Example 6 with Database
use of org.exist.Database in project exist by eXist-db.
the class SimpleACLPermissionTest method addACE_ForUserWithModeString.
@Test
public void addACE_ForUserWithModeString() throws PermissionDeniedException {
final SecurityManager mockSecurityManager = EasyMock.createMock(SecurityManager.class);
final Database mockDatabase = EasyMock.createMock(Database.class);
final DBBroker mockBroker = EasyMock.createMock(DBBroker.class);
final Subject mockCurrentSubject = EasyMock.createMock(Subject.class);
final Account mockAccount = EasyMock.createMock(Account.class);
SimpleACLPermission permission = new SimpleACLPermission(mockSecurityManager);
assertEquals(0, permission.getACECount());
final int userId = 1112;
final String userName = "aretter";
final String mode = "rwx";
expect(mockSecurityManager.getDatabase()).andReturn(mockDatabase);
expect(mockDatabase.getActiveBroker()).andReturn(mockBroker);
expect(mockBroker.getCurrentSubject()).andReturn(mockCurrentSubject);
expect(mockCurrentSubject.hasDbaRole()).andReturn(true);
expect(mockSecurityManager.getAccount(userName)).andReturn(mockAccount);
expect(mockAccount.getId()).andReturn(userId);
replay(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject, mockAccount);
permission.addACE(ACE_ACCESS_TYPE.ALLOWED, ACE_TARGET.USER, userName, mode);
verify(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject, mockAccount);
assertEquals(1, permission.getACECount());
assertEquals(userId, permission.getACEId(0));
assertEquals(ACE_ACCESS_TYPE.ALLOWED, permission.getACEAccessType(0));
assertEquals(ACE_TARGET.USER, permission.getACETarget(0));
assertEquals(ALL, permission.getACEMode(0));
}Example 7 with Database
use of org.exist.Database in project exist by eXist-db.
the class SimpleACLPermissionTest method remove_firstACE.
@Test
public void remove_firstACE() throws PermissionDeniedException {
final SecurityManager mockSecurityManager = EasyMock.createMock(SecurityManager.class);
final Database mockDatabase = EasyMock.createMock(Database.class);
final DBBroker mockBroker = EasyMock.createMock(DBBroker.class);
final Subject mockCurrentSubject = EasyMock.createMock(Subject.class);
expect(mockSecurityManager.getDatabase()).andReturn(mockDatabase).times(3);
expect(mockDatabase.getActiveBroker()).andReturn(mockBroker).times(3);
expect(mockBroker.getCurrentSubject()).andReturn(mockCurrentSubject).times(3);
expect(mockCurrentSubject.hasDbaRole()).andReturn(true).times(3);
replay(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject);
SimpleACLPermission permission = new SimpleACLPermission(mockSecurityManager);
assertEquals(0, permission.getACECount());
permission.addUserACE(ACE_ACCESS_TYPE.ALLOWED, 1, ALL);
final int secondUserId = 2;
permission.addUserACE(ACE_ACCESS_TYPE.ALLOWED, secondUserId, ALL);
assertEquals(2, permission.getACECount());
permission.removeACE(0);
assertEquals(1, permission.getACECount());
assertEquals(ACE_ACCESS_TYPE.ALLOWED, permission.getACEAccessType(0));
assertEquals(ACE_TARGET.USER, permission.getACETarget(0));
assertEquals(secondUserId, permission.getACEId(0));
verify(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject);
}Example 8 with Database
use of org.exist.Database in project exist by eXist-db.
the class SimpleACLPermissionTest method addACE_ForGroupWithModeString.
@Test
public void addACE_ForGroupWithModeString() throws PermissionDeniedException {
final SecurityManager mockSecurityManager = EasyMock.createMock(SecurityManager.class);
final Database mockDatabase = EasyMock.createMock(Database.class);
final DBBroker mockBroker = EasyMock.createMock(DBBroker.class);
final Subject mockCurrentSubject = EasyMock.createMock(Subject.class);
final Group mockGroup = EasyMock.createMock(Group.class);
SimpleACLPermission permission = new SimpleACLPermission(mockSecurityManager);
assertEquals(0, permission.getACECount());
final int groupId = 1112;
final String groupName = "aretter";
final String mode = "rwx";
expect(mockSecurityManager.getDatabase()).andReturn(mockDatabase);
expect(mockDatabase.getActiveBroker()).andReturn(mockBroker);
expect(mockBroker.getCurrentSubject()).andReturn(mockCurrentSubject);
expect(mockCurrentSubject.hasDbaRole()).andReturn(true);
expect(mockSecurityManager.getGroup(groupName)).andReturn(mockGroup);
expect(mockGroup.getId()).andReturn(groupId);
replay(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject, mockGroup);
permission.addACE(ACE_ACCESS_TYPE.ALLOWED, ACE_TARGET.GROUP, groupName, mode);
verify(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject, mockGroup);
assertEquals(1, permission.getACECount());
assertEquals(groupId, permission.getACEId(0));
assertEquals(ACE_ACCESS_TYPE.ALLOWED, permission.getACEAccessType(0));
assertEquals(ACE_TARGET.GROUP, permission.getACETarget(0));
assertEquals(ALL, permission.getACEMode(0));
assertEquals(mode, permission.getACEModeString(0));
}Example 9 with Database
use of org.exist.Database in project exist by eXist-db.
