Search in sources :

Example 1 with SecurityManagerImpl

use of org.exist.security.internal.SecurityManagerImpl in project exist by eXist-db.

the class AccountTest method testGroupFallback.

@Ignore
@Test
public void testGroupFallback() throws NoSuchMethodException, PermissionDeniedException {
    // final String mockRealmId = "mock";
    final String testAccountName = "testUser";
    final String testGroupName = "testGroup";
    Database mockDatabase = EasyMock.createMock(Database.class);
    SecurityManagerImpl mockSecurityManager = EasyMock.createMockBuilder(SecurityManagerImpl.class).withConstructor(Database.class).withArgs(mockDatabase).createMock();
    Configuration mockConfiguration = EasyMock.createMock(Configuration.class);
    AbstractRealm mockRealm = EasyMock.createMockBuilder(AbstractRealm.class).withConstructor(SecurityManager.class, Configuration.class).withArgs(mockSecurityManager, mockConfiguration).createMock();
    AccountImpl mockAccountImpl = EasyMock.createMockBuilder(AccountImpl.class).withConstructor(AbstractRealm.class, String.class).withArgs(mockRealm, testAccountName).addMockedMethods(AccountImpl.class.getMethod("getRealm"), AccountImpl.class.getMethod("addGroup", Group.class)).createMock();
    expect(mockAccountImpl.getRealm()).andReturn(mockRealm);
    expect(mockRealm.getGroup(testGroupName)).andReturn(null);
    // expect(mockAccountImpl.getRealm()).andReturn(mockRealm);
    // expect(mockRealm.getSecurityManager()).andReturn(mockSecurityManager);
    replay();
    mockAccountImpl.addGroup(testGroupName);
    verify();
}
Also used : Configuration(org.exist.config.Configuration) Database(org.exist.Database) AccountImpl(org.exist.security.internal.AccountImpl) SecurityManagerImpl(org.exist.security.internal.SecurityManagerImpl) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 2 with SecurityManagerImpl

use of org.exist.security.internal.SecurityManagerImpl in project exist by eXist-db.

the class BrokerPool method _initialize.

private void _initialize() throws EXistException, DatabaseConfigurationException {
    this.lockManager = new LockManager(conf, concurrencyLevel);
    // Flag to indicate that we are initializing
    status.process(Event.INITIALIZE);
    if (LOG.isDebugEnabled()) {
        LOG.debug("initializing database instance '{}'...", instanceName);
    }
    // register core broker pool services
    this.scheduler = servicesManager.register(new QuartzSchedulerImpl(this));
    // NOTE: this must occur after the scheduler, and before any other service which requires access to the data directory
    this.dataLock = servicesManager.register(new FileLockService("dbx_dir.lck", BrokerPool.PROPERTY_DATA_DIR, NativeBroker.DEFAULT_DATA_DIR));
    this.securityManager = servicesManager.register(new SecurityManagerImpl(this));
    this.cacheManager = servicesManager.register(new DefaultCacheManager(this));
    this.xQueryPool = servicesManager.register(new XQueryPool());
    this.processMonitor = servicesManager.register(new ProcessMonitor());
    this.xqueryStats = servicesManager.register(new PerformanceStats(this));
    final XMLReaderObjectFactory xmlReaderObjectFactory = servicesManager.register(new XMLReaderObjectFactory());
    this.xmlReaderPool = servicesManager.register(new XMLReaderPool(xmlReaderObjectFactory, maxBrokers, 0));
    final int bufferSize = Optional.of(conf.getInteger(PROPERTY_COLLECTION_CACHE_SIZE)).filter(size -> size != -1).orElse(DEFAULT_COLLECTION_BUFFER_SIZE);
    this.collectionCache = servicesManager.register(new CollectionCache());
    this.notificationService = servicesManager.register(new NotificationService());
    this.journalManager = recoveryEnabled ? Optional.of(new JournalManager()) : Optional.empty();
    journalManager.ifPresent(servicesManager::register);
    final SystemTaskManager systemTaskManager = servicesManager.register(new SystemTaskManager(this));
    this.transactionManager = servicesManager.register(new TransactionManager(this, journalManager, systemTaskManager));
    this.blobStoreService = servicesManager.register(new BlobStoreImplService());
    this.symbols = servicesManager.register(new SymbolTable());
    this.expathRepo = Optional.ofNullable(new ExistRepository());
    expathRepo.ifPresent(servicesManager::register);
    servicesManager.register(new ClasspathHelper());
    this.indexManager = servicesManager.register(new IndexManager(this));
    // prepare those services that require system (single-user) mode
    this.pluginManager = servicesManager.register(new PluginsManagerImpl());
    // Get a manager to handle further collections configuration
    this.collectionConfigurationManager = servicesManager.register(new CollectionConfigurationManager(this));
    this.startupTriggersManager = servicesManager.register(new StartupTriggersManager());
    // this is just used for unit tests
    final BrokerPoolService testBrokerPoolService = (BrokerPoolService) conf.getProperty("exist.testBrokerPoolService");
    if (testBrokerPoolService != null) {
        servicesManager.register(testBrokerPoolService);
    }
    // configure the registered services
    try {
        servicesManager.configureServices(conf);
    } catch (final BrokerPoolServiceException e) {
        throw new EXistException(e);
    }
    // calculate how much memory is reserved for caches to grow
    final Runtime rt = Runtime.getRuntime();
    final long maxMem = rt.maxMemory();
    final long minFree = maxMem / 5;
    reservedMem = cacheManager.getTotalMem() + collectionCache.getMaxCacheSize() + minFree;
    LOG.debug("Reserved memory: {}; max: {}; min: {}", reservedMem, maxMem, minFree);
    // prepare the registered services, before entering system (single-user) mode
    try {
        servicesManager.prepareServices(this);
    } catch (final BrokerPoolServiceException e) {
        throw new EXistException(e);
    }
    // setup database synchronization job
    if (majorSyncPeriod > 0) {
        final SyncTask syncTask = new SyncTask();
        syncTask.configure(conf, null);
        scheduler.createPeriodicJob(2500, new SystemTaskJobImpl(SyncTask.getJobName(), syncTask), 2500);
    }
    try {
        statusReporter = new StatusReporter(SIGNAL_STARTUP);
        statusObservers.forEach(statusReporter::addObserver);
        final Thread statusThread = newInstanceThread(this, "startup-status-reporter", statusReporter);
        statusThread.start();
        // statusReporter may have to be terminated or the thread can/will hang.
        try {
            final boolean exportOnly = conf.getProperty(PROPERTY_EXPORT_ONLY, false);
            // or the FileSyncThread for the journal can/will hang.
            try {
                // Enter System Mode
                try (final DBBroker systemBroker = get(Optional.of(securityManager.getSystemSubject()))) {
                    status.process(Event.INITIALIZE_SYSTEM_MODE);
                    if (isReadOnly()) {
                        journalManager.ifPresent(JournalManager::disableJournalling);
                    }
                    try (final Txn transaction = transactionManager.beginTransaction()) {
                        servicesManager.startPreSystemServices(systemBroker, transaction);
                        transaction.commit();
                    } catch (final BrokerPoolServiceException e) {
                        throw new EXistException(e);
                    }
                    // Run the recovery process
                    boolean recovered = false;
                    if (isRecoveryEnabled()) {
                        recovered = runRecovery(systemBroker);
                        // TODO : extract the following from this block ? What if we are not transactional ? -pb
                        if (!recovered) {
                            try {
                                if (systemBroker.getCollection(XmldbURI.ROOT_COLLECTION_URI) == null) {
                                    final Txn txn = transactionManager.beginTransaction();
                                    try {
                                        systemBroker.getOrCreateCollection(txn, XmldbURI.ROOT_COLLECTION_URI);
                                        transactionManager.commit(txn);
                                    } catch (final IOException | TriggerException | PermissionDeniedException e) {
                                        transactionManager.abort(txn);
                                    } finally {
                                        transactionManager.close(txn);
                                    }
                                }
                            } catch (final PermissionDeniedException pde) {
                                LOG.fatal(pde.getMessage(), pde);
                            }
                        }
                    }
                    /* initialise required collections if they don't exist yet */
                    if (!exportOnly) {
                        try {
                            initialiseSystemCollections(systemBroker);
                        } catch (final PermissionDeniedException pde) {
                            LOG.error(pde.getMessage(), pde);
                            throw new EXistException(pde.getMessage(), pde);
                        }
                    }
                    statusReporter.setStatus(SIGNAL_READINESS);
                    try (final Txn transaction = transactionManager.beginTransaction()) {
                        servicesManager.startSystemServices(systemBroker, transaction);
                        transaction.commit();
                    } catch (final BrokerPoolServiceException e) {
                        throw new EXistException(e);
                    }
                    // TODO : merge this with the recovery process ?
                    if (isRecoveryEnabled() && recovered) {
                        if (!exportOnly) {
                            reportStatus("Reindexing database files...");
                            try {
                                systemBroker.repair();
                            } catch (final PermissionDeniedException e) {
                                LOG.warn("Error during recovery: {}", e.getMessage(), e);
                            }
                        }
                        if ((Boolean) conf.getProperty(PROPERTY_RECOVERY_CHECK)) {
                            final ConsistencyCheckTask task = new ConsistencyCheckTask();
                            final Properties props = new Properties();
                            props.setProperty("backup", "no");
                            props.setProperty("output", "sanity");
                            task.configure(conf, props);
                            try (final Txn transaction = transactionManager.beginTransaction()) {
                                task.execute(systemBroker, transaction);
                                transaction.commit();
                            }
                        }
                    }
                    // OK : the DB is repaired; let's make a few RW operations
                    statusReporter.setStatus(SIGNAL_WRITABLE);
                    // initialize configurations watcher trigger
                    if (!exportOnly) {
                        try {
                            initialiseTriggersForCollections(systemBroker, XmldbURI.SYSTEM_COLLECTION_URI);
                        } catch (final PermissionDeniedException pde) {
                            // XXX: do not catch exception!
                            LOG.error(pde.getMessage(), pde);
                        }
                    }
                    // remove temporary docs
                    try {
                        systemBroker.cleanUpTempResources(true);
                    } catch (final PermissionDeniedException pde) {
                        LOG.error(pde.getMessage(), pde);
                    }
                    sync(systemBroker, Sync.MAJOR);
                    // system mode before entering multi-user mode
                    try (final Txn transaction = transactionManager.beginTransaction()) {
                        servicesManager.startPreMultiUserSystemServices(systemBroker, transaction);
                        transaction.commit();
                    } catch (final BrokerPoolServiceException e) {
                        throw new EXistException(e);
                    }
                }
                // Create the minimal number of brokers required by the configuration
                for (int i = 1; i < minBrokers; i++) {
                    createBroker();
                }
                status.process(Event.INITIALIZE_MULTI_USER_MODE);
                // register some MBeans to provide access to this instance
                AgentFactory.getInstance().initDBInstance(this);
                if (LOG.isDebugEnabled()) {
                    LOG.debug("database instance '{}' initialized", instanceName);
                }
                servicesManager.startMultiUserServices(this);
                status.process(Event.READY);
                statusReporter.setStatus(SIGNAL_STARTED);
            } catch (final Throwable t) {
                transactionManager.shutdown();
                throw t;
            }
        } catch (final EXistException e) {
            throw e;
        } catch (final Throwable t) {
            throw new EXistException(t.getMessage(), t);
