Package org.exist.xquery.functions.system

Source Code of org.exist.xquery.functions.system.AsUser

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
/*
*  eXist Open Source Native XML Database
*  Copyright (C) 2001-2014 The eXist Project
*  http://exist-db.org
*
*  This program is free software; you can redistribute it and/or
*  modify it under the terms of the GNU Lesser General Public License
*  as published by the Free Software Foundation; either version 2
*  of the License, or (at your option) any later version.
*
*  This program is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*  GNU Lesser General Public License for more details.
*
*  You should have received a copy of the GNU Lesser General Public
*  License along with this library; if not, write to the Free Software
*  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*
* $Id$
*/
package org.exist.xquery.functions.system;

import org.apache.log4j.Logger;
import org.exist.dom.QName;
import org.exist.security.AuthenticationException;
import org.exist.security.SecurityManager;
import org.exist.security.Subject;
import org.exist.storage.DBBroker;
import org.exist.xquery.*;
import org.exist.xquery.value.FunctionParameterSequenceType;
import org.exist.xquery.value.Item;
import org.exist.xquery.value.Sequence;
import org.exist.xquery.value.SequenceType;
import org.exist.xquery.value.Type;

/**
*/
public class AsUser extends Function {

    private final static Logger logger = Logger.getLogger(AsUser.class);

    public final static FunctionSignature signature = new FunctionSignature(
        new QName("as-user", SystemModule.NAMESPACE_URI, SystemModule.PREFIX),
        "A pseudo-function to execute a limited block of code as a different " +
        "user. The first argument is the name of the user, the second is the " +
        "password. If the user can be authenticated, the function will execute the " +
        "code block given in the third argument with the permissions of that user and" +
        "returns the result of the execution. Before the function completes, it switches " +
        "the current user back to the old user.",
        new SequenceType[] {
            new FunctionParameterSequenceType("username", Type.STRING, Cardinality.EXACTLY_ONE, "The username of the user to run the code against"),
            new FunctionParameterSequenceType("password", Type.STRING, Cardinality.ZERO_OR_ONE, "The password of the user to run the code against"),
            new FunctionParameterSequenceType("code-block", Type.ITEM, Cardinality.ZERO_OR_MORE, "The code block to run as the identified user")
        },
        new FunctionParameterSequenceType("result", Type.ITEM, Cardinality.ZERO_OR_MORE, "the results of the code block executed")
    );

    public AsUser(final XQueryContext context) {
        super(context, signature);
    }

    @Override
    public Sequence eval(final Sequence contextSequence, final Item contextItem) throws XPathException {
      logger.debug("Entering the " + SystemModule.PREFIX + ":as-user XQuery function");

        final DBBroker broker = context.getBroker();

        final Sequence usernameResult = getArgument(0).eval(contextSequence, contextItem);
        if(usernameResult.isEmpty()) {
            final XPathException exception = new XPathException(this, "No user specified");
            logger.error("No user specified, throwing an exception!", exception);
            throw exception;
        }
       
        final Sequence password = getArgument(1).eval(contextSequence, contextItem);
        final String username = usernameResult.getStringValue();
       
        final SecurityManager sm = broker.getBrokerPool().getSecurityManager();
        Subject user;
        try {
            user = sm.authenticate(username, password.getStringValue());
        } catch(final AuthenticationException e) {
            final XPathException exception = new XPathException(this, "Authentication failed", e);
            logger.error("Authentication failed for [" + username + "] because of [" + e.getMessage() + "].", exception);
            throw exception;
        }

        final Subject oldUser = context.getEffectiveUser();
        try {
            logger.info("Setting the effective user to: [" + username + "]");
            broker.setSubject(user);
            return getArgument(2).eval(contextSequence, contextItem);
        } finally {
            logger.info("Returning the effective user to: [" + oldUser.getName() + "]");
            broker.setSubject(oldUser);
        }
    }

    /* (non-Javadoc)
     * @see org.exist.xquery.AbstractExpression#getDependencies()
     */
    @Override
    public int getDependencies() {
        return getArgument(2).getDependencies();
    }

    /* (non-Javadoc)
     * @see org.exist.xquery.PathExpr#returnsType()
     */
    @Override
    public int returnsType() {
        return getArgument(2).returnsType();
    }
}
TOP

Related Classes of org.exist.xquery.functions.system.AsUser

  • org.exist.security.SecurityManager
  • org.exist.security.Subject
  • org.exist.storage.DBBroker
  • org.exist.xquery.value.Sequence
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.