public void checkFileLocation(Config config, Resource res, String serverPassword)
throws SecurityException {
if (res == null || !(res.getResourceProvider() instanceof FileResourceProvider)) {
return;
}
// All
if (getAccess(TYPE_FILE) == VALUE_ALL) return;
// Local
if (getAccess(TYPE_FILE) == VALUE_LOCAL) {
res = ResourceUtil.getCanonicalResourceEL(res);
// local
if (rootDirectory != null) if (ResourceUtil.isChildOf(res, rootDirectory)) return;
// custom
if (!ArrayUtil.isEmpty(customFileAccess)) {
for (int i = 0; i < customFileAccess.length; i++) {
if (ResourceUtil.isChildOf(res, customFileAccess[i])) return;
}
}
if (isValid(config, serverPassword) || isAdminContext()) return;
throw new SecurityException(
createExceptionMessage(res, true), "access is prohibited by security manager");
}
// None
if (isValid(config, serverPassword)) return;
// custom
if (!ArrayUtil.isEmpty(customFileAccess)) {
res = ResourceUtil.getCanonicalResourceEL(res);
for (int i = 0; i < customFileAccess.length; i++) {
if (ResourceUtil.isChildOf(res, customFileAccess[i])) return;
}
}
if (isAdminContext()) return;
throw new SecurityException(
createExceptionMessage(res, false), "access is prohibited by security manager");
}