the class SimpleACLPermissionTest method clear.
@Test
public void clear() throws PermissionDeniedException {
final SecurityManager mockSecurityManager = EasyMock.createMock(SecurityManager.class);
final Database mockDatabase = EasyMock.createMock(Database.class);
final DBBroker mockBroker = EasyMock.createMock(DBBroker.class);
final Subject mockCurrentSubject = EasyMock.createMock(Subject.class);
expect(mockSecurityManager.getDatabase()).andReturn(mockDatabase).times(3);
expect(mockDatabase.getActiveBroker()).andReturn(mockBroker).times(3);
expect(mockBroker.getCurrentSubject()).andReturn(mockCurrentSubject).times(3);
expect(mockCurrentSubject.hasDbaRole()).andReturn(true).times(3);
replay(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject);
SimpleACLPermission permission = new SimpleACLPermission(mockSecurityManager);
assertEquals(0, permission.getACECount());
permission.addUserACE(ACE_ACCESS_TYPE.ALLOWED, 1, ALL);
final int secondUserId = 2;
permission.addUserACE(ACE_ACCESS_TYPE.ALLOWED, secondUserId, ALL);
assertEquals(2, permission.getACECount());
permission.clear();
assertEquals(0, permission.getACECount());
verify(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject);
}Example 10 with Database
use of org.exist.Database in project exist by eXist-db.
the class BrokerPool method _initialize.
private void _initialize() throws EXistException, DatabaseConfigurationException {
this.lockManager = new LockManager(conf, concurrencyLevel);
// Flag to indicate that we are initializing
status.process(Event.INITIALIZE);
if (LOG.isDebugEnabled()) {
LOG.debug("initializing database instance '{}'...", instanceName);
}
// register core broker pool services
this.scheduler = servicesManager.register(new QuartzSchedulerImpl(this));
// NOTE: this must occur after the scheduler, and before any other service which requires access to the data directory
this.dataLock = servicesManager.register(new FileLockService("dbx_dir.lck", BrokerPool.PROPERTY_DATA_DIR, NativeBroker.DEFAULT_DATA_DIR));
this.securityManager = servicesManager.register(new SecurityManagerImpl(this));
this.cacheManager = servicesManager.register(new DefaultCacheManager(this));
this.xQueryPool = servicesManager.register(new XQueryPool());
this.processMonitor = servicesManager.register(new ProcessMonitor());
this.xqueryStats = servicesManager.register(new PerformanceStats(this));
final XMLReaderObjectFactory xmlReaderObjectFactory = servicesManager.register(new XMLReaderObjectFactory());
this.xmlReaderPool = servicesManager.register(new XMLReaderPool(xmlReaderObjectFactory, maxBrokers, 0));
final int bufferSize = Optional.of(conf.getInteger(PROPERTY_COLLECTION_CACHE_SIZE)).filter(size -> size != -1).orElse(DEFAULT_COLLECTION_BUFFER_SIZE);
this.collectionCache = servicesManager.register(new CollectionCache());
this.notificationService = servicesManager.register(new NotificationService());
this.journalManager = recoveryEnabled ? Optional.of(new JournalManager()) : Optional.empty();
journalManager.ifPresent(servicesManager::register);
final SystemTaskManager systemTaskManager = servicesManager.register(new SystemTaskManager(this));
this.transactionManager = servicesManager.register(new TransactionManager(this, journalManager, systemTaskManager));
this.blobStoreService = servicesManager.register(new BlobStoreImplService());
this.symbols = servicesManager.register(new SymbolTable());
this.expathRepo = Optional.ofNullable(new ExistRepository());
expathRepo.ifPresent(servicesManager::register);
servicesManager.register(new ClasspathHelper());
this.indexManager = servicesManager.register(new IndexManager(this));
// prepare those services that require system (single-user) mode
