diff --git a/makefile b/makefile
index 642e31c538a98b39fdb07aeaed5b8a2515adf947..07d01edfd116d57cf46d1290df738626d3c5b769 100644
--- a/makefile
+++ b/makefile
@@ -32,8 +32,8 @@ runserver:
run: compile
mvn exec:java@run
-run-debug:
- java -Dcaosdb.debug=true -jar target/caosdb-server-0.1-SNAPSHOT-jar-with-dependencies.jar
+run-debug: jar
+ java -Xrunjdwp:transport=dt_socket,address=0.0.0.0:9000,server=y,suspend=n -Dcaosdb.debug=true -jar target/caosdb-server-0.1-SNAPSHOT-jar-with-dependencies.jar
run-single:
java -jar target/caosdb-server-0.1-SNAPSHOT-jar-with-dependencies.jar
@@ -42,15 +42,15 @@ formatting:
mvn fmt:format
# Compile into a standalone jar file
-jar: compile
- mvn clean compile assembly:single
-# mvn assembly:single
+jar: easy-units
+ mvn package -DskipTests
antlr:
mvn antlr4:antlr4
test: easy-units
- mvn test
+ MAVEN_DEBUG_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Dcaosdb.debug=true -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=0.0.0.0:9000"
+ mvn test -X
clean: clean-antlr
mvn clean
@@ -105,4 +105,5 @@ stop-debug-screen:
mkdir .m2-local
easy-units: .m2-local
+ mvn clean
mvn deploy:deploy-file -DgroupId=de.timmfitschen -DartifactId=easy-units -Dversion=0.0.1-SNAPSHOT -Durl=file:./.m2-local/ -DrepositoryId=local-maven-repo -DupdateReleaseInfo=true -Dfile=./lib/easy-units-0.0.1-SNAPSHOT-jar-with-dependencies.jar
diff --git a/pom.xml b/pom.xml
index 7ba53304ccf5c414fa66e042d1d02d03aede6658..ada3403287a657f7684ba8984c57cc80a51820a9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -49,16 +49,6 @@
</repository>
</repositories>
<dependencies>
- <dependency>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-slf4j18-impl</artifactId>
- <version>2.12.1</version>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- <version>1.7.28</version>
- </dependency>
<dependency>
<groupId>de.timmfitschen</groupId>
<artifactId>easy-units</artifactId>
@@ -67,7 +57,7 @@
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
- <version>1.3.2</version>
+ <version>1.4.1</version>
</dependency>
<dependency>
<groupId>junit</groupId>
@@ -162,15 +152,25 @@
<artifactId>jetty-util-ajax</artifactId>
<version>9.2.14.v20151106</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-slf4j-impl</artifactId>
+ <version>2.11.1</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>1.7.21</version>
+ </dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-api</artifactId>
- <version>2.12.1</version>
+ <version>2.11.1</version>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
- <version>2.12.1</version>
+ <version>2.11.1</version>
</dependency>
</dependencies>
<build>
@@ -180,6 +180,35 @@
<outputDirectory>${basedir}/target/classes</outputDirectory>
<testOutputDirectory>${basedir}/target/test-classes</testOutputDirectory>
<plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-shade-plugin</artifactId>
+ <version>2.4.3</version>
+ <executions>
+ <execution>
+ <phase>package</phase>
+ <goals>
+ <goal>shade</goal>
+ </goals>
+ <configuration>
+ <finalName>${project.artifactId}-${project.version}-jar-with-dependencies</finalName>
+ <transformers>
+ <transformer implementation="com.github.edwgiz.mavenShadePlugin.log4j2CacheTransformer.PluginsCacheFileTransformer"></transformer>
+ <transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
+ <mainClass>caosdb.server.CaosDBServer</mainClass>
+ </transformer>
+ </transformers>
+ </configuration>
+ </execution>
