@Test
public void testReadAclAfterCopy() {
DocumentModel folder1 = new DocumentModelImpl("/", "folder1", "Folder");
folder1 = session.createDocument(folder1);
DocumentModel folder2 = new DocumentModelImpl("/", "folder2", "Folder");
folder2 = session.createDocument(folder2);
DocumentModel doc = new DocumentModelImpl("/folder1", "doc", "File");
doc = session.createDocument(doc);
// set ACL on folder2
ACL acl = new ACLImpl();
acl.add(new ACE("Everyone", "Read", true));
ACP acp = new ACPImpl();
acp.addACL(acl);
folder2.setACP(acp, true);
session.save();
// doc under folder1 cannot be read by joe
try (CoreSession joeSession = openSessionAs("joe")) {
DocumentModelList list = joeSession.query("SELECT * FROM File");
assertEquals(0, list.size());
}
// copy doc under folder2
session.copy(doc.getRef(), folder2.getRef(), "doccopy");
session.save();
// check doc copy now readable by joe
try (CoreSession joeSession = openSessionAs("joe")) {
DocumentModelList list = joeSession.query("SELECT * FROM File");
assertEquals(1, list.size());
assertEquals("doccopy", list.get(0).getName());
}
}
@Override
public ACP getMergedACP(Document doc) {
Document base = doc.isVersion() ? doc.getSourceDocument() : doc;
if (base == null) {
return null;
}
ACP acp = getACP(base);
if (doc.getParent() == null) {
return acp;
}
// get inherited acls only if no blocking inheritance ACE exists in the top level acp.
ACL acl = null;
if (acp == null
|| acp.getAccess(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING) != Access.DENY) {
acl = getInheritedACLs(doc);
}
if (acp == null) {
if (acl == null) {
return null;
}
acp = new ACPImpl();
}
if (acl != null) {
acp.addACL(acl);
}
return acp;
}
@Test
public void testReadAclAfterSetACP() {
DocumentModel folder = new DocumentModelImpl("/", "folder", "Folder");
folder = session.createDocument(folder);
DocumentModel doc = new DocumentModelImpl("/folder", "doc", "File");
doc = session.createDocument(doc);
session.save();
// nothing can be seen by joe
try (CoreSession joeSession = openSessionAs("joe")) {
DocumentModelList list = joeSession.query("SELECT * FROM Folder");
assertEquals(0, list.size());
list = joeSession.query("SELECT * FROM File");
assertEquals(0, list.size());
}
// set ACL on folder
ACL acl = new ACLImpl();
acl.add(new ACE("Everyone", "Read", true));
ACP acp = new ACPImpl();
acp.addACL(acl);
folder.setACP(acp, true);
session.save();
// now joe sees things
try (CoreSession joeSession = openSessionAs("joe")) {
DocumentModelList list = joeSession.query("SELECT * FROM Folder");
assertEquals(1, list.size());
assertEquals(folder.getId(), list.get(0).getId());
list = joeSession.query("SELECT * FROM File");
assertEquals(1, list.size());
assertEquals(doc.getId(), list.get(0).getId());
}
}
@Test
public void testACLEscaping() {
// temporary set an Everything privileges on the root for anonymous
// so that we can create a folder
setPermissionToAnonymous(EVERYTHING);
DocumentModel root = session.getRootDocument();
DocumentModel folder = new DocumentModelImpl(root.getPathAsString(), "folder1", "Folder");
folder = session.createDocument(folder);
ACP acp = new ACPImpl();
ACL acl = new ACLImpl();
acl.add(new ACE("xyz", "Read", true));
acl.add(new ACE("abc@def<&>/ ", "Read", true));
acl.add(new ACE("caf\u00e9", "Read", true));
acl.add(new ACE("o'hara", "Read", true)); // name to quote
acl.add(new ACE("A_x1234_", "Read", true)); // name to quote
acp.addACL(acl);
folder.setACP(acp, true);
// check what we read
acp = folder.getACP();
