Search in sources :

Example 21 with Resource

use of org.xmldb.api.base.Resource in project exist by eXist-db.

the class XMLDBSecurityTest method setGid_createResource_resourceGroupInheritedFromParent.

@Test
public void setGid_createResource_resourceGroupInheritedFromParent() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test1", "test1");
    CollectionManagementService cms = (CollectionManagementService) test.getService("CollectionManagementService", "1.0");
    // create /db/securityTest2/parentCollection with owner "test1:users" and mode "rwxrwsrwx"
    Collection parentCollection = cms.createCollection("parentCollection");
    UserManagementService ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    ums.chmod("rwxrwsrwx");
    // now as "test3:guest" create the sub-resource /db/securityTest2/parentCollection/test.xml
    // it should inherit the group ownership 'users' from the parent which is setGid
    // but it should not inherit the setGid bit as it is a resource
    parentCollection = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2/parentCollection", "test3", "test3");
    ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    Resource resource = parentCollection.createResource("test.xml", XMLResource.RESOURCE_TYPE);
    resource.setContent("<test/>");
    parentCollection.storeResource(resource);
    final Permission permissions = ums.getPermissions(resource);
    assertEquals("users", permissions.getGroup().getName());
    assertFalse(permissions.isSetGid());
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Example 22 with Resource

use of org.xmldb.api.base.Resource in project exist by eXist-db.

the class XMLDBSecurityTest method canExecuteXQueryWithOnlyExecutePermissionOnParentCollection.

@Test
public void canExecuteXQueryWithOnlyExecutePermissionOnParentCollection() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    final String xquery = "<xquery>{ 1 + 1 }</xquery>";
    Resource xqueryResource = test.createResource("test.xquery", BinaryResource.RESOURCE_TYPE);
    xqueryResource.setContent(xquery);
    test.storeResource(xqueryResource);
    ums.chmod("--x------");
    // set execute bit on xquery (its off by default!)
    ums.chmod(xqueryResource, "rwx------");
    test.close();
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    xqueryResource = test.getResource("test.xquery");
    assertEquals(xquery, new String((byte[]) xqueryResource.getContent()));
    // execute the stored XQuery
    final EXistXPathQueryService queryService = (EXistXPathQueryService) test.getService("XPathQueryService", "1.0");
    final ResourceSet result = queryService.executeStoredQuery("/db/securityTest1/test.xquery");
    assertEquals("<xquery>2</xquery>", result.getResource(0).getContent());
}
Also used : EXistXPathQueryService(org.exist.xmldb.EXistXPathQueryService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) ResourceSet(org.xmldb.api.base.ResourceSet) Test(org.junit.Test)

Example 23 with Resource

use of org.xmldb.api.base.Resource in project exist by eXist-db.

the class XMLDBSecurityTest method copyCollectionWithResources_destResourceExists_destResourceIsNotWritable.

/**
 * As the 'test1' user, creates the collection and resource:
 *
 *  test1:users /db/securityTest3/source
 *  test1:users /db/securityTest3/source/source1.xml
 *  test1:users /db/securityTest3/source/source2.xml
 *
 * We then also create the Collection
 *  test1:users /db/securityTest3/copy-of-source (0777)
 * so that the destination (for the copy we are about
 * to do) already exists and is writable.
 * We then create the resource
 *  test1:users /db/securityTest/copy-of-source/source1.xml
 * and set it so that it is not accessible by anyone
 * apart from 'test1' user...
 *
 * As the 'test3' user, copy the collection:
 *
 *  /db/securityTest3/source
 *      -> /db/securityTest3/copy-of-source
 *
 * The test should prove that during a copy, existing
 * documents in the dest are replaced as long as the
 * dest collection has write permission and that the
 * permissions on the dest resource must also be writable
 */
@Test(expected = XMLDBException.class)
public void copyCollectionWithResources_destResourceExists_destResourceIsNotWritable() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test1", "test1");
    EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    // create collection owned by "test1", and group "users" in /db/securityTest3
    Collection source = cms.createCollection("source");
    // create resource owned by "test1", and group "users" in /db/securityTest3/source
    Resource resSource = source.createResource("source1.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test1/>");
    source.storeResource(resSource);
    resSource = source.createResource("source2.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test2/>");
    source.storeResource(resSource);
    // pre-create the destination and set writable by all
    final Collection dest = cms.createCollection("copy-of-source");
    UserManagementService ums = (UserManagementService) dest.getService("UserManagementService", "1.0");
    ums.chmod(0777);
    // pre-create a destination resource and set no access to group and others
    Resource resDestSource1 = dest.createResource("source1.xml", XMLResource.RESOURCE_TYPE);
    resDestSource1.setContent("<old/>");
    dest.storeResource(resDestSource1);
    ums.chmod(resDestSource1, 0700);
    // as the 'test3' user copy the collection
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test3", "test3");
    cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.copy("/db/securityTest3/source", "/db/securityTest3", "copy-of-source");
    final Collection copyOfSource = test.getChildCollection("copy-of-source");
    assertNotNull(copyOfSource);
    assertEquals(2, copyOfSource.listResources().length);
    final Resource resCopyOfSource1 = copyOfSource.getResource("source1.xml");
    assertEquals("<test1/>", resCopyOfSource1.getContent().toString());
    final Resource resCopyOfSource2 = copyOfSource.getResource("source2.xml");
    assertEquals("<test2/>", resCopyOfSource2.getContent().toString());
// TODO check perms are/areNot preserved? on the replaced resource
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Example 24 with Resource

use of org.xmldb.api.base.Resource in project exist by eXist-db.

the class XMLDBSecurityTest method setGid_copyResource_resourceGroupInheritedFromParent.

@Test
public void setGid_copyResource_resourceGroupInheritedFromParent() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test1", "test1");
    EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    // create the /db/securityTest2/test.xml resource
    Resource resource = test.createResource("test.xml", XMLResource.RESOURCE_TYPE);
    resource.setContent("<test/>");
    test.storeResource(resource);
    ums.chgrp(resource, "extusers");
    // create /db/securityTest2/parentCollection with owner "test1:users" and mode "rwxrwsrwx"
    Collection parentCollection = cms.createCollection("parentCollection");
    ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    ums.chmod("rwxrwsrwx");
    // now copy /db/securityTest2/test.xml to /db/securityTest2/parentCollection/test.xml
    // as "user3:guest", it should inherit the group ownership 'users' from the parent collection which is setGid
    // and it should NOT have its setGid bit set as it is a resource
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test3", "test3");
    cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.copyResource("test.xml", "/db/securityTest2/parentCollection", "test.xml");
    ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
    parentCollection = test.getChildCollection("parentCollection");
    resource = parentCollection.getResource("test.xml");
    final Permission permissions = ums.getPermissions(resource);
    assertEquals("users", permissions.getGroup().getName());
    assertFalse(permissions.isSetGid());
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Example 25 with Resource

use of org.xmldb.api.base.Resource in project exist by eXist-db.

the class XMLDBSecurityTest method copyCollectionWithResources_destResourceExists_destResourceIsWritable_preservePermissions.

/**
 * As the 'test1' user, creates the collection and resource:
 *
 *  test1:users /db/securityTest3/source
 *  test1:users /db/securityTest3/source/source1.xml
 *  test1:users /db/securityTest3/source/source2.xml
 *
 * We then also create the Collection
 *  test1:users /db/securityTest3/copy-of-source (0777)
 * so that the destination (for the copy we are about
 * to do) already exists and is writable.
 * We then create the resource
 *  test1:users /db/securityTest/copy-of-source/source1.xml
 * and set it so that it is writable by all (0777)...
 *
 * As the 'test3' user, copy the collection:
 *
 *  /db/securityTest3/source
 *      -> /db/securityTest3/copy-of-source
 *
 * The test should prove that during a copy, existing
 * documents in the dest are replaced as long as the
 * dest collection has write permission and that the
 * permissions on the dest resource must also be writable
 * and that the existing permissions on the dest
 * resource will be preserved
 */
@Test
public void copyCollectionWithResources_destResourceExists_destResourceIsWritable_preservePermissions() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test1", "test1");
    EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    // create collection owned by "test1", and group "users" in /db/securityTest3
    Collection source = cms.createCollection("source");
    // create resource owned by "test1", and group "users" in /db/securityTest3/source
    Resource resSource = source.createResource("source1.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test1/>");
    source.storeResource(resSource);
    resSource = source.createResource("source2.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test2/>");
    source.storeResource(resSource);
    // pre-create the destination and set writable by all
    final Collection dest = cms.createCollection("copy-of-source");
    UserManagementService ums = (UserManagementService) dest.getService("UserManagementService", "1.0");
    ums.chmod(0777);
    // pre-create a destination resource and set access for all
    Resource resDestSource1 = dest.createResource("source1.xml", XMLResource.RESOURCE_TYPE);
    resDestSource1.setContent("<old/>");
    dest.storeResource(resDestSource1);
    ums.chmod(resDestSource1, 0777);
    // as the 'test3' user copy the collection
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test3", "test3");
    cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.copy("/db/securityTest3/source", "/db/securityTest3", "copy-of-source");
    final Collection copyOfSource = test.getChildCollection("copy-of-source");
    assertNotNull(copyOfSource);
    assertEquals(2, copyOfSource.listResources().length);
    ums = (UserManagementService) copyOfSource.getService("UserManagementService", "1.0");
    // permissions should NOT have changed as the dest already existed!
    Permission permissions = ums.getPermissions(copyOfSource);
    assertEquals("test1", permissions.getOwner().getName());
    assertEquals("users", permissions.getGroup().getName());
    final Resource resCopyOfSource1 = copyOfSource.getResource("source1.xml");
    assertEquals("<test1/>", resCopyOfSource1.getContent().toString());
    // permissions should NOT have changed as the dest resource already existed!
    permissions = ums.getPermissions(resCopyOfSource1);
    assertEquals("test1", permissions.getOwner().getName());
    assertEquals("users", permissions.getGroup().getName());
    final Resource resCopyOfSource2 = copyOfSource.getResource("source2.xml");
    assertEquals("<test2/>", resCopyOfSource2.getContent().toString());
    // permissions SHOULD have changed as the dest resource is did NOT exist
    permissions = ums.getPermissions(resCopyOfSource2);
    assertEquals("test3", permissions.getOwner().getName());
    assertEquals("guest", permissions.getGroup().getName());
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) Test(org.junit.Test)

Aggregations

Resource (org.xmldb.api.base.Resource)173 XMLResource (org.xmldb.api.modules.XMLResource)126 Collection (org.xmldb.api.base.Collection)111 BinaryResource (org.xmldb.api.modules.BinaryResource)86 Test (org.junit.Test)77 UserManagementService (org.exist.xmldb.UserManagementService)52 ResourceSet (org.xmldb.api.base.ResourceSet)46 XMLDBException (org.xmldb.api.base.XMLDBException)38 EXistCollectionManagementService (org.exist.xmldb.EXistCollectionManagementService)32 EXistResource (org.exist.xmldb.EXistResource)27 CollectionManagementService (org.xmldb.api.modules.CollectionManagementService)25 XPathQueryService (org.xmldb.api.modules.XPathQueryService)18 EXistXPathQueryService (org.exist.xmldb.EXistXPathQueryService)16 Path (java.nio.file.Path)11 Database (org.xmldb.api.base.Database)11 XPathException (org.exist.xquery.XPathException)10 InputStream (java.io.InputStream)9 Source (javax.xml.transform.Source)9 BuildException (org.apache.tools.ant.BuildException)9 Diff (org.xmlunit.diff.Diff)9