this.pluginManager = servicesManager.register(new PluginsManagerImpl());
// Get a manager to handle further collections configuration
this.collectionConfigurationManager = servicesManager.register(new CollectionConfigurationManager(this));
this.startupTriggersManager = servicesManager.register(new StartupTriggersManager());
// this is just used for unit tests
final BrokerPoolService testBrokerPoolService = (BrokerPoolService) conf.getProperty("exist.testBrokerPoolService");
if (testBrokerPoolService != null) {
servicesManager.register(testBrokerPoolService);
}
// configure the registered services
try {
servicesManager.configureServices(conf);
} catch (final BrokerPoolServiceException e) {
throw new EXistException(e);
}
// calculate how much memory is reserved for caches to grow
final Runtime rt = Runtime.getRuntime();
final long maxMem = rt.maxMemory();
final long minFree = maxMem / 5;
reservedMem = cacheManager.getTotalMem() + collectionCache.getMaxCacheSize() + minFree;
LOG.debug("Reserved memory: {}; max: {}; min: {}", reservedMem, maxMem, minFree);
// prepare the registered services, before entering system (single-user) mode
try {
servicesManager.prepareServices(this);
} catch (final BrokerPoolServiceException e) {
throw new EXistException(e);
}
// setup database synchronization job
if (majorSyncPeriod > 0) {
final SyncTask syncTask = new SyncTask();
syncTask.configure(conf, null);
scheduler.createPeriodicJob(2500, new SystemTaskJobImpl(SyncTask.getJobName(), syncTask), 2500);
}
try {
statusReporter = new StatusReporter(SIGNAL_STARTUP);
statusObservers.forEach(statusReporter::addObserver);
final Thread statusThread = newInstanceThread(this, "startup-status-reporter", statusReporter);
statusThread.start();
// statusReporter may have to be terminated or the thread can/will hang.
try {
final boolean exportOnly = conf.getProperty(PROPERTY_EXPORT_ONLY, false);
// or the FileSyncThread for the journal can/will hang.
try {
// Enter System Mode
try (final DBBroker systemBroker = get(Optional.of(securityManager.getSystemSubject()))) {
status.process(Event.INITIALIZE_SYSTEM_MODE);
if (isReadOnly()) {
journalManager.ifPresent(JournalManager::disableJournalling);
}
try (final Txn transaction = transactionManager.beginTransaction()) {
servicesManager.startPreSystemServices(systemBroker, transaction);
transaction.commit();
} catch (final BrokerPoolServiceException e) {
throw new EXistException(e);
}
// Run the recovery process
boolean recovered = false;
if (isRecoveryEnabled()) {
recovered = runRecovery(systemBroker);
// TODO : extract the following from this block ? What if we are not transactional ? -pb
if (!recovered) {
try {
if (systemBroker.getCollection(XmldbURI.ROOT_COLLECTION_URI) == null) {
final Txn txn = transactionManager.beginTransaction();
try {
systemBroker.getOrCreateCollection(txn, XmldbURI.ROOT_COLLECTION_URI);
transactionManager.commit(txn);
} catch (final IOException | TriggerException | PermissionDeniedException e) {
transactionManager.abort(txn);
} finally {
transactionManager.close(txn);
}
}
} catch (final PermissionDeniedException pde) {
LOG.fatal(pde.getMessage(), pde);
}
}
}
/* initialise required collections if they don't exist yet */
if (!exportOnly) {
try {
initialiseSystemCollections(systemBroker);
} catch (final PermissionDeniedException pde) {
LOG.error(pde.getMessage(), pde);
throw new EXistException(pde.getMessage(), pde);
}
}
statusReporter.setStatus(SIGNAL_READINESS);
try (final Txn transaction = transactionManager.beginTransaction()) {
servicesManager.startSystemServices(systemBroker, transaction);
transaction.commit();
} catch (final BrokerPoolServiceException e) {
throw new EXistException(e);
}
// TODO : merge this with the recovery process ?
if (isRecoveryEnabled() && recovered) {
if (!exportOnly) {
reportStatus("Reindexing database files...");
try {
systemBroker.repair();
} catch (final PermissionDeniedException e) {
LOG.warn("Error during recovery: {}", e.getMessage(), e);
}
}
if ((Boolean) conf.getProperty(PROPERTY_RECOVERY_CHECK)) {
final ConsistencyCheckTask task = new ConsistencyCheckTask();
final Properties props = new Properties();
props.setProperty("backup", "no");
props.setProperty("output", "sanity");
task.configure(conf, props);
try (final Txn transaction = transactionManager.beginTransaction()) {
task.execute(systemBroker, transaction);
transaction.commit();
}
}
}
// OK : the DB is repaired; let's make a few RW operations
statusReporter.setStatus(SIGNAL_WRITABLE);
// initialize configurations watcher trigger
if (!exportOnly) {
try {
initialiseTriggersForCollections(systemBroker, XmldbURI.SYSTEM_COLLECTION_URI);
} catch (final PermissionDeniedException pde) {
// XXX: do not catch exception!
LOG.error(pde.getMessage(), pde);
}
}
// remove temporary docs
try {
systemBroker.cleanUpTempResources(true);
} catch (final PermissionDeniedException pde) {
LOG.error(pde.getMessage(), pde);
}
sync(systemBroker, Sync.MAJOR);
// system mode before entering multi-user mode
try (final Txn transaction = transactionManager.beginTransaction()) {
servicesManager.startPreMultiUserSystemServices(systemBroker, transaction);
transaction.commit();
} catch (final BrokerPoolServiceException e) {
throw new EXistException(e);
}
}
// Create the minimal number of brokers required by the configuration
for (int i = 1; i < minBrokers; i++) {
createBroker();
}
status.process(Event.INITIALIZE_MULTI_USER_MODE);
// register some MBeans to provide access to this instance
AgentFactory.getInstance().initDBInstance(this);
if (LOG.isDebugEnabled()) {
LOG.debug("database instance '{}' initialized", instanceName);
}
servicesManager.startMultiUserServices(this);
status.process(Event.READY);
statusReporter.setStatus(SIGNAL_STARTED);
} catch (final Throwable t) {
transactionManager.shutdown();
throw t;
}
} catch (final EXistException e) {
throw e;
} catch (final Throwable t) {
throw new EXistException(t.getMessage(), t);
}
} finally {
if (statusReporter != null) {
statusReporter.terminate();
statusReporter = null;
}
}
}
Also used :
FSM(com.evolvedbinary.j8fu.fsm.FSM)
Txn(org.exist.storage.txn.Txn)
Array(java.lang.reflect.Array)
BlobStoreService(org.exist.storage.blob.BlobStoreService)
ConfigurationDocumentTrigger(org.exist.config.ConfigurationDocumentTrigger)
RecoveryManager(org.exist.storage.recovery.RecoveryManager)
org.exist.security(org.exist.security)
PluginsManager(org.exist.plugin.PluginsManager)
ThreadUtils.nameInstanceThreadGroup(org.exist.util.ThreadUtils.nameInstanceThreadGroup)
Configurator(org.exist.config.Configurator)
ClasspathHelper(org.exist.repo.ClasspathHelper)
BlobStoreImplService(org.exist.storage.blob.BlobStoreImplService)
Collection(org.exist.collections.Collection)
Path(java.nio.file.Path)
SystemTaskJobImpl(org.exist.scheduler.impl.SystemTaskJobImpl)
PrintWriter(java.io.PrintWriter)
SecurityManagerImpl(org.exist.security.internal.SecurityManagerImpl)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
AtomicLazyVal(com.evolvedbinary.j8fu.lazy.AtomicLazyVal)
org.exist.collections.triggers(org.exist.collections.triggers)
Reference(java.lang.ref.Reference)
SecurityManager(org.exist.security.SecurityManager)
Logger(org.apache.logging.log4j.Logger)
CollectionCache(org.exist.collections.CollectionCache)
LockManager(org.exist.storage.lock.LockManager)
GuardedBy(net.jcip.annotations.GuardedBy)
Debuggee(org.exist.debuggee.Debuggee)
Entry(java.util.Map.Entry)
AgentFactory(org.exist.management.AgentFactory)
ExistRepository(org.exist.repo.ExistRepository)
java.util(java.util)
ConfigurationClass(org.exist.config.annotation.ConfigurationClass)
ThreadSafe(net.jcip.annotations.ThreadSafe)
NumberFormat(java.text.NumberFormat)
IndexManager(org.exist.indexing.IndexManager)
BlobStore(org.exist.storage.blob.BlobStore)
ShutdownListener(org.exist.xmldb.ShutdownListener)
XmldbURI(org.exist.xmldb.XmldbURI)
QuartzSchedulerImpl(org.exist.scheduler.impl.QuartzSchedulerImpl)
EXistException(org.exist.EXistException)
ThreadUtils.newInstanceThread(org.exist.util.ThreadUtils.newInstanceThread)
PluginsManagerImpl(org.exist.plugin.PluginsManagerImpl)
FileLockService(org.exist.storage.lock.FileLockService)
XQuery(org.exist.xquery.XQuery)
CollectionConfiguration(org.exist.collections.CollectionConfiguration)
DebuggeeFactory(org.exist.debuggee.DebuggeeFactory)
Database(org.exist.Database)
ReentrantLock(java.util.concurrent.locks.ReentrantLock)
FileStore(java.nio.file.FileStore)
JournalManager(org.exist.storage.journal.JournalManager)
StringWriter(java.io.StringWriter)
Sync(org.exist.storage.sync.Sync)
IOException(java.io.IOException)
DLNFactory(org.exist.numbering.DLNFactory)
TransactionException(org.exist.storage.txn.TransactionException)
Field(java.lang.reflect.Field)
CollectionConfigurationManager(org.exist.collections.CollectionConfigurationManager)
AtomicFSM(com.evolvedbinary.j8fu.fsm.AtomicFSM)
SymbolTable(org.exist.dom.persistent.SymbolTable)
Consumer(java.util.function.Consumer)
Scheduler(org.exist.scheduler.Scheduler)
SyncTask(org.exist.storage.sync.SyncTask)
TransactionManager(org.exist.storage.txn.TransactionManager)
Lock(java.util.concurrent.locks.Lock)
PerformanceStats(org.exist.xquery.PerformanceStats)
ConcurrentSkipListSet(java.util.concurrent.ConcurrentSkipListSet)
org.exist.util(org.exist.util)
NodeIdFactory(org.exist.numbering.NodeIdFactory)
LogManager(org.apache.logging.log4j.LogManager)
TransitionTable.transitionTable(com.evolvedbinary.j8fu.fsm.TransitionTable.transitionTable)
ConfigurationFieldAsAttribute(org.exist.config.annotation.ConfigurationFieldAsAttribute)
SyncTask(org.exist.storage.sync.SyncTask)
SecurityManagerImpl(org.exist.security.internal.SecurityManagerImpl)
SystemTaskJobImpl(org.exist.scheduler.impl.SystemTaskJobImpl)
Txn(org.exist.storage.txn.Txn)
PluginsManagerImpl(org.exist.plugin.PluginsManagerImpl)
CollectionCache(org.exist.collections.CollectionCache)
QuartzSchedulerImpl(org.exist.scheduler.impl.QuartzSchedulerImpl)
ExistRepository(org.exist.repo.ExistRepository)
ClasspathHelper(org.exist.repo.ClasspathHelper)
JournalManager(org.exist.storage.journal.JournalManager)
SymbolTable(org.exist.dom.persistent.SymbolTable)
BlobStoreImplService(org.exist.storage.blob.BlobStoreImplService)
EXistException(org.exist.EXistException)
IOException(java.io.IOException)
FileLockService(org.exist.storage.lock.FileLockService)
ThreadUtils.newInstanceThread(org.exist.util.ThreadUtils.newInstanceThread)
IndexManager(org.exist.indexing.IndexManager)
LockManager(org.exist.storage.lock.LockManager)
PerformanceStats(org.exist.xquery.PerformanceStats)
TransactionManager(org.exist.storage.txn.TransactionManager)
CollectionConfigurationManager(org.exist.collections.CollectionConfigurationManager)
Aggregations
Database (org.exist.Database)42
DBBroker (org.exist.storage.DBBroker)34
Test (org.junit.Test)29
EXistException (org.exist.EXistException)6
SecurityManager (org.exist.security.SecurityManager)5
BrokerPool (org.exist.storage.BrokerPool)4
XmldbURI (org.exist.xmldb.XmldbURI)4
XQuery (org.exist.xquery.XQuery)4
IOException (java.io.IOException)3
Random (java.util.Random)3
PermissionDeniedException (org.exist.security.PermissionDeniedException)3
CompiledXQuery (org.exist.xquery.CompiledXQuery)3
Ignore (org.junit.Ignore)3
StringWriter (java.io.StringWriter)2
Collection (org.exist.collections.Collection)2
Configuration (org.exist.config.Configuration)2
StreamListener (org.exist.indexing.StreamListener)2
SecurityManagerImpl (org.exist.security.internal.SecurityManagerImpl)2
Serializer (org.exist.storage.serializers.Serializer)2
Configuration (org.exist.util.Configuration)2