+ </executions>
+ <dependencies>
+ <dependency>
+ <groupId>com.github.edwgiz</groupId>
+ <artifactId>maven-shade-plugin.log4j2-cachefile-transformer</artifactId>
+ <version>2.8.1</version>
+ </dependency>
+ </dependencies>
+ </plugin>
<plugin>
<groupId>org.antlr</groupId>
<artifactId>antlr4-maven-plugin</artifactId>
@@ -204,27 +233,6 @@
<target>1.8</target>
</configuration>
</plugin>
- <plugin>
- <artifactId>maven-assembly-plugin</artifactId>
- <configuration>
- <descriptorRefs>
- <descriptorRef>jar-with-dependencies</descriptorRef>
- </descriptorRefs>
- <archive>
- <manifest>
- <mainClass>caosdb.server.CaosDBServer</mainClass>
- </manifest>
- </archive>
- </configuration>
- <executions>
- <execution>
- <phase>package</phase>
- <goals>
- <goal>single</goal> <!-- Run with: mvn assembly:single -->
- </goals>
- </execution>
- </executions>
- </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
@@ -238,8 +246,8 @@
<log4j2.debug>true</log4j2.debug>
</systemPropertyVariables>
<reuseForks>false</reuseForks>
- <!-- Start 0.5 JVMs per CPU core -->
- <!-- Higher numbers *seem* to lead to higher failure rates... :-/ -->
+ <!-- Start 0.5 JVMs per CPU core
+ Higher numbers *seem* to lead to higher failure rates... :-/ -->
<forkCount>0.5C</forkCount>
</configuration>
</plugin>
@@ -298,13 +306,11 @@
</execution>
</executions>
</plugin>
- <!-- Remove easy-units from classpath generation because of
- https://github.com/jdee-emacs/jdee/issues/125 (no sources inside
- easy-units) -->
+ <!-- Remove easy-units from classpath generation because of https://github.com/jdee-emacs/jdee/issues/125
+ (no sources inside easy-units) -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
- <version>2.8</version>
<configuration>
<excludeArtifactIds>easy-units</excludeArtifactIds>
</configuration>
diff --git a/src/main/java/caosdb/server/CaosDBServer.java b/src/main/java/caosdb/server/CaosDBServer.java
index 3245902d5721e00d1ae0418a33e7a5f468794ea6..2586c2df7a388061a0986a4ff3a40f94b8657f1b 100644
--- a/src/main/java/caosdb/server/CaosDBServer.java
+++ b/src/main/java/caosdb/server/CaosDBServer.java
@@ -111,7 +111,6 @@ import org.slf4j.LoggerFactory;
public class CaosDBServer extends Application {
private static Logger logger = LoggerFactory.getLogger(CaosDBServer.class);
- private static boolean DEBUG_MODE = false;
private static boolean START_GUI = true;
private static Properties SERVER_PROPERTIES = null;
private static Component component = null;
@@ -222,7 +221,26 @@ public class CaosDBServer extends Application {
INSECURE = true;
}
}
- DEBUG_MODE = Boolean.getBoolean("caosdb.debug");
+ }
+
+ public static Ini getShiroConfig() {
+ final Ini config = new Ini();
+ final Section mainSec = config.addSection("main");
+ mainSec.put("CaosDB", CaosDBDefaultRealm.class.getCanonicalName());
+ mainSec.put("SessionTokenValidator", SessionTokenRealm.class.getCanonicalName());
+ mainSec.put("OneTimeTokenValidator", OneTimeTokenRealm.class.getCanonicalName());
+ mainSec.put("CaosDBAuthorizingRealm", CaosDBAuthorizingRealm.class.getCanonicalName());
+ mainSec.put("AnonymousRealm", AnonymousRealm.class.getCanonicalName());
+ mainSec.put(
+ "securityManager.realms",
+ "$CaosDB, $SessionTokenValidator, $OneTimeTokenValidator, $CaosDBAuthorizingRealm, $AnonymousRealm");
+
+ // disable shiro's default session management. We have quasi-stateless
+ // sessions
+ // using our SessionToken class.
