use of org.exist.config.Configuration in project exist by eXist-db.
the class AbstractRealmTest method updateGroup_calls_assertCanModifyGroup.
/*
@Test
public void updateAccount_calls_assertCanModifyAccount() throws PermissionDeniedException, EXistException {
SecurityManager mockSecurityManager = EasyMock.createMock(SecurityManager.class);
Configuration mockConfiguration = EasyMock.createMock(Configuration.class);
Database mockDatabase = EasyMock.createMock(Database.class);
Subject mockSubject = EasyMock.createMock(Subject.class);
Account mockAccount = EasyMock.createMockBuilder(AbstractAccount.class)
.addMockedMethod("getName", new Class[0])
.addMockedMethod("getGroups", new Class[0])
.addMockedMethod("assertCanModifyAccount", new Class[]{Account.class})
.addMockedMethod("getRealm", new Class[0])
.createNiceMock();
final String accountName = "someAccount";
AbstractRealm mockRealm = EasyMock
.createMockBuilder(AbstractRealm.class)
.withConstructor(SecurityManager.class, Configuration.class)
.withArgs(mockSecurityManager, mockConfiguration)
.addMockedMethod("getDatabase", new Class[0])
.addMockedMethod("getAccount", new Class[]{Subject.class, String.class})
.createNiceMock();
Account mockUpdatingAccount = EasyMock.createMock(Account.class);
//expectations
expect(mockRealm.getDatabase()).andReturn(mockDatabase);
expect(mockDatabase.getCurrentSubject()).andReturn(mockSubject);
mockAccount.assertCanModifyAccount(mockSubject);
expect(mockAccount.getName()).andReturn(accountName);
expect(mockRealm.getAccount(null, accountName)).andReturn(mockUpdatingAccount);
expect(mockAccount.getGroups()).andReturn(new String[0]);
expect(mockUpdatingAccount.getGroups()).andReturn(new String[0]);
replay(mockRealm, mockDatabase, mockSubject, mockUpdatingAccount, mockAccount);
mockRealm.updateAccount(null, mockAccount);
verify(mockRealm, mockDatabase, mockSubject, mockUpdatingAccount, mockAccount);
} */
@Test
public void updateGroup_calls_assertCanModifyGroup() throws PermissionDeniedException, EXistException {
SecurityManager mockSecurityManager = EasyMock.createMock(SecurityManager.class);
Configuration mockConfiguration = EasyMock.createMock(Configuration.class);
Database mockDatabase = EasyMock.createMock(Database.class);
DBBroker mockBroker = EasyMock.createMock(DBBroker.class);
Subject mockSubject = EasyMock.createMock(Subject.class);
Group mockGroup = EasyMock.createMockBuilder(AbstractGroup.class).addMockedMethod("getName", new Class[0]).addMockedMethod("getManagers", new Class[0]).addMockedMethod("assertCanModifyGroup", new Class[] { Account.class }).addMockedMethod("getMetadataKeys", new Class[0]).createNiceMock();
final String groupName = "someGroup";
AbstractRealm mockRealm = EasyMock.createMockBuilder(AbstractRealm.class).withConstructor(SecurityManager.class, Configuration.class).withArgs(mockSecurityManager, mockConfiguration).addMockedMethod("getDatabase", new Class[0]).addMockedMethod("getGroup", new Class[] { String.class }).createNiceMock();
Group mockUpdatingGroup = EasyMock.createNiceMock(Group.class);
// expectations
expect(mockRealm.getDatabase()).andReturn(mockDatabase);
expect(mockDatabase.getActiveBroker()).andReturn(mockBroker);
expect(mockBroker.getCurrentSubject()).andReturn(mockSubject);
mockGroup.assertCanModifyGroup(mockSubject);
expect(mockGroup.getName()).andReturn(groupName);
expect(mockRealm.getGroup(groupName)).andReturn(mockUpdatingGroup);
expect(mockGroup.getManagers()).andReturn(Collections.emptyList());
expect(mockUpdatingGroup.getManagers()).andReturn(Collections.emptyList());
expect(mockGroup.getMetadataKeys()).andReturn(Collections.emptySet());
mockGroup.save();
replay(mockRealm, mockDatabase, mockBroker, mockGroup, mockSubject, mockUpdatingGroup);
mockRealm.updateGroup(mockGroup);
verify(mockRealm, mockDatabase, mockBroker, mockGroup, mockSubject, mockUpdatingGroup);
}
use of org.exist.config.Configuration in project exist by eXist-db.
the class AccountTest method testGroupFallback.
@Ignore
@Test
public void testGroupFallback() throws NoSuchMethodException, PermissionDeniedException {
// final String mockRealmId = "mock";
final String testAccountName = "testUser";
final String testGroupName = "testGroup";
Database mockDatabase = EasyMock.createMock(Database.class);
SecurityManagerImpl mockSecurityManager = EasyMock.createMockBuilder(SecurityManagerImpl.class).withConstructor(Database.class).withArgs(mockDatabase).createMock();
Configuration mockConfiguration = EasyMock.createMock(Configuration.class);
AbstractRealm mockRealm = EasyMock.createMockBuilder(AbstractRealm.class).withConstructor(SecurityManager.class, Configuration.class).withArgs(mockSecurityManager, mockConfiguration).createMock();
AccountImpl mockAccountImpl = EasyMock.createMockBuilder(AccountImpl.class).withConstructor(AbstractRealm.class, String.class).withArgs(mockRealm, testAccountName).addMockedMethods(AccountImpl.class.getMethod("getRealm"), AccountImpl.class.getMethod("addGroup", Group.class)).createMock();
expect(mockAccountImpl.getRealm()).andReturn(mockRealm);
expect(mockRealm.getGroup(testGroupName)).andReturn(null);
// expect(mockAccountImpl.getRealm()).andReturn(mockRealm);
// expect(mockRealm.getSecurityManager()).andReturn(mockSecurityManager);
replay();
mockAccountImpl.addGroup(testGroupName);
verify();
}
use of org.exist.config.Configuration in project exist by eXist-db.
the class SecurityManagerImpl method attach.
/**
* Initialize the security manager.
*
* Checks if the file users.xml exists in the system collection of the database.
* If not, it is created with two default users: admin and guest.
*
* @param broker the database broker
*/
@Override
public void attach(final DBBroker broker, final Txn transaction) throws EXistException {
// TODO: check that db is same?
db = broker.getDatabase();
Collection systemCollection = null;
try {
systemCollection = broker.getCollection(XmldbURI.SYSTEM_COLLECTION_URI);
if (systemCollection == null) {
systemCollection = broker.getOrCreateCollection(transaction, XmldbURI.SYSTEM_COLLECTION_URI);
if (systemCollection == null) {
return;
}
systemCollection.setPermissions(broker, Permission.DEFAULT_SYSTEM_COLLECTION_PERM);
broker.saveCollection(transaction, systemCollection);
}
} catch (final Exception e) {
LOG.error("Setting /db/system permissions failed: {}", e.getMessage(), e);
}
try {
collection = broker.getCollection(SECURITY_COLLECTION_URI);
if (collection == null) {
collection = broker.getOrCreateCollection(transaction, SECURITY_COLLECTION_URI);
if (collection == null) {
LOG.error("Collection '/db/system/security' can't be created. Database may be corrupt!");
return;
}
collection.setPermissions(broker, Permission.DEFAULT_SYSTEM_SECURITY_COLLECTION_PERM);
broker.saveCollection(transaction, collection);
}
} catch (final Exception e) {
e.printStackTrace();
LOG.error("Loading security configuration failed: {}", e.getMessage(), e);
}
final Configuration _config_ = Configurator.parse(this, broker, collection, CONFIG_FILE_URI);
configuration = Configurator.configure(this, _config_);
for (final Realm realm : realms) {
realm.start(broker, transaction);
}
}
use of org.exist.config.Configuration in project exist by eXist-db.
the class LDAPRealmTest method setUpBeforeClass.
/**
* @throws java.lang.Exception
*/
@BeforeClass
public static void setUpBeforeClass() throws Exception {
try (final InputStream is = new UnsynchronizedByteArrayInputStream(config.getBytes(UTF_8))) {
Configuration config = Configurator.parse(is);
realm = new LDAPRealm(null, config);
}
}
use of org.exist.config.Configuration in project exist by eXist-db.
the class AbstractRealm method loadRemovedGroupsFromRealmStorage.
private void loadRemovedGroupsFromRealmStorage(final DBBroker broker) throws ConfigurationException, PermissionDeniedException, LockException {
// load marked for remove groups information
if (collectionRemovedGroups != null && collectionRemovedGroups.getDocumentCount(broker) > 0) {
for (final Iterator<DocumentImpl> i = collectionRemovedGroups.iterator(broker); i.hasNext(); ) {
final Configuration conf = Configurator.parse(broker.getBrokerPool(), i.next());
final Integer id = conf.getPropertyInteger("id");
if (id != null && !getSecurityManager().hasGroup(id)) {
// G group = instantiateGroup(this, conf, true);
final GroupImpl group = new GroupImpl(this, conf);
group.removed = true;
getSecurityManager().registerGroup(group);
}
}
}
}
Aggregations