/** * Determine the search root for the given authorizable type based on the * configured root path. * * @param type The authorizable type. * @param config The configuration parameters. * @return The path of search root for the specified authorizable type. */ @Nonnull public static String getSearchRoot(AuthorizableType type, ConfigurationParameters config) { String path = UserUtil.getAuthorizableRootPath(config, type); return QueryConstants.SEARCH_ROOT_PATH + path; }
/** * Determine the search root for the given authorizable type based on the * configured root path. * * @param type The authorizable type. * @param config The configuration parameters. * @return The path of search root for the specified authorizable type. */ @NotNull public static String getSearchRoot(AuthorizableType type, ConfigurationParameters config) { String path = UserUtil.getAuthorizableRootPath(config, type); return QueryConstants.SEARCH_ROOT_PATH + path; }
/** * Determine the search root for the given authorizable type based on the * configured root path. * * @param type The authorizable type. * @param config The configuration parameters. * @return The path of search root for the specified authorizable type. */ @NotNull public static String getSearchRoot(AuthorizableType type, ConfigurationParameters config) { String path = UserUtil.getAuthorizableRootPath(config, type); return QueryConstants.SEARCH_ROOT_PATH + path; }
@Test public void testGetAuthorizableRootPathDefault() { assertEquals(UserConstants.DEFAULT_GROUP_PATH, UserUtil.getAuthorizableRootPath(ConfigurationParameters.EMPTY, AuthorizableType.GROUP)); assertEquals(UserConstants.DEFAULT_USER_PATH, UserUtil.getAuthorizableRootPath(ConfigurationParameters.EMPTY, AuthorizableType.USER)); assertEquals("/rep:security/rep:authorizables", UserUtil.getAuthorizableRootPath(ConfigurationParameters.EMPTY, AuthorizableType.AUTHORIZABLE)); }
@Test public void testGetAuthorizableRootPath() { ConfigurationParameters config = ConfigurationParameters.of( UserConstants.PARAM_GROUP_PATH, "/groups", UserConstants.PARAM_USER_PATH, "/users"); assertEquals("/groups", UserUtil.getAuthorizableRootPath(config, AuthorizableType.GROUP)); assertEquals("/users", UserUtil.getAuthorizableRootPath(config, AuthorizableType.USER)); assertEquals("/", UserUtil.getAuthorizableRootPath(config, AuthorizableType.AUTHORIZABLE)); }
@Test public void testGetAuthorizableRootPathNullType() { assertNull(UserUtil.getAuthorizableRootPath(ConfigurationParameters.EMPTY, null)); }
private void validateAuthorizable(@NotNull Tree tree, @Nullable AuthorizableType type) throws CommitFailedException { boolean isSystemUser = (type == AuthorizableType.USER) && UserUtil.isSystemUser(tree); String authRoot = UserUtil.getAuthorizableRootPath(provider.getConfig(), type); if (isSystemUser) { String sysRelPath = provider.getConfig().getConfigValue(PARAM_SYSTEM_RELATIVE_PATH, DEFAULT_SYSTEM_RELATIVE_PATH); authRoot = authRoot + '/' + sysRelPath; } if (authRoot != null) { assertHierarchy(tree, authRoot); // assert rep:principalName is present (that should actually by covered // by node type validator) if (TreeUtil.getString(tree, REP_PRINCIPAL_NAME) == null) { throw constraintViolation(26, "Mandatory property rep:principalName missing."); } if (isSystemUser) { if (TreeUtil.getString(tree, REP_PASSWORD) != null) { throw constraintViolation(32, "Attempt to set password with system user."); } if (tree.hasChild(REP_PWD)) { throw constraintViolation(33, "Attempt to add rep:pwd node to a system user."); } } } }
private void validateAuthorizable(@NotNull Tree tree, @Nullable AuthorizableType type) throws CommitFailedException { boolean isSystemUser = (type == AuthorizableType.USER) && UserUtil.isSystemUser(tree); String authRoot = UserUtil.getAuthorizableRootPath(provider.getConfig(), type); if (isSystemUser) { String sysRelPath = provider.getConfig().getConfigValue(PARAM_SYSTEM_RELATIVE_PATH, DEFAULT_SYSTEM_RELATIVE_PATH); authRoot = authRoot + '/' + sysRelPath; } if (authRoot != null) { assertHierarchy(tree, authRoot); // assert rep:principalName is present (that should actually by covered // by node type validator) if (TreeUtil.getString(tree, REP_PRINCIPAL_NAME) == null) { throw constraintViolation(26, "Mandatory property rep:principalName missing."); } if (isSystemUser) { if (TreeUtil.getString(tree, REP_PASSWORD) != null) { throw constraintViolation(32, "Attempt to set password with system user."); } if (tree.hasChild(REP_PWD)) { throw constraintViolation(33, "Attempt to add rep:pwd node to a system user."); } } } }
private void validateAuthorizable(@Nonnull Tree tree, @Nullable AuthorizableType type) throws CommitFailedException { boolean isSystemUser = (type == AuthorizableType.USER) && UserUtil.isSystemUser(tree); String authRoot = UserUtil.getAuthorizableRootPath(provider.getConfig(), type); if (isSystemUser) { String sysRelPath = provider.getConfig().getConfigValue(PARAM_SYSTEM_RELATIVE_PATH, DEFAULT_SYSTEM_RELATIVE_PATH); authRoot = authRoot + '/' + sysRelPath; } if (authRoot != null) { assertHierarchy(tree, authRoot); // assert rep:principalName is present (that should actually by covered // by node type validator) if (TreeUtil.getString(tree, REP_PRINCIPAL_NAME) == null) { throw constraintViolation(26, "Mandatory property rep:principalName missing."); } if (isSystemUser) { if (TreeUtil.getString(tree, REP_PASSWORD) != null) { throw constraintViolation(32, "Attempt to set password with system user."); } if (tree.hasChild(REP_PWD)) { throw constraintViolation(33, "Attempt to add rep:pwd node to a system user."); } } } }