use of org.exist.security.PermissionDeniedException in project exist by eXist-db.
the class XMLDBSetMimeType method getMimeTypeStoredResource.
/**
* Determine mimetype of currently stored resource. Copied from
* get-mime-type.
*/
private MimeType getMimeTypeStoredResource(XmldbURI pathUri) throws XPathException {
MimeType returnValue = null;
try {
// relative collection Path: add the current base URI
pathUri = context.getBaseURI().toXmldbURI().resolveCollectionPath(pathUri);
} catch (final XPathException ex) {
logger.debug("Unable to convert path {}", pathUri);
return returnValue;
}
try (final LockedDocument lockedDocument = context.getBroker().getXMLResource(pathUri, LockMode.READ_LOCK)) {
// try to open the document and acquire a lock
final DocumentImpl doc = lockedDocument == null ? null : lockedDocument.getDocument();
if (doc == null) {
throw new XPathException("Resource '" + pathUri + "' does not exist.");
} else {
final String mimetype = doc.getMimeType();
returnValue = MimeTable.getInstance().getContentType(mimetype);
}
} catch (final PermissionDeniedException ex) {
logger.debug(ex.getMessage());
}
return returnValue;
}
use of org.exist.security.PermissionDeniedException in project exist by eXist-db.
the class ResourceFunctionExecutorImpl method execute.
@Override
public Sequence execute(final ResourceFunction resourceFunction, final Iterable<TypedArgumentValue> arguments, final HttpRequest request) throws RestXqServiceException {
final RestXqServiceCompiledXQueryCache cache = RestXqServiceCompiledXQueryCacheImpl.getInstance();
CompiledXQuery xquery = null;
ProcessMonitor processMonitor = null;
try (final DBBroker broker = getBrokerPool().getBroker()) {
// ensure we can execute the function before going any further
checkSecurity(broker, resourceFunction.getXQueryLocation());
// get a compiled query service from the cache
xquery = cache.getCompiledQuery(broker, resourceFunction.getXQueryLocation());
// find the function that we will execute
final UserDefinedFunction fn = findFunction(xquery, resourceFunction.getFunctionSignature());
final XQueryContext xqueryContext = xquery.getContext();
// set the request object - can later be used by the EXQuery Request Module
xqueryContext.setAttribute(EXQ_REQUEST_ATTR, request);
// TODO this is a workaround?
declareVariables(xqueryContext);
// START workaround: evaluate global variables in modules, as they are reset by XQueryContext.reset()
final Expression rootExpr = xqueryContext.getRootExpression();
for (int i = 0; i < rootExpr.getSubExpressionCount(); i++) {
final Expression subExpr = rootExpr.getSubExpression(i);
if (subExpr instanceof VariableDeclaration) {
subExpr.eval(null);
}
}
// END workaround
// setup monitoring
processMonitor = broker.getBrokerPool().getProcessMonitor();
xqueryContext.getProfiler().traceQueryStart();
processMonitor.queryStarted(xqueryContext.getWatchDog());
// create a function call
try (final FunctionReference fnRef = new FunctionReference(new FunctionCall(xqueryContext, fn))) {
// convert the arguments
final org.exist.xquery.value.Sequence[] fnArgs = convertToExistFunctionArguments(xqueryContext, fn, arguments);
// execute the function call
fnRef.analyze(new AnalyzeContextInfo());
// if setUid/setGid, determine the effectiveSubject to use for execution
final Optional<EffectiveSubject> effectiveSubject = getEffectiveSubject(xquery);
try {
// switch to effective user if setUid/setGid
effectiveSubject.ifPresent(broker::pushSubject);
final org.exist.xquery.value.Sequence result = fnRef.evalFunction(null, null, fnArgs);
// copy for closure
final CompiledXQuery xquery1 = xquery;
// return a sequence adapter which returns the query when it is finished with the results
return new SequenceAdapter(result, () -> {
if (xquery1 != null) {
// return the compiled query to the pool
cache.returnCompiledQuery(resourceFunction.getXQueryLocation(), xquery1);
}
});
} finally {
// switch back from effective user if setUid/setGid
if (effectiveSubject.isPresent()) {
broker.popSubject();
}
}
}
} catch (final URISyntaxException | EXistException | XPathException | PermissionDeniedException use) {
// if an error occurred we should return the compiled query
if (xquery != null) {
// return the compiled query to the pool
cache.returnCompiledQuery(resourceFunction.getXQueryLocation(), xquery);
}
throw new RestXqServiceException(use.getMessage(), use);
} finally {
// clear down monitoring
if (processMonitor != null) {
xquery.getContext().getProfiler().traceQueryEnd(xquery.getContext());
processMonitor.queryCompleted(xquery.getContext().getWatchDog());
}
}
}
use of org.exist.security.PermissionDeniedException in project exist by eXist-db.
the class LuceneFieldConfig method checkCondition.
private boolean checkCondition(DBBroker broker, DocumentImpl document, NodeId nodeId) throws PermissionDeniedException, XPathException {
if (!condition.isPresent()) {
return true;
}
if (compiledCondition == null && isValid) {
compiledCondition = compile(broker, condition.get());
}
if (!isValid) {
return false;
}
final XQuery xquery = broker.getBrokerPool().getXQueryService();
final NodeProxy currentNode = new NodeProxy(document, nodeId);
try {
Sequence result = xquery.execute(broker, compiledCondition, currentNode);
return result != null && result.effectiveBooleanValue();
} catch (PermissionDeniedException | XPathException e) {
isValid = false;
throw e;
} finally {
compiledCondition.reset();
compiledCondition.getContext().reset();
}
}
use of org.exist.security.PermissionDeniedException in project exist by eXist-db.
the class AbstractFieldConfig method doBuild.
protected void doBuild(DBBroker broker, DocumentImpl document, NodeId nodeId, Document luceneDoc, CharSequence text) throws PermissionDeniedException, XPathException {
if (!expression.isPresent()) {
processText(text, luceneDoc);
return;
}
compile(broker);
if (!isValid) {
return;
}
final XQuery xquery = broker.getBrokerPool().getXQueryService();
final NodeProxy currentNode = new NodeProxy(document, nodeId);
try {
Sequence result = xquery.execute(broker, compiled, currentNode);
if (!result.isEmpty()) {
processResult(result, luceneDoc);
}
} catch (PermissionDeniedException | XPathException e) {
isValid = false;
throw e;
} finally {
compiled.reset();
compiled.getContext().reset();
}
}
use of org.exist.security.PermissionDeniedException in project exist by eXist-db.
the class AbstractFieldConfig method compile.
protected CompiledXQuery compile(DBBroker broker, String code) {
final XQuery xquery = broker.getBrokerPool().getXQueryService();
final XQueryContext context = new XQueryContext(broker.getBrokerPool());
try {
return xquery.compile(context, code);
} catch (XPathException | PermissionDeniedException e) {
LOG.error("Failed to compile expression: {}: {}", code, e.getMessage(), e);
isValid = false;
return null;
}
}
Aggregations