Example 71 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class XMLDBSecurityTest method copyCollectionWithResources_destExists_destIsWritable.
/**
* As the 'test1' user, creates the collection and resource:
*
* test1:users /db/securityTest3/source
* test1:users /db/securityTest3/source/source1.xml
* test1:users /db/securityTest3/source/source2.xml
*
* We then also create the Collection
* test1:users /db/securityTest3/copy-of-source (0777)
* so that the destination (for the copy we are about
* to do) already exists and is writable...
*
* As the 'test3' user, copy the collection:
*
* /db/securityTest3/source
* -> /db/securityTest3/copy-of-source
*/
@Test
public void copyCollectionWithResources_destExists_destIsWritable() throws XMLDBException {
Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test1", "test1");
EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
// create collection owned by "test1", and group "users" in /db/securityTest3
Collection source = cms.createCollection("source");
// create resource owned by "test1", and group "users" in /db/securityTest3/source
Resource resSource = source.createResource("source1.xml", XMLResource.RESOURCE_TYPE);
resSource.setContent("<test/>");
source.storeResource(resSource);
resSource = source.createResource("source2.xml", XMLResource.RESOURCE_TYPE);
resSource.setContent("<test/>");
source.storeResource(resSource);
// pre-create the destination and set writable by all
final Collection dest = cms.createCollection("copy-of-source");
final UserManagementService ums = (UserManagementService) dest.getService("UserManagementService", "1.0");
ums.chmod(0777);
// as the 'test3' user copy the collection
test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test3", "test3");
cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
cms.copy("/db/securityTest3/source", "/db/securityTest3", "copy-of-source");
final Collection copyOfSource = test.getChildCollection("copy-of-source");
assertNotNull(copyOfSource);
assertEquals(2, copyOfSource.listResources().length);
}
Also used :
EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService)
BinaryResource(org.xmldb.api.modules.BinaryResource)
XMLResource(org.xmldb.api.modules.XMLResource)
Resource(org.xmldb.api.base.Resource)
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 72 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class XMLDBSecurityTest method onlyReadAndExecuteRequiredToListCollectionResources.
@Test
public void onlyReadAndExecuteRequiredToListCollectionResources() throws XMLDBException {
final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
ums.chmod("r-x------");
test.listResources();
}
Also used :
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 73 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class XMLDBSecurityTest method cannotListCollectionResourcesWithoutRead.
@Test(expected = XMLDBException.class)
public void cannotListCollectionResourcesWithoutRead() throws XMLDBException {
Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
ums.chmod("-wx-wx-wx");
test.close();
test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
test.listResources();
}
Also used :
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 74 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class XMLDBSecurityTest method copyCollection_doesPreservePermissions_whenDestCollectionExists.
@Test
public void copyCollection_doesPreservePermissions_whenDestCollectionExists() throws XMLDBException {
Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test1", "test1");
EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
// create collection owned by "test1", and group "users" in /db/securityTest3
Collection source = cms.createCollection("source");
// pre-create the dest collection and grant access to all (0777)
Collection dest = cms.createCollection("copy-of-source");
UserManagementService ums = (UserManagementService) dest.getService("UserManagementService", "1.0");
ums.chmod(0777);
// as the 'test3' user copy the collection
test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test3", "test3");
cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
cms.copy("/db/securityTest3/source", "/db/securityTest3", "copy-of-source");
// re-get ums as 'test3' user
ums = (UserManagementService) test.getService("UserManagementService", "1.0");
final Permission permissions = ums.getPermissions(test.getChildCollection("copy-of-source"));
// collection should STILL be owned by test1:users, i.e. permissions were preserved from the test1 users collection /db/securityTest3/copy-of-source
assertEquals("test1", permissions.getOwner().getName());
assertEquals("users", permissions.getGroup().getName());
}
Also used :
EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService)
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 75 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class XMLDBSecurityTest method cannotListCollectionSubCollectionsWithoutRead.
@Test(expected = XMLDBException.class)
public void cannotListCollectionSubCollectionsWithoutRead() throws XMLDBException {
Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
ums.chmod("-wx-wx-wx");
test.close();
test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
test.listChildCollections();
}
Also used :
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Aggregations
UserManagementService (org.exist.xmldb.UserManagementService)106
Collection (org.xmldb.api.base.Collection)91
Test (org.junit.Test)79
BinaryResource (org.xmldb.api.modules.BinaryResource)55
Resource (org.xmldb.api.base.Resource)52
XMLResource (org.xmldb.api.modules.XMLResource)51
EXistCollectionManagementService (org.exist.xmldb.EXistCollectionManagementService)26
XMLDBException (org.xmldb.api.base.XMLDBException)15
CollectionManagementService (org.xmldb.api.modules.CollectionManagementService)14
UserAider (org.exist.security.internal.aider.UserAider)9
GroupAider (org.exist.security.internal.aider.GroupAider)8
ResourceSet (org.xmldb.api.base.ResourceSet)8
EXistXPathQueryService (org.exist.xmldb.EXistXPathQueryService)7
EXistResource (org.exist.xmldb.EXistResource)6
Account (org.exist.security.Account)5
Before (org.junit.Before)3
BeforeClass (org.junit.BeforeClass)3
URISyntaxException (java.net.URISyntaxException)2
ExtendedResource (org.exist.xmldb.ExtendedResource)2
WindowAdapter (java.awt.event.WindowAdapter)1
