Examples with SecurityManager org.exist.security.SecurityManager used on opensource projects

Search in sources :

Example 36 with SecurityManager

use of org.exist.security.SecurityManager in project exist by eXist-db.

the class BlobStoreRecoveryTest method newBlobDb.

private BlobDb newBlobDb(final Path journalDir, final Path blobDbx, final Path blobDir) throws BrokerPoolServiceException, EXistException {
    final Configuration mockConfiguration = createNiceMock(Configuration.class);
    expect(mockConfiguration.getProperty(Journal.PROPERTY_RECOVERY_JOURNAL_DIR)).andReturn(journalDir);
    expect(mockConfiguration.getProperty(BrokerPool.PROPERTY_RECOVERY_GROUP_COMMIT, false)).andReturn(false);
    expect(mockConfiguration.getProperty(PROPERTY_RECOVERY_SYNC_ON_COMMIT, true)).andReturn(true);
    expect(mockConfiguration.getProperty(PROPERTY_RECOVERY_SIZE_MIN, 1)).andReturn(1);
    expect(mockConfiguration.getProperty(PROPERTY_RECOVERY_SIZE_LIMIT, 100)).andReturn(100);
    replay(mockConfiguration);
    final BrokerPool mockBrokerPool = createNiceMock(BrokerPool.class);
    if (!cleanShutdown) {
        // NOTE: needed so we don't checkpoint at clean shutdown and can simulate a crash!
        mockBrokerPool.FORCE_CORRUPTION = true;
    }
    final SecurityManager mockSecurityManager = createNiceMock(SecurityManager.class);
    final Subject mockSystemSubject = createNiceMock(Subject.class);
    expect(mockBrokerPool.getSecurityManager()).andReturn(mockSecurityManager).anyTimes();
    expect(mockSecurityManager.getSystemSubject()).andReturn(mockSystemSubject).anyTimes();
    replay(mockSecurityManager);
    final JournalManager journalManager = new JournalManager();
    journalManager.configure(mockConfiguration);
    final DBBroker mockSystemBroker = createNiceMock(DBBroker.class);
    final Txn mockSystemTransaction = createNiceMock(Txn.class);
    final SystemTaskManager mockSystemTaskManager = createNiceMock(SystemTaskManager.class);
    mockSystemTaskManager.processTasks(mockSystemBroker, mockSystemTransaction);
    expectLastCall().anyTimes();
    replay(mockSystemTaskManager);
    final DBBroker mockBroker = createNiceMock(DBBroker.class);
    expect(mockBroker.getBrokerPool()).andReturn(mockBrokerPool).anyTimes();
    expect(mockBrokerPool.getBroker()).andReturn(mockBroker).anyTimes();
    replay(mockBroker);
    final TransactionManager transactionManager = new TransactionManager(mockBrokerPool, Optional.of(journalManager), mockSystemTaskManager);
    final Scheduler mockScheduler = createNiceMock(Scheduler.class);
    final BlobStore blobStore = new BlobStoreImpl(mockBrokerPool, blobDbx, blobDir, DIGEST_TYPE);
    expect(mockBrokerPool.getConfiguration()).andReturn(mockConfiguration).anyTimes();
    expect(mockBrokerPool.getScheduler()).andReturn(mockScheduler);
    expect(mockScheduler.createPeriodicJob(anyLong(), anyObject(FileLockHeartBeat.class), anyLong(), anyObject(Properties.class))).andReturn(true);
    expect(mockBrokerPool.getTransactionManager()).andReturn(transactionManager).anyTimes();
    expect(mockBrokerPool.getThreadGroup()).andReturn(Thread.currentThread().getThreadGroup());
    expect(mockBrokerPool.getId()).andReturn("BlobStoreRecoveryTest").times(2);
    expect(mockBrokerPool.getJournalManager()).andReturn(Optional.of(journalManager)).anyTimes();
    expect(mockBrokerPool.getBlobStore()).andReturn(blobStore).anyTimes();
    replay(mockBrokerPool);
    journalManager.prepare(mockBrokerPool);
    final RecoveryManager recoveryManager = new RecoveryManager(mockBroker, journalManager, false);
    recoveryManager.recover();
    return new BlobDb(transactionManager, blobStore);
}
Also used : Configuration(org.exist.util.Configuration) SecurityManager(org.exist.security.SecurityManager) Scheduler(org.exist.scheduler.Scheduler) JournalManager(org.exist.storage.journal.JournalManager) Txn(org.exist.storage.txn.Txn) Properties(java.util.Properties) Subject(org.exist.security.Subject) FileLockHeartBeat(org.exist.storage.lock.FileLockHeartBeat) RecoveryManager(org.exist.storage.recovery.RecoveryManager) DBBroker(org.exist.storage.DBBroker) TransactionManager(org.exist.storage.txn.TransactionManager) SystemTaskManager(org.exist.storage.SystemTaskManager) BrokerPool(org.exist.storage.BrokerPool)

