/** * Retrieves the {@link Privilege}s from the specified privilege names. * * @param session The editing session. * @param privilegeNames The privilege names. * @return An array of privileges. * @throws RepositoryException If an error occurs or if {@code privilegeNames} * contains an unknown/invalid privilege name. */ public static Privilege[] privilegesFromNames(Session session, String... privilegeNames) throws RepositoryException { return privilegesFromNames(session.getAccessControlManager(), privilegeNames); }
/** * Build supported privileges for the jcr:all privilege. * * @param session The reading session */ public JcrSupportedPrivilegesProperty(Session session) throws RepositoryException { this.session = session; this.absPath = null; AccessControlManager acMgr = session.getAccessControlManager(); Privilege jcrAll = acMgr.privilegeFromName(Privilege.JCR_ALL); privileges.add(jcrAll); }
private Privilege[] getPrivilegesFromNames(ResourceResolver res, String[] names) throws RepositoryException { Session session = res.adaptTo(Session.class); AccessControlManager acm = session.getAccessControlManager(); Privilege[] prvlgs = new Privilege[names.length]; for (int i = 0; i < names.length; i++) { prvlgs[i] = acm.privilegeFromName(names[i]); } return prvlgs; }
public Object doInJcr( final Session session ) throws RepositoryException, IOException { PentahoJcrConstants pentahoJcrConstants = new PentahoJcrConstants( session ); Node node = session.getNodeByIdentifier( fileId.toString() ); String absPath = node.getPath(); AccessControlManager acMgr = session.getAccessControlManager(); AccessControlList acList = getAccessControlList( acMgr, absPath ); acMgr.setPolicy( absPath, acList ); return internalUpdateAcl( session, pentahoJcrConstants, fileId, acl ); } } );
/** {@inheritDoc} */ public RemoteAccessControlManager getAccessControlManager() throws UnsupportedRepositoryOperationException, RepositoryException, RemoteException { try { return getFactory().getRemoteAccessControlManager( session.getAccessControlManager()); } catch (RepositoryException ex) { throw getRepositoryException(ex); } } }
public void testGetPrivilegesForPrincipalsUserSession() throws Exception { JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) userSession.getAccessControlManager(); // EXERCISE: complete the test case and explain the behaviour Privilege[] privs = acMgr.getPrivileges(testPath, ImmutableSet.of(gPrincipal)); Set<Privilege> expectedPrivs = null; assertEquals(expectedPrivs, ImmutableSet.copyOf(privs)); }
private void createAce(Session session, int count) throws RepositoryException { AccessControlManager acManager = session.getAccessControlManager(); JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acManager, nodePath); for (int i = 0; i < count; i++) { ImmutableMap<String, Value> restrictions = ImmutableMap.of(AccessControlConstants.REP_GLOB, session.getValueFactory().createValue(i + "")); acl.addEntry(EveryonePrincipal.getInstance(), AccessControlUtils.privilegesFromNames(acManager, Privilege.JCR_ADD_CHILD_NODES), true, restrictions); } acManager.setPolicy(nodePath, acl); }
public void testHasPrivilegesPropertyPath() throws Exception { AccessControlManager acMgr = userSession.getAccessControlManager(); // EXERCISE: complete the test Privilege[] expectedPrivs = null; assertTrue(acMgr.hasPrivileges(propPath, expectedPrivs)); }
public Object doInJcr( final Session session ) throws RepositoryException, IOException { DefaultPermissionConversionHelper permissionConversionHelper = new DefaultPermissionConversionHelper( session ); Privilege[] privs = permissionConversionHelper.pentahoPermissionsToPrivileges( session, permissions ); try { String absPath = pathConversionHelper.relToAbs( relPath ); return session.getAccessControlManager().hasPrivileges( JcrStringHelper.pathEncode( absPath ), privs ); } catch ( PathNotFoundException e ) { // never throw an exception if the path does not exist; just return false return false; } } } );
private void checkPermissionForDelete(Session session, String[] paths) throws RepositoryException, DistributionException { AccessControlManager acMgr = session.getAccessControlManager(); Privilege[] privileges = new Privilege[]{acMgr.privilegeFromName(jcrPrivilege), acMgr.privilegeFromName(Privilege.JCR_REMOVE_NODE)}; for (String path : paths) { String closestParentPath = getClosestParent(session, path); if (closestParentPath == null || !acMgr.hasPrivileges(closestParentPath, privileges)) { throw new DistributionException("Not enough privileges"); } } }
@Override protected void afterTest() throws Exception { Session session = createOrGetSystemSession(); AccessControlManager acm = session.getAccessControlManager(); for (AccessControlPolicy policy : acm.getPolicies(nodePath)) { acm.removePolicy(nodePath, policy); } save(session, transientWrites); super.afterTest(); }
public void testSessionGetEffectivePoliciesWithoutPrivilege() throws Exception { // grant 'testUser' READ + WRITE privileges at the test path setupPolicy(testRoot, testPrivileges, testPrincipal); superuser.save(); testSession = getTestSession(); AccessControlManager testAcMgr = testSession.getAccessControlManager(); List<String> paths = ImmutableList.of(testRoot, NodeTypeConstants.NODE_TYPES_PATH); for (String path : paths) { // EXERCISE : complete or fix the test case AccessControlPolicy[] effectivePolicies = testAcMgr.getEffectivePolicies(path); } }
public void checkNodeAcls(ResourceResolver res, String path, Privilege[] prvlgs) throws RepositoryException { Actions.setCurrentItem(path); Session session = res.adaptTo(Session.class); boolean report = res.getResource(path).getResourceType().equals(NameConstants.NT_PAGE); if (!session.getAccessControlManager().hasPrivileges(path, prvlgs)) { note(path, Report.acl_check, "FAIL"); throw new RepositoryException("Insufficient permissions to permit move operation"); } else if (report) { note(path, Report.acl_check, "PASS"); } }
@Override protected void setUp() throws Exception { super.setUp(); /* create a second group the test user is member of */ group2 = getUserManager(superuser).createGroup("testGroup" + UUID.randomUUID()); group2.addMember(testUser); superuser.save(); // recreate test session testSession.logout(); testSession = createTestSession(); testAcMgr = testSession.getAccessControlManager(); }
public void testGetPrivilegesThrowsAccessDenied() throws RepositoryException { Session readOnly = getHelper().getReadOnlySession(); JackrabbitAccessControlManager jacMgr = (JackrabbitAccessControlManager) readOnly.getAccessControlManager(); try { jacMgr.getPrivileges(testRoot, principals); fail("ReadOnly session isn't allowed to determine the privileges of other principals."); } catch (AccessDeniedException e) { // success } finally { readOnly.logout(); } }
public void testGetPrivileges() throws Exception { AccessControlManager acMgr = userSession.getAccessControlManager(); Set<Privilege> expected = null; // EXERCISE Privilege[] testRootPrivs = acMgr.getPrivileges(testRoot); assertEquals(expected, ImmutableSet.copyOf(testRootPrivs)); expected = null; // EXERCISE Privilege[] privs = acMgr.getPrivileges(testPath); assertEquals(expected, ImmutableSet.copyOf(privs)); expected = null; // EXERCISE Privilege[] childPrivs = acMgr.getPrivileges(childPath); assertEquals(expected, ImmutableSet.copyOf(childPrivs)); }
@Override protected void setUp() throws Exception { super.setUp(); acMgr = superuser.getAccessControlManager(); User testUser = ExerciseUtility.createTestUser(((JackrabbitSession) superuser).getUserManager()); testPrincipal = testUser.getPrincipal(); testID = testUser.getID(); superuser.save(); }
@Override protected void prepareTestData(Session s) throws RepositoryException { UserManager uMgr = ((JackrabbitSession) s).getUserManager(); User user = uMgr.createUser(USER, PASSWORD); s.save(); AccessControlManager acMgr = s.getAccessControlManager(); JackrabbitAccessControlList tmpl = AccessControlUtils.getAccessControlList(acMgr, "/"); tmpl.addEntry(user.getPrincipal(), new Privilege[]{acMgr.privilegeFromName(Privilege.JCR_ALL)}, true, Collections.<String, Value>emptyMap()); acMgr.setPolicy(tmpl.getPath(), tmpl); s.save(); }
@Override protected void setUp() throws Exception { super.setUp(); acMgr = superuser.getAccessControlManager(); testPrincipal = ExerciseUtility.createTestGroup(((JackrabbitSession) superuser).getUserManager()).getPrincipal(); superuser.save(); acl = AccessControlUtils.getAccessControlList(superuser, testRoot); if (acl == null) { throw new NotExecutableException(); } }
@Override protected void setUp() throws Exception { super.setUp(); acMgr = superuser.getAccessControlManager(); testPrincipal = ExerciseUtility.createTestGroup(((JackrabbitSession) superuser).getUserManager()).getPrincipal(); superuser.save(); acl = AccessControlUtils.getAccessControlList(superuser, testRoot); if (acl == null) { throw new NotExecutableException(); } testPrivileges = AccessControlUtils.privilegesFromNames(acMgr, Privilege.JCR_READ, Privilege.JCR_WRITE); }