use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class RemoteUserManagementService method getPermissions.
@Override
public Permission getPermissions(final Resource res) throws XMLDBException {
if (res == null) {
throw new XMLDBException(ErrorCodes.INVALID_RESOURCE, "resource is null");
}
// TODO : use dedicated function in XmldbURI
final String path = ((RemoteCollection) res.getParentCollection()).getPath() + "/" + res.getId();
try {
final List<Object> params = new ArrayList<>();
params.add(path);
final Map result = (Map) collection.execute("getPermissions", params);
final String owner = (String) result.get("owner");
final String group = (String) result.get("group");
final int mode = (Integer) result.get("permissions");
final Stream<ACEAider> aces = extractAces(result.get("acl"));
return getPermission(owner, group, mode, aces);
} catch (final PermissionDeniedException pde) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, pde.getMessage(), pde);
}
}
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class ACEAiderParser method toAceAider.
private static ACEAider toAceAider(final List<Object> list) throws SAXException {
if (list.size() != 4) {
throw new SAXException("Inavlis list size for ACEAider");
}
Object object = list.get(0);
final ACE_ACCESS_TYPE aceAccessType;
if (object instanceof String) {
try {
aceAccessType = ACE_ACCESS_TYPE.valueOf((String) object);
} catch (final IllegalArgumentException e) {
throw new SAXException(e);
}
} else {
throw new SAXException("Expected ACE_ACCESS_TYPE");
}
object = list.get(1);
final ACE_TARGET aceTarget;
if (object instanceof String) {
try {
aceTarget = ACE_TARGET.valueOf((String) object);
} catch (final IllegalArgumentException e) {
throw new SAXException(e);
}
} else {
throw new SAXException("Expected ACE_TARGET");
}
object = list.get(2);
final String aceWho;
if (object instanceof String) {
aceWho = (String) object;
} else {
throw new SAXException("Expected String");
}
object = list.get(3);
final int aceMode;
if (object instanceof Integer) {
aceMode = (Integer) object;
} else {
throw new SAXException("Expected Integer");
}
return new ACEAider(aceAccessType, aceTarget, aceWho, aceMode);
}
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class ACEAiderSerializer method writeData.
private void writeData(final ContentHandler handler, final Object object) throws SAXException {
final ACEAider aceAider = (ACEAider) object;
writeObject(handler, aceAider.getAccessType().name());
writeObject(handler, aceAider.getTarget().name());
writeObject(handler, aceAider.getWho());
writeObject(handler, aceAider.getMode());
}
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class XmldbApiSecurityTest method addCollectionUserAce.
@Override
protected void addCollectionUserAce(final String collectionUri, final String user_uid, final String mode, final boolean allow, final String uid, final String pwd) throws ApiException {
Collection parentCol = null;
Collection subCol = null;
try {
final String parentColUri = collectionUri.substring(0, collectionUri.lastIndexOf('/'));
final String subColName = collectionUri.substring(collectionUri.lastIndexOf('/') + 1);
parentCol = DatabaseManager.getCollection(getBaseUri() + parentColUri, uid, pwd);
final UserManagementService ums = (UserManagementService) parentCol.getService("UserManagementService", "1.0");
final Permission subColPermissions = ums.getSubCollectionPermissions(parentCol, subColName);
subCol = DatabaseManager.getCollection(getBaseUri() + collectionUri, uid, pwd);
final List<ACEAider> aces = new ArrayList<>();
final ACEAider ace = new ACEAider(allow ? ACLPermission.ACE_ACCESS_TYPE.ALLOWED : ACLPermission.ACE_ACCESS_TYPE.DENIED, ACLPermission.ACE_TARGET.USER, user_uid, SimpleACLPermission.aceSimpleSymbolicModeToInt(mode));
aces.add(ace);
ums.setPermissions(subCol, subColPermissions.getOwner().getName(), subColPermissions.getGroup().getName(), subColPermissions.getMode(), aces);
} catch (final XMLDBException | PermissionDeniedException e) {
throw new ApiException(e);
} finally {
if (subCol != null) {
try {
subCol.close();
} catch (final XMLDBException xmldbe) {
throw new ApiException(xmldbe);
}
}
if (parentCol != null) {
try {
parentCol.close();
} catch (final XMLDBException xmldbe) {
throw new ApiException(xmldbe);
}
}
}
}
use of org.exist.security.internal.aider.ACEAider in project exist by eXist-db.
the class RpcConnection method getACEs.
private List<ACEAider> getACEs(final Permission perm) {
final List<ACEAider> aces = new ArrayList<>();
final ACLPermission aclPermission = (ACLPermission) perm;
for (int i = 0; i < aclPermission.getACECount(); i++) {
aces.add(new ACEAider(aclPermission.getACEAccessType(i), aclPermission.getACETarget(i), aclPermission.getACEWho(i), aclPermission.getACEMode(i)));
}
return aces;
}
Aggregations