Search in sources :

Example 16 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class ConfigurationDocumentTrigger method beforeUpdateDocument.

@Override
public void beforeUpdateDocument(final DBBroker broker, final Txn txn, final DocumentImpl document) throws TriggerException {
    this.createOrUpdate = true;
    this.broker = broker;
    // check saving list
    if (Configurator.saving.contains(Configurator.getFullURI(broker.getBrokerPool(), document.getURI()))) {
        return;
    }
    final XmldbURI uri = document.getCollection().getURI();
    if (uri.startsWith(SecurityManager.SECURITY_COLLECTION_URI)) {
        try {
            broker.getBrokerPool().getSecurityManager().processParameterBeforeSave(broker, document);
        } catch (final ConfigurationException e) {
            LOG.error("Configuration can't be processed [{}]", document.getURI(), e);
        // TODO : raise exception ? -pb
        }
    }
}
Also used : XmldbURI(org.exist.xmldb.XmldbURI)

Example 17 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class ElementImpl method calculateBaseURI.

// TODO please, keep in sync with org.exist.dom.persistent.ElementImpl
private XmldbURI calculateBaseURI() {
    XmldbURI baseURI = null;
    final String nodeBaseURI = getAttributeNS(Namespaces.XML_NS, "base");
    if (nodeBaseURI != null) {
        baseURI = XmldbURI.create(nodeBaseURI, false);
        if (baseURI.isAbsolute()) {
            return baseURI;
        }
    }
    int parent = -1;
    final int test = document.getParentNodeFor(nodeNumber);
    if (document.nodeKind[test] != Node.DOCUMENT_NODE) {
        parent = test;
    }
    if (parent != -1) {
        if (nodeBaseURI == null) {
            baseURI = ((ElementImpl) document.getNode(parent)).calculateBaseURI();
        } else {
            XmldbURI parentsBaseURI = ((ElementImpl) document.getNode(parent)).calculateBaseURI();
            if (nodeBaseURI.isEmpty()) {
                baseURI = parentsBaseURI;
            } else {
                baseURI = parentsBaseURI.append(baseURI);
            }
        }
    } else {
        if (nodeBaseURI == null) {
            return XmldbURI.create(getOwnerDocument().getBaseURI(), false);
        } else if (nodeNumber == 1) {
        // nothing to do
        } else {
            final String docBaseURI = getOwnerDocument().getBaseURI();
            if (docBaseURI.endsWith("/")) {
                baseURI = XmldbURI.create(getOwnerDocument().getBaseURI(), false);
                baseURI.append(baseURI);
            } else {
                baseURI = XmldbURI.create(getOwnerDocument().getBaseURI(), false);
                baseURI = baseURI.removeLastSegment();
                baseURI.append(baseURI);
            }
        }
    }
    return baseURI;
}
Also used : XmldbURI(org.exist.xmldb.XmldbURI)

Example 18 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class RESTServer method checkForXQueryTarget.

private boolean checkForXQueryTarget(final DBBroker broker, final Txn transaction, final XmldbURI path, final HttpServletRequest request, final HttpServletResponse response) throws PermissionDeniedException, IOException, BadRequestException {
    if (request.getAttribute(XQueryURLRewrite.RQ_ATTR) == null) {
        return false;
    }
    final String xqueryType = MimeType.XQUERY_TYPE.getName();
    final Collection collection = broker.getCollection(path);
    // a collection is not executable
    if (collection != null) {
        return false;
    }
    XmldbURI servletPath = path;
    LockedDocument lockedDocument = null;
    DocumentImpl resource = null;
    // xquery resource
    while (resource == null) {
        // traverse up the path looking for xquery objects
        lockedDocument = broker.getXMLResource(servletPath, LockMode.READ_LOCK);
        resource = lockedDocument == null ? null : lockedDocument.getDocument();
        if (resource != null && (resource.getResourceType() == DocumentImpl.BINARY_FILE && xqueryType.equals(resource.getMimeType()))) {
            // found a binary file with mime-type xquery or XML file with mime-type xproc
            break;
        } else if (resource != null) {
            // not an xquery or xproc resource. This means we have a path
            // that cannot contain an xquery or xproc object even if we keep
            // moving up the path, so bail out now
            lockedDocument.close();
            return false;
        }
        servletPath = servletPath.removeLastSegment();
        if (servletPath == XmldbURI.EMPTY_URI) {
            // no resource and no path segments left
            return false;
        }
    }
    // found an XQuery resource, fixup request values
    final String pathInfo = path.trimFromBeginning(servletPath).toString();
    final Properties outputProperties = new Properties(defaultOutputKeysProperties);
    try {
        // Execute the XQuery
        executeXQuery(broker, transaction, resource, request, response, outputProperties, servletPath.toString(), pathInfo);
    } catch (final XPathException e) {
        writeXPathExceptionHtml(response, HttpServletResponse.SC_BAD_REQUEST, "UTF-8", null, path.toString(), e);
    } finally {
        lockedDocument.close();
    }
    return true;
}
Also used : Collection(org.exist.collections.Collection) Properties(java.util.Properties) XmldbURI(org.exist.xmldb.XmldbURI)

Example 19 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class RESTServer method doPost.

/**
 * Handles POST requests. If the path leads to a binary resource with
 * mime-type "application/xquery", that resource will be read and executed
 * by the XQuery engine. Otherwise, the request content is loaded and parsed
 * as XML. It may either contain an XUpdate or a query request.
 *
 * @param broker the database broker
 * @param transaction the database transaction
 * @param request the request
 * @param response the response
 * @param path the path of the request
 *
 * @throws BadRequestException if a bad request is made
 * @throws PermissionDeniedException if the request has insufficient permissions
 * @throws NotFoundException if the request resource cannot be found
 * @throws IOException if an I/O error occurs
 */
public void doPost(final DBBroker broker, final Txn transaction, final HttpServletRequest request, final HttpServletResponse response, final String path) throws BadRequestException, PermissionDeniedException, IOException, NotFoundException {
    // if required, set character encoding
    if (request.getCharacterEncoding() == null) {
        request.setCharacterEncoding(formEncoding);
    }
    final Properties outputProperties = new Properties(defaultOutputKeysProperties);
    final XmldbURI pathUri = XmldbURI.createInternal(path);
    LockedDocument lockedDocument = null;
    DocumentImpl resource = null;
    final String encoding = outputProperties.getProperty(OutputKeys.ENCODING);
    String mimeType = outputProperties.getProperty(OutputKeys.MEDIA_TYPE);
    try {
        // check if path leads to an XQuery resource.
        // if yes, the resource is loaded and the XQuery executed.
        final String xquery_mime_type = MimeType.XQUERY_TYPE.getName();
        final String xproc_mime_type = MimeType.XPROC_TYPE.getName();
        lockedDocument = broker.getXMLResource(pathUri, LockMode.READ_LOCK);
        resource = lockedDocument == null ? null : lockedDocument.getDocument();
        XmldbURI servletPath = pathUri;
        // xquery resource
        while (null == resource) {
            // traverse up the path looking for xquery objects
            servletPath = servletPath.removeLastSegment();
            if (servletPath == XmldbURI.EMPTY_URI) {
                break;
            }
            lockedDocument = broker.getXMLResource(servletPath, LockMode.READ_LOCK);
            resource = lockedDocument == null ? null : lockedDocument.getDocument();
            if (null != resource && (resource.getResourceType() == DocumentImpl.BINARY_FILE && xquery_mime_type.equals(resource.getMimeType()) || resource.getResourceType() == DocumentImpl.XML_FILE && xproc_mime_type.equals(resource.getMimeType()))) {
                // found a binary file with mime-type xquery or XML file with mime-type xproc
                break;
            } else if (null != resource) {
                // not an xquery or xproc resource. This means we have a path
                // that cannot contain an xquery or xproc object even if we keep
                // moving up the path, so bail out now
                lockedDocument.close();
                lockedDocument = null;
                resource = null;
                break;
            }
        }
        // either xquery binary file or xproc xml file
        if (resource != null) {
            if (resource.getResourceType() == DocumentImpl.BINARY_FILE && xquery_mime_type.equals(resource.getMimeType()) || resource.getResourceType() == DocumentImpl.XML_FILE && xproc_mime_type.equals(resource.getMimeType())) {
                // found an XQuery resource, fixup request values
                final String pathInfo = pathUri.trimFromBeginning(servletPath).toString();
                try {
                    if (xquery_mime_type.equals(resource.getMimeType())) {
                        // Execute the XQuery
                        executeXQuery(broker, transaction, resource, request, response, outputProperties, servletPath.toString(), pathInfo);
                    } else {
                        // Execute the XProc
                        executeXProc(broker, transaction, resource, request, response, outputProperties, servletPath.toString(), pathInfo);
                    }
                } catch (final XPathException e) {
                    if (MimeType.XML_TYPE.getName().equals(mimeType)) {
                        writeXPathException(response, HttpServletResponse.SC_BAD_REQUEST, encoding, null, path, e);
                    } else {
                        writeXPathExceptionHtml(response, HttpServletResponse.SC_BAD_REQUEST, encoding, null, path, e);
                    }
                }
                return;
            }
        }
    } finally {
        if (lockedDocument != null) {
            lockedDocument.close();
        }
    }
    // check the content type to see if its XML or a parameter string
    String requestType = request.getContentType();
    if (requestType != null) {
        final int semicolon = requestType.indexOf(';');
        if (semicolon > 0) {
            requestType = requestType.substring(0, semicolon).trim();
        }
    }
    // content type != application/x-www-form-urlencoded
    if (requestType == null || !requestType.equals(MimeType.URL_ENCODED_TYPE.getName())) {
        // third, normal POST: read the request content and check if
        // it is an XUpdate or a query request.
        int howmany = 10;
        int start = 1;
        boolean typed = false;
        ElementImpl variables = null;
        boolean enclose = true;
        boolean cache = false;
        String query = null;
        try {
            final String content = getRequestContent(request);
            final NamespaceExtractor nsExtractor = new NamespaceExtractor();
            final ElementImpl root = parseXML(broker.getBrokerPool(), content, nsExtractor);
            final String rootNS = root.getNamespaceURI();
            if (rootNS != null && rootNS.equals(Namespaces.EXIST_NS)) {
                if (Query.xmlKey().equals(root.getLocalName())) {
                    // process <query>xpathQuery</query>
                    String option = root.getAttribute(Start.xmlKey());
                    if (option != null) {
                        try {
                            start = Integer.parseInt(option);
                        } catch (final NumberFormatException e) {
                        // 
                        }
                    }
                    option = root.getAttribute(Max.xmlKey());
                    if (option != null) {
                        try {
                            howmany = Integer.parseInt(option);
                        } catch (final NumberFormatException e) {
                        // 
                        }
                    }
                    option = root.getAttribute(Enclose.xmlKey());
                    if (option != null) {
                        if ("no".equals(option)) {
                            enclose = false;
                        }
                    } else {
                        option = root.getAttribute(Wrap.xmlKey());
                        if (option != null) {
                            if ("no".equals(option)) {
                                enclose = false;
                            }
                        }
                    }
                    option = root.getAttribute(Method.xmlKey());
                    if ((option != null) && (!option.isEmpty())) {
                        outputProperties.setProperty(SERIALIZATION_METHOD_PROPERTY, option);
                    }
                    option = root.getAttribute(Typed.xmlKey());
                    if (option != null) {
                        if ("yes".equals(option)) {
                            typed = true;
                        }
                    }
                    option = root.getAttribute(Mime.xmlKey());
                    if ((option != null) && (!option.isEmpty())) {
                        mimeType = option;
                    }
                    if ((option = root.getAttribute(Cache.xmlKey())) != null) {
                        cache = "yes".equals(option);
                    }
                    if ((option = root.getAttribute(Session.xmlKey())) != null && option.length() > 0) {
                        outputProperties.setProperty(Serializer.PROPERTY_SESSION_ID, option);
                    }
                    final NodeList children = root.getChildNodes();
                    for (int i = 0; i < children.getLength(); i++) {
                        final Node child = children.item(i);
                        if (child.getNodeType() == Node.ELEMENT_NODE && child.getNamespaceURI().equals(Namespaces.EXIST_NS)) {
                            if (Text.xmlKey().equals(child.getLocalName())) {
                                final StringBuilder buf = new StringBuilder();
                                Node next = child.getFirstChild();
                                while (next != null) {
                                    if (next.getNodeType() == Node.TEXT_NODE || next.getNodeType() == Node.CDATA_SECTION_NODE) {
                                        buf.append(next.getNodeValue());
                                    }
                                    next = next.getNextSibling();
                                }
                                query = buf.toString();
                            } else if (Variables.xmlKey().equals(child.getLocalName())) {
                                variables = (ElementImpl) child;
                            } else if (Properties.xmlKey().equals(child.getLocalName())) {
                                Node node = child.getFirstChild();
                                while (node != null) {
                                    if (node.getNodeType() == Node.ELEMENT_NODE && node.getNamespaceURI().equals(Namespaces.EXIST_NS) && Property.xmlKey().equals(node.getLocalName())) {
                                        final Element property = (Element) node;
                                        final String key = property.getAttribute("name");
                                        final String value = property.getAttribute("value");
                                        LOG.debug("{} = {}", key, value);
                                        if (key != null && value != null) {
                                            outputProperties.setProperty(key, value);
                                        }
                                    }
                                    node = node.getNextSibling();
                                }
                            }
                        }
                    }
                }
                // execute query
                if (query != null) {
                    try {
                        search(broker, transaction, query, path, nsExtractor.getNamespaces(), variables, howmany, start, typed, outputProperties, enclose, cache, request, response);
                    } catch (final XPathException e) {
                        if (MimeType.XML_TYPE.getName().equals(mimeType)) {
                            writeXPathException(response, HttpServletResponse.SC_BAD_REQUEST, encoding, null, path, e);
                        } else {
                            writeXPathExceptionHtml(response, HttpServletResponse.SC_BAD_REQUEST, encoding, null, path, e);
                        }
                    }
                } else {
                    throw new BadRequestException("No query specified");
                }
            } else if (rootNS != null && rootNS.equals(XUpdateProcessor.XUPDATE_NS)) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Got xupdate request: {}", content);
                }
                if (xupdateSubmission == EXistServlet.FeatureEnabled.FALSE) {
                    response.setStatus(HttpServletResponse.SC_FORBIDDEN);
                    return;
                } else if (xupdateSubmission == EXistServlet.FeatureEnabled.AUTHENTICATED_USERS_ONLY) {
                    final Subject currentSubject = broker.getCurrentSubject();
                    if (!currentSubject.isAuthenticated() || currentSubject.getId() == RealmImpl.GUEST_GROUP_ID) {
                        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
                        return;
                    }
                }
                final MutableDocumentSet docs = new DefaultDocumentSet();
                final boolean isCollection;
                try (final Collection collection = broker.openCollection(pathUri, LockMode.READ_LOCK)) {
                    if (collection != null) {
                        isCollection = true;
                        collection.allDocs(broker, docs, true);
                    } else {
                        isCollection = false;
                    }
                }
                if (!isCollection) {
                    final DocumentImpl xupdateDoc = broker.getResource(pathUri, Permission.READ);
                    if (xupdateDoc != null) {
                        docs.add(xupdateDoc);
                    } else {
                        broker.getAllXMLResources(docs);
                    }
                }
                final XUpdateProcessor processor = new XUpdateProcessor(broker, docs);
                long mods = 0;
                try (final Reader reader = new StringReader(content)) {
                    final Modification[] modifications = processor.parse(new InputSource(reader));
                    for (Modification modification : modifications) {
                        mods += modification.process(transaction);
                        broker.flush();
                    }
                }
                // FD : Returns an XML doc
                writeXUpdateResult(response, encoding, mods);
            // END FD
            } else {
                throw new BadRequestException("Unknown XML root element: " + root.getNodeName());
            }
        } catch (final SAXException e) {
            Exception cause = e;
            if (e.getException() != null) {
                cause = e.getException();
            }
            LOG.debug("SAX exception while parsing request: {}", cause.getMessage(), cause);
            throw new BadRequestException("SAX exception while parsing request: " + cause.getMessage());
        } catch (final ParserConfigurationException e) {
            throw new BadRequestException("Parser exception while parsing request: " + e.getMessage());
        } catch (final XPathException e) {
            throw new BadRequestException("Query exception while parsing request: " + e.getMessage());
        } catch (final IOException e) {
            throw new BadRequestException("IO exception while parsing request: " + e.getMessage());
        } catch (final EXistException e) {
            throw new BadRequestException(e.getMessage());
        } catch (final LockException e) {
            throw new PermissionDeniedException(e.getMessage());
        }
    // content type = application/x-www-form-urlencoded
    } else {
        doGet(broker, transaction, request, response, path);
    }
}
Also used : XUpdateProcessor(org.exist.xupdate.XUpdateProcessor) Modification(org.exist.xupdate.Modification) InputSource(org.xml.sax.InputSource) JSONNode(org.exist.util.serializer.json.JSONNode) Node(org.w3c.dom.Node) Element(org.w3c.dom.Element) XMLReader(org.xml.sax.XMLReader) Properties(java.util.Properties) SAXException(org.xml.sax.SAXException) ElementImpl(org.exist.dom.memtree.ElementImpl) ParserConfigurationException(javax.xml.parsers.ParserConfigurationException) XmldbURI(org.exist.xmldb.XmldbURI) NodeList(org.w3c.dom.NodeList) EXistException(org.exist.EXistException) Subject(org.exist.security.Subject) PermissionDeniedException(org.exist.security.PermissionDeniedException) XMLStreamException(javax.xml.stream.XMLStreamException) SAXException(org.xml.sax.SAXException) TriggerException(org.exist.collections.triggers.TriggerException) EXistException(org.exist.EXistException) TransformerConfigurationException(javax.xml.transform.TransformerConfigurationException) SAXParseException(org.xml.sax.SAXParseException) ParserConfigurationException(javax.xml.parsers.ParserConfigurationException) Collection(org.exist.collections.Collection) PermissionDeniedException(org.exist.security.PermissionDeniedException)

Example 20 with XmldbURI

use of org.exist.xmldb.XmldbURI in project exist by eXist-db.

the class ElementImpl method calculateBaseURI.

// TODO Please, keep in sync with org.exist.dom.memtree.ElementImpl
private XmldbURI calculateBaseURI() {
    XmldbURI baseURI = null;
    final String nodeBaseURI = _getAttributeNS(Namespaces.XML_NS, "base");
    if (nodeBaseURI != null) {
        baseURI = XmldbURI.create(nodeBaseURI, false);
        if (baseURI.isAbsolute()) {
            return baseURI;
        }
    }
    final IStoredNode parent = getParentStoredNode();
    if (parent != null) {
        if (nodeBaseURI == null) {
            baseURI = ((ElementImpl) parent).calculateBaseURI();
        } else {
            XmldbURI parentsBaseURI = ((ElementImpl) parent).calculateBaseURI();
            if (nodeBaseURI.isEmpty()) {
                baseURI = parentsBaseURI;
            } else {
                if (parentsBaseURI.toString().endsWith("/") || !parentsBaseURI.toString().contains("/")) {
                    baseURI = parentsBaseURI.append(baseURI);
                } else {
                    // there is a filename, remove it
                    baseURI = parentsBaseURI.removeLastSegment().append(baseURI);
                }
            }
        }
    } else {
        if (nodeBaseURI == null) {
            return XmldbURI.create(getOwnerDocument().getBaseURI(), false);
        } else {
            final String docBaseURI = getOwnerDocument().getBaseURI();
            if (docBaseURI.endsWith("/")) {
                baseURI = XmldbURI.create(getOwnerDocument().getBaseURI(), false);
                baseURI.append(baseURI);
            } else {
                baseURI = XmldbURI.create(getOwnerDocument().getBaseURI(), false);
                baseURI = baseURI.removeLastSegment();
                baseURI.append(baseURI);
            }
        }
    }
    return baseURI;
}
Also used : XmldbURI(org.exist.xmldb.XmldbURI)

Aggregations

XmldbURI (org.exist.xmldb.XmldbURI)260 Collection (org.exist.collections.Collection)100 PermissionDeniedException (org.exist.security.PermissionDeniedException)69 Test (org.junit.Test)56 Txn (org.exist.storage.txn.Txn)55 EXistException (org.exist.EXistException)42 URISyntaxException (java.net.URISyntaxException)39 LockedDocument (org.exist.dom.persistent.LockedDocument)39 IOException (java.io.IOException)38 DBBroker (org.exist.storage.DBBroker)38 DocumentImpl (org.exist.dom.persistent.DocumentImpl)34 SAXException (org.xml.sax.SAXException)33 Permission (org.exist.security.Permission)30 LockException (org.exist.util.LockException)27 Path (java.nio.file.Path)22 XPathException (org.exist.xquery.XPathException)22 BrokerPool (org.exist.storage.BrokerPool)21 TransactionManager (org.exist.storage.txn.TransactionManager)20 Subject (org.exist.security.Subject)19 StringInputSource (org.exist.util.StringInputSource)17