本文整理汇总了Java中javax.jcr.security.AccessControlManager类的典型用法代码示例。如果您正苦于以下问题:Java AccessControlManager类的具体用法?Java AccessControlManager怎么用?Java AccessControlManager使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
AccessControlManager类属于javax.jcr.security包,在下文中一共展示了AccessControlManager类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: after
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Override
public void after() throws Exception {
try {
if (testSession != null) {
testSession.close();
}
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
if (acl != null) {
for (AccessControlEntry ace : acl.getAccessControlEntries()) {
if (getTestUser().getPrincipal().equals(ace.getPrincipal())) {
acl.removeAccessControlEntry(ace);
}
}
}
acMgr.setPolicy("/", acl);
root.commit();
} finally {
super.after();
}
}
示例2: createPrivileges
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
public List<Privilege> createPrivileges(final AccessControlManager accessControlManager,
final List<String> permissions) throws RepositoryException, PermissionException {
final List<Privilege> privileges = new ArrayList<>();
final List<String> unknownPermissions = new ArrayList<>();
for (final String permission : permissions) {
try {
privileges.addAll(createPrivileges(accessControlManager, permission));
} catch (PermissionException e) {
unknownPermissions.add(permission);
}
}
if (!unknownPermissions.isEmpty()) {
throw new PermissionException(MessagingUtils.unknownPermissions(unknownPermissions));
}
return privileges;
}
示例3: testCanReadProperties2
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Test
public void testCanReadProperties2() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_READ), true);
acMgr.setPolicy("/test", acl);
root.commit();
Tree policyTree = root.getTree("/test/rep:policy");
NodeUtil ace = new NodeUtil(policyTree).addChild("ace2", NT_REP_DENY_ACE);
ace.setNames(REP_PRIVILEGES, PrivilegeConstants.REP_READ_PROPERTIES);
ace.setString(REP_PRINCIPAL_NAME, getTestUser().getPrincipal().getName());
root.commit();
TreePermission tp = getTreePermission("/test");
assertFalse(tp.canReadProperties());
assertTrue(tp.canRead());
assertFalse(tp.canReadProperties());
}
示例4: before
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Override
@Before
public void before() throws Exception {
super.before();
Principal testPrincipal = getTestPrincipal();
NodeUtil rootNode = new NodeUtil(root.getTree("/"), namePathMapper);
NodeUtil testNode = rootNode.addChild("testPath", JcrConstants.NT_UNSTRUCTURED);
testNode.addChild("childNode", JcrConstants.NT_UNSTRUCTURED);
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testPath);
acl.addAccessControlEntry(testPrincipal, privilegesFromNames(JCR_ADD_CHILD_NODES));
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privilegesFromNames(JCR_READ));
acMgr.setPolicy(testPath, acl);
root.commit();
testPrincipalName = testPrincipal.getName();
bitsProvider = new PrivilegeBitsProvider(root);
}
示例5: after
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@After
@Override
public void after() throws Exception {
try {
// clean up policies at the root node
AccessControlManager acMgr = getAccessControlManager(root);
AccessControlPolicy[] policies = acMgr.getPolicies("/");
for (AccessControlPolicy policy : policies) {
acMgr.removePolicy("/", policy);
}
// remove all test content
root.getTree("/a").remove();
root.commit();
// release test session
if (testSession != null) {
testSession.close();
}
} finally {
super.after();
}
}
示例6: after
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Override
@After
public void after() throws Exception {
try {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
if (acl != null) {
boolean modified = false;
for (AccessControlEntry entry : acl.getAccessControlEntries()) {
if (entry.getPrincipal().equals(getTestUser().getPrincipal())) {
acl.removeAccessControlEntry(entry);
modified = true;
}
}
if (modified) {
acMgr.setPolicy("/", acl);
root.commit();
}
}
} finally {
super.after();
}
}
示例7: testRemoveNodeWithJr2Flag
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Test
