Example 81 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class AbstractSecurityManagerRoundtripTest method checkGroupManagerStability.
@Test
public void checkGroupManagerStability() throws XMLDBException, PermissionDeniedException, IOException {
UserManagementService ums = (UserManagementService) getRoot().getService("UserManagementService", "1.0");
final String commonGroupName = "commonGroup";
Group commonGroup = new GroupAider(commonGroupName);
final String userName = "testUserA";
final Group userGroup = new GroupAider(userName);
// set users primary group as personal group
final Account userAccount = new UserAider(userName, userGroup);
try {
// create a user with personal group
ums.addGroup(userGroup);
ums.addAccount(userAccount);
// add user1 as a manager of common group
ums.addGroup(commonGroup);
commonGroup.addManager(userAccount);
ums.updateGroup(commonGroup);
/**
* RESTART THE SERVER **
*/
restartServer();
/**
***********************
*/
ums = (UserManagementService) getRoot().getService("UserManagementService", "1.0");
// get the common group
commonGroup = ums.getGroup(commonGroupName);
assertNotNull(commonGroup);
// assert that user1 is still a manager of the common group
final List<Account> commonGroupManagers = commonGroup.getManagers();
assertNotNull(commonGroupManagers);
assertEquals(1, commonGroupManagers.size());
assertEquals(commonGroupManagers.get(0).getName(), userName);
} finally {
// cleanup
try {
ums.removeGroup(commonGroup);
} catch (Exception e) {
}
try {
ums.removeAccount(userAccount);
} catch (Exception e) {
}
try {
ums.removeGroup(userGroup);
} catch (Exception e) {
}
}
}
Also used :
UserManagementService(org.exist.xmldb.UserManagementService)
GroupAider(org.exist.security.internal.aider.GroupAider)
UserAider(org.exist.security.internal.aider.UserAider)
XMLDBException(org.xmldb.api.base.XMLDBException)
IOException(java.io.IOException)
EXistException(org.exist.EXistException)
DatabaseConfigurationException(org.exist.util.DatabaseConfigurationException)
Test(org.junit.Test)
Example 82 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class AbstractSecurityManagerRoundtripTest method checkPrimaryGroupRemainsDBA.
@Test
public void checkPrimaryGroupRemainsDBA() throws XMLDBException, PermissionDeniedException, EXistException, IOException, DatabaseConfigurationException {
UserManagementService ums = (UserManagementService) getRoot().getService("UserManagementService", "1.0");
final String group1Name = "testGroup1";
final String group2Name = "testGroup2";
final String userName = "testUser";
Group group1 = new GroupAider(group1Name);
Group group2 = new GroupAider(group2Name);
// set users primary group as DBA
Account user = new UserAider(userName, ums.getGroup(SecurityManager.DBA_GROUP));
try {
ums.addGroup(group1);
ums.addGroup(group2);
ums.addAccount(user);
ums.getAccount(userName);
user.addGroup(group1);
user.addGroup(group2);
ums.updateAccount(user);
/**
* RESTART THE SERVER **
*/
restartServer();
/**
***********************
*/
ums = (UserManagementService) getRoot().getService("UserManagementService", "1.0");
user = ums.getAccount(userName);
assertNotNull(user);
Group defaultGroup = user.getDefaultGroup();
assertNotNull(defaultGroup);
assertEquals(SecurityManager.DBA_GROUP, defaultGroup.getName());
String[] groups = user.getGroups();
assertNotNull(groups);
assertEquals(3, groups.length);
assertEquals(SecurityManager.DBA_GROUP, groups[0]);
assertEquals(group1Name, groups[1]);
assertEquals(group2Name, groups[2]);
} finally {
// cleanup
final Account u1 = ums.getAccount(userName);
if (u1 != null) {
ums.removeAccount(u1);
}
final Group g1 = ums.getGroup(group1Name);
if (g1 != null) {
ums.removeGroup(g1);
}
final Group g2 = ums.getGroup(group2Name);
if (g2 != null) {
ums.removeGroup(g2);
}
}
}
Also used :
UserManagementService(org.exist.xmldb.UserManagementService)
GroupAider(org.exist.security.internal.aider.GroupAider)
UserAider(org.exist.security.internal.aider.UserAider)
Test(org.junit.Test)
Example 83 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class XMLDBSecurityTest method canUpdateBinaryResourceWithOnlyExecutePermissionOnParentCollection.
@Test
public void canUpdateBinaryResourceWithOnlyExecutePermissionOnParentCollection() throws XMLDBException {
Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
ums.chmod("--x------");
test.close();
test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
Resource resource = test.getResource("test.bin");
assertArrayEquals("binary-test".getBytes(), (byte[]) resource.getContent());
// update the resource
resource.setContent("testing".getBytes());
test.storeResource(resource);
resource = test.getResource("test.bin");
assertArrayEquals("testing".getBytes(), (byte[]) resource.getContent());
}
Also used :
BinaryResource(org.xmldb.api.modules.BinaryResource)
XMLResource(org.xmldb.api.modules.XMLResource)
Resource(org.xmldb.api.base.Resource)
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 84 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class XMLDBSecurityTest method copyDocument_doesPreservePermissions_whenDestResourceExists.
@Test
public void copyDocument_doesPreservePermissions_whenDestResourceExists() throws XMLDBException {
Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test1", "test1");
EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
// create resource owned by "test1", and group "users" in /db/securityTest3
final Resource resSource = test.createResource("source.xml", XMLResource.RESOURCE_TYPE);
resSource.setContent("<test/>");
test.storeResource(resSource);
// pre-create the dest resource (before the copy) and set writable by all
final Resource resDest = test.createResource("copy-of-source.xml", XMLResource.RESOURCE_TYPE);
resDest.setContent("<old/>");
test.storeResource(resDest);
UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
ums.chmod(resDest, 0777);
// as the 'test3' user copy the resource
test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test3", "test3");
cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
cms.copyResource("/db/securityTest3/source.xml", "/db/securityTest3", "copy-of-source.xml");
// as test3 user!
ums = (UserManagementService) test.getService("UserManagementService", "1.0");
final Permission permissions = ums.getPermissions(test.getResource("copy-of-source.xml"));
// resource should be owned by test3:guest, i.e. permissions were not preserved from the test1 users doc /db/securityTest3/source.xml
assertEquals("test1", permissions.getOwner().getName());
assertEquals("users", permissions.getGroup().getName());
// TODO copy collection should do the same??!?
}
Also used :
EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService)
BinaryResource(org.xmldb.api.modules.BinaryResource)
XMLResource(org.xmldb.api.modules.XMLResource)
Resource(org.xmldb.api.base.Resource)
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Example 85 with UserManagementService
use of org.exist.xmldb.UserManagementService in project exist by eXist-db.
the class XMLDBSecurityTest method onlyExecuteRequiredToOpenCollectionContent.
@Test
public void onlyExecuteRequiredToOpenCollectionContent() throws XMLDBException {
final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
ums.chmod("--x------");
test.close();
DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
}
Also used :
Collection(org.xmldb.api.base.Collection)
UserManagementService(org.exist.xmldb.UserManagementService)
Test(org.junit.Test)
Aggregations
UserManagementService (org.exist.xmldb.UserManagementService)106
Collection (org.xmldb.api.base.Collection)91
Test (org.junit.Test)79
BinaryResource (org.xmldb.api.modules.BinaryResource)55
Resource (org.xmldb.api.base.Resource)52
XMLResource (org.xmldb.api.modules.XMLResource)51
EXistCollectionManagementService (org.exist.xmldb.EXistCollectionManagementService)26
XMLDBException (org.xmldb.api.base.XMLDBException)15
CollectionManagementService (org.xmldb.api.modules.CollectionManagementService)14
UserAider (org.exist.security.internal.aider.UserAider)9
GroupAider (org.exist.security.internal.aider.GroupAider)8
ResourceSet (org.xmldb.api.base.ResourceSet)8
EXistXPathQueryService (org.exist.xmldb.EXistXPathQueryService)7
EXistResource (org.exist.xmldb.EXistResource)6
Account (org.exist.security.Account)5
Before (org.junit.Before)3
BeforeClass (org.junit.BeforeClass)3
URISyntaxException (java.net.URISyntaxException)2
ExtendedResource (org.exist.xmldb.ExtendedResource)2
WindowAdapter (java.awt.event.WindowAdapter)1
