Search in sources :

Example 1 with Configuration

use of org.exist.config.Configuration in project exist by eXist-db.

the class AbstractRealmTest method updateGroup_calls_assertCanModifyGroup.

/*
    @Test
    public void updateAccount_calls_assertCanModifyAccount() throws PermissionDeniedException, EXistException {
        SecurityManager mockSecurityManager = EasyMock.createMock(SecurityManager.class);
        Configuration mockConfiguration = EasyMock.createMock(Configuration.class);
        Database mockDatabase = EasyMock.createMock(Database.class);
        Subject mockSubject = EasyMock.createMock(Subject.class);

        Account mockAccount = EasyMock.createMockBuilder(AbstractAccount.class)
                .addMockedMethod("getName", new Class[0])
                .addMockedMethod("getGroups", new Class[0])
                .addMockedMethod("assertCanModifyAccount", new Class[]{Account.class})
                .addMockedMethod("getRealm", new Class[0])
                .createNiceMock();
        final String accountName = "someAccount";

        AbstractRealm mockRealm = EasyMock
                .createMockBuilder(AbstractRealm.class)
                .withConstructor(SecurityManager.class, Configuration.class)
                .withArgs(mockSecurityManager, mockConfiguration)
                .addMockedMethod("getDatabase", new Class[0])
                .addMockedMethod("getAccount", new Class[]{Subject.class, String.class})
                .createNiceMock();

        Account mockUpdatingAccount = EasyMock.createMock(Account.class);

        //expectations
        expect(mockRealm.getDatabase()).andReturn(mockDatabase);
        expect(mockDatabase.getCurrentSubject()).andReturn(mockSubject);
        mockAccount.assertCanModifyAccount(mockSubject);
        expect(mockAccount.getName()).andReturn(accountName);
        expect(mockRealm.getAccount(null, accountName)).andReturn(mockUpdatingAccount);
        expect(mockAccount.getGroups()).andReturn(new String[0]);
        expect(mockUpdatingAccount.getGroups()).andReturn(new String[0]);

        replay(mockRealm, mockDatabase, mockSubject, mockUpdatingAccount, mockAccount);

        mockRealm.updateAccount(null, mockAccount);

        verify(mockRealm, mockDatabase, mockSubject, mockUpdatingAccount, mockAccount);
    } */
@Test
public void updateGroup_calls_assertCanModifyGroup() throws PermissionDeniedException, EXistException {
    SecurityManager mockSecurityManager = EasyMock.createMock(SecurityManager.class);
    Configuration mockConfiguration = EasyMock.createMock(Configuration.class);
    Database mockDatabase = EasyMock.createMock(Database.class);
    DBBroker mockBroker = EasyMock.createMock(DBBroker.class);
    Subject mockSubject = EasyMock.createMock(Subject.class);
    Group mockGroup = EasyMock.createMockBuilder(AbstractGroup.class).addMockedMethod("getName", new Class[0]).addMockedMethod("getManagers", new Class[0]).addMockedMethod("assertCanModifyGroup", new Class[] { Account.class }).addMockedMethod("getMetadataKeys", new Class[0]).createNiceMock();
    final String groupName = "someGroup";
    AbstractRealm mockRealm = EasyMock.createMockBuilder(AbstractRealm.class).withConstructor(SecurityManager.class, Configuration.class).withArgs(mockSecurityManager, mockConfiguration).addMockedMethod("getDatabase", new Class[0]).addMockedMethod("getGroup", new Class[] { String.class }).createNiceMock();
    Group mockUpdatingGroup = EasyMock.createNiceMock(Group.class);
    // expectations
    expect(mockRealm.getDatabase()).andReturn(mockDatabase);
    expect(mockDatabase.getActiveBroker()).andReturn(mockBroker);
    expect(mockBroker.getCurrentSubject()).andReturn(mockSubject);
    mockGroup.assertCanModifyGroup(mockSubject);
    expect(mockGroup.getName()).andReturn(groupName);
    expect(mockRealm.getGroup(groupName)).andReturn(mockUpdatingGroup);
    expect(mockGroup.getManagers()).andReturn(Collections.emptyList());
    expect(mockUpdatingGroup.getManagers()).andReturn(Collections.emptyList());
    expect(mockGroup.getMetadataKeys()).andReturn(Collections.emptySet());
    mockGroup.save();
    replay(mockRealm, mockDatabase, mockBroker, mockGroup, mockSubject, mockUpdatingGroup);
    mockRealm.updateGroup(mockGroup);
    verify(mockRealm, mockDatabase, mockBroker, mockGroup, mockSubject, mockUpdatingGroup);
}
Also used : DBBroker(org.exist.storage.DBBroker) Configuration(org.exist.config.Configuration) Database(org.exist.Database) Test(org.junit.Test)

Example 2 with Configuration

use of org.exist.config.Configuration in project exist by eXist-db.

the class AccountTest method testGroupFallback.

@Ignore
@Test
public void testGroupFallback() throws NoSuchMethodException, PermissionDeniedException {
    // final String mockRealmId = "mock";
    final String testAccountName = "testUser";
    final String testGroupName = "testGroup";
    Database mockDatabase = EasyMock.createMock(Database.class);
    SecurityManagerImpl mockSecurityManager = EasyMock.createMockBuilder(SecurityManagerImpl.class).withConstructor(Database.class).withArgs(mockDatabase).createMock();
    Configuration mockConfiguration = EasyMock.createMock(Configuration.class);
    AbstractRealm mockRealm = EasyMock.createMockBuilder(AbstractRealm.class).withConstructor(SecurityManager.class, Configuration.class).withArgs(mockSecurityManager, mockConfiguration).createMock();
    AccountImpl mockAccountImpl = EasyMock.createMockBuilder(AccountImpl.class).withConstructor(AbstractRealm.class, String.class).withArgs(mockRealm, testAccountName).addMockedMethods(AccountImpl.class.getMethod("getRealm"), AccountImpl.class.getMethod("addGroup", Group.class)).createMock();
    expect(mockAccountImpl.getRealm()).andReturn(mockRealm);
    expect(mockRealm.getGroup(testGroupName)).andReturn(null);
    // expect(mockAccountImpl.getRealm()).andReturn(mockRealm);
    // expect(mockRealm.getSecurityManager()).andReturn(mockSecurityManager);
    replay();
    mockAccountImpl.addGroup(testGroupName);
    verify();
}
Also used : Configuration(org.exist.config.Configuration) Database(org.exist.Database) AccountImpl(org.exist.security.internal.AccountImpl) SecurityManagerImpl(org.exist.security.internal.SecurityManagerImpl) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 3 with Configuration

use of org.exist.config.Configuration in project exist by eXist-db.

the class SecurityManagerImpl method attach.

/**
 * Initialize the security manager.
 *
 * Checks if the file users.xml exists in the system collection of the database.
 * If not, it is created with two default users: admin and guest.
 *
 * @param broker the database broker
 */
@Override
public void attach(final DBBroker broker, final Txn transaction) throws EXistException {
    // TODO: check that db is same?
    db = broker.getDatabase();
    Collection systemCollection = null;
    try {
        systemCollection = broker.getCollection(XmldbURI.SYSTEM_COLLECTION_URI);
        if (systemCollection == null) {
            systemCollection = broker.getOrCreateCollection(transaction, XmldbURI.SYSTEM_COLLECTION_URI);
            if (systemCollection == null) {
                return;
            }
            systemCollection.setPermissions(broker, Permission.DEFAULT_SYSTEM_COLLECTION_PERM);
            broker.saveCollection(transaction, systemCollection);
        }
    } catch (final Exception e) {
        LOG.error("Setting /db/system permissions failed: {}", e.getMessage(), e);
    }
    try {
        collection = broker.getCollection(SECURITY_COLLECTION_URI);
        if (collection == null) {
            collection = broker.getOrCreateCollection(transaction, SECURITY_COLLECTION_URI);
            if (collection == null) {
                LOG.error("Collection '/db/system/security' can't be created. Database may be corrupt!");
                return;
            }
            collection.setPermissions(broker, Permission.DEFAULT_SYSTEM_SECURITY_COLLECTION_PERM);
            broker.saveCollection(transaction, collection);
        }
    } catch (final Exception e) {
        e.printStackTrace();
        LOG.error("Loading security configuration failed: {}", e.getMessage(), e);
    }
    final Configuration _config_ = Configurator.parse(this, broker, collection, CONFIG_FILE_URI);
    configuration = Configurator.configure(this, _config_);
    for (final Realm realm : realms) {
        realm.start(broker, transaction);
    }
}
Also used : Configuration(org.exist.config.Configuration) Collection(org.exist.collections.Collection) AbstractRealm(org.exist.security.AbstractRealm) Realm(org.exist.security.realm.Realm) ConfigurationException(org.exist.config.ConfigurationException) PermissionDeniedException(org.exist.security.PermissionDeniedException) AuthenticationException(org.exist.security.AuthenticationException) BrokerPoolServiceException(org.exist.storage.BrokerPoolServiceException) EXistException(org.exist.EXistException)

