Package org.apache.jackrabbit.api.security.user

Examples of org.apache.jackrabbit.api.security.user.Impersonation

180
181
182
183
184
185
186
187
188
189
190
191
192
193
        Principal p = getTestPrincipal();
        String childID = userMgr.createUser(p.getName(), buildPassword(p), p, uPath).getID();
        try {
            Authorizable child = uMgr.getAuthorizable(childID);

            Impersonation impers = ((User) child).getImpersonation();
            Principal himselfP = uMgr.getAuthorizable(uID).getPrincipal();
            assertFalse(impers.allows(buildSubject(himselfP)));
            impers.grantImpersonation(himselfP);
            fail("A non-administrator user should not be allowed modify Impersonation of a child user.");
        } catch (AccessDeniedException e) {
            // success
        }
View Full Code Here
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
    public void testImpersonationOfOtherUser() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);
        Principal selfPrinc = umgr.getAuthorizable(uID).getPrincipal();

        User child = (User) umgr.getAuthorizable(getChildID());
        Impersonation impers = child.getImpersonation();
        assertFalse(impers.allows(buildSubject(selfPrinc)));
        try {
            assertFalse(impers.grantImpersonation(selfPrinc));
        } catch (AccessDeniedException e) {
            // ok.
        }
        assertFalse(impers.allows(buildSubject(selfPrinc)));

        User parent = (User) umgr.getAuthorizable(parentUID);
        impers = parent.getImpersonation();
        assertFalse(impers.allows(buildSubject(selfPrinc)));
        try {
            assertFalse(impers.grantImpersonation(selfPrinc));
        } catch (AccessDeniedException e) {
            // ok.
        }
        assertFalse(impers.allows(buildSubject(selfPrinc)));
    }
View Full Code Here
184
185
186
187
188
189
190
191
192
193
194
195
196
197
        // create a new user -> must succeed and user must be create below 'other'
        try {
            Principal p = getTestPrincipal();
            u = umgr.createUser(p.getName(), buildPassword(p));

            Impersonation impers = u.getImpersonation();
            assertFalse(impers.allows(buildSubject(otherP)));
            assertTrue(impers.grantImpersonation(otherP));
            assertTrue(impers.allows(buildSubject(otherP)));
        } finally {
            // impersonation get removed while removing the user u.
            if (u != null) {
                u.remove();
            }
View Full Code Here
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
    }

    public void testModifyImpersonationOfParentUser() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(otherSession);
        User u = (User) umgr.getAuthorizable(uID);
        Impersonation uImpl = u.getImpersonation();

        Principal otherP = umgr.getAuthorizable(otherUID).getPrincipal();

        if (!uImpl.allows(buildSubject(otherP))) {
            // ... trying to modify 'impersonators of 'uid' must not succeed.
            try {
                assertFalse(uImpl.grantImpersonation(otherP));
            } catch (AccessDeniedException e) {
                // success
            } finally {
                assertFalse(uImpl.allows(buildSubject(otherP)));
                uImpl.revokeImpersonation(otherP);
            }
        } else {
            throw new NotExecutableException("Cannot execute test. OtherP can already impersonate UID-user.");
        }
    }
View Full Code Here
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
        User u = null;
        try {
            Principal p = getTestPrincipal();
            u = umgr.createUser(p.getName(), buildPassword(p));

            Impersonation impers = u.getImpersonation();
            assertFalse(impers.allows(buildSubject(otherP)));
            assertTrue(impers.grantImpersonation(otherP));
            assertTrue(impers.allows(buildSubject(otherP)));
        } finally {
            // impersonation get removed while removing the user u.
            if (u != null) {
                u.remove();
            }
        }

        // modify impersonation of another user
        u = (User) umgr.getAuthorizable(uID);
        Impersonation uImpl = u.getImpersonation();
        if (!uImpl.allows(buildSubject(otherP))) {
            // ... trying to modify 'impersonators of another user must succeed
            assertTrue(uImpl.grantImpersonation(otherP));
            assertTrue(uImpl.allows(buildSubject(otherP)));
            uImpl.revokeImpersonation(otherP);
        } else {
            throw new NotExecutableException("Cannot execute test. OtherP can already impersonate UID-user.");
        }
    }
View Full Code Here
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
        Authorizable child = userMgr.createUser(p.getName(), buildPassword(p), p, uPath);
        try {
            p = child.getPrincipal();

            Authorizable himself = uMgr.getAuthorizable(uID);
            Impersonation impers = ((User) himself).getImpersonation();

            assertFalse(impers.allows(buildSubject(p)));
            assertTrue(impers.grantImpersonation(p));
            assertTrue(impers.allows(buildSubject(p)));
            assertTrue(impers.revokeImpersonation(p));
            assertFalse(impers.allows(buildSubject(p)));

        } finally {
            // let superuser do clean up.
            child.remove();
        }
View Full Code Here
180
181
182
183
184
185
186
187
188
189
190
191
192
193
        Principal p = getTestPrincipal();
        String childID = userMgr.createUser(p.getName(), buildPassword(p), p, uPath).getID();
        try {
            Authorizable child = uMgr.getAuthorizable(childID);

            Impersonation impers = ((User) child).getImpersonation();
            Principal himselfP = uMgr.getAuthorizable(uID).getPrincipal();
            assertFalse(impers.allows(buildSubject(himselfP)));
            impers.grantImpersonation(himselfP);
            fail("A non-administrator user should not be allowed modify Impersonation of a child user.");
        } catch (AccessDeniedException e) {
            // success
        }
View Full Code Here
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
    public void testImpersonationOfOtherUser() throws RepositoryException, NotExecutableException {
        UserManager umgr = getUserManager(uSession);
        Principal selfPrinc = umgr.getAuthorizable(uID).getPrincipal();

        User child = (User) umgr.getAuthorizable(getYetAnotherID());
        Impersonation impers = child.getImpersonation();
        assertFalse(impers.allows(buildSubject(selfPrinc)));
        try {
            assertFalse(impers.grantImpersonation(selfPrinc));
        } catch (AccessDeniedException e) {
            // ok.
        }
        assertFalse(impers.allows(buildSubject(selfPrinc)));

        User parent = (User) umgr.getAuthorizable(otherUID);
        impers = parent.getImpersonation();
        assertFalse(impers.allows(buildSubject(selfPrinc)));
        try {
            assertFalse(impers.grantImpersonation(selfPrinc));
        } catch (AccessDeniedException e) {
            // ok.
        }
        assertFalse(impers.allows(buildSubject(selfPrinc)));
    }
View Full Code Here
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
            Authorizable a = userManager.getAuthorizable(userId);
            if (a == null || a.isGroup()) {
                throw new RepositoryException(userId + " does not represent a valid user.");
            }

            Impersonation imp = checkNotNull(((User) a).getImpersonation());

            // 1. collect principals to add and to remove.
            Map<String, Principal> toRemove = new HashMap<String, Principal>();
            for (PrincipalIterator pit = imp.getImpersonators(); pit.hasNext(); ) {
                Principal p = pit.nextPrincipal();
                toRemove.put(p.getName(), p);
            }

            List<String> toAdd = new ArrayList<String>();
            for (final String principalName : principalNames) {
                if (toRemove.remove(principalName) == null) {
                    // add it to the list of new impersonators to be added.
                    toAdd.add(principalName);
                } // else: no need to revoke impersonation for the given principal.
            }

            // 2. adjust set of impersonators
            for (Principal p : toRemove.values()) {
                if (!imp.revokeImpersonation(p)) {
                    String principalName = p.getName();
                    handleFailure("Failed to revoke impersonation for " + principalName + " on " + a);
                }
            }
            List<String> nonExisting = new ArrayList<String>();
            for (String principalName : toAdd) {
                Principal principal = (principals.containsKey(principalName)) ?
                        principals.get(principalName) :
                        new PrincipalImpl(principalName);
                if (!imp.grantImpersonation(principal)) {
                    handleFailure("Failed to grant impersonation for " + principalName + " on " + a);
                    if (importBehavior == ImportBehavior.BESTEFFORT &&
                            getPrincipalManager().getPrincipal(principalName) == null) {
                        log.info("ImportBehavior.BESTEFFORT: Remember non-existing impersonator for special processing.");
                        nonExisting.add(principalName);
View Full Code Here
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
            Authorizable a = userManager.getAuthorizable(userId);
            if (a == null || a.isGroup()) {
                throw new RepositoryException(userId + " does not represent a valid user.");
            }

            Impersonation imp = checkNotNull(((User) a).getImpersonation());

            // 1. collect principals to add and to remove.
            Map<String, Principal> toRemove = new HashMap<String, Principal>();
            for (PrincipalIterator pit = imp.getImpersonators(); pit.hasNext(); ) {
                Principal princ = pit.nextPrincipal();
                toRemove.put(princ.getName(), princ);
            }

            List<String> toAdd = new ArrayList<String>();
            for (final String principalName : principalNames) {
                if (toRemove.remove(principalName) == null) {
                    // add it to the list of new impersonators to be added.
                    toAdd.add(principalName);
                } // else: no need to revoke impersonation for the given principal.
            }

            // 2. adjust set of impersonators
            for (Principal princicpal : toRemove.values()) {
                if (!imp.revokeImpersonation(princicpal)) {
                    String principalName = princicpal.getName();
                    handleFailure("Failed to revoke impersonation for " + principalName + " on " + a);
                }
            }
            List<String> nonExisting = new ArrayList<String>();
            for (String principalName : toAdd) {
                Principal principal = (principals.containsKey(principalName)) ?
                        principals.get(principalName) :
                        new PrincipalImpl(principalName);
                if (!imp.grantImpersonation(principal)) {
                    handleFailure("Failed to grant impersonation for " + principalName + " on " + a);
                    if (importBehavior == ImportBehavior.BESTEFFORT &&
                            getPrincipalManager().getPrincipal(principalName) == null) {
                        log.info("ImportBehavior.BESTEFFORT: Remember non-existing impersonator for special processing.");
                        nonExisting.add(principalName);
View Full Code Here
TOP

Related Classes of org.apache.jackrabbit.api.security.user.Impersonation

  • org.apache.jackrabbit.core.security.user.GroupAdministratorTest
  • org.apache.jackrabbit.core.security.user.ImpersonationImplTest
  • org.apache.jackrabbit.core.security.user.NotUserAdministratorTest
  • org.apache.jackrabbit.core.security.user.UserAdministratorTest
  • org.apache.jackrabbit.core.security.user.UserImporter
  • org.apache.jackrabbit.core.security.user.UserImporterTest
  • org.apache.jackrabbit.oak.jcr.delegate.UserDelegator
  • org.apache.jackrabbit.oak.jcr.security.user.ImpersonationImplTest
  • org.apache.jackrabbit.oak.jcr.security.user.ImpersonationTest
  • org.apache.jackrabbit.oak.jcr.security.user.SystemUserImportTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.