@Test public void shouldAdjustURLToWithinImportDirectory() throws Exception { final URL url = new File( "/bar/baz.csv" ).toURI().toURL(); final Config config = Config.defaults( GraphDatabaseSettings.load_csv_file_url_root, "/var/lib/neo4j/import" ); URL accessURL = URLAccessRules.fileAccess().validate( config, url ); URL expected = new File( "/var/lib/neo4j/import/bar/baz.csv" ).toURI().toURL(); assertEquals( expected, accessURL ); } }
public static GraphDatabaseDependencies newDependencies() { ImmutableList<Class<?>> settingsClasses = ImmutableListFactoryImpl.INSTANCE.empty(); ImmutableList<KernelExtensionFactory<?>> kernelExtensions = asImmutableList( getKernelExtensions(Service.load( KernelExtensionFactory.class ).iterator())); ImmutableMap<String,URLAccessRule> urlAccessRules = ImmutableMapFactoryImpl.INSTANCE.of( "http", URLAccessRules.alwaysPermitted(), "https", URLAccessRules.alwaysPermitted(), "ftp", URLAccessRules.alwaysPermitted(), "file", URLAccessRules.fileAccess() ); ImmutableList<QueryEngineProvider> queryEngineProviders = asImmutableList( Service.load( QueryEngineProvider.class ) ); ImmutableList<Pair<DeferredExecutor,Group>> deferredExecutors = ImmutableListFactoryImpl.INSTANCE.empty(); return new GraphDatabaseDependencies( null, null, settingsClasses, kernelExtensions, urlAccessRules, queryEngineProviders, deferredExecutors ); }
kernelExtensionFactories, dependencies, KernelExtensionFailureStrategies.fail() ) ); urlAccessRule = dependencies.satisfyDependency( URLAccessRules.combined( externalDependencies.urlAccessRules() ) );
kernelExtensionFactories, dependencies, KernelExtensionFailureStrategies.fail() ) ); urlAccessRule = dependencies.satisfyDependency( URLAccessRules.combined( externalDependencies.urlAccessRules() ) );
@Test public void shouldThrowWhenRelativePathIsOutsideImportDirectory() throws Exception { assumeFalse( Paths.get( "/" ).relativize( Paths.get( "/../baz.csv" ) ).toString().equals( "baz.csv" ) ); File importDir = new File( "/tmp/neo4jtest" ).getAbsoluteFile(); final Config config = Config.defaults( GraphDatabaseSettings.load_csv_file_url_root, importDir.toString() ); try { URLAccessRules.fileAccess().validate( config, new URL( "file:///../baz.csv" ) ); fail( "expected exception not thrown " ); } catch ( URLAccessValidationError error ) { assertThat( error.getMessage(), equalTo( "file URL points outside configured import directory" ) ); } }
public static GraphDatabaseDependencies newDependencies() { ImmutableList<Class<?>> settingsClasses = ImmutableListFactoryImpl.INSTANCE.empty(); ImmutableList<KernelExtensionFactory<?>> kernelExtensions = asImmutableList( getKernelExtensions(Service.load( KernelExtensionFactory.class ).iterator())); ImmutableMap<String,URLAccessRule> urlAccessRules = ImmutableMapFactoryImpl.INSTANCE.of( "http", URLAccessRules.alwaysPermitted(), "https", URLAccessRules.alwaysPermitted(), "ftp", URLAccessRules.alwaysPermitted(), "file", URLAccessRules.fileAccess() ); ImmutableList<QueryEngineProvider> queryEngineProviders = asImmutableList( Service.load( QueryEngineProvider.class ) ); ImmutableList<Pair<DeferredExecutor,Group>> deferredExecutors = ImmutableListFactoryImpl.INSTANCE.empty(); return new GraphDatabaseDependencies( null, null, settingsClasses, kernelExtensions, urlAccessRules, queryEngineProviders, deferredExecutors ); }
@Test public void shouldThrowWhenFileURLContainsQuery() throws Exception { try { URLAccessRules.fileAccess().validate( Config.defaults(), new URL( "file:///bar/baz?q=foo" ) ); fail( "expected exception not thrown " ); } catch ( URLAccessValidationError error ) { assertThat( error.getMessage(), equalTo( "file URL may not contain a query component" ) ); } }
@Test public void shouldThrowWhenFileURLContainsAuthority() throws Exception { try { URLAccessRules.fileAccess().validate( Config.defaults(), new URL( "file://foo/bar/baz" ) ); fail( "expected exception not thrown " ); } catch ( URLAccessValidationError error ) { assertThat( error.getMessage(), equalTo( "file URL may not contain an authority section (i.e. it should be 'file:///')" ) ); } }
@Test public void shouldThrowWhenFileAccessIsDisabled() throws Exception { final URL url = new URL( "file:///bar/baz.csv" ); final Config config = Config.defaults( GraphDatabaseSettings.allow_file_urls, "false" ); try { URLAccessRules.fileAccess().validate( config, url ); fail( "expected exception not thrown " ); } catch ( URLAccessValidationError error ) { assertThat( error.getMessage(), equalTo( "configuration property 'dbms.security.allow_csv_import_from_file_urls' is false" ) ); } }