javax.jcr.security.AccessControlPolicy Java Examples
The following examples show how to use
javax.jcr.security.AccessControlPolicy.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: JackrabbitAccessControlListUtil.java From APM with Apache License 2.0 | 5 votes |
|
public static JackrabbitAccessControlList getApplicableAccessControlList(
final AccessControlManager accessManager, final String path) throws RepositoryException {
// find policies which may be applied to node indicated by path (may be treated as policy factory)
final AccessControlPolicyIterator applicablePolicies = accessManager.getApplicablePolicies(path);
while (applicablePolicies.hasNext()) {
final AccessControlPolicy policy = applicablePolicies.nextAccessControlPolicy();
if (policy instanceof JackrabbitAccessControlList) {
return (JackrabbitAccessControlList) policy;
}
}
return null;
}
Example #2
| Source File: JackrabbitAccessControlListUtil.java From APM with Apache License 2.0 | 5 votes |
|
public static JackrabbitAccessControlList getAccessControlList(final AccessControlManager accessManager,
final String path) throws RepositoryException {
final AccessControlPolicy[] existing = accessManager.getPolicies(path);
for (final AccessControlPolicy policy : existing) {
if (policy instanceof JackrabbitAccessControlList) {
return (JackrabbitAccessControlList) policy;
}
}
return null;
}
Example #3
| Source File: JackrabbitACLImporter.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
T getPolicy(Class<T> clz) throws RepositoryException {
for (AccessControlPolicy p : acMgr.getPolicies(accessControlledPath)) {
if (clz.isAssignableFrom(p.getClass())) {
return (T) p;
}
}
return null;
}
Example #4
| Source File: JackrabbitACLImporter.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
T getPolicy(Class<T> clz, Principal principal) throws RepositoryException {
if (acMgr instanceof JackrabbitAccessControlManager) {
for (AccessControlPolicy p : ((JackrabbitAccessControlManager) acMgr).getPolicies(principal)) {
if (clz.isAssignableFrom(p.getClass())) {
return (T) p;
}
}
}
return null;
}
Example #5
| Source File: JackrabbitACLImporter.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
T getApplicablePolicy(Class<T> clz) throws RepositoryException {
AccessControlPolicyIterator iter = acMgr.getApplicablePolicies(accessControlledPath);
while (iter.hasNext()) {
AccessControlPolicy p = iter.nextAccessControlPolicy();
if (clz.isAssignableFrom(p.getClass())) {
return (T) p;
}
}
// no applicable policy
throw new RepositoryException("no applicable AccessControlPolicy of type "+ clz + " on " +
(accessControlledPath == null ? "'root'" : accessControlledPath));
}
Example #6
| Source File: JackrabbitACLImporter.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
T getApplicablePolicy(Class<T> clz, Principal principal) throws RepositoryException {
if (acMgr instanceof JackrabbitAccessControlManager) {
for (AccessControlPolicy p : ((JackrabbitAccessControlManager) acMgr).getApplicablePolicies(principal)) {
if (clz.isAssignableFrom(p.getClass())) {
return (T) p;
}
}
}
// no applicable policy
throw new AccessControlException("no applicable AccessControlPolicy of type "+ clz + " for " + principal.getName());
}
Example #7
| Source File: PrincipalBasedTest.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
private void assertPolicy(@NotNull Principal principal, @NotNull AccessControlEntry... expectedEntries) throws RepositoryException {
for (AccessControlPolicy policy : acMgr.getPolicies(principal)) {
if (policy instanceof PrincipalAccessControlList) {
PrincipalAccessControlList pacl = (PrincipalAccessControlList) policy;
AccessControlEntry[] aces = pacl.getAccessControlEntries();
assertEquals(expectedEntries.length, aces.length);
for (int i = 0; i < expectedEntries.length; i++) {
assertTrue(expectedEntries[i] instanceof PrincipalAccessControlList.Entry);
assertTrue(aces[i] instanceof PrincipalAccessControlList.Entry);
PrincipalAccessControlList.Entry entry = (PrincipalAccessControlList.Entry) aces[i];
PrincipalAccessControlList.Entry expected = (PrincipalAccessControlList.Entry) expectedEntries[i];
assertEquals(expected.getEffectivePath(), entry.getEffectivePath());
assertEquals(ImmutableSet.copyOf(expected.getPrivileges()), ImmutableSet.copyOf(entry.getPrivileges()));
assertEquals(ImmutableSet.copyOf(expected.getRestrictionNames()), ImmutableSet.copyOf(entry.getRestrictionNames()));
for (String rName : expected.getRestrictionNames()) {
if (pacl.isMultiValueRestriction(rName)) {
assertArrayEquals(expected.getRestrictions(rName), entry.getRestrictions(rName));
} else {
assertEquals(expected.getRestriction(rName), entry.getRestriction(rName));
}
}
}
return;
}
}
fail("expected PrincipalAccessControlList for principal " + principal.getName());
}
Example #8
| Source File: IntegrationTestBase.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
public String dumpPermissions(String path) throws RepositoryException {
StringBuilder ret = new StringBuilder();