+ mainSec.put(
+ "securityManager.subjectDAO.sessionStorageEvaluator.sessionStorageEnabled", "false");
+ return config;
}
/**
@@ -248,28 +266,12 @@ public class CaosDBServer extends Application {
System.exit(1);
}
- INSECURE = INSECURE && DEBUG_MODE; // only allow insecure in debug mode
- START_BACKEND = START_BACKEND || !DEBUG_MODE; // always start backend if
+ INSECURE = INSECURE && isDebugMode(); // only allow insecure in debug mode
+ START_BACKEND = START_BACKEND || !isDebugMode(); // always start backend if
// not in debug mode
// init Shiro (user authentication/authorization and session management)
- final Ini config = new Ini();
- final Section mainSec = config.addSection("main");
- mainSec.put("CaosDB", CaosDBDefaultRealm.class.getCanonicalName());
- mainSec.put("SessionTokenValidator", SessionTokenRealm.class.getCanonicalName());
- mainSec.put("OneTimeTokenValidator", OneTimeTokenRealm.class.getCanonicalName());
- mainSec.put("CaosDBAuthorizingRealm", CaosDBAuthorizingRealm.class.getCanonicalName());
- mainSec.put("AnonymousRealm", AnonymousRealm.class.getCanonicalName());
- mainSec.put(
- "securityManager.realms",
- "$CaosDB, $SessionTokenValidator, $OneTimeTokenValidator, $CaosDBAuthorizingRealm, $AnonymousRealm");
-
- // disable shiro's default session management. We have quasi-stateless
- // sessions
- // using our SessionToken class.
- mainSec.put(
- "securityManager.subjectDAO.sessionStorageEvaluator.sessionStorageEnabled", "false");
-
+ final Ini config = getShiroConfig();
final Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
final SecurityManager securityManager = factory.getInstance();
SecurityUtils.setSecurityManager(securityManager);
@@ -829,7 +831,7 @@ public class CaosDBServer extends Application {
}
public static boolean isDebugMode() {
- return DEBUG_MODE;
+ return Boolean.getBoolean("caosdb.debug");
}
/**
diff --git a/src/main/java/caosdb/server/database/BackendTransaction.java b/src/main/java/caosdb/server/database/BackendTransaction.java
index 1d5d5c2e68274e664c392a24a901aa4bcd65623b..4899996e6c4df2b18837259112ac7e90c534b793 100644
--- a/src/main/java/caosdb/server/database/BackendTransaction.java
+++ b/src/main/java/caosdb/server/database/BackendTransaction.java
@@ -210,7 +210,7 @@ public abstract class BackendTransaction implements Undoable {
return t;
}
- private static <K extends BackendTransactionImpl, L extends K> void setImpl(
+ public static <K extends BackendTransactionImpl, L extends K> void setImpl(
final Class<K> k, final Class<L> l) {
impl.put(k, l);
}
diff --git a/src/main/java/caosdb/server/jobs/core/InsertFilesInDir.java b/src/main/java/caosdb/server/jobs/core/InsertFilesInDir.java
index 773ac27525e0b28a1a10f23f1a2ee9cfd9fbf799..9dbc2a68b684b7a5757a00c816f81f3716e55dc9 100644
--- a/src/main/java/caosdb/server/jobs/core/InsertFilesInDir.java
+++ b/src/main/java/caosdb/server/jobs/core/InsertFilesInDir.java
@@ -22,6 +22,7 @@
*/
package caosdb.server.jobs.core;
+import caosdb.server.CaosDBException;
import caosdb.server.CaosDBServer;
import caosdb.server.FileSystem;
import caosdb.server.ServerProperties;
@@ -153,7 +154,7 @@ public class InsertFilesInDir extends FlagJob {
try {
final Undoable delete = FileUtils.delete(InsertFilesInDir.this.tmp, true);
delete.cleanUp();
- } catch (final IOException e) {
+ } catch (final IOException | CaosDBException | InterruptedException e) {
e.printStackTrace();
}
}
@@ -163,7 +164,7 @@ public class InsertFilesInDir extends FlagJob {
try {
final Undoable delete = FileUtils.delete(InsertFilesInDir.this.tmp, true);
