本文整理汇总了Java中javax.jcr.security.AccessControlManager.setPolicy方法的典型用法代码示例。如果您正苦于以下问题:Java AccessControlManager.setPolicy方法的具体用法?Java AccessControlManager.setPolicy怎么用?Java AccessControlManager.setPolicy使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.jcr.security.AccessControlManager的用法示例。
在下文中一共展示了AccessControlManager.setPolicy方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: after
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Override
public void after() throws Exception {
try {
if (testSession != null) {
testSession.close();
}
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
if (acl != null) {
for (AccessControlEntry ace : acl.getAccessControlEntries()) {
if (getTestUser().getPrincipal().equals(ace.getPrincipal())) {
acl.removeAccessControlEntry(ace);
}
}
}
acMgr.setPolicy("/", acl);
root.commit();
} finally {
super.after();
}
}
示例2: testCanReadProperties2
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Test
public void testCanReadProperties2() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_READ), true);
acMgr.setPolicy("/test", acl);
root.commit();
Tree policyTree = root.getTree("/test/rep:policy");
NodeUtil ace = new NodeUtil(policyTree).addChild("ace2", NT_REP_DENY_ACE);
ace.setNames(REP_PRIVILEGES, PrivilegeConstants.REP_READ_PROPERTIES);
ace.setString(REP_PRINCIPAL_NAME, getTestUser().getPrincipal().getName());
root.commit();
TreePermission tp = getTreePermission("/test");
assertFalse(tp.canReadProperties());
assertTrue(tp.canRead());
assertFalse(tp.canReadProperties());
}
示例3: before
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Override
@Before
public void before() throws Exception {
super.before();
Principal testPrincipal = getTestPrincipal();
NodeUtil rootNode = new NodeUtil(root.getTree("/"), namePathMapper);
NodeUtil testNode = rootNode.addChild("testPath", JcrConstants.NT_UNSTRUCTURED);
testNode.addChild("childNode", JcrConstants.NT_UNSTRUCTURED);
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testPath);
acl.addAccessControlEntry(testPrincipal, privilegesFromNames(JCR_ADD_CHILD_NODES));
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privilegesFromNames(JCR_READ));
acMgr.setPolicy(testPath, acl);
root.commit();
testPrincipalName = testPrincipal.getName();
bitsProvider = new PrivilegeBitsProvider(root);
}
示例4: after
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Override
@After
public void after() throws Exception {
try {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
if (acl != null) {
boolean modified = false;
for (AccessControlEntry entry : acl.getAccessControlEntries()) {
if (entry.getPrincipal().equals(getTestUser().getPrincipal())) {
acl.removeAccessControlEntry(entry);
modified = true;
}
}
if (modified) {
acMgr.setPolicy("/", acl);
root.commit();
}
}
} finally {
super.after();
}
}
示例5: testDuplicateAce
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Test
public void testDuplicateAce() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils.getAccessControlList(acMgr, testPath);
acl.addAccessControlEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_ADD_CHILD_NODES));
acMgr.setPolicy(testPath, acl);
// add duplicate ac-entry on OAK-API
NodeUtil policy = new NodeUtil(root.getTree(testPath + "/rep:policy"));
NodeUtil ace = policy.addChild("duplicateAce", NT_REP_GRANT_ACE);
ace.setString(REP_PRINCIPAL_NAME, testPrincipal.getName());
ace.setStrings(AccessControlConstants.REP_PRIVILEGES, PrivilegeConstants.JCR_ADD_CHILD_NODES);
try {
root.commit();
fail("Creating duplicate ACE must be detected");
} catch (CommitFailedException e) {
assertTrue(e.isAccessControlViolation());
}
}
示例6: testUpdateDenied
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Test(expected = AccessDeniedException.class)
public void testUpdateDenied() throws RepositoryException {
final FedoraResource object =
containerService.findOrCreate(session, "/testRefObject");
try {
object.updateProperties(
subjects,
"INSERT { <> <http://purl.org/dc/elements/1.1/title> \"test-original\". }"
+ " WHERE { }", object.getTriples(subjects, emptySet()));
} catch (final AccessDeniedException e) {
fail("Should fail at update, not create property");
}
final Session jcrSession = getJcrSession(session);
final AccessControlManager acm = jcrSession.getAccessControlManager();
final Privilege[] permissions = new Privilege[] {acm.privilegeFromName(Privilege.JCR_READ)};
final AccessControlList acl = (AccessControlList) acm.getApplicablePolicies("/testRefObject").next();
acl.addAccessControlEntry(SimplePrincipal.newInstance("anonymous"), permissions);
acm.setPolicy("/testRefObject", acl);
session.commit();
object.updateProperties(
subjects,
"INSERT { <> <http://purl.org/dc/elements/1.1/title> \"test-update\". }"
+ " WHERE { }", object.getTriples(subjects, emptySet()));
}
示例7: updateAccessControlList
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
private void updateAccessControlList(boolean allow, final AccessControlManager accessControlManager,
final List<Privilege> privileges, final Principal principal) throws RepositoryException {
final JackrabbitAccessControlList jackrabbitAcl = JackrabbitAccessControlListUtil
.getModifiableAcl(accessControlManager, path);
if (StringUtils.isBlank(glob)) {
addNormalEntry(allow, privileges, principal, jackrabbitAcl);
} else {
addGlobEntry(allow, privileges, principal, jackrabbitAcl);
}
accessControlManager.setPolicy(path, jackrabbitAcl);
}
示例8: removeAll
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
private void removeAll(final Context context, Authorizable authorizable) throws RepositoryException {
final AccessControlManager accessControlManager = context.getAccessControlManager();
final Principal principal = authorizable.getPrincipal();
final JackrabbitAccessControlList jackrabbitAcl = JackrabbitAccessControlListUtil
.getModifiableAcl(accessControlManager, path);
final AccessControlEntry[] accessControlEntries = jackrabbitAcl.getAccessControlEntries();
for (final AccessControlEntry accessControlEntry : accessControlEntries) {
if (accessControlEntry.getPrincipal().equals(principal)) {
jackrabbitAcl.removeAccessControlEntry(accessControlEntry);
}
}
accessControlManager.setPolicy(path, jackrabbitAcl);
}
示例9: setPolicy
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Override
public void setPolicy(String absPath, AccessControlPolicy policy) throws RepositoryException {
for (AccessControlManager acMgr : acMgrs) {
if (acMgr instanceof PolicyOwner && ((PolicyOwner) acMgr).defines(absPath, policy)) {
acMgr.setPolicy(absPath, policy);
return;
}
}
throw new AccessControlException("Cannot set access control policy " + policy + "; no PolicyOwner found.");
}
示例10: testValidateGlobRestriction
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Test
public void testValidateGlobRestriction() throws Exception {
Tree t = new NodeUtil(root.getTree("/")).addChild("testTree", "nt:unstructured").getTree();
String path = t.getPath();
AccessControlManager acMgr = getAccessControlManager(root);
List<String> globs = ImmutableList.of(
"/1*/2*/3*/4*/5*/6*/7*/8*/9*/10*/11*/12*/13*/14*/15*/16*/17*/18*/19*/20*/21*",
"*********************");
for (String glob : globs) {
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, path);
acl.addEntry(getTestPrincipal(),
AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_READ),
true, Collections.singletonMap(REP_GLOB, getValueFactory().createValue(glob)));
acMgr.setPolicy(path, acl);
try {
provider.validateRestrictions(path, t.getChild(REP_POLICY).getChild("allow"));
fail("AccessControlException expected.");
} catch (AccessControlException e) {
// success
} finally {
acMgr.removePolicy(path, acl);
}
}
}
示例11: before
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Override
public void before() throws Exception {
super.before();
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
if (acl != null) {
acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_ALL), true);
}
acMgr.setPolicy("/", acl);
root.commit();
testSession = createTestSession();
testRoot = testSession.getLatestRoot();
acConfig = getSecurityProvider().getConfiguration(AuthorizationConfiguration.class);
}
示例12: testCanReadProperties
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Test
public void testCanReadProperties() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_READ), true);
acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.REP_READ_PROPERTIES), false);
acMgr.setPolicy("/test", acl);
root.commit();
TreePermission tp = getTreePermission("/test");
assertFalse(tp.canReadProperties());
assertTrue(tp.canRead());
assertFalse(tp.canReadProperties());
}
示例13: testReorderAddAndRemoveAces2
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
/**
* ACE : 0 1 2 3 4 5 6 7
* Before : tp ev p0 p1 p2 p3
* After : ev p2 p1 p3 p4 p5
*/
@Test
public void testReorderAddAndRemoveAces2() throws Exception {
createPrincipals();
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testPath);
for (int i = 0; i < 4; i++) {
acl.addAccessControlEntry(principals.get(i), privilegesFromNames(JCR_READ));
}
acMgr.setPolicy(testPath, acl);
root.commit();
AccessControlEntry[] aces = acl.getAccessControlEntries();
acl.removeAccessControlEntry(aces[0]);
acl.removeAccessControlEntry(aces[2]);
acl.orderBefore(aces[4], aces[3]);
acl.addAccessControlEntry(principals.get(4), privilegesFromNames(JCR_READ));
acl.addAccessControlEntry(principals.get(5), privilegesFromNames(JCR_READ));
acMgr.setPolicy(testPath, acl);
root.commit();
Tree entry = getEntry(principals.get(2).getName(), testPath, 1);
assertIndex(1, entry);
entry = getEntry(principals.get(1).getName(), testPath, 2);
assertIndex(2, entry);
}
示例14: testReorderAndRemoveAces
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
/**
* ACE : 0 1 2 3 4 5 6 7
* Before : tp ev p0 p1 p2 p3
* After : p1 ev p3 p2
*/
@Test
public void testReorderAndRemoveAces() throws Exception {
createPrincipals();
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testPath);
for (int i = 0; i < 4; i++) {
acl.addAccessControlEntry(principals.get(i), privilegesFromNames(JCR_READ));
}
acMgr.setPolicy(testPath, acl);
root.commit();
AccessControlEntry[] aces = acl.getAccessControlEntries();
acl.removeAccessControlEntry(aces[0]);
acl.removeAccessControlEntry(aces[2]);
acl.orderBefore(aces[4], null);
acl.orderBefore(aces[3], aces[1]);
acMgr.setPolicy(testPath, acl);
root.commit();
Tree entry = getEntry(EveryonePrincipal.NAME, testPath, 1);
assertIndex(1, entry);
entry = getEntry(principals.get(2).getName(), testPath, 3);
assertIndex(3, entry);
for (String pName : new String[]{testPrincipalName, principals.get(0).getName()}) {
try {
getEntry(pName, testPath, 0);
fail();
} catch (RepositoryException e) {
// success
}
}
}
示例15: testImplicitAceRemoval
import javax.jcr.security.AccessControlManager; //导入方法依赖的package包/类
@Test
public void testImplicitAceRemoval() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, testPath);
acl.addAccessControlEntry(getTestPrincipal(), privilegesFromNames(JCR_READ, REP_WRITE));
acMgr.setPolicy(testPath, acl);
acl = AccessControlUtils.getAccessControlList(acMgr, childPath);
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privilegesFromNames(JCR_READ));
acMgr.setPolicy(childPath, acl);
root.commit();
assertTrue(root.getTree(childPath + "/rep:policy").exists());
Tree principalRoot = getPrincipalRoot(EveryonePrincipal.NAME);
assertEquals(4, cntEntries(principalRoot));
ContentSession testSession = createTestSession();
Root testRoot = testSession.getLatestRoot();
assertTrue(testRoot.getTree(childPath).exists());
assertFalse(testRoot.getTree(childPath + "/rep:policy").exists());
testRoot.getTree(childPath).remove();
testRoot.commit();
testSession.close();
root.refresh();
assertFalse(root.getTree(testPath).hasChild("childNode"));
assertFalse(root.getTree(childPath + "/rep:policy").exists());
// aces must be removed in the permission store even if the editing
// session wasn't able to access them.
principalRoot = getPrincipalRoot(EveryonePrincipal.NAME);
assertEquals(2, cntEntries(principalRoot));
}