本文整理汇总了Java中org.apache.jackrabbit.api.security.JackrabbitAccessControlList.addEntry方法的典型用法代码示例。如果您正苦于以下问题:Java JackrabbitAccessControlList.addEntry方法的具体用法?Java JackrabbitAccessControlList.addEntry怎么用?Java JackrabbitAccessControlList.addEntry使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.jackrabbit.api.security.JackrabbitAccessControlList
的用法示例。
在下文中一共展示了JackrabbitAccessControlList.addEntry方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testAclPropagation
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Test
public void testAclPropagation() throws Exception {
Tree node = root1.getTree("/").addChild("testNode");
node.setProperty("jcr:primaryType", "nt:unstructured");
User user1 = userManager1.createUser("testUser", "testUser");
JackrabbitAccessControlList acl1 = AccessControlUtils.getAccessControlList(aclMgr1, "/testNode");
acl1.addEntry(user1.getPrincipal(), AccessControlUtils.privilegesFromNames(aclMgr1, "jcr:all"), true);
aclMgr1.setPolicy("/testNode", acl1);
root1.commit();
syncClusterNodes();
root2.refresh();
JackrabbitAccessControlList acl2 = AccessControlUtils.getAccessControlList(aclMgr2, "/testNode");
AccessControlEntry[] aces = acl2.getAccessControlEntries();
assertEquals(1, aces.length);
}
示例2: testCanReadProperties2
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Test
public void testCanReadProperties2() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_READ), true);
acMgr.setPolicy("/test", acl);
root.commit();
Tree policyTree = root.getTree("/test/rep:policy");
NodeUtil ace = new NodeUtil(policyTree).addChild("ace2", NT_REP_DENY_ACE);
ace.setNames(REP_PRIVILEGES, PrivilegeConstants.REP_READ_PROPERTIES);
ace.setString(REP_PRINCIPAL_NAME, getTestUser().getPrincipal().getName());
root.commit();
TreePermission tp = getTreePermission("/test");
assertFalse(tp.canReadProperties());
assertTrue(tp.canRead());
assertFalse(tp.canReadProperties());
}
示例3: testTestSessionGetEffectivePoliciesByPrincipals
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Test
public void testTestSessionGetEffectivePoliciesByPrincipals() throws Exception {
NodeUtil child = new NodeUtil(root.getTree(testPath)).addChild("child", JcrConstants.NT_UNSTRUCTURED);
String childPath = child.getTree().getPath();
Privilege[] privs = privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL);
setupPolicy(testPath, privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL));
JackrabbitAccessControlList acl = getApplicablePolicy(childPath);
acl.addEntry(EveryonePrincipal.getInstance(), privs, true);
acMgr.setPolicy(childPath, acl);
root.commit();
Root testRoot = getTestRoot();
testRoot.refresh();
JackrabbitAccessControlManager testAcMgr = getTestAccessControlManager();
Set<Principal> principals = ImmutableSet.of(getTestPrincipal(), EveryonePrincipal.getInstance());
AccessControlPolicy[] policies = testAcMgr.getEffectivePolicies(principals);
assertNotNull(policies);
assertEquals(2, policies.length);
}
示例4: testTestSessionGetEffectivePoliciesByPrincipals2
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
/**
* @since OAK 1.0 : only accessible policies are returned but not exception
* is raised.
*/
@Test
public void testTestSessionGetEffectivePoliciesByPrincipals2() throws Exception {
NodeUtil child = new NodeUtil(root.getTree(testPath)).addChild("child", JcrConstants.NT_UNSTRUCTURED);
String childPath = child.getTree().getPath();
Privilege[] privs = privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL);
// create policy on testPath -> but deny access to test session
JackrabbitAccessControlList acl = getApplicablePolicy(testPath);
acl.addEntry(getTestPrincipal(), privs, false);
acMgr.setPolicy(testPath, acl);
// grant access at childpath
setupPolicy(childPath, privilegesFromNames(PrivilegeConstants.JCR_READ, PrivilegeConstants.JCR_READ_ACCESS_CONTROL));
root.commit();
Root testRoot = getTestRoot();
testRoot.refresh();
JackrabbitAccessControlManager testAcMgr = getTestAccessControlManager();
Set<Principal> principals = ImmutableSet.of(getTestPrincipal(), EveryonePrincipal.getInstance());
AccessControlPolicy[] policies = testAcMgr.getEffectivePolicies(principals);
assertNotNull(policies);
assertEquals(1, policies.length);
}
示例5: addGlobEntry
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
private void addGlobEntry(boolean allow, final List<Privilege> privileges, final Principal principal,
final JackrabbitAccessControlList jackrabbitAcl) throws RepositoryException {
final Map<String, Value> globRestrictions = new HashMap<>();
globRestrictions.put("rep:glob", getGlobValue());
jackrabbitAcl.addEntry(principal, privileges.toArray(new Privilege[privileges.size()]), allow,
globRestrictions);
}
示例6: applyTo
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
private void applyTo(JackrabbitAccessControlList acl) throws RepositoryException {
checkNotNull(acl);
if (!ignore) {
acl.addEntry(principal, privileges.toArray(new Privilege[privileges.size()]), isAllow, restrictions);
} else {
log.debug("Unknown principal: Ignore ACE based on ImportBehavior.IGNORE configuration.");
}
}
示例7: testValidateGlobRestriction
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Test
public void testValidateGlobRestriction() throws Exception {
Tree t = new NodeUtil(root.getTree("/")).addChild("testTree", "nt:unstructured").getTree();
String path = t.getPath();
AccessControlManager acMgr = getAccessControlManager(root);
List<String> globs = ImmutableList.of(
"/1*/2*/3*/4*/5*/6*/7*/8*/9*/10*/11*/12*/13*/14*/15*/16*/17*/18*/19*/20*/21*",
"*********************");
for (String glob : globs) {
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, path);
acl.addEntry(getTestPrincipal(),
AccessControlUtils.privilegesFromNames(acMgr, PrivilegeConstants.JCR_READ),
true, Collections.singletonMap(REP_GLOB, getValueFactory().createValue(glob)));
acMgr.setPolicy(path, acl);
try {
provider.validateRestrictions(path, t.getChild(REP_POLICY).getChild("allow"));
fail("AccessControlException expected.");
} catch (AccessControlException e) {
// success
} finally {
acMgr.removePolicy(path, acl);
}
}
}
示例8: before
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Override
public void before() throws Exception {
super.before();
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/");
if (acl != null) {
acl.addEntry(getTestUser().getPrincipal(), privilegesFromNames(PrivilegeConstants.JCR_ALL), true);
}
acMgr.setPolicy("/", acl);
root.commit();
testSession = createTestSession();
testRoot = testSession.getLatestRoot();
acConfig = getSecurityProvider().getConfiguration(AuthorizationConfiguration.class);
}
示例9: testCanReadProperties
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Test
public void testCanReadProperties() throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(acMgr, "/test");
acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_READ), true);
acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.REP_READ_PROPERTIES), false);
acMgr.setPolicy("/test", acl);
root.commit();
TreePermission tp = getTreePermission("/test");
assertFalse(tp.canReadProperties());
assertTrue(tp.canRead());
assertFalse(tp.canReadProperties());
}
示例10: setupPermission
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
/**
* Setup simple allow/deny permissions (without restrictions).
*
* @param root The editing root.
* @param path The path of the access controlled tree.
* @param principal The principal for which new ACE is being created.
* @param isAllow {@code true} if privileges are granted; {@code false} otherwise.
* @param privilegeNames The privilege names.
* @throws Exception If an error occurs.
