Return-Path: Delivered-To: apmail-harmony-commits-archive@www.apache.org Received: (qmail 40069 invoked from network); 23 Mar 2007 17:33:53 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 23 Mar 2007 17:33:53 -0000 Received: (qmail 45305 invoked by uid 500); 23 Mar 2007 17:34:01 -0000 Delivered-To: apmail-harmony-commits-archive@harmony.apache.org Received: (qmail 45288 invoked by uid 500); 23 Mar 2007 17:34:01 -0000 Mailing-List: contact commits-help@harmony.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@harmony.apache.org Delivered-To: mailing list commits@harmony.apache.org Received: (qmail 45279 invoked by uid 99); 23 Mar 2007 17:34:01 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 23 Mar 2007 10:34:01 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 23 Mar 2007 10:33:52 -0700 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 44DE2714057 for ; Fri, 23 Mar 2007 10:33:32 -0700 (PDT) Message-ID: <9167596.1174671212279.JavaMail.jira@brutus> Date: Fri, 23 Mar 2007 10:33:32 -0700 (PDT) From: "Vasily Zakharov (JIRA)" To: commits@harmony.apache.org Subject: [jira] Commented: (HARMONY-3479) [classlib][swing][netbeans] TransferHandler.getPasteAction().actionPerformed() doesn't check if accessClipboard is allowed In-Reply-To: <3829170.1174598132301.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/HARMONY-3479?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12483667 ] Vasily Zakharov commented on HARMONY-3479: ------------------------------------------ The problem is really more complex than I thought. Here's the updated test, that actually throws SecurityException, like org.netbeans.TopSecurityManager does: import java.awt.AWTPermission; import java.awt.event.ActionEvent; import java.security.Permission; import javax.swing.Action; import javax.swing.JPanel; import javax.swing.TransferHandler; public class Test { private static boolean flag = false; public static void main(String args[]) throws Exception { System.setSecurityManager(new TestSecurityManager()); Action action = TransferHandler.getPasteAction(); ActionEvent event = new ActionEvent(new JPanel(), 0, ""); System.out.println("Before"); action.actionPerformed(event); System.out.println("After"); System.out.println(flag ? "SUCCESS" : "FAIL"); } private static class TestSecurityManager extends SecurityManager { public void checkPermission(Permission perm) { if ((perm instanceof AWTPermission) && "accessClipboard".equals(perm.getName())) { flag = true; new Throwable().printStackTrace(); throw new SecurityException("test"); } } } } Output on RI: Before java.lang.Throwable at Test$TestSecurityManager.checkPermission(Test.java:27) at java.lang.SecurityManager.checkSystemClipboardAccess(Unknown Source) at com.sun.java.swing.SwingUtilities2.canAccessSystemClipboard(Unknown Source) at javax.swing.TransferHandler$TransferAction.getClipboard(Unknown Source) at javax.swing.TransferHandler$TransferAction.actionPerformed(Unknown Source) at Test.main(Test.java:17) After SUCCESS Output on Harmony (after TransferHandler is patched): Before java.lang.Throwable at Test$TestSecurityManager.checkPermission(Test.java:27) at java.lang.SecurityManager.checkSystemClipboardAccess(SecurityManager.java:472) at java.awt.ToolkitImpl.getSystemClipboard(ToolkitImpl.java:467) at javax.swing.TransferHandler.getSystemClipboard(TransferHandler.java:155) at javax.swing.TransferHandler.access$1(TransferHandler.java:154) at javax.swing.TransferHandler$3.actionPerformed(TransferHandler.java:88) at Test.main(Test.java:17) Exception in thread "main" java.lang.SecurityException: test at Test$TestSecurityManager.checkPermission(Test.java:28) at java.lang.SecurityManager.checkSystemClipboardAccess(SecurityManager.java:472) at java.awt.ToolkitImpl.getSystemClipboard(ToolkitImpl.java:467) at javax.swing.TransferHandler.getSystemClipboard(TransferHandler.java:155) at javax.swing.TransferHandler.access$1(TransferHandler.java:154) at javax.swing.TransferHandler$3.actionPerformed(TransferHandler.java:88) at Test.main(Test.java:17) You see, TransferHandler is actually working, however RI clearly catches the SecurityException somewhere (my guess is com.sun.java.swing.SwingUtilities2.canAccessSystemClipboard() is doing that, judging by its name), and we probably need to do something like that. I'm going to update the patch to TransferHandler. > [classlib][swing][netbeans] TransferHandler.getPasteAction().actionPerformed() doesn't check if accessClipboard is allowed > -------------------------------------------------------------------------------------------------------------------------- > > Key: HARMONY-3479 > URL: https://issues.apache.org/jira/browse/HARMONY-3479 > Project: Harmony > Issue Type: Bug > Components: App-Oriented Bug Reports, Classlib > Reporter: Vasily Zakharov > > Consider the following test: > import java.awt.AWTPermission; > import java.awt.event.ActionEvent; > import java.security.Permission; > import javax.swing.Action; > import javax.swing.JPanel; > import javax.swing.TransferHandler; > public class Test { > private static boolean flag = false; > public static void main(String args[]) throws Exception { > System.setSecurityManager(new TestSecurityManager()); > Action action = TransferHandler.getPasteAction(); > ActionEvent event = new ActionEvent(new JPanel(), 0, ""); > System.out.println("Before"); > action.actionPerformed(event); > System.out.println("After"); > System.out.println(flag ? "SUCCESS" : "FAIL"); > } > private static class TestSecurityManager extends SecurityManager { > public void checkPermission(Permission perm) { > if ((perm instanceof AWTPermission) > && "accessClipboard".equals(perm.getName())) { > flag = true; > new Throwable().printStackTrace(); > } > } > } > } > I inserted stack printing to see the stack of calls that leads to security check on RI. > Output on RI: > Before > java.lang.Throwable > at Test$TestSecurityManager.checkPermission(Test.java:27) > at java.lang.SecurityManager.checkSystemClipboardAccess(Unknown Source) > at com.sun.java.swing.SwingUtilities2.canAccessSystemClipboard(Unknown Source) > at javax.swing.TransferHandler$TransferAction.getClipboard(Unknown Source) > at javax.swing.TransferHandler$TransferAction.actionPerformed(Unknown Source) > at Test.main(Test.java:17) > java.lang.Throwable > at Test$TestSecurityManager.checkPermission(Test.java:27) > at java.lang.SecurityManager.checkSystemClipboardAccess(Unknown Source) > at sun.awt.windows.WToolkit.getSystemClipboard(Unknown Source) > at javax.swing.TransferHandler$TransferAction.getClipboard(Unknown Source) > at javax.swing.TransferHandler$TransferAction.actionPerformed(Unknown Source) > at Test.main(Test.java:17) > After > SUCCESS > Output on Harmony: > Before > After > FAIL > The same problem also occurs for getCopyAction() and getCutAction(), probably this is the same problem. > At first look it seems to be a Swing problem, but my guess is the actual problem really lays in the AWT layer. > This issue was discovered while trying to run Netbeans on Harmony. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.