Search in sources :

Example 1 with ACEAider

use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.

the class AccessControlEntryDialog method btnCreateActionPerformed.

// </editor-fold>//GEN-END:initComponents
private void btnCreateActionPerformed(java.awt.event.ActionEvent evt) {
    // GEN-FIRST:event_btnCreateActionPerformed
    final ACE_TARGET target = ACE_TARGET.valueOf((String) cmbTarget.getSelectedItem());
    final String who;
    if (target == ACE_TARGET.USER) {
        who = (String) cmbUsername.getSelectedItem();
        if (!isValidUsername(who)) {
            return;
        }
    } else {
        who = (String) cmbGroupName.getSelectedItem();
        if (!isValidGroupName(who)) {
            return;
        }
    }
    final ACE_ACCESS_TYPE accessType = ACE_ACCESS_TYPE.valueOf((String) cmbAccess.getSelectedItem());
    int mode = 0;
    if ((Boolean) tblPermission.getValueAt(0, 0)) {
        mode |= Permission.READ;
    }
    if ((Boolean) tblPermission.getValueAt(0, 1)) {
        mode |= Permission.WRITE;
    }
    if ((Boolean) tblPermission.getValueAt(0, 2)) {
        mode |= Permission.EXECUTE;
    }
    final ACEAider ace = new ACEAider(accessType, target, who, mode);
    for (final DialogCompleteWithResponse<ACEAider> callback : getDialogCompleteWithResponseCallbacks()) {
        callback.complete(ace);
    }
    setVisible(false);
    dispose();
}
Also used : ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE) ACEAider(org.exist.security.internal.aider.ACEAider) ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET)

Example 2 with ACEAider

use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.

the class RemoteCollection method getSubResourcePermissions.

public Permission getSubResourcePermissions(final String name) throws PermissionDeniedException, XMLDBException {
    final List<String> params = new ArrayList<>(2);
    params.add(getPath());
    params.add(name);
    final Map result = (Map) execute("getSubResourcePermissions", params);
    final String owner = (String) result.get("owner");
    final String group = (String) result.get("group");
    final int mode = (Integer) result.get("permissions");
    final Stream<ACEAider> aces = extractAces(result.get("acl"));
    return getPermission(owner, group, mode, aces);
}
Also used : ACEAider(org.exist.security.internal.aider.ACEAider) ArrayList(java.util.ArrayList) Map(java.util.Map)

Example 3 with ACEAider

use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.

the class RemoteCollection method getResource.

@Override
public Resource getResource(final String name) throws XMLDBException {
    final List<String> params = new ArrayList<>(1);
    XmldbURI docUri;
    try {
        docUri = XmldbURI.xmldbUriFor(name);
    } catch (final URISyntaxException e) {
        throw new XMLDBException(ErrorCodes.INVALID_URI, e);
    }
    params.add(getPathURI().append(docUri).toString());
    final Map hash;
    hash = (Map) execute("describeResource", params);
    final String docName = (String) hash.get("name");
    if (docName == null) {
        // resource does not exist!
        return null;
    }
    try {
        docUri = XmldbURI.xmldbUriFor(docName).lastSegment();
    } catch (final URISyntaxException e) {
        throw new XMLDBException(ErrorCodes.INVALID_URI, e);
    }
    final String owner = (String) hash.get("owner");
    final String group = (String) hash.get("group");
    final int mode = (Integer) hash.get("permissions");
    final Stream<ACEAider> aces = extractAces(hash.get("acl"));
    final Permission perm;
    try {
        perm = getPermission(owner, group, mode, aces);
    } catch (final PermissionDeniedException pde) {
        throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "Unable to retrieve permissions for resource '" + name + "': " + pde.getMessage(), pde);
    }
    final String type = (String) hash.get("type");
    long contentLen = 0;
    if (hash.containsKey("content-length-64bit")) {
        final Object o = hash.get("content-length-64bit");
        if (o instanceof Long) {
            contentLen = (Long) o;
        } else {
            contentLen = Long.parseLong((String) o);
        }
    } else if (hash.containsKey("content-length")) {
        contentLen = (Integer) hash.get("content-length");
    }
    final AbstractRemoteResource r;
    if (type == null || "XMLResource".equals(type)) {
        r = new RemoteXMLResource(this, -1, -1, docUri, Optional.empty());
    } else {
        r = new RemoteBinaryResource(this, docUri);
        if (hash.containsKey("blob-id")) {
            final byte[] blobId = (byte[]) hash.get("blob-id");
            ((RemoteBinaryResource) r).setBlobId(new BlobId(blobId));
        }
        if (hash.containsKey("digest-algorithm") && hash.containsKey("digest")) {
            final String digestAlgorithm = (String) hash.get("digest-algorithm");
            final byte[] digest = (byte[]) hash.get("digest");
            final MessageDigest messageDigest = new MessageDigest(DigestType.forCommonName(digestAlgorithm), digest);
            ((RemoteBinaryResource) r).setContentDigest(messageDigest);
        }
    }
    r.setPermissions(perm);
    r.setContentLength(contentLen);
    r.dateCreated = (Date) hash.get("created");
    r.dateModified = (Date) hash.get("modified");
    if (hash.containsKey("mime-type")) {
        r.setMimeType((String) hash.get("mime-type"));
    }
    return r;
}
Also used : ArrayList(java.util.ArrayList) URISyntaxException(java.net.URISyntaxException) ACEAider(org.exist.security.internal.aider.ACEAider) Permission(org.exist.security.Permission) PermissionDeniedException(org.exist.security.PermissionDeniedException) MessageDigest(org.exist.util.crypto.digest.MessageDigest) Map(java.util.Map) BlobId(org.exist.storage.blob.BlobId)

Example 4 with ACEAider

use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.

the class RemoteCollection method getSubCollectionPermissions.

public Permission getSubCollectionPermissions(final String name) throws PermissionDeniedException, XMLDBException {
    final List<String> params = new ArrayList<>(2);
    params.add(getPath());
    params.add(name);
    final Map result = (Map) execute("getSubCollectionPermissions", params);
    final String owner = (String) result.get("owner");
    final String group = (String) result.get("group");
    final int mode = (Integer) result.get("permissions");
    final Stream<ACEAider> aces = extractAces(result.get("acl"));
    return getPermission(owner, group, mode, aces);
}
Also used : ACEAider(org.exist.security.internal.aider.ACEAider) ArrayList(java.util.ArrayList) Map(java.util.Map)

Example 5 with ACEAider

use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.

the class RemoteUserManagementService method listResourcePermissions.

@Override
public Permission[] listResourcePermissions() throws XMLDBException {
    try {
        final List<Object> params = new ArrayList<>();
        params.add(collection.getPath());
        final Map result = (Map) collection.execute("listDocumentPermissions", params);
        final Permission[] perm = new Permission[result.size()];
        final String[] resources = collection.listResources();
        Object[] t;
        for (int i = 0; i < resources.length; i++) {
            t = (Object[]) result.get(resources[i]);
            final String owner = (String) t[0];
            final String group = (String) t[1];
            final int mode = (Integer) t[2];
            final Stream<ACEAider> aces = extractAces(t[3]);
            perm[i] = getPermission(owner, group, mode, aces);
        }
        return perm;
    } catch (final PermissionDeniedException pde) {
        throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, pde.getMessage(), pde);
    }
}
Also used : XMLDBException(org.xmldb.api.base.XMLDBException) ACEAider(org.exist.security.internal.aider.ACEAider) ACLPermission(org.exist.security.ACLPermission) Permission(org.exist.security.Permission) PermissionDeniedException(org.exist.security.PermissionDeniedException)

Aggregations

ACEAider (org.exist.security.internal.aider.ACEAider)23 PermissionDeniedException (org.exist.security.PermissionDeniedException)8 XMLDBException (org.xmldb.api.base.XMLDBException)8 ACLPermission (org.exist.security.ACLPermission)7 Permission (org.exist.security.Permission)7 ArrayList (java.util.ArrayList)5 Map (java.util.Map)3 Collection (org.exist.collections.Collection)3 BrokerPool (org.exist.storage.BrokerPool)3 DBBroker (org.exist.storage.DBBroker)3 Txn (org.exist.storage.txn.Txn)3 ACE_ACCESS_TYPE (org.exist.security.ACLPermission.ACE_ACCESS_TYPE)2 ACE_TARGET (org.exist.security.ACLPermission.ACE_TARGET)2 BeforeClass (org.junit.BeforeClass)2 Collection (org.xmldb.api.base.Collection)2 Either (com.evolvedbinary.j8fu.Either)1 ConsumerE (com.evolvedbinary.j8fu.function.ConsumerE)1 IOException (java.io.IOException)1 URISyntaxException (java.net.URISyntaxException)1 List (java.util.List)1