delete.cleanUp();
- } catch (final IOException e) {
+ } catch (final IOException | CaosDBException | InterruptedException e) {
e.printStackTrace();
}
}
diff --git a/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java b/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java
index f389e3d2d8474811312fc6416a2a4943a72393c5..948b4eab2fda1c906f4acf2802c0d83184b875bc 100644
--- a/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java
+++ b/src/main/java/caosdb/server/resource/AbstractCaosDBServerResource.java
@@ -101,7 +101,8 @@ public abstract class AbstractCaosDBServerResource extends ServerResource {
}
public Subject getUser() {
- return SecurityUtils.getSubject();
+ Subject ret = SecurityUtils.getSubject();
+ return ret;
}
/**
diff --git a/src/main/java/caosdb/server/resource/ScriptingResource.java b/src/main/java/caosdb/server/resource/ScriptingResource.java
index d82df5c7443c72ea168ded9483cb374a1f6e5f0b..57ada4aa7b4ed2a588e7de6e50c85de1b7fb6670 100644
--- a/src/main/java/caosdb/server/resource/ScriptingResource.java
+++ b/src/main/java/caosdb/server/resource/ScriptingResource.java
@@ -84,7 +84,7 @@ public class ScriptingResource extends AbstractCaosDBServerResource {
protected Representation httpPostInChildClass(Representation entity) throws Exception {
if (isAnonymous()) {
- throw ServerMessages.AUTHORIZATION_ERROR;
+ return error(ServerMessages.AUTHORIZATION_ERROR, Status.CLIENT_ERROR_FORBIDDEN);
}
MediaType mediaType = entity.getMediaType();
try {
diff --git a/src/main/java/caosdb/server/utils/FileUtils.java b/src/main/java/caosdb/server/utils/FileUtils.java
index 7441e73c1223f39d31ce4017618572486dfd8a64..824646caab6983863acd7d35a276a1213b393235 100644
--- a/src/main/java/caosdb/server/utils/FileUtils.java
+++ b/src/main/java/caosdb/server/utils/FileUtils.java
@@ -303,17 +303,34 @@ public class FileUtils {
return java.nio.file.Files.isDirectory(file.toPath(), LinkOption.NOFOLLOW_LINKS);
}
- private static void moveReplace(File file, File target) throws IOException {
+ private static void moveReplace(File file, File target)
+ throws IOException, CaosDBException, InterruptedException {
if (exists(target)) {
org.apache.commons.io.FileUtils.forceDelete(target);
}
if (isDir(file)) {
org.apache.commons.io.FileUtils.moveDirectory(file, target);
+ } else if (isSymlink(file)) {
+ moveSymlink(file, target);
} else {
org.apache.commons.io.FileUtils.moveFile(file, target);
}
}
+ /**
+ * @param oldlink
+ * @param newlink
+ * @throws IOException
+ * @throws InterruptedException
+ * @throws CaosDBException
+ */
+ private static void moveSymlink(File oldlink, File newlink)
+ throws IOException, CaosDBException, InterruptedException {
+ File target = oldlink.toPath().toRealPath().toFile();
+ createSymlink(newlink, target);
+ callPosixUnlink(oldlink);
+ }
+
public static Undoable rename(final File file, final File target) throws Message, IOException {
final File backup;
if (target.getAbsoluteFile().equals(file.getAbsoluteFile())) {
@@ -325,16 +342,16 @@ public class FileUtils {
public void cleanUp() {}
};
}
- if (exists(target)) {
- // in case this is a update transaction, the old version of the file
- // must be stored somewhere until the transaction is done.
- final File tmp = getTmpFile(target.getName());
- moveReplace(target, tmp);
- backup = tmp;
- } else {
- backup = null;
- }
try {
+ if (exists(target)) {
+ // in case this is a update transaction, the old version of the file
+ // must be stored somewhere until the transaction is done.
