Search in sources :

Example 1 with ACE_TARGET

use of org.exist.security.ACLPermission.ACE_TARGET in project exist by eXist-db.

the class AccessControlEntryDialog method cmbTargetActionPerformed.

// GEN-LAST:event_btnCloseActionPerformed
private void cmbTargetActionPerformed(java.awt.event.ActionEvent evt) {
    // GEN-FIRST:event_cmbTargetActionPerformed
    final ACE_TARGET aceTarget = ACE_TARGET.valueOf((String) cmbTarget.getSelectedItem());
    switch(aceTarget) {
        case USER:
            cmbGroupName.setEnabled(false);
            cmbUsername.setEnabled(true);
            break;
        case GROUP:
            cmbUsername.setEnabled(false);
            cmbGroupName.setEnabled(true);
            break;
    }
}
Also used : ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET)

Example 2 with ACE_TARGET

use of org.exist.security.ACLPermission.ACE_TARGET in project exist by eXist-db.

the class AccessControlEntryDialog method btnCreateActionPerformed.

// </editor-fold>//GEN-END:initComponents
private void btnCreateActionPerformed(java.awt.event.ActionEvent evt) {
    // GEN-FIRST:event_btnCreateActionPerformed
    final ACE_TARGET target = ACE_TARGET.valueOf((String) cmbTarget.getSelectedItem());
    final String who;
    if (target == ACE_TARGET.USER) {
        who = (String) cmbUsername.getSelectedItem();
        if (!isValidUsername(who)) {
            return;
        }
    } else {
        who = (String) cmbGroupName.getSelectedItem();
        if (!isValidGroupName(who)) {
            return;
        }
    }
    final ACE_ACCESS_TYPE accessType = ACE_ACCESS_TYPE.valueOf((String) cmbAccess.getSelectedItem());
    int mode = 0;
    if ((Boolean) tblPermission.getValueAt(0, 0)) {
        mode |= Permission.READ;
    }
    if ((Boolean) tblPermission.getValueAt(0, 1)) {
        mode |= Permission.WRITE;
    }
    if ((Boolean) tblPermission.getValueAt(0, 2)) {
        mode |= Permission.EXECUTE;
    }
    final ACEAider ace = new ACEAider(accessType, target, who, mode);
    for (final DialogCompleteWithResponse<ACEAider> callback : getDialogCompleteWithResponseCallbacks()) {
        callback.complete(ace);
    }
    setVisible(false);
    dispose();
}
Also used : ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) ACEAider(org.exist.security.internal.aider.ACEAider) ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET)

Example 3 with ACE_TARGET

use of org.exist.security.ACLPermission.ACE_TARGET in project exist by eXist-db.

the class SystemImportHandler method addACEToDeferredPermissions.

private void addACEToDeferredPermissions(final Attributes atts) {
    final int index = Integer.parseInt(atts.getValue("index"));
    final ACE_TARGET target = ACE_TARGET.valueOf(atts.getValue("target"));
    final String who = atts.getValue("who");
    final ACE_ACCESS_TYPE access_type = ACE_ACCESS_TYPE.valueOf(atts.getValue("access_type"));
    final int mode = Integer.parseInt(atts.getValue("mode"), 8);
    deferredPermissions.peek().addACE(index, target, who, access_type, mode);
}
Also used : ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET)

Example 4 with ACE_TARGET

use of org.exist.security.ACLPermission.ACE_TARGET in project exist by eXist-db.

the class ACEAiderParser method toAceAider.

private static ACEAider toAceAider(final List<Object> list) throws SAXException {
    if (list.size() != 4) {
        throw new SAXException("Inavlis list size for ACEAider");
    }
    Object object = list.get(0);
    final ACE_ACCESS_TYPE aceAccessType;
    if (object instanceof String) {
        try {
            aceAccessType = ACE_ACCESS_TYPE.valueOf((String) object);
        } catch (final IllegalArgumentException e) {
            throw new SAXException(e);
        }
    } else {
        throw new SAXException("Expected ACE_ACCESS_TYPE");
    }
    object = list.get(1);
    final ACE_TARGET aceTarget;
    if (object instanceof String) {
        try {
            aceTarget = ACE_TARGET.valueOf((String) object);
        } catch (final IllegalArgumentException e) {
            throw new SAXException(e);
        }
    } else {
        throw new SAXException("Expected ACE_TARGET");
    }
    object = list.get(2);
    final String aceWho;
    if (object instanceof String) {
        aceWho = (String) object;
    } else {
        throw new SAXException("Expected String");
    }
    object = list.get(3);
    final int aceMode;
    if (object instanceof Integer) {
        aceMode = (Integer) object;
    } else {
        throw new SAXException("Expected Integer");
    }
    return new ACEAider(aceAccessType, aceTarget, aceWho, aceMode);
}
Also used : ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) ACEAider(org.exist.security.internal.aider.ACEAider) ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET) SAXException(org.xml.sax.SAXException)

Example 5 with ACE_TARGET

use of org.exist.security.ACLPermission.ACE_TARGET in project exist by eXist-db.

the class PermissionsFunction method eval.

@Override
public Sequence eval(final Sequence[] args, final Sequence contextSequence) throws XPathException {
    final Sequence result;
    if (isCalledAs(qnModeToOctal.getLocalPart())) {
        final String mode = args[0].itemAt(0).getStringValue();
        result = functionModeToOctal(mode);
    } else if (isCalledAs(qnOctalToMode.getLocalPart())) {
        final String octal = args[0].itemAt(0).getStringValue();
        result = functionOctalToMode(octal);
    } else {
        // all functions below take a path as the first arg
        final XmldbURI pathUri = ((AnyURIValue) args[0].itemAt(0)).toXmldbURI();
        try (final Txn transaction = context.getBroker().continueOrBeginTransaction()) {
            if (isCalledAs(qnGetPermissions.getLocalPart())) {
                result = functionGetPermissions(pathUri);
            } else if (isCalledAs(qnAddUserACE.getLocalPart()) || isCalledAs(qnAddGroupACE.getLocalPart())) {
                final ACE_TARGET target = isCalledAs(qnAddUserACE.getLocalPart()) ? ACE_TARGET.USER : ACE_TARGET.GROUP;
                final String name = args[1].getStringValue();
                final ACE_ACCESS_TYPE access_type = args[2].effectiveBooleanValue() ? ACE_ACCESS_TYPE.ALLOWED : ACE_ACCESS_TYPE.DENIED;
                final String mode = args[3].itemAt(0).getStringValue();
                result = functionAddACE(context.getBroker(), transaction, pathUri, target, name, access_type, mode);
            } else if (isCalledAs(qnInsertUserACE.getLocalPart()) || isCalledAs(qnInsertGroupACE.getLocalPart())) {
                final ACE_TARGET target = isCalledAs(qnInsertUserACE.getLocalPart()) ? ACE_TARGET.USER : ACE_TARGET.GROUP;
                final int index = args[1].itemAt(0).toJavaObject(Integer.class);
                final String name = args[2].getStringValue();
                final ACE_ACCESS_TYPE access_type = args[3].effectiveBooleanValue() ? ACE_ACCESS_TYPE.ALLOWED : ACE_ACCESS_TYPE.DENIED;
                final String mode = args[4].itemAt(0).getStringValue();
                result = functionInsertACE(context.getBroker(), transaction, pathUri, index, target, name, access_type, mode);
            } else if (isCalledAs(qnModifyACE.getLocalPart())) {
                final int index = args[1].itemAt(0).toJavaObject(Integer.class);
                final ACE_ACCESS_TYPE access_type = args[2].effectiveBooleanValue() ? ACE_ACCESS_TYPE.ALLOWED : ACE_ACCESS_TYPE.DENIED;
                final String mode = args[3].itemAt(0).getStringValue();
                result = functionModifyACE(context.getBroker(), transaction, pathUri, index, access_type, mode);
            } else if (isCalledAs(qnRemoveACE.getLocalPart())) {
                final int index = args[1].itemAt(0).toJavaObject(Integer.class);
                result = functionRemoveACE(context.getBroker(), transaction, pathUri, index);
            } else if (isCalledAs(qnClearACL.getLocalPart())) {
                result = functionClearACL(context.getBroker(), transaction, pathUri);
            } else if (isCalledAs(qnChMod.getLocalPart())) {
                final String mode = args[1].itemAt(0).getStringValue();
                result = functionChMod(context.getBroker(), transaction, pathUri, mode);
            } else if (isCalledAs(qnChOwn.getLocalPart())) {
                final String owner = args[1].itemAt(0).getStringValue();
                result = functionChOwn(context.getBroker(), transaction, pathUri, owner);
            } else if (isCalledAs(qnChGrp.getLocalPart())) {
                final String groupname = args[1].itemAt(0).getStringValue();
                result = functionChGrp(context.getBroker(), transaction, pathUri, groupname);
            } else if (isCalledAs(qnHasAccess.getLocalPart())) {
                final String mode = args[1].itemAt(0).getStringValue();
                result = functionHasAccess(pathUri, mode);
            } else {
                result = Sequence.EMPTY_SEQUENCE;
            }
            transaction.commit();
        } catch (final TransactionException | PermissionDeniedException e) {
            throw new XPathException(this, e);
        }
    }
    return result;
}
Also used : ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) XPathException(org.exist.xquery.XPathException) Sequence(org.exist.xquery.value.Sequence) Txn(org.exist.storage.txn.Txn) ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET) XmldbURI(org.exist.xmldb.XmldbURI)

Aggregations

ACE_TARGET (org.exist.security.ACLPermission.ACE_TARGET)5 ACE_ACCESS_TYPE (org.exist.security.ACLPermission.ACE_ACCESS_TYPE)4 ACEAider (org.exist.security.internal.aider.ACEAider)2 Txn (org.exist.storage.txn.Txn)1 XmldbURI (org.exist.xmldb.XmldbURI)1 XPathException (org.exist.xquery.XPathException)1 Sequence (org.exist.xquery.value.Sequence)1 SAXException (org.xml.sax.SAXException)1