Example 6 with Collection
use of org.exist.collections.Collection in project exist by eXist-db.
the class XQueryStartupTrigger method createAutostartCollection.
/**
* Create autostart collection when not existent
*
* @param broker The exist-db broker
*/
private void createAutostartCollection(DBBroker broker) {
LOG.info("Creating {}", AUTOSTART_COLLECTION);
final TransactionManager txnManager = broker.getBrokerPool().getTransactionManager();
try (final Txn txn = txnManager.beginTransaction()) {
XmldbURI newCollection = XmldbURI.create(AUTOSTART_COLLECTION, true);
// Create collection
final Collection created = broker.getOrCreateCollection(txn, newCollection);
// Set ownership and mode
PermissionFactory.chown(broker, created, Optional.of(SecurityManager.SYSTEM), Optional.of(SecurityManager.DBA_GROUP));
PermissionFactory.chmod(broker, created, Optional.of(Permission.DEFAULT_SYSTEM_SECURITY_COLLECTION_PERM), Optional.empty());
broker.saveCollection(txn, created);
broker.flush();
// Commit change
txnManager.commit(txn);
if (LOG.isDebugEnabled()) {
LOG.debug("Finished creation of collection");
}
} catch (Throwable ex) {
LOG.error(ex);
}
}
Also used :
TransactionManager(org.exist.storage.txn.TransactionManager)
Collection(org.exist.collections.Collection)
Txn(org.exist.storage.txn.Txn)
XmldbURI(org.exist.xmldb.XmldbURI)
Example 7 with Collection
use of org.exist.collections.Collection in project exist by eXist-db.
the class RESTServer method checkForXQueryTarget.
private boolean checkForXQueryTarget(final DBBroker broker, final Txn transaction, final XmldbURI path, final HttpServletRequest request, final HttpServletResponse response) throws PermissionDeniedException, IOException, BadRequestException {
if (request.getAttribute(XQueryURLRewrite.RQ_ATTR) == null) {
return false;
}
final String xqueryType = MimeType.XQUERY_TYPE.getName();
final Collection collection = broker.getCollection(path);
// a collection is not executable
if (collection != null) {
return false;
}
XmldbURI servletPath = path;
LockedDocument lockedDocument = null;
DocumentImpl resource = null;
// xquery resource
while (resource == null) {
// traverse up the path looking for xquery objects
lockedDocument = broker.getXMLResource(servletPath, LockMode.READ_LOCK);
resource = lockedDocument == null ? null : lockedDocument.getDocument();
if (resource != null && (resource.getResourceType() == DocumentImpl.BINARY_FILE && xqueryType.equals(resource.getMimeType()))) {
// found a binary file with mime-type xquery or XML file with mime-type xproc
break;
} else if (resource != null) {
// not an xquery or xproc resource. This means we have a path
// that cannot contain an xquery or xproc object even if we keep
// moving up the path, so bail out now
lockedDocument.close();
return false;
}
servletPath = servletPath.removeLastSegment();
if (servletPath == XmldbURI.EMPTY_URI) {
// no resource and no path segments left
return false;
}
}
// found an XQuery resource, fixup request values
final String pathInfo = path.trimFromBeginning(servletPath).toString();
final Properties outputProperties = new Properties(defaultOutputKeysProperties);
try {
// Execute the XQuery
executeXQuery(broker, transaction, resource, request, response, outputProperties, servletPath.toString(), pathInfo);
} catch (final XPathException e) {
writeXPathExceptionHtml(response, HttpServletResponse.SC_BAD_REQUEST, "UTF-8", null, path.toString(), e);
} finally {
lockedDocument.close();
}
return true;
}
Also used :
Collection(org.exist.collections.Collection)
Properties(java.util.Properties)
XmldbURI(org.exist.xmldb.XmldbURI)
Example 8 with Collection
use of org.exist.collections.Collection in project exist by eXist-db.
the class RESTServer method doPost.
/**
* Handles POST requests. If the path leads to a binary resource with
* mime-type "application/xquery", that resource will be read and executed
* by the XQuery engine. Otherwise, the request content is loaded and parsed
* as XML. It may either contain an XUpdate or a query request.
*
* @param broker the database broker
* @param transaction the database transaction
* @param request the request
* @param response the response
* @param path the path of the request
*
* @throws BadRequestException if a bad request is made
* @throws PermissionDeniedException if the request has insufficient permissions
* @throws NotFoundException if the request resource cannot be found
* @throws IOException if an I/O error occurs
*/
public void doPost(final DBBroker broker, final Txn transaction, final HttpServletRequest request, final HttpServletResponse response, final String path) throws BadRequestException, PermissionDeniedException, IOException, NotFoundException {
// if required, set character encoding
if (request.getCharacterEncoding() == null) {
request.setCharacterEncoding(formEncoding);
}
final Properties outputProperties = new Properties(defaultOutputKeysProperties);
final XmldbURI pathUri = XmldbURI.createInternal(path);
LockedDocument lockedDocument = null;
DocumentImpl resource = null;
final String encoding = outputProperties.getProperty(OutputKeys.ENCODING);
String mimeType = outputProperties.getProperty(OutputKeys.MEDIA_TYPE);
try {
// check if path leads to an XQuery resource.
// if yes, the resource is loaded and the XQuery executed.
final String xquery_mime_type = MimeType.XQUERY_TYPE.getName();
final String xproc_mime_type = MimeType.XPROC_TYPE.getName();
lockedDocument = broker.getXMLResource(pathUri, LockMode.READ_LOCK);
resource = lockedDocument == null ? null : lockedDocument.getDocument();
XmldbURI servletPath = pathUri;
// xquery resource
while (null == resource) {
// traverse up the path looking for xquery objects
servletPath = servletPath.removeLastSegment();
if (servletPath == XmldbURI.EMPTY_URI) {
break;
}
lockedDocument = broker.getXMLResource(servletPath, LockMode.READ_LOCK);
resource = lockedDocument == null ? null : lockedDocument.getDocument();
if (null != resource && (resource.getResourceType() == DocumentImpl.BINARY_FILE && xquery_mime_type.equals(resource.getMimeType()) || resource.getResourceType() == DocumentImpl.XML_FILE && xproc_mime_type.equals(resource.getMimeType()))) {
// found a binary file with mime-type xquery or XML file with mime-type xproc
break;
} else if (null != resource) {
// not an xquery or xproc resource. This means we have a path
// that cannot contain an xquery or xproc object even if we keep
// moving up the path, so bail out now
lockedDocument.close();
lockedDocument = null;
resource = null;
break;
}
}
// either xquery binary file or xproc xml file
if (resource != null) {
if (resource.getResourceType() == DocumentImpl.BINARY_FILE && xquery_mime_type.equals(resource.getMimeType()) || resource.getResourceType() == DocumentImpl.XML_FILE && xproc_mime_type.equals(resource.getMimeType())) {
// found an XQuery resource, fixup request values
final String pathInfo = pathUri.trimFromBeginning(servletPath).toString();
try {
if (xquery_mime_type.equals(resource.getMimeType())) {
// Execute the XQuery
executeXQuery(broker, transaction, resource, request, response, outputProperties, servletPath.toString(), pathInfo);
} else {
// Execute the XProc
executeXProc(broker, transaction, resource, request, response, outputProperties, servletPath.toString(), pathInfo);
}
} catch (final XPathException e) {
if (MimeType.XML_TYPE.getName().equals(mimeType)) {
writeXPathException(response, HttpServletResponse.SC_BAD_REQUEST, encoding, null, path, e);
} else {
writeXPathExceptionHtml(response, HttpServletResponse.SC_BAD_REQUEST, encoding, null, path, e);
}
}
return;
}
}
} finally {
if (lockedDocument != null) {
lockedDocument.close();
}
}
// check the content type to see if its XML or a parameter string
String requestType = request.getContentType();
if (requestType != null) {
final int semicolon = requestType.indexOf(';');
if (semicolon > 0) {
requestType = requestType.substring(0, semicolon).trim();
}
}
// content type != application/x-www-form-urlencoded
if (requestType == null || !requestType.equals(MimeType.URL_ENCODED_TYPE.getName())) {
// third, normal POST: read the request content and check if
// it is an XUpdate or a query request.
