Examples with Account org.exist.security.Account used on opensource projects

Example 31 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class RpcConnection method updateAccount.

/**
 * Added by {Marco.Tampucci, Massimo.Martinelli} @isti.cnr.it
 *
 * modified by Chris Tomlinson based on above updateAccount - it appears
 * that this code can rely on the SecurityManager to enforce policy about
 * whether user is or is not permitted to update the Account with name.
 *
 * This is called via RemoteUserManagementService.addUserGroup(Account)
 *
 * @param name user name to update
 * @param groups list of groups the user is added to
 * @return true, if action succeeded
 */
@Override
public boolean updateAccount(final String name, final List<String> groups) {
    try {
        return withDb((broker, transaction) -> {
            final SecurityManager manager = broker.getBrokerPool().getSecurityManager();
            Account u;
            if (!manager.hasAccount(name)) {
                u = new UserAider(name);
            } else {
                u = manager.getAccount(name);
            }
            for (final String g : groups) {
                if (!u.hasGroup(g)) {
                    u.addGroup(g);
                }
            }
            return manager.updateAccount(u);
        });
    } catch (final EXistException | PermissionDeniedException e) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("addUserGroup encountered error", e);
        }
        return false;
    }
}

Example 32 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class ListUsersTask method execute.

/* (non-Javadoc)
     * @see org.apache.tools.ant.Task#execute()
     */
public void execute() throws BuildException {
    super.execute();
    try {
        log("Listing all users", Project.MSG_DEBUG);
        final Account[] users = service.getAccounts();
        if (users != null) {
            boolean isFirst = true;
            final StringBuilder buffer = new StringBuilder();
            for (final Account user : users) {
                // only insert separator for 2nd or later item
                if (isFirst) {
                    isFirst = false;
                } else {
                    buffer.append(separator);
                }
                buffer.append(user.getName());
            }
            if (buffer.length() > 0) {
                log("Setting output property " + outputproperty + " to " + buffer.toString(), Project.MSG_DEBUG);
                getProject().setNewProperty(outputproperty, buffer.toString());
            }
        }
    } catch (final XMLDBException e) {
        final String msg = "XMLDB exception caught: " + e.getMessage();
        if (failonerror) {
            throw (new BuildException(msg, e));
        } else {
            log(msg, e, Project.MSG_ERR);
        }
    }
}

Example 33 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class RpcConnection method getAccounts.

@Override
public List<Map<String, Object>> getAccounts() throws EXistException, PermissionDeniedException {
    final java.util.Collection<Account> users = factory.getBrokerPool().getSecurityManager().getUsers();
    final List<Map<String, Object>> result = new ArrayList<>();
    for (final Account user : users) {
        result.add(toMap(user));
    }
    return result;
}

Example 34 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class RpcConnection method getGroup.

@Override
public Map<String, Object> getGroup(final String name) throws EXistException, PermissionDeniedException {
    return withDb((broker, transaction) -> {
        final SecurityManager securityManager = factory.getBrokerPool().getSecurityManager();
        final Group group = securityManager.getGroup(name);
        if (group != null) {
            final Map<String, Object> map = new HashMap<>();
            map.put("id", group.getId());
            map.put("realmId", group.getRealmId());
            map.put("name", name);
            final List<Account> groupManagers = group.getManagers();
            final List<String> managers = new ArrayList<>(groupManagers.size());
            for (final Account groupManager : groupManagers) {
                managers.add(groupManager.getName());
            }
            map.put("managers", managers);
            final Map<String, String> metadata = new HashMap<>();
            for (final SchemaType key : group.getMetadataKeys()) {
                metadata.put(key.getNamespace(), group.getMetadataValue(key));
            }
            map.put("metadata", metadata);
            return map;
        }
        return null;
    });
}

Example 35 with Account

use of org.exist.security.Account in project exist by eXist-db.

the class RpcConnection method setUserPrimaryGroup.

@Override
public boolean setUserPrimaryGroup(final String username, final String groupName) throws EXistException, PermissionDeniedException {
    final SecurityManager manager = factory.getBrokerPool().getSecurityManager();
    if (!manager.hasGroup(groupName)) {
        throw new EXistException("Group '" + groupName + "' does not exist!");
    }
    if (!manager.hasAdminPrivileges(user)) {
        throw new PermissionDeniedException("Not allowed to modify user");
    }
    withDb((broker, transaction) -> {
        final Account account = manager.getAccount(username);
        final Group group = manager.getGroup(groupName);
        account.setPrimaryGroup(group);
        manager.updateAccount(account);
        return null;
    });
    return true;
}