use of org.xmldb.api.base.Resource in project exist by eXist-db.
the class XMLDBSecurityTest method worldAddResource.
// fails since guest has no write permissions
@Test(expected = XMLDBException.class)
public void worldAddResource() throws XMLDBException {
final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "guest", "guest");
final Resource resource = test.createResource("createdByGuest", XMLResource.RESOURCE_TYPE);
resource.setContent("<testMe/>");
test.storeResource(resource);
}
use of org.xmldb.api.base.Resource in project exist by eXist-db.
the class XMLDBSecurityTest method noSetGid_createResource_resourceGroupIsUsersPrimaryGroup.
@Test
public void noSetGid_createResource_resourceGroupIsUsersPrimaryGroup() throws XMLDBException {
final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test1", "test1");
CollectionManagementService cms = (CollectionManagementService) test.getService("CollectionManagementService", "1.0");
// create /db/securityTest2/parentCollection with owner "test1:users" and mode "rwxrwxrwx"
Collection parentCollection = cms.createCollection("parentCollection");
UserManagementService ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
ums.chmod("rwxrwxrwx");
// now create the sub-resource /db/securityTest2/parentCollection/test.xml
// as "user3:guest", it should have it's group set to the primary group of user3 i.e. 'guest'
// as the collection is NOT setGid, the file should NOT have the setGid bit set
parentCollection = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2/parentCollection", "test3", "test3");
ums = (UserManagementService) parentCollection.getService("UserManagementService", "1.0");
Resource resource = parentCollection.createResource("test.xml", XMLResource.RESOURCE_TYPE);
resource.setContent("<test/>");
parentCollection.storeResource(resource);
final Permission permissions = ums.getPermissions(resource);
assertEquals("guest", permissions.getGroup().getName());
assertFalse(permissions.isSetGid());
}
use of org.xmldb.api.base.Resource in project exist by eXist-db.
the class XMLDBSecurityTest method dbaChownUidResource.
/**
* DBA can change the owner uid of a resource
*
* As the user 'admin' (who is a DBA) attempt to change the
* ownership uid of /db/securityTest1/test.xml
* to 'test2' user
*/
@Test
public void dbaChownUidResource() throws XMLDBException {
final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "admin", "");
final Resource resource = test.getResource("test.xml");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
// attempt to change uid ownership of /db/securityTest1/test.xml to the test2 user
final Account test2 = ums.getAccount("test2");
ums.chown(resource, test2);
}
use of org.xmldb.api.base.Resource in project exist by eXist-db.
the class XMLDBSecurityTest method canUpdateXmlResourceWithOnlyExecutePermissionOnParentCollection.
@Test
public void canUpdateXmlResourceWithOnlyExecutePermissionOnParentCollection() throws XMLDBException {
Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
ums.chmod("--x------");
test.close();
test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
Resource resource = test.getResource("test.xml");
assertEquals("<test/>", resource.getContent());
// update the resource
resource.setContent("<testing/>");
test.storeResource(resource);
resource = test.getResource("test.xml");
assertEquals("<testing/>", resource.getContent());
}
use of org.xmldb.api.base.Resource in project exist by eXist-db.
the class XMLDBSecurityTest method groupMemberChownGidResource.
/**
* Group Member can NOT change the owner gid of a resource
* to a group of which they are a member
*
* As the user 'test2' (who is in the group users)
* attempt to change ownership gid of /db/securityTest1/test.xml (which has uid 'test1' and gid 'users')
* to the group 'test2-only' (of which they are a member)
*/
@Test(expected = XMLDBException.class)
public void groupMemberChownGidResource() throws XMLDBException {
final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test2", "test2");
final Resource resource = test.getResource("test.xml");
final UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
// attempt to have user 'test2' take gid ownership of /db/securityTest1/test.xml (which is owned by test1:users)
ums.chgrp(resource, "test2-only");
}
Aggregations