Example 1 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class AccessControlEntryDialog method btnCreateActionPerformed.
// </editor-fold>//GEN-END:initComponents
private void btnCreateActionPerformed(java.awt.event.ActionEvent evt) {
// GEN-FIRST:event_btnCreateActionPerformed
final ACE_TARGET target = ACE_TARGET.valueOf((String) cmbTarget.getSelectedItem());
final String who;
if (target == ACE_TARGET.USER) {
who = (String) cmbUsername.getSelectedItem();
if (!isValidUsername(who)) {
return;
}
} else {
who = (String) cmbGroupName.getSelectedItem();
if (!isValidGroupName(who)) {
return;
}
}
final ACE_ACCESS_TYPE accessType = ACE_ACCESS_TYPE.valueOf((String) cmbAccess.getSelectedItem());
int mode = 0;
if ((Boolean) tblPermission.getValueAt(0, 0)) {
mode |= Permission.READ;
}
if ((Boolean) tblPermission.getValueAt(0, 1)) {
mode |= Permission.WRITE;
}
if ((Boolean) tblPermission.getValueAt(0, 2)) {
mode |= Permission.EXECUTE;
}
final ACEAider ace = new ACEAider(accessType, target, who, mode);
for (final DialogCompleteWithResponse<ACEAider> callback : getDialogCompleteWithResponseCallbacks()) {
callback.complete(ace);
}
setVisible(false);
dispose();
}
Also used :
ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE)
ACEAider(org.exist.security.internal.aider.ACEAider)
ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET)
Example 2 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class RemoteCollection method getSubResourcePermissions.
public Permission getSubResourcePermissions(final String name) throws PermissionDeniedException, XMLDBException {
final List<String> params = new ArrayList<>(2);
params.add(getPath());
params.add(name);
final Map result = (Map) execute("getSubResourcePermissions", params);
final String owner = (String) result.get("owner");
final String group = (String) result.get("group");
final int mode = (Integer) result.get("permissions");
final Stream<ACEAider> aces = extractAces(result.get("acl"));
return getPermission(owner, group, mode, aces);
}Example 3 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class RemoteCollection method getResource.
@Override
public Resource getResource(final String name) throws XMLDBException {
final List<String> params = new ArrayList<>(1);
XmldbURI docUri;
try {
docUri = XmldbURI.xmldbUriFor(name);
} catch (final URISyntaxException e) {
throw new XMLDBException(ErrorCodes.INVALID_URI, e);
}
params.add(getPathURI().append(docUri).toString());
final Map hash;
hash = (Map) execute("describeResource", params);
final String docName = (String) hash.get("name");
if (docName == null) {
// resource does not exist!
return null;
}
try {
docUri = XmldbURI.xmldbUriFor(docName).lastSegment();
} catch (final URISyntaxException e) {
throw new XMLDBException(ErrorCodes.INVALID_URI, e);
}
final String owner = (String) hash.get("owner");
final String group = (String) hash.get("group");
final int mode = (Integer) hash.get("permissions");
final Stream<ACEAider> aces = extractAces(hash.get("acl"));
final Permission perm;
try {
perm = getPermission(owner, group, mode, aces);
} catch (final PermissionDeniedException pde) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "Unable to retrieve permissions for resource '" + name + "': " + pde.getMessage(), pde);
}
final String type = (String) hash.get("type");
long contentLen = 0;
if (hash.containsKey("content-length-64bit")) {
final Object o = hash.get("content-length-64bit");
if (o instanceof Long) {
contentLen = (Long) o;
} else {
contentLen = Long.parseLong((String) o);
}
} else if (hash.containsKey("content-length")) {
contentLen = (Integer) hash.get("content-length");
}
final AbstractRemoteResource r;
if (type == null || "XMLResource".equals(type)) {
r = new RemoteXMLResource(this, -1, -1, docUri, Optional.empty());
} else {
r = new RemoteBinaryResource(this, docUri);
if (hash.containsKey("blob-id")) {
