Example 26 with Sequence
use of org.exist.xquery.value.Sequence in project exist by eXist-db.
the class FnCollectionSecurityTest method cannotAccessCollectionInCollectionHierarchyWithDeniedReadAndExecuteAce.
@Test(expected = PermissionDeniedException.class)
public void cannotAccessCollectionInCollectionHierarchyWithDeniedReadAndExecuteAce() throws EXistException, AuthenticationException, PermissionDeniedException, XPathException {
// as docTestUser1 user
final String query = "fn:collection('" + TEST_SUB_COLLECTION_2_2 + "')";
final BrokerPool pool = server.getBrokerPool();
final SecurityManager securityManager = pool.getSecurityManager();
final Subject testUser1 = securityManager.authenticate(TEST_USER_1, TEST_USER_1);
try (final DBBroker broker = pool.get(Optional.of(testUser1));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
final XQuery xqueryService = pool.getXQueryService();
final Sequence result = xqueryService.execute(broker, query, null);
fail("Expected PermissionDeniedException via XPathException");
transaction.commit();
} catch (final XPathException e) {
if (e.getCause() != null && e.getCause() instanceof PermissionDeniedException) {
throw (PermissionDeniedException) e.getCause();
} else {
throw e;
}
}
}
Also used :
DBBroker(org.exist.storage.DBBroker)
XPathException(org.exist.xquery.XPathException)
XQuery(org.exist.xquery.XQuery)
Txn(org.exist.storage.txn.Txn)
Sequence(org.exist.xquery.value.Sequence)
BrokerPool(org.exist.storage.BrokerPool)
Test(org.junit.Test)
Example 27 with Sequence
use of org.exist.xquery.value.Sequence in project exist by eXist-db.
the class FnDocSecurityTest method cannotAccessRestrictedDocument.
@Test(expected = PermissionDeniedException.class)
public void cannotAccessRestrictedDocument() throws EXistException, AuthenticationException, PermissionDeniedException, XPathException, IOException, SAXException {
// as docTestUser1 user
final String query = "fn:doc('" + TEST_DOC_URI_SYSTEM_ONLY + "')";
final BrokerPool pool = server.getBrokerPool();
final SecurityManager securityManager = pool.getSecurityManager();
final Subject testUser1 = securityManager.authenticate(TEST_USER_1, TEST_USER_1);
try (final DBBroker broker = pool.get(Optional.of(testUser1));
final Txn transaction = pool.getTransactionManager().beginTransaction()) {
final XQuery xqueryService = pool.getXQueryService();
final Sequence result = xqueryService.execute(broker, query, null);
fail("Expected PermissionDeniedException via XPathException");
transaction.commit();
} catch (final XPathException e) {
if (e.getCause() != null && e.getCause() instanceof PermissionDeniedException) {
throw (PermissionDeniedException) e.getCause();
} else {
throw e;
}
}
}
Also used :
DBBroker(org.exist.storage.DBBroker)
XPathException(org.exist.xquery.XPathException)
XQuery(org.exist.xquery.XQuery)
Txn(org.exist.storage.txn.Txn)
Sequence(org.exist.xquery.value.Sequence)
BrokerPool(org.exist.storage.BrokerPool)
Test(org.junit.Test)
Example 28 with Sequence
use of org.exist.xquery.value.Sequence in project exist by eXist-db.
the class IdFunctionTest method sameRealAndEffectiveUsers.
/**
* Test of eval method, of class IdFunction.
* when real and effective users are the same
*/
@Test
public void sameRealAndEffectiveUsers() throws XPathException, XpathException {
final XQueryContext mckContext = createMockBuilder(XQueryContext.class).addMockedMethod("pushDocumentContext").addMockedMethod("getDocumentBuilder", new Class[0]).addMockedMethod("popDocumentContext").addMockedMethod("getRealUser").addMockedMethod("getEffectiveUser").createMock();
final Subject mckUser = EasyMock.createMock(Subject.class);
final String username = "user1";
mckContext.pushDocumentContext();
expectLastCall().once();
expect(mckContext.getDocumentBuilder()).andReturn(new MemTreeBuilder());
mckContext.popDocumentContext();
expectLastCall().once();
expect(mckContext.getRealUser()).andReturn(mckUser).times(2);
expect(mckUser.getName()).andReturn(username);
expect(mckUser.getGroups()).andReturn(new String[] { "group1", "group2" });
expect(mckUser.getId()).andReturn(1);
expect(mckContext.getEffectiveUser()).andReturn(mckUser);
expect(mckUser.getId()).andReturn(1);
replay(mckUser, mckContext);
final IdFunction idFunctions = new IdFunction(mckContext, IdFunction.FNS_ID);
final Sequence result = idFunctions.eval(new Sequence[] { Sequence.EMPTY_SEQUENCE }, null);
assertEquals(1, result.getItemCount());
final XpathEngine xpathEngine = XMLUnit.newXpathEngine();
final Map<String, String> namespaces = new HashMap<>();
namespaces.put("sm", "http://exist-db.org/xquery/securitymanager");
xpathEngine.setNamespaceContext(new SimpleNamespaceContext(namespaces));
final DocumentImpl resultDoc = (DocumentImpl) result.itemAt(0);
final String actualRealUsername = xpathEngine.evaluate("/sm:id/sm:real/sm:username", resultDoc);
assertEquals(username, actualRealUsername);
final String actualEffectiveUsername = xpathEngine.evaluate("/sm:id/sm:effective/sm:username", resultDoc);
assertEquals("", actualEffectiveUsername);
verify(mckUser, mckContext);
}
Also used :
MemTreeBuilder(org.exist.dom.memtree.MemTreeBuilder)
XpathEngine(org.custommonkey.xmlunit.XpathEngine)
HashMap(java.util.HashMap)
XQueryContext(org.exist.xquery.XQueryContext)
Sequence(org.exist.xquery.value.Sequence)
SimpleNamespaceContext(org.custommonkey.xmlunit.SimpleNamespaceContext)
DocumentImpl(org.exist.dom.memtree.DocumentImpl)
Subject(org.exist.security.Subject)
Test(org.junit.Test)
Example 29 with Sequence
use of org.exist.xquery.value.Sequence in project exist by eXist-db.
the class PermissionsFunctionChownTest method changeOwner.
private void changeOwner(final Subject execAsUser, final boolean restricted, final XmldbURI uri, final String newOwnerGroup, final String expectedOwnerGroup) throws EXistException, PermissionDeniedException, XPathException {
final BrokerPool pool = existWebServer.getBrokerPool();
final boolean prevRestricted = setPosixChownRestricted(restricted);
final String query = "import module namespace sm = 'http://exist-db.org/xquery/securitymanager';\n" + "sm:chown(xs:anyURI('" + uri.getRawCollectionPath() + "'), '" + newOwnerGroup + "'),\n" + "sm:get-permissions(xs:anyURI('" + uri.getRawCollectionPath() + "'))/sm:permission/(string(@owner), string(@group))";
try (final DBBroker broker = pool.get(Optional.of(execAsUser))) {
final XQuery xquery = existWebServer.getBrokerPool().getXQueryService();
final Sequence result = xquery.execute(broker, query, null);
assertEquals(2, result.getItemCount());
final String[] expectedOwnerGroupParts = expectedOwnerGroup.split(":");
assertEquals(expectedOwnerGroupParts[0], result.itemAt(0).getStringValue());
if (expectedOwnerGroupParts.length == 2) {
assertEquals(expectedOwnerGroupParts[1], result.itemAt(1).getStringValue());
}
} finally {
setPosixChownRestricted(prevRestricted);
}
}
Also used :
DBBroker(org.exist.storage.DBBroker)
XQuery(org.exist.xquery.XQuery)
Sequence(org.exist.xquery.value.Sequence)
BrokerPool(org.exist.storage.BrokerPool)
Example 30 with Sequence
use of org.exist.xquery.value.Sequence in project exist by eXist-db.
the class TransformTest method transform1.
private static void transform1(final XmldbURI collectionUri) throws EXistException, PermissionDeniedException, XPathException {
final BrokerPool pool = existEmbeddedServer.getBrokerPool();
final XQuery xquery = pool.getXQueryService();
try (final DBBroker broker = pool.get(Optional.of(pool.getSecurityManager().getSystemSubject()))) {
final Sequence sequence = xquery.execute(broker, getCountDescendantsXquery(collectionUri), null);
assertNotNull(sequence);
assertTrue(sequence.hasOne());
final Source expected = Input.fromString("<count-descendants>1</count-descendants>").build();
final Source actual = Input.fromDocument(sequence.itemAt(0).toJavaObject(Node.class).getOwnerDocument()).build();
final Diff diff = DiffBuilder.compare(expected).withTest(actual).checkForSimilar().build();
assertFalse(diff.toString(), diff.hasDifferences());
}
}
Also used :
DBBroker(org.exist.storage.DBBroker)
Diff(org.xmlunit.diff.Diff)
XQuery(org.exist.xquery.XQuery)
Node(org.w3c.dom.Node)
Sequence(org.exist.xquery.value.Sequence)
BrokerPool(org.exist.storage.BrokerPool)
StringInputSource(org.exist.util.StringInputSource)
Source(javax.xml.transform.Source)
Aggregations
Sequence (org.exist.xquery.value.Sequence)427
DBBroker (org.exist.storage.DBBroker)179
BrokerPool (org.exist.storage.BrokerPool)158
Test (org.junit.Test)114
XQuery (org.exist.xquery.XQuery)108
XPathException (org.exist.xquery.XPathException)86
Txn (org.exist.storage.txn.Txn)81
Item (org.exist.xquery.value.Item)68
ValueSequence (org.exist.xquery.value.ValueSequence)55
StringValue (org.exist.xquery.value.StringValue)49
Source (org.exist.source.Source)45
QName (org.exist.dom.QName)42
StringSource (org.exist.source.StringSource)42
SequenceIterator (org.exist.xquery.value.SequenceIterator)40
StringInputSource (org.exist.util.StringInputSource)37
CompiledXQuery (org.exist.xquery.CompiledXQuery)36
XQueryContext (org.exist.xquery.XQueryContext)35
IntegerValue (org.exist.xquery.value.IntegerValue)33
InputSource (org.xml.sax.InputSource)23
Diff (org.xmlunit.diff.Diff)21
