Example 6 with ACLPermission
use of org.exist.security.ACLPermission in project exist by eXist-db.
the class RpcConnection method describeCollection.
/**
* The method <code>describeCollection</code>
*
* Returns details of a collection - collections (list of sub-collections) -
* name - created - owner - group - permissions - acl
*
* If you do not have read access on the collection, the list of
* sub-collections will be empty, an exception will not be thrown!
*
* @param collUri a <code>XmldbURI</code> value
* @return a <code>Map</code> value
* @throws EXistException if an internal error occurs
* @throws PermissionDeniedException If the current user is not allowed to perform this action
*/
private Map<String, Object> describeCollection(final XmldbURI collUri) throws EXistException, PermissionDeniedException {
return this.<Map<String, Object>>readCollection(collUri).apply((collection, broker, transaction) -> {
final Map<String, Object> desc = new HashMap<>();
final List<String> collections = new ArrayList<>();
if (collection.getPermissionsNoLock().validate(user, Permission.READ)) {
for (final Iterator<XmldbURI> i = collection.collectionIterator(broker); i.hasNext(); ) {
collections.add(i.next().toString());
}
}
final Permission perms = collection.getPermissionsNoLock();
desc.put("collections", collections);
desc.put("name", collection.getURI().toString());
desc.put("created", Long.toString(collection.getCreated()));
desc.put("owner", perms.getOwner().getName());
desc.put("group", perms.getGroup().getName());
desc.put("permissions", perms.getMode());
if (perms instanceof ACLPermission) {
desc.put("acl", getACEs(perms));
}
return desc;
});
}
Also used :
ACLPermission(org.exist.security.ACLPermission)
ACLPermission(org.exist.security.ACLPermission)
Permission(org.exist.security.Permission)
XmldbURI(org.exist.xmldb.XmldbURI)
Example 7 with ACLPermission
use of org.exist.security.ACLPermission in project exist by eXist-db.
the class RpcConnection method describeResource.
private Map<String, Object> describeResource(final XmldbURI resourceUri) throws EXistException, PermissionDeniedException {
try {
return this.<Map<String, Object>>readDocument(resourceUri).apply((document, broker, transaction) -> {
final Map<String, Object> hash = new HashMap<>(11);
final Permission perms = document.getPermissions();
hash.put("name", resourceUri.toString());
hash.put("owner", perms.getOwner().getName());
hash.put("group", perms.getGroup().getName());
hash.put("permissions", perms.getMode());
if (perms instanceof ACLPermission) {
hash.put("acl", getACEs(perms));
}
hash.put("type", document.getResourceType() == DocumentImpl.BINARY_FILE ? "BinaryResource" : "XMLResource");
final long resourceLength = document.getContentLength();
hash.put("content-length", (resourceLength > (long) Integer.MAX_VALUE) ? Integer.MAX_VALUE : (int) resourceLength);
hash.put("content-length-64bit", Long.toString(resourceLength));
hash.put("mime-type", document.getMimeType());
hash.put("created", new Date(document.getCreated()));
hash.put("modified", new Date(document.getLastModified()));
if (document.getResourceType() == DocumentImpl.BINARY_FILE) {
hash.put("blob-id", ((BinaryDocument) document).getBlobId().getId());
final MessageDigest messageDigest = broker.getBinaryResourceContentDigest(transaction, (BinaryDocument) document, DigestType.BLAKE_256);
hash.put("digest-algorithm", messageDigest.getDigestType().getCommonNames()[0]);
hash.put("digest", messageDigest.getValue());
}
return hash;
});
} catch (final EXistException e) {
if (LOG.isDebugEnabled()) {
LOG.debug(e);
}
return new HashMap<>();
}
}
Also used :
ACLPermission(org.exist.security.ACLPermission)
ACLPermission(org.exist.security.ACLPermission)
Permission(org.exist.security.Permission)
EXistException(org.exist.EXistException)
MessageDigest(org.exist.util.crypto.digest.MessageDigest)
Example 8 with ACLPermission
use of org.exist.security.ACLPermission in project exist by eXist-db.
the class RpcConnection method getACEs.
private List<ACEAider> getACEs(final Permission perm) {
final List<ACEAider> aces = new ArrayList<>();
final ACLPermission aclPermission = (ACLPermission) perm;
for (int i = 0; i < aclPermission.getACECount(); i++) {
aces.add(new ACEAider(aclPermission.getACEAccessType(i), aclPermission.getACETarget(i), aclPermission.getACEWho(i), aclPermission.getACEMode(i)));
}
return aces;
}
Also used :
ACLPermission(org.exist.security.ACLPermission)
ACEAider(org.exist.security.internal.aider.ACEAider)
Example 9 with ACLPermission
use of org.exist.security.ACLPermission in project exist by eXist-db.
the class EditPropertiesDialog method btnSaveActionPerformed.
