private static final Log log = ExoLogger.getLogger("exo.jcr.component.ext.DynamicTest");
public void testDynamicSession() throws Exception
{
// Mary only node, Mary membership is '*:/platform/users', seems it's user
NodeImpl maryNode = (NodeImpl) testRoot.addNode("mary_dynamic");
maryNode.addMixin("exo:privilegeable");
if (!session.getUserID().equals("mary"))
{
maryNode.setPermission("*:/platform/users", new String[] {PermissionType.READ});
maryNode.setPermission("mary", PermissionType.ALL);
maryNode.removePermission(session.getUserID());
}
maryNode.removePermission(SystemIdentity.ANY);
testRoot.save();
Session marySession =
repository.login(new CredentialsImpl("mary", "exo".toCharArray()), session.getWorkspace().getName());
NodeImpl myNode = (NodeImpl) marySession.getItem(maryNode.getPath());
NodeImpl test = (NodeImpl) myNode.addNode("test");
test.setProperty("property", "any data");
myNode.save();
marySession.logout();
//Dynamic session fail read
List<AccessControlEntry> accessControlEntries = new ArrayList<AccessControlEntry>();
accessControlEntries.add(new AccessControlEntry("*:/platform/administrators", "READ"));
SessionProvider dynamicProvider = SessionProvider.createProvider(accessControlEntries);
Session dynamicSession = null;
try
{
dynamicSession = dynamicProvider.getSession(session.getWorkspace().getName(), repository);
NodeImpl maryNodeDynamic = (NodeImpl) dynamicSession.getItem(maryNode.getPath());
fail("Dynamic session with membership '*:/platform/users' should not read node with membership '*:/platform/users'");
}
catch (AccessDeniedException e)
{
//ok
}
//Dynamic session successful read
accessControlEntries = new ArrayList<AccessControlEntry>();
accessControlEntries.add(new AccessControlEntry("*:/platform/users", "READ"));
dynamicProvider = SessionProvider.createProvider(accessControlEntries);
//check get
try
{
dynamicSession = dynamicProvider.getSession(session.getWorkspace().getName(), repository);
NodeImpl maryNodeDynamic = (NodeImpl) dynamicSession.getItem(maryNode.getPath());
//ok
}
catch (AccessDeniedException e)
{
e.printStackTrace();
fail("Dynamic session with membership '*:/platform/users' should read node with membership '*:/platform/users'. Exception message :"
+ e.getMessage());
}
//check add
try
{
dynamicSession = dynamicProvider.getSession(session.getWorkspace().getName(), repository);
NodeImpl maryNodeDynamic = (NodeImpl) dynamicSession.getItem(maryNode.getPath());
maryNodeDynamic.addNode("test2");
maryNodeDynamic.save();
fail("Dynamic session with membership '*:/platform/users' should be not add child node with membership '*:/platform/users READ'");
}
catch (AccessDeniedException e)
{
//ok
}
//check remove
try
{
dynamicSession = dynamicProvider.getSession(session.getWorkspace().getName(), repository);
NodeImpl maryNodeDynamic = (NodeImpl) dynamicSession.getItem(maryNode.getPath());
maryNodeDynamic.getNode("test").remove();
maryNodeDynamic.save();
fail("Dynamic session with membership '*:/platform/users' should be not remove child node with membership '*:/platform/users READ'");
}
catch (AccessDeniedException e)
{
//ok