public void addPermission(final Bundle bundle, final Class<? extends Permission> type, final String name, final String actions, final ConditionalPermissionAdmin cpAdmin, final ConditionalPermissionUpdate update, final boolean allowOrDeny, int index) { if (type == null) return; if (index == -1) { index = update.getConditionalPermissionInfos().size(); } update.getConditionalPermissionInfos().add(index, cpAdmin.newConditionalPermissionInfo( "testCond" + PERMISSION_COUNTER.getAndIncrement(), new ConditionInfo[]{ new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[]{bundle.getLocation()})}, new PermissionInfo[]{ new PermissionInfo(type.getName(), name, actions)}, allowOrDeny ? "allow" : "deny")); }
@Override public void printPolicies(PrintStream os) { /* * Scan permission table */ // First get the permissions table ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos(); for (ConditionalPermissionInfo pInfo : piList) { os.println(pInfo.getEncoded()); } }
@Descriptor("removes a policy by name") public boolean removePolicy(String name) { ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); for (ConditionalPermissionInfo cpi : cpu.getConditionalPermissionInfos()) { if (cpi.getName().equals(name)) { boolean removed = cpu.getConditionalPermissionInfos().remove(cpi); if (removed) { return cpu.commit(); } return removed; } } return false; }
ConditionalPermissionInfo info = admin.newConditionalPermissionInfo( "name", null, new PermissionInfo[] { new PermissionInfo( "java.lang.RuntimePermission", "exitVm", "*") }, ConditionalPermissionInfo.DENY ); ConditionalPermissionUpdate update = admin .newConditionalPermissionUpdate(); update.getConditionalPermissionInfos().add(0, info); update.commit();
public void addPermission(final Bundle bundle, final Permission perm, final ConditionalPermissionAdmin cpAdmin, final ConditionalPermissionUpdate update, final boolean allowOrDeny, int index) { if (perm == null) return; if (index == -1) { index = update.getConditionalPermissionInfos().size(); } update.getConditionalPermissionInfos().add(index, cpAdmin.newConditionalPermissionInfo( "testCond" + PERMISSION_COUNTER.getAndIncrement(), new ConditionInfo[]{ new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[]{bundle.getLocation()})}, new PermissionInfo[]{ new PermissionInfo(perm.getClass().getName(), perm.getName(), perm.getActions())}, allowOrDeny ? "allow" : "deny")); }
void removeGranted(String name) { // First get the permissions table ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos(); for (ConditionalPermissionInfo tmpcpi : piList) { // If a permission info exists in the table remove it if (tmpcpi.getName().equals(name)) { if (Configuration.DEBUG) log.info("Removed Policy: " + tmpcpi.getEncoded()); piList.remove(tmpcpi); break; } } cpu.commit(); }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); @SuppressWarnings("unchecked") List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
void delete(SecurityRow securityRow, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); @SuppressWarnings("unchecked") List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); for (Iterator<ConditionalPermissionInfo> iRows = rows.iterator(); iRows.hasNext();) { ConditionalPermissionInfo info = iRows.next(); if (securityRow.getName().equals(info.getName())) { iRows.remove(); synchronized (lock) { if (!update.commit()) { if (firstTry) // try again delete(securityRow, false); } } break; } } }
@Descriptor("list all system permissions applying to a bundle") public List<ConditionalPermissionInfo> bundlePermissions(Bundle b) { final ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> l = new ArrayList<>(); for (ConditionalPermissionInfo cpi : cpu.getConditionalPermissionInfos()) { ConditionInfo[] cis = cpi.getConditionInfos(); for (ConditionInfo ci : cis) { if (ci.getType().equals("org.osgi.service.condpermadmin.BundleLocationCondition")) { Condition blc = BundleLocationCondition.getCondition(b, ci); if (blc.isSatisfied()) { l.add(cpi); } } } if (cis.length == 0) { l.add(cpi); } } return l; }