*/
protected void setupPermission(@Nonnull Root root,
@Nullable String path,
@Nonnull Principal principal,
boolean isAllow,
@Nonnull String... privilegeNames) throws Exception {
AccessControlManager acMgr = getAccessControlManager(root);
JackrabbitAccessControlList acl = checkNotNull(AccessControlUtils.getAccessControlList(acMgr, path));
acl.addEntry(principal, AccessControlUtils.privilegesFromNames(acMgr, privilegeNames), isAllow);
acMgr.setPolicy(path, acl);
root.commit();
}
示例11: testUnsupportedRestrictions2
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Test
public void testUnsupportedRestrictions2() throws Exception {
RestrictionProvider rp = new TestRestrictionProvider("restr", Type.NAME, false);
JackrabbitAccessControlList acl = createACL(getTestPath(), new ArrayList(), namePathMapper, rp);
try {
acl.addEntry(testPrincipal, testPrivileges, false, Collections.<String, Value>singletonMap("unsupported", getValueFactory().createValue("value")));
fail("Unsupported restriction must be detected.");
} catch (AccessControlException e) {
// mandatory restriction missing -> success
}
}
示例12: testInvalidRestrictionType
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Test
public void testInvalidRestrictionType() throws Exception {
RestrictionProvider rp = new TestRestrictionProvider("restr", Type.NAME, false);
JackrabbitAccessControlList acl = createACL(getTestPath(), new ArrayList(), namePathMapper, rp);
try {
acl.addEntry(testPrincipal, testPrivileges, false, Collections.<String, Value>singletonMap("restr", getValueFactory().createValue(true)));
fail("Invalid restriction type.");
} catch (AccessControlException e) {
// mandatory restriction missing -> success
}
}
示例13: testMandatoryRestrictions
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Test
public void testMandatoryRestrictions() throws Exception {
RestrictionProvider rp = new TestRestrictionProvider("mandatory", Type.NAME, true);
JackrabbitAccessControlList acl = createACL(getTestPath(), new ArrayList(), namePathMapper, rp);
try {
acl.addEntry(testPrincipal, testPrivileges, false, Collections.<String, Value>emptyMap());
fail("Mandatory restriction must be enforced.");
} catch (AccessControlException e) {
// mandatory restriction missing -> success
}
}
示例14: addNormalEntry
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
private void addNormalEntry(boolean allow, final List<Privilege> privileges, final Principal principal,
final JackrabbitAccessControlList jackrabbitAcl) throws RepositoryException {
jackrabbitAcl.addEntry(principal, privileges.toArray(new Privilege[privileges.size()]), allow);
}
示例15: testSettingPrincipalBasedACL
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList; //导入方法依赖的package包/类
@Ignore
@Test
public void testSettingPrincipalBasedACL() throws RepositoryException {
// usual entry point into the Jackrabbit API
JackrabbitSession js = (JackrabbitSession) session;
// get user/principal for whom to read/set ACLs
// Note: the ACL security API works using Java Principals as high-level abstraction and does not
// assume the users are actually stored in the JCR with the Jackrabbit UserManagement; an example
// are external users provided by a custom LoginModule via LDAP
PrincipalManager pMgr = js.getPrincipalManager();
Principal principal = pMgr.getPrincipal(session.getUserID());
// alternatively: get the current user as Authorizable from the user management
// (there is a one-to-one mapping between Authorizables and Principals)
User user = ((User) js.getUserManager().getAuthorizable(session.getUserID()));
Principal principal2 = user.getPrincipal();
// get the Jackrabbit access control manager
JackrabbitAccessControlManager acMgr = (JackrabbitAccessControlManager) session.getAccessControlManager();
JackrabbitAccessControlPolicy[] ps = acMgr.getPolicies(principal); // or getApplicablePolicies()
JackrabbitAccessControlList list = (JackrabbitAccessControlList) ps[0];
// list entries
JackrabbitAccessControlEntry[] entries = (JackrabbitAccessControlEntry[]) list.getAccessControlEntries();
JackrabbitAccessControlEntry entry = entries[0];
// remove entry
list.removeAccessControlEntry(entry);
// add entry
Privilege[] privileges = new Privilege[] { acMgr.privilegeFromName(Privilege.JCR_READ) };
Map<String, Value> restrictions = new HashMap<String, Value>();
ValueFactory vf = session.getValueFactory();
restrictions.put("rep:nodePath", vf.createValue("/some/path", PropertyType.PATH));
restrictions.put("rep:glob", vf.createValue("*"));
list.addEntry(principal, privileges, true /* allow or deny */, restrictions);
// reorder entries
// list.orderBefore(entry, entry2);
// finally set policy again & save
acMgr.setPolicy(list.getPath(), list);
session.save();
}