felix-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pa...@apache.org
Subject svn commit: r638949 - in /felix/trunk/framework/security/src/main/java/org/apache/felix/framework: ./ security/condpermadmin/ security/permissionadmin/ security/util/
Date Wed, 19 Mar 2008 17:39:19 GMT
Author: pauls
Date: Wed Mar 19 10:39:16 2008
New Revision: 638949

URL: http://svn.apache.org/viewvc?rev=638949&view=rev
Log:
We need to have a way to still maintain a notion of default permissions in case that there
is a condpermadmin present and no permissions have been set yet. This follows the way it is
currently done in other frameworks and just uses the default permisssions of the permissionadmin
in case there are no conditionpermission tuples present. This might change when the spec is
clarified.

Modified:
    felix/trunk/framework/security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
    felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java
    felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/DomainGripper.java
    felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/permissionadmin/PermissionAdminImpl.java
    felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/util/Permissions.java

Modified: felix/trunk/framework/security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework/security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java?rev=638949&r1=638948&r2=638949&view=diff
==============================================================================
--- felix/trunk/framework/security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
(original)
+++ felix/trunk/framework/security/src/main/java/org/apache/felix/framework/SecurityProviderImpl.java
Wed Mar 19 10:39:16 2008
@@ -100,6 +100,7 @@
             return true;
         }
 
+        // System.out.println(info.getBundleId() + " - " + permission);
         // TODO: using true, false, or null seems a bit awkward. Improve this.
         Boolean result = null;
         if (m_pai != null)
@@ -122,7 +123,7 @@
                     info.getCurrentModule().getContentLoader(), 
                     bundle.getBundleId() + "-" + 
                     info.getArchive().getLastModified(),null, pd,
-                    permission, direct);
+                    permission, direct, m_pai);
             }
             catch (Exception e)
             {

Modified: felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java?rev=638949&r1=638948&r2=638949&view=diff
==============================================================================
--- felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java
(original)
+++ felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/ConditionalPermissionAdminImpl.java
Wed Mar 19 10:39:16 2008
@@ -163,7 +163,7 @@
                         public boolean implies(Permission permission)
                         {
                             return hasPermission(null, null, null, finalSigners,
-                                this, permission, true);
+                                this, permission, true, null);
                         }
                     } };
                 }
@@ -305,7 +305,7 @@
      */
     public boolean hasPermission(Bundle felixBundle, IContentLoader loader, String root,

         String[] signers, ProtectionDomain pd, Permission permission,
-        boolean direct)
+        boolean direct, Object admin)
     {
         // System.out.println(felixBundle + "-" + permission);
         List domains = null;
@@ -331,7 +331,7 @@
                 if (entry == null)
                 {
                     entry =
-                        new Object[] { new ArrayList(DomainGripper.grep()),
+                        new Object[] { new ArrayList(DomainGripper.grab()),
                             new ArrayList() };
                 }
                 else
@@ -359,7 +359,7 @@
 
         List posts = new ArrayList();
 
-        boolean result = eval(posts, felixBundle, signers, permission);
+        boolean result = eval(posts, felixBundle, signers, permission, admin);
 
         if (signers != null)
         {
@@ -395,19 +395,27 @@
         return result;
     }
 
+    public boolean isEmpty()
+    {
+        synchronized (m_condPermInfos)
+        {
+            return m_condPermInfos.isEmpty();
+        }
+    }
+
     // we need to find all conditions that apply and then check whether they
     // de note the permission in question unless the conditions are postponed
     // then we make sure their permissions imply the permission and add them
     // to the list of posts. Return true in case we pass or have posts
     // else falls and clear the posts first.
     private boolean eval(List posts, Bundle bundle, String[] signers,
-        Permission permission)
+        Permission permission, Object admin)
     {
         List condPermInfos = null;
 
         synchronized (m_condPermInfos)
         {
-            if (m_condPermInfos.isEmpty())
+            if (isEmpty() && (admin == null))
             {
                 return true;
             }

Modified: felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/DomainGripper.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/DomainGripper.java?rev=638949&r1=638948&r2=638949&view=diff
==============================================================================
--- felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/DomainGripper.java
(original)
+++ felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/condpermadmin/DomainGripper.java
Wed Mar 19 10:39:16 2008
@@ -87,7 +87,7 @@
      * Get the current bundle protection domains on the stack up to the last 
      * privileged call.
      */
-    public static List grep()
+    public static List grab()
     {
         // First try to get a cached version. We cache by thread.
         DomainGripper gripper = (DomainGripper) m_cache.get();

Modified: felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/permissionadmin/PermissionAdminImpl.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/permissionadmin/PermissionAdminImpl.java?rev=638949&r1=638948&r2=638949&view=diff
==============================================================================
--- felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/permissionadmin/PermissionAdminImpl.java
(original)
+++ felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/permissionadmin/PermissionAdminImpl.java
Wed Mar 19 10:39:16 2008
@@ -132,7 +132,7 @@
                 permissions = (PermissionInfo[]) m_store.get(location);
                 file = true;
             }
-            else if (cpai == null)
+            else if ((cpai == null) || (cpai.isEmpty()))
             {
                 if (m_default != null)
                 {
@@ -144,7 +144,7 @@
                 }
             }
         }
-        if ((cpai == null) || file)
+        if ((cpai == null) || cpai.isEmpty() || file)
         {
             if (check(permissions, permission, file ? bundle : null))
             {

Modified: felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/util/Permissions.java
URL: http://svn.apache.org/viewvc/felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/util/Permissions.java?rev=638949&r1=638948&r2=638949&view=diff
==============================================================================
--- felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/util/Permissions.java
(original)
+++ felix/trunk/framework/security/src/main/java/org/apache/felix/framework/security/util/Permissions.java
Wed Mar 19 10:39:16 2008
@@ -278,8 +278,7 @@
                             break;
                         }
                         name =
-                            (new File(context.getDataFile(""), name))
-                                .getAbsolutePath();
+                            m_action.getAbsolutePath(new File(context.getDataFile(""), name));
                     }
                     if (postfix.length() > 0)
                     {



Mime
View raw message