예제 #1
0
 boolean checkPermission(Permission permission, BundlePermissions bundlePermissions) {
   // check permissions by location
   PermissionInfoCollection locationCollection;
   SecurityTable curCondAdminTable;
   PermissionInfoCollection curPermAdminDefaults;
   // save off the current state of the world while holding the lock
   synchronized (lock) {
     // get location the hard way to avoid permission check
     Bundle bundle = bundlePermissions.getBundle();
     locationCollection =
         bundle instanceof AbstractBundle
             ? permAdminTable.getCollection(
                 ((AbstractBundle) bundle).getBundleData().getLocation())
             : null;
     curCondAdminTable = condAdminTable;
     curPermAdminDefaults = permAdminDefaults;
   }
   if (locationCollection != null) return locationCollection.implies(permission);
   // if conditional admin table is empty the fall back to defaults
   if (curCondAdminTable.isEmpty())
     return curPermAdminDefaults != null
         ? curPermAdminDefaults.implies(permission)
         : DEFAULT_DEFAULT.implies(permission);
   // check the condition table
   int result = curCondAdminTable.evaluate(bundlePermissions, permission);
   if ((result & SecurityTable.GRANTED) != 0) return true;
   if ((result & SecurityTable.DENIED) != 0) return false;
   if ((result & SecurityTable.POSTPONED) != 0) return true;
   return false;
 }
예제 #2
0
 private ConditionalPermissionInfo setConditionalPermissionInfo(
     String name, ConditionInfo[] conds, PermissionInfo[] perms, boolean firstTry) {
   ConditionalPermissionUpdate update = newConditionalPermissionUpdate();
   List rows = update.getConditionalPermissionInfos();
   ConditionalPermissionInfo newInfo =
       newConditionalPermissionInfo(name, conds, perms, ConditionalPermissionInfo.ALLOW);
   int index = -1;
   if (name != null) {
     for (int i = 0; i < rows.size() && index < 0; i++) {
       ConditionalPermissionInfo info = (ConditionalPermissionInfo) rows.get(i);
       if (name.equals(info.getName())) {
         index = i;
       }
     }
   }
   if (index < 0) {
     // must always add to the beginning (bug 303930)
     rows.add(0, newInfo);
     index = 0;
   } else {
     rows.set(index, newInfo);
   }
   synchronized (lock) {
     if (!update.commit()) {
       if (firstTry)
         // try again
         setConditionalPermissionInfo(name, conds, perms, false);
     }
     return condAdminTable.getRow(index);
   }
 }
예제 #3
0
 /** @deprecated */
 public Enumeration getConditionalPermissionInfos() {
   // could implement our own Enumeration, but we don't care about performance here.  Just do
   // something simple:
   synchronized (lock) {
     SecurityRow[] rows = condAdminTable.getRows();
     Vector vRows = new Vector(rows.length);
     for (int i = 0; i < rows.length; i++) vRows.add(rows[i]);
     return vRows.elements();
   }
 }
예제 #4
0
 public void clearCaches() {
   PermissionInfoCollection[] permAdminCollections;
   SecurityRow[] condAdminRows;
   synchronized (lock) {
     permAdminCollections = permAdminTable.getCollections();
     condAdminRows = condAdminTable.getRows();
   }
   for (int i = 0; i < permAdminCollections.length; i++)
     permAdminCollections[i].clearPermissionCache();
   for (int i = 0; i < condAdminRows.length; i++) condAdminRows[i].clearCaches();
 }
예제 #5
0
 private SecurityAdmin getSnapShot() {
   SecurityAdmin sa;
   synchronized (lock) {
     sa =
         new SecurityAdmin(
             supportedSecurityManager, framework, impliedPermissionInfos, permAdminDefaults);
     SecurityRow[] rows = condAdminTable.getRows();
     SecurityRow[] rowsSnapShot = new SecurityRow[rows.length];
     for (int i = 0; i < rows.length; i++)
       rowsSnapShot[i] =
           new SecurityRow(
               sa,
               rows[i].getName(),
               rows[i].getConditionInfos(),
               rows[i].getPermissionInfos(),
               rows[i].getAccessDecision());
     sa.condAdminTable = new SecurityTable(sa, rowsSnapShot);
   }
   return sa;
 }
예제 #6
0
 boolean commit(List rows, long updateStamp) {
   checkAllPermission();
   synchronized (lock) {
     if (updateStamp != timeStamp) return false;
     SecurityRow[] newRows = new SecurityRow[rows.size()];
     Collection names = new ArrayList();
     for (int i = 0; i < newRows.length; i++) {
       Object rowObj = rows.get(i);
       if (!(rowObj instanceof ConditionalPermissionInfo))
         throw new IllegalStateException(
             "Invalid type \""
                 + rowObj.getClass().getName()
                 + "\" at row: "
                 + i); //$NON-NLS-1$//$NON-NLS-2$
       ConditionalPermissionInfo infoBaseRow = (ConditionalPermissionInfo) rowObj;
       String name = infoBaseRow.getName();
       if (name == null) name = generateName();
       if (names.contains(name))
         throw new IllegalStateException(
             "Duplicate name \"" + name + "\" at row: " + i); // $NON-NLS-1$//$NON-NLS-2$
       newRows[i] =
           new SecurityRow(
               this,
               name,
               infoBaseRow.getConditionInfos(),
               infoBaseRow.getPermissionInfos(),
               infoBaseRow.getAccessDecision());
     }
     condAdminTable = new SecurityTable(this, newRows);
     try {
       permissionStorage.saveConditionalPermissionInfos(condAdminTable.getEncodedRows());
     } catch (IOException e) {
       // TODO log
       e.printStackTrace();
     }
     timeStamp += 1;
     return true;
   }
 }
예제 #7
0
 /** @deprecated */
 public ConditionalPermissionInfo getConditionalPermissionInfo(String name) {
   synchronized (lock) {
     return condAdminTable.getRow(name);
   }
 }
예제 #8
0
 public ConditionalPermissionUpdate newConditionalPermissionUpdate() {
   synchronized (lock) {
     return new SecurityTableUpdate(this, condAdminTable.getRows(), timeStamp);
   }
 }