int howmany = 10;
int start = 1;
boolean typed = false;
ElementImpl variables = null;
boolean enclose = true;
boolean cache = false;
String query = null;
try {
final String content = getRequestContent(request);
final NamespaceExtractor nsExtractor = new NamespaceExtractor();
final ElementImpl root = parseXML(broker.getBrokerPool(), content, nsExtractor);
final String rootNS = root.getNamespaceURI();
if (rootNS != null && rootNS.equals(Namespaces.EXIST_NS)) {
if (Query.xmlKey().equals(root.getLocalName())) {
// process <query>xpathQuery</query>
String option = root.getAttribute(Start.xmlKey());
if (option != null) {
try {
start = Integer.parseInt(option);
} catch (final NumberFormatException e) {
//
}
}
option = root.getAttribute(Max.xmlKey());
if (option != null) {
try {
howmany = Integer.parseInt(option);
} catch (final NumberFormatException e) {
//
}
}
option = root.getAttribute(Enclose.xmlKey());
if (option != null) {
if ("no".equals(option)) {
enclose = false;
}
} else {
option = root.getAttribute(Wrap.xmlKey());
if (option != null) {
if ("no".equals(option)) {
enclose = false;
}
}
}
option = root.getAttribute(Method.xmlKey());
if ((option != null) && (!option.isEmpty())) {
outputProperties.setProperty(SERIALIZATION_METHOD_PROPERTY, option);
}
option = root.getAttribute(Typed.xmlKey());
if (option != null) {
if ("yes".equals(option)) {
typed = true;
}
}
option = root.getAttribute(Mime.xmlKey());
if ((option != null) && (!option.isEmpty())) {
mimeType = option;
}
if ((option = root.getAttribute(Cache.xmlKey())) != null) {
cache = "yes".equals(option);
}
if ((option = root.getAttribute(Session.xmlKey())) != null && option.length() > 0) {
outputProperties.setProperty(Serializer.PROPERTY_SESSION_ID, option);
}
final NodeList children = root.getChildNodes();
for (int i = 0; i < children.getLength(); i++) {
final Node child = children.item(i);
if (child.getNodeType() == Node.ELEMENT_NODE && child.getNamespaceURI().equals(Namespaces.EXIST_NS)) {
if (Text.xmlKey().equals(child.getLocalName())) {
final StringBuilder buf = new StringBuilder();
Node next = child.getFirstChild();
while (next != null) {
if (next.getNodeType() == Node.TEXT_NODE || next.getNodeType() == Node.CDATA_SECTION_NODE) {
buf.append(next.getNodeValue());
}
next = next.getNextSibling();
}
query = buf.toString();
} else if (Variables.xmlKey().equals(child.getLocalName())) {
variables = (ElementImpl) child;
} else if (Properties.xmlKey().equals(child.getLocalName())) {
Node node = child.getFirstChild();
while (node != null) {
if (node.getNodeType() == Node.ELEMENT_NODE && node.getNamespaceURI().equals(Namespaces.EXIST_NS) && Property.xmlKey().equals(node.getLocalName())) {
final Element property = (Element) node;
final String key = property.getAttribute("name");
final String value = property.getAttribute("value");
LOG.debug("{} = {}", key, value);
if (key != null && value != null) {
outputProperties.setProperty(key, value);
}
}
node = node.getNextSibling();
}
}
}
}
}
// execute query
if (query != null) {
try {
search(broker, transaction, query, path, nsExtractor.getNamespaces(), variables, howmany, start, typed, outputProperties, enclose, cache, request, response);
} catch (final XPathException e) {
if (MimeType.XML_TYPE.getName().equals(mimeType)) {
writeXPathException(response, HttpServletResponse.SC_BAD_REQUEST, encoding, null, path, e);
} else {
writeXPathExceptionHtml(response, HttpServletResponse.SC_BAD_REQUEST, encoding, null, path, e);
}
}
} else {
throw new BadRequestException("No query specified");
}
} else if (rootNS != null && rootNS.equals(XUpdateProcessor.XUPDATE_NS)) {
if (LOG.isDebugEnabled()) {
LOG.debug("Got xupdate request: {}", content);
}
if (xupdateSubmission == EXistServlet.FeatureEnabled.FALSE) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
} else if (xupdateSubmission == EXistServlet.FeatureEnabled.AUTHENTICATED_USERS_ONLY) {
final Subject currentSubject = broker.getCurrentSubject();
if (!currentSubject.isAuthenticated() || currentSubject.getId() == RealmImpl.GUEST_GROUP_ID) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
}
final MutableDocumentSet docs = new DefaultDocumentSet();
final boolean isCollection;
try (final Collection collection = broker.openCollection(pathUri, LockMode.READ_LOCK)) {
if (collection != null) {
isCollection = true;
collection.allDocs(broker, docs, true);
} else {
isCollection = false;
}
}
if (!isCollection) {
final DocumentImpl xupdateDoc = broker.getResource(pathUri, Permission.READ);
if (xupdateDoc != null) {
docs.add(xupdateDoc);
} else {
broker.getAllXMLResources(docs);
}
}
final XUpdateProcessor processor = new XUpdateProcessor(broker, docs);
long mods = 0;
try (final Reader reader = new StringReader(content)) {
final Modification[] modifications = processor.parse(new InputSource(reader));
for (Modification modification : modifications) {
mods += modification.process(transaction);
broker.flush();
}
}
// FD : Returns an XML doc
writeXUpdateResult(response, encoding, mods);
// END FD
} else {
throw new BadRequestException("Unknown XML root element: " + root.getNodeName());
}
} catch (final SAXException e) {
Exception cause = e;
if (e.getException() != null) {
cause = e.getException();
}
LOG.debug("SAX exception while parsing request: {}", cause.getMessage(), cause);
throw new BadRequestException("SAX exception while parsing request: " + cause.getMessage());
} catch (final ParserConfigurationException e) {
throw new BadRequestException("Parser exception while parsing request: " + e.getMessage());
} catch (final XPathException e) {
throw new BadRequestException("Query exception while parsing request: " + e.getMessage());
} catch (final IOException e) {
throw new BadRequestException("IO exception while parsing request: " + e.getMessage());
} catch (final EXistException e) {
throw new BadRequestException(e.getMessage());
} catch (final LockException e) {
throw new PermissionDeniedException(e.getMessage());
}
// content type = application/x-www-form-urlencoded
} else {
doGet(broker, transaction, request, response, path);
}
}
Also used :
XUpdateProcessor(org.exist.xupdate.XUpdateProcessor)
Modification(org.exist.xupdate.Modification)
InputSource(org.xml.sax.InputSource)
JSONNode(org.exist.util.serializer.json.JSONNode)
Node(org.w3c.dom.Node)
Element(org.w3c.dom.Element)
XMLReader(org.xml.sax.XMLReader)
Properties(java.util.Properties)
SAXException(org.xml.sax.SAXException)
ElementImpl(org.exist.dom.memtree.ElementImpl)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
XmldbURI(org.exist.xmldb.XmldbURI)
NodeList(org.w3c.dom.NodeList)
EXistException(org.exist.EXistException)
Subject(org.exist.security.Subject)
PermissionDeniedException(org.exist.security.PermissionDeniedException)
XMLStreamException(javax.xml.stream.XMLStreamException)
SAXException(org.xml.sax.SAXException)
TriggerException(org.exist.collections.triggers.TriggerException)
EXistException(org.exist.EXistException)
TransformerConfigurationException(javax.xml.transform.TransformerConfigurationException)
SAXParseException(org.xml.sax.SAXParseException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Collection(org.exist.collections.Collection)
PermissionDeniedException(org.exist.security.PermissionDeniedException)
Example 9 with Collection
use of org.exist.collections.Collection in project exist by eXist-db.
the class SecurityManagerTest method deleteAccount.
@Test
public void deleteAccount() throws EXistException, PermissionDeniedException, XPathException, LockException {
final BrokerPool brokerPool = existEmbeddedServer.getBrokerPool();
final SecurityManager securityManager = brokerPool.getSecurityManager();
try (final DBBroker broker = brokerPool.get(Optional.of(securityManager.getSystemSubject()))) {
// 1. pre-check - assert the account exists
assertTrue(securityManager.hasAccount(TEST_USER_NAME));
// 2. pre-check - assert the XML document for the account and group exists
try (final LockedDocument document = broker.getXMLResource(ACCOUNTS_URI.append(TEST_USER_NAME + ".xml"), Lock.LockMode.READ_LOCK)) {
assertNotNull(document);
}
try (final LockedDocument document = broker.getXMLResource(GROUPS_URI.append(TEST_GROUP_NAME + ".xml"), Lock.LockMode.READ_LOCK)) {
assertNotNull(document);
}
// 3. pre-check - check that both the accounts collection and groups collection have sub-collections for removed accounts and groups
try (final Collection collection = broker.openCollection(ACCOUNTS_URI, Lock.LockMode.READ_LOCK)) {
assertNotNull(collection);
assertEquals(1, collection.getChildCollectionCount(broker));
assertTrue(collection.hasChildCollection(broker, XmldbURI.create(REMOVED_COLLECTION_NAME)));
}
try (final Collection collection = broker.openCollection(GROUPS_URI, Lock.LockMode.READ_LOCK)) {
assertNotNull(collection);
assertEquals(1, collection.getChildCollectionCount(broker));
assertTrue(collection.hasChildCollection(broker, XmldbURI.create(REMOVED_COLLECTION_NAME)));
}
// 4. pre-check - assert that the removed Collections do exist for accounts and groups, but is empty
try (final Collection collection = broker.openCollection(REMOVED_ACCOUNTS_URI, Lock.LockMode.READ_LOCK)) {
assertNotNull(collection);
assertEquals(0, collection.getChildCollectionCount(broker));
assertEquals(0, collection.getDocumentCount(broker));
}
try (final Collection collection = broker.openCollection(REMOVED_GROUPS_URI, Lock.LockMode.READ_LOCK)) {
assertNotNull(collection);
assertEquals(0, collection.getChildCollectionCount(broker));
assertEquals(0, collection.getDocumentCount(broker));
}
// 5. pre-check - assert the XML document for any removed account or group does NOT exist
assertFalse(removedAccountExists(broker, TEST_USER_NAME));
assertFalse(removedGroupExists(broker, TEST_GROUP_NAME));
// 6. DELETE THE ACCOUNT
securityManager.deleteAccount(TEST_USER_NAME);
// 7. post-check - assert the account does NOT exist
assertFalse(securityManager.hasAccount(TEST_USER_NAME));
// 8. post-check - assert the XML document for the account does NOT exist, but that the group still exists
try (final LockedDocument document = broker.getXMLResource(ACCOUNTS_URI.append(TEST_USER_NAME + ".xml"), Lock.LockMode.READ_LOCK)) {
assertNull(document);
}
try (final LockedDocument document = broker.getXMLResource(GROUPS_URI.append(TEST_GROUP_NAME + ".xml"), Lock.LockMode.READ_LOCK)) {
assertNotNull(document);
}
// 9. post-check - check that both the accounts collection and groups collection still have sub-collections for removed accounts and groups
try (final Collection collection = broker.openCollection(ACCOUNTS_URI, Lock.LockMode.READ_LOCK)) {
assertNotNull(collection);
assertEquals(1, collection.getChildCollectionCount(broker));
assertTrue(collection.hasChildCollection(broker, XmldbURI.create(REMOVED_COLLECTION_NAME)));
}
try (final Collection collection = broker.openCollection(GROUPS_URI, Lock.LockMode.READ_LOCK)) {
assertNotNull(collection);
assertEquals(1, collection.getChildCollectionCount(broker));
assertTrue(collection.hasChildCollection(broker, XmldbURI.create(REMOVED_COLLECTION_NAME)));
}
// 10. post-check - assert that the removed Collections do exist for accounts and groups, but contain only 1 document (i.e. for the removed account)
try (final Collection collection = broker.openCollection(REMOVED_ACCOUNTS_URI, Lock.LockMode.READ_LOCK)) {
assertNotNull(collection);
assertEquals(0, collection.getChildCollectionCount(broker));
assertEquals(1, collection.getDocumentCount(broker));
}
try (final Collection collection = broker.openCollection(REMOVED_GROUPS_URI, Lock.LockMode.READ_LOCK)) {
assertNotNull(collection);
assertEquals(0, collection.getChildCollectionCount(broker));
assertEquals(0, collection.getDocumentCount(broker));
}
// 11. post-check - assert the XML document for the removed account does exist, but no such document exists for the group
assertTrue(removedAccountExists(broker, TEST_USER_NAME));
assertFalse(removedGroupExists(broker, TEST_GROUP_NAME));
}
}
Also used :
DBBroker(org.exist.storage.DBBroker)
LockedDocument(org.exist.dom.persistent.LockedDocument)
Collection(org.exist.collections.Collection)
BrokerPool(org.exist.storage.BrokerPool)
Test(org.junit.Test)
Example 10 with Collection
use of org.exist.collections.Collection in project exist by eXist-db.
the class AbstractUpdateTest method init.
protected DocumentImpl init(final DBBroker broker, final TransactionManager transact) throws PermissionDeniedException, IOException, SAXException, LockException, EXistException {
DocumentImpl doc = null;
try (final Txn transaction = transact.beginTransaction()) {
final Collection root = broker.getOrCreateCollection(transaction, TEST_COLLECTION_URI);
broker.saveCollection(transaction, root);
final Collection test = broker.getOrCreateCollection(transaction, TEST_COLLECTION_URI.append("test2"));
broker.saveCollection(transaction, test);
broker.storeDocument(transaction, XmldbURI.create("test.xml"), new StringInputSource(TEST_XML), MimeType.XML_TYPE, test);
doc = test.getDocument(broker, XmldbURI.create("test.xml"));
// TODO : unlock the collection here ?
transact.commit(transaction);
}
return doc;
}
Also used :
StringInputSource(org.exist.util.StringInputSource)
Collection(org.exist.collections.Collection)
Txn(org.exist.storage.txn.Txn)
DocumentImpl(org.exist.dom.persistent.DocumentImpl)
Aggregations
Collection (org.exist.collections.Collection)297
Txn (org.exist.storage.txn.Txn)160
XmldbURI (org.exist.xmldb.XmldbURI)99
DBBroker (org.exist.storage.DBBroker)89
TransactionManager (org.exist.storage.txn.TransactionManager)86
BrokerPool (org.exist.storage.BrokerPool)69
StringInputSource (org.exist.util.StringInputSource)57
Test (org.junit.Test)57
EXistException (org.exist.EXistException)43
PermissionDeniedException (org.exist.security.PermissionDeniedException)43
DocumentImpl (org.exist.dom.persistent.DocumentImpl)42
IOException (java.io.IOException)33
LockedDocument (org.exist.dom.persistent.LockedDocument)31
SAXException (org.xml.sax.SAXException)26
InputStream (java.io.InputStream)19
Path (java.nio.file.Path)19
Permission (org.exist.security.Permission)19
LockException (org.exist.util.LockException)16
TriggerException (org.exist.collections.triggers.TriggerException)15
BinaryDocument (org.exist.dom.persistent.BinaryDocument)15