Example 37 with SecurityManager

use of org.exist.security.SecurityManager in project exist by eXist-db.

the class RpcConnection method getGroup.

@Override
public Map<String, Object> getGroup(final String name) throws EXistException, PermissionDeniedException {
    return withDb((broker, transaction) -> {
        final SecurityManager securityManager = factory.getBrokerPool().getSecurityManager();
        final Group group = securityManager.getGroup(name);
        if (group != null) {
            final Map<String, Object> map = new HashMap<>();
            map.put("id", group.getId());
            map.put("realmId", group.getRealmId());
            map.put("name", name);
            final List<Account> groupManagers = group.getManagers();
            final List<String> managers = new ArrayList<>(groupManagers.size());
            for (final Account groupManager : groupManagers) {
                managers.add(groupManager.getName());
            }
            map.put("managers", managers);
            final Map<String, String> metadata = new HashMap<>();
            for (final SchemaType key : group.getMetadataKeys()) {
                metadata.put(key.getNamespace(), group.getMetadataValue(key));
            }
            map.put("metadata", metadata);
            return map;
        }
        return null;
    });
}
Also used : Group(org.exist.security.Group) Account(org.exist.security.Account) SecurityManager(org.exist.security.SecurityManager) EXistSchemaType(org.exist.security.EXistSchemaType) SchemaType(org.exist.security.SchemaType) AXSchemaType(org.exist.security.AXSchemaType)

Example 38 with SecurityManager

use of org.exist.security.SecurityManager in project exist by eXist-db.

the class RpcConnection method addAccount.

@Override
public boolean addAccount(final String name, String passwd, final String passwdDigest, final List<String> groups, final Boolean enabled, final Integer umask, final Map<String, String> metadata) throws EXistException, PermissionDeniedException {
    if (passwd.length() == 0) {
        passwd = null;
    }
    final SecurityManager manager = factory.getBrokerPool().getSecurityManager();
    if (manager.hasAccount(name)) {
        throw new PermissionDeniedException("Account '" + name + "' exist");
    }
    if (!manager.hasAdminPrivileges(user)) {
        throw new PermissionDeniedException("Account '" + user.getName() + "' not allowed to create new account");
    }
    final UserAider u = new UserAider(name);
    u.setEncodedPassword(passwd);
    u.setPasswordDigest(passwdDigest);
    for (final String g : groups) {
        if (!u.hasGroup(g)) {
            u.addGroup(g);
        }
    }
    if (enabled != null) {
        u.setEnabled(enabled);
    }
    if (umask != null) {
        u.setUserMask(umask);
    }
    if (metadata != null) {
        for (final Map.Entry<String, String> m : metadata.entrySet()) {
            if (AXSchemaType.valueOfNamespace(m.getKey()) != null) {
                u.setMetadataValue(AXSchemaType.valueOfNamespace(m.getKey()), m.getValue());
            } else if (EXistSchemaType.valueOfNamespace(m.getKey()) != null) {
                u.setMetadataValue(EXistSchemaType.valueOfNamespace(m.getKey()), m.getValue());
            }
        }
    }
    withDb((broker, transaction) -> manager.addAccount(u));
    return true;
}
Also used : SecurityManager(org.exist.security.SecurityManager) PermissionDeniedException(org.exist.security.PermissionDeniedException) UserAider(org.exist.security.internal.aider.UserAider) LockedDocumentMap(org.exist.storage.lock.LockedDocumentMap)

Example 39 with SecurityManager

use of org.exist.security.SecurityManager in project exist by eXist-db.

the class RpcConnection method setUserPrimaryGroup.

