Examples with EXistCollectionManagementService org.exist.xmldb.EXistCollectionManagementService used on opensource projects

Example 11 with EXistCollectionManagementService

use of org.exist.xmldb.EXistCollectionManagementService in project exist by eXist-db.

the class XMLDBSecurityTest method copyCollectionWithResources_destResourceExists_destResourceIsWritable_preservePermissions.

/**
 * As the 'test1' user, creates the collection and resource:
 *
 *  test1:users /db/securityTest3/source
 *  test1:users /db/securityTest3/source/source1.xml
 *  test1:users /db/securityTest3/source/source2.xml
 *
 * We then also create the Collection
 *  test1:users /db/securityTest3/copy-of-source (0777)
 * so that the destination (for the copy we are about
 * to do) already exists and is writable.
 * We then create the resource
 *  test1:users /db/securityTest/copy-of-source/source1.xml
 * and set it so that it is writable by all (0777)...
 *
 * As the 'test3' user, copy the collection:
 *
 *  /db/securityTest3/source
 *      -> /db/securityTest3/copy-of-source
 *
 * The test should prove that during a copy, existing
 * documents in the dest are replaced as long as the
 * dest collection has write permission and that the
 * permissions on the dest resource must also be writable
 * and that the existing permissions on the dest
 * resource will be preserved
 */
@Test
public void copyCollectionWithResources_destResourceExists_destResourceIsWritable_preservePermissions() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test1", "test1");
    EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    // create collection owned by "test1", and group "users" in /db/securityTest3
    Collection source = cms.createCollection("source");
    // create resource owned by "test1", and group "users" in /db/securityTest3/source
    Resource resSource = source.createResource("source1.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test1/>");
    source.storeResource(resSource);
    resSource = source.createResource("source2.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test2/>");
    source.storeResource(resSource);
    // pre-create the destination and set writable by all
    final Collection dest = cms.createCollection("copy-of-source");
    UserManagementService ums = (UserManagementService) dest.getService("UserManagementService", "1.0");
    ums.chmod(0777);
    // pre-create a destination resource and set access for all
    Resource resDestSource1 = dest.createResource("source1.xml", XMLResource.RESOURCE_TYPE);
    resDestSource1.setContent("<old/>");
    dest.storeResource(resDestSource1);
    ums.chmod(resDestSource1, 0777);
    // as the 'test3' user copy the collection
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test3", "test3");
    cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.copy("/db/securityTest3/source", "/db/securityTest3", "copy-of-source");
    final Collection copyOfSource = test.getChildCollection("copy-of-source");
    assertNotNull(copyOfSource);
    assertEquals(2, copyOfSource.listResources().length);
    ums = (UserManagementService) copyOfSource.getService("UserManagementService", "1.0");
    // permissions should NOT have changed as the dest already existed!
    Permission permissions = ums.getPermissions(copyOfSource);
    assertEquals("test1", permissions.getOwner().getName());
    assertEquals("users", permissions.getGroup().getName());
    final Resource resCopyOfSource1 = copyOfSource.getResource("source1.xml");
    assertEquals("<test1/>", resCopyOfSource1.getContent().toString());
    // permissions should NOT have changed as the dest resource already existed!
    permissions = ums.getPermissions(resCopyOfSource1);
    assertEquals("test1", permissions.getOwner().getName());
    assertEquals("users", permissions.getGroup().getName());
    final Resource resCopyOfSource2 = copyOfSource.getResource("source2.xml");
    assertEquals("<test2/>", resCopyOfSource2.getContent().toString());
    // permissions SHOULD have changed as the dest resource is did NOT exist
    permissions = ums.getPermissions(resCopyOfSource2);
    assertEquals("test3", permissions.getOwner().getName());
    assertEquals("guest", permissions.getGroup().getName());
}

Example 12 with EXistCollectionManagementService

use of org.exist.xmldb.EXistCollectionManagementService in project exist by eXist-db.

the class XMLDBSecurityTest method noSetGid_copyCollection_collectionGroupIsUsersPrimaryGroup.

