Search in sources :

Example 71 with Collection

use of org.exist.collections.Collection in project exist by eXist-db.

the class NativeBrokerTest method copyCollection_noDescendants_toNonExistingDest_cannotWriteDest.

/**
 * When copying a Collection (/db/test/source) where
 * we have execute+read access and
 * which has no descendant documents or collections in it,
 *
 * to the destination /db/test/dest (which does not already exist)
 * and we DO NOT have execute+write access on /db/test
 * we should NOT be allowed to copy the Collection.
 */
@Test(expected = PermissionDeniedException.class)
public void copyCollection_noDescendants_toNonExistingDest_cannotWriteDest() throws LockException, PermissionDeniedException {
    final XmldbURI src = XmldbURI.create("/db/test/source");
    final XmldbURI dest = XmldbURI.create("/db/test");
    final XmldbURI newName = XmldbURI.create("dest");
    final Collection srcCollection = EasyMock.createStrictMock(Collection.class);
    final Permission srcPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection destCollection = EasyMock.createStrictMock(Collection.class);
    final Permission destPermissions = EasyMock.createStrictMock(Permission.class);
    // EasyMock.createMock(Collection.class);
    final Collection newDestCollection = null;
    final NativeBroker broker = EasyMock.createMockBuilder(NativeBroker.class).addMockedMethod("getCollection").addMockedMethod("getCurrentSubject").createStrictMock();
    final Subject subject = EasyMock.createStrictMock(Subject.class);
    // grant EXECUTE and READ permissions on the src
    expect(srcCollection.getPermissionsNoLock()).andReturn(srcPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(srcPermissions.validate(subject, Permission.EXECUTE | Permission.READ)).andReturn(true);
    // grant EXECUTE and WRITE permission on the dest
    expect(destCollection.getURI()).andReturn(dest);
    final Capture<XmldbURI> newDestURICapture = newCapture();
    expect(broker.getCollection(capture(newDestURICapture))).andReturn(newDestCollection);
    expect(destCollection.getPermissionsNoLock()).andReturn(destPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(destPermissions.validate(subject, Permission.EXECUTE | Permission.WRITE)).andReturn(false);
    // expectations for exception that should be thrown
    expect(srcCollection.getURI()).andReturn(src);
    expect(destCollection.getURI()).andReturn(dest);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(subject.getName()).andReturn("Fake user");
    // test below
    replay(subject, destCollection, destPermissions, srcCollection, srcPermissions, broker);
    // run the test
    broker.checkPermissionsForCopy(srcCollection, destCollection, newName);
    // not actually called, but here for showing intention
    verify(subject, destCollection, destPermissions, srcCollection, srcPermissions, broker);
}
Also used : Permission(org.exist.security.Permission) Collection(org.exist.collections.Collection) XmldbURI(org.exist.xmldb.XmldbURI) Subject(org.exist.security.Subject) Test(org.junit.Test)

Example 72 with Collection

use of org.exist.collections.Collection in project exist by eXist-db.

the class NativeBrokerTest method copyCollection_noDescendants_toNonExistingDest_canWriteDest.

/**
 * When copying a Collection (/db/test/source) where
 * we have execute+read access and
 * which has no descendant documents or collections in it
 * to the destination /db/test/dest (which does not already exist)
 * and we have execute+write access on /db/test
 * we should be allowed to copy the Collection.
 */
@Test
public void copyCollection_noDescendants_toNonExistingDest_canWriteDest() throws LockException, PermissionDeniedException {
    final XmldbURI src = XmldbURI.create("/db/test/source");
    final XmldbURI dest = XmldbURI.create("/db/test");
    final XmldbURI newName = XmldbURI.create("dest");
    final Collection srcCollection = EasyMock.createStrictMock(Collection.class);
    final Permission srcPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection destCollection = EasyMock.createStrictMock(Collection.class);
    final Permission destPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection newDestCollection = null;
    final NativeBroker broker = EasyMock.createMockBuilder(NativeBroker.class).addMockedMethod("getCollection").addMockedMethod("getCurrentSubject").createStrictMock();
    final Subject subject = EasyMock.createStrictMock(Subject.class);
    // grant EXECUTE and READ permissions on the src
    expect(srcCollection.getPermissionsNoLock()).andReturn(srcPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(srcPermissions.validate(subject, Permission.EXECUTE | Permission.READ)).andReturn(true);
    // grant EXECUTE and WRITE permission on the dest
    expect(destCollection.getURI()).andReturn(dest);
    final Capture<XmldbURI> newDestURICapture = newCapture();
    expect(broker.getCollection(capture(newDestURICapture))).andReturn(newDestCollection);
    expect(destCollection.getPermissionsNoLock()).andReturn(destPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(destPermissions.validate(subject, Permission.EXECUTE | Permission.WRITE)).andReturn(true);
    // no sub-documents
    expect(srcCollection.iteratorNoLock(broker)).andReturn(Collections.emptyIterator());
    // no sub-collections
    expect(srcCollection.collectionIteratorNoLock(broker)).andReturn(Collections.emptyIterator());
    // test below
    replay(destCollection, destPermissions, srcCollection, srcPermissions, subject, broker);
    // run the test
    broker.checkPermissionsForCopy(srcCollection, destCollection, newName);
    verify(destCollection, destPermissions, srcCollection, srcPermissions, subject, broker);
    assertEquals(dest.append(newName), newDestURICapture.getValue());
}
Also used : Permission(org.exist.security.Permission) Collection(org.exist.collections.Collection) XmldbURI(org.exist.xmldb.XmldbURI) Subject(org.exist.security.Subject) Test(org.junit.Test)

Example 73 with Collection

use of org.exist.collections.Collection in project exist by eXist-db.

the class NativeBrokerTest method copyCollection_oneSubDoc_toNonExistingDest_canWriteDest.

/**
 * When copying a Collection (/db/test/source) where
 * we have execute+read access and
 * which has one descendant document (on which we have read access)
 * in it,
 *
 * to the destination /db/test/dest (which does not already exist)
 * and we have execute+write access on /db/test
 * we should be allowed to copy the Collection.
 */
@Test
public void copyCollection_oneSubDoc_toNonExistingDest_canWriteDest() throws LockException, PermissionDeniedException {
    final XmldbURI src = XmldbURI.create("/db/test/source");
    final XmldbURI dest = XmldbURI.create("/db/test");
    final XmldbURI newName = XmldbURI.create("dest");
    final Collection srcCollection = EasyMock.createStrictMock(Collection.class);
    final Permission srcPermissions = EasyMock.createStrictMock(Permission.class);
    final DocumentImpl srcSubDocument = EasyMock.createStrictMock(DocumentImpl.class);
    final Permission srcSubDocumentPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection destCollection = EasyMock.createStrictMock(Collection.class);
    final Permission destPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection newDestCollection = null;
    final NativeBroker broker = EasyMock.createMockBuilder(NativeBroker.class).addMockedMethod("getCollection").addMockedMethod("getCurrentSubject").createStrictMock();
    final Subject subject = EasyMock.createStrictMock(Subject.class);
    // grant EXECUTE and READ permissions on the src
    expect(srcCollection.getPermissionsNoLock()).andReturn(srcPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(srcPermissions.validate(subject, Permission.EXECUTE | Permission.READ)).andReturn(true);
    // grant EXECUTE and WRITE permission on the dest
    expect(destCollection.getURI()).andReturn(dest);
    final Capture<XmldbURI> newDestURICapture = newCapture();
    expect(broker.getCollection(capture(newDestURICapture))).andReturn(newDestCollection);
    expect(destCollection.getPermissionsNoLock()).andReturn(destPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(destPermissions.validate(subject, Permission.EXECUTE | Permission.WRITE)).andReturn(true);
    // one sub-document with READ permission
    expect(srcCollection.iteratorNoLock(broker)).andReturn(new ArrayIterator<>(srcSubDocument));
    expect(srcSubDocument.getPermissions()).andReturn(srcSubDocumentPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(srcSubDocumentPermissions.validate(subject, Permission.READ)).andReturn(true);
    // no sub-collections
    expect(srcCollection.collectionIteratorNoLock(broker)).andReturn(Collections.emptyIterator());
    // test below
    replay(srcSubDocumentPermissions, srcSubDocument, destCollection, destPermissions, srcCollection, srcPermissions, subject, broker);
    // run the test
    broker.checkPermissionsForCopy(srcCollection, destCollection, newName);
    verify(srcSubDocumentPermissions, srcSubDocument, destCollection, destPermissions, srcCollection, srcPermissions, subject, broker);
    assertEquals(dest.append(newName), newDestURICapture.getValue());
}
Also used : Permission(org.exist.security.Permission) Collection(org.exist.collections.Collection) DocumentImpl(org.exist.dom.persistent.DocumentImpl) XmldbURI(org.exist.xmldb.XmldbURI) Subject(org.exist.security.Subject) Test(org.junit.Test)

Example 74 with Collection

use of org.exist.collections.Collection in project exist by eXist-db.

the class CopyCollectionTest method copyDeepWithSubCollections.

/**
 * Test copy collection /db/a/b/c/d/e/f/g/h/i/j/k to /db/z/y/x/w/v/u/k
 *
 * Note that the collection /db/a/b/c/d/e/f/g/h/i/j/k has the sub-collections (sub-1 and sub-2),
 * this test checks that the sub-collections are correctly preserved.
 */
@Test
public void copyDeepWithSubCollections() throws EXistException, IOException, PermissionDeniedException, TriggerException, LockException {
    final XmldbURI srcUri = XmldbURI.create("/db/a/b/c/d/e/f/g/h/i/j/k");
    final XmldbURI srcSubCol1Uri = srcUri.append("sub-1");
    final XmldbURI srcSubCol2Uri = srcUri.append("sub-2");
    final XmldbURI destUri = XmldbURI.create("/db/z/y/x/w/v/u");
    final XmldbURI newName = srcUri.lastSegment();
    final BrokerPool pool = existWebServer.getBrokerPool();
    final TransactionManager transact = pool.getTransactionManager();
    try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()));
        final Txn transaction = transact.beginTransaction()) {
        // create src collection
        try (final Collection src = broker.getOrCreateCollection(transaction, srcUri)) {
            assertNotNull(src);
            broker.saveCollection(transaction, src);
        }
        // create src sub-collections
        try (final Collection srcColSubCol1 = broker.getOrCreateCollection(transaction, srcSubCol1Uri)) {
            assertNotNull(srcColSubCol1);
            broker.saveCollection(transaction, srcColSubCol1);
        }
        try (final Collection srcColSubCol2 = broker.getOrCreateCollection(transaction, srcSubCol2Uri)) {
            assertNotNull(srcColSubCol2);
            broker.saveCollection(transaction, srcColSubCol2);
        }
        // create dst collection
        try (Collection dst = broker.getOrCreateCollection(transaction, destUri)) {
            assertNotNull(dst);
            broker.saveCollection(transaction, dst);
        }
        try (final Collection src = broker.openCollection(srcUri, LockMode.WRITE_LOCK);
            final Collection dst = broker.openCollection(destUri, LockMode.WRITE_LOCK)) {
            broker.copyCollection(transaction, src, dst, newName);
        }
        transact.commit(transaction);
    }
    // check that the source still exists
    try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()));
        final Txn transaction = transact.beginTransaction()) {
        try (final Collection src = broker.openCollection(srcUri, LockMode.READ_LOCK)) {
            assertNotNull(src);
        }
        // check that the source sub-collections still exist
        try (final Collection srcSubCol1 = broker.openCollection(srcSubCol1Uri, LockMode.READ_LOCK)) {
            assertNotNull(srcSubCol1);
        }
        try (final Collection srcSubCol2 = broker.openCollection(srcSubCol2Uri, LockMode.READ_LOCK)) {
            assertNotNull(srcSubCol2);
        }
        transaction.commit();
    }
    // check that the new copy exists
    try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()));
        final Txn transaction = transact.beginTransaction()) {
        final XmldbURI copyUri = destUri.append(newName);
        try (final Collection copy = broker.openCollection(copyUri, LockMode.READ_LOCK)) {
            assertNotNull(copy);
        }
        // check that the new copy has sub-collection copies
        final XmldbURI copySubCol1Uri = copyUri.append(srcSubCol1Uri.lastSegment());
        try (final Collection copySubCol1 = broker.openCollection(copySubCol1Uri, LockMode.READ_LOCK)) {
            assertNotNull(copySubCol1);
        }
        final XmldbURI copySubCol2Uri = copyUri.append(srcSubCol2Uri.lastSegment());
        try (final Collection copySubCol2 = broker.openCollection(copySubCol2Uri, LockMode.READ_LOCK)) {
            assertNotNull(copySubCol2);
        }
        transaction.commit();
    }
}
Also used : TransactionManager(org.exist.storage.txn.TransactionManager) Collection(org.exist.collections.Collection) Txn(org.exist.storage.txn.Txn) XmldbURI(org.exist.xmldb.XmldbURI)

Example 75 with Collection

use of org.exist.collections.Collection in project exist by eXist-db.

the class CopyCollectionTest method prepareDb.

@BeforeClass
public static void prepareDb() throws EXistException, PermissionDeniedException, IOException, TriggerException {
    final BrokerPool pool = existWebServer.getBrokerPool();
    final SecurityManager sm = pool.getSecurityManager();
    try (final DBBroker broker = pool.get(Optional.of(sm.getSystemSubject()));
        final Txn transaction = pool.getTransactionManager().beginTransaction()) {
        final Collection collection = broker.getOrCreateCollection(transaction, TEST_COLLECTION_URI);
        chmod(broker, transaction, collection.getURI(), 511);
        broker.saveCollection(transaction, collection);
        createUser(broker, sm, USER1_NAME, USER1_PWD);
        createUser(broker, sm, USER2_NAME, USER2_PWD);
        transaction.commit();
    }
}
Also used : SecurityManager(org.exist.security.SecurityManager) Collection(org.exist.collections.Collection) Txn(org.exist.storage.txn.Txn)

Aggregations

Collection (org.exist.collections.Collection)297 Txn (org.exist.storage.txn.Txn)160 XmldbURI (org.exist.xmldb.XmldbURI)99 DBBroker (org.exist.storage.DBBroker)89 TransactionManager (org.exist.storage.txn.TransactionManager)86 BrokerPool (org.exist.storage.BrokerPool)69 StringInputSource (org.exist.util.StringInputSource)57 Test (org.junit.Test)57 EXistException (org.exist.EXistException)43 PermissionDeniedException (org.exist.security.PermissionDeniedException)43 DocumentImpl (org.exist.dom.persistent.DocumentImpl)42 IOException (java.io.IOException)33 LockedDocument (org.exist.dom.persistent.LockedDocument)31 SAXException (org.xml.sax.SAXException)26 InputStream (java.io.InputStream)19 Path (java.nio.file.Path)19 Permission (org.exist.security.Permission)19 LockException (org.exist.util.LockException)16 TriggerException (org.exist.collections.triggers.TriggerException)15 BinaryDocument (org.exist.dom.persistent.BinaryDocument)15