public void testAddAccessControlEntry() throws NotExecutableException, RepositoryException { checkCanModifyAc(path); Privilege[] privileges = new Privilege[] {privs[0]}; AccessControlList acl = getList(acMgr, path); AccessControlEntry entry = null; if (acl.addAccessControlEntry(testPrincipal, privileges)) { AccessControlEntry[] aces = acl.getAccessControlEntries(); for (int i = 0; i < aces.length; i++) { if (aces[i].getPrincipal().equals(testPrincipal) && Arrays.asList(privileges).equals(Arrays.asList(aces[i].getPrivileges()))) { entry = aces[i]; } } if (entry == null) throw new NotExecutableException(); } else { throw new NotExecutableException(); } assertEquals( "Principal name of the ACE must be equal to the name of the passed Principal", testPrincipal.getName(), entry.getPrincipal().getName()); assertEquals( "Privileges of the ACE must be equal to the passed ones", Arrays.asList(privileges), Arrays.asList(entry.getPrivileges())); }
protected RepositoryFileAce toAce(final Session session, final AccessControlEntry acEntry) throws RepositoryException { Principal principal = acEntry.getPrincipal(); RepositoryFileSid sid = null; String name = principal.getName(); DefaultPermissionConversionHelper permissionConversionHelper = new DefaultPermissionConversionHelper(session); if (principal instanceof Group) { sid = new RepositoryFileSid( JcrTenantUtils.getRoleNameUtils().getPrincipleName(name), RepositoryFileSid.Type.ROLE); } else { sid = new RepositoryFileSid( JcrTenantUtils.getUserNameUtils().getPrincipleName(name), RepositoryFileSid.Type.USER); } logger.debug( String.format("principal class [%s]", principal.getClass().getName())); // $NON-NLS-1$ Privilege[] privileges = acEntry.getPrivileges(); return new RepositoryFileAce( sid, permissionConversionHelper.privilegesToPentahoPermissions(session, privileges)); }
public Privilege[] getPrivileges(String s) throws RepositoryException { Item item = registrySession.getItem(s); if (item instanceof Property) { throw new PathNotFoundException("No privilages can be added for Properties"); } Set<Privilege> privileges = new HashSet<Privilege>(); if (accessCtrlPolicies.get(s) instanceof RegistryAccessControlList) { AccessControlEntry[] accessNtries = ((RegistryAccessControlList) accessCtrlPolicies.get(s)).getAccessControlEntries(); for (AccessControlEntry ac : accessNtries) { if (ac != null) { privileges.addAll(Arrays.asList(ac.getPrivileges())); } } } else { // TODO check how to apply NamedAccessControlPolicy } // Read-only session must have READ privilege on test node if (RegistryJCRSpecificStandardLoderUtil.isSessionReadOnly(registrySession.getUserID()) && !privileges.contains(privilegeRegistry.getPrivilegeFromName(Privilege.JCR_READ))) { privileges.add(privilegeRegistry.getPrivilegeFromName(Privilege.JCR_READ)); } if (privileges.size() != 0) { return privileges.toArray(new Privilege[privileges.size()]); } else return new Privilege[0]; }
private static List<Privilege> currentPrivileges(AccessControlList acl, Principal principal) throws RepositoryException { List<Privilege> privileges = new ArrayList<Privilege>(); AccessControlEntry[] entries = acl.getAccessControlEntries(); for (int i = 0; i < entries.length; i++) { AccessControlEntry ace = entries[i]; if (principal.equals(ace.getPrincipal())) { privileges.addAll(Arrays.asList(ace.getPrivileges())); } } return privileges; }
private JcrAccessControlList getAccessList(AccessControlManager acm, Node node) throws RepositoryException { AccessControlList accessList = findAccessList(acm, node); if (accessList == null) { return JcrAccessControlList.defaultInstance(); } JcrAccessControlList acl = new JcrAccessControlList(); AccessControlEntry[] entries = accessList.getAccessControlEntries(); for (AccessControlEntry entry : entries) { JcrPolicy en = new JcrPolicy(); en.setPrincipal(entry.getPrincipal().getName()); Privilege[] privileges = entry.getPrivileges(); for (Privilege p : privileges) { en.add(new JcrPermission(p.getName())); } } return acl; }