@Test
public void noSetGid_copyCollection_collectionGroupIsUsersPrimaryGroup() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test1", "test1");
    EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    // create the /db/securityTest2/src collection
    Collection srcCollection = cms.createCollection("src");
    // create /db/securityTest2/parentCollection with owner "test1:users" and mode "rwxrwxrwx"
    Collection parentCollection = cms.createCollection("parentCollection");
    UserManagementService ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    ums.chmod("rwxrwxrwx");
    // now copy /db/securityTest2/src to /db/securityTest2/parentCollection/src
    // as "user3:guest", it should have it's group set to the primary group of "user3" i.e. 'guest'
    // as the collection is NOT setGid and it should NOT have it's setGid bit set
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test3", "test3");
    cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.copy("src", "/db/securityTest2/parentCollection", "src");
    parentCollection = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2/parentCollection", "test3", "test3");
    ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    srcCollection = test.getChildCollection("src");
    final Collection destCollection = parentCollection.getChildCollection("src");
    final Permission permissions = ums.getPermissions(destCollection);
    assertEquals("guest", permissions.getGroup().getName());
    assertFalse(permissions.isSetGid());
}

Example 13 with EXistCollectionManagementService

use of org.exist.xmldb.EXistCollectionManagementService in project exist by eXist-db.

the class XMLDBSecurityTest method copyCollectionWithResources_withSubCollectionWithResource_doesNotPreservePermissions.

/**
 * As the 'test1' user, creates the collection and resource:
 *
 *  test1:users /db/securityTest3/source
 *  test1:users /db/securityTest3/source/source1.xml
 *  test1:users /db/securityTest3/source/source2.xml
 *  test1:users /db/securityTest3/source/sub
 *  test1:users /db/securityTest3/source/sub/sub1.xml
 *
 * As the 'test3' user, copy the collection:
 *
 *  /db/securityTest3/source
 *      -> /db/securityTest3/copy-of-source
 */
@Test
public void copyCollectionWithResources_withSubCollectionWithResource_doesNotPreservePermissions() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test1", "test1");
    EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    // create collection owned by "test1", and group "users" in /db/securityTest3
    Collection source = cms.createCollection("source");
    // create resource owned by "test1", and group "users" in /db/securityTest3/source
    Resource resSource = source.createResource("source1.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test/>");
    source.storeResource(resSource);
    resSource = source.createResource("source2.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test/>");
    source.storeResource(resSource);
    // create sub-collection "sub" owned by "test1", and group "users" in /db/securityTest3/source
    CollectionManagementService cms1 = (EXistCollectionManagementService) source.getService("CollectionManagementService", "1.0");
    Collection sub = cms1.createCollection("sub");
    // create resource owned by "test1", and group "users" in /db/securityTest3/source/sub1
    Resource resSub = sub.createResource("sub1.xml", XMLResource.RESOURCE_TYPE);
    resSub.setContent("<test-sub/>");
    sub.storeResource(resSub);
    // as the 'test3' user copy the collection
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test3", "test3");
    cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.copy("/db/securityTest3/source", "/db/securityTest3", "copy-of-source");
    final Collection copyOfSource = test.getChildCollection("copy-of-source");
    assertNotNull(copyOfSource);
    assertEquals(2, copyOfSource.listResources().length);
    final Collection copyOfSub = copyOfSource.getChildCollection("sub");
    assertNotNull(copyOfSub);
    assertEquals(1, copyOfSub.listResources().length);
    // collection should be owned by test3:guest, i.e. permissions were not preserved from the test1 users doc /db/securityTest3/source
    UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    Permission permissions = ums.getPermissions(copyOfSource);
    assertEquals("test3", permissions.getOwner().getName());
    assertEquals("guest", permissions.getGroup().getName());
    // resource in collection should be owned by test3:guest, i.e. permissions were not preserved from the test1 users doc /db/securityTest3/source/source1.xml
    ums = (UserManagementService) copyOfSource.getService("UserManagementService", "1.0");
    final Resource resCopyOfSource1 = copyOfSource.getResource("source1.xml");
    permissions = ums.getPermissions(resCopyOfSource1);
    assertEquals("test3", permissions.getOwner().getName());
    assertEquals("guest", permissions.getGroup().getName());
    // resource in collection should be owned by test3:guest, i.e. permissions were not preserved from the test1 users doc /db/securityTest3/source/source2.xml
    final Resource resCopyOfSource2 = copyOfSource.getResource("source2.xml");
    permissions = ums.getPermissions(resCopyOfSource2);
    assertEquals("test3", permissions.getOwner().getName());
    assertEquals("guest", permissions.getGroup().getName());
    // sub-collection should be owned by test3:guest, i.e. permissions were not preserved from the test1 users doc /db/securityTest3/source/sub
    ums = (UserManagementService) copyOfSub.getService("UserManagementService", "1.0");
    permissions = ums.getPermissions(copyOfSub);
    assertEquals("test3", permissions.getOwner().getName());
    assertEquals("guest", permissions.getGroup().getName());
    // sub-collection/resource should be owned by test3:guest, i.e. permissions were not preserved from the test1 users doc /db/securityTest3/source/sub/sub1.xml
    final Resource resCopyOfSub1 = copyOfSub.getResource("sub1.xml");
    permissions = ums.getPermissions(resCopyOfSub1);
    assertEquals("test3", permissions.getOwner().getName());
    assertEquals("guest", permissions.getGroup().getName());
}

Example 14 with EXistCollectionManagementService

use of org.exist.xmldb.EXistCollectionManagementService in project exist by eXist-db.

the class XMLDBSecurityTest method setGid_copyCollection_collectionGroupInheritedFromParent.

@Test
public void setGid_copyCollection_collectionGroupInheritedFromParent() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test1", "test1");
    EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    // create the /db/securityTest2/src collection with owner "test1:extusers" and default mode
    Collection srcCollection = cms.createCollection("src");
    ums = (UserManagementService) srcCollection.getService("UserManagementService", "1.0");
    ums.chgrp("extusers");
    // create /db/securityTest2/parentCollection with owner "test1:users" and mode "rwxrwsrwx"
    Collection parentCollection = cms.createCollection("parentCollection");
    ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    ums.chmod("rwxrwsrwx");
    // now copy /db/securityTest2/src to /db/securityTest2/parentCollection/src
    // as "user3:guest", it should inherit the group ownership 'users' from the parent
    // collection which is setGid and it should have its setGid bit set
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test3", "test3");
    cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.copy("src", "/db/securityTest2/parentCollection", "src");
    parentCollection = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2/parentCollection", "test3", "test3");
    ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    final Collection destCollection = parentCollection.getChildCollection("src");
    final Permission permissions = ums.getPermissions(destCollection);
    assertEquals("users", permissions.getGroup().getName());
    assertTrue(permissions.isSetGid());
}

Example 15 with EXistCollectionManagementService

use of org.exist.xmldb.EXistCollectionManagementService in project exist by eXist-db.

the class XQueryTriggerTest method collectionMove.

/**
 * test a trigger fired by a Collection manipulations
 */
@Test
public void collectionMove() throws XMLDBException, URISyntaxException {
    final IndexQueryService idxConf = (IndexQueryService) testCollection.getService("IndexQueryService", "1.0");
    idxConf.configureCollection(COLLECTION_CONFIG);
    final XmldbURI srcURI = XmldbURI.xmldbUriFor("/db/testXQueryTrigger/test");
    final XmldbURI dstURI = XmldbURI.xmldbUriFor("/db/testXQueryTrigger/test-dst");
    final EXistCollectionManagementService service = (EXistCollectionManagementService) testCollection.getService("CollectionManagementService", "1.0");
    final Collection src = service.createCollection("test");
    assertNotNull(src);
    final Collection dst = service.createCollection("test-dst");
    assertNotNull(dst);
    service.move(srcURI, dstURI, null);
    // remove the trigger for the Collection under test
    idxConf.configureCollection(EMPTY_COLLECTION_CONFIG);
    ResourceSet result = existEmbeddedServer.executeQuery(BEFORE + CREATE + COLLECTION + testCollectionURI);
    assertEquals(1, result.getSize());
    result = existEmbeddedServer.executeQuery(AFTER + CREATE + COLLECTION + testCollectionURI);
    assertEquals(1, result.getSize());
    result = existEmbeddedServer.executeQuery(BEFORE + CREATE + COLLECTION + testDstCollectionURI);
    assertEquals(1, result.getSize());
    result = existEmbeddedServer.executeQuery(AFTER + CREATE + COLLECTION + testDstCollectionURI);
    assertEquals(1, result.getSize());
    result = existEmbeddedServer.executeQuery(BEFORE + MOVE + COLLECTION + testCollectionURI);
    assertEquals(1, result.getSize());
    result = existEmbeddedServer.executeQuery(AFTER + MOVE + COLLECTION + testDstTestCollectionURI);
    assertEquals(1, result.getSize());
    result = existEmbeddedServer.executeQuery(EVENTS);
    assertEquals(6, result.getSize());
}