public void testRemoveNodeWithJr2Flag() throws Exception {
/* allow READ/WRITE privilege for testUser at 'path' */
setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_WRITE);
/* deny REMOVE_NODE privilege at subtree. */
setupPermission("/a/b", testPrincipal, false, PrivilegeConstants.JCR_REMOVE_NODE);
Root testRoot = getTestRoot();
AccessControlManager acMgr = getAccessControlManager(testRoot);
assertTrue(acMgr.hasPrivileges("/a", privilegesFromNames(PrivilegeConstants.REP_WRITE)));
assertFalse(acMgr.hasPrivileges("/a/b", privilegesFromNames(PrivilegeConstants.JCR_REMOVE_NODE)));
// removing the tree must fail
try {
testRoot.getTree("/a").remove();
testRoot.commit();
fail();
} catch (CommitFailedException e) {
// success
assertTrue(e.isAccessViolation());
}
}
示例8: testRemoveNodeWithJr2Flag2
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Test
public void testRemoveNodeWithJr2Flag2() throws Exception {
/* allow READ/WRITE privilege for testUser at 'path' */
setupPermission("/a", testPrincipal, true, PrivilegeConstants.JCR_READ, PrivilegeConstants.REP_WRITE);
/* deny REP_REMOVE_PROPERTIES privilege at subtree. */
setupPermission("/a/b", testPrincipal, false, PrivilegeConstants.REP_REMOVE_PROPERTIES);
Root testRoot = getTestRoot();
AccessControlManager acMgr = getAccessControlManager(testRoot);
assertTrue(acMgr.hasPrivileges("/a", privilegesFromNames(PrivilegeConstants.REP_WRITE)));
assertFalse(acMgr.hasPrivileges("/a/b", privilegesFromNames(PrivilegeConstants.REP_REMOVE_PROPERTIES)));
// removing the tree must fail
try {
testRoot.getTree("/a").remove();
testRoot.commit();
fail();
} catch (CommitFailedException e) {
// success
assertTrue(e.isAccessViolation());
}
}
示例9: testDuplicateAce
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Test
public void testDuplicateAce() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.getAccessControlList(acMgr, testPath);
acl.addAccessControlEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_ADD_CHILD_NODES));
acMgr.setPolicy(testPath, acl);
// add duplicate ac-entry on OAK-API
NodeUtil policy = new NodeUtil(root.getTree(testPath + "/rep:policy"));
NodeUtil ace = policy.addChild("duplicateAce", NT_REP_GRANT_ACE);
ace.setString(REP_PRINCIPAL_NAME, testPrincipal.getName());
ace.setStrings(AccessControlConstants.REP_PRIVILEGES, PrivilegeConstants.JCR_ADD_CHILD_NODES);
try {
root.commit();
fail("Creating duplicate ACE must be detected");
} catch (CommitFailedException e) {
assertTrue(e.isAccessControlViolation());
}
}
示例10: testGetSupportedPrivilegesIncludingPathConversion
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Test
public void testGetSupportedPrivilegesIncludingPathConversion() throws Exception {
List<Privilege> allPrivileges = Arrays.asList(getPrivilegeManager(root).getRegisteredPrivileges());
List<String> testPaths = new ArrayList<String>();
testPaths.add('/' + TEST_LOCAL_PREFIX + ":testRoot");
testPaths.add("/{" + TEST_URI + "}testRoot");
NameMapper remapped = new LocalNameMapper(
root, singletonMap(TEST_LOCAL_PREFIX, TEST_URI));
AccessControlManager acMgr =
getAccessControlManager(new NamePathMapperImpl(remapped));
for (String path : testPaths) {
Privilege[] supported = acMgr.getSupportedPrivileges(path);
assertNotNull(supported);
assertEquals(allPrivileges.size(), supported.length);
assertTrue(allPrivileges.containsAll(Arrays.asList(supported)));
}
}
示例11: testTestSessionGetEffectivePolicies
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
/**
* @since OAK 1.0
*/
@Test
public void testTestSessionGetEffectivePolicies() throws Exception {
// grant 'testUser' READ + READ_AC privileges at 'path'
Privilege[] privileges = privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL);
setupPolicy(testPath, privileges);
root.commit();
Root testRoot = getTestRoot();
testRoot.refresh();
AccessControlManager testAcMgr = getTestAccessControlManager();
assertTrue(testAcMgr.hasPrivileges(testPath, privileges));
// diff to jr core: getEffectivePolicies will just return the policies
// accessible for the editing session but not throw an exception.
AccessControlPolicy[] effective = testAcMgr.getEffectivePolicies(testPath);
assertNotNull(effective);
assertEquals(1, effective.length);
}
示例12: testTestSessionGetEffectivePolicies2
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
/**
* @since OAK 1.0
*/
@Test
public void testTestSessionGetEffectivePolicies2() throws Exception {
NodeUtil child = new NodeUtil(root.getTree(testPath)).addChild("child", JcrConstants.NT_UNSTRUCTURED);
String childPath = child.getTree().getPath();
setupPolicy(testPath, privilegesFromNames(PrivilegeConstants.JCR_READ));
setupPolicy(childPath, privilegesFromNames(PrivilegeConstants.JCR_READ_ACCESS_CONTROL));
root.commit();
Root testRoot = getTestRoot();
testRoot.refresh();
AccessControlManager testAcMgr = getTestAccessControlManager();
assertTrue(testAcMgr.hasPrivileges(childPath, privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL)));
// diff to jr core: getEffectivePolicies will just return the policies
// accessible for the editing session but not throw an exception.
AccessControlPolicy[] effective = testAcMgr.getEffectivePolicies(childPath);
assertNotNull(effective);
assertEquals(1, effective.length);
}
示例13: testTestSessionGetEffectivePoliciesWithoutPrivilege
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Test
public void testTestSessionGetEffectivePoliciesWithoutPrivilege() throws Exception {
// grant 'testUser' READ + READ_AC privileges at 'path'
Privilege[] privileges = privilegesFromNames(PrivilegeConstants.JCR_READ);
setupPolicy(testPath, privileges);
root.commit();
Root testRoot = getTestRoot();
testRoot.refresh();
AccessControlManager testAcMgr = getTestAccessControlManager();
List<String> paths = ImmutableList.of(testPath, NodeTypeConstants.NODE_TYPES_PATH);
for (String path : paths) {
assertFalse(testAcMgr.hasPrivileges(path, privilegesFromNames(PrivilegeConstants.JCR_READ_ACCESS_CONTROL)));
try {
testAcMgr.getEffectivePolicies(path);
fail("READ_ACCESS_CONTROL is not granted at " + path);
} catch (AccessDeniedException e) {
// success
}
}
}
示例14: getEnhancedMockResolver
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
private ResourceResolver getEnhancedMockResolver() throws RepositoryException, LoginException {
ResourceResolver rr = getFreshMockResolver();
when(rr.hasChanges()).thenReturn(true);
AbstractResourceImpl mockFolderA = new AbstractResourceImpl("/content/folderA", "", "", new ResourceMetadata());
when(rr.getResource("/content/folderA")).thenReturn(mockFolderA);
AbstractResourceImpl mockFolderB = new AbstractResourceImpl("/content/folderB", "", "", new ResourceMetadata());
when(rr.getResource("/content/folderB")).thenReturn(mockFolderB);
AbstractResourceImpl mockFolder = new AbstractResourceImpl("/content", "", "", new ResourceMetadata());
when(rr.getResource("/content")).thenReturn(mockFolder);
mockFolder.addChild(mockFolderA);
mockFolder.addChild(mockFolderB);
Session ses = mock(Session.class);
when(rr.adaptTo(Session.class)).thenReturn(ses);
AccessControlManager acm = mock(AccessControlManager.class);
when(ses.getAccessControlManager()).thenReturn(acm);
when(acm.privilegeFromName(any())).thenReturn(mock(Privilege.class));
return rr;
}
示例15: testUpdateDenied
import javax.jcr.security.AccessControlManager; //导入依赖的package包/类
@Test(expected = AccessDeniedException.class)
public void testUpdateDenied() throws RepositoryException {
final FedoraResource object =
containerService.findOrCreate(session, "/testRefObject");
try {
object.updateProperties(
subjects,
"INSERT { <> <http://purl.org/dc/elements/1.1/title> \"test-original\". }"
+ " WHERE { }", object.getTriples(subjects, emptySet()));
} catch (final AccessDeniedException e) {
fail("Should fail at update, not create property");
}
final Session jcrSession = getJcrSession(session);
final AccessControlManager acm = jcrSession.getAccessControlManager();
final Privilege[] permissions = new Privilege[] {acm.privilegeFromName(Privilege.JCR_READ)};
final AccessControlList acl = (AccessControlList) acm.getApplicablePolicies("/testRefObject").next();
acl.addAccessControlEntry(SimplePrincipal.newInstance("anonymous"), permissions);
acm.setPolicy("/testRefObject", acl);
session.commit();
object.updateProperties(
subjects,
"INSERT { <> <http://purl.org/dc/elements/1.1/title> \"test-update\". }"
+ " WHERE { }", object.getTriples(subjects, emptySet()));
}