@Override public boolean isGranted(@NotNull String oakPath, @NotNull String jcrActions) { return onlyReadPermissions(Permissions.getPermissions(jcrActions, TreeLocation.create(root, oakPath), false)); } };
@Test public void testIsAggregate() { List<Long> aggregates = ImmutableList.of(Permissions.ALL, Permissions.WRITE, Permissions.READ, Permissions.SET_PROPERTY, Permissions.REMOVE); for (long permission : Permissions.PERMISSION_NAMES.keySet()) { if (aggregates.contains(permission)) { assertTrue(Permissions.getString(permission), Permissions.isAggregate(permission)); } else { assertFalse(Permissions.getString(permission), Permissions.isAggregate(permission)); } } }
@Test public void testGetStringMultiple() { for (long permissions : TEST.keySet()) { Set<String> expected = new HashSet<>(); for (long p : TEST.get(permissions)) { expected.add(Permissions.PERMISSION_NAMES.get(p)); } assertEquals(expected, Sets.newHashSet(Splitter.on(',').split(Permissions.getString(permissions)))); } }
@Override public boolean isGranted(@NotNull String oakPath, @NotNull String jcrActions) { if (isSupported(oakPath)) { Tree tree = root.getTree(oakPath); long perms = Permissions.getPermissions(jcrActions, TreeLocation.create(tree), false); if (Permissions.includes(perms, DENIED_PERMS)) { return false; } else { return Permissions.diff(perms, GRANTED_PERMS) == Permissions.NO_PERMISSION; } } else { return false; } }
boolean grants(long permissions) { return Permissions.includes(this.permissions, permissions); }
private static final boolean onlyReadPermissions(long permissions) { return Permissions.diff(permissions, READ_PERMISSIONS) == Permissions.NO_PERMISSION; }
@Test public void testGetStringSinglePermission() { for (long permission : Permissions.aggregates(Permissions.ALL)) { String str = Permissions.getString(permission); assertEquals(Permissions.PERMISSION_NAMES.get(permission), str); } }
@Test public void testAggregates() { Map<Long, Set<Long>> aggregation = ImmutableMap.<Long, Set<Long>>of( Permissions.READ, ImmutableSet.of(Permissions.READ_NODE, Permissions.READ_PROPERTY), Permissions.SET_PROPERTY, ImmutableSet.of(Permissions.ADD_PROPERTY, Permissions.MODIFY_PROPERTY, Permissions.REMOVE_PROPERTY), Permissions.WRITE, ImmutableSet.of(Permissions.ADD_NODE, Permissions.REMOVE_NODE, Permissions.ADD_PROPERTY, Permissions.REMOVE_PROPERTY,Permissions.MODIFY_PROPERTY) ); for (long permission : aggregation.keySet()) { assertEquals(aggregation.get(permission), ImmutableSet.copyOf(Permissions.aggregates(permission))); } }
@Test public void testRespectParentPermissions() { List<Long> permissions = ImmutableList.of( Permissions.ALL, Permissions.ADD_NODE, Permissions.ADD_NODE|Permissions.ADD_PROPERTY, Permissions.ADD_NODE|Permissions.REMOVE_NODE, Permissions.ADD_NODE|Permissions.READ, Permissions.REMOVE_NODE, Permissions.REMOVE_NODE|Permissions.LOCK_MANAGEMENT, Permissions.WRITE, Permissions.REMOVE ); for (long p : permissions) { assertTrue(Permissions.getString(p), Permissions.respectParentPermissions(p)); } }
private Iterator<PermissionEntry> getIterator(@Nullable PropertyState property, long permissions) { EntryPredicate predicate = new EntryPredicate(tree, property, Permissions.respectParentPermissions(permissions)); return getIterator(predicate); }
@Test public void testGetPermissionsFromPermissionNameActions() { TreeLocation tl = TreeLocation.create(existingTree); long permissions = Permissions.NODE_TYPE_MANAGEMENT|Permissions.LOCK_MANAGEMENT|Permissions.VERSION_MANAGEMENT; Set<String> names = Permissions.getNames(permissions); String jcrActions = Text.implode(names.toArray(new String[0]), ","); assertEquals(permissions, Permissions.getPermissions(jcrActions, tl, false)); }
PermissionValidator(@Nullable Tree parentBefore, @Nullable Tree parentAfter, @Nullable TreePermission parentPermission, @NotNull PermissionValidator parentValidator) { this.parentBefore = parentBefore; this.parentAfter = parentAfter; this.parentPermission = parentPermission; permissionProvider = parentValidator.permissionProvider; provider = parentValidator.provider; this.isReferenceable = parentValidator.isReferenceable; this.isCreated = parentValidator.isCreated; if (Permissions.NO_PERMISSION == parentValidator.permission) { this.permission = Permissions.getPermission(PermissionUtil.getPath(parentBefore, parentAfter), Permissions.NO_PERMISSION); } else { this.permission = parentValidator.permission; } }
@Test public void testGetNamesSinglePermission() { for (long permission : Permissions.aggregates(Permissions.ALL)) { Set<String> names = Permissions.getNames(permission); assertEquals(1, names.size()); assertEquals(Permissions.PERMISSION_NAMES.get(permission), names.iterator().next()); } }
private void checkPermissions(@NotNull Tree parent, @NotNull PropertyState property, long defaultPermission) throws CommitFailedException { if (NodeStateUtils.isHidden(property.getName())) { // ignore any hidden properties (except for OAK_CHILD_ORDER which has // been covered in "propertyChanged" return; } long toTest = getPermission(parent, property, defaultPermission); if (toTest != Permissions.NO_PERMISSION) { boolean isGranted; if (Permissions.isRepositoryPermission(toTest)) { isGranted = permissionProvider.getRepositoryPermission().isGranted(toTest); } else { isGranted = parentPermission.isGranted(toTest, property); } if (!isGranted) { throw new CommitFailedException(ACCESS, 0, "Access denied"); } } }
@Test public void testGetStringAllPermission() { String str = Permissions.getString(Permissions.ALL); assertEquals(Permissions.PERMISSION_NAMES.get(Permissions.ALL), str); }
boolean requiresJr2Permissions(long permission) { return Permissions.includes(jr2Permissions, permission); }
@Test public void testAggregatesAllPermission() { Iterable<Long> aggregates = Permissions.aggregates(Permissions.ALL); assertFalse(Iterables.contains(aggregates, Permissions.ALL)); Set<Long> expected = Sets.newHashSet(Permissions.PERMISSION_NAMES.keySet()); expected.removeAll(ImmutableList.of(Permissions.ALL, Permissions.WRITE, Permissions.READ, Permissions.SET_PROPERTY, Permissions.REMOVE)); assertEquals(expected, Sets.newHashSet(aggregates)); }
@Test public void testNotRespectParentPermissions() { List<Long> permissions = ImmutableList.of( Permissions.READ, Permissions.ADD_PROPERTY, Permissions.REMOVE_PROPERTY, Permissions.ADD_PROPERTY|Permissions.REMOVE_PROPERTY, Permissions.MODIFY_CHILD_NODE_COLLECTION|Permissions.MODIFY_PROPERTY, Permissions.NODE_TYPE_MANAGEMENT|Permissions.VERSION_MANAGEMENT, Permissions.SET_PROPERTY, Permissions.WORKSPACE_MANAGEMENT|Permissions.NAMESPACE_MANAGEMENT ); for (long p : permissions) { assertFalse(Permissions.getString(p), Permissions.respectParentPermissions(p)); } }