void addPermission(Permission perm) { perms.add(perm); }
void addPermission(Permission perm) { perms.add(perm); }
AdjustablePolicy(Permission... permissions) { for (Permission permission : permissions) perms.add(permission); }
AdjustablePolicy(Permission... permissions) { for (Permission permission : permissions) { perms.add(permission); } } void addPermission(Permission perm) { perms.add(perm); }
AdjustablePolicy(Permission... permissions) { for (Permission permission : permissions) perms.add(permission); } void addPermission(Permission perm) { perms.add(perm); }
void addPermission(Permission perm) { perms.add(perm); } void clearPermissions() { perms = new Permissions(); }
void addPermission(Permission perm) { perms.add(perm); } void clearPermissions() { perms = new Permissions(); }
@Override public void addToExcludedPolicy(Permission permission) throws PolicyContextException { checkNotNullParam("permission", permission); synchronized (this) { // prevents state change while adding checkIfInOpenState(); this.excludedPermissions.add(permission); } }
@Override public void addToUncheckedPolicy(Permission permission) throws PolicyContextException { checkNotNullParam("permission", permission); synchronized (this) { // prevents state change while adding checkIfInOpenState(); this.uncheckedPermissions.add(permission); } }
} else { final java.security.Permission perm = createPermission(p); granted.add(perm); granted.add(new SocketPermission("localhost:1024-", "listen")); granted.add(new PropertyPermission("java.version", "read")); granted.add(new PropertyPermission("java.vendor", "read")); granted.add(new PropertyPermission("java.vendor.url", "read")); granted.add(new PropertyPermission("java.class.version", "read")); granted.add(new PropertyPermission("os.name", "read")); granted.add(new PropertyPermission("os.version", "read")); granted.add(new PropertyPermission("os.arch", "read")); granted.add(new PropertyPermission("file.encoding", "read")); granted.add(new PropertyPermission("file.separator", "read")); granted.add(new PropertyPermission("path.separator", "read")); granted.add(new PropertyPermission("line.separator", "read")); granted.add(new PropertyPermission("java.specification.version", "read")); granted.add(new PropertyPermission("java.specification.vendor", "read")); granted.add(new PropertyPermission("java.specification.name", "read")); granted.add(new PropertyPermission("java.vm.specification.version", "read")); granted.add(new PropertyPermission("java.vm.specification.vendor", "read")); granted.add(new PropertyPermission("java.vm.specification.name", "read")); granted.add(new PropertyPermission("java.vm.version", "read")); granted.add(new PropertyPermission("java.vm.vendor", "read")); granted.add(new PropertyPermission("java.vm.name", "read"));
@Override public void addToRole(String roleName, Permission permission) throws PolicyContextException { checkNotNullParam("roleName", roleName); checkNotNullParam("permission", permission); synchronized (this) { // prevents state change while adding checkIfInOpenState(); this.rolePermissions.computeIfAbsent(roleName, s -> new Permissions()).add(permission); } }
public PermissionCollection getPermissions(CodeSource codesource) { Permissions p = new Permissions(); p.add(new AllPermission()); // enable everything return p; } public void refresh() {
public PermissionCollection getPermissions(CodeSource codesource) { Permissions p = new Permissions(); p.add(new AllPermission()); // enable everything return p; } public void refresh() {
perms.add(new AuthPermission("getSubject")); ProtectionDomain pd = new ProtectionDomain(null, perms);
/** * Add dynamic {@link SocketPermission} for the specified port range. * * @param policy the {@link Permissions} instance to apply the dynamic {@link SocketPermission} to. * @param portRange the port range */ private static void addSocketPermissionForPortRange(final Permissions policy, final String portRange) { // listen is always called with 'localhost' but use wildcard to be sure, no name service is consulted. // see SocketPermission implies() code policy.add(new SocketPermission("*:" + portRange, "listen,resolve")); }
/** * Add access to single file path * @param policy current policy to add permissions to * @param path the path itself * @param permissions set of file permissions to grant to the path */ @SuppressForbidden(reason = "only place where creating Java-9 compatible FilePermission objects is possible") public static void addSingleFilePath(Permissions policy, Path path, String permissions) throws IOException { policy.add(new FilePermission(path.toString(), permissions)); if (VERSION_IS_AT_LEAST_JAVA_9 && Files.exists(path)) { // Java 9 FilePermission model requires this due to the removal of pathname canonicalization, // see also https://github.com/elastic/elasticsearch/issues/21534 Path realPath = path.toRealPath(); if (path.toString().equals(realPath.toString()) == false) { policy.add(new FilePermission(realPath.toString(), permissions)); } } }
policy.add(new FilePermission(path.toString(), permissions)); policy.add(new FilePermission(path.toString() + path.getFileSystem().getSeparator() + "-", permissions)); if (VERSION_IS_AT_LEAST_JAVA_9) { policy.add(new FilePermission(realPath.toString(), permissions)); policy.add(new FilePermission(realPath.toString() + realPath.getFileSystem().getSeparator() + "-", permissions));
void addToExcludedPolicy(Permission permission) throws PolicyContextException { excludedPermissions.add(permission); }
void addToRole(String roleName, Permission permission) throws PolicyContextException { Permissions perms = rolePermissions.get(roleName); if( perms == null ) { perms = new Permissions(); rolePermissions.put(roleName, perms); } perms.add(permission); }
private static PermissionCollection copyPermissions(PermissionCollection permissionCollection) { final Permissions permissions = new Permissions(); final Enumeration<Permission> elements = permissionCollection.elements(); while (elements.hasMoreElements()) { permissions.add(elements.nextElement()); } permissions.setReadOnly(); return permissions; }