@Override public boolean init(@NotNull Session session, @NotNull Root root, @NotNull NamePathMapper namePathMapper, boolean isWorkspaceImport, int uuidBehavior, @NotNull ReferenceChangeTracker referenceTracker, @NotNull SecurityProvider securityProvider) { isSystemSession = root.getContentSession().getAuthInfo().getPrincipals().contains(SystemPrincipal.INSTANCE); return true; }
@NotNull public PermissionProvider getPermissionProvider() { if (permissionProvider == null) { permissionProvider = checkNotNull(securityProvider) .getConfiguration(AuthorizationConfiguration.class) .getPermissionProvider(root, getWorkspaceName(), getAuthInfo().getPrincipals()); } return permissionProvider; }
@NotNull public PermissionProvider getPermissionProvider() { if (permissionProvider == null) { permissionProvider = checkNotNull(securityProvider) .getConfiguration(AuthorizationConfiguration.class) .getPermissionProvider(root, getWorkspaceName(), getAuthInfo().getPrincipals()); } return permissionProvider; }
@Override protected void beforeSuite() throws Exception { super.beforeSuite(); Credentials creds = (runAsAdmin) ? getCredentials() : new GuestCredentials(); cs = contentRepository.login(creds, null); subject = new Subject(true, cs.getAuthInfo().getPrincipals(), Collections.emptySet(), Collections.emptySet()); }
UserPrincipalProvider(@NotNull Root root, @NotNull UserConfiguration userConfiguration, @NotNull NamePathMapper namePathMapper) { this.root = root; this.config = userConfiguration; this.namePathMapper = namePathMapper; this.userProvider = new UserProvider(root, config.getParameters()); this.membershipProvider = new MembershipProvider(root, config.getParameters()); expiration = config.getParameters().getConfigValue(PARAM_CACHE_EXPIRATION, EXPIRATION_NO_CACHE); cacheEnabled = (expiration > EXPIRATION_NO_CACHE && root.getContentSession().getAuthInfo().getPrincipals().contains(SystemPrincipal.INSTANCE)); }
private Set<Principal> getGuestPrincipals() throws Exception { try (ContentSession guest = login(new GuestCredentials())) { return guest.getAuthInfo().getPrincipals(); } }
@Test public void testCreateFromSubjectWithPrincipals() { Subject subject = new Subject(); subject.getPrincipals().addAll(PRINCIPALS); AuthInfo info = AuthInfoImpl.createFromSubject(subject); assertNull(info.getUserID()); assertEquals(PRINCIPALS, info.getPrincipals()); assertEquals(0, info.getAttributeNames().length); }
@Override public void before() throws Exception { super.before(); cpp = createPermissionProvider(root.getContentSession().getAuthInfo().getPrincipals()); cppO = createPermissionProviderOR(root.getContentSession().getAuthInfo().getPrincipals()); }
@Test public void testCreateFromSubjectWithAnyCredentials() { Subject subject = new Subject(); subject.getPublicCredentials().add(new Credentials() { }); AuthInfo info = AuthInfoImpl.createFromSubject(subject); assertNull(info.getUserID()); assertTrue(info.getPrincipals().isEmpty()); assertEquals(0, info.getAttributeNames().length); } }
@Test public void testCreateAuthInfoFromEmptySubject() { AuthInfo info = AuthInfoImpl.createFromSubject(new Subject()); assertNull(info.getUserID()); assertEquals(0, info.getAttributeNames().length); assertTrue(info.getPrincipals().isEmpty()); } }
@Test public void testCreateFromSubjectWithSimpleCredentials() { Subject subject = new Subject(); subject.getPublicCredentials().add(new SimpleCredentials(USER_ID, new char[0])); AuthInfo info = AuthInfoImpl.createFromSubject(subject); assertEquals(USER_ID, info.getUserID()); assertTrue(info.getPrincipals().isEmpty()); assertEquals(0, info.getAttributeNames().length); }
@NotNull private TreePermission getTreePermission(@NotNull ContentSession cs, @NotNull String path) throws Exception { Root r = cs.getLatestRoot(); PermissionProvider pp = config.getPermissionProvider(r, cs.getWorkspaceName(), cs.getAuthInfo().getPrincipals()); Tree t = r.getTree(PathUtils.ROOT_PATH); TreePermission tp = pp.getTreePermission(t, TreePermission.EMPTY); for (String name : PathUtils.elements(path)) { t = t.getChild(name); tp = pp.getTreePermission(t, tp); } return tp; }
private PermissionProvider getPermissionProvider(ContentSession session) { return getSecurityProvider() .getConfiguration(AuthorizationConfiguration.class) .getPermissionProvider(root, session.getWorkspaceName(), session.getAuthInfo().getPrincipals()); }
@Test public void testCreateFromSubjectWithAuthInfo() { Subject subject = new Subject(); subject.getPublicCredentials().add(authInfo); AuthInfo info = AuthInfoImpl.createFromSubject(subject); assertEquals(USER_ID, info.getUserID()); assertEquals(PRINCIPALS, info.getPrincipals()); assertArrayEquals(authInfo.getAttributeNames(), info.getAttributeNames()); }
private PermissionProvider getPermissionProvider(ContentSession session) { return getSecurityProvider() .getConfiguration(AuthorizationConfiguration.class) .getPermissionProvider(root, session.getWorkspaceName(), session.getAuthInfo().getPrincipals()); }
@Test public void testGuestAuthInfo() throws LoginException, NoSuchWorkspaceException { contentSession = login(new GuestCredentials()); AuthInfo authInfo = contentSession.getAuthInfo(); String expectedId = null; // EXERCISE : fill in the expected id assertEquals(expectedId, authInfo.getUserID()); // EXERCISE: create the set of expected principals. // EXERCISE: what are the variants you have at hand when using the Jackrabbit API // EXERCISE: what are the variants you have at hand when using public Oak SPI interfaces? Set<Principal> expectedPrincipals = null; assertEquals(expectedPrincipals, authInfo.getPrincipals()); }
private TreePermission getTreePermission(String path) throws Exception { ContentSession testSession = createTestSession(); PermissionProvider pp = config.getPermissionProvider(testSession.getLatestRoot(), testSession.getWorkspaceName(), testSession.getAuthInfo().getPrincipals()); return pp.getTreePermission(root.getTree(path), TreePermission.EMPTY); }
@Override public void before() throws Exception { super.before(); cppTestUser = createPermissionProvider(getTestUser().getPrincipal(), EveryonePrincipal.getInstance()); cppAdminUser = createPermissionProvider(root.getContentSession().getAuthInfo().getPrincipals()); }
@Override public void before() throws Exception { super.before(); ContentSession cs = root.getContentSession(); Set<Principal> testPrincipals = ImmutableSet.of(getTestUser().getPrincipal(), EveryonePrincipal.getInstance()); cppTestUser = createPermissionProvider(testPrincipals); defTestUser = getConfig(AuthorizationConfiguration.class).getPermissionProvider(root, cs.getWorkspaceName(), testPrincipals); Set<Principal> adminPrincipals = cs.getAuthInfo().getPrincipals(); cppAdminUser = createPermissionProvider(adminPrincipals); defAdminUser = getConfig(AuthorizationConfiguration.class).getPermissionProvider(root, cs.getWorkspaceName(), adminPrincipals); }
@Override public void before() throws Exception { super.before(); cppTestUser = createPermissionProvider(getTestUser().getPrincipal(), EveryonePrincipal.getInstance()); cppAdminUser = createPermissionProvider(root.getContentSession().getAuthInfo().getPrincipals()); pbp = new PrivilegeBitsProvider(readOnlyRoot); denied = pbp.getBits(JCR_ADD_CHILD_NODES, REP_ADD_PROPERTIES); }