ConditionalPermissionInfo info = admin.newConditionalPermissionInfo( "name", null, new PermissionInfo[] { new PermissionInfo( "java.lang.RuntimePermission", "exitVm", "*") }, ConditionalPermissionInfo.DENY ); ConditionalPermissionUpdate update = admin .newConditionalPermissionUpdate(); update.getConditionalPermissionInfos().add(0, info); update.commit();
public void addPermission(final Bundle bundle, final Class<? extends Permission> type, final String name, final String actions, final ConditionalPermissionAdmin cpAdmin, final ConditionalPermissionUpdate update, final boolean allowOrDeny, int index) { if (type == null) return; if (index == -1) { index = update.getConditionalPermissionInfos().size(); } update.getConditionalPermissionInfos().add(index, cpAdmin.newConditionalPermissionInfo( "testCond" + PERMISSION_COUNTER.getAndIncrement(), new ConditionInfo[]{ new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[]{bundle.getLocation()})}, new PermissionInfo[]{ new PermissionInfo(type.getName(), name, actions)}, allowOrDeny ? "allow" : "deny")); }
public boolean addPermission(final Bundle bundle, final Class<? extends Permission> type, final String name, final String actions, final boolean allowOrDeny, int index) { if (type == null) return false; final ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); addPermission(bundle, type, name, actions, cpa, cpu, allowOrDeny, index); return cpu.commit(); }
@Override public void printPolicies(PrintStream os) { /* * Scan permission table */ // First get the permissions table ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos(); for (ConditionalPermissionInfo pInfo : piList) { os.println(pInfo.getEncoded()); } }
public boolean addPermission(final Bundle bundle, final Permission perm, final boolean allowOrDeny, int index) { if (perm == null) return false; final ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); addPermission(bundle, perm, cpa, cpu, allowOrDeny, index); return cpu.commit(); }
@Descriptor("removes a policy by name") public boolean removePolicy(String name) { ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); for (ConditionalPermissionInfo cpi : cpu.getConditionalPermissionInfos()) { if (cpi.getName().equals(name)) { boolean removed = cpu.getConditionalPermissionInfos().remove(cpi); if (removed) { return cpu.commit(); } return removed; } } return false; }
public void addPermission(final Bundle bundle, final Permission perm, final ConditionalPermissionAdmin cpAdmin, final ConditionalPermissionUpdate update, final boolean allowOrDeny, int index) { if (perm == null) return; if (index == -1) { index = update.getConditionalPermissionInfos().size(); } update.getConditionalPermissionInfos().add(index, cpAdmin.newConditionalPermissionInfo( "testCond" + PERMISSION_COUNTER.getAndIncrement(), new ConditionInfo[]{ new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[]{bundle.getLocation()})}, new PermissionInfo[]{ new PermissionInfo(perm.getClass().getName(), perm.getName(), perm.getActions())}, allowOrDeny ? "allow" : "deny")); }
void removeGranted(String name) { // First get the permissions table ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos(); for (ConditionalPermissionInfo tmpcpi : piList) { // If a permission info exists in the table remove it if (tmpcpi.getName().equals(name)) { if (Configuration.DEBUG) log.info("Removed Policy: " + tmpcpi.getEncoded()); piList.remove(tmpcpi); break; } } cpu.commit(); }
@Descriptor("list all system permissions applying to a bundle") public List<ConditionalPermissionInfo> bundlePermissions(Bundle b) { final ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> l = new ArrayList<>(); for (ConditionalPermissionInfo cpi : cpu.getConditionalPermissionInfos()) { ConditionInfo[] cis = cpi.getConditionInfos(); for (ConditionInfo ci : cis) { if (ci.getType().equals("org.osgi.service.condpermadmin.BundleLocationCondition")) { Condition blc = BundleLocationCondition.getCondition(b, ci); if (blc.isSatisfied()) { l.add(cpi); } } } if (cis.length == 0) { l.add(cpi); } } return l; }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos();
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos();
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos();
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
@Override public AppPermissionImpl setDefaultPolicies() { defaultPolicies = new AppPermissionImpl(cpa); /* * Scan permission table */ boolean match = false; // First get the permissions table ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos(); for (ConditionalPermissionInfo pInfo : piList) { // Get the condition infos if its a BundleLocationCondition, in this // case its not a default policy ConditionInfo cia[] = pInfo.getConditionInfos(); if (cia.length != 0) for (ConditionInfo tmpci : cia) { if (tmpci.getType().equals(BUNDLE_LOCATION_CONDITION_NAME)) { match = true; break; } } if (!match) { ConditionalPermissionInfo pInfoAccess = cpa.newConditionalPermissionInfo(pInfo.getName(), pInfo.getConditionInfos(), pInfo.getPermissionInfos(), pInfo.getAccessDecision()); defaultPolicies.add(pInfoAccess); } match = false; } return defaultPolicies; }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); @SuppressWarnings("unchecked") List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }