Package org.exist.security

Examples of org.exist.security.PermissionDeniedException

2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
            transaction.registerLock(collection.getLock(), Lock.WRITE_LOCK);
            if (overwrite == 0) {
                final DocumentImpl old = collection.getDocument(broker, docUri.lastSegment());
                if (old != null) {
                  transact.abort(transaction);
                    throw new PermissionDeniedException("Old document exists and overwrite is not allowed");
                }
            }
            LOG.debug("Storing binary resource to collection " + collection.getURI());
           
            doc = collection.addBinaryResource(transaction, broker, docUri.lastSegment(), data, mimeType);
View Full Code Here
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
            if(xquery.getResourceType() != DocumentImpl.BINARY_FILE) {
                throw new EXistException("Document " + pathToQuery + " is not a binary resource");
            }

            if(!xquery.getPermissions().validate(user, Permission.READ | Permission.EXECUTE)) {
                throw new PermissionDeniedException("Insufficient privileges to access resource");
            }
           
            source = new DBSource(broker, xquery, true);
            compiled = compile(broker, source, parameters);
            queryResult = doQuery(broker, compiled, nodes, parameters);
View Full Code Here
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
    @Override
    public boolean removeAccount(final String name) throws EXistException, PermissionDeniedException {
        final SecurityManager manager = factory.getBrokerPool().getSecurityManager();
       
        if(!manager.hasAdminPrivileges(user)) {
            throw new PermissionDeniedException("you are not allowed to remove users");
        }
       
        try {
            executeWithBroker(new BrokerOperation<Void>() {
                @Override
View Full Code Here
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
                    @Override
                    public void modify(Permission permission) throws PermissionDeniedException {
                        try {
                            permission.setMode(permissions);
                        } catch(final SyntaxException se) {
                            throw new PermissionDeniedException("Unrecognised mode syntax: " + se.getMessage(), se);
                        }
                    }
                });
                return null;
            }
View Full Code Here
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
                        permission.setOwner(owner);
                        permission.setGroup(ownerGroup);
                        try {
                            permission.setMode(permissions);
                        } catch(final SyntaxException se) {
                            throw new PermissionDeniedException("Unrecognised mode syntax: " + se.getMessage(), se);
                        }
                    }
                });
                return null;
             }
View Full Code Here
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
        }
       
      final SecurityManager manager = factory.getBrokerPool().getSecurityManager();

      if(manager.hasAccount(name)) {
            throw new PermissionDeniedException("Account '"+name+"' exist");
        }

        if(!manager.hasAdminPrivileges(user)) {
            throw new PermissionDeniedException("Account '"+user.getName()+"' not allowed to create new account");
        }

        final UserAider u = new UserAider(name);
        u.setEncodedPassword(passwd);
        u.setPasswordDigest(passwdDigest);
View Full Code Here
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
      final SecurityManager manager = factory.getBrokerPool().getSecurityManager();

      if(!manager.hasGroup(name)) {
           
            if(!manager.hasAdminPrivileges(user)) {
                throw new PermissionDeniedException("Not allowed to create group");
            }
           
            final Group role = new GroupAider(name);
           
            for(final String key : metadata.keySet()) {
View Full Code Here
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
      if(!manager.hasGroup(groupName)) {
            throw new EXistException("Group '" + groupName + "' does not exist!");
        }
       
        if(!manager.hasAdminPrivileges(user)) {
            throw new PermissionDeniedException("Not allowed to modify user");
        }
       
        try {
            executeWithBroker(new BrokerOperation<Void>() {
                @Override
View Full Code Here
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
            if (doc == null) {
                throw new EXistException("Resource " + docURI + " not found");
            }
            //TODO : register the lock within the transaction ?
            if (!doc.getPermissions().validate(user, Permission.WRITE))
                {throw new PermissionDeniedException("User is not allowed to lock resource " + docURI);}
            final SecurityManager manager = factory.getBrokerPool().getSecurityManager();
            if (!(userName.equals(user.getName()) || manager.hasAdminPrivileges(user)))
                {throw new PermissionDeniedException("User " + user.getName() + " is not allowed " +
                        "to lock the resource for user " + userName);}
            final Account lockOwner = doc.getUserLock();
            if(lockOwner != null && (!lockOwner.equals(user)) && (!manager.hasAdminPrivileges(user)))
                {throw new PermissionDeniedException("Resource is already locked by user " +
                        lockOwner.getName());}
            doc.setUserLock(user);
            broker.storeXMLResource(transaction, doc);
            transact.commit(transaction);
            return true;
View Full Code Here
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
            broker = factory.getBrokerPool().get(user);
            doc = broker.getXMLResource(docURI, Lock.READ_LOCK);
            if (doc == null)
                {throw new EXistException("Resource " + docURI + " not found");}
            if(!doc.getPermissions().validate(user, Permission.READ))
                {throw new PermissionDeniedException("Insufficient privileges to read resource");}
            final Account u = doc.getUserLock();
            return u == null ? "" : u.getName();

        } catch (final Throwable e) {
            handleException(e);
View Full Code Here
TOP

Related Classes of org.exist.security.PermissionDeniedException

  • org.exist.atom.modules.AtomFeeds
  • org.exist.atom.modules.AtomProtocol
  • org.exist.collections.Collection
  • org.exist.http.RESTServer
  • org.exist.security.internal.aider.UserAider
  • org.exist.security.internal.RealmImpl
  • org.exist.security.realm.ldap.LDAPRealm
  • org.exist.security.realm.oauth.OAuthRealm
  • org.exist.security.xacml.ExistPDP
  • org.exist.soap.AdminSoapBindingImpl
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.