Examples with Account org.exist.security.Account used on opensource projects

Example 46 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class UMaskFunction method getUMask.

private IntegerValue getUMask(final DBBroker broker, final String username) {
    final SecurityManager securityManager = broker.getBrokerPool().getSecurityManager();
    final Account account = securityManager.getAccount(username);
    return new IntegerValue(account.getUserMask());
}

Example 47 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class UMaskFunction method setUMask.

private void setUMask(final DBBroker broker, final Subject currentUser, final String username, final int umask) throws XPathException {
    if (!currentUser.hasDbaRole() && !currentUser.getUsername().equals(username)) {
        throw new XPathException(this, new PermissionDeniedException("You must have suitable access rights to set the users umask."));
    }
    final SecurityManager securityManager = broker.getBrokerPool().getSecurityManager();
    final Account account = securityManager.getAccount(username);
    account.setUserMask(umask);
    try {
        securityManager.updateAccount(account);
    } catch (final PermissionDeniedException | EXistException pde) {
        throw new XPathException(this, pde);
    }
}

Example 48 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class MutableCollection method checkPermissionsForAddDocument.

/**
 * Check Permissions about user and document when a document is added to the database,
 * and throw exceptions if necessary.
 *
 * @param broker The database broker
 * @param oldDoc old Document existing in database prior to adding a new one with same name, or null if none exists
 */
private void checkPermissionsForAddDocument(final DBBroker broker, final DocumentImpl oldDoc) throws LockException, PermissionDeniedException {
    // do we have execute permission on the collection?
    if (!getPermissionsNoLock().validate(broker.getCurrentSubject(), Permission.EXECUTE)) {
        throw new PermissionDeniedException("Execute permission is not granted on the Collection.");
    }
    if (oldDoc != null) {
        /* update document */
        LOG.debug("Found old doc {}", oldDoc.getDocId());
        // check if the document is locked by another user
        final Account lockUser = oldDoc.getUserLock();
        if (lockUser != null && !lockUser.equals(broker.getCurrentSubject())) {
            throw new PermissionDeniedException("The document is locked by user '" + lockUser.getName() + "'.");
        }
        // do we have write permission on the old document or are we the owner of the old document?
        if (!((oldDoc.getPermissions().getOwner().getId() == broker.getCurrentSubject().getId()) || (oldDoc.getPermissions().validate(broker.getCurrentSubject(), Permission.WRITE)))) {
            throw new PermissionDeniedException("A resource with the same name already exists in the target collection '" + path + "', and you do not have write access on that resource.");
        }
    } else {
        if (!getPermissionsNoLock().validate(broker.getCurrentSubject(), Permission.WRITE)) {
            throw new PermissionDeniedException("Write permission is not granted on the Collection.");
        }
    }
}

Example 49 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class UserManagerDialog method getUsersTableModel.

private TableModel getUsersTableModel() {
    if (usersTableModel == null) {
        try {
            final Account[] accounts = userManagementService.getAccounts();
            Arrays.sort(accounts, new AccountComparator());
            final String[][] tableData = new String[accounts.length][3];
            for (int i = 0; i < accounts.length; i++) {
                tableData[i][0] = accounts[i].getName();
                tableData[i][1] = accounts[i].getMetadataValue(AXSchemaType.FULLNAME);
                tableData[i][2] = accounts[i].getMetadataValue(EXistSchemaType.DESCRIPTION);
            }
            usersTableModel = new ReadOnlyDefaultTableModel(tableData, new String[] { "User", "Full Name", "Description" });
        } catch (final XMLDBException xmldbe) {
            JOptionPane.showMessageDialog(this, "Could not get users list: " + xmldbe.getMessage(), "User Manager Error", JOptionPane.ERROR_MESSAGE);
        }
    }
    return usersTableModel;
}

Example 50 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class UserManagerDialog method miRemoveUserActionPerformed.

private void miRemoveUserActionPerformed(java.awt.event.ActionEvent evt) {
    // GEN-FIRST:event_miRemoveUserActionPerformed
    final String selectedUsername = getSelectedUsername();
    try {
        final Account account = userManagementService.getAccount(selectedUsername);
        userManagementService.removeAccount(account);
        usersTableModel.removeRow(tblUsers.getSelectedRow());
    } catch (final XMLDBException xmldbe) {
        JOptionPane.showMessageDialog(this, "Could not remove user '" + selectedUsername + "': " + xmldbe.getMessage(), "User Manager Error", JOptionPane.ERROR_MESSAGE);
    }
}