AccessControlPolicy[] ap = admin.getAccessControlManager().getPolicies(path);
for (AccessControlPolicy p: ap) {
if (p instanceof JackrabbitAccessControlList) {
JackrabbitAccessControlList acl = (JackrabbitAccessControlList) p;
for (AccessControlEntry ac: acl.getAccessControlEntries()) {
if (ac instanceof JackrabbitAccessControlEntry) {
JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) ac;
ret.append(ace.isAllow() ? "\n- allow " : "deny ");
ret.append(ace.getPrincipal().getName());
char delim = '[';
for (Privilege priv: ace.getPrivileges()) {
ret.append(delim).append(priv.getName());
delim=',';
}
ret.append(']');
for (String restName: ace.getRestrictionNames()) {
Value[] values;
if ("rep:glob".equals(restName)) {
values = new Value[]{ace.getRestriction(restName)};
} else {
values = ace.getRestrictions(restName);
}
for (Value value : values) {
ret.append(" rest=").append(value.getString());
}
}
}
}
}
}
return ret.toString();
}
Example #9
| Source File: IntegrationTestBase.java From jackrabbit-filevault with Apache License 2.0 | 5 votes |
|
public void removeRepoACL() throws RepositoryException {
AccessControlPolicy[] ap = admin.getAccessControlManager().getPolicies(null);
for (AccessControlPolicy p: ap) {
if (p instanceof JackrabbitAccessControlList) {
JackrabbitAccessControlList acl = (JackrabbitAccessControlList) p;
for (AccessControlEntry ac: acl.getAccessControlEntries()) {
if (ac instanceof JackrabbitAccessControlEntry) {
acl.removeAccessControlEntry(ac);
}
}
}
}
admin.save();
}
Example #10
| Source File: JackrabbitAccessControlManagerWrapper.java From sling-whiteboard with Apache License 2.0 | 4 votes |
|
@Override
public AccessControlPolicy[] getEffectivePolicies(Set<Principal> principals) throws AccessDeniedException, AccessControlException, UnsupportedRepositoryOperationException, RepositoryException {
return delegate.getEffectivePolicies(principals);
}
Example #11
| Source File: AccessControlManagerWrapper.java From sling-whiteboard with Apache License 2.0 | 4 votes |
|
@Override
public AccessControlPolicy[] getPolicies(String absPath) throws PathNotFoundException, AccessDeniedException, RepositoryException {
return delegate.getPolicies(absPath);
}
Example #12
| Source File: AccessControlManagerWrapper.java From sling-whiteboard with Apache License 2.0 | 4 votes |
|
@Override
public AccessControlPolicy[] getEffectivePolicies(String absPath) throws PathNotFoundException, AccessDeniedException, RepositoryException {
return delegate.getEffectivePolicies(absPath);
}
Example #13
| Source File: AccessControlManagerWrapper.java From sling-whiteboard with Apache License 2.0 | 4 votes |
|
@Override
public void setPolicy(String absPath, AccessControlPolicy policy) throws PathNotFoundException, AccessControlException, AccessDeniedException, LockException, VersionException, RepositoryException {
delegate.setPolicy(absPath, policy);
}
Example #14
| Source File: AccessControlManagerWrapper.java From sling-whiteboard with Apache License 2.0 | 4 votes |
|
@Override
public void removePolicy(String absPath, AccessControlPolicy policy) throws PathNotFoundException, AccessControlException, AccessDeniedException, LockException, VersionException, RepositoryException {
delegate.removePolicy(absPath, policy);
}
Example #15
| Source File: IntegrationTestBase.java From jackrabbit-filevault with Apache License 2.0 | 4 votes |
|
public int hasPermission(String path, boolean allow, String[] privs, String name, Map<String, String[]> restrictions)
throws RepositoryException {
AccessControlPolicy[] ap = admin.getAccessControlManager().getPolicies(path);
int idx = 0;
for (AccessControlPolicy p: ap) {
if (p instanceof JackrabbitAccessControlList) {
JackrabbitAccessControlList acl = (JackrabbitAccessControlList) p;
for (AccessControlEntry ac: acl.getAccessControlEntries()) {
if (ac instanceof JackrabbitAccessControlEntry) {
idx++;
JackrabbitAccessControlEntry ace = (JackrabbitAccessControlEntry) ac;
if (ace.isAllow() != allow) {
continue;
}
if (!ace.getPrincipal().getName().equals(name)) {
continue;
}
Set<String> expectedPrivs = new HashSet<String>(Arrays.asList(privs));
for (Privilege priv: ace.getPrivileges()) {
if (!expectedPrivs.remove(priv.getName())) {
expectedPrivs.add("dummy");
break;
}
}
if (!expectedPrivs.isEmpty()) {
continue;
}
Map<String, String[]> rests = new HashMap<String, String[]>(restrictions);
boolean restrictionExpected = true;
for (String restName: ace.getRestrictionNames()) {
String[] expected = rests.remove(restName);
if (expected == null) {
continue;
}
Value[] values;
if ("rep:glob".equals(restName)) {
values = new Value[]{ace.getRestriction(restName)};
} else {
values = ace.getRestrictions(restName);
}
String[] actual = new String[values.length];
for (int i=0; i<actual.length; i++) {
actual[i] = values[i].getString();
}
Arrays.sort(expected);
Arrays.sort(actual);
if (!Arrays.equals(expected, actual)) {
restrictionExpected = false;
break;
}
}
if (!restrictionExpected || !rests.isEmpty()) {
continue;
}
return idx-1;
}
}
}
}
return -1;
}
