Examples with CollectionManagementService org.xmldb.api.modules.CollectionManagementService used on opensource projects

Search in sources :

Example 91 with CollectionManagementService

use of org.xmldb.api.modules.CollectionManagementService in project exist by eXist-db.

the class XMLDBSecurityTest method groupCreateSubColl.

@Test
public void groupCreateSubColl() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test2", "test2");
    final CollectionManagementService cms = (CollectionManagementService) test.getService("CollectionManagementService", "1.0");
    final Collection newCol = cms.createCollection("createdByTest2");
    assertNotNull(newCol);
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) Collection(org.xmldb.api.base.Collection) Test(org.junit.Test)

Example 92 with CollectionManagementService

use of org.xmldb.api.modules.CollectionManagementService in project exist by eXist-db.

the class XMLDBSecurityTest method copyCollectionWithResources_withSubCollectionWithResource.

@Test
public void copyCollectionWithResources_withSubCollectionWithResource() throws XMLDBException {
    Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test1", "test1");
    EXistCollectionManagementService cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    // create collection owned by "test1", and group "users" in /db/securityTest3
    Collection source = cms.createCollection("source");
    // create resource owned by "test1", and group "users" in /db/securityTest3/source
    Resource resSource = source.createResource("source1.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test/>");
    source.storeResource(resSource);
    resSource = source.createResource("source2.xml", XMLResource.RESOURCE_TYPE);
    resSource.setContent("<test/>");
    source.storeResource(resSource);
    // create sub-collection "sub" owned by "test1", and group "users" in /db/securityTest3/source
    CollectionManagementService cms1 = (EXistCollectionManagementService) source.getService("CollectionManagementService", "1.0");
    Collection sub = cms1.createCollection("sub");
    // create resource owned by "test1", and group "users" in /db/securityTest3/source/sub1
    Resource resSub = sub.createResource("sub1.xml", XMLResource.RESOURCE_TYPE);
    resSub.setContent("<test-sub/>");
    sub.storeResource(resSub);
    // as the 'test3' user copy the collection
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest3", "test3", "test3");
    cms = (EXistCollectionManagementService) test.getService("CollectionManagementService", "1.0");
    cms.copy("/db/securityTest3/source", "/db/securityTest3", "copy-of-source");
    final Collection copyOfSource = test.getChildCollection("copy-of-source");
    assertNotNull(copyOfSource);
    assertEquals(2, copyOfSource.listResources().length);
    final Collection copyOfSub = copyOfSource.getChildCollection("sub");
    assertNotNull(copyOfSub);
    assertEquals(1, copyOfSub.listResources().length);
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) Test(org.junit.Test)

Example 93 with CollectionManagementService

use of org.xmldb.api.modules.CollectionManagementService in project exist by eXist-db.

the class XMLDBSecurityTest method setup.

