Return-Path: 
 <scm-return-35295-apmail-geronimo-scm-archive=geronimo.apache.org@geronimo.apache.org>
Delivered-To: apmail-geronimo-scm-archive@www.apache.org
Received: (qmail 99092 invoked from network); 4 Feb 2009 17:51:45 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2)
  by minotaur.apache.org with SMTP; 4 Feb 2009 17:51:45 -0000
Received: (qmail 68004 invoked by uid 500); 4 Feb 2009 17:51:45 -0000
Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org
Received: (qmail 67962 invoked by uid 500); 4 Feb 2009 17:51:45 -0000
Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:scm-help@geronimo.apache.org>
list-unsubscribe: <mailto:scm-unsubscribe@geronimo.apache.org>
List-Post: <mailto:scm@geronimo.apache.org>
Reply-To: dev@geronimo.apache.org
List-Id: <scm.geronimo.apache.org>
Delivered-To: mailing list scm@geronimo.apache.org
Received: (qmail 67953 invoked by uid 99); 4 Feb 2009 17:51:45 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Feb 2009 09:51:45 -0800
X-ASF-Spam-Status: No, hits=-2000.0 required=10.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Feb 2009 17:51:43 +0000
Received: by eris.apache.org (Postfix, from userid 65534)
	id 35BF323888E6; Wed,  4 Feb 2009 17:51:22 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r740811 - in
 /geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment:
 EjbDeploymentBuilder.java SecurityBuilder.java
Date: Wed, 04 Feb 2009 17:51:21 -0000
To: scm@geronimo.apache.org
From: djencks@apache.org
X-Mailer: svnmailer-1.0.8
Message-Id: <20090204175122.35BF323888E6@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: djencks
Date: Wed Feb  4 17:51:21 2009
New Revision: 740811

URL: http://svn.apache.org/viewvc?rev=740811&view=rev
Log:
GERONIMO-4526 make (timer initiated) internal ejbTimeout calls unchecked

Modified:
    geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java
    geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java

Modified: geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java?rev=740811&r1=740810&r2=740811&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java (original)
+++ geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java Wed Feb  4 17:51:21 2009
@@ -61,12 +61,11 @@
 import org.apache.openejb.jee.EnterpriseBean;
 import org.apache.openejb.jee.EntityBean;
 import org.apache.openejb.jee.MessageDrivenBean;
+import org.apache.openejb.jee.MethodPermission;
 import org.apache.openejb.jee.RemoteBean;
 import org.apache.openejb.jee.SecurityIdentity;
 import org.apache.openejb.jee.SessionBean;
 import org.apache.openejb.jee.SessionType;
-import org.apache.openejb.jee.AssemblyDescriptor;
-import org.apache.openejb.jee.MethodPermission;
 import org.apache.openejb.jee.oejb3.EjbDeployment;
 import org.apache.xbean.finder.ClassFinder;
 import org.apache.xmlbeans.XmlObject;
@@ -253,6 +252,8 @@
                             ejbModule.getClassLoader());
                 }
 
+                securityBuilder.addEjbTimeout(remoteBean, ejbModule, allPermissions);
+
                 String defaultRole = securityConfiguration.getDefaultRole();
                 securityBuilder.addComponentPermissions(defaultRole,
                         allPermissions,

Modified: geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java?rev=740811&r1=740810&r2=740811&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java (original)
+++ geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/SecurityBuilder.java Wed Feb  4 17:51:21 2009
@@ -20,15 +20,17 @@
 import java.security.Permission;
 import java.security.PermissionCollection;
 import java.security.Permissions;
-import java.util.List;
-import java.util.Map;
-import java.util.Collection;
 import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
 import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
 import java.util.Set;
-import java.util.HashSet;
-import java.util.Collections;
 
+import javax.ejb.TimedObject;
+import javax.ejb.Timer;
 import javax.security.jacc.EJBMethodPermission;
 import javax.security.jacc.EJBRoleRefPermission;
 
@@ -36,9 +38,13 @@
 import org.apache.geronimo.security.jacc.ComponentPermissions;
 import org.apache.openejb.jee.AssemblyDescriptor;
 import org.apache.openejb.jee.ExcludeList;
+import org.apache.openejb.jee.MessageDrivenBean;
 import org.apache.openejb.jee.Method;
 import org.apache.openejb.jee.MethodPermission;
+import org.apache.openejb.jee.NamedMethod;
+import org.apache.openejb.jee.RemoteBean;
 import org.apache.openejb.jee.SecurityRoleRef;
+import org.apache.openejb.jee.SessionBean;
 
 public class SecurityBuilder {
     /**
@@ -272,4 +278,26 @@
 
         return result;
     }
+
+    public void addEjbTimeout(RemoteBean remoteBean, EjbModule ejbModule, Collection<Permission> permissions) throws DeploymentException {
+        NamedMethod timeout = null;
+        if (remoteBean instanceof SessionBean) {
+            timeout = ((SessionBean) remoteBean).getTimeoutMethod();
+        } else if (remoteBean instanceof MessageDrivenBean) {
+            timeout = ((MessageDrivenBean) remoteBean).getTimeoutMethod();
+        }
+        if (timeout != null) {
+            permissions.add(new EJBMethodPermission(remoteBean.getEjbName(), timeout.getMethodName(), null, new String[]{Timer.class.getName()}));
+        } else {
+            try {
+                Class ejbClass = ejbModule.getClassLoader().loadClass(remoteBean.getEjbClass());
+                if (TimedObject.class.isAssignableFrom(ejbClass)) {
+                    permissions.add(new EJBMethodPermission(remoteBean.getEjbName(), "ejbTimeout", null, new String[]{Timer.class.getName()}));
+                }
+            } catch (ClassNotFoundException e) {
+                throw new DeploymentException("Could not figure out timer method", e);
+            }
+        }
+    }
+    
 }