Java Code Examples for org.apache.jackrabbit.api.security.JackrabbitAccessControlList#addEntry()

The following examples show how to use org.apache.jackrabbit.api.security.JackrabbitAccessControlList#addEntry() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TestAceOrder.java    From jackrabbit-filevault with Apache License 2.0 6 votes vote down vote up 
@Override
public void setUp() throws Exception {
    super.setUp();
    uMgr = ((JackrabbitSession) admin).getUserManager();
    User testuser = uMgr.createUser(NAME_TEST_USER, null);
    admin.save();

    acMgr = admin.getAccessControlManager();

    Node tmp = admin.getRootNode().addNode("testroot").addNode("secured");
    JackrabbitAccessControlList list = AccessControlUtils.getAccessControlList(acMgr, tmp.getPath());
    Privilege[] writePrivilege = AccessControlUtils.privilegesFromNames(acMgr, Privilege.JCR_WRITE);
    ValueFactory vf = admin.getValueFactory();
    Principal everyone = ((JackrabbitSession) admin).getPrincipalManager().getEveryone();
    list.addEntry(everyone, writePrivilege, true, ImmutableMap.of("rep:glob", vf.createValue("/foo")));
    list.addEntry(testuser.getPrincipal(), writePrivilege, false, ImmutableMap.of("rep:glob", vf.createValue("/foo")));
    list.addEntry(everyone, writePrivilege, true, ImmutableMap.of("rep:glob", vf.createValue("/bar")));
    acMgr.setPolicy(tmp.getPath(), list);

    expectedEntries = ImmutableList.copyOf(list.getAccessControlEntries());

    admin.refresh(false);
}
Example 2
Source File: PermissionActionHelper.java    From APM with Apache License 2.0 5 votes vote down vote up 
private void addEntry(boolean allow, final List<Privilege> privileges,
    final Principal principal,
    final JackrabbitAccessControlList jackrabbitAcl) throws RepositoryException {

  Map<String, Value> singleValueRestrictions = restrictions.getSingleValueRestrictions(valueFactory);
  Map<String, Value[]> multiValueRestrictions = restrictions.getMultiValueRestrictions(valueFactory);
  jackrabbitAcl.addEntry(principal, privileges.toArray(new Privilege[privileges.size()]), allow,
      singleValueRestrictions, multiValueRestrictions);
}
Example 3
Source File: DocViewSaxFormatterTest.java    From jackrabbit-filevault with Apache License 2.0 5 votes vote down vote up 
/**
 * Tests if an 'empty' node serialization includes the jcr namespace. see JCRVLT-266
 */
@Test
public void testFormatterIncludesJcrNamespace() throws Exception {
    // rep:itemNames restrictions are only supported in oak.
    Assume.assumeTrue(isOak());

    JcrUtils.getOrCreateByPath("/testroot", NodeType.NT_UNSTRUCTURED, admin);
    admin.save();

    // setup access control
    AccessControlManager acMgr = admin.getAccessControlManager();
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/testroot");

    Privilege[] privs = new Privilege[]{acMgr.privilegeFromName(Privilege.JCR_READ)};
    Map<String, Value[]> rest = new HashMap<>();
    rest.put("rep:itemNames", new Value[]{
            admin.getValueFactory().createValue("jcr:mixinTypes", PropertyType.NAME),
            admin.getValueFactory().createValue("jcr:primaryType", PropertyType.NAME)
    });
    acl.addEntry(EveryonePrincipal.getInstance(), privs, false, null, rest);
    acMgr.setPolicy("/testroot", acl);
    admin.save();

    Session guest = repository.login(new GuestCredentials());

    DefaultWorkspaceFilter filter = new DefaultWorkspaceFilter();
    filter.add(new PathFilterSet("/testroot"));
    RepositoryAddress addr = new RepositoryAddress("/" + admin.getWorkspace().getName() + "/");
    VaultFileSystem jcrfs = Mounter.mount(null, filter, addr, null, guest);
    Aggregate a = jcrfs.getAggregateManager().getRoot().getAggregate("testroot");
    DocViewSerializer s = new DocViewSerializer(a);

    ByteArrayOutputStream out = new ByteArrayOutputStream();
    s.writeContent(out);

    assertEquals("valid xml",
            "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" +
            "<jcr:root xmlns:jcr=\"http://www.jcp.org/jcr/1.0\"/>\n", out.toString("utf-8"));
}
Example 4
Source File: JcrPackageManagerImplTest.java    From jackrabbit-filevault with Apache License 2.0 5 votes vote down vote up 
@Test
public void testGetPackageRootNoCreateAccess() throws Exception {
    // TODO: maybe rather change the setup of the test-base to not assume that everyone has full read-access
    AccessControlManager acMgr = admin.getAccessControlManager();
    JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
    for (AccessControlEntry ace : acl.getAccessControlEntries()) {
        acl.removeAccessControlEntry(ace);
    }
    acl.addEntry(AccessControlUtils.getEveryonePrincipal(admin),
            AccessControlUtils.privilegesFromNames(admin, javax.jcr.security.Privilege.JCR_READ),
            true,
            Collections.singletonMap("rep:glob", admin.getValueFactory().createValue("etc/*")));
    admin.save();

    Session anonymous = repository.login(new GuestCredentials());
    try {
        JcrPackageManagerImpl jcrPackageManager = new JcrPackageManagerImpl(anonymous, new String[0]);
        assertNull(jcrPackageManager.getPackageRoot(true));

        try {
            jcrPackageManager.getPackageRoot(false);
            fail();
        } catch (AccessDeniedException | PathNotFoundException e) {
            // success
        }
    }  finally {
        anonymous.logout();
    }
}