private ConditionalPermissionInfo setConditionalPermissionInfo(String name, ConditionInfo[] conds, PermissionInfo[] perms, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); ConditionalPermissionInfo newInfo = newConditionalPermissionInfo(name, conds, perms, ConditionalPermissionInfo.ALLOW); int index = -1; if (name != null) { for (int i = 0; i < rows.size() && index < 0; i++) { ConditionalPermissionInfo info = rows.get(i); if (name.equals(info.getName())) { index = i; } } } if (index < 0) { // must always add to the beginning (bug 303930) rows.add(0, newInfo); index = 0; } else { rows.set(index, newInfo); } synchronized (lock) { if (!update.commit()) { if (firstTry) // try again setConditionalPermissionInfo(name, conds, perms, false); } return condAdminTable.getRow(index); } }
private ConditionalPermissionInfo setConditionalPermissionInfo(String name, ConditionInfo[] conds, PermissionInfo[] perms, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); ConditionalPermissionInfo newInfo = newConditionalPermissionInfo(name, conds, perms, ConditionalPermissionInfo.ALLOW); int index = -1; if (name != null) { for (int i = 0; i < rows.size() && index < 0; i++) { ConditionalPermissionInfo info = rows.get(i); if (name.equals(info.getName())) { index = i; } } } if (index < 0) { // must always add to the beginning (bug 303930) rows.add(0, newInfo); index = 0; } else { rows.set(index, newInfo); } synchronized (lock) { if (!update.commit()) { if (firstTry) // try again setConditionalPermissionInfo(name, conds, perms, false); } return condAdminTable.getRow(index); } }
private ConditionalPermissionInfo setConditionalPermissionInfo(String name, ConditionInfo[] conds, PermissionInfo[] perms, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); @SuppressWarnings("unchecked") List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); ConditionalPermissionInfo newInfo = newConditionalPermissionInfo(name, conds, perms, ConditionalPermissionInfo.ALLOW); int index = -1; if (name != null) { for (int i = 0; i < rows.size() && index < 0; i++) { ConditionalPermissionInfo info = rows.get(i); if (name.equals(info.getName())) { index = i; } } } if (index < 0) { // must always add to the beginning (bug 303930) rows.add(0, newInfo); index = 0; } else { rows.set(index, newInfo); } synchronized (lock) { if (!update.commit()) { if (firstTry) // try again setConditionalPermissionInfo(name, conds, perms, false); } return condAdminTable.getRow(index); } }
private ConditionalPermissionInfo setConditionalPermissionInfo(String name, ConditionInfo[] conds, PermissionInfo[] perms, boolean firstTry) { ConditionalPermissionUpdate update = newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> rows = update.getConditionalPermissionInfos(); ConditionalPermissionInfo newInfo = newConditionalPermissionInfo(name, conds, perms, ConditionalPermissionInfo.ALLOW); int index = -1; if (name != null) { for (int i = 0; i < rows.size() && index < 0; i++) { ConditionalPermissionInfo info = rows.get(i); if (name.equals(info.getName())) { index = i; } } } if (index < 0) { // must always add to the beginning (bug 303930) rows.add(0, newInfo); index = 0; } else { rows.set(index, newInfo); } synchronized (lock) { if (!update.commit()) { if (firstTry) // try again setConditionalPermissionInfo(name, conds, perms, false); } return condAdminTable.getRow(index); } }
@Override public boolean addPermissions(String user, List<Permission> permissions) { UserRightsProxy urp = urpMap.get(user); if (urp == null) throw new IllegalStateException( String.format("User rights proxy installation for the user %s not yet completed.", user)); Bundle b = urp.getBundle(); final ConditionalPermissionAdmin cpa = (ConditionalPermissionAdmin) permMan.getSystemPermissionAdmin(); final ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); final List<ConditionalPermissionInfo> perms = cpu.getConditionalPermissionInfos(); int id = getNextUserPermId(user, perms); for (Permission perm: permissions) { final String name = "user_" + user + id++; perms.add(perms.size(), cpa.newConditionalPermissionInfo( name, new ConditionInfo[]{ new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[]{b.getLocation()})}, new PermissionInfo[]{ new PermissionInfo(perm.getClass().getName(), perm.getName(), perm.getActions())}, "allow")); } return cpu.commit(); }