Examples with PermissionDeniedException org.exist.security.PermissionDeniedException used on opensource projects

Example 31 with PermissionDeniedException

use of org.exist.security.PermissionDeniedException in project exist by eXist-db.

the class FunUnparsedText method getSource.

private Source getSource(final String uriParam) throws XPathException {
    try {
        final URI uri = new URI(uriParam);
        if (uri.getFragment() != null) {
            throw new XPathException(this, ErrorCodes.FOUT1170, "href argument may not contain fragment identifier");
        }
        final Source source = SourceFactory.getSource(context.getBroker(), "", uri.toASCIIString(), false);
        if (source == null) {
            throw new XPathException(this, ErrorCodes.FOUT1170, "Could not find source for: " + uriParam);
        }
        if (source instanceof FileSource && !context.getBroker().getCurrentSubject().hasDbaRole()) {
            throw new PermissionDeniedException("non-dba user not allowed to read from file system");
        }
        return source;
    } catch (final IOException | PermissionDeniedException | URISyntaxException e) {
        throw new XPathException(this, ErrorCodes.FOUT1170, e.getMessage());
    }
}

Example 32 with PermissionDeniedException

use of org.exist.security.PermissionDeniedException in project exist by eXist-db.

the class JSON method parseResource.

private Sequence parseResource(Sequence href, String handleDuplicates, JsonFactory factory) throws XPathException {
    if (href.isEmpty()) {
        return Sequence.EMPTY_SEQUENCE;
    }
    try {
        String url = href.getStringValue();
        if (url.indexOf(':') == Constants.STRING_NOT_FOUND) {
            url = XmldbURI.EMBEDDED_SERVER_URI_PREFIX + url;
        }
        final Source source = SourceFactory.getSource(context.getBroker(), "", url, false);
        if (source == null) {
            throw new XPathException(this, ErrorCodes.FOUT1170, "failed to load json doc from URI " + url);
        }
        try (final InputStream is = source.getInputStream();
            final JsonParser parser = factory.createParser(is)) {
            final Item result = readValue(context, parser, handleDuplicates);
            return result == null ? Sequence.EMPTY_SEQUENCE : result.toSequence();
        }
    } catch (IOException | PermissionDeniedException e) {
        throw new XPathException(this, ErrorCodes.FOUT1170, e.getMessage());
    }
}

Example 33 with PermissionDeniedException

use of org.exist.security.PermissionDeniedException in project exist by eXist-db.

the class TestDataGenerator method generate.

public Path[] generate(final DBBroker broker, final Collection collection, final String xqueryContent) throws SAXException {
    try {
        final DocumentSet docs = collection.allDocs(broker, new DefaultDocumentSet(), true);
        final XQuery service = broker.getBrokerPool().getXQueryService();
        final XQueryContext context = new XQueryContext(broker.getBrokerPool());
        context.declareVariable("filename", "");
        context.declareVariable("count", "0");
        context.setStaticallyKnownDocuments(docs);
        final String query = IMPORT + xqueryContent;
        final CompiledXQuery compiled = service.compile(context, query);
        for (int i = 0; i < count; i++) {
            generatedFiles[i] = Files.createTempFile(prefix, ".xml");
            context.declareVariable("filename", generatedFiles[i].getFileName().toString());
            context.declareVariable("count", new Integer(i));
            final Sequence results = service.execute(broker, compiled, Sequence.EMPTY_SEQUENCE);
            final Serializer serializer = broker.borrowSerializer();
            try (final Writer out = Files.newBufferedWriter(generatedFiles[i], StandardCharsets.UTF_8)) {
                final SAXSerializer sax = new SAXSerializer(out, outputProps);
                serializer.setSAXHandlers(sax, sax);
                for (final SequenceIterator iter = results.iterate(); iter.hasNext(); ) {
                    final Item item = iter.nextItem();
                    if (!Type.subTypeOf(item.getType(), Type.NODE)) {
                        continue;
                    }
                    serializer.toSAX((NodeValue) item);
                }
            } finally {
                broker.returnSerializer(serializer);
            }
        }
    } catch (final XPathException | PermissionDeniedException | LockException | IOException e) {
        LOG.error(e.getMessage(), e);
        throw new SAXException(e.getMessage(), e);
    }
    return generatedFiles;
}

Example 34 with PermissionDeniedException

use of org.exist.security.PermissionDeniedException in project exist by eXist-db.

the class Append method process.

@Override
public long process(Txn transaction) throws PermissionDeniedException, LockException, EXistException, XPathException, TriggerException {
    final NodeList children = content;
    if (children.getLength() == 0) {
        return 0;
    }
    try {
        final StoredNode[] ql = selectAndLock(transaction);
        final NotificationService notifier = broker.getBrokerPool().getNotificationService();
        for (final StoredNode node : ql) {
            final DocumentImpl doc = node.getOwnerDocument();
            if (!doc.getPermissions().validate(broker.getCurrentSubject(), Permission.WRITE)) {
                throw new PermissionDeniedException("User '" + broker.getCurrentSubject().getName() + "' does not have permission to write to the document '" + doc.getDocumentURI() + "'!");
            }
            node.appendChildren(transaction, children, child);
            doc.setLastModified(System.currentTimeMillis());
            modifiedDocuments.add(doc);
            broker.storeXMLResource(transaction, doc);
            notifier.notifyUpdate(doc, UpdateListener.UPDATE);
        }
        checkFragmentation(transaction, modifiedDocuments);
        return ql.length;
    } finally {
        // release all acquired locks
        unlockDocuments(transaction);
    }
}

Example 35 with PermissionDeniedException

use of org.exist.security.PermissionDeniedException in project exist by eXist-db.

the class Insert method process.

@Override
public long process(Txn transaction) throws PermissionDeniedException, LockException, EXistException, XPathException, TriggerException {
    final NodeList children = content;
    if (children.getLength() == 0) {
        return 0;
    }
    try {
        final StoredNode[] ql = selectAndLock(transaction);
        final NotificationService notifier = broker.getBrokerPool().getNotificationService();
        final int len = children.getLength();
        if (LOG.isDebugEnabled()) {
            LOG.debug("found {} nodes to insert", len);
        }
        for (final StoredNode node : ql) {
            final DocumentImpl doc = node.getOwnerDocument();
            if (!doc.getPermissions().validate(broker.getCurrentSubject(), Permission.WRITE)) {
                throw new PermissionDeniedException("permission to update document denied");
            }
            final NodeImpl parent = (NodeImpl) getParent(node);
            switch(mode) {
                case INSERT_BEFORE:
                    parent.insertBefore(transaction, children, node);
                    break;
                case INSERT_AFTER:
                    parent.insertAfter(transaction, children, node);
                    break;
            }
            doc.setLastModified(System.currentTimeMillis());
            modifiedDocuments.add(doc);
            broker.storeXMLResource(transaction, doc);
            notifier.notifyUpdate(doc, UpdateListener.UPDATE);
        }
        checkFragmentation(transaction, modifiedDocuments);
        return ql.length;
    } finally {
        unlockDocuments(transaction);
    }
}