Package org.exist.security

Examples of org.exist.security.Account

113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
        Collection collection = null;
        try {
            collection = new LocalCollection(context.getSubject(), context.getBroker().getBrokerPool(), XmldbURI.ROOT_COLLECTION_URI, context.getAccessContext());
            final UserManagementService ums = (UserManagementService) collection.getService("UserManagementService", "1.0");
            final Account user = ums.getAccount(userName);

            if(isCalledAs("exists-user")) {
                return null == user ? BooleanValue.FALSE : BooleanValue.TRUE;
            }

            if(user == null) {
                logger.error("User not found: " + userName);
                throw new XPathException(this, "User not found: " + userName);
            }
            if(isCalledAs("get-user-primary-group")) {
                return new StringValue(user.getPrimaryGroup());
            }
            else if(isCalledAs("get-user-groups")) {
                final ValueSequence groups = new ValueSequence();
                final String[] gl = user.getGroups();
                for(int i = 0; i < gl.length; i++) {
                    groups.add(new StringValue(gl[i]));
                }
                return groups;
                // get-user-home
View Full Code Here
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
       
        Collection collection = null;
    try {
            collection = new LocalCollection(context.getSubject(), context.getBroker().getBrokerPool(), XmldbURI.ROOT_COLLECTION_URI, context.getAccessContext());
      final UserManagementService ums = (UserManagementService) collection.getService("UserManagementService", "1.0");
      final Account user = ums.getAccount(userName);

      if(user == null)
                // todo - why not just return false()? /ljo
        {return Sequence.EMPTY_SEQUENCE;}
      return user.hasDbaRole() ? BooleanValue.TRUE : BooleanValue.FALSE;
    } catch (final XMLDBException xe) {
            logger.error("Failed to access user " + userName);
      throw new XPathException(this, "Failed to access user " + userName, xe);
        } finally {
            if (null != collection)
View Full Code Here
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
       
        if(isCalledAs(qnIsAccountEnabled.getLocalName())) {
            if(!currentUser.hasDbaRole() && !currentUser.getName().equals(username)) {
                throw new XPathException("You must be a DBA or be enquiring about your own account!");
            }
            final Account account = securityManager.getAccount(username);
            return new BooleanValue(account.isEnabled());
        } else if(isCalledAs(qnSetAccountEnabled.getLocalName())) {
            if(!currentUser.hasDbaRole()) {
                throw new XPathException("You must be a DBA to change the status of an account!");
            }
           
            final boolean enable = args[1].effectiveBooleanValue();
           
            final Account account = securityManager.getAccount(username);
            account.setEnabled(enable);
           
            try {
                account.save(broker);
                return Sequence.EMPTY_SEQUENCE;
            } catch(final ConfigurationException ce) {
                throw new XPathException(ce.getMessage(), ce);
            } catch(final PermissionDeniedException pde) {
                throw new XPathException(pde.getMessage(), pde);
View Full Code Here
91
92
93
94
95
96
97
98
99
100
101
102
103
        try {

            final SecurityManager sm = context.getBroker().getBrokerPool().getSecurityManager();

            final Account account = sm.getAccount(userName);

            account.remGroup(groupName);

            //TEMP - ESCALATE TO DBA :-(
            //START TEMP - Whilst we can remove the group from the user
            //we cannot update the user because we do not have sufficient permissions
            //in the real world we should not be able to do either. The modelling of group
View Full Code Here
101
102
103
104
105
106
107
108
109
110
111
                   
                    throw new XPathException(this, "Needs a valid group name, not: " + group);
                }
               
                // Must actually get a User object for the Permission...
                final Account usr = ums.getAccount(user);
                if (usr == null) {
                    logger.error("Needs a valid user name, not: " + user);
                   
                    throw new XPathException(this, "Needs a valid user name, not: " + user);
                }
View Full Code Here
115
116
117
118
119
120
121
122
123
124
125
        // add the additional group managers, this also makes sure they
        // all exist first!
        for (final SequenceIterator i = args[1].iterate(); i.hasNext();) {
          final String groupManager = i.nextItem().getStringValue();

          final Account groupManagerAccount = sm.getAccount(groupManager);
          if (groupManagerAccount == null) {
            logger.error("Could not find the user: " + groupManager);
            // throw exception is better -shabanovd
            return BooleanValue.FALSE;
          }
View Full Code Here
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
   
