Package org.apache.jetspeed.security

Examples of org.apache.jetspeed.security.FolderPermission

This class represents access to a portal content/folder or document. A FolderPermission consists of a pathname and a set of actions valid for that pathname.

Pathname is the pathname of the folder or document granted the specified actions. A pathname that ends in "/*" (where "/" is the separator character) indicates all the folders and documents contained in that folder. A pathname that ends with "/-" indicates (recursively) all documents and subfolders contained in that directory. A pathname consisting of the special token "<<ALL FILES>>" matches any folder or document.

@author David Sean Taylor @author Christophe Lombart @version $Id: FolderPermission.java 516448 2007-03-09 16:25:47Z ate $


            AccessController.checkPermission(permission);
        }
        catch (SecurityException se)
        {
            // fallback check for granted folder permissions
            FolderPermission permission = new FolderPermission(path, mask);
            AccessController.checkPermission(permission);
        }
    }
View Full Code Here


    {
        // check granted folder permissions unless the check is
        // to be skipped due to explicity granted access
        if (!checkParentsOnly)
        {
            FolderPermission permission = new FolderPermission(path, mask);
            AccessController.checkPermission(permission);
        }

        // if not checking node only, recursively check
        // all parent permissions in hierarchy
View Full Code Here

            AccessController.checkPermission(permission);
        }
        catch (SecurityException se)
        {
            // fallback check for granted folder permissions
            FolderPermission permission = new FolderPermission(path, mask);
            AccessController.checkPermission(permission);
        }
    }
View Full Code Here

                        // get permissions for users
                        String user = principals[i].getName();
                        if (user.equals("admin"))
                        {
                            // owner permissions
                            permissions.add(new FolderPermission("/", "view, edit"));
                            permissions.add(new PagePermission("/default-page.psml", "view, edit"));
                        }
                        else if (user.equals("user"))
                        {
                            // owner permissions
                            permissions.add(new FragmentPermission("/default-page.psml/some-app::SomePortlet", "view, edit"));
                           
                            // granted permissions
                            permissions.add(new PagePermission("/user-page.psml", "view, edit"));
                            permissions.add(new FragmentPermission("/user-page.psml/*", "view"));
                        }
                       
                        // public view permissions
                        permissions.add(new FolderPermission("/", "view"));
                        permissions.add(new PagePermission("/default-page.psml", "view"));
                        permissions.add(new PagePermission("/page.security", "view"));
                        permissions.add(new FragmentPermission("security::*", "view"));
                    }
                    else if (principals[i] instanceof RolePrincipal)
                    {
                        // get permissions for roles
                        String role = principals[i].getName();
                        if (role.equals("admin"))
                        {
                            // global permissions
                            permissions.add(new FolderPermission("<<ALL FILES>>", "view, edit"));
                            permissions.add(new FragmentPermission("<<ALL FRAGMENTS>>", "view, edit"));
                        }
                        else if (role.equals("manager"))
                        {
                            // granted permissions
View Full Code Here

    if ((this.type == null) || (this.type == TYPE_UNKNOWN))
      return null;
    try
    {
    if (type.equals(TYPE_FOLDER))
      newPermission = new FolderPermission(this.resource,this.actions);
    else if (type.equals(TYPE_FRAGMENT))
      newPermission = new FragmentPermission(this.resource,this.actions);
      else if (type.equals(TYPE_PAGE))
        newPermission = new PagePermission(this.resource,this.actions);
        else if (type.equals(TYPE_PORTAL))
View Full Code Here

            AccessController.checkPermission(permission);
        }
        catch (SecurityException se)
        {
            // fallback check for granted folder permissions
            FolderPermission permission = new FolderPermission(path, mask);
            AccessController.checkPermission(permission);
        }
    }
View Full Code Here

            AccessController.checkPermission(permission);
        }
        catch (SecurityException se)
        {
            // fallback check for granted folder permissions
            FolderPermission permission = new FolderPermission(path, mask);
            AccessController.checkPermission(permission);
        }
    }
View Full Code Here

        {
            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
            {
                public Object run()
                {
                    FolderPermission perm1 = new FolderPermission("/files/test.xml", "edit");
                    AccessController.checkPermission(perm1);
                    return null;
                }
            });
        }
        catch (AccessControlException ace)
        {
            assertTrue("did not authorize view permission on the Folder.", false);
        }

        // Should be denied.
        try
        {
            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
            {
                public Object run()
                {
                    FolderPermission perm2 = new FolderPermission("/files/test.xml", "secure");
                    AccessController.checkPermission(perm2);
                    return null;
                }
            });
            assertTrue("did not deny update permission on the folder.", false);
View Full Code Here

        {
            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
            {
                public Object run()
                {
                    FolderPermission perm1 = new FolderPermission("/files/subfolder1/test.xml", "view");
                    AccessController.checkPermission(perm1);
                    return null;
                }
            });
        }
        catch (AccessControlException ace)
        {
            fail("did not authorize view permission on the Folder.");
        }

       
        try
        {
            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
            {
                public Object run()
                {
                    FolderPermission perm1 = new FolderPermission("/files/subfolder1/foo", "view");
                    AccessController.checkPermission(perm1);
                    return null;
                }
            });
        }
        catch (AccessControlException ace)
        {
            fail("did not authorize view permission on the Folder.");
       
       
        try
        {
            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
            {
                public Object run()
                {
                    FolderPermission perm1 = new FolderPermission("/files/subfolder1/foo/anotherdoc.xml", "view");
                    AccessController.checkPermission(perm1);
                    return null;
                }
            });
            fail("Permission error - should not view the document ");
        }
        catch (AccessControlException ace)
        {
            // Correct behavior - not authorise to view the document
        }        
       
        try
        {
            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
            {
                public Object run()
                {
                    FolderPermission perm1 = new FolderPermission("/files/subfolder2/test.xml", "view");
                    AccessController.checkPermission(perm1);
                    return null;
                }
            });
        }
        catch (AccessControlException ace)
        {
            fail("did not authorize view permission on the Folder.");
        }

       
        try
        {
            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
            {
                public Object run()
                {
                    FolderPermission perm1 = new FolderPermission("/files/subfolder2/foo", "view");
                    AccessController.checkPermission(perm1);
                    return null;
                }
            });
        }
        catch (AccessControlException ace)
        {
            fail("did not authorize view permission on the Folder.");
        }
       
        try
        {
            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
            {
                public Object run()
                {
                    FolderPermission perm1 = new FolderPermission("/files/subfolder2/foo/anotherdoc.xml", "view");
                    AccessController.checkPermission(perm1);
                    return null;
                }
            });
        }
View Full Code Here

        {
        }
       
        UserPrincipal user = new UserPrincipalImpl("anon");

        FolderPermission perm1 = new FolderPermission("/files/test.xml", "edit");
        FolderPermission perm2 = new FolderPermission("/files/subfolder1/*", "view");
        FolderPermission perm3 = new FolderPermission("/files/subfolder2/-", "view");
        try
        {
            pms.addPermission(perm1);
            pms.addPermission(perm2);
            pms.addPermission(perm3);
View Full Code Here

TOP

Related Classes of org.apache.jetspeed.security.FolderPermission

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.