use of org.exist.security.internal.aider.GroupAider in project exist by eXist-db.
the class PermissionsFunctionChownTest method prepareDb.
@BeforeClass
public static void prepareDb() throws EXistException, PermissionDeniedException, IOException, TriggerException {
final BrokerPool pool = existWebServer.getBrokerPool();
final SecurityManager sm = pool.getSecurityManager();
try (final DBBroker broker = pool.get(Optional.of(sm.getSystemSubject()));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
final Collection collection = broker.getOrCreateCollection(transaction, TestConstants.TEST_COLLECTION_URI);
PermissionFactory.chmod(broker, collection, Optional.of(511), Optional.empty());
broker.saveCollection(transaction, collection);
createUser(broker, sm, USER1_NAME, USER1_PWD);
createUser(broker, sm, USER2_NAME, USER2_PWD);
createUser(broker, sm, USERRM_NAME, USERRM_PWD);
final Group otherGroup = new GroupAider(OTHER_GROUP_NAME);
sm.addGroup(broker, otherGroup);
final Account user1 = sm.getAccount(USER1_NAME);
user1.addGroup(OTHER_GROUP_NAME);
sm.updateAccount(user1);
final Account user2 = sm.getAccount(USER2_NAME);
user2.addGroup(OTHER_GROUP_NAME);
sm.updateAccount(user2);
transaction.commit();
}
try (final DBBroker broker = pool.get(Optional.of(sm.getSystemSubject()));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
removeUser(sm, USERRM_NAME);
transaction.commit();
}
}
use of org.exist.security.internal.aider.GroupAider in project exist by eXist-db.
the class Deployment method checkUserSettings.
private void checkUserSettings(final DBBroker broker, final RequestedPerms requestedPerms) throws PackageException {
final org.exist.security.SecurityManager secman = broker.getBrokerPool().getSecurityManager();
try {
if (requestedPerms.group.filter(g -> !secman.hasGroup(g)).isPresent()) {
secman.addGroup(broker, new GroupAider(requestedPerms.group.get()));
}
if (!secman.hasAccount(requestedPerms.user)) {
final UserAider aider = new UserAider(requestedPerms.user);
aider.setPassword(requestedPerms.password);
requestedPerms.group.ifPresent(aider::addGroup);
secman.addAccount(broker, aider);
}
} catch (final PermissionDeniedException | EXistException e) {
throw new PackageException("Failed to create user: " + requestedPerms.user, e);
}
}
use of org.exist.security.internal.aider.GroupAider in project exist by eXist-db.
the class RemoteUserManagementService method getGroup.
@Override
public Group getGroup(final String name) throws XMLDBException {
try {
final List<Object> params = new ArrayList<>();
params.add(name);
final Map<String, Object> tab = (Map<String, Object>) collection.execute("getGroup", params);
if (tab != null && !tab.isEmpty()) {
final Group group = new GroupAider((Integer) tab.get("id"), (String) tab.get("realmId"), (String) tab.get("name"));
final Object[] managers = (Object[]) tab.get("managers");
for (final Object manager : managers) {
group.addManager(getAccount((String) manager));
}
final Map<String, String> metadata = (Map<String, String>) tab.get("metadata");
for (final Map.Entry<String, String> m : metadata.entrySet()) {
if (AXSchemaType.valueOfNamespace(m.getKey()) != null) {
group.setMetadataValue(AXSchemaType.valueOfNamespace(m.getKey()), m.getValue());
} else if (EXistSchemaType.valueOfNamespace(m.getKey()) != null) {
group.setMetadataValue(EXistSchemaType.valueOfNamespace(m.getKey()), m.getValue());
}
}
return group;
}
return null;
} catch (final PermissionDeniedException pde) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, pde);
}
}
use of org.exist.security.internal.aider.GroupAider in project exist by eXist-db.
the class XmldbApiSecurityTest method createGroup.
@Override
protected void createGroup(String group_uid, String uid, String pwd) throws ApiException {
Collection col = null;
try {
col = DatabaseManager.getCollection(getBaseUri() + "/db", uid, pwd);
final UserManagementService ums = (UserManagementService) col.getService("UserManagementService", "1.0");
Group group = new GroupAider("exist", group_uid);
ums.addGroup(group);
} catch (final XMLDBException xmldbe) {
throw new ApiException(xmldbe);
} finally {
if (col != null) {
try {
col.close();
} catch (final XMLDBException xmldbe) {
throw new ApiException(xmldbe);
}
}
}
}
use of org.exist.security.internal.aider.GroupAider in project exist by eXist-db.
the class RpcConnection method updateGroup.
@Override
public boolean updateGroup(final String name, final List<String> managers, final Map<String, String> metadata) throws EXistException, PermissionDeniedException {
final SecurityManager manager = factory.getBrokerPool().getSecurityManager();
if (manager.hasGroup(name)) {
final GroupAider group = new GroupAider(name);
for (final String groupManager : managers) {
group.addManager(new UserAider(groupManager));
}
if (metadata != null) {
for (final Map.Entry<String, String> m : metadata.entrySet()) {
if (AXSchemaType.valueOfNamespace(m.getKey()) != null) {
group.setMetadataValue(AXSchemaType.valueOfNamespace(m.getKey()), m.getValue());
} else if (EXistSchemaType.valueOfNamespace(m.getKey()) != null) {
group.setMetadataValue(EXistSchemaType.valueOfNamespace(m.getKey()), m.getValue());
}
}
}
withDb((broker, transaction) -> manager.updateGroup(group));
return true;
} else {
return false;
}
}
Aggregations