Examples with Group org.exist.security.Group used on opensource projects

Search in sources :

Example 21 with Group

use of org.exist.security.Group in project exist by eXist-db.

the class RealmImpl method deleteGroup.

@Override
public boolean deleteGroup(final Group group) throws PermissionDeniedException, EXistException {
    if (group == null) {
        return false;
    }
    groupsByName.<PermissionDeniedException, EXistException>write2E(principalDb -> {
        final AbstractPrincipal remove_group = (AbstractPrincipal) principalDb.get(group.getName());
        if (remove_group == null) {
            throw new IllegalArgumentException("Group does '" + group.getName() + "' not exist!");
        }
        if (SecurityManager.DBA_GROUP.equals(group.getName()) || SecurityManager.GUEST_GROUP.equals(group.getName()) || SecurityManager.UNKNOWN_GROUP.equals(group.getName())) {
            throw new PermissionDeniedException("The '" + group.getName() + "' group is required by the system for correct operation, you cannot delete it!");
        }
        final DBBroker broker = getDatabase().getActiveBroker();
        final Subject subject = broker.getCurrentSubject();
        ((Group) remove_group).assertCanModifyGroup(subject);
        // check that this is not an active primary group
        final Optional<String> isPrimaryGroupOf = usersByName.read(usersDb -> {
            for (final Account account : usersDb.values()) {
                final Group accountPrimaryGroup = account.getDefaultGroup();
                if (accountPrimaryGroup != null && accountPrimaryGroup.getId() == remove_group.getId()) {
                    return Optional.of(account.getName());
                }
            }
            return Optional.empty();
        });
        if (isPrimaryGroupOf.isPresent()) {
            throw new PermissionDeniedException("Account '" + isPrimaryGroupOf.get() + "' still has '" + group.getName() + "' as their primary group!");
        }
        remove_group.setRemoved(true);
        remove_group.setCollection(broker, collectionRemovedGroups, XmldbURI.create(UUIDGenerator.getUUID() + ".xml"));
        try (final Txn txn = broker.continueOrBeginTransaction()) {
            collectionGroups.removeXMLResource(txn, broker, XmldbURI.create(remove_group.getName() + ".xml"));
            txn.commit();
        } catch (final Exception e) {
            LOG.warn(e.getMessage(), e);
        }
        getSecurityManager().registerGroup((Group) remove_group);
        principalDb.remove(remove_group.getName());
    });
    return true;
}
Also used : Group(org.exist.security.Group) Account(org.exist.security.Account) AbstractAccount(org.exist.security.AbstractAccount) DBBroker(org.exist.storage.DBBroker) AbstractPrincipal(org.exist.security.AbstractPrincipal) PermissionDeniedException(org.exist.security.PermissionDeniedException) EXistException(org.exist.EXistException) Txn(org.exist.storage.txn.Txn) Subject(org.exist.security.Subject) ConfigurationException(org.exist.config.ConfigurationException) PermissionDeniedException(org.exist.security.PermissionDeniedException) EXistException(org.exist.EXistException) AuthenticationException(org.exist.security.AuthenticationException)

Example 22 with Group

use of org.exist.security.Group in project exist by eXist-db.

the class ConsistencyCheck method checkPermissions.

public void checkPermissions(final Collection collection, final List<ErrorReport> errorList) {
    try {
        final Permission perms = collection.getPermissions();
        final Account owner = perms.getOwner();
        if (owner == null) {
            final ErrorReport.CollectionError error = new ErrorReport.CollectionError(ErrorReport.ACCESS_FAILED, "Owner account not found for collection: " + collection.getURI());
            error.setCollectionId(collection.getId());
            error.setCollectionURI(collection.getURI());
            errorList.add(error);
        }
        final Group group = perms.getGroup();
        if (group == null) {
            final ErrorReport.CollectionError error = new ErrorReport.CollectionError(ErrorReport.ACCESS_FAILED, "Owner group not found for collection: " + collection.getURI());
            error.setCollectionId(collection.getId());
            error.setCollectionURI(collection.getURI());
            errorList.add(error);
        }
    } catch (final Exception e) {
        final ErrorReport.CollectionError error = new ErrorReport.CollectionError(ErrorReport.ACCESS_FAILED, "Exception caught while : " + collection.getURI());
        error.setCollectionId(collection.getId());
        error.setCollectionURI(collection.getURI());
        errorList.add(error);
    }
}
Also used : Account(org.exist.security.Account) Group(org.exist.security.Group) Permission(org.exist.security.Permission) PermissionDeniedException(org.exist.security.PermissionDeniedException) TerminatedException(org.exist.xquery.TerminatedException) XMLStreamException(javax.xml.stream.XMLStreamException) IOException(java.io.IOException)

Example 23 with Group

use of org.exist.security.Group in project exist by eXist-db.

the class ConsistencyCheck method checkPermissions.

public ErrorReport checkPermissions(final DocumentImpl doc) {
    try {
        final Permission perms = doc.getPermissions();
        final Account owner = perms.getOwner();
        if (owner == null) {
            return new ErrorReport.ResourceError(ErrorReport.RESOURCE_ACCESS_FAILED, "Owner account not found for document " + doc.getFileURI());
        }
        final Group group = perms.getGroup();
        if (group == null) {
            return new ErrorReport.ResourceError(ErrorReport.RESOURCE_ACCESS_FAILED, "Owner group not found for document " + doc.getFileURI());
        }
    } catch (final Exception e) {
        return new ErrorReport.ResourceError(ErrorReport.RESOURCE_ACCESS_FAILED, "Exception caught while checking permissions on document " + doc.getFileURI(), e);
    }
    return null;
}
Also used : Account(org.exist.security.Account) Group(org.exist.security.Group) Permission(org.exist.security.Permission) PermissionDeniedException(org.exist.security.PermissionDeniedException) TerminatedException(org.exist.xquery.TerminatedException) XMLStreamException(javax.xml.stream.XMLStreamException) IOException(java.io.IOException)

Aggregations

Group (org.exist.security.Group)23 Account (org.exist.security.Account)9 PermissionDeniedException (org.exist.security.PermissionDeniedException)9 AuthenticationException (org.exist.security.AuthenticationException)6 SecurityManager (org.exist.security.SecurityManager)6 XMLDBException (org.xmldb.api.base.XMLDBException)6 EXistException (org.exist.EXistException)5 NamingException (javax.naming.NamingException)4 AXSchemaType (org.exist.security.AXSchemaType)4 SchemaType (org.exist.security.SchemaType)4 GroupAider (org.exist.security.internal.aider.GroupAider)4 IOException (java.io.IOException)2 ArrayList (java.util.ArrayList)2 SearchResult (javax.naming.directory.SearchResult)2 LdapContext (javax.naming.ldap.LdapContext)2 XMLStreamException (javax.xml.stream.XMLStreamException)2 ConfigurationException (org.exist.config.ConfigurationException)2 AbstractAccount (org.exist.security.AbstractAccount)2 Permission (org.exist.security.Permission)2 Subject (org.exist.security.Subject)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial