Java Code Examples for org.apache.jackrabbit.api.security.JackrabbitAccessControlList#getAccessControlEntries()
The following examples show how to use
org.apache.jackrabbit.api.security.JackrabbitAccessControlList#getAccessControlEntries() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: RemoveAll.java From APM with Apache License 2.0 | 5 votes |
|
private void removeAll(final Context context, Authorizable authorizable) throws RepositoryException {
final AccessControlManager accessControlManager = context.getAccessControlManager();
final Principal principal = authorizable.getPrincipal();
final JackrabbitAccessControlList jackrabbitAcl = JackrabbitAccessControlListUtil
.getModifiableAcl(accessControlManager, path);
final AccessControlEntry[] accessControlEntries = jackrabbitAcl.getAccessControlEntries();
for (final AccessControlEntry accessControlEntry : accessControlEntries) {
if (accessControlEntry.getPrincipal().equals(principal)) {
jackrabbitAcl.removeAccessControlEntry(accessControlEntry);
}
}
accessControlManager.setPolicy(path, jackrabbitAcl);
}
Example 2
| Source File: IntegrationTestBase.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
public String dumpPermissions(String path) throws RepositoryException {
StringBuilder ret = new StringBuilder();
AccessControlPolicy[] ap = admin.getAccessControlManager().getPolicies(path);
for (AccessControlPolicy p: ap) {
if (p instanceof JackrabbitAccessControlList) {
JackrabbitAccessControlList acl = (JackrabbitAccessControlList) p;
for (AccessControlEntry ac: acl.getAccessControlEntries()) {
if (ac instanceof JackrabbitAccessControlEntry) {
JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) ac;
ret.append(ace.isAllow() ? "\n- allow " : "deny ");
ret.append(ace.getPrincipal().getName());
char delim = '[';
for (Privilege priv: ace.getPrivileges()) {
ret.append(delim).append(priv.getName());
delim=',';
}
ret.append(']');
for (String restName: ace.getRestrictionNames()) {
Value[] values;
if ("rep:glob".equals(restName)) {
values = new Value[]{ace.getRestriction(restName)};
} else {
values = ace.getRestrictions(restName);
}
for (Value value : values) {
ret.append(" rest=").append(value.getString());
}
}
}
}
}
}
return ret.toString();
}
Example 3
| Source File: IntegrationTestBase.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
public void removeRepoACL() throws RepositoryException {
AccessControlPolicy[] ap = admin.getAccessControlManager().getPolicies(null);
for (AccessControlPolicy p: ap) {
if (p instanceof JackrabbitAccessControlList) {
JackrabbitAccessControlList acl = (JackrabbitAccessControlList) p;
for (AccessControlEntry ac: acl.getAccessControlEntries()) {
if (ac instanceof JackrabbitAccessControlEntry) {
acl.removeAccessControlEntry(ac);
}
}
}
}
admin.save();
}
Example 4
| Source File: JcrPackageManagerImplTest.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
@Test
public void testGetPackageRootNoCreateAccess() throws Exception {
// TODO: maybe rather change the setup of the test-base to not assume that everyone has full read-access
AccessControlManager acMgr = admin.getAccessControlManager();
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
for (AccessControlEntry ace : acl.getAccessControlEntries()) {
acl.removeAccessControlEntry(ace);
}
acl.addEntry(AccessControlUtils.getEveryonePrincipal(admin),
AccessControlUtils.privilegesFromNames(admin, javax.jcr.security.Privilege.JCR_READ),
true,
Collections.singletonMap("rep:glob", admin.getValueFactory().createValue("etc/*")));
admin.save();
Session anonymous = repository.login(new GuestCredentials());
try {
JcrPackageManagerImpl jcrPackageManager = new JcrPackageManagerImpl(anonymous, new String[0]);
assertNull(jcrPackageManager.getPackageRoot(true));
try {
jcrPackageManager.getPackageRoot(false);
fail();
} catch (AccessDeniedException | PathNotFoundException e) {
// success
}
} finally {
anonymous.logout();
}
}
Example 5
| Source File: IntegrationTestBase.java From jackrabbit-filevault with Apache License 2.0 | 4 votes |
|
public int hasPermission(String path, boolean allow, String[] privs, String name, Map<String, String[]> restrictions)
throws RepositoryException {
AccessControlPolicy[] ap = admin.getAccessControlManager().getPolicies(path);
int idx = 0;
for (AccessControlPolicy p: ap) {
if (p instanceof JackrabbitAccessControlList) {
JackrabbitAccessControlList acl = (JackrabbitAccessControlList) p;
for (AccessControlEntry ac: acl.getAccessControlEntries()) {
if (ac instanceof JackrabbitAccessControlEntry) {
idx++;
JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) ac;
if (ace.isAllow() != allow) {
continue;
}
if (!ace.getPrincipal().getName().equals(name)) {
continue;
}
Set<String> expectedPrivs = new HashSet<String>(Arrays.asList(privs));
for (Privilege priv: ace.getPrivileges()) {
if (!expectedPrivs.remove(priv.getName())) {
expectedPrivs.add("dummy");
break;
}
}
if (!expectedPrivs.isEmpty()) {
continue;
}
Map<String, String[]> rests = new HashMap<String, String[]>(restrictions);
boolean restrictionExpected = true;
for (String restName: ace.getRestrictionNames()) {
String[] expected = rests.remove(restName);
if (expected == null) {
continue;
}
Value[] values;
if ("rep:glob".equals(restName)) {
values = new Value[]{ace.getRestriction(restName)};
} else {
values = ace.getRestrictions(restName);
}
String[] actual = new String[values.length];
for (int i=0; i<actual.length; i++) {
actual[i] = values[i].getString();
}
Arrays.sort(expected);
Arrays.sort(actual);
if (!Arrays.equals(expected, actual)) {
restrictionExpected = false;
break;
}
}
if (!restrictionExpected || !rests.isEmpty()) {
continue;
}
return idx-1;
}
}
}
}
return -1;
}
Example 6
| Source File: TestAceOrder.java From jackrabbit-filevault with Apache License 2.0 | 4 votes |
|
private void assertACEs(@NotNull String path) throws Exception {
JackrabbitAccessControlList list = AccessControlUtils.getAccessControlList(acMgr, path);
AccessControlEntry[] entries = list.getAccessControlEntries();
assertEquals(expectedEntries, ImmutableList.copyOf(entries));
}