final byte[] blobId = (byte[]) hash.get("blob-id");
((RemoteBinaryResource) r).setBlobId(new BlobId(blobId));
}
if (hash.containsKey("digest-algorithm") && hash.containsKey("digest")) {
final String digestAlgorithm = (String) hash.get("digest-algorithm");
final byte[] digest = (byte[]) hash.get("digest");
final MessageDigest messageDigest = new MessageDigest(DigestType.forCommonName(digestAlgorithm), digest);
((RemoteBinaryResource) r).setContentDigest(messageDigest);
}
}
r.setPermissions(perm);
r.setContentLength(contentLen);
r.dateCreated = (Date) hash.get("created");
r.dateModified = (Date) hash.get("modified");
if (hash.containsKey("mime-type")) {
r.setMimeType((String) hash.get("mime-type"));
}
return r;
}
Also used :
ArrayList(java.util.ArrayList)
URISyntaxException(java.net.URISyntaxException)
ACEAider(org.exist.security.internal.aider.ACEAider)
Permission(org.exist.security.Permission)
PermissionDeniedException(org.exist.security.PermissionDeniedException)
MessageDigest(org.exist.util.crypto.digest.MessageDigest)
Map(java.util.Map)
BlobId(org.exist.storage.blob.BlobId)
Example 4 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class RemoteCollection method getSubCollectionPermissions.
public Permission getSubCollectionPermissions(final String name) throws PermissionDeniedException, XMLDBException {
final List<String> params = new ArrayList<>(2);
params.add(getPath());
params.add(name);
final Map result = (Map) execute("getSubCollectionPermissions", params);
final String owner = (String) result.get("owner");
final String group = (String) result.get("group");
final int mode = (Integer) result.get("permissions");
final Stream<ACEAider> aces = extractAces(result.get("acl"));
return getPermission(owner, group, mode, aces);
}Example 5 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class RemoteUserManagementService method listResourcePermissions.
@Override
public Permission[] listResourcePermissions() throws XMLDBException {
try {
final List<Object> params = new ArrayList<>();
params.add(collection.getPath());
final Map result = (Map) collection.execute("listDocumentPermissions", params);
final Permission[] perm = new Permission[result.size()];
final String[] resources = collection.listResources();
Object[] t;
for (int i = 0; i < resources.length; i++) {
t = (Object[]) result.get(resources[i]);
final String owner = (String) t[0];
final String group = (String) t[1];
final int mode = (Integer) t[2];
final Stream<ACEAider> aces = extractAces(t[3]);
perm[i] = getPermission(owner, group, mode, aces);
}
return perm;
} catch (final PermissionDeniedException pde) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, pde.getMessage(), pde);
}
}
Also used :
XMLDBException(org.xmldb.api.base.XMLDBException)
ACEAider(org.exist.security.internal.aider.ACEAider)
ACLPermission(org.exist.security.ACLPermission)
Permission(org.exist.security.Permission)
PermissionDeniedException(org.exist.security.PermissionDeniedException)
Aggregations
ACEAider (org.exist.security.internal.aider.ACEAider)23
PermissionDeniedException (org.exist.security.PermissionDeniedException)8
XMLDBException (org.xmldb.api.base.XMLDBException)8
ACLPermission (org.exist.security.ACLPermission)7
Permission (org.exist.security.Permission)7
ArrayList (java.util.ArrayList)5
Map (java.util.Map)3
Collection (org.exist.collections.Collection)3
BrokerPool (org.exist.storage.BrokerPool)3
DBBroker (org.exist.storage.DBBroker)3
Txn (org.exist.storage.txn.Txn)3
ACE_ACCESS_TYPE (org.exist.security.ACLPermission.ACE_ACCESS_TYPE)2
ACE_TARGET (org.exist.security.ACLPermission.ACE_TARGET)2
BeforeClass (org.junit.BeforeClass)2
Collection (org.xmldb.api.base.Collection)2
Either (com.evolvedbinary.j8fu.Either)1
ConsumerE (com.evolvedbinary.j8fu.function.ConsumerE)1
IOException (java.io.IOException)1
URISyntaxException (java.net.URISyntaxException)1
List (java.util.List)1