// TODO need tests for
// 4) CopyingCollections to dests where permission is denied!
// 5) What about move Document, move Collection?
/**
 * 1) Sets '/db' to rwxr-xr-x (0755)
 * 2) Adds the Group 'users'
 * 3) Adds the User 'test1' with password 'test1' and set's their primary group to 'users'
 * 4) Creates the group 'extusers' and adds 'test1' to it
 * 5) Adds the User 'test2' with password 'test2' and set's their primary group to 'users'
 * 6) Creates the group 'test2-only` and adds 'test2' to it
 * 7) Adds the User 'test3' with password 'test3' and set's their primary group to 'guest'
 * 8) Creates the Collection '/db/securityTest1' owned by 'test1':'users' with permissions rwxrwx--- (0770)
 * 9) Creates the XML resource '/db/securityTest1/test.xml' owned by 'test1':'users' with permissions rwxrwx--- (0770)
 * 10) Creates the Binary resource '/db/securityTest1/test.bin' owned by 'test1':'users' with permissions rwxrwx--- (0770)
 * 11) Creates the Collection '/db/securityTest2' owned by 'test1':'users' with permissions rwxrwxr-x (0775)
 * 12) Creates the Collection '/db/securityTest3' owned by 'test3':'guest' with permissions rwxrwxrwx (0777)
 */
@Before
public void setup() throws XMLDBException {
    final Collection root = DatabaseManager.getCollection(getBaseUri() + "/db", TestUtils.ADMIN_DB_USER, TestUtils.ADMIN_DB_PWD);
    UserManagementService ums = (UserManagementService) root.getService("UserManagementService", "1.0");
    // ensure /db is always 755
    ums.chmod("rwxr-xr-x");
    // remove accounts 'test1', 'test2' and 'test3'
    removeAccounts(ums, new String[] { "test1", "test2", "test3" });
    // remove group 'users'
    removeGroups(ums, new String[] { "users" });
    final Group group = new GroupAider("exist", "users");
    ums.addGroup(group);
    UserAider user = new UserAider("test1", group);
    user.setPassword("test1");
    ums.addAccount(user);
    final Group extGroup = new GroupAider("exist", "extusers");
    ums.addGroup(extGroup);
    ums.addAccountToGroup("test1", "extusers");
    user = new UserAider("test2", group);
    user.setPassword("test2");
    ums.addAccount(user);
    final Group test2OnlyGroup = new GroupAider("exist", "test2-only");
    ums.addGroup(test2OnlyGroup);
    ums.addAccountToGroup("test2", "test2-only");
    user = new UserAider("test3", ums.getGroup("guest"));
    user.setPassword("test3");
    ums.addAccount(user);
    // create a collection /db/securityTest1 as owned by "test1:users" and mode 0770
    CollectionManagementService cms = (CollectionManagementService) root.getService("CollectionManagementService", "1.0");
    Collection test = cms.createCollection("securityTest1");
    ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    // change ownership to test1
    final Account test1 = ums.getAccount("test1");
    ums.chown(test1, "users");
    // full permissions for user and group, none for world
    ums.chmod(0770);
    test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest1", "test1", "test1");
    // create a resource /db/securityTest1/test.xml owned by "test1:users" and mode 0770
    Resource resource = test.createResource("test.xml", XMLResource.RESOURCE_TYPE);
    resource.setContent("<test/>");
    test.storeResource(resource);
    ums.chmod(resource, 0770);
    resource = test.createResource("test.bin", BinaryResource.RESOURCE_TYPE);
    resource.setContent("binary-test".getBytes());
    test.storeResource(resource);
    ums.chmod(resource, 0770);
    // create a collection /db/securityTest2 as user "test1"
    cms = (CollectionManagementService) root.getService("CollectionManagementService", "1.0");
    Collection testCol2 = cms.createCollection("securityTest2");
    ums = (UserManagementService) testCol2.getService("UserManagementService", "1.0");
    // change ownership to test1
    ums.chown(test1, "users");
    // full permissions for user and group, none for world
    ums.chmod(0775);
    // create a collection /db/securityTest3 as user "test3"
    cms = (CollectionManagementService) root.getService("CollectionManagementService", "1.0");
    Collection testCol3 = cms.createCollection("securityTest3");
    ums = (UserManagementService) testCol3.getService("UserManagementService", "1.0");
    // change ownership to test3
    final Account test3 = ums.getAccount("test3");
    ums.chown(test3, "users");
    // full permissions for all
    ums.chmod(0777);
    // create a sub-collection /db/securityTest1/sub1 as user "test1"
    cms = (CollectionManagementService) test.getService("CollectionManagementService", "1.0");
    Collection sub1 = cms.createCollection("sub1");
    ums = (UserManagementService) sub1.getService("UserManagementService", "1.0");
    // change ownership to test1
    ums.chown(test1, "users");
    // full permissions for all
    ums.chmod(0777);
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) GroupAider(org.exist.security.internal.aider.GroupAider) UserAider(org.exist.security.internal.aider.UserAider) Before(org.junit.Before)

Example 94 with CollectionManagementService

use of org.xmldb.api.modules.CollectionManagementService in project exist by eXist-db.

the class XMLDBSecurityTest method setGidXQueryCanWriteRestrictedCollection.

@Test
public void setGidXQueryCanWriteRestrictedCollection() throws XMLDBException {
    final Collection test = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test1", "test1");
    final long timestamp = System.currentTimeMillis();
    final String content = "<setgid>" + timestamp + "</setgid>";
    // create an XQuery /db/securityTest1/setuid.xquery
    final String xquery = "xmldb:store('/db/securityTest2/forSetGidWrite', 'setgid.xml', " + content + ")";
    Resource xqueryResource = test.createResource("setgid.xquery", "BinaryResource");
    xqueryResource.setContent(xquery);
    test.storeResource(xqueryResource);
    // set the xquery to be owned by 'test1':'users' and set it 'setgid', and set it 'rx' by ohers, so 'test3' can execute it!
    UserManagementService ums = (UserManagementService) test.getService("UserManagementService", "1.0");
    xqueryResource = test.getResource("setgid.xquery");
    ums.chown(xqueryResource, ums.getAccount("test1"), "users");
    // setgid
    ums.chmod(xqueryResource, 02705);
    // create a collection for the XQuery to write into
    final CollectionManagementService cms = (CollectionManagementService) test.getService("CollectionManagementService", "1.0");
    final Collection colForSetUid = cms.createCollection("forSetGidWrite");
    // only allow the group 'users' to write into the collection
    ums = (UserManagementService) colForSetUid.getService("UserManagementService", "1.0");
    ums.chmod(0570);
    // execute the XQuery as the 'test3' user... it should become 'setgid' of 'users' and succeed.
    final Collection test3 = DatabaseManager.getCollection(getBaseUri() + "/db/securityTest2", "test3", "test3");
    final EXistXPathQueryService queryService = (EXistXPathQueryService) test3.getService("XPathQueryService", "1.0");
    final ResourceSet result = queryService.executeStoredQuery("/db/securityTest2/setgid.xquery");
    assertEquals("/db/securityTest2/forSetGidWrite/setgid.xml", result.getResource(0).getContent());
    // check the written content
    final Resource writtenXmlResource = colForSetUid.getResource("setgid.xml");
    assertEquals(content, writtenXmlResource.getContent());
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) EXistXPathQueryService(org.exist.xmldb.EXistXPathQueryService) BinaryResource(org.xmldb.api.modules.BinaryResource) XMLResource(org.xmldb.api.modules.XMLResource) Resource(org.xmldb.api.base.Resource) Collection(org.xmldb.api.base.Collection) UserManagementService(org.exist.xmldb.UserManagementService) ResourceSet(org.xmldb.api.base.ResourceSet) Test(org.junit.Test)

Example 95 with CollectionManagementService

use of org.xmldb.api.modules.CollectionManagementService in project exist by eXist-db.

the class XMLDBSecurityTest method worldRemoveCollection.

// fails since guest has no write permissions
@Test(expected = XMLDBException.class)
public void worldRemoveCollection() throws XMLDBException {
    final Collection root = DatabaseManager.getCollection(getBaseUri() + "/db", "guest", "guest");
    final CollectionManagementService cms = (CollectionManagementService) root.getService("CollectionManagementService", "1.0");
    cms.removeCollection("securityTest1");
}
Also used : EXistCollectionManagementService(org.exist.xmldb.EXistCollectionManagementService) CollectionManagementService(org.xmldb.api.modules.CollectionManagementService) Collection(org.xmldb.api.base.Collection) Test(org.junit.Test)

Aggregations

CollectionManagementService (org.xmldb.api.modules.CollectionManagementService)148 Collection (org.xmldb.api.base.Collection)84 XMLResource (org.xmldb.api.modules.XMLResource)33 Resource (org.xmldb.api.base.Resource)25 Before (org.junit.Before)23 EXistCollectionManagementService (org.exist.xmldb.EXistCollectionManagementService)21 After (org.junit.After)21 Test (org.junit.Test)19 UserManagementService (org.exist.xmldb.UserManagementService)14 ResourceSet (org.xmldb.api.base.ResourceSet)14 BinaryResource (org.xmldb.api.modules.BinaryResource)13 XPathQueryService (org.xmldb.api.modules.XPathQueryService)9 Account (org.exist.security.Account)7 IndexQueryService (org.exist.xmldb.IndexQueryService)6 AfterClass (org.junit.AfterClass)6 Database (org.xmldb.api.base.Database)6 XMLDBException (org.xmldb.api.base.XMLDBException)6 Path (java.nio.file.Path)5 BeforeClass (org.junit.BeforeClass)5 InputStream (java.io.InputStream)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial