Example 21 with BrokerPool
use of org.exist.storage.BrokerPool in project exist by eXist-db.
the class GroupManagementFunctionRemoveGroupTest method deleteUsersPersonalPrimaryGroup.
@Test(expected = PermissionDeniedException.class)
public void deleteUsersPersonalPrimaryGroup() throws PermissionDeniedException, EXistException {
final BrokerPool pool = existWebServer.getBrokerPool();
final SecurityManager sm = pool.getSecurityManager();
// create user with personal group as primary group
try (final DBBroker broker = pool.get(Optional.of(sm.getSystemSubject()));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
createUser(broker, sm, USER1_NAME, USER1_PWD);
transaction.commit();
}
// check that the user is as we expect
String user1PrimaryGroup = null;
try (final DBBroker broker = pool.get(Optional.of(sm.getSystemSubject()));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
final Account user1 = sm.getAccount(USER1_NAME);
user1PrimaryGroup = user1.getPrimaryGroup();
assertEquals(USER1_NAME, user1PrimaryGroup);
assertArrayEquals(new String[] { USER1_NAME }, user1.getGroups());
transaction.commit();
}
// attempt to remove the primary group of the user
try (final DBBroker broker = pool.get(Optional.of(sm.getSystemSubject()));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
sm.deleteGroup(user1PrimaryGroup);
fail("Should have received: PermissionDeniedException: Account 'user1' still has 'user1' as their primary group!");
transaction.commit();
}
}
Also used :
DBBroker(org.exist.storage.DBBroker)
SecurityManager(org.exist.security.SecurityManager)
Txn(org.exist.storage.txn.Txn)
BrokerPool(org.exist.storage.BrokerPool)
Example 22 with BrokerPool
use of org.exist.storage.BrokerPool in project exist by eXist-db.
the class PermissionsFunctionChownTest method changeCollectionGroupToSelfAsNonDBAOwner_clearsSetUidAndSetGid.
/**
* With {@code posix-chown-restricted="false"},
* as the collection owner user change the group of {@link #USER1_COL2} from "user1" to "user1".
* Finally make sure that chown has cleared the setUid and setGid bits.
*/
@Test
public void changeCollectionGroupToSelfAsNonDBAOwner_clearsSetUidAndSetGid() throws AuthenticationException, EXistException, PermissionDeniedException, XPathException {
final BrokerPool pool = existWebServer.getBrokerPool();
final Subject user1 = pool.getSecurityManager().authenticate(USER1_NAME, USER1_PWD);
// check the setUid and setGid bits are set before we begin
assertCollectionSetUidSetGid(user1, TestConstants.TEST_COLLECTION_URI.append(USER1_COL2), IS_SET);
// change the owner
changeGroup(user1, NOT_RESTRICTED, TestConstants.TEST_COLLECTION_URI.append(USER1_COL2), USER1_NAME);
// check the setUid and setGid bits are now cleared
assertCollectionSetUidSetGid(user1, TestConstants.TEST_COLLECTION_URI.append(USER1_COL2), NOT_SET);
}
Also used :
BrokerPool(org.exist.storage.BrokerPool)
Example 23 with BrokerPool
use of org.exist.storage.BrokerPool in project exist by eXist-db.
the class PermissionsFunctionChownTest method changeDocumentOwnerToSelfAsDBA_preservesSetUidAndSetGid_restricted.
/**
* With {@code posix-chown-restricted="true"},
* as the DBA user change the owner of {@link #USER1_DOC1} from "user1" to "user1".
* Finally make sure that chown has preserved the setUid and setGid bits.
*/
@Test
public void changeDocumentOwnerToSelfAsDBA_preservesSetUidAndSetGid_restricted() throws EXistException, PermissionDeniedException, XPathException {
final BrokerPool pool = existWebServer.getBrokerPool();
final Subject user1 = pool.getSecurityManager().getSystemSubject();
// check the setUid and setGid bits are set before we begin
assertDocumentSetUidSetGid(user1, TestConstants.TEST_COLLECTION_URI.append(USER1_XQUERY1), IS_SET);
// change the owner
changeOwner(user1, RESTRICTED, TestConstants.TEST_COLLECTION_URI.append(USER1_XQUERY1), USER1_NAME);
// check the setUid and setGid bits are still set
assertDocumentSetUidSetGid(user1, TestConstants.TEST_COLLECTION_URI.append(USER1_XQUERY1), IS_SET);
}
Also used :
BrokerPool(org.exist.storage.BrokerPool)
Example 24 with BrokerPool
use of org.exist.storage.BrokerPool in project exist by eXist-db.
the class PermissionsFunctionChownTest method changeDocumentOwnerToSelfAsNonDBAOwner_clearsSetUidAndSetGid_restricted.
/**
* With {@code posix-chown-restricted="true"},
* as the document owner user change the owner of {@link #USER1_DOC1} from "user1" to "user1".
* Finally make sure that chown has cleared the setUid and setGid bits.
*/
@Test
public void changeDocumentOwnerToSelfAsNonDBAOwner_clearsSetUidAndSetGid_restricted() throws AuthenticationException, EXistException, PermissionDeniedException, XPathException {
final BrokerPool pool = existWebServer.getBrokerPool();
final Subject user1 = pool.getSecurityManager().authenticate(USER1_NAME, USER1_PWD);
// check the setUid and setGid bits are set before we begin
assertDocumentSetUidSetGid(user1, TestConstants.TEST_COLLECTION_URI.append(USER1_XQUERY1), IS_SET);
// change the owner
changeOwner(user1, RESTRICTED, TestConstants.TEST_COLLECTION_URI.append(USER1_XQUERY1), USER1_NAME);
// check the setUid and setGid bits are now cleared
assertDocumentSetUidSetGid(user1, TestConstants.TEST_COLLECTION_URI.append(USER1_XQUERY1), NOT_SET);
}
Also used :
BrokerPool(org.exist.storage.BrokerPool)
Example 25 with BrokerPool
use of org.exist.storage.BrokerPool in project exist by eXist-db.
the class PermissionsFunctionChownTest method teardown.
@After
public void teardown() throws EXistException, PermissionDeniedException, IOException, TriggerException, LockException {
final BrokerPool pool = existWebServer.getBrokerPool();
try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
removeDocument(broker, transaction, TestConstants.TEST_COLLECTION_URI.append(USER1_DOC1));
removeCollection(broker, transaction, TestConstants.TEST_COLLECTION_URI.append(USER1_COL2));
removeCollection(broker, transaction, TestConstants.TEST_COLLECTION_URI.append(USER1_COL1));
transaction.commit();
}
}
Also used :
DBBroker(org.exist.storage.DBBroker)
Txn(org.exist.storage.txn.Txn)
BrokerPool(org.exist.storage.BrokerPool)
Aggregations
BrokerPool (org.exist.storage.BrokerPool)381
DBBroker (org.exist.storage.DBBroker)300
Txn (org.exist.storage.txn.Txn)180
Sequence (org.exist.xquery.value.Sequence)157
Test (org.junit.Test)115
XQuery (org.exist.xquery.XQuery)105
Collection (org.exist.collections.Collection)71
StringInputSource (org.exist.util.StringInputSource)66
TransactionManager (org.exist.storage.txn.TransactionManager)61
Source (org.exist.source.Source)43
StringSource (org.exist.source.StringSource)40
CompiledXQuery (org.exist.xquery.CompiledXQuery)38
Path (java.nio.file.Path)22
XmldbURI (org.exist.xmldb.XmldbURI)21
XPathException (org.exist.xquery.XPathException)21
Properties (java.util.Properties)20
LockedDocument (org.exist.dom.persistent.LockedDocument)20
InputSource (org.xml.sax.InputSource)20
IOException (java.io.IOException)19
XQueryContext (org.exist.xquery.XQueryContext)19