assertNotNull(acp);
acl = acp.getACL(ACL.LOCAL_ACL);
assertEquals("xyz", acl.get(0).getUsername());
assertEquals("abc@def<&>/ ", acl.get(1).getUsername());
assertEquals("caf\u00e9", acl.get(2).getUsername());
assertEquals("o'hara", acl.get(3).getUsername());
assertEquals("A_x1234_", acl.get(4).getUsername());
}
protected void removePermissionToEveryone() {
DocumentModel doc = session.getRootDocument();
ACP acp = doc.getACP();
acp.removeACL("test");
doc.setACP(acp, true);
session.save();
}
protected void setPermission(
DocumentModel doc, String userName, String permission, boolean isGranted) {
ACP acp = session.getACP(doc.getRef());
ACL localACL = acp.getOrCreateACL(ACL.LOCAL_ACL);
localACL.add(new ACE(userName, permission, isGranted));
session.setACP(doc.getRef(), acp, true);
session.save();
}
@Test
public void testGetParentDocuments() {
setPermissionToAnonymous(EVERYTHING);
DocumentModel root = session.getRootDocument();
String name = "Workspaces#1";
DocumentModel workspaces = new DocumentModelImpl(root.getPathAsString(), name, "Workspace");
session.createDocument(workspaces);
String name2 = "repositoryWorkspace2#";
DocumentModel repositoryWorkspace =
new DocumentModelImpl(workspaces.getPathAsString(), name2, "Workspace");
repositoryWorkspace = session.createDocument(repositoryWorkspace);
String name3 = "ws#3";
DocumentModel ws1 =
new DocumentModelImpl(repositoryWorkspace.getPathAsString(), name3, "Workspace");
ws1 = session.createDocument(ws1);
String name4 = "ws#4";
DocumentModel ws2 = new DocumentModelImpl(ws1.getPathAsString(), name4, "Workspace");
session.createDocument(ws2);
if (session.isNegativeAclAllowed()) { // always false for Mem
ACP acp = new ACPImpl();
ACE denyRead = new ACE("test", READ, false);
ACL acl = new ACLImpl();
acl.setACEs(new ACE[] {denyRead});
acp.addACL(acl);
// TODO this produces a stack trace
repositoryWorkspace.setACP(acp, true);
ws1.setACP(acp, true);
}
session.save();
List<DocumentModel> ws2ParentsUnderAdministrator = session.getParentDocuments(ws2.getRef());
assertTrue(
"list parents for"
+ ws2.getName()
+ "under "
+ session.getPrincipal().getName()
+ " is not empty:",
!ws2ParentsUnderAdministrator.isEmpty());
CoreSession testSession = openSessionAs("test");
List<DocumentModel> ws2ParentsUnderTest = testSession.getParentDocuments(ws2.getRef());
assertTrue(
"list parents for"
+ ws2.getName()
+ "under "
+ testSession.getPrincipal().getName()
+ " is empty:",
ws2ParentsUnderTest.isEmpty());
closeSession(testSession);
}
@Test
public void shouldDenyAccessOnUnsupportedACL() throws Exception {
assumeTrue(session.isNegativeAclAllowed());
buildAndIndexTree();
DocumentModelList docs = ess.query(new NxQueryBuilder(session).nxql("select * from Document"));
Assert.assertEquals(10, docs.totalSize());
// check for user with no rights
CoreSession restrictedSession = getRestrictedSession("toto");
try {
docs = ess.query(new NxQueryBuilder(restrictedSession).nxql("select * from Document"));
Assert.assertEquals(0, docs.totalSize());
// add READ rights and check that user now has access
DocumentRef ref = new PathRef("/folder0/folder1/folder2");
ACP acp = new ACPImpl();
ACL acl = ACPImpl.newACL(ACL.LOCAL_ACL);
acl.add(new ACE("toto", SecurityConstants.READ, true));
acp.addACL(acl);
session.setACP(ref, acp, true);
TransactionHelper.commitOrRollbackTransaction();
waitForCompletion();
startTransaction();
docs =
ess.query(
new NxQueryBuilder(restrictedSession)
.nxql("select * from Document order by dc:title"));