        }
    } finally {
        if (statusReporter != null) {
            statusReporter.terminate();
            statusReporter = null;
        }
    }
}
Also used : FSM(com.evolvedbinary.j8fu.fsm.FSM) Txn(org.exist.storage.txn.Txn) Array(java.lang.reflect.Array) BlobStoreService(org.exist.storage.blob.BlobStoreService) ConfigurationDocumentTrigger(org.exist.config.ConfigurationDocumentTrigger) RecoveryManager(org.exist.storage.recovery.RecoveryManager) org.exist.security(org.exist.security) PluginsManager(org.exist.plugin.PluginsManager) ThreadUtils.nameInstanceThreadGroup(org.exist.util.ThreadUtils.nameInstanceThreadGroup) Configurator(org.exist.config.Configurator) ClasspathHelper(org.exist.repo.ClasspathHelper) BlobStoreImplService(org.exist.storage.blob.BlobStoreImplService) Collection(org.exist.collections.Collection) Path(java.nio.file.Path) SystemTaskJobImpl(org.exist.scheduler.impl.SystemTaskJobImpl) PrintWriter(java.io.PrintWriter) SecurityManagerImpl(org.exist.security.internal.SecurityManagerImpl) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) AtomicLazyVal(com.evolvedbinary.j8fu.lazy.AtomicLazyVal) org.exist.collections.triggers(org.exist.collections.triggers) Reference(java.lang.ref.Reference) SecurityManager(org.exist.security.SecurityManager) Logger(org.apache.logging.log4j.Logger) CollectionCache(org.exist.collections.CollectionCache) LockManager(org.exist.storage.lock.LockManager) GuardedBy(net.jcip.annotations.GuardedBy) Debuggee(org.exist.debuggee.Debuggee) Entry(java.util.Map.Entry) AgentFactory(org.exist.management.AgentFactory) ExistRepository(org.exist.repo.ExistRepository) java.util(java.util) ConfigurationClass(org.exist.config.annotation.ConfigurationClass) ThreadSafe(net.jcip.annotations.ThreadSafe) NumberFormat(java.text.NumberFormat) IndexManager(org.exist.indexing.IndexManager) BlobStore(org.exist.storage.blob.BlobStore) ShutdownListener(org.exist.xmldb.ShutdownListener) XmldbURI(org.exist.xmldb.XmldbURI) QuartzSchedulerImpl(org.exist.scheduler.impl.QuartzSchedulerImpl) EXistException(org.exist.EXistException) ThreadUtils.newInstanceThread(org.exist.util.ThreadUtils.newInstanceThread) PluginsManagerImpl(org.exist.plugin.PluginsManagerImpl) FileLockService(org.exist.storage.lock.FileLockService) XQuery(org.exist.xquery.XQuery) CollectionConfiguration(org.exist.collections.CollectionConfiguration) DebuggeeFactory(org.exist.debuggee.DebuggeeFactory) Database(org.exist.Database) ReentrantLock(java.util.concurrent.locks.ReentrantLock) FileStore(java.nio.file.FileStore) JournalManager(org.exist.storage.journal.JournalManager) StringWriter(java.io.StringWriter) Sync(org.exist.storage.sync.Sync) IOException(java.io.IOException) DLNFactory(org.exist.numbering.DLNFactory) TransactionException(org.exist.storage.txn.TransactionException) Field(java.lang.reflect.Field) CollectionConfigurationManager(org.exist.collections.CollectionConfigurationManager) AtomicFSM(com.evolvedbinary.j8fu.fsm.AtomicFSM) SymbolTable(org.exist.dom.persistent.SymbolTable) Consumer(java.util.function.Consumer) Scheduler(org.exist.scheduler.Scheduler) SyncTask(org.exist.storage.sync.SyncTask) TransactionManager(org.exist.storage.txn.TransactionManager) Lock(java.util.concurrent.locks.Lock) PerformanceStats(org.exist.xquery.PerformanceStats) ConcurrentSkipListSet(java.util.concurrent.ConcurrentSkipListSet) org.exist.util(org.exist.util) NodeIdFactory(org.exist.numbering.NodeIdFactory) LogManager(org.apache.logging.log4j.LogManager) TransitionTable.transitionTable(com.evolvedbinary.j8fu.fsm.TransitionTable.transitionTable) ConfigurationFieldAsAttribute(org.exist.config.annotation.ConfigurationFieldAsAttribute) SyncTask(org.exist.storage.sync.SyncTask) SecurityManagerImpl(org.exist.security.internal.SecurityManagerImpl) SystemTaskJobImpl(org.exist.scheduler.impl.SystemTaskJobImpl) Txn(org.exist.storage.txn.Txn) PluginsManagerImpl(org.exist.plugin.PluginsManagerImpl) CollectionCache(org.exist.collections.CollectionCache) QuartzSchedulerImpl(org.exist.scheduler.impl.QuartzSchedulerImpl) ExistRepository(org.exist.repo.ExistRepository) ClasspathHelper(org.exist.repo.ClasspathHelper) JournalManager(org.exist.storage.journal.JournalManager) SymbolTable(org.exist.dom.persistent.SymbolTable) BlobStoreImplService(org.exist.storage.blob.BlobStoreImplService) EXistException(org.exist.EXistException) IOException(java.io.IOException) FileLockService(org.exist.storage.lock.FileLockService) ThreadUtils.newInstanceThread(org.exist.util.ThreadUtils.newInstanceThread) IndexManager(org.exist.indexing.IndexManager) LockManager(org.exist.storage.lock.LockManager) PerformanceStats(org.exist.xquery.PerformanceStats) TransactionManager(org.exist.storage.txn.TransactionManager) CollectionConfigurationManager(org.exist.collections.CollectionConfigurationManager)

Aggregations

Database (org.exist.Database)2 SecurityManagerImpl (org.exist.security.internal.SecurityManagerImpl)2 AtomicFSM (com.evolvedbinary.j8fu.fsm.AtomicFSM)1 FSM (com.evolvedbinary.j8fu.fsm.FSM)1 TransitionTable.transitionTable (com.evolvedbinary.j8fu.fsm.TransitionTable.transitionTable)1 AtomicLazyVal (com.evolvedbinary.j8fu.lazy.AtomicLazyVal)1 IOException (java.io.IOException)1 PrintWriter (java.io.PrintWriter)1 StringWriter (java.io.StringWriter)1 Reference (java.lang.ref.Reference)1 Array (java.lang.reflect.Array)1 Field (java.lang.reflect.Field)1 FileStore (java.nio.file.FileStore)1 Path (java.nio.file.Path)1 NumberFormat (java.text.NumberFormat)1 java.util (java.util)1 Entry (java.util.Map.Entry)1 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1 ConcurrentSkipListSet (java.util.concurrent.ConcurrentSkipListSet)1 Lock (java.util.concurrent.locks.Lock)1