// </editor-fold>//GEN-END:initComponents
private void btnSaveActionPerformed(java.awt.event.ActionEvent evt) {
try {
for (final ResourceDescriptor desc : applyTo) {
final String newOwner;
if (MULTIPLE_INDICATOR.equals(lblOwnerValue.getText()) || desc.getOwner().equals(lblOwnerValue.getText())) {
newOwner = desc.getOwner();
} else {
newOwner = lblOwnerValue.getText();
}
final String newGroup;
if (MULTIPLE_INDICATOR.equals(lblGroupValue.getText()) || desc.getGroup().equals(lblGroupValue.getText())) {
newGroup = desc.getGroup();
} else {
newGroup = lblGroupValue.getText();
}
final Permission existingPermission = desc.getPermissions();
final ModeDisplay modeChanges = getBasicPermissionsTableModel().getMode();
final Permission updatedPermission = getUpdatedPermission(existingPermission, modeChanges);
final List<ACEAider> dlgAces = new ArrayList<>();
if (acl == null) {
if (existingPermission instanceof ACLPermission) {
final ACLPermission existingAclPermission = (ACLPermission) existingPermission;
for (int i = 0; i < existingAclPermission.getACECount(); i++) {
dlgAces.add(new ACEAider(existingAclPermission.getACEAccessType(i), existingAclPermission.getACETarget(i), existingAclPermission.getACEWho(i), existingAclPermission.getACEMode(i)));
}
}
} else {
for (int i = 0; i < tblAcl.getRowCount(); i++) {
final ACLPermission.ACE_TARGET target = ACLPermission.ACE_TARGET.valueOf((String) getAclTableModel().getValueAt(i, 0));
final String who = (String) getAclTableModel().getValueAt(i, 1);
final ACLPermission.ACE_ACCESS_TYPE access = ACLPermission.ACE_ACCESS_TYPE.valueOf((String) getAclTableModel().getValueAt(i, 2));
int mode = 0;
if ((Boolean) tblAcl.getValueAt(i, 3)) {
mode |= Permission.READ;
}
if ((Boolean) tblAcl.getValueAt(i, 4)) {
mode |= Permission.WRITE;
}
if ((Boolean) tblAcl.getValueAt(i, 5)) {
mode |= Permission.EXECUTE;
}
dlgAces.add(new ACEAider(access, target, who, mode));
}
}
if (desc.isCollection()) {
final Collection coll = parent.getChildCollection(desc.getName().toString());
getUserManagementService().setPermissions(coll, newOwner, newGroup, updatedPermission.getMode(), dlgAces);
} else {
final Resource res = parent.getResource(desc.getName().toString());
getUserManagementService().setPermissions(res, newOwner, newGroup, updatedPermission.getMode(), dlgAces);
}
}
setVisible(false);
dispose();
} catch (final PermissionDeniedException | XMLDBException e) {
JOptionPane.showMessageDialog(this, "Could not update properties: " + e.getMessage(), ERROR_TITLE, JOptionPane.ERROR_MESSAGE);
}
}
Also used :
ACLPermission(org.exist.security.ACLPermission)
ArrayList(java.util.ArrayList)
Resource(org.xmldb.api.base.Resource)
XMLDBException(org.xmldb.api.base.XMLDBException)
ACEAider(org.exist.security.internal.aider.ACEAider)
ACLPermission(org.exist.security.ACLPermission)
Permission(org.exist.security.Permission)
Collection(org.xmldb.api.base.Collection)
PermissionDeniedException(org.exist.security.PermissionDeniedException)
Example 10 with ACLPermission
use of org.exist.security.ACLPermission in project exist by eXist-db.
the class RemoteUserManagementService method getACEs.
private List<ACEAider> getACEs(final Permission perm) {
final List<ACEAider> aces = new ArrayList<>();
final ACLPermission aclPermission = (ACLPermission) perm;
for (int i = 0; i < aclPermission.getACECount(); i++) {
aces.add(new ACEAider(aclPermission.getACEAccessType(i), aclPermission.getACETarget(i), aclPermission.getACEWho(i), aclPermission.getACEMode(i)));
}
return aces;
}
Also used :
ACLPermission(org.exist.security.ACLPermission)
ACEAider(org.exist.security.internal.aider.ACEAider)
Aggregations
ACLPermission (org.exist.security.ACLPermission)10
Permission (org.exist.security.Permission)8
PermissionDeniedException (org.exist.security.PermissionDeniedException)5
ACEAider (org.exist.security.internal.aider.ACEAider)3
SAXSerializer (org.exist.util.serializer.SAXSerializer)3
DateTimeValue (org.exist.xquery.value.DateTimeValue)3
AttributesImpl (org.xml.sax.helpers.AttributesImpl)3
XMLStreamException (javax.xml.stream.XMLStreamException)2
LockException (org.exist.util.LockException)2
XmldbURI (org.exist.xmldb.XmldbURI)2
TerminatedException (org.exist.xquery.TerminatedException)2
XPathException (org.exist.xquery.XPathException)2
SAXException (org.xml.sax.SAXException)2
IOException (java.io.IOException)1
ArrayList (java.util.ArrayList)1
Date (java.util.Date)1
EXistException (org.exist.EXistException)1
Collection (org.exist.collections.Collection)1
DocumentImpl (org.exist.dom.persistent.DocumentImpl)1
LockedDocument (org.exist.dom.persistent.LockedDocument)1