+ final File tmp = getTmpFile(target.getName());
+ moveReplace(target, tmp);
+ backup = tmp;
+ } else {
+ backup = null;
+ }
moveReplace(file, target);
return new UndoHandler() {
@@ -383,7 +400,8 @@ public class FileUtils {
org.apache.commons.io.FileUtils.forceDelete(file);
}
- public static Undoable delete(final File file) throws IOException {
+ public static Undoable delete(final File file)
+ throws IOException, CaosDBException, InterruptedException {
return delete(file, false);
}
@@ -397,8 +415,11 @@ public class FileUtils {
* @param recursive
* @return
* @throws IOException
+ * @throws InterruptedException
+ * @throws CaosDBException
*/
- public static Undoable delete(final File file, final boolean recursive) throws IOException {
+ public static Undoable delete(final File file, final boolean recursive)
+ throws IOException, CaosDBException, InterruptedException {
if (file.exists() && file.isFile()) {
// delete file
final File backup = getTmpFile(file.getName());
@@ -496,18 +517,22 @@ public class FileUtils {
return isSymbolicLink(file.toPath());
}
- public static Undoable unlink(final File file)
- throws IOException, InterruptedException, CaosDBException {
- final String target = file.getCanonicalPath();
+ private static void callPosixUnlink(File file) throws IOException, InterruptedException {
final Process cmd = Runtime.getRuntime().exec("unlink " + file.getAbsolutePath());
if (cmd.waitFor() != 0) {
throw new CaosDBException("could not unlink " + file.getAbsolutePath());
}
+ }
+
+ public static Undoable unlink(final File file) throws IOException, InterruptedException {
+ callPosixUnlink(file);
+
+ final String path = file.getCanonicalPath();
return new Undoable() {
@Override
public void undo() {
try {
- Runtime.getRuntime().exec("ln -s " + target + " " + file.getAbsolutePath());
+ Runtime.getRuntime().exec("ln -s " + path + " " + file.getAbsolutePath());
} catch (final IOException e) {
e.printStackTrace();
}
diff --git a/src/test/java/caosdb/server/Misc.java b/src/test/java/caosdb/server/Misc.java
index e94d91513be40459910a05559a6f526bb94e9872..92e8b198bf8cd60b8407dac4e7fcd4e9ed671a25 100644
--- a/src/test/java/caosdb/server/Misc.java
+++ b/src/test/java/caosdb/server/Misc.java
@@ -43,6 +43,7 @@ import java.util.regex.Pattern;
import org.apache.commons.jcs.JCS;
import org.apache.commons.jcs.access.CacheAccess;
import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.config.Ini;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
@@ -316,7 +317,8 @@ public class Misc {
@Test
public void testShiro() {
- final Factory<SecurityManager> factory = new IniSecurityManagerFactory();
+ Ini config = CaosDBServer.getShiroConfig();
+ final Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
final SecurityManager securityManager = factory.getInstance();
diff --git a/src/test/java/caosdb/server/logging/TestLogging.java b/src/test/java/caosdb/server/logging/TestLogging.java
index 35667f35363af5165596ea1f32fa2f96963595aa..6e35d96585683d99c81a0fc2c669d4dc977bc09a 100644
--- a/src/test/java/caosdb/server/logging/TestLogging.java
+++ b/src/test/java/caosdb/server/logging/TestLogging.java
@@ -51,6 +51,8 @@ public class TestLogging {
@Test
public void testRequestTimeLogger() {
+ Assert.assertTrue(CaosDBServer.isDebugMode());
Assert.assertFalse(request_time_logger.isErrorEnabled());
+ Assert.assertFalse(request_time_logger.isTraceEnabled());
}
}
diff --git a/src/test/java/caosdb/server/resource/TestScriptingResource.java b/src/test/java/caosdb/server/resource/TestScriptingResource.java
index 3b035fe703409605c59a77df70421e7516230376..8ea1cc2e888ceacd51213ef1d1516ede498a8267 100644
--- a/src/test/java/caosdb/server/resource/TestScriptingResource.java
+++ b/src/test/java/caosdb/server/resource/TestScriptingResource.java
@@ -23,23 +23,114 @@
package caosdb.server.resource;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+import caosdb.server.CaosDBServer;
+import caosdb.server.accessControl.AuthenticationUtils;
+import caosdb.server.accessControl.CredentialsValidator;
+import caosdb.server.accessControl.Principal;
+import caosdb.server.accessControl.Role;
+import caosdb.server.accessControl.SessionToken;
+import caosdb.server.database.BackendTransaction;
+import caosdb.server.database.access.Access;
+import caosdb.server.database.backend.interfaces.RetrievePasswordValidatorImpl;
+import caosdb.server.database.backend.interfaces.RetrievePermissionRulesImpl;
+import caosdb.server.database.backend.interfaces.RetrieveRoleImpl;
+import caosdb.server.database.backend.interfaces.RetrieveUserImpl;
+import caosdb.server.database.exceptions.TransactionException;
+import caosdb.server.database.proto.ProtoUser;
import caosdb.server.entity.Message;
+import caosdb.server.permissions.PermissionRule;
import java.io.IOException;
import java.util.Date;
+import java.util.HashSet;
import java.util.List;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.config.Ini;
+import org.apache.shiro.config.IniSecurityManagerFactory;
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.util.Factory;
+import org.junit.BeforeClass;
import org.junit.Test;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.Form;
import org.restlet.data.MediaType;
import org.restlet.data.Method;
+import org.restlet.data.Reference;
import org.restlet.data.Status;
import org.restlet.representation.Representation;
import org.restlet.representation.StringRepresentation;
public class TestScriptingResource {
+ public static class RetrieveRole implements RetrieveRoleImpl {
+
+ public RetrieveRole(Access a) {}
+
+ @Override
+ public Role retrieve(String role) throws TransactionException {
+ Role ret = new Role();
+ ret.name = "anonymous";
+ ret.description = "bla";
+ return ret;
+ }
+ }
+
+ public static class RetrievePermissionRules implements RetrievePermissionRulesImpl {
+
+ public RetrievePermissionRules(Access a) {}
+
+ @Override
+ public HashSet<PermissionRule> retrievePermissionRule(String role) throws TransactionException {
+ return new HashSet<>();
+ }
+ }
+
+ public static class RetrieveUser implements RetrieveUserImpl {
+
+ public RetrieveUser(Access a) {}
+
+ @Override
+ public ProtoUser execute(Principal principal) throws TransactionException {
+ return new ProtoUser();
+ }
+ }
+
+ public static class RetrievePasswordValidator implements RetrievePasswordValidatorImpl {
+
+ public RetrievePasswordValidator(Access a) {}
+
+ @Override
+ public CredentialsValidator<String> execute(String name) throws TransactionException {
+ return new CredentialsValidator<String>() {
+
+ @Override
+ public boolean isValid(String credential) {
+ return true;
+ }
+ };
+ }
+ }
+
+ @BeforeClass
+ public static void setupShiro() throws IOException {
+ BackendTransaction.setImpl(RetrieveRoleImpl.class, RetrieveRole.class);
+ BackendTransaction.setImpl(RetrievePermissionRulesImpl.class, RetrievePermissionRules.class);
+ BackendTransaction.setImpl(RetrieveUserImpl.class, RetrieveUser.class);
+ BackendTransaction.setImpl(
+ RetrievePasswordValidatorImpl.class, RetrievePasswordValidator.class);
+
+ CaosDBServer.initServerProperties();
+ Ini config = CaosDBServer.getShiroConfig();
+ final Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
+
+ final SecurityManager securityManager = factory.getInstance();
+
+ SecurityUtils.setSecurityManager(securityManager);
+ }
+
ScriptingResource resource =
new ScriptingResource() {
@Override
@@ -60,6 +151,12 @@ public class TestScriptingResource {
@Test
public void testUnsupportedMediaType() {
+ Subject user = SecurityUtils.getSubject();
+ if (user.isAuthenticated()) {
+ user.logout();
+ }
+ SessionToken t = SessionToken.generate(new Principal("CaosDB", "user"), null);
+ user.login(t);
Representation entity = new StringRepresentation("asdf");
entity.setMediaType(MediaType.TEXT_ALL);
Request request = new Request(Method.POST, "../test", entity);
@@ -70,6 +167,23 @@ public class TestScriptingResource {
assertEquals(Status.CLIENT_ERROR_UNSUPPORTED_MEDIA_TYPE, resource.getResponse().getStatus());
}
+ @Test
+ public void testAnonymous() {
+ Subject user = SecurityUtils.getSubject();
+ user.login(AuthenticationUtils.ANONYMOUS_USER);
+ assertTrue(resource.isAnonymous());
+ Representation entity = new StringRepresentation("asdf");
+ entity.setMediaType(MediaType.TEXT_ALL);
+ Request request = new Request(Method.POST, "../test", entity);
+ request.setRootRef(new Reference("bla"));
+ request.getAttributes().put("SRID", "asdf1234");
+ request.setDate(new Date());
+ resource.init(null, request, new Response(null));
+
+ resource.handle();
+ assertEquals(Status.CLIENT_ERROR_FORBIDDEN, resource.getResponse().getStatus());
+ }
+
@Test
public void testForm2invocation() throws Message {
Form form =
diff --git a/src/test/java/caosdb/server/utils/FileUtilsTest.java b/src/test/java/caosdb/server/utils/FileUtilsTest.java
index 183f5cf834783f7ad9c6e63bcdb25df1c7870822..c80f8ebb8b71785dcf8b6f5c8adaaec5e61b0332 100644
--- a/src/test/java/caosdb/server/utils/FileUtilsTest.java
+++ b/src/test/java/caosdb/server/utils/FileUtilsTest.java
@@ -69,9 +69,11 @@ public class FileUtilsTest {
public static File tmpFolderCaosDB;
@BeforeClass
- public static void setup() throws Message, IOException {
+ public static void setup() throws Message, IOException, CaosDBException, InterruptedException {
CaosDBServer.initServerProperties();
testRoot = tempFolder.newFolder("fileutils_testfolder");
+ File basePath = tempFolder.newFolder("caosdbRoot");
+ File dropOffBox = tempFolder.newFolder("dropOffBox");
someDir = testRoot.toPath().resolve("some_dir").toFile();
linkToSomeDir = testRoot.toPath().resolve("link_to_some_dir").toFile();
someFile = testRoot.toPath().resolve("some_file").toFile();
@@ -79,12 +81,15 @@ public class FileUtilsTest {
linkToSomeFile = testRoot.toPath().resolve("link_to_some_file").toFile();
tmpFolderCaosDB = tempFolder.newFolder();
+ CaosDBServer.setProperty(ServerProperties.KEY_FILE_SYSTEM_ROOT, basePath.toString());
+ CaosDBServer.setProperty(ServerProperties.KEY_DROP_OFF_BOX, dropOffBox.toString());
CaosDBServer.setProperty(ServerProperties.KEY_TMP_FILES, tmpFolderCaosDB.toString());
FileSystem.init();
- Assert.assertTrue(new File(FileSystem.getBasepath()).canWrite());
- Assert.assertTrue(new File(FileSystem.getBasepath()).canRead());
- Assert.assertTrue(new File(FileSystem.getBasepath()).canExecute());
+ basePath = new File(FileSystem.getBasepath());
+ Assert.assertTrue(basePath.canWrite());
+ Assert.assertTrue(basePath.canRead());
+ Assert.assertTrue(basePath.canExecute());
Assert.assertTrue(new File(FileSystem.getTmp()).canWrite());
Assert.assertTrue(new File(FileSystem.getTmp()).canRead());
Assert.assertTrue(new File(FileSystem.getTmp()).canExecute());
@@ -102,7 +107,7 @@ public class FileUtilsTest {
}
@AfterClass
- public static void teardown() throws IOException {
+ public static void teardown() throws IOException, CaosDBException, InterruptedException {
System.err.println("teardown");
FileUtils.delete(testRoot, true);
deleteTmp();
@@ -110,9 +115,13 @@ public class FileUtilsTest {
// assertEquals(0, new File(FileSystem.getTmp()).listFiles().length);
}
- /** @fixme Currently still fails due to https://github.com/junit-team/junit4/issues/1223 */
+ /**
+ * @throws InterruptedException
+ * @throws CaosDBException
+ * @fixme Currently still fails due to https://github.com/junit-team/junit4/issues/1223
+ */
@Before
- public void testTmpEmpty() throws IOException {
+ public void testTmpEmpty() throws IOException, CaosDBException, InterruptedException {
if (new File(FileSystem.getTmp()).exists()) {
if (0 != new File(FileSystem.getTmp()).list().length) {
System.err.println("TMP not empty, aborting test!");
@@ -128,7 +137,7 @@ public class FileUtilsTest {
}
}
- public static void deleteTmp() throws IOException {
+ public static void deleteTmp() throws IOException, CaosDBException, InterruptedException {
File tmpDir = new File(FileSystem.getTmp());
if (tmpDir.exists())
for (File f : tmpDir.listFiles()) {
@@ -138,7 +147,7 @@ public class FileUtilsTest {
}
@After
- public void callDeleteTmp() throws IOException {
+ public void callDeleteTmp() throws IOException, CaosDBException, InterruptedException {
deleteTmp();
}