Package org.apache.jackrabbit.core.security.authorization

Examples of org.apache.jackrabbit.core.security.authorization.JackrabbitAccessControlList.addEntry()

69
70
71
72
73
74
75
76
77
78
79
                }
            }
        }

        if (acl != null) {
            acl.addEntry(principal, new Privilege[] {acMgr.privilegeFromName(Privilege.JCR_READ)}, allowRead);
            acMgr.setPolicy(n.getPath(), acl);
            s.save();
        } else {
            // no JackrabbitAccessControlList found.
            throw new NotExecutableException();
View Full Code Here
78
79
80
81
82
83
84
85
86
87
88
        AccessControlPolicyIterator acls = accessControlManager
                .getApplicablePolicies(permissionsPath);
        if (acls.hasNext()) {
            JackrabbitAccessControlList acl = (JackrabbitAccessControlList) acls
                    .nextAccessControlPolicy();
            acl.addEntry(user.getPrincipal(), accessControlManager
                    .getSupportedPrivileges(permissionsPath), true);
            accessControlManager.setPolicy(permissionsPath, acl);
        } else {
            throw new Exception("could not set access control for path " + permissionsPath);
        }
View Full Code Here
50
51
52
53
54
55
56
57
58
59
60
    }

    public void testMultipleEntryEffect() throws RepositoryException, NotExecutableException {
        JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
        Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);
        pt.addEntry(testPrincipal, privileges, true, Collections.EMPTY_MAP);

        // new entry extends privs.
        privileges = privilegesFromNames(new String[] {
                Privilege.JCR_READ,
                Privilege.JCR_ADD_CHILD_NODES});
View Full Code Here
56
57
58
59
60
61
62
63
64
65
66
        // new entry extends privs.
        privileges = privilegesFromNames(new String[] {
                Privilege.JCR_READ,
                Privilege.JCR_ADD_CHILD_NODES});
        assertTrue(pt.addEntry(testPrincipal,
                privileges,
                true, Collections.EMPTY_MAP));

        // net-effect: only a single allow-entry with both privileges
        assertTrue(pt.size() == 1);
View Full Code Here
66
67
68
69
70
71
72
73
74
75
76
        assertTrue(pt.size() == 1);
        assertSamePrivileges(privileges, pt.getAccessControlEntries()[0].getPrivileges());

        // adding just ADD_CHILD_NODES -> must not remove READ priv
        Privilege[] achPrivs = privilegesFromName(Privilege.JCR_ADD_CHILD_NODES);
        assertFalse(pt.addEntry(testPrincipal, achPrivs, true, Collections.EMPTY_MAP));
        // net-effect: only a single allow-entry with add_child_nodes + read priv
        assertTrue(pt.size() == 1);
        assertSamePrivileges(privileges, pt.getAccessControlEntries()[0].getPrivileges());

        // revoke the 'READ' privilege
View Full Code Here
73
74
75
76
77
78
79
80
81
82
83
        assertTrue(pt.size() == 1);
        assertSamePrivileges(privileges, pt.getAccessControlEntries()[0].getPrivileges());

        // revoke the 'READ' privilege
        privileges = privilegesFromName(Privilege.JCR_READ);
        assertTrue(pt.addEntry(testPrincipal, privileges, false, Collections.EMPTY_MAP));
        // net-effect: 2 entries one allowing ADD_CHILD_NODES, the other denying READ
        assertTrue(pt.size() == 2);
        assertSamePrivileges(privilegesFromName(Privilege.JCR_ADD_CHILD_NODES),
                pt.getAccessControlEntries()[0].getPrivileges());
        assertSamePrivileges(privilegesFromName(Privilege.JCR_READ),
View Full Code Here
99
100
101
102
103
104
105
106
107
108
109
        JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
        pt.addAccessControlEntry(testPrincipal, privileges);

        // add deny entry for mod_props
        Privilege[] privileges2 = privilegesFromName(Privilege.JCR_MODIFY_PROPERTIES);
        assertTrue(pt.addEntry(testPrincipal, privileges2, false, null));

        // net-effect: 2 entries with the allow entry being adjusted
        assertTrue(pt.size() == 2);
        AccessControlEntry[] entries = pt.getAccessControlEntries();
        for (int i = 0; i < entries.length; i++) {
View Full Code Here
152
153
154
155
156
157
158
159
160
161
162
        // adding allow-entry must succeed
        assertTrue(pt.addAccessControlEntry(grPrincipal, privs));

        // adding deny-entry must succeed
        try {
            pt.addEntry(grPrincipal, privs, false, null);
            fail("Adding DENY-ace for a group principal should fail.");
        } catch (AccessControlException e) {
            // success
        }
    }
View Full Code Here
163
164
165
166
167
168
169
170
171
172
173
    public void testRevokeEffect() throws RepositoryException, NotExecutableException {
        JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath());
        Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);

        pt.addEntry(testPrincipal, privileges, true, Collections.EMPTY_MAP);

        // same entry but with revers 'isAllow' flag
        assertTrue(pt.addEntry(testPrincipal, privileges, false, Collections.EMPTY_MAP));

        // net-effect: only a single deny-read entry
View Full Code Here
166
167
168
169
170
171
172
173
174
175
176
        Privilege[] privileges = privilegesFromName(Privilege.JCR_READ);

        pt.addEntry(testPrincipal, privileges, true, Collections.EMPTY_MAP);

        // same entry but with revers 'isAllow' flag
        assertTrue(pt.addEntry(testPrincipal, privileges, false, Collections.EMPTY_MAP));

        // net-effect: only a single deny-read entry
        assertTrue(pt.size() == 1);
        assertSamePrivileges(privileges, pt.getAccessControlEntries()[0].getPrivileges());
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.