Assert.assertEquals(8, docs.totalSize());
// Add an unsupported negative ACL
ref = new PathRef("/folder0/folder1/folder2/folder3/folder4/folder5");
acp = new ACPImpl();
acl = ACPImpl.newACL(ACL.LOCAL_ACL);
acl.add(new ACE("bob", SecurityConstants.EVERYTHING, false));
acp.addACL(acl);
session.setACP(ref, acp, true);
session.save();
TransactionHelper.commitOrRollbackTransaction();
waitForCompletion();
startTransaction();
docs =
ess.query(
new NxQueryBuilder(restrictedSession)
.nxql("select * from Document order by dc:title"));
// can view folder2, folder3 and folder4
Assert.assertEquals(3, docs.totalSize());
} finally {
restrictedSession.close();
}
}
@Test
public void shouldStoreOnlyEffectiveACEs() throws Exception {
buildAndIndexTree();
DocumentModelList docs = ess.query(new NxQueryBuilder(session).nxql("select * from Document"));
Assert.assertEquals(10, docs.totalSize());
CoreSession restrictedSession = getRestrictedSession("toto");
try {
docs = ess.query(new NxQueryBuilder(restrictedSession).nxql("select * from Document"));
Assert.assertEquals(0, docs.totalSize());
DocumentRef ref = new PathRef("/folder0");
ACP acp = new ACPImpl();
ACL acl = ACPImpl.newACL(ACL.LOCAL_ACL);
acl.add(ACE.builder("toto", SecurityConstants.READ).build());
acp.addACL(acl);
session.setACP(ref, acp, true);
TransactionHelper.commitOrRollbackTransaction();
waitForCompletion();
startTransaction();
docs =
ess.query(
new NxQueryBuilder(restrictedSession)
.nxql("select * from Document order by dc:title"));
Assert.assertEquals(10, docs.totalSize());
acp = new ACPImpl();
acl = ACPImpl.newACL(ACL.LOCAL_ACL);
// make the ACE archived
Date now = new Date();
Calendar begin = new GregorianCalendar();
begin.setTimeInMillis(now.toInstant().minus(10, ChronoUnit.DAYS).toEpochMilli());
Calendar end = new GregorianCalendar();
end.setTimeInMillis(now.toInstant().minus(2, ChronoUnit.DAYS).toEpochMilli());
acl.add(ACE.builder("toto", SecurityConstants.READ).begin(begin).end(end).build());
acp.addACL(acl);
session.setACP(ref, acp, true);
TransactionHelper.commitOrRollbackTransaction();
waitForCompletion();
startTransaction();
docs =
ess.query(
new NxQueryBuilder(restrictedSession)
.nxql("select * from Document order by dc:title"));
Assert.assertEquals(0, docs.totalSize());
} finally {
restrictedSession.close();
}
}
// assumes that the global "session" belongs to an Administrator
protected void setPermissionToAnonymous(String perm) {
DocumentModel doc = session.getRootDocument();
ACP acp = doc.getACP();
if (acp == null) {
acp = new ACPImpl();
}
UserEntryImpl userEntry = new UserEntryImpl("anonymous");
userEntry.addPrivilege(perm);
acp.setRules("test", new UserEntry[] {userEntry});
doc.setACP(acp, true);
session.save();
}
protected void resetPermissions(DocumentModel doc, String userName) {
ACP acp = session.getACP(doc.getRef());
ACL localACL = acp.getOrCreateACL(ACL.LOCAL_ACL);
Iterator<ACE> localACLIt = localACL.iterator();
while (localACLIt.hasNext()) {
ACE ace = localACLIt.next();
if (userName.equals(ace.getUsername())) {
localACLIt.remove();
}
}
session.setACP(doc.getRef(), acp, true);
session.save();
}
protected void setPermissionToEveryone(String... perms) {
DocumentModel doc = session.getRootDocument();
ACP acp = doc.getACP();
if (acp == null) {
acp = new ACPImpl();
}
UserEntryImpl userEntry = new UserEntryImpl(EVERYONE);
for (String perm : perms) {
userEntry.addPrivilege(perm);
}
acp.setRules("test", new UserEntry[] {userEntry});
doc.setACP(acp, true);
session.save();
}
@Test
public void testAllowVersionWriteACL() {
DocumentModel doc = session.createDocumentModel("/", "doc", "File");
doc = session.createDocument(doc);
DocumentRef verRef = session.checkIn(doc.getRef(), null, null);
DocumentModel ver = session.getDocument(verRef);
ACL acl = new ACLImpl("acl1", false);
ACE ace = new ACE("princ1", "perm1", true);
acl.add(ace);
ACP acp = new ACPImpl();
acp.addACL(acl);
// check that ACP can be set
ver.setACP(acp, true);
}
protected void resetPermissions(DocumentRef docRef, String userName) {
ACP acp = session.getACP(docRef);
ACL localACL = acp.getOrCreateACL(ACL.LOCAL_ACL);
Iterator<ACE> localACLIt = localACL.iterator();
while (localACLIt.hasNext()) {
ACE ace = localACLIt.next();
if (userName.equals(ace.getUsername())) {
localACLIt.remove();
}
}
session.setACP(docRef, acp, true);
TransactionHelper.commitOrRollbackTransaction();
TransactionHelper.startTransaction();
}
@Test
public void testReadAclSecurityUpdate() {
// check that aclOptimization update the user aclr cache
// NXP-13109
DocumentModel root = session.getRootDocument();
// Create a doc and set a new ACLR on it
DocumentModel doc = new DocumentModelImpl(root.getPathAsString(), "foo", "Folder");
doc = session.createDocument(doc);
ACP acp = doc.getACP();
assertNotNull(acp);
acp = new ACPImpl();
ACL acl = new ACLImpl();
acl.add(new ACE("Everyone", "Read", true));
acp.addACL(acl);
doc.setACP(acp, true);
session.save();
CoreSession joeSession = openSessionAs("joe");
try {
DocumentModelList list;
list = joeSession.query("SELECT * FROM Folder");
assertEquals(1, list.size());
// Remove the document, so the ACLR created is not anymore assigned
session.removeDocument(doc.getRef());
session.save();
list = joeSession.query("SELECT * FROM Folder");
assertEquals(0, list.size());
} finally {
closeSession(joeSession);
}
CoreSession bobSession = openSessionAs("bob");
try {
DocumentModelList list;
// Perform a query to init the ACLR cache
list = bobSession.query("SELECT * FROM Folder");
assertEquals(0, list.size());
// Create a new doc with the same ACLR
doc = new DocumentModelImpl(root.getPathAsString(), "bar", "Folder");
doc = session.createDocument(doc);
doc.setACP(acp, true);
session.save();
// Check that the ACLR has been added to the user cache
list = bobSession.query("SELECT * FROM Folder");
assertEquals(1, list.size());
} finally {
closeSession(bobSession);
}
}
@Test
public void testReadAclAfterCreate() {
DocumentModel folder = new DocumentModelImpl("/", "folder", "Folder");
folder = session.createDocument(folder);
session.save();
// folder can be seen by a member
UserPrincipal joeMember =
new UserPrincipal("joe", Arrays.asList("Everyone", "members"), false, false);
try (CoreSession joeSession = openSessionAs(joeMember)) {
DocumentModelList list = joeSession.query("SELECT * FROM Folder");
assertEquals(1, list.size());
assertEquals(folder.getId(), list.get(0).getId());
}
// but not as a non-member
try (CoreSession joeSession = openSessionAs("joe")) {
DocumentModelList list = joeSession.query("SELECT * FROM Folder");
assertEquals(0, list.size());
}
// set ACL on folder
ACL acl = new ACLImpl();
acl.add(new ACE("Everyone", "Read", true));
ACP acp = new ACPImpl();
acp.addACL(acl);
folder.setACP(acp, true);
session.save();
// the folder can be seen by joe
try (CoreSession joeSession = openSessionAs("joe")) {
DocumentModelList list = joeSession.query("SELECT * FROM Folder");
assertEquals(1, list.size());
assertEquals(folder.getId(), list.get(0).getId());
}
// create a doc under the folder
DocumentModel doc = new DocumentModelImpl("/folder", "doc", "File");
doc = session.createDocument(doc);
session.save();
// the doc can be seen by joe
try (CoreSession joeSession = openSessionAs("joe")) {
DocumentModelList list = joeSession.query("SELECT * FROM File");
assertEquals(1, list.size());
assertEquals(doc.getId(), list.get(0).getId());
}
}
protected void checkNegativeAcl(ACP acp) {
if (negativeAclAllowed) {
return;
}
if (acp == null) {
return;
}
for (ACL acl : acp.getACLs()) {
if (acl.getName().equals(ACL.INHERITED_ACL)) {
continue;
}
for (ACE ace : acl.getACEs()) {
if (ace.isGranted()) {
continue;
}
String permission = ace.getPermission();
if (permission.equals(SecurityConstants.EVERYTHING)
&& ace.getUsername().equals(SecurityConstants.EVERYONE)) {
continue;
}
// allow Write, as we're sure it doesn't include Read/Browse
if (permission.equals(SecurityConstants.WRITE)) {
continue;
}
throw new IllegalArgumentException("Negative ACL not allowed: " + ace);
}
}
}
// security on versions, see TestLocalAPIWithCustomVersioning
@Test
public void testVersionSecurity() throws Exception {
DocumentModel folder = new DocumentModelImpl("/", "folder", "Folder");
folder = session.createDocument(folder);
ACP acp = new ACPImpl();
ACE ace = new ACE("princ1", "perm1", true);
ACL acl = new ACLImpl("acl1", false);
acl.add(ace);
acp.addACL(acl);
session.setACP(folder.getRef(), acp, true);
DocumentModel file = new DocumentModelImpl("/folder", "file", "File");
file = session.createDocument(file);
// set security
acp = new ACPImpl();
ace = new ACE("princ2", "perm2", true);
acl = new ACLImpl("acl2", false);
acl.add(ace);
acp.addACL(acl);
session.setACP(file.getRef(), acp, true);
session.save();
DocumentModel proxy = session.publishDocument(file, folder);
DocumentModel version = session.getLastDocumentVersion(file.getRef());
session.save();
// check security on version
acp = session.getACP(version.getRef());
ACL[] acls = acp.getACLs();
assertEquals(2, acls.length);
acl = acls[0];
assertEquals(1, acl.size());
assertEquals("princ2", acl.get(0).getUsername());
acl = acls[1];
assertEquals(1 + 3, acl.size()); // 1 + 3 root defaults
assertEquals("princ1", acl.get(0).getUsername());
// remove live document (there's a proxy so the version stays)
session.removeDocument(file.getRef());
session.save();
// recheck security on version (works because we're administrator)
acp = session.getACP(version.getRef());
assertNull(acp);
// check proxy still accessible (in another session)
try (CoreSession session2 = openSessionAs(SecurityConstants.ADMINISTRATOR)) {
session2.getDocument(proxy.getRef());
}
}
@Test
public void testEmptyLocalACL() throws Exception {
DocumentModel doc = session.createDocumentModel("/", "folder", "Folder");
doc = session.createDocument(doc);
ACP acp = doc.getACP();
ACL acl = acp.getOrCreateACL();
// don't add anything
doc.setACP(acp, true);
session.save();
nextTransaction();
session.getDocument(doc.getRef());
acp = doc.getACP();
acl = acp.getACL(ACL.LOCAL_ACL);
assertNull(acl);
}
// unit tested
protected static ACLRow[] updateAclRows(ACLRow[] aclrows, ACP acp) {
List<ACLRow> newaclrows = new LinkedList<ACLRow>();
Map<String, ACL> aclmap = new HashMap<String, ACL>();
for (ACL acl : acp.getACLs()) {
String name = acl.getName();
if (ACL.INHERITED_ACL.equals(name)) {
continue;
}
aclmap.put(name, acl);
}
List<ACE> aces = Collections.emptyList();
Set<String> aceKeys = null;
String name = null;
for (ACLRow aclrow : aclrows) {
// new acl?
if (!aclrow.name.equals(name)) {
// finish remaining aces
for (ACE ace : aces) {
addACLRow(newaclrows, name, ace);
}
// start next round
name = aclrow.name;
ACL acl = aclmap.remove(name);
aces =
acl == null
? Collections.<ACE>emptyList()
: new LinkedList<ACE>(Arrays.asList(acl.getACEs()));
aceKeys = new HashSet<String>();
for (ACE ace : aces) {
aceKeys.add(getACEkey(ace));
}
}
if (!aceKeys.contains(getACLrowKey(aclrow))) {
// no match, keep the aclrow info instead of the ace
newaclrows.add(
new ACLRow(
newaclrows.size(),
name,
aclrow.grant,
aclrow.permission,
aclrow.user,
aclrow.group));
}
}
// finish remaining aces for last acl done
for (ACE ace : aces) {
addACLRow(newaclrows, name, ace);
}
// do non-done acls
for (ACL acl : aclmap.values()) {
name = acl.getName();
for (ACE ace : acl.getACEs()) {
addACLRow(newaclrows, name, ace);
}
}
ACLRow[] array = new ACLRow[newaclrows.size()];
return newaclrows.toArray(array);
}
protected ACL getInheritedACLs(Document doc) {
doc = doc.getParent();
ACL merged = null;
while (doc != null) {
ACP acp = getACP(doc);
if (acp != null) {
ACL acl = acp.getMergedACLs(ACL.INHERITED_ACL);
if (merged == null) {
merged = acl;
} else {
merged.addAll(acl);
}
if (acp.getAccess(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING)
== Access.DENY) {
break;
}
}
doc = doc.getParent();
}
return merged;
}
protected DocumentRef createDocumentModelWithSamplePermissions(String name) {
DocumentModel root = session.getRootDocument();
DocumentModel doc = new DocumentModelImpl(root.getPathAsString(), name, "Folder");
doc = session.createDocument(doc);
ACP acp = doc.getACP();
ACL localACL = acp.getOrCreateACL();
localACL.add(new ACE("joe_reader", READ, true));
localACL.add(new ACE("joe_contributor", READ, true));
localACL.add(new ACE("joe_contributor", WRITE_PROPERTIES, true));
localACL.add(new ACE("joe_contributor", ADD_CHILDREN, true));
localACL.add(new ACE("joe_localmanager", READ, true));
localACL.add(new ACE("joe_localmanager", WRITE, true));
localACL.add(new ACE("joe_localmanager", WRITE_SECURITY, true));
acp.addACL(localACL);
doc.setACP(acp, true);
// add the permission to remove children on the root
ACP rootACP = root.getACP();
ACL rootACL = rootACP.getOrCreateACL();
rootACL.add(new ACE("joe_localmanager", REMOVE_CHILDREN, true));
rootACP.addACL(rootACL);
root.setACP(rootACP, true);
// make it visible for others
session.save();
return doc.getRef();
}
// unit tested
protected static ACLRow[] acpToAclRows(ACP acp) {
List<ACLRow> aclrows = new LinkedList<ACLRow>();
for (ACL acl : acp.getACLs()) {
String name = acl.getName();
if (name.equals(ACL.INHERITED_ACL)) {
continue;
}
for (ACE ace : acl.getACEs()) {
addACLRow(aclrows, name, ace);
}
}
ACLRow[] array = new ACLRow[aclrows.size()];
return aclrows.toArray(array);
}
// unit tested
protected static ACP aclRowsToACP(ACLRow[] acls) {
ACP acp = new ACPImpl();
ACL acl = null;
String name = null;
for (ACLRow aclrow : acls) {
if (!aclrow.name.equals(name)) {
if (acl != null) {
acp.addACL(acl);
}
name = aclrow.name;
acl = new ACLImpl(name);
}
// XXX should prefix user/group
String user = aclrow.user;
if (user == null) {
user = aclrow.group;
}
acl.add(new ACE(user, aclrow.permission, aclrow.grant));
}
if (acl != null) {
acp.addACL(acl);
}
return acp;
}
@Test
public void testACPInheritance() throws Exception {
DocumentModel root = new DocumentModelImpl("/", "testACPInheritance", "Folder");
root = session.createDocument(root);
DocumentModel doc = new DocumentModelImpl("/testACPInheritance", "folder", "Folder");
doc = session.createDocument(doc);
ACP rootAcp = root.getACP();
ACL localACL = rootAcp.getOrCreateACL();
localACL.add(new ACE("joe_reader", READ, true));
root.setACP(rootAcp, true);
ACP acp = doc.getACP();
localACL = acp.getOrCreateACL();
localACL.add(new ACE("joe_contributor", WRITE, true));
doc.setACP(acp, true);
session.save();
doc = session.getDocument(new PathRef("/testACPInheritance/folder"));
acp = doc.getACP();
ACL acl = acp.getACL(ACL.INHERITED_ACL);
assertEquals("joe_reader", acl.getACEs()[0].getUsername());
// block inheritance
acp.getOrCreateACL()
.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false));
doc.setACP(acp, true);
session.save();
// now the inherited acl should be null
doc = session.getDocument(new PathRef("/testACPInheritance/folder"));
acp = doc.getACP();
acl = acp.getACL(ACL.INHERITED_ACL);
assertNull(acl);
}
@Test
public void testReadAclSecurity() {
// Check that all permissions that contain Browse enable to list a
// document using aclOptimization
SecurityService securityService = NXCore.getSecurityService();
String[] browsePermissions = securityService.getPermissionsToCheck(BROWSE);
// Check for test permission contribution
assertTrue(Arrays.asList(browsePermissions).contains("ViewTest"));
List<String> docNames = new ArrayList<String>(browsePermissions.length);
DocumentModel root = session.getRootDocument();
for (String permission : browsePermissions) {
// Create a folder with only the browse permission
String name = "joe-has-" + permission + "-permission";
docNames.add(name);
DocumentModel folder = new DocumentModelImpl(root.getPathAsString(), name, "Folder");
folder = session.createDocument(folder);
ACP acp = folder.getACP();
assertNotNull(acp); // the acp inherited from root is returned
acp = new ACPImpl();
ACL acl = new ACLImpl();
acl.add(new ACE("joe", permission, true));
acp.addACL(acl);
folder.setACP(acp, true);
}
session.save();
CoreSession joeSession = openSessionAs("joe");
try {
DocumentModelList list;
list = joeSession.query("SELECT * FROM Folder");
List<String> names = new ArrayList<String>();
for (DocumentModel doc : list) {
names.add(doc.getName());
}
assertEquals(
"Expecting " + docNames + " got " + names, browsePermissions.length, list.size());
list = joeSession.query("SELECT * FROM Folder WHERE ecm:isProxy = 0");
names.clear();
for (DocumentModel doc : list) {
names.add(doc.getName());
}
assertEquals(
"Expecting " + docNames + " got " + names, browsePermissions.length, list.size());
// Add a new folder to update the read acls
DocumentModel folder = new DocumentModelImpl(root.getPathAsString(), "new-folder", "Folder");
folder = session.createDocument(folder);
ACP acp = folder.getACP();
assertNotNull(acp); // the acp inherited from root is returned
acp = new ACPImpl();
ACL acl = new ACLImpl();
acl.add(new ACE("joe", browsePermissions[0], true));
acl.add(new ACE("bob", browsePermissions[0], true));
acp.addACL(acl);
folder.setACP(acp, true);
session.save();
list = joeSession.query("SELECT * FROM Folder");
assertEquals(browsePermissions.length + 1, list.size());
} finally {
closeSession(joeSession);
}
}
@Test
public void shouldFilterTreeOnSecurity() throws Exception {
buildAndIndexTree();
DocumentModelList docs = ess.query(new NxQueryBuilder(session).nxql("select * from Document"));
Assert.assertEquals(10, docs.totalSize());
// check for user with no rights
startTransaction();
CoreSession restrictedSession = getRestrictedSession("toto");
try {
docs = ess.query(new NxQueryBuilder(restrictedSession).nxql("select * from Document"));
Assert.assertEquals(0, docs.totalSize());
// add READ rights and check that user now has access
DocumentRef ref = new PathRef("/folder0/folder1/folder2");
ACP acp = new ACPImpl();
ACL acl = ACPImpl.newACL(ACL.LOCAL_ACL);
acl.add(new ACE("toto", SecurityConstants.READ, true));
acp.addACL(acl);
session.setACP(ref, acp, true);
TransactionHelper.commitOrRollbackTransaction();
waitForCompletion();
if (syncMode) {
// in sync we split recursive update into 2 commands:
// 1 sync non recurse + 1 async recursive
assertNumberOfCommandProcessed(9);
} else {
assertNumberOfCommandProcessed(8);
}
startTransaction();
docs = ess.query(new NxQueryBuilder(restrictedSession).nxql("select * from Document"));
Assert.assertEquals(8, docs.totalSize());
// block rights and check that blocking is taken into account
ref = new PathRef("/folder0/folder1/folder2/folder3/folder4/folder5");
acp = new ACPImpl();
acl = ACPImpl.newACL(ACL.LOCAL_ACL);
acl.add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false));
acl.add(new ACE("Administrator", SecurityConstants.EVERYTHING, true));
acp.addACL(acl);
session.setACP(ref, acp, true);
session.save();
TransactionHelper.commitOrRollbackTransaction();
waitForCompletion();
if (syncMode) {
assertNumberOfCommandProcessed(6);
} else {
assertNumberOfCommandProcessed(5);
}
startTransaction();
docs = ess.query(new NxQueryBuilder(restrictedSession).nxql("select * from Document"));
Assert.assertEquals(3, docs.totalSize());
} finally {
restrictedSession.close();
}
}
@Test
public void testSecurity() {
// temporary set an Everything privileges on the root for anonymous
// so that we can create a folder
setPermissionToAnonymous(EVERYTHING);
CoreSession anonSession = openSessionAs("anonymous");
try {
DocumentModel root = anonSession.getRootDocument();
DocumentModel folder = new DocumentModelImpl(root.getPathAsString(), "folder#1", "Folder");
folder = anonSession.createDocument(folder);
ACP acp = folder.getACP();
assertNotNull(acp); // the acp inherited from root is returned
acp = new ACPImpl();
ACL acl = new ACLImpl();
acl.add(new ACE("a", "Read", true));
acl.add(new ACE("b", "Write", true));
acp.addACL(acl);
folder.setACP(acp, true);
acp = folder.getACP();
assertNotNull(acp);
assertEquals("a", acp.getACL(ACL.LOCAL_ACL).get(0).getUsername());
assertEquals("b", acp.getACL(ACL.LOCAL_ACL).get(1).getUsername());
assertSame(GRANT, acp.getAccess("a", "Read"));
assertSame(UNKNOWN, acp.getAccess("a", "Write"));
assertSame(GRANT, acp.getAccess("b", "Write"));
assertSame(UNKNOWN, acp.getAccess("b", "Read"));
assertSame(UNKNOWN, acp.getAccess("c", "Read"));
assertSame(UNKNOWN, acp.getAccess("c", "Write"));
// insert a deny Write ACE before the GRANT
acp.getACL(ACL.LOCAL_ACL).add(0, new ACE("b", "Write", false));
// store changes
folder.setACP(acp, true);
// refetch ac
acp = folder.getACP();
// check perms now
assertSame(GRANT, acp.getAccess("a", "Read"));
assertSame(UNKNOWN, acp.getAccess("a", "Write"));
assertSame(DENY, acp.getAccess("b", "Write"));
assertSame(UNKNOWN, acp.getAccess("b", "Read"));
assertSame(UNKNOWN, acp.getAccess("c", "Read"));
assertSame(UNKNOWN, acp.getAccess("c", "Write"));
// create a child document and grant on it the write for b
// remove anonymous Everything privileges on the root
// so that it not influence test results
removePermissionToAnonymous();
anonSession.save(); // process invalidations
try {
DocumentModel folder2 =
new DocumentModelImpl(folder.getPathAsString(), "folder#2", "Folder");
folder2 = anonSession.createDocument(folder2);
fail("privilege is granted but should not be");
} catch (DocumentSecurityException e) {
// ok
}
setPermissionToAnonymous(EVERYTHING);
anonSession.save(); // process invalidations
root = anonSession.getRootDocument();
// and try again - this time it should work
DocumentModel folder2 = new DocumentModelImpl(folder.getPathAsString(), "folder#2", "Folder");
folder2 = anonSession.createDocument(folder2);
ACP acp2 = new ACPImpl();
acl = new ACLImpl();
acl.add(new ACE("b", "Write", true));
acp2.addACL(acl);
folder2.setACP(acp2, true);
acp2 = folder2.getACP();
assertSame(GRANT, acp2.getAccess("a", "Read"));
assertSame(UNKNOWN, acp2.getAccess("a", "Write"));
assertSame(GRANT, acp2.getAccess("b", "Write"));
assertSame(UNKNOWN, acp2.getAccess("b", "Read"));
assertSame(UNKNOWN, acp2.getAccess("c", "Read"));
assertSame(UNKNOWN, acp2.getAccess("c", "Write"));
// remove anonymous Everything privileges on the root
// so that it not influence test results
removePermissionToAnonymous();
anonSession.save(); // process invalidations
setPermissionToEveryone(WRITE, REMOVE, ADD_CHILDREN, REMOVE_CHILDREN, READ);
root = anonSession.getRootDocument();
DocumentModel folder3 = new DocumentModelImpl(folder.getPathAsString(), "folder#3", "Folder");
folder3 = anonSession.createDocument(folder3);
anonSession.removeDocument(folder3.getRef());
removePermissionToEveryone();
setPermissionToEveryone(REMOVE);
anonSession.save(); // process invalidations
try {
folder3 = new DocumentModelImpl(folder.getPathAsString(), "folder#3", "Folder");
folder3 = anonSession.createDocument(folder3);
fail();
} catch (Exception e) {
}
} finally {
closeSession(anonSession);
}
}
