Examples with ACE_ACCESS_TYPE org.exist.security.ACLPermission.ACE_ACCESS_TYPE used on opensource projects

Search in sources :

Example 1 with ACE_ACCESS_TYPE

use of org.exist.security.ACLPermission.ACE_ACCESS_TYPE in project exist by eXist-db.

the class AccessControlEntryDialog method btnCreateActionPerformed.

// </editor-fold>//GEN-END:initComponents
private void btnCreateActionPerformed(java.awt.event.ActionEvent evt) {
    // GEN-FIRST:event_btnCreateActionPerformed
    final ACE_TARGET target = ACE_TARGET.valueOf((String) cmbTarget.getSelectedItem());
    final String who;
    if (target == ACE_TARGET.USER) {
        who = (String) cmbUsername.getSelectedItem();
        if (!isValidUsername(who)) {
            return;
        }
    } else {
        who = (String) cmbGroupName.getSelectedItem();
        if (!isValidGroupName(who)) {
            return;
        }
    }
    final ACE_ACCESS_TYPE accessType = ACE_ACCESS_TYPE.valueOf((String) cmbAccess.getSelectedItem());
    int mode = 0;
    if ((Boolean) tblPermission.getValueAt(0, 0)) {
        mode |= Permission.READ;
    }
    if ((Boolean) tblPermission.getValueAt(0, 1)) {
        mode |= Permission.WRITE;
    }
    if ((Boolean) tblPermission.getValueAt(0, 2)) {
        mode |= Permission.EXECUTE;
    }
    final ACEAider ace = new ACEAider(accessType, target, who, mode);
    for (final DialogCompleteWithResponse<ACEAider> callback : getDialogCompleteWithResponseCallbacks()) {
        callback.complete(ace);
    }
    setVisible(false);
    dispose();
}
Also used : ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) ACEAider(org.exist.security.internal.aider.ACEAider) ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET)

Example 2 with ACE_ACCESS_TYPE

use of org.exist.security.ACLPermission.ACE_ACCESS_TYPE in project exist by eXist-db.

the class SystemImportHandler method addACEToDeferredPermissions.

private void addACEToDeferredPermissions(final Attributes atts) {
    final int index = Integer.parseInt(atts.getValue("index"));
    final ACE_TARGET target = ACE_TARGET.valueOf(atts.getValue("target"));
    final String who = atts.getValue("who");
    final ACE_ACCESS_TYPE access_type = ACE_ACCESS_TYPE.valueOf(atts.getValue("access_type"));
    final int mode = Integer.parseInt(atts.getValue("mode"), 8);
    deferredPermissions.peek().addACE(index, target, who, access_type, mode);
}
Also used : ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET)

Example 3 with ACE_ACCESS_TYPE

use of org.exist.security.ACLPermission.ACE_ACCESS_TYPE in project exist by eXist-db.

the class SimpleACLPermissionTest method modify.

@Test
public void modify() throws PermissionDeniedException {
    final SecurityManager mockSecurityManager = EasyMock.createMock(SecurityManager.class);
    final Database mockDatabase = EasyMock.createMock(Database.class);
    final Subject mockCurrentSubject = EasyMock.createMock(Subject.class);
    final DBBroker mockBroker = EasyMock.createMock(DBBroker.class);
    expect(mockSecurityManager.getDatabase()).andReturn(mockDatabase).times(3);
    expect(mockDatabase.getActiveBroker()).andReturn(mockBroker).times(3);
    expect(mockBroker.getCurrentSubject()).andReturn(mockCurrentSubject).times(3);
    expect(mockCurrentSubject.hasDbaRole()).andReturn(true).times(3);
    replay(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject);
    SimpleACLPermission permission = new SimpleACLPermission(mockSecurityManager);
    assertEquals(0, permission.getACECount());
    final int userId = 1;
    final int mode = Permission.READ;
    final ACE_ACCESS_TYPE access_type = ACE_ACCESS_TYPE.ALLOWED;
    permission.addUserACE(access_type, userId, mode);
    assertEquals(1, permission.getACECount());
    assertEquals(userId, permission.getACEId(0));
    assertEquals(access_type, permission.getACEAccessType(0));
    assertEquals(ACE_TARGET.USER, permission.getACETarget(0));
    assertEquals(mode, permission.getACEMode(0));
    permission.modifyACE(0, access_type, Permission.WRITE);
    assertEquals(1, permission.getACECount());
    assertEquals(userId, permission.getACEId(0));
    assertEquals(access_type, permission.getACEAccessType(0));
    assertEquals(ACE_TARGET.USER, permission.getACETarget(0));
    assertEquals(Permission.WRITE, permission.getACEMode(0));
    permission.modifyACE(0, ACE_ACCESS_TYPE.DENIED, Permission.READ | Permission.WRITE);
    assertEquals(1, permission.getACECount());
    assertEquals(userId, permission.getACEId(0));
    assertEquals(ACE_TARGET.USER, permission.getACETarget(0));
    assertEquals(ACE_ACCESS_TYPE.DENIED, permission.getACEAccessType(0));
    assertEquals(Permission.READ | Permission.WRITE, permission.getACEMode(0));
    verify(mockSecurityManager, mockDatabase, mockBroker, mockCurrentSubject);
}
Also used : DBBroker(org.exist.storage.DBBroker) ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) Database(org.exist.Database) Test(org.junit.Test)

Example 4 with ACE_ACCESS_TYPE

use of org.exist.security.ACLPermission.ACE_ACCESS_TYPE in project exist by eXist-db.

the class ACEAiderParser method toAceAider.

private static ACEAider toAceAider(final List<Object> list) throws SAXException {
    if (list.size() != 4) {
        throw new SAXException("Inavlis list size for ACEAider");
    }
    Object object = list.get(0);
    final ACE_ACCESS_TYPE aceAccessType;
    if (object instanceof String) {
        try {
            aceAccessType = ACE_ACCESS_TYPE.valueOf((String) object);
        } catch (final IllegalArgumentException e) {
            throw new SAXException(e);
        }
    } else {
        throw new SAXException("Expected ACE_ACCESS_TYPE");
    }
    object = list.get(1);
    final ACE_TARGET aceTarget;
    if (object instanceof String) {
        try {
            aceTarget = ACE_TARGET.valueOf((String) object);
        } catch (final IllegalArgumentException e) {
            throw new SAXException(e);
        }
    } else {
        throw new SAXException("Expected ACE_TARGET");
    }
    object = list.get(2);
    final String aceWho;
    if (object instanceof String) {
        aceWho = (String) object;
    } else {
        throw new SAXException("Expected String");
    }
    object = list.get(3);
    final int aceMode;
    if (object instanceof Integer) {
        aceMode = (Integer) object;
    } else {
        throw new SAXException("Expected Integer");
    }
    return new ACEAider(aceAccessType, aceTarget, aceWho, aceMode);
}
Also used : ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) ACEAider(org.exist.security.internal.aider.ACEAider) ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET) SAXException(org.xml.sax.SAXException)

Example 5 with ACE_ACCESS_TYPE

use of org.exist.security.ACLPermission.ACE_ACCESS_TYPE in project exist by eXist-db.

the class PermissionsFunction method eval.

@Override
public Sequence eval(final Sequence[] args, final Sequence contextSequence) throws XPathException {
    final Sequence result;
    if (isCalledAs(qnModeToOctal.getLocalPart())) {
        final String mode = args[0].itemAt(0).getStringValue();
        result = functionModeToOctal(mode);
    } else if (isCalledAs(qnOctalToMode.getLocalPart())) {
        final String octal = args[0].itemAt(0).getStringValue();
        result = functionOctalToMode(octal);
    } else {
        // all functions below take a path as the first arg
        final XmldbURI pathUri = ((AnyURIValue) args[0].itemAt(0)).toXmldbURI();
        try (final Txn transaction = context.getBroker().continueOrBeginTransaction()) {
            if (isCalledAs(qnGetPermissions.getLocalPart())) {
                result = functionGetPermissions(pathUri);
            } else if (isCalledAs(qnAddUserACE.getLocalPart()) || isCalledAs(qnAddGroupACE.getLocalPart())) {
                final ACE_TARGET target = isCalledAs(qnAddUserACE.getLocalPart()) ? ACE_TARGET.USER : ACE_TARGET.GROUP;
                final String name = args[1].getStringValue();
                final ACE_ACCESS_TYPE access_type = args[2].effectiveBooleanValue() ? ACE_ACCESS_TYPE.ALLOWED : ACE_ACCESS_TYPE.DENIED;
                final String mode = args[3].itemAt(0).getStringValue();
                result = functionAddACE(context.getBroker(), transaction, pathUri, target, name, access_type, mode);
            } else if (isCalledAs(qnInsertUserACE.getLocalPart()) || isCalledAs(qnInsertGroupACE.getLocalPart())) {
                final ACE_TARGET target = isCalledAs(qnInsertUserACE.getLocalPart()) ? ACE_TARGET.USER : ACE_TARGET.GROUP;
                final int index = args[1].itemAt(0).toJavaObject(Integer.class);
                final String name = args[2].getStringValue();
                final ACE_ACCESS_TYPE access_type = args[3].effectiveBooleanValue() ? ACE_ACCESS_TYPE.ALLOWED : ACE_ACCESS_TYPE.DENIED;
                final String mode = args[4].itemAt(0).getStringValue();
                result = functionInsertACE(context.getBroker(), transaction, pathUri, index, target, name, access_type, mode);
            } else if (isCalledAs(qnModifyACE.getLocalPart())) {
                final int index = args[1].itemAt(0).toJavaObject(Integer.class);
                final ACE_ACCESS_TYPE access_type = args[2].effectiveBooleanValue() ? ACE_ACCESS_TYPE.ALLOWED : ACE_ACCESS_TYPE.DENIED;
                final String mode = args[3].itemAt(0).getStringValue();
                result = functionModifyACE(context.getBroker(), transaction, pathUri, index, access_type, mode);
            } else if (isCalledAs(qnRemoveACE.getLocalPart())) {
                final int index = args[1].itemAt(0).toJavaObject(Integer.class);
                result = functionRemoveACE(context.getBroker(), transaction, pathUri, index);
            } else if (isCalledAs(qnClearACL.getLocalPart())) {
                result = functionClearACL(context.getBroker(), transaction, pathUri);
            } else if (isCalledAs(qnChMod.getLocalPart())) {
                final String mode = args[1].itemAt(0).getStringValue();
                result = functionChMod(context.getBroker(), transaction, pathUri, mode);
            } else if (isCalledAs(qnChOwn.getLocalPart())) {
                final String owner = args[1].itemAt(0).getStringValue();
                result = functionChOwn(context.getBroker(), transaction, pathUri, owner);
            } else if (isCalledAs(qnChGrp.getLocalPart())) {
                final String groupname = args[1].itemAt(0).getStringValue();
                result = functionChGrp(context.getBroker(), transaction, pathUri, groupname);
            } else if (isCalledAs(qnHasAccess.getLocalPart())) {
                final String mode = args[1].itemAt(0).getStringValue();
                result = functionHasAccess(pathUri, mode);
            } else {
                result = Sequence.EMPTY_SEQUENCE;
            }
            transaction.commit();
        } catch (final TransactionException | PermissionDeniedException e) {
            throw new XPathException(this, e);
        }
    }
    return result;
}
Also used : ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) XPathException(org.exist.xquery.XPathException) Sequence(org.exist.xquery.value.Sequence) Txn(org.exist.storage.txn.Txn) ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET) XmldbURI(org.exist.xmldb.XmldbURI)

Aggregations

ACE_ACCESS_TYPE (org.exist.security.ACLPermission.ACE_ACCESS_TYPE)5 ACE_TARGET (org.exist.security.ACLPermission.ACE_TARGET)4 ACEAider (org.exist.security.internal.aider.ACEAider)2 Database (org.exist.Database)1 DBBroker (org.exist.storage.DBBroker)1 Txn (org.exist.storage.txn.Txn)1 XmldbURI (org.exist.xmldb.XmldbURI)1 XPathException (org.exist.xquery.XPathException)1 Sequence (org.exist.xquery.value.Sequence)1 Test (org.junit.Test)1 SAXException (org.xml.sax.SAXException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial