Search in sources :

Example 21 with GroupAider

use of org.exist.security.internal.aider.GroupAider in project exist by eXist-db.

the class BackupRestoreSecurityPrincipalsTest method createUser.

private void createUser(final String username, final String password) throws XMLDBException, PermissionDeniedException {
    final UserManagementService ums = (UserManagementService) server.getRoot().getService("UserManagementService", "1.0");
    final Account user = new UserAider(username);
    user.setPassword(password);
    // create the personal group
    final Group group = new GroupAider(username);
    group.setMetadataValue(EXistSchemaType.DESCRIPTION, "Personal group for " + username);
    group.addManager(ums.getAccount("admin"));
    ums.addGroup(group);
    // add the personal group as the primary group
    user.addGroup(username);
    // create the account
    ums.addAccount(user);
    // add the new account as a manager of their personal group
    ums.addGroupManager(username, group.getName());
}
Also used : UserManagementService(org.exist.xmldb.UserManagementService) UserAider(org.exist.security.internal.aider.UserAider) GroupAider(org.exist.security.internal.aider.GroupAider)

Example 22 with GroupAider

use of org.exist.security.internal.aider.GroupAider in project exist by eXist-db.

the class PermissionsFunctionChmodTest method prepareDb.

@BeforeClass
public static void prepareDb() throws EXistException, PermissionDeniedException, IOException, TriggerException {
    final BrokerPool pool = existWebServer.getBrokerPool();
    final SecurityManager sm = pool.getSecurityManager();
    try (final DBBroker broker = pool.get(Optional.of(sm.getSystemSubject()));
        final Txn transaction = pool.getTransactionManager().beginTransaction()) {
        final Collection collection = broker.getOrCreateCollection(transaction, TestConstants.TEST_COLLECTION_URI);
        PermissionFactory.chmod(broker, collection, Optional.of(511), Optional.empty());
        broker.saveCollection(transaction, collection);
        createUser(broker, sm, USER1_NAME, USER1_PWD);
        createUser(broker, sm, USER2_NAME, USER2_PWD);
        final Group otherGroup = new GroupAider(OTHER_GROUP_NAME);
        sm.addGroup(broker, otherGroup);
        final Account user1 = sm.getAccount(USER1_NAME);
        user1.addGroup(OTHER_GROUP_NAME);
        sm.updateAccount(user1);
        final Account user2 = sm.getAccount(USER2_NAME);
        user2.addGroup(OTHER_GROUP_NAME);
        sm.updateAccount(user2);
        transaction.commit();
    }
}
Also used : DBBroker(org.exist.storage.DBBroker) SecurityManager(org.exist.security.SecurityManager) Collection(org.exist.collections.Collection) Txn(org.exist.storage.txn.Txn) GroupAider(org.exist.security.internal.aider.GroupAider) BrokerPool(org.exist.storage.BrokerPool)

Example 23 with GroupAider

use of org.exist.security.internal.aider.GroupAider in project exist by eXist-db.

the class RemoteUserManagementService method getAccount.

@Override
public Account getAccount(final String name) throws XMLDBException {
    try {
        final List<Object> params = new ArrayList<>();
        params.add(name);
        final Map tab = (Map) collection.execute("getAccount", params);
        if (tab == null || tab.isEmpty()) {
            return null;
        }
        final UserAider u;
        if (tab.get("default-group-id") != null) {
            final GroupAider defaultGroup = new GroupAider((Integer) tab.get("default-group-id"), (String) tab.get("default-group-realmId"), (String) tab.get("default-group-name"));
            u = new UserAider((String) tab.get("realmId"), (String) tab.get("name"), defaultGroup);
        } else {
            u = new UserAider((String) tab.get("realmId"), (String) tab.get("name"));
        }
        final Object[] groups = (Object[]) tab.get("groups");
        for (final Object group : groups) {
            u.addGroup((String) group);
        }
        u.setEnabled(Boolean.parseBoolean((String) tab.get("enabled")));
        u.setUserMask((Integer) tab.get("umask"));
        final Map<String, String> metadata = (Map<String, String>) tab.get("metadata");
        for (final Map.Entry<String, String> m : metadata.entrySet()) {
            if (AXSchemaType.valueOfNamespace(m.getKey()) != null) {
                u.setMetadataValue(AXSchemaType.valueOfNamespace(m.getKey()), m.getValue());
            } else if (EXistSchemaType.valueOfNamespace(m.getKey()) != null) {
                u.setMetadataValue(EXistSchemaType.valueOfNamespace(m.getKey()), m.getValue());
            }
        }
        return u;
    } catch (final XMLDBException e) {
        return null;
    }
}
Also used : XMLDBException(org.xmldb.api.base.XMLDBException) UserAider(org.exist.security.internal.aider.UserAider) GroupAider(org.exist.security.internal.aider.GroupAider)

Aggregations

GroupAider (org.exist.security.internal.aider.GroupAider)23 UserAider (org.exist.security.internal.aider.UserAider)15 UserManagementService (org.exist.xmldb.UserManagementService)8 XMLDBException (org.xmldb.api.base.XMLDBException)7 SecurityManager (org.exist.security.SecurityManager)6 DBBroker (org.exist.storage.DBBroker)5 EXistException (org.exist.EXistException)4 PermissionDeniedException (org.exist.security.PermissionDeniedException)4 Test (org.junit.Test)4 Collection (org.exist.collections.Collection)3 Group (org.exist.security.Group)3 BrokerPool (org.exist.storage.BrokerPool)3 Txn (org.exist.storage.txn.Txn)3 IOException (java.io.IOException)2 LockedDocumentMap (org.exist.storage.lock.LockedDocumentMap)2 Before (org.junit.Before)2 Collection (org.xmldb.api.base.Collection)2 Either (com.evolvedbinary.j8fu.Either)1 BufferedInputStream (java.io.BufferedInputStream)1 InputStream (java.io.InputStream)1