Search in sources :

Example 56 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method worldAddResource.

// fails since guest has no write permissions
@Test(expected = XMLDBException.class)
public void worldAddResource() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "guest", "guest");
    final Resource resource = test.createResource("createdByGuest", XMLResource.RESOURCE_TYPE);
    resource.setContent("<testMe/>");
    test.storeResource(resource);
}
Also used : BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) Test(org.junit.Test)

Example 57 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method noSetGid_createResource_resourceGroupIsUsersPrimaryGroup.

@Test
public void noSetGid_createResource_resourceGroupIsUsersPrimaryGroup() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test1", "test1");
    CollectionManagementService cms = (CollectionManagementService) test.getService("CollectionManagementService", "1.0");
    // create /db/securityTest2/parentCollection with owner "test1:users" and mode "rwxrwxrwx"
    Collection parentCollection = cms.createCollection("parentCollection");
    UserManagementService ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    ums.chmod("rwxrwxrwx");
    // now create the sub-resource /db/securityTest2/parentCollection/test.xml
    // as "user3:guest", it should have it's group set to the primary group of user3 i.e. 'guest'
    // as the collection is NOT setGid, the file should NOT have the setGid bit set
    parentCollection = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2/parentCollection", "test3", "test3");
    ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    Resource resource = parentCollection.createResource("test.xml", XMLResource.RESOURCE_TYPE);
    resource.setContent("<test/>");
    parentCollection.storeResource(resource);
    final Permission permissions = ums.getPermissions(resource);
    assertEquals("guest", permissions.getGroup().getName());
    assertFalse(permissions.isSetGid());
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Example 58 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method worldCreateCollection.

// fails since guest has no write permissions
@Test(expected = XMLDBException.class)
public void worldCreateCollection() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "guest", "guest");
    final CollectionManagementService cms = (CollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.createCollection("createdByGuest");
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) Collection(org.xmldb.api.base.Collection) Test(org.junit.Test)

Example 59 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method dbaChownUidResource.

/**
 * DBA can change the owner uid of a resource
 *
 * As the user 'admin' (who is a DBA) attempt to change the
 * ownership uid of /db/securityTest1/test.xml
 * to 'test2' user
 */
@Test
public void dbaChownUidResource() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "admin", "");
    final Resource resource = test.getResource("test.xml");
    final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    // attempt to change uid ownership of /db/securityTest1/test.xml to the test2 user
    final Account test2 = ums.getAccount("test2");
    ums.chown(resource, test2);
}
Also used : BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Example 60 with Collection

use of org.xmldb.api.base.Collection in project exist by eXist-db.

the class XMLDBSecurityTest method setGid_copyCollection_collectionGroupInheritedFromParent.

@Test
public void setGid_copyCollection_collectionGroupInheritedFromParent() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test1", "test1");
    EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    // create the /db/securityTest2/src collection with owner "test1:extusers" and default mode
    Collection srcCollection = cms.createCollection("src");
    ums = (UserManagementService) srcCollection.getService("UserManagementService", "1.0");
    ums.chgrp("extusers");
    // create /db/securityTest2/parentCollection with owner "test1:users" and mode "rwxrwsrwx"
    Collection parentCollection = cms.createCollection("parentCollection");
    ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    ums.chmod("rwxrwsrwx");
    // now copy /db/securityTest2/src to /db/securityTest2/parentCollection/src
    // as "user3:guest", it should inherit the group ownership 'users' from the parent
    // collection which is setGid and it should have its setGid bit set
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test3", "test3");
    cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.copy("src", "/db/securityTest2/parentCollection", "src");
    parentCollection = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2/parentCollection", "test3", "test3");
    ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    final Collection destCollection = parentCollection.getChildCollection("src");
    final Permission permissions = ums.getPermissions(destCollection);
    assertEquals("users", permissions.getGroup().getName());
    assertTrue(permissions.isSetGid());
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Aggregations

Collection (org.xmldb.api.base.Collection)345 XMLResource (org.xmldb.api.modules.XMLResource)140 Test (org.junit.Test)115 Resource (org.xmldb.api.base.Resource)111 UserManagementService (org.exist.xmldb.UserManagementService)91 CollectionManagementService (org.xmldb.api.modules.CollectionManagementService)85 BinaryResource (org.xmldb.api.modules.BinaryResource)80 XMLDBException (org.xmldb.api.base.XMLDBException)68 ResourceSet (org.xmldb.api.base.ResourceSet)55 EXistCollectionManagementService (org.exist.xmldb.EXistCollectionManagementService)48 XPathQueryService (org.xmldb.api.modules.XPathQueryService)31 EXistResource (org.exist.xmldb.EXistResource)25 EXistXPathQueryService (org.exist.xmldb.EXistXPathQueryService)20 Before (org.junit.Before)20 URISyntaxException (java.net.URISyntaxException)18 Path (java.nio.file.Path)18 InputStream (java.io.InputStream)17 BuildException (org.apache.tools.ant.BuildException)14 XmldbURI (org.exist.xmldb.XmldbURI)13 Account (org.exist.security.Account)10