@Override
public boolean setUserPrimaryGroup(final String username, final String groupName) throws EXistException, PermissionDeniedException {
    final SecurityManager manager = factory.getBrokerPool().getSecurityManager();
    if (!manager.hasGroup(groupName)) {
        throw new EXistException("Group '" + groupName + "' does not exist!");
    }
    if (!manager.hasAdminPrivileges(user)) {
        throw new PermissionDeniedException("Not allowed to modify user");
    }
    withDb((broker, transaction) -> {
        final Account account = manager.getAccount(username);
        final Group group = manager.getGroup(groupName);
        account.setPrimaryGroup(group);
        manager.updateAccount(account);
        return null;
    });
    return true;
}
Also used : Account(org.exist.security.Account) Group(org.exist.security.Group) SecurityManager(org.exist.security.SecurityManager) PermissionDeniedException(org.exist.security.PermissionDeniedException) EXistException(org.exist.EXistException)

Example 40 with SecurityManager

use of org.exist.security.SecurityManager in project exist by eXist-db.

the class RpcConnection method updateGroup.

@Override
public boolean updateGroup(final String name, final List<String> managers, final Map<String, String> metadata) throws EXistException, PermissionDeniedException {
    final SecurityManager manager = factory.getBrokerPool().getSecurityManager();
    if (manager.hasGroup(name)) {
        final GroupAider group = new GroupAider(name);
        for (final String groupManager : managers) {
            group.addManager(new UserAider(groupManager));
        }
        if (metadata != null) {
            for (final Map.Entry<String, String> m : metadata.entrySet()) {
                if (AXSchemaType.valueOfNamespace(m.getKey()) != null) {
                    group.setMetadataValue(AXSchemaType.valueOfNamespace(m.getKey()), m.getValue());
                } else if (EXistSchemaType.valueOfNamespace(m.getKey()) != null) {
                    group.setMetadataValue(EXistSchemaType.valueOfNamespace(m.getKey()), m.getValue());
                }
            }
        }
        withDb((broker, transaction) -> manager.updateGroup(group));
        return true;
    } else {
        return false;
    }
}
Also used : SecurityManager(org.exist.security.SecurityManager) GroupAider(org.exist.security.internal.aider.GroupAider) UserAider(org.exist.security.internal.aider.UserAider) LockedDocumentMap(org.exist.storage.lock.LockedDocumentMap)

Aggregations

SecurityManager (org.exist.security.SecurityManager)68 DBBroker (org.exist.storage.DBBroker)22 Txn (org.exist.storage.txn.Txn)16 Account (org.exist.security.Account)15 BrokerPool (org.exist.storage.BrokerPool)15 Subject (org.exist.security.Subject)12 EXistException (org.exist.EXistException)11 PermissionDeniedException (org.exist.security.PermissionDeniedException)9 XPathException (org.exist.xquery.XPathException)9 AuthenticationException (org.exist.security.AuthenticationException)8 GroupAider (org.exist.security.internal.aider.GroupAider)6 Collection (org.exist.collections.Collection)5 Group (org.exist.security.Group)5 Database (org.exist.Database)4 UserAider (org.exist.security.internal.aider.UserAider)4 LockedDocumentMap (org.exist.storage.lock.LockedDocumentMap)4 Test (org.junit.Test)4 java.util (java.util)2 List (java.util.List)2 HttpSession (javax.servlet.http.HttpSession)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial