Search in sources :

Example 71 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class NativeBrokerTest method copyCollection_noDescendants_toNonExistingDest_cannotWriteDest.

/**
 * When copying a Collection (/db/test/source) where
 * we have execute+read access and
 * which has no descendant documents or collections in it,
 *
 * to the destination /db/test/dest (which does not already exist)
 * and we DO NOT have execute+write access on /db/test
 * we should NOT be allowed to copy the Collection.
 */
@Test(expected = PermissionDeniedException.class)
public void copyCollection_noDescendants_toNonExistingDest_cannotWriteDest() throws LockException, PermissionDeniedException {
    final XmldbURI src = XmldbURI.create("/db/test/source");
    final XmldbURI dest = XmldbURI.create("/db/test");
    final XmldbURI newName = XmldbURI.create("dest");
    final Collection srcCollection = EasyMock.createStrictMock(Collection.class);
    final Permission srcPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection destCollection = EasyMock.createStrictMock(Collection.class);
    final Permission destPermissions = EasyMock.createStrictMock(Permission.class);
    // EasyMock.createMock(Collection.class);
    final Collection newDestCollection = null;
    final NativeBroker broker = EasyMock.createMockBuilder(NativeBroker.class).addMockedMethod("getCollection").addMockedMethod("getCurrentSubject").createStrictMock();
    final Subject subject = EasyMock.createStrictMock(Subject.class);
    // grant EXECUTE and READ permissions on the src
    expect(srcCollection.getPermissionsNoLock()).andReturn(srcPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(srcPermissions.validate(subject, Permission.EXECUTE | Permission.READ)).andReturn(true);
    // grant EXECUTE and WRITE permission on the dest
    expect(destCollection.getURI()).andReturn(dest);
    final Capture<XmldbURI> newDestURICapture = newCapture();
    expect(broker.getCollection(capture(newDestURICapture))).andReturn(newDestCollection);
    expect(destCollection.getPermissionsNoLock()).andReturn(destPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(destPermissions.validate(subject, Permission.EXECUTE | Permission.WRITE)).andReturn(false);
    // expectations for exception that should be thrown
    expect(srcCollection.getURI()).andReturn(src);
    expect(destCollection.getURI()).andReturn(dest);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(subject.getName()).andReturn("Fake user");
    // test below
    replay(subject, destCollection, destPermissions, srcCollection, srcPermissions, broker);
    // run the test
    broker.checkPermissionsForCopy(srcCollection, destCollection, newName);
    // not actually called, but here for showing intention
    verify(subject, destCollection, destPermissions, srcCollection, srcPermissions, broker);
}
Also used : Permission(org.exist.security.Permission) Collection(org.exist.collections.Collection) XmldbURI(org.exist.xmldb.XmldbURI) Subject(org.exist.security.Subject) Test(org.junit.Test)

Example 72 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class NativeBrokerTest method copyCollection_noDescendants_toNonExistingDest_canWriteDest.

/**
 * When copying a Collection (/db/test/source) where
 * we have execute+read access and
 * which has no descendant documents or collections in it
 * to the destination /db/test/dest (which does not already exist)
 * and we have execute+write access on /db/test
 * we should be allowed to copy the Collection.
 */
@Test
public void copyCollection_noDescendants_toNonExistingDest_canWriteDest() throws LockException, PermissionDeniedException {
    final XmldbURI src = XmldbURI.create("/db/test/source");
    final XmldbURI dest = XmldbURI.create("/db/test");
    final XmldbURI newName = XmldbURI.create("dest");
    final Collection srcCollection = EasyMock.createStrictMock(Collection.class);
    final Permission srcPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection destCollection = EasyMock.createStrictMock(Collection.class);
    final Permission destPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection newDestCollection = null;
    final NativeBroker broker = EasyMock.createMockBuilder(NativeBroker.class).addMockedMethod("getCollection").addMockedMethod("getCurrentSubject").createStrictMock();
    final Subject subject = EasyMock.createStrictMock(Subject.class);
    // grant EXECUTE and READ permissions on the src
    expect(srcCollection.getPermissionsNoLock()).andReturn(srcPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(srcPermissions.validate(subject, Permission.EXECUTE | Permission.READ)).andReturn(true);
    // grant EXECUTE and WRITE permission on the dest
    expect(destCollection.getURI()).andReturn(dest);
    final Capture<XmldbURI> newDestURICapture = newCapture();
    expect(broker.getCollection(capture(newDestURICapture))).andReturn(newDestCollection);
    expect(destCollection.getPermissionsNoLock()).andReturn(destPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(destPermissions.validate(subject, Permission.EXECUTE | Permission.WRITE)).andReturn(true);
    // no sub-documents
    expect(srcCollection.iteratorNoLock(broker)).andReturn(Collections.emptyIterator());
    // no sub-collections
    expect(srcCollection.collectionIteratorNoLock(broker)).andReturn(Collections.emptyIterator());
    // test below
    replay(destCollection, destPermissions, srcCollection, srcPermissions, subject, broker);
    // run the test
    broker.checkPermissionsForCopy(srcCollection, destCollection, newName);
    verify(destCollection, destPermissions, srcCollection, srcPermissions, subject, broker);
    assertEquals(dest.append(newName), newDestURICapture.getValue());
}
Also used : Permission(org.exist.security.Permission) Collection(org.exist.collections.Collection) XmldbURI(org.exist.xmldb.XmldbURI) Subject(org.exist.security.Subject) Test(org.junit.Test)

Example 73 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class NativeBrokerTest method copyCollection_oneSubDoc_toNonExistingDest_canWriteDest.

/**
 * When copying a Collection (/db/test/source) where
 * we have execute+read access and
 * which has one descendant document (on which we have read access)
 * in it,
 *
 * to the destination /db/test/dest (which does not already exist)
 * and we have execute+write access on /db/test
 * we should be allowed to copy the Collection.
 */
@Test
public void copyCollection_oneSubDoc_toNonExistingDest_canWriteDest() throws LockException, PermissionDeniedException {
    final XmldbURI src = XmldbURI.create("/db/test/source");
    final XmldbURI dest = XmldbURI.create("/db/test");
    final XmldbURI newName = XmldbURI.create("dest");
    final Collection srcCollection = EasyMock.createStrictMock(Collection.class);
    final Permission srcPermissions = EasyMock.createStrictMock(Permission.class);
    final DocumentImpl srcSubDocument = EasyMock.createStrictMock(DocumentImpl.class);
    final Permission srcSubDocumentPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection destCollection = EasyMock.createStrictMock(Collection.class);
    final Permission destPermissions = EasyMock.createStrictMock(Permission.class);
    final Collection newDestCollection = null;
    final NativeBroker broker = EasyMock.createMockBuilder(NativeBroker.class).addMockedMethod("getCollection").addMockedMethod("getCurrentSubject").createStrictMock();
    final Subject subject = EasyMock.createStrictMock(Subject.class);
    // grant EXECUTE and READ permissions on the src
    expect(srcCollection.getPermissionsNoLock()).andReturn(srcPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(srcPermissions.validate(subject, Permission.EXECUTE | Permission.READ)).andReturn(true);
    // grant EXECUTE and WRITE permission on the dest
    expect(destCollection.getURI()).andReturn(dest);
    final Capture<XmldbURI> newDestURICapture = newCapture();
    expect(broker.getCollection(capture(newDestURICapture))).andReturn(newDestCollection);
    expect(destCollection.getPermissionsNoLock()).andReturn(destPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(destPermissions.validate(subject, Permission.EXECUTE | Permission.WRITE)).andReturn(true);
    // one sub-document with READ permission
    expect(srcCollection.iteratorNoLock(broker)).andReturn(new ArrayIterator<>(srcSubDocument));
    expect(srcSubDocument.getPermissions()).andReturn(srcSubDocumentPermissions);
    expect(broker.getCurrentSubject()).andReturn(subject);
    expect(srcSubDocumentPermissions.validate(subject, Permission.READ)).andReturn(true);
    // no sub-collections
    expect(srcCollection.collectionIteratorNoLock(broker)).andReturn(Collections.emptyIterator());
    // test below
    replay(srcSubDocumentPermissions, srcSubDocument, destCollection, destPermissions, srcCollection, srcPermissions, subject, broker);
    // run the test
    broker.checkPermissionsForCopy(srcCollection, destCollection, newName);
    verify(srcSubDocumentPermissions, srcSubDocument, destCollection, destPermissions, srcCollection, srcPermissions, subject, broker);
    assertEquals(dest.append(newName), newDestURICapture.getValue());
}
Also used : Permission(org.exist.security.Permission) Collection(org.exist.collections.Collection) DocumentImpl(org.exist.dom.persistent.DocumentImpl) XmldbURI(org.exist.xmldb.XmldbURI) Subject(org.exist.security.Subject) Test(org.junit.Test)

Example 74 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class CopyCollectionTest method copyDeepWithSubCollections.

/**
 * Test copy collection /db/a/b/c/d/e/f/g/h/i/j/k to /db/z/y/x/w/v/u/k
 *
 * Note that the collection /db/a/b/c/d/e/f/g/h/i/j/k has the sub-collections (sub-1 and sub-2),
 * this test checks that the sub-collections are correctly preserved.
 */
@Test
public void copyDeepWithSubCollections() throws EXistException, IOException, PermissionDeniedException, TriggerException, LockException {
    final XmldbURI srcUri = XmldbURI.create("/db/a/b/c/d/e/f/g/h/i/j/k");
    final XmldbURI srcSubCol1Uri = srcUri.append("sub-1");
    final XmldbURI srcSubCol2Uri = srcUri.append("sub-2");
    final XmldbURI destUri = XmldbURI.create("/db/z/y/x/w/v/u");
    final XmldbURI newName = srcUri.lastSegment();
    final BrokerPool pool = existWebServer.getBrokerPool();
    final TransactionManager transact = pool.getTransactionManager();
    try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()));
        final Txn transaction = transact.beginTransaction()) {
        // create src collection
        try (final Collection src = broker.getOrCreateCollection(transaction, srcUri)) {
            assertNotNull(src);
            broker.saveCollection(transaction, src);
        }
        // create src sub-collections
        try (final Collection srcColSubCol1 = broker.getOrCreateCollection(transaction, srcSubCol1Uri)) {
            assertNotNull(srcColSubCol1);
            broker.saveCollection(transaction, srcColSubCol1);
        }
        try (final Collection srcColSubCol2 = broker.getOrCreateCollection(transaction, srcSubCol2Uri)) {
            assertNotNull(srcColSubCol2);
            broker.saveCollection(transaction, srcColSubCol2);
        }
        // create dst collection
        try (Collection dst = broker.getOrCreateCollection(transaction, destUri)) {
            assertNotNull(dst);
            broker.saveCollection(transaction, dst);
        }
        try (final Collection src = broker.openCollection(srcUri, LockMode.WRITE_LOCK);
            final Collection dst = broker.openCollection(destUri, LockMode.WRITE_LOCK)) {
            broker.copyCollection(transaction, src, dst, newName);
        }
        transact.commit(transaction);
    }
    // check that the source still exists
    try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()));
        final Txn transaction = transact.beginTransaction()) {
        try (final Collection src = broker.openCollection(srcUri, LockMode.READ_LOCK)) {
            assertNotNull(src);
        }
        // check that the source sub-collections still exist
        try (final Collection srcSubCol1 = broker.openCollection(srcSubCol1Uri, LockMode.READ_LOCK)) {
            assertNotNull(srcSubCol1);
        }
        try (final Collection srcSubCol2 = broker.openCollection(srcSubCol2Uri, LockMode.READ_LOCK)) {
            assertNotNull(srcSubCol2);
        }
        transaction.commit();
    }
    // check that the new copy exists
    try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()));
        final Txn transaction = transact.beginTransaction()) {
        final XmldbURI copyUri = destUri.append(newName);
        try (final Collection copy = broker.openCollection(copyUri, LockMode.READ_LOCK)) {
            assertNotNull(copy);
        }
        // check that the new copy has sub-collection copies
        final XmldbURI copySubCol1Uri = copyUri.append(srcSubCol1Uri.lastSegment());
        try (final Collection copySubCol1 = broker.openCollection(copySubCol1Uri, LockMode.READ_LOCK)) {
            assertNotNull(copySubCol1);
        }
        final XmldbURI copySubCol2Uri = copyUri.append(srcSubCol2Uri.lastSegment());
        try (final Collection copySubCol2 = broker.openCollection(copySubCol2Uri, LockMode.READ_LOCK)) {
            assertNotNull(copySubCol2);
        }
        transaction.commit();
    }
}
Also used : TransactionManager(org.exist.storage.txn.TransactionManager) Collection(org.exist.collections.Collection) Txn(org.exist.storage.txn.Txn) XmldbURI(org.exist.xmldb.XmldbURI)

Example 75 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class CopyCollectionTest method copyCol.

private void copyCol(final Subject execAsUser, final DBBroker.PreserveType preserve, final XmldbURI srcColName, final XmldbURI destColName) throws EXistException, PermissionDeniedException, LockException, IOException, TriggerException {
    final XmldbURI src = TEST_COLLECTION_URI.append(srcColName);
    final XmldbURI dest = TEST_COLLECTION_URI.append(destColName);
    final BrokerPool pool = existWebServer.getBrokerPool();
    try (final DBBroker broker = pool.get(Optional.of(execAsUser));
        final Txn transaction = pool.getTransactionManager().beginTransaction();
        final Collection srcCol = broker.openCollection(src, LockMode.READ_LOCK);
        final Collection destCol = broker.openCollection(dest.removeLastSegment(), LockMode.WRITE_LOCK)) {
        broker.copyCollection(transaction, srcCol, destCol, dest.lastSegment(), preserve);
        transaction.commit();
    }
    // basic shallow check that copy of the collection is the same as the original
    try (final DBBroker broker = pool.get(Optional.of(execAsUser));
        final Collection original = broker.openCollection(src, LockMode.READ_LOCK);
        final Collection copy = broker.openCollection(dest, LockMode.READ_LOCK)) {
        assertEquals(original.getDocumentCount(broker), copy.getDocumentCount(broker));
        assertEquals(original.getChildCollectionCount(broker), copy.getChildCollectionCount(broker));
    }
}
Also used : Collection(org.exist.collections.Collection) Txn(org.exist.storage.txn.Txn) XmldbURI(org.exist.xmldb.XmldbURI)

Aggregations

XmldbURI (org.exist.xmldb.XmldbURI)260 Collection (org.exist.collections.Collection)100 PermissionDeniedException (org.exist.security.PermissionDeniedException)69 Test (org.junit.Test)56 Txn (org.exist.storage.txn.Txn)55 EXistException (org.exist.EXistException)42 URISyntaxException (java.net.URISyntaxException)39 LockedDocument (org.exist.dom.persistent.LockedDocument)39 IOException (java.io.IOException)38 DBBroker (org.exist.storage.DBBroker)38 DocumentImpl (org.exist.dom.persistent.DocumentImpl)34 SAXException (org.xml.sax.SAXException)33 Permission (org.exist.security.Permission)30 LockException (org.exist.util.LockException)27 Path (java.nio.file.Path)22 XPathException (org.exist.xquery.XPathException)22 BrokerPool (org.exist.storage.BrokerPool)21 TransactionManager (org.exist.storage.txn.TransactionManager)20 Subject (org.exist.security.Subject)19 StringInputSource (org.exist.util.StringInputSource)17