Examples with EXistXPathQueryService org.exist.xmldb.EXistXPathQueryService used on opensource projects

Search in sources :

Example 11 with EXistXPathQueryService

use of org.exist.xmldb.EXistXPathQueryService in project exist by eXist-db.

the class XMLDBSecurityTest method setUidXQueryCanWriteRestrictedCollection.

@Test
public void setUidXQueryCanWriteRestrictedCollection() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    final long timestamp = System.currentTimeMillis();
    final String content = "<setuid>" + timestamp + "</setuid>";
    // create an XQuery /db/securityTest1/setuid.xquery
    final String xquery = "xmldb:store('/db/securityTest1/forSetUidWrite', 'setuid.xml', " + content + ")";
    Resource xqueryResource = test.createResource("setuid.xquery", "BinaryResource");
    xqueryResource.setContent(xquery);
    test.storeResource(xqueryResource);
    // set the xquery to be owned by 'test1' and set it 'setuid', and set it 'rx' by 'users' group so 'test2' can execute it!
    UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    xqueryResource = test.getResource("setuid.xquery");
    ums.chmod(xqueryResource, 04750);
    // create a collection for the XQuery to write into
    final CollectionManagementService cms = (CollectionManagementService) test.getService("CollectionManagementService", "1.0");
    final Collection colForSetUid = cms.createCollection("forSetUidWrite");
    // only allow the user 'test1' to write into the collection
    ums = (UserManagementService) colForSetUid.getService("UserManagementService", "1.0");
    ums.chmod(0700);
    // execute the XQuery as the 'test2' user... it should become 'setuid' of 'test1' and succeed.
    final Collection test2 = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test2", "test2");
    final EXistXPathQueryService queryService = (EXistXPathQueryService) test2.getService("XPathQueryService", "1.0");
    final ResourceSet result = queryService.executeStoredQuery("/db/securityTest1/setuid.xquery");
    assertEquals("/db/securityTest1/forSetUidWrite/setuid.xml", result.getResource(0).getContent());
    // check the written content
    final Resource writtenXmlResource = colForSetUid.getResource("setuid.xml");
    assertEquals(content, writtenXmlResource.getContent());
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) EXistXPathQueryService(org.exist.xmldb.EXistXPathQueryService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) ResourceSet(org.xmldb.api.base.ResourceSet) Test(org.junit.Test)

Example 12 with EXistXPathQueryService

use of org.exist.xmldb.EXistXPathQueryService in project exist by eXist-db.

the class XMLDBSecurityTest method setGidXQueryCanWriteRestrictedCollection.

@Test
public void setGidXQueryCanWriteRestrictedCollection() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test1", "test1");
    final long timestamp = System.currentTimeMillis();
    final String content = "<setgid>" + timestamp + "</setgid>";
    // create an XQuery /db/securityTest1/setuid.xquery
    final String xquery = "xmldb:store('/db/securityTest2/forSetGidWrite', 'setgid.xml', " + content + ")";
    Resource xqueryResource = test.createResource("setgid.xquery", "BinaryResource");
    xqueryResource.setContent(xquery);
    test.storeResource(xqueryResource);
    // set the xquery to be owned by 'test1':'users' and set it 'setgid', and set it 'rx' by ohers, so 'test3' can execute it!
    UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    xqueryResource = test.getResource("setgid.xquery");
    ums.chown(xqueryResource, ums.getAccount("test1"), "users");
    // setgid
    ums.chmod(xqueryResource, 02705);
    // create a collection for the XQuery to write into
    final CollectionManagementService cms = (CollectionManagementService) test.getService("CollectionManagementService", "1.0");
    final Collection colForSetUid = cms.createCollection("forSetGidWrite");
    // only allow the group 'users' to write into the collection
    ums = (UserManagementService) colForSetUid.getService("UserManagementService", "1.0");
    ums.chmod(0570);
    // execute the XQuery as the 'test3' user... it should become 'setgid' of 'users' and succeed.
    final Collection test3 = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test3", "test3");
    final EXistXPathQueryService queryService = (EXistXPathQueryService) test3.getService("XPathQueryService", "1.0");
    final ResourceSet result = queryService.executeStoredQuery("/db/securityTest2/setgid.xquery");
    assertEquals("/db/securityTest2/forSetGidWrite/setgid.xml", result.getResource(0).getContent());
    // check the written content
    final Resource writtenXmlResource = colForSetUid.getResource("setgid.xml");
    assertEquals(content, writtenXmlResource.getContent());
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) EXistXPathQueryService(org.exist.xmldb.EXistXPathQueryService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) ResourceSet(org.xmldb.api.base.ResourceSet) Test(org.junit.Test)

Example 13 with EXistXPathQueryService

use of org.exist.xmldb.EXistXPathQueryService in project exist by eXist-db.

the class XMLDBSecurityTest method canExecuteXQueryWithOnlyExecuteAndReadPermission.

/**
 * Note the eventual goal is for XQuery to be executeable in eXist
 * with just the EXECUTE flag set, this however will require some
 * serious refactoring. See my (Adam) posts to exist-open thread entitled
 * '[HEADS-UP] Merge in of Security Branch', most significant
 * messages from 08/02/2012
 */
@Test
public void canExecuteXQueryWithOnlyExecuteAndReadPermission() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    final String xquery = "<xquery>{ 1 + 2 }</xquery>";
    Resource xqueryResource = test.createResource("test.xquery", BinaryResource.RESOURCE_TYPE);
    xqueryResource.setContent(xquery);
    test.storeResource(xqueryResource);
    // execute only on xquery
    ums.chmod(xqueryResource, "r-x------");
    test.close();
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    xqueryResource = test.getResource("test.xquery");
    assertEquals(xquery, new String((byte[]) xqueryResource.getContent()));
    // execute the stored XQuery
    final EXistXPathQueryService queryService = (EXistXPathQueryService) test.getService("XPathQueryService", "1.0");
    final ResourceSet result = queryService.executeStoredQuery("/db/securityTest1/test.xquery");
    assertEquals("<xquery>3</xquery>", result.getResource(0).getContent());
}
Also used : EXistXPathQueryService(org.exist.xmldb.EXistXPathQueryService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) ResourceSet(org.xmldb.api.base.ResourceSet) Test(org.junit.Test)

Example 14 with EXistXPathQueryService

use of org.exist.xmldb.EXistXPathQueryService in project exist by eXist-db.

the class CollectionRemovalTest method doQuery.

private void doQuery(final int expected) throws XMLDBException {
    final org.xmldb.api.base.Collection testCollection = DatabaseManager.getCollection("xmldb:exist://" + TestConstants.TEST_COLLECTION_URI.toString(), "admin", "");
    if (testCollection == null) {
        return;
    }
    final EXistXPathQueryService service = (EXistXPathQueryService) testCollection.getService("XQueryService", "1.0");
    ResourceSet result = service.query(QUERY1);
    assertEquals(expected, result.getSize());
    result = service.query(QUERY2);
    assertEquals(expected, result.getSize());
}
Also used : EXistXPathQueryService(org.exist.xmldb.EXistXPathQueryService) ResourceSet(org.xmldb.api.base.ResourceSet) Database(org.xmldb.api.base.Database)

Example 15 with EXistXPathQueryService

use of org.exist.xmldb.EXistXPathQueryService in project exist by eXist-db.

the class XQueryAction method execute.

@Override
public boolean execute() throws XMLDBException {
    final long start = System.currentTimeMillis();
    final Collection col = DatabaseManager.getCollection(collectionPath);
    final EXistXPathQueryService service = (EXistXPathQueryService) col.getService("XPathQueryService", "1.0");
    // service.beginProtected();
    final ResourceSet result = service.query(xquery);
    final DefaultHandler handler = new DefaultHandler();
    for (int i = 0; i < result.getSize(); i++) {
        final XMLResource next = (XMLResource) result.getResource((long) i);
        next.getContentAsSAX(handler);
    }
    // service.endProtected();
    runningTime += (System.currentTimeMillis() - start);
    called++;
    return true;
}
Also used : EXistXPathQueryService(org.exist.xmldb.EXistXPathQueryService) Collection(org.xmldb.api.base.Collection) ResourceSet(org.xmldb.api.base.ResourceSet) XMLResource(org.xmldb.api.modules.XMLResource) DefaultHandler(org.xml.sax.helpers.DefaultHandler)

Aggregations

EXistXPathQueryService (org.exist.xmldb.EXistXPathQueryService)15 ResourceSet (org.xmldb.api.base.ResourceSet)13 Collection (org.xmldb.api.base.Collection)12 Test (org.junit.Test)10 XMLResource (org.xmldb.api.modules.XMLResource)10 Resource (org.xmldb.api.base.Resource)8 UserManagementService (org.exist.xmldb.UserManagementService)7 BinaryResource (org.xmldb.api.modules.BinaryResource)7 EXistCollectionManagementService (org.exist.xmldb.EXistCollectionManagementService)4 CollectionManagementService (org.xmldb.api.modules.CollectionManagementService)4 Random (java.util.Random)1 Source (javax.xml.transform.Source)1 DetailedDiff (org.custommonkey.xmlunit.DetailedDiff)1 EXistResource (org.exist.xmldb.EXistResource)1 DefaultHandler (org.xml.sax.helpers.DefaultHandler)1 Database (org.xmldb.api.base.Database)1 XPathQueryService (org.xmldb.api.modules.XPathQueryService)1 Diff (org.xmlunit.diff.Diff)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial