public void testInsertionOrder() throws Exception { JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); Privilege[] readPriv = privilegesFromName(Privilege.JCR_READ); Privilege[] writePriv = privilegesFromName(Privilege.JCR_WRITE); Privilege[] addNodePriv = privilegesFromName(Privilege.JCR_ADD_CHILD_NODES); String restrName = ((SessionImpl) superuser).getJCRName(ACLTemplate.P_GLOB); Map<String,Value> restrictions = Collections.singletonMap(restrName, superuser.getValueFactory().createValue("/.*")); pt.addEntry(testPrincipal, readPriv, true, emptyRestrictions); pt.addEntry(testPrincipal, writePriv, false, emptyRestrictions); pt.addEntry(testPrincipal, addNodePriv, true, restrictions); AccessControlEntry[] entries = pt.getAccessControlEntries(); assertTrue(Arrays.equals(readPriv, entries[0].getPrivileges())); assertTrue(Arrays.equals(writePriv, entries[1].getPrivileges())); assertTrue(Arrays.equals(addNodePriv, entries[2].getPrivileges())); }
public void testMultipleEntryEffect() throws RepositoryException, NotExecutableException { JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); Privilege[] privileges = privilegesFromName(Privilege.JCR_READ); pt.addEntry(testPrincipal, privileges, true, emptyRestrictions); Privilege[] achPrivs = privilegesFromName(Privilege.JCR_ADD_CHILD_NODES); assertFalse(pt.addEntry(testPrincipal, achPrivs, true, emptyRestrictions)); privileges = privilegesFromName(Privilege.JCR_READ); assertTrue(pt.addEntry(testPrincipal, privileges, false, emptyRestrictions)); assertSamePrivileges(privilegesFromName(Privilege.JCR_ADD_CHILD_NODES), pt.getAccessControlEntries()[0].getPrivileges()); assertSamePrivileges(privilegesFromName(Privilege.JCR_READ), pt.getAccessControlEntries()[1].getPrivileges()); assertSamePrivileges(privilegesFromName(Privilege.JCR_ADD_CHILD_NODES), pt.getAccessControlEntries()[0].getPrivileges());
public void testInsertionOrder2() throws Exception { JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); Privilege[] readPriv = privilegesFromName(Privilege.JCR_READ); Privilege[] writePriv = privilegesFromName(Privilege.JCR_WRITE); Privilege[] addNodePriv = privilegesFromName(Privilege.JCR_ADD_CHILD_NODES); String restrName = ((SessionImpl) superuser).getJCRName(ACLTemplate.P_GLOB); Map<String,Value> restrictions = Collections.singletonMap(restrName, superuser.getValueFactory().createValue("/.*")); pt.addEntry(testPrincipal, readPriv, true, emptyRestrictions); pt.addEntry(testPrincipal, addNodePriv, true, restrictions); pt.addEntry(testPrincipal, writePriv, false, emptyRestrictions); AccessControlEntry[] entries = pt.getAccessControlEntries(); assertTrue(Arrays.equals(readPriv, entries[0].getPrivileges())); assertTrue(Arrays.equals(addNodePriv, entries[1].getPrivileges())); assertTrue(Arrays.equals(writePriv, entries[2].getPrivileges())); }
public void testTwoEntriesPerPrincipal() throws RepositoryException, NotExecutableException { JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); Privilege[] readPriv = privilegesFromName(Privilege.JCR_READ); Privilege[] writePriv = privilegesFromName(Privilege.JCR_WRITE); Privilege[] acReadPriv = privilegesFromName(Privilege.JCR_READ_ACCESS_CONTROL); pt.addEntry(testPrincipal, readPriv, true, emptyRestrictions); pt.addEntry(testPrincipal, writePriv, true, emptyRestrictions); pt.addEntry(testPrincipal, acReadPriv, true, emptyRestrictions); pt.addEntry(testPrincipal, readPriv, false, emptyRestrictions); pt.addEntry(new PrincipalImpl(testPrincipal.getName()), readPriv, false, emptyRestrictions); pt.addEntry(new Principal() { public String getName() { return testPrincipal.getName(); } }, readPriv, false, emptyRestrictions); AccessControlEntry[] entries = pt.getAccessControlEntries(); assertEquals(2, entries.length); }
public void testSetEntryForGroupPrincipal() throws RepositoryException, NotExecutableException { JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); Privilege[] privs = privilegesFromName(Privilege.JCR_READ); GroupPrincipal grPrincipal = (GroupPrincipal) principalMgr.getEveryone(); // adding allow-entry must succeed assertTrue(pt.addAccessControlEntry(grPrincipal, privs)); // adding deny-entry must succeed pt.addEntry(grPrincipal, privs, false, null); }
public void testUpdateEntry() throws RepositoryException, NotExecutableException { JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); Privilege[] readPriv = privilegesFromName(Privilege.JCR_READ); Privilege[] writePriv = privilegesFromName(Privilege.JCR_WRITE); Principal principal2 = principalMgr.getEveryone(); pt.addEntry(testPrincipal, readPriv, true, emptyRestrictions); pt.addEntry(principal2, readPriv, true, emptyRestrictions); pt.addEntry(testPrincipal, writePriv, false, emptyRestrictions); // adding an entry that should update the existing allow-entry for everyone. pt.addEntry(principal2, writePriv, true, emptyRestrictions); AccessControlEntry[] entries = pt.getAccessControlEntries(); assertEquals(3, entries.length); JackrabbitAccessControlEntry princ2AllowEntry = (JackrabbitAccessControlEntry) entries[1]; assertEquals(principal2, princ2AllowEntry.getPrincipal()); assertTrue(princ2AllowEntry.isAllow()); assertSamePrivileges(new Privilege[] {readPriv[0], writePriv[0]}, princ2AllowEntry.getPrivileges()); }
/** * Test if new entries get appended at the end of the list. * * @throws RepositoryException * @throws NotExecutableException */ public void testNewEntriesAppendedAtEnd() throws RepositoryException, NotExecutableException { JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); Privilege[] readPriv = privilegesFromName(Privilege.JCR_READ); Privilege[] writePriv = privilegesFromName(Privilege.JCR_WRITE); pt.addEntry(testPrincipal, readPriv, true, emptyRestrictions); pt.addEntry(principalMgr.getEveryone(), readPriv, true, emptyRestrictions); pt.addEntry(testPrincipal, writePriv, false, emptyRestrictions); AccessControlEntry[] entries = pt.getAccessControlEntries(); assertEquals(3, entries.length); JackrabbitAccessControlEntry last = (JackrabbitAccessControlEntry) entries[2]; assertEquals(testPrincipal, last.getPrincipal()); assertEquals(false, last.isAllow()); assertEquals(writePriv[0], last.getPrivileges()[0]); }
public void testRevokeEffect() throws RepositoryException, NotExecutableException { JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); Privilege[] privileges = privilegesFromName(Privilege.JCR_READ); pt.addEntry(testPrincipal, privileges, true, emptyRestrictions); // same entry but with revers 'isAllow' flag assertTrue(pt.addEntry(testPrincipal, privileges, false, emptyRestrictions)); // net-effect: only a single deny-read entry assertEquals(1, pt.size()); assertSamePrivileges(privileges, pt.getAccessControlEntries()[0].getPrivileges()); }
public void testUpdateComplementaryEntry() throws RepositoryException, NotExecutableException { JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); Privilege[] readPriv = privilegesFromName(Privilege.JCR_READ); Privilege[] writePriv = privilegesFromName(Privilege.JCR_WRITE); Principal principal2 = principalMgr.getEveryone(); pt.addEntry(testPrincipal, readPriv, true, emptyRestrictions); pt.addEntry(principal2, readPriv, true, emptyRestrictions); pt.addEntry(testPrincipal, writePriv, false, emptyRestrictions); pt.addEntry(principal2, writePriv, true, emptyRestrictions); // entry complementary to the first entry // -> must remove the allow-READ entry and update the deny-WRITE entry. pt.addEntry(testPrincipal, readPriv, false, emptyRestrictions); AccessControlEntry[] entries = pt.getAccessControlEntries(); assertEquals(2, entries.length); JackrabbitAccessControlEntry first = (JackrabbitAccessControlEntry) entries[0]; assertEquals(principal2, first.getPrincipal()); JackrabbitAccessControlEntry second = (JackrabbitAccessControlEntry) entries[1]; assertEquals(testPrincipal, second.getPrincipal()); assertFalse(second.isAllow()); assertSamePrivileges(new Privilege[] {readPriv[0], writePriv[0]}, second.getPrivileges()); }
public void testMultiplePrincipals() throws RepositoryException, NotExecutableException { PrincipalManager pMgr = ((JackrabbitSession) superuser).getPrincipalManager(); Principal everyone = pMgr.getEveryone(); Principal grPrincipal = null; PrincipalIterator it = pMgr.findPrincipals("", PrincipalManager.SEARCH_TYPE_GROUP); while (it.hasNext()) { GroupPrincipal gr = (GroupPrincipal) it.nextPrincipal(); if (!everyone.equals(gr)) { grPrincipal = gr; } } if (grPrincipal == null || grPrincipal.equals(everyone)) { throw new NotExecutableException(); } Privilege[] privs = privilegesFromName(Privilege.JCR_READ); JackrabbitAccessControlList pt = createEmptyTemplate(getTestPath()); pt.addAccessControlEntry(testPrincipal, privs); assertFalse(pt.addAccessControlEntry(testPrincipal, privs)); // add same privileges for another principal -> must modify as well. assertTrue(pt.addAccessControlEntry(everyone, privs)); // .. 2 entries must be present. assertTrue(pt.getAccessControlEntries().length == 2); }
assertEquals(PropertyType.STRING, pt.getRestrictionType(names[0])); Privilege[] writePriv = privilegesFromName(Privilege.JCR_WRITE);