Example 4 with Configuration

use of org.exist.config.Configuration in project exist by eXist-db.

the class LDAPRealmTest method setUpBeforeClass.

/**
 * @throws java.lang.Exception
 */
@BeforeClass
public static void setUpBeforeClass() throws Exception {
    try (final InputStream is = new UnsynchronizedByteArrayInputStream(config.getBytes(UTF_8))) {
        Configuration config = Configurator.parse(is);
        realm = new LDAPRealm(null, config);
    }
}
Also used : Configuration(org.exist.config.Configuration) UnsynchronizedByteArrayInputStream(org.apache.commons.io.input.UnsynchronizedByteArrayInputStream) InputStream(java.io.InputStream) UnsynchronizedByteArrayInputStream(org.apache.commons.io.input.UnsynchronizedByteArrayInputStream) BeforeClass(org.junit.BeforeClass)

Example 5 with Configuration

use of org.exist.config.Configuration in project exist by eXist-db.

the class AbstractRealm method loadRemovedGroupsFromRealmStorage.

private void loadRemovedGroupsFromRealmStorage(final DBBroker broker) throws ConfigurationException, PermissionDeniedException, LockException {
    // load marked for remove groups information
    if (collectionRemovedGroups != null && collectionRemovedGroups.getDocumentCount(broker) > 0) {
        for (final Iterator<DocumentImpl> i = collectionRemovedGroups.iterator(broker); i.hasNext(); ) {
            final Configuration conf = Configurator.parse(broker.getBrokerPool(), i.next());
            final Integer id = conf.getPropertyInteger("id");
            if (id != null && !getSecurityManager().hasGroup(id)) {
                // G group = instantiateGroup(this, conf, true);
                final GroupImpl group = new GroupImpl(this, conf);
                group.removed = true;
                getSecurityManager().registerGroup(group);
            }
        }
    }
}
Also used : Configuration(org.exist.config.Configuration) GroupImpl(org.exist.security.internal.GroupImpl) DocumentImpl(org.exist.dom.persistent.DocumentImpl)

Aggregations

Configuration (org.exist.config.Configuration)16 DocumentImpl (org.exist.dom.persistent.DocumentImpl)5 InputStream (java.io.InputStream)4 UnsynchronizedByteArrayInputStream (org.apache.commons.io.input.UnsynchronizedByteArrayInputStream)3 Database (org.exist.Database)3 ConfigurationException (org.exist.config.ConfigurationException)3 PermissionDeniedException (org.exist.security.PermissionDeniedException)3 AccountImpl (org.exist.security.internal.AccountImpl)3 Test (org.junit.Test)3 MethodHandle (java.lang.invoke.MethodHandle)2 MethodHandles (java.lang.invoke.MethodHandles)2 EXistException (org.exist.EXistException)2 Collection (org.exist.collections.Collection)2 AbstractRealm (org.exist.security.AbstractRealm)2 AuthenticationException (org.exist.security.AuthenticationException)2 Realm (org.exist.security.realm.Realm)2 BrokerPoolServiceException (org.exist.storage.BrokerPoolServiceException)2 DBBroker (org.exist.storage.DBBroker)2 AtomicLazyVal (com.evolvedbinary.j8fu.lazy.AtomicLazyVal)1 Int2ObjectMap (it.unimi.dsi.fastutil.ints.Int2ObjectMap)1