boolean checkPermission(Permission permission, BundlePermissions bundlePermissions) {
// check permissions by location
PermissionInfoCollection locationCollection;
SecurityTable curCondAdminTable;
PermissionInfoCollection curPermAdminDefaults;
// save off the current state of the world while holding the lock
synchronized (lock) {
// get location the hard way to avoid permission check
Bundle bundle = bundlePermissions.getBundle();
locationCollection =
bundle instanceof AbstractBundle
? permAdminTable.getCollection(
((AbstractBundle) bundle).getBundleData().getLocation())
: null;
curCondAdminTable = condAdminTable;
curPermAdminDefaults = permAdminDefaults;
}
if (locationCollection != null) return locationCollection.implies(permission);
// if conditional admin table is empty the fall back to defaults
if (curCondAdminTable.isEmpty())
return curPermAdminDefaults != null
? curPermAdminDefaults.implies(permission)
: DEFAULT_DEFAULT.implies(permission);
// check the condition table
int result = curCondAdminTable.evaluate(bundlePermissions, permission);
if ((result & SecurityTable.GRANTED) != 0) return true;
if ((result & SecurityTable.DENIED) != 0) return false;
if ((result & SecurityTable.POSTPONED) != 0) return true;
return false;
}
private ConditionalPermissionInfo setConditionalPermissionInfo(
String name, ConditionInfo[] conds, PermissionInfo[] perms, boolean firstTry) {
ConditionalPermissionUpdate update = newConditionalPermissionUpdate();
List rows = update.getConditionalPermissionInfos();
ConditionalPermissionInfo newInfo =
newConditionalPermissionInfo(name, conds, perms, ConditionalPermissionInfo.ALLOW);
int index = -1;
if (name != null) {
for (int i = 0; i < rows.size() && index < 0; i++) {
ConditionalPermissionInfo info = (ConditionalPermissionInfo) rows.get(i);
if (name.equals(info.getName())) {
index = i;
}
}
}
if (index < 0) {
// must always add to the beginning (bug 303930)
rows.add(0, newInfo);
index = 0;
} else {
rows.set(index, newInfo);
}
synchronized (lock) {
if (!update.commit()) {
if (firstTry)
// try again
setConditionalPermissionInfo(name, conds, perms, false);
}
return condAdminTable.getRow(index);
}
}
/** @deprecated */
public Enumeration getConditionalPermissionInfos() {
// could implement our own Enumeration, but we don't care about performance here. Just do
// something simple:
synchronized (lock) {
SecurityRow[] rows = condAdminTable.getRows();
Vector vRows = new Vector(rows.length);
for (int i = 0; i < rows.length; i++) vRows.add(rows[i]);
return vRows.elements();
}
}
public void clearCaches() {
PermissionInfoCollection[] permAdminCollections;
SecurityRow[] condAdminRows;
synchronized (lock) {
permAdminCollections = permAdminTable.getCollections();
condAdminRows = condAdminTable.getRows();
}
for (int i = 0; i < permAdminCollections.length; i++)
permAdminCollections[i].clearPermissionCache();
for (int i = 0; i < condAdminRows.length; i++) condAdminRows[i].clearCaches();
}
private SecurityAdmin getSnapShot() {
SecurityAdmin sa;
synchronized (lock) {
sa =
new SecurityAdmin(
supportedSecurityManager, framework, impliedPermissionInfos, permAdminDefaults);
SecurityRow[] rows = condAdminTable.getRows();
SecurityRow[] rowsSnapShot = new SecurityRow[rows.length];
for (int i = 0; i < rows.length; i++)
rowsSnapShot[i] =
new SecurityRow(
sa,
rows[i].getName(),
rows[i].getConditionInfos(),
rows[i].getPermissionInfos(),
rows[i].getAccessDecision());
sa.condAdminTable = new SecurityTable(sa, rowsSnapShot);
}
return sa;
}
boolean commit(List rows, long updateStamp) {
checkAllPermission();
synchronized (lock) {
if (updateStamp != timeStamp) return false;
SecurityRow[] newRows = new SecurityRow[rows.size()];
Collection names = new ArrayList();
for (int i = 0; i < newRows.length; i++) {
Object rowObj = rows.get(i);
if (!(rowObj instanceof ConditionalPermissionInfo))
throw new IllegalStateException(
"Invalid type \""
+ rowObj.getClass().getName()
+ "\" at row: "
+ i); //$NON-NLS-1$//$NON-NLS-2$
ConditionalPermissionInfo infoBaseRow = (ConditionalPermissionInfo) rowObj;
String name = infoBaseRow.getName();
if (name == null) name = generateName();
if (names.contains(name))
throw new IllegalStateException(
"Duplicate name \"" + name + "\" at row: " + i); // $NON-NLS-1$//$NON-NLS-2$
newRows[i] =
new SecurityRow(
this,
name,
infoBaseRow.getConditionInfos(),
infoBaseRow.getPermissionInfos(),
infoBaseRow.getAccessDecision());
}
condAdminTable = new SecurityTable(this, newRows);
try {
permissionStorage.saveConditionalPermissionInfos(condAdminTable.getEncodedRows());
} catch (IOException e) {
// TODO log
e.printStackTrace();
}
timeStamp += 1;
return true;
}
}
/** @deprecated */
public ConditionalPermissionInfo getConditionalPermissionInfo(String name) {
synchronized (lock) {
return condAdminTable.getRow(name);
}
}
public ConditionalPermissionUpdate newConditionalPermissionUpdate() {
synchronized (lock) {
return new SecurityTableUpdate(this, condAdminTable.getRows(), timeStamp);
}
}