globalConstraintsRefs = new ArrayList(2);
        globalConstraintsRefs.add("admin-all");
        globalConstraintsRefs.add("public-view");
        pageSecurity.setGlobalSecurityConstraintsRefs(globalConstraintsRefs);

        pageManager.updatePageSecurity(pageSecurity);

        assertNotNull(pageSecurity.getParent());
        assertEquals(pageSecurity.getParent().getId(), folder.getId());
        assertNotNull(folder.getPageSecurity());

        // test duplicate creates
        try
        {
            Folder dupFolder = pageManager.newFolder("/");
            pageManager.updateFolder(dupFolder);
            assertTrue("Duplicate Folder / CREATED", false);
        }
        catch (FolderNotUpdatedException e)
        {
        }
        try
        {
            Page dupPage = pageManager.newPage("/default-page.psml");
            pageManager.updatePage(dupPage);
            assertTrue("Duplicate Page / CREATED", false);
        }
        catch (PageNotUpdatedException e)
        {
        }
        try
        {
            Link dupLink = pageManager.newLink("/default.link");
            pageManager.updateLink(dupLink);
            assertTrue("Duplicate Link / CREATED", false);
        }
        catch (FailedToUpdateDocumentException e)
        {
        }
        try
        {
            PageSecurity dupPageSecurity = pageManager.newPageSecurity();
            pageManager.updatePageSecurity(dupPageSecurity);
            assertTrue("Duplicate PageSecurity / CREATED", false);
        }
        catch (FailedToUpdateDocumentException e)
        {
View Full Code Here

                            constraintsRefs.add("public-view");
                            constraints.setSecurityConstraintsRefs(constraintsRefs);
                            folder.setSecurityConstraints(constraints);
                            pageManager.updateFolder(folder);
                       
                            PageSecurity pageSecurity = pageManager.newPageSecurity();
                            List constraintsDefs = new ArrayList(2);
                            SecurityConstraintsDef constraintsDef = pageManager.newSecurityConstraintsDef();
                            constraintsDef.setName("public-view");
                            List defConstraints = new ArrayList(1);
                            SecurityConstraint defConstraint = pageManager.newPageSecuritySecurityConstraint();
                            defConstraint.setUsers(Shared.makeListFromCSV("*"));
                            defConstraint.setPermissions(Shared.makeListFromCSV("view"));
                            defConstraints.add(defConstraint);
                            constraintsDef.setSecurityConstraints(defConstraints);
                            constraintsDefs.add(constraintsDef);
                            constraintsDef = pageManager.newSecurityConstraintsDef();
                            constraintsDef.setName("admin-all");
                            defConstraints = new ArrayList(1);
                            defConstraint = pageManager.newPageSecuritySecurityConstraint();
                            defConstraint.setRoles(Shared.makeListFromCSV("admin"));
                            defConstraint.setPermissions(Shared.makeListFromCSV("view,edit"));
                            defConstraints.add(defConstraint);
                            constraintsDef.setSecurityConstraints(defConstraints);
                            constraintsDefs.add(constraintsDef);
                            pageSecurity.setSecurityConstraintsDefs(constraintsDefs);
                            List globalConstraintsRefs = new ArrayList(1);
                            globalConstraintsRefs.add("admin-all");
                            pageSecurity.setGlobalSecurityConstraintsRefs(globalConstraintsRefs);
                            pageManager.updatePageSecurity(pageSecurity);
                       
                            Page page = pageManager.newPage("/default-page.psml");
                            constraints = pageManager.newSecurityConstraints();
                            constraints.setOwner("admin");
                            List inlineConstraints = new ArrayList(1);
                            SecurityConstraint constraint = pageManager.newPageSecurityConstraint();
                            constraint.setRoles(Shared.makeListFromCSV("manager"));
                            constraint.setPermissions(Shared.makeListFromCSV("edit"));
                            inlineConstraints.add(constraint);
                            constraints.setSecurityConstraints(inlineConstraints);
                            constraintsRefs = new ArrayList(1);
                            constraintsRefs.add("public-view");
                            constraints.setSecurityConstraintsRefs(constraintsRefs);
                            page.setSecurityConstraints(constraints);                       
                            Fragment root = page.getRootFragment();
                            root.setName("jetspeed-layouts::VelocityTwoColumns");
                            Fragment portlet = pageManager.newPortletFragment();
                            portlet.setName("security::LoginPortlet");
                            root.getFragments().add(portlet);
                            portlet = pageManager.newPortletFragment();
                            portlet.setName("some-app::SomePortlet");
                            SecurityConstraints fragmentConstraints = pageManager.newSecurityConstraints();
                            fragmentConstraints.setOwner("user");
                            portlet.setSecurityConstraints(fragmentConstraints);
                            root.getFragments().add(portlet);
                            pageManager.updatePage(page);
                            TestCase.assertNotNull(page.getRootFragment());
                            TestCase.assertNotNull(page.getRootFragment().getFragments());
                            TestCase.assertEquals(2, page.getRootFragment().getFragments().size());
                            TestCase.assertEquals("some-app::SomePortlet", ((Fragment)page.getRootFragment().getFragments().get(1)).getName());
                            TestCase.assertFalse("0".equals(((Fragment)page.getRootFragment().getFragments().get(1)).getId()));
                            somePortletId[0] = ((Fragment)page.getRootFragment().getFragments().get(1)).getId();
                       
                            page = pageManager.newPage("/user-page.psml");
                            constraints = pageManager.newSecurityConstraints();
                            inlineConstraints = new ArrayList(1);
                            constraint = pageManager.newPageSecurityConstraint();
                            constraint.setUsers(Shared.makeListFromCSV("user"));
                            constraint.setPermissions(Shared.makeListFromCSV("view,edit"));
                            inlineConstraints.add(constraint);
                            constraints.setSecurityConstraints(inlineConstraints);
                            page.setSecurityConstraints(constraints);
                            pageManager.updatePage(page);

                            Link link = pageManager.newLink("/default.link");
                            link.setUrl("http://www.default.org/");
                            constraints = pageManager.newSecurityConstraints();
                            constraints.setOwner("admin");
                            inlineConstraints = new ArrayList(1);
                            constraint = pageManager.newLinkSecurityConstraint();
                            constraint.setRoles(Shared.makeListFromCSV("manager"));
                            constraint.setPermissions(Shared.makeListFromCSV("edit"));
                            inlineConstraints.add(constraint);
                            constraints.setSecurityConstraints(inlineConstraints);
                            link.setSecurityConstraints(constraints);                       
                            pageManager.updateLink(link);

                            return null;
                        }
                        catch (Exception e)
                        {
                            return e;
                        }
                    }
                }, null);
            if (setup != null)
            {
                throw setup;
            }

            // reset page manager cache
            pageManager.reset();

            // access test as admin user
            Exception adminAccess = (Exception)JSSubject.doAsPrivileged(adminSubject, new PrivilegedAction()
                {
                    public Object run()
                    {
                        try
                        {
                            // test view access
                            Folder folder = pageManager.getFolder("/");
                            TestCase.assertNotNull(folder.getPageSecurity());
                            TestCase.assertNotNull(folder.getPages());
                            TestCase.assertEquals(2, folder.getPages().size());
                            TestCase.assertNotNull(pageManager.getPages(folder));
                            TestCase.assertEquals(2, pageManager.getPages(folder).size());
                            PageSecurity pageSecurity = pageManager.getPageSecurity();
                            Page page0 = pageManager.getPage("/default-page.psml");
                            TestCase.assertNotNull(page0.getRootFragment());
                            TestCase.assertNotNull(page0.getRootFragment().getFragments());
                            TestCase.assertEquals(2, page0.getRootFragment().getFragments().size());
                            TestCase.assertNotNull(page0.getFragmentById(somePortletId[0]));
                            TestCase.assertNotNull(page0.getFragmentsByName("some-app::SomePortlet"));
                            TestCase.assertEquals(1, page0.getFragmentsByName("some-app::SomePortlet").size());
                            Page page1 = pageManager.getPage("/user-page.psml");
                            Link link = pageManager.getLink("/default.link");
                            // test edit access
                            pageManager.updateFolder(folder);
                            pageManager.updatePageSecurity(pageSecurity);
                            pageManager.updatePage(page0);
                            pageManager.updatePage(page1);
                            pageManager.updateLink(link);
                            return null;
                        }
                        catch (Exception e)
                        {
                            return e;
                        }
                    }
                }, null);
            if (adminAccess != null)
            {
                throw adminAccess;
            }

            // access test as user user
            Exception userAccess = (Exception)JSSubject.doAsPrivileged(userSubject, new PrivilegedAction()
                {
                    public Object run()
                    {
                        try
                        {
                            // test view access
                            Folder folder = pageManager.getFolder("/");
                            TestCase.assertNotNull(folder.getPageSecurity());
                            TestCase.assertNotNull(folder.getPages());
                            TestCase.assertEquals(2, folder.getPages().size());
                            PageSecurity pageSecurity = pageManager.getPageSecurity();
                            Page page0 = pageManager.getPage("/default-page.psml");
                            TestCase.assertNotNull(page0.getRootFragment());
                            TestCase.assertNotNull(page0.getRootFragment().getFragments());
                            TestCase.assertEquals(2, page0.getRootFragment().getFragments().size());
                            TestCase.assertNotNull(page0.getFragmentById(somePortletId[0]));
                            TestCase.assertNotNull(page0.getFragmentsByName("some-app::SomePortlet"));
                            TestCase.assertEquals(1, page0.getFragmentsByName("some-app::SomePortlet").size());
                            Page page1 = pageManager.getPage("/user-page.psml");
                            Link link = pageManager.getLink("/default.link");
                            // test edit access
                            try
                            {
                                pageManager.updateFolder(folder);
                                TestCase.assertTrue("Folder / not editable for user", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            try
                            {
                                pageManager.updatePageSecurity(pageSecurity);
                                TestCase.assertTrue("PageSecurity not editable for user", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            try
                            {
                                pageManager.updatePage(page0);
                                TestCase.assertTrue("Page /default-page.psml not editable for user", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            pageManager.updatePage(page1);
                            try
                            {
                                pageManager.updateLink(link);
                                TestCase.assertTrue("Page /default.link not editable for user", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            return null;
                        }
                        catch (Exception e)
                        {
                            return e;
                        }
                    }
                }, null);
            if (userAccess != null)
            {
                throw userAccess;
            }

            // access test as manager user
            Exception managerAccess = (Exception)JSSubject.doAsPrivileged(managerSubject, new PrivilegedAction()
                {
                    public Object run()
                    {
                        try
                        {
                            // test view access
                            Folder folder = pageManager.getFolder("/");
                            TestCase.assertNotNull(folder.getPageSecurity());
                            TestCase.assertNotNull(folder.getPages());
                            TestCase.assertEquals(1, folder.getPages().size());
                            PageSecurity pageSecurity = pageManager.getPageSecurity();
                            Page page0 = pageManager.getPage("/default-page.psml");
                            TestCase.assertNotNull(page0.getRootFragment());
                            TestCase.assertNotNull(page0.getRootFragment().getFragments());
                            TestCase.assertEquals(1, page0.getRootFragment().getFragments().size());
                            TestCase.assertNull(page0.getFragmentById(somePortletId[0]));
                            TestCase.assertTrue(page0.getFragmentsByName("some-app::SomePortlet").isEmpty());
                            Link link = pageManager.getLink("/default.link");
                            try
                            {
                                pageManager.getPage("/user-page.psml");
                                TestCase.assertTrue("Page /user-page.psml not viewable for manager", false);
                            }
                            catch (SecurityException se)
                            {
                            }                       
                            // test edit access
                            try
                            {
                                pageManager.updateFolder(folder);
                                TestCase.assertTrue("Folder / not editable for manager", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            try
                            {
                                pageManager.updatePageSecurity(pageSecurity);
                                TestCase.assertTrue("PageSecurity not editable for manager", false);
                            }
                            catch (SecurityException se)
                            {
                            }
                            pageManager.updatePage(page0);
                            pageManager.updateLink(link);
                            return null;
                        }
                        catch (Exception e)
                        {
                            return e;
                        }
                    }
                }, null);
            if (managerAccess != null)
            {
                throw managerAccess;
            }

            // access test as guest user
            Exception guestAccess = (Exception)JSSubject.doAsPrivileged(guestSubject, new PrivilegedAction()
                {
                    public Object run()
                    {
                        try
                        {
                            // test view access
                            Folder folder = pageManager.getFolder("/");
                            TestCase.assertNotNull(folder.getPageSecurity());
                            TestCase.assertNotNull(folder.getPages());
                            TestCase.assertEquals(1, folder.getPages().size());
                            PageSecurity pageSecurity = pageManager.getPageSecurity();
                            Page page0 = pageManager.getPage("/default-page.psml");
                            TestCase.assertNotNull(page0.getRootFragment());
                            TestCase.assertNotNull(page0.getRootFragment().getFragments());
                            TestCase.assertEquals(1, page0.getRootFragment().getFragments().size());
                            TestCase.assertNull(page0.getFragmentById(somePortletId[0]));
View Full Code Here

        String xml =
            "<security-constraints-def name=\"" +
                  defName +
                  "\"><security-constraint><roles>user, manager</roles><permissions>view,edit</permissions></security-constraint></security-constraints-def>";
        runTest(xml, defName, method);
        PageSecurity pageSecurity = pageManager.getPageSecurity();
        SecurityConstraintsDef def = pageSecurity.getSecurityConstraintsDef(defName);
        assertNotNull("definition " + defName + " not found ", def);
        SecurityConstraint constraint =  (SecurityConstraint)def.getSecurityConstraints().get(0);
        assertNotNull("first constraint for " + defName + " not found ", def);
        assertEquals("update failed for constraints " + constraint.getPermissions().toString(), constraint.getPermissions().toString(), "[view, edit]");
    }
View Full Code Here

        String xml =
            "<security-constraints-def name=\"" +
                  defName +
                  "\"><security-constraint><roles>user, manager</roles><permissions>view,edit</permissions></security-constraint></security-constraints-def>";
        runTest(xml, defName, method);
        PageSecurity pageSecurity = pageManager.getPageSecurity();
        SecurityConstraintsDef def = pageSecurity.getSecurityConstraintsDef(defName);
        assertNotNull("definition " + defName + " not found ", def);
        SecurityConstraint constraint =  (SecurityConstraint)def.getSecurityConstraints().get(0);
        assertNotNull("first constraint for " + defName + " not found ", def);
        assertEquals("update failed for constraints " + constraint.getPermissions().toString(), constraint.getPermissions().toString(), "[view, edit]");
    }
View Full Code Here

                  "<security-constraint><users>tomcat</users><permissions>view</permissions></security-constraint>" +
                  "<security-constraint><users>manager,admin</users><permissions>view,help</permissions></security-constraint>" +
                  "</security-constraints-def>";
                 
        runTest(xml, defName, method);
        PageSecurity pageSecurity = pageManager.getPageSecurity();
        SecurityConstraintsDef def = pageSecurity.getSecurityConstraintsDef(defName);
        assertNotNull("definition " + defName + " not found ", def);
        SecurityConstraint constraint =  (SecurityConstraint)def.getSecurityConstraints().get(0);
        assertNotNull("first constraint for " + defName + " not found ", constraint);
        assertEquals("update failed for constraints " + constraint.getPermissions().toString(), constraint.getPermissions().toString(), "[view, edit, help]");
        assertEquals("update failed for constraints " + constraint.getRoles().toString(), constraint.getRoles().toString(), "[user, manager, anon]");
View Full Code Here

        String xml =
            "<security-constraints-def name=\"" +
                  defName +
                  "\"><security-constraint><users>*</users><permissions>view</permissions></security-constraint></security-constraints-def>";
        runTest(xml, defName, method);
        PageSecurity pageSecurity = pageManager.getPageSecurity();
        SecurityConstraintsDef def = pageSecurity.getSecurityConstraintsDef(defName);
        assertNotNull("definition " + defName + " not found ", def);
        SecurityConstraint constraint =  (SecurityConstraint)def.getSecurityConstraints().get(0);
        assertNotNull("first constraint for " + defName + " not found ", def);
        assertEquals("delete merge failed for constraints " + constraint.getPermissions().toString(), constraint.getPermissions().toString(), "[view]");
        assertEquals("delete merge failed for constraints " + constraint.getUsers().toString(), constraint.getUsers().toString(), "[*]");       
View Full Code Here

TOP

Related Classes of org.apache.jetspeed.om.page.PageSecurity

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.