Example 6 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class RemoteUserManagementService method getPermissions.
@Override
public Permission getPermissions(final Resource res) throws XMLDBException {
if (res == null) {
throw new XMLDBException(ErrorCodes.INVALID_RESOURCE, "resource is null");
}
// TODO : use dedicated function in XmldbURI
final String path = ((RemoteCollection) res.getParentCollection()).getPath() + "/" + res.getId();
try {
final List<Object> params = new ArrayList<>();
params.add(path);
final Map result = (Map) collection.execute("getPermissions", params);
final String owner = (String) result.get("owner");
final String group = (String) result.get("group");
final int mode = (Integer) result.get("permissions");
final Stream<ACEAider> aces = extractAces(result.get("acl"));
return getPermission(owner, group, mode, aces);
} catch (final PermissionDeniedException pde) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, pde.getMessage(), pde);
}
}
Also used :
ACEAider(org.exist.security.internal.aider.ACEAider)
XMLDBException(org.xmldb.api.base.XMLDBException)
PermissionDeniedException(org.exist.security.PermissionDeniedException)
Example 7 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class ACEAiderParser method toAceAider.
private static ACEAider toAceAider(final List<Object> list) throws SAXException {
if (list.size() != 4) {
throw new SAXException("Inavlis list size for ACEAider");
}
Object object = list.get(0);
final ACE_ACCESS_TYPE aceAccessType;
if (object instanceof String) {
try {
aceAccessType = ACE_ACCESS_TYPE.valueOf((String) object);
} catch (final IllegalArgumentException e) {
throw new SAXException(e);
}
} else {
throw new SAXException("Expected ACE_ACCESS_TYPE");
}
object = list.get(1);
final ACE_TARGET aceTarget;
if (object instanceof String) {
try {
aceTarget = ACE_TARGET.valueOf((String) object);
} catch (final IllegalArgumentException e) {
throw new SAXException(e);
}
} else {
throw new SAXException("Expected ACE_TARGET");
}
object = list.get(2);
final String aceWho;
if (object instanceof String) {
aceWho = (String) object;
} else {
throw new SAXException("Expected String");
}
object = list.get(3);
final int aceMode;
if (object instanceof Integer) {
aceMode = (Integer) object;
} else {
throw new SAXException("Expected Integer");
}
return new ACEAider(aceAccessType, aceTarget, aceWho, aceMode);
}
Also used :
ACE_ACCESS_TYPE(org.exist.security.ACLPermission.ACE_ACCESS_TYPE)
ACEAider(org.exist.security.internal.aider.ACEAider)
ACE_TARGET(org.exist.security.ACLPermission.ACE_TARGET)
SAXException(org.xml.sax.SAXException)
Example 8 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class ACEAiderSerializer method writeData.
private void writeData(final ContentHandler handler, final Object object) throws SAXException {
final ACEAider aceAider = (ACEAider) object;
writeObject(handler, aceAider.getAccessType().name());
writeObject(handler, aceAider.getTarget().name());
writeObject(handler, aceAider.getWho());
writeObject(handler, aceAider.getMode());
}
Also used :
ACEAider(org.exist.security.internal.aider.ACEAider)
Example 9 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class XmldbApiSecurityTest method addCollectionUserAce.
@Override
protected void addCollectionUserAce(final String collectionUri, final String user_uid, final String mode, final boolean allow, final String uid, final String pwd) throws ApiException {
Collection parentCol = null;
Collection subCol = null;
try {
final String parentColUri = collectionUri.substring(0, collectionUri.lastIndexOf('/'));
final String subColName = collectionUri.substring(collectionUri.lastIndexOf('/') + 1);
parentCol = DatabaseManager.getCollection(getBaseUri() + parentColUri, uid, pwd);
final UserManagementService ums = (UserManagementService) parentCol.getService("UserManagementService", "1.0");
final Permission subColPermissions = ums.getSubCollectionPermissions(parentCol, subColName);
subCol = DatabaseManager.getCollection(getBaseUri() + collectionUri, uid, pwd);
final List<ACEAider> aces = new ArrayList<>();
final ACEAider ace = new ACEAider(allow ? ACLPermission.ACE_ACCESS_TYPE.ALLOWED : ACLPermission.ACE_ACCESS_TYPE.DENIED, ACLPermission.ACE_TARGET.USER, user_uid, SimpleACLPermission.aceSimpleSymbolicModeToInt(mode));
aces.add(ace);
ums.setPermissions(subCol, subColPermissions.getOwner().getName(), subColPermissions.getGroup().getName(), subColPermissions.getMode(), aces);
} catch (final XMLDBException | PermissionDeniedException e) {
throw new ApiException(e);
} finally {
if (subCol != null) {
try {
subCol.close();
} catch (final XMLDBException xmldbe) {
throw new ApiException(xmldbe);
}
}
if (parentCol != null) {
try {
parentCol.close();
} catch (final XMLDBException xmldbe) {
throw new ApiException(xmldbe);
}
}
}
}
Also used :
ACEAider(org.exist.security.internal.aider.ACEAider)
ArrayList(java.util.ArrayList)
Collection(org.xmldb.api.base.Collection)
XMLDBException(org.xmldb.api.base.XMLDBException)
UserManagementService(org.exist.xmldb.UserManagementService)
Example 10 with ACEAider
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class RpcConnection method getACEs.
private List<ACEAider> getACEs(final Permission perm) {
final List<ACEAider> aces = new ArrayList<>();
final ACLPermission aclPermission = (ACLPermission) perm;
for (int i = 0; i < aclPermission.getACECount(); i++) {
aces.add(new ACEAider(aclPermission.getACEAccessType(i), aclPermission.getACETarget(i), aclPermission.getACEWho(i), aclPermission.getACEMode(i)));
}
return aces;
}
Also used :
ACLPermission(org.exist.security.ACLPermission)
ACEAider(org.exist.security.internal.aider.ACEAider)
Aggregations
ACEAider (org.exist.security.internal.aider.ACEAider)23
PermissionDeniedException (org.exist.security.PermissionDeniedException)8
XMLDBException (org.xmldb.api.base.XMLDBException)8
ACLPermission (org.exist.security.ACLPermission)7
Permission (org.exist.security.Permission)7
ArrayList (java.util.ArrayList)5
Map (java.util.Map)3
Collection (org.exist.collections.Collection)3
BrokerPool (org.exist.storage.BrokerPool)3
DBBroker (org.exist.storage.DBBroker)3
Txn (org.exist.storage.txn.Txn)3
ACE_ACCESS_TYPE (org.exist.security.ACLPermission.ACE_ACCESS_TYPE)2
ACE_TARGET (org.exist.security.ACLPermission.ACE_TARGET)2
BeforeClass (org.junit.BeforeClass)2
Collection (org.xmldb.api.base.Collection)2
Either (com.evolvedbinary.j8fu.Either)1
ConsumerE (com.evolvedbinary.j8fu.function.ConsumerE)1
IOException (java.io.IOException)1
URISyntaxException (java.net.URISyntaxException)1
List (java.util.List)1
