private void initialize() {
try {
if (!securityController.isStarted()) {
setActiveFragment(R.id.master_password_screen);
return;
}
if (securityController.isConfigured()) {
setActiveFragment(R.id.offline_screen);
resume();
} else {
final String publicKey = getPreference("device_public_key");
final String serverUrl = getPreference("server_url");
final String userName = getPreference("user_name");
((TextView) findViewById(R.id.devicePublicKeyInput)).setText(publicKey);
((TextView) findViewById(R.id.serverUrlInput)).setText(serverUrl);
((TextView) findViewById(R.id.userNameInput)).setText(userName);
setActiveFragment(R.id.configure_screen);
}
} catch (final Exception e) {
LOGGER.error("Error configuring security controller.", e);
showToast("Error configuring security controller: " + e.getMessage());
}
}
/**
* Create {@link GeneratedClassLoader} with restrictions imposed by staticDomain and all current
* stack frames. The method uses the SecurityController instance associated with the current
* {@link Context} to construct proper dynamic domain and create corresponding class loader. <par>
* If no SecurityController is associated with the current {@link Context} , the method calls
* {@link Context#createClassLoader(ClassLoader parent)}.
*
* @param parent parent class loader. If null, {@link Context#getApplicationClassLoader()} will be
* used.
* @param staticDomain static security domain.
*/
public static GeneratedClassLoader createLoader(ClassLoader parent, Object staticDomain) {
Context cx = Context.getContext();
if (parent == null) {
parent = cx.getApplicationClassLoader();
}
SecurityController sc = cx.getSecurityController();
GeneratedClassLoader loader;
if (sc == null) {
loader = cx.createClassLoader(parent);
} else {
Object dynamicDomain = sc.getDynamicSecurityDomain(staticDomain);
loader = sc.createClassLoader(parent, dynamicDomain);
}
return loader;
}
@Test
public void testHasPermissionPermissionNotGranted() {
when(permissionService.hasPermission(anyLong(), anyString(), anyString())).thenReturn(false);
JsonResponse response = securityController.hasPermission(0, null, null);
assertEquals(response.getStatus(), JsonResponseStatus.FAIL);
}
static Class loadAdapterClass(String className, byte[] classBytes) {
Object staticDomain;
Class domainClass = SecurityController.getStaticSecurityDomainClass();
if (domainClass == CodeSource.class || domainClass == ProtectionDomain.class) {
ProtectionDomain protectionDomain = JavaAdapter.class.getProtectionDomain();
if (domainClass == CodeSource.class) {
staticDomain = protectionDomain == null ? null : protectionDomain.getCodeSource();
} else {
staticDomain = protectionDomain;
}
} else {
staticDomain = null;
}
GeneratedClassLoader loader = SecurityController.createLoader(null, staticDomain);
Class result = loader.defineClass(className, classBytes);
loader.linkClass(result);
return result;
}
private InterpretedFunction(InterpreterData idata, Object staticSecurityDomain) {
this.idata = idata;
// Always get Context from the current thread to
// avoid security breaches via passing mangled Context instances
// with bogus SecurityController
Context cx = Context.getContext();
SecurityController sc = cx.getSecurityController();
Object dynamicDomain;
if (sc != null) {
dynamicDomain = sc.getDynamicSecurityDomain(staticSecurityDomain);
} else {
if (staticSecurityDomain != null) {
throw new IllegalArgumentException();
}
dynamicDomain = null;
}
this.securityController = sc;
this.securityDomain = dynamicDomain;
}
static Class<?> loadAdapterClass(String className, byte[] classBytes) {
Object staticDomain;
Class<?> domainClass = SecurityController.getStaticSecurityDomainClass();
if (domainClass == CodeSource.class || domainClass == ProtectionDomain.class) {
// use the calling script's security domain if available
ProtectionDomain protectionDomain = SecurityUtilities.getScriptProtectionDomain();
if (protectionDomain == null) {
protectionDomain = JavaAdapter.class.getProtectionDomain();
}
if (domainClass == CodeSource.class) {
staticDomain = protectionDomain == null ? null : protectionDomain.getCodeSource();
} else {
staticDomain = protectionDomain;
}
} else {
staticDomain = null;
}
GeneratedClassLoader loader = SecurityController.createLoader(null, staticDomain);
Class<?> result = loader.defineClass(className, classBytes);
loader.linkClass(result);
return result;
}
@Transactional
@ResponseBody
@RequestMapping(value = "/api/drug", method = RequestMethod.POST, consumes = "application/json")
public ResponseEntity<?> create(@RequestBody DrugResource drugResource) {
Long loggedInUserProfileId = securityController.getAuthenticatedUserProfileId();
if (loggedInUserProfileId != null
&& loggedInUserProfileId != UserProfileResource.ANONYMOUS_USER_PROFILE_ID) {
Drug drug = drugResourceToDomainConverter.convert(drugResource);
entityManager.persist(drug);
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.setLocation(linkTo(methodOn(DrugController.class).get(drug.getId())).toUri());
return new ResponseEntity<>(httpHeaders, HttpStatus.CREATED);
} else {
return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
}
}
@Transactional
@ResponseBody
@RequestMapping(
value = "/drug/{id}",
method = RequestMethod.DELETE,
consumes = "application/json")
public ResponseEntity<?> delete(@PathVariable("id") Long id) {
Long loggedInUserProfileId = securityController.getAuthenticatedUserProfileId();
if (loggedInUserProfileId != null
&& loggedInUserProfileId != UserProfileResource.ANONYMOUS_USER_PROFILE_ID) {
Drug drug = entityManager.find(Drug.class, id);
entityManager.remove(drug);
return new ResponseEntity<>(HttpStatus.OK);
} else {
return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
}
}
public void onConfigureOkButtonClick(View view) {
setPreference(
"device_public_key",
((TextView) findViewById(R.id.devicePublicKeyInput)).getText().toString());
setPreference(
"server_url", ((TextView) findViewById(R.id.serverUrlInput)).getText().toString());
setPreference("user_name", ((TextView) findViewById(R.id.userNameInput)).getText().toString());
final String totpSecret = ((TextView) findViewById(R.id.totpSecretInput)).getText().toString();
if (totpSecret.length() == 0) {
showToast("Please enter TOTP secret.");
} else {
try {
securityController.configure(totpSecret);
setActiveFragment(R.id.offline_screen);
resume();
} catch (final Exception e) {
LOGGER.error("Error configuring security controller.", e);
showToast("Invalid TOTP secret: " + e.getMessage());
}
}
}
public void onMasterPasswordOkButtonClick(View view) {
final TextView mastPasswordInput = (TextView) findViewById(R.id.masterPasswordInput);
final CharSequence masterPassword = mastPasswordInput.getText();
if (masterPassword.length() > 0) {
final char[] masterPasswordCharacters = new char[masterPassword.length()];
for (int i = 0; i < masterPassword.length(); i++) {
masterPasswordCharacters[i] = masterPassword.charAt(i);
}
try {
securityController.startup(masterPasswordCharacters);
} catch (final Exception e) {
LOGGER.error("Error starting security controller.", e);
showToast("Invalid master password: "******"Please enter master password!");
}
}
static Class loadAdapterClass(String className, byte[] classBytes) {
GeneratedClassLoader loader = SecurityController.createLoader(null, null);
Class result = loader.defineClass(className, classBytes);
loader.linkClass(result);
return result;
}
