use of org.exist.storage.txn.Txn in project exist by eXist-db.
the class NodeTest method setUp.
@BeforeClass
public static void setUp() throws Exception {
final BrokerPool pool = existEmbeddedServer.getBrokerPool();
final TransactionManager transact = pool.getTransactionManager();
try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()));
final Txn transaction = transact.beginTransaction()) {
root = broker.getOrCreateCollection(transaction, XmldbURI.create(XmldbURI.ROOT_COLLECTION + "/test"));
assertNotNull(root);
broker.saveCollection(transaction, root);
broker.storeDocument(transaction, XmldbURI.create("test.xml"), new StringInputSource(XML), MimeType.XML_TYPE, root);
transact.commit(transaction);
}
}
use of org.exist.storage.txn.Txn in project exist by eXist-db.
the class NodeTest method tearDown.
@AfterClass
public static void tearDown() throws EXistException, PermissionDeniedException, IOException, TriggerException {
final BrokerPool pool = existEmbeddedServer.getBrokerPool();
final TransactionManager transact = pool.getTransactionManager();
try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()));
final Txn transaction = transact.beginTransaction()) {
root = broker.getOrCreateCollection(transaction, XmldbURI.create(XmldbURI.ROOT_COLLECTION + "/test"));
assertNotNull(root);
broker.removeCollection(transaction, root);
transact.commit(transaction);
}
}
use of org.exist.storage.txn.Txn in project exist by eXist-db.
the class FnCollectionSecurityTest method cannotAccessCollectionInCollectionHierarchyWithDeniedExecute.
@Test(expected = PermissionDeniedException.class)
public void cannotAccessCollectionInCollectionHierarchyWithDeniedExecute() throws EXistException, AuthenticationException, PermissionDeniedException, XPathException {
// as docTestUser1 user
final String query = "fn:collection('" + TEST_SUB_COLLECTION_1_1 + "')";
final BrokerPool pool = server.getBrokerPool();
final SecurityManager securityManager = pool.getSecurityManager();
final Subject testUser1 = securityManager.authenticate(TEST_USER_1, TEST_USER_1);
try (final DBBroker broker = pool.get(Optional.of(testUser1));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
final XQuery xqueryService = pool.getXQueryService();
final Sequence result = xqueryService.execute(broker, query, null);
fail("Expected PermissionDeniedException via XPathException");
transaction.commit();
} catch (final XPathException e) {
if (e.getCause() != null && e.getCause() instanceof PermissionDeniedException) {
throw (PermissionDeniedException) e.getCause();
} else {
throw e;
}
}
}
use of org.exist.storage.txn.Txn in project exist by eXist-db.
the class FnCollectionSecurityTest method cannotAccessCollectionInCollectionHierarchyWithDeniedReadAndExecuteAce.
@Test(expected = PermissionDeniedException.class)
public void cannotAccessCollectionInCollectionHierarchyWithDeniedReadAndExecuteAce() throws EXistException, AuthenticationException, PermissionDeniedException, XPathException {
// as docTestUser1 user
final String query = "fn:collection('" + TEST_SUB_COLLECTION_2_2 + "')";
final BrokerPool pool = server.getBrokerPool();
final SecurityManager securityManager = pool.getSecurityManager();
final Subject testUser1 = securityManager.authenticate(TEST_USER_1, TEST_USER_1);
try (final DBBroker broker = pool.get(Optional.of(testUser1));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
final XQuery xqueryService = pool.getXQueryService();
final Sequence result = xqueryService.execute(broker, query, null);
fail("Expected PermissionDeniedException via XPathException");
transaction.commit();
} catch (final XPathException e) {
if (e.getCause() != null && e.getCause() instanceof PermissionDeniedException) {
throw (PermissionDeniedException) e.getCause();
} else {
throw e;
}
}
}
use of org.exist.storage.txn.Txn in project exist by eXist-db.
the class FnDocSecurityTest method cannotAccessRestrictedDocument.
@Test(expected = PermissionDeniedException.class)
public void cannotAccessRestrictedDocument() throws EXistException, AuthenticationException, PermissionDeniedException, XPathException, IOException, SAXException {
// as docTestUser1 user
final String query = "fn:doc('" + TEST_DOC_URI_SYSTEM_ONLY + "')";
final BrokerPool pool = server.getBrokerPool();
final SecurityManager securityManager = pool.getSecurityManager();
final Subject testUser1 = securityManager.authenticate(TEST_USER_1, TEST_USER_1);
try (final DBBroker broker = pool.get(Optional.of(testUser1));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
final XQuery xqueryService = pool.getXQueryService();
final Sequence result = xqueryService.execute(broker, query, null);
fail("Expected PermissionDeniedException via XPathException");
transaction.commit();
} catch (final XPathException e) {
if (e.getCause() != null && e.getCause() instanceof PermissionDeniedException) {
throw (PermissionDeniedException) e.getCause();
} else {
throw e;
}
}
}
Aggregations