  try {
      collection = new LocalCollection(context.getSubject(), context.getBroker().getBrokerPool(), XmldbURI.ROOT_COLLECTION_URI, context.getAccessContext());
      final UserManagementService ums = (UserManagementService) collection.getService("UserManagementService", "1.0");
     
      final Account oldUser = ums.getAccount(userName);
      if(oldUser == null) {
                logger.error("User " + userName + " not found");
                throw new XPathException(this, "User " + userName + " not found");
      }

            final Group oldPrimaryGroup = oldUser.getDefaultGroup();
            final UserAider user;
            if(oldPrimaryGroup != null) {
                //dont forget to set the primary group
                user = new UserAider(oldUser.getName(), oldPrimaryGroup);
            } else {
                user = new UserAider(oldUser.getName());
            }
     
            //copy the umask
            user.setUserMask(oldUser.getUserMask());
           
            //copy the metadata
            for(final SchemaType key : oldUser.getMetadataKeys()) {
                user.setMetadataValue(key, oldUser.getMetadataValue(key));
            }
           
            //copy the status
            user.setEnabled(oldUser.isEnabled());
           
            //change the password?
            if(!args[1].isEmpty()) {
                // set password
                user.setPassword(args[1].getStringValue());
      } else {
                //use the old password
                user.setEncodedPassword(oldUser.getPassword());
                user.setPasswordDigest(oldUser.getDigestPassword());
      }
     
            //change the groups?
            if(!args[2].isEmpty()) {
                // set groups
                for(final SequenceIterator i = args[2].iterate(); i.hasNext(); ) {
                    user.addGroup(i.nextItem().getStringValue());
                }
      } else {
                user.setGroups(oldUser.getGroups());
            }

      ums.updateAccount(user);
  } catch(final XMLDBException xe) {
      logger.error("Failed to update user " + userName, xe);
View Full Code Here
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
    }
    if(!(value instanceof StringAttribute))
      {return errorResult("Error finding attribute: Subject-id attribute must be a string.");}
   
    final String uid = ((StringAttribute)value).getValue();
    final Account user = pdp.getBrokerPool().getSecurityManager().getAccount(uid);
    if(user == null)
      {return errorResult("No user exists for UID '" + uid + "'");}
   
    if(XACMLConstants.GROUP_ATTRIBUTE.equals(attributeId))
      {return getGroups(user);}
    else if(XACMLConstants.USER_NAME_ATTRIBUTE.equals(attributeId))
      {return new EvaluationResult(new StringAttribute(user.getName()));}
    else
      {return errorResult("UserAttributeModule cannot handle attribute '" + attributeId + "'");}
  }
View Full Code Here
127
128
129
130
131
132
133
134
135
136
137
138
139
   
        try {
            executeWithBroker(new BrokerOperation<Void>(){
                @Override
                public Void withBroker(final DBBroker broker) throws XMLDBException, LockException, PermissionDeniedException, IOException, EXistException, TriggerException {
                    final Account account = manager.getAccount(username);
                    final Group group = manager.getGroup(groupName);
                    account.setPrimaryGroup(group);
                    manager.updateAccount(account);
                    return null;
                }
            });
        } catch(final Exception e) {
View Full Code Here
479
480
481
482
483
484
485
486
487
488
489
490
                @Override
                public String withBroker(DBBroker broker) throws XMLDBException, LockException, PermissionDeniedException, IOException, EXistException, TriggerException, SyntaxException {
                    return readResource(broker, res, new DatabaseItemReader<DocumentImpl, String>(){
                        @Override
                        public String read(DocumentImpl document) {
                            final Account lockOwner = document.getUserLock();
                            return lockOwner == null ? null : lockOwner.getName();
                        }
                    });
                }
            });
        } catch(final Exception e) {
View Full Code Here
TOP

Related Classes of org.exist.security.Account

  • org.exist.ant.ChownTask
  • org.exist.ant.LockResourceTask
  • org.exist.ant.RemoveUserTask
  • org.exist.ant.UserPasswordTask
  • org.exist.backup.ConsistencyCheck
  • org.exist.backup.Restore
  • org.exist.client.ClientFrame
  • org.exist.client.DocumentView
  • org.exist.client.InteractiveClient
  • org.exist.client.security.UserManagerDialog
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.