KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > batik > bridge > JarCheckPermissionsDenied


1 /*
2
3    Copyright 2002-2004 The Apache Software Foundation
4
5    Licensed under the Apache License, Version 2.0 (the "License");
6    you may not use this file except in compliance with the License.
7    You may obtain a copy of the License at
8
9        http://www.apache.org/licenses/LICENSE-2.0
10
11    Unless required by applicable law or agreed to in writing, software
12    distributed under the License is distributed on an "AS IS" BASIS,
13    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14    See the License for the specific language governing permissions and
15    limitations under the License.
16
17  */
18 package org.apache.batik.bridge;
19
20 import java.awt.AWTPermission JavaDoc;
21 import java.io.FilePermission JavaDoc;
22 import java.io.SerializablePermission JavaDoc;
23 import java.lang.reflect.ReflectPermission JavaDoc;
24 import java.net.NetPermission JavaDoc;
25 import java.net.SocketPermission JavaDoc;
26 import java.net.URL JavaDoc;
27 import java.security.AllPermission JavaDoc;
28 import java.security.Permission JavaDoc;
29 import java.sql.SQLPermission JavaDoc;
30 import java.util.PropertyPermission JavaDoc;
31 import java.util.Vector JavaDoc;
32
33 import javax.sound.sampled.AudioPermission JavaDoc;
34
35 import org.w3c.dom.Document JavaDoc;
36 import org.w3c.dom.Element JavaDoc;
37 import org.w3c.dom.events.Event JavaDoc;
38 import org.w3c.dom.events.EventListener JavaDoc;
39 import org.w3c.dom.events.EventTarget JavaDoc;
40
41 import org.apache.batik.dom.svg.SVGOMDocument;
42 import org.apache.batik.script.ScriptHandler;
43 import org.apache.batik.script.Window;
44
45 /**
46  * @author <a HREF="mailto:vhardy@apache.org">Vincent Hardy</a>
47  * @version $Id: JarCheckPermissionsDenied.java,v 1.5 2004/08/18 07:16:02 vhardy Exp $
48  */
49 public class JarCheckPermissionsDenied implements ScriptHandler {
50     public static final String JavaDoc svgNS = "http://www.w3.org/2000/svg";
51     public static final String JavaDoc testNS = "http://xml.apache.org/batik/test";
52
53     /**
54      * Path for the file tested with FilePermission
55      */
56     public static final String JavaDoc testedPath = "build.sh";
57
58     /**
59      * Host which is used for testing
60      */
61     public static final String JavaDoc testedHost = "nagoya.apache.org:8080";
62
63     /**
64      * Table of Permissions which will be tested.
65      */
66     protected static Object JavaDoc[][] basePermissions = {
67         {"AllPermission", new AllPermission JavaDoc()},
68         {"FilePermission read", new FilePermission JavaDoc(testedPath, "read")},
69         {"FilePermission write", new FilePermission JavaDoc(testedPath, "write")},
70         {"FilePermission execute", new FilePermission JavaDoc(testedPath, "execute")},
71         {"FilePermission delete", new FilePermission JavaDoc(testedPath, "delete")},
72         // 1.4 {"ServicePermission", new ServicePermission("krbtgt/EXAMPLE.COM@EXAMPLE.COM", "initiate")},
73 {"SocketPermission accept", new SocketPermission JavaDoc(testedHost, "accept")},
74         {"SocketPermission connect", new SocketPermission JavaDoc(testedHost, "connect")},
75         {"SocketPermission listen", new SocketPermission JavaDoc(testedHost, "listen")},
76         {"SocketPermission resolve", new SocketPermission JavaDoc(testedHost, "resolve")},
77         {"AudioPermission play", new AudioPermission JavaDoc("play")},
78         {"AudioPermission record", new AudioPermission JavaDoc("record")},
79         {"AWTPermission accessClipboard", new AWTPermission JavaDoc("accessClipboard")},
80         {"AWTPermission accessEventQueue", new AWTPermission JavaDoc("accessEventQueue")},
81         {"AWTPermission listenToAllAWTEvents", new AWTPermission JavaDoc("listenToAllAWTEvents")},
82         {"AWTPermission showWindowWithoutWarningBanner", new AWTPermission JavaDoc("showWindowWithoutWarningBanner")},
83         {"AWTPermission readDisplayPixels", new AWTPermission JavaDoc("readDisplayPixels")},
84         {"AWTPermission createRobot", new AWTPermission JavaDoc("createRobot")},
85         {"AWTPermission fullScreenExclusive", new AWTPermission JavaDoc("fullScreenExclusive")},
86         // 1.4 {"DelegationPermission", new DelegationPermission()},
87 // 1.4 {"LoggingPermission", new LoggingPermission("control")},
88 {"NetPermission setDefaultAuthenticator", new NetPermission JavaDoc("setDefaultAuthenticator")},
89         {"NetPermission requestPasswordAuthentication", new NetPermission JavaDoc("requestPasswordAuthentication")},
90         {"NetPermission specifyStreamHandler", new NetPermission JavaDoc("specifyStreamHandler")},
91         {"PropertyPermission java.home read", new PropertyPermission JavaDoc("java.home", "read")},
92         {"PropertyPermission java.home write", new PropertyPermission JavaDoc("java.home", "write")},
93         {"ReflectPermission", new ReflectPermission JavaDoc("suppressAccessChecks")},
94         {"RuntimePermission createClassLoader", new RuntimePermission JavaDoc("createClassLoader")},
95         {"RuntimePermission getClassLoader", new RuntimePermission JavaDoc("getClassLoader")},
96         {"RuntimePermission setContextClassLoader", new RuntimePermission JavaDoc("setContextClassLoader")},
97         {"RuntimePermission setSecurityManager", new RuntimePermission JavaDoc("setSecurityManager")},
98         {"RuntimePermission createSecurityManager", new RuntimePermission JavaDoc("createSecurityManager")},
99         {"RuntimePermission exitVM", new RuntimePermission JavaDoc("exitVM")},
100         {"RuntimePermission shutdownHooks", new RuntimePermission JavaDoc("shutdownHooks")},
101         {"RuntimePermission setFactory", new RuntimePermission JavaDoc("setFactory")},
102         {"RuntimePermission setIO", new RuntimePermission JavaDoc("setIO")},
103         {"RuntimePermission modifyThread", new RuntimePermission JavaDoc("modifyThread")},
104         {"RuntimePermission modifyThreadGroup", new RuntimePermission JavaDoc("modifyThreadGroup")},
105         {"RuntimePermission getProtectionDomain", new RuntimePermission JavaDoc("getProtectionDomain")},
106         {"RuntimePermission readFileDescriptor", new RuntimePermission JavaDoc("readFileDescriptor")},
107         {"RuntimePermission writeFileDescriptor", new RuntimePermission JavaDoc("writeFileDescriptor")},
108         {"RuntimePermission loadLibrary.{library name}", new RuntimePermission JavaDoc("loadLibrary.{library name}")},
109         {"RuntimePermission accessClassInPackage.java.security", new RuntimePermission JavaDoc("accessClassInPackage.java.security")},
110         {"RuntimePermission defineClassInPackage.java.lang", new RuntimePermission JavaDoc("defineClassInPackage.java.lang")},
111         {"RuntimePermission accessDeclaredMembers", new RuntimePermission JavaDoc("accessDeclaredMembers")},
112         {"RuntimePermission queuePrintJob", new RuntimePermission JavaDoc("queuePrintJob")},
113
114         {"SecurityPermission createAccessControlContext", new SerializablePermission JavaDoc("createAccessControlContext")},
115         {"SecurityPermission getDomainCombiner", new SerializablePermission JavaDoc("getDomainCombiner")},
116         {"SecurityPermission getPolicy", new SerializablePermission JavaDoc("getPolicy")},
117         {"SecurityPermission setPolicy", new SerializablePermission JavaDoc("setPolicy")},
118         {"SecurityPermission setSystemScope", new SerializablePermission JavaDoc("setSystemScope")},
119         {"SecurityPermission setIdentityPublicKey", new SerializablePermission JavaDoc("setIdentityPublicKey")},
120         {"SecurityPermission setIdentityInfo", new SerializablePermission JavaDoc("setIdentityInfo")},
121         {"SecurityPermission addIdentityCertificate", new SerializablePermission JavaDoc("addIdentityCertificate")},
122         {"SecurityPermission removeIdentityCertificate", new SerializablePermission JavaDoc("removeIdentityCertificate")},
123         {"SecurityPermission printIdentity", new SerializablePermission JavaDoc("printIdentity")},
124         {"SecurityPermission getSignerPrivateKey", new SerializablePermission JavaDoc("getSignerPrivateKey")},
125         {"SecurityPermission setSignerKeyPair", new SerializablePermission JavaDoc("setSignerKeyPair")},
126
127         {"SerializablePermission enableSubclassImplementation", new SerializablePermission JavaDoc("enableSubclassImplementation")},
128         {"SerializablePermission enableSubstitution", new SerializablePermission JavaDoc("enableSubstitution")},
129
130         {"SQLPermission", new SQLPermission JavaDoc("setLog")},
131
132         // 1.4 {"SSLPermission setHostnameVerifier", new SSLPermission("setHostnameVerifier")}
133 // 1.4{"SSLPermission getSSLSessionContext", new SSLPermission("getSSLSessionContext")}
134 };
135     
136     /**
137      * Set of Permissions to test. One is added if the Document is loaded from a host
138      */
139     private Object JavaDoc[][] permissions;
140
141     /**
142      * Reference to the rectangles which show the test status
143      */
144     private Element JavaDoc[] statusRects;
145
146     /**
147      * Runs this handler.
148      * @param doc The current document.
149      * @param win An object which represents the current viewer.
150      */
151     public void run(final Document JavaDoc document, final Window win){
152         int nGrantedTmp = 0;
153
154         //
155 // If the document is loaded over the network, check that the
156 // class has permission to access the server
157 //
158 URL JavaDoc docURL = ((SVGOMDocument)document).getURLObject();
159         if ((docURL != null) &&
160             (docURL.getHost() != null) &&
161             (!"".equals(docURL.getHost()))) {
162
163             permissions = new Object JavaDoc[basePermissions.length + 4][2];
164
165             String JavaDoc docHost = docURL.getHost();
166             if (docURL.getPort() != -1) {
167                 docHost += ":" + docURL.getPort();
168             }
169
170             int i=0;
171             permissions[i][0] = "SocketPermission accept " + docHost;
172             permissions[i][1] = new SocketPermission JavaDoc(docHost, "accept");
173             i++;
174
175             permissions[i][0] = "SocketPermission connect " + docHost;
176             permissions[i][1] = new SocketPermission JavaDoc(docHost, "connect");
177             i++;
178
179             permissions[i][0] = "SocketPermission resolve " + docHost;
180             permissions[i][1] = new SocketPermission JavaDoc(docHost, "resolve");
181             i++;
182             
183             permissions[i][0] = "RuntimePermission stopThread";
184             permissions[i][1] = new RuntimePermission JavaDoc("stopThread");
185             i++;
186
187             nGrantedTmp = i;
188
189             System.arraycopy(basePermissions, 0, permissions, i,
190                              basePermissions.length);
191         } else {
192             permissions = basePermissions;
193         }
194
195         final int nGranted = nGrantedTmp;
196
197         EventTarget JavaDoc root = (EventTarget JavaDoc)document.getDocumentElement();
198         root.addEventListener("SVGLoad", new EventListener JavaDoc() {
199                 public void handleEvent(Event JavaDoc evt){
200                     SecurityManager JavaDoc sm = System.getSecurityManager();
201                     int successCnt = 0;
202                     Vector JavaDoc unexpectedGrants = new Vector JavaDoc();
203                     Vector JavaDoc unexpectedDenial = new Vector JavaDoc();
204                     int unexpectedDenialCnt = 0;
205                     int unexpectedGrantsCnt = 0;
206                     
207                     if (sm == null){
208                         for (int i=0; i<nGranted; i++) {
209                             successCnt++;
210                         }
211                         for (int i=nGranted; i<permissions.length; i++) {
212                             unexpectedGrants.add(permissions[i][0]);
213                             unexpectedGrantsCnt++;
214                         }
215                     }
216                     else {
217                         for (int i=0; i<nGranted; i++) {
218                             Permission JavaDoc p = (Permission JavaDoc)permissions[i][1];
219                             try {
220                                 sm.checkPermission(p);
221                                 System.out.println(">>>> Permision : " + p + " was granted");
222                                 successCnt++;
223                             } catch (SecurityException JavaDoc se){
224                                 unexpectedDenial.add(permissions[i][0]);
225                                 unexpectedDenialCnt++;
226                             }
227                         }
228                         for (int i=nGranted; i<permissions.length; i++) {
229                             Permission JavaDoc p = (Permission JavaDoc)permissions[i][1];
230                             try {
231                                 sm.checkPermission(p);
232                                 System.out.println(">>>> Permision : " + p + " was granted");
233                                 unexpectedGrants.add(permissions[i][0]);
234                                 unexpectedGrantsCnt++;
235                             } catch (SecurityException JavaDoc se){
236                                 successCnt++;
237                             }
238                         }
239                     }
240                     
241                     // Update the test's metadata
242 Element JavaDoc result = document.getElementById("testResult");
243                     if ( successCnt == permissions.length ) {
244                         result.setAttributeNS(null, "result", "passed");
245                     } else {
246                         System.out.println("test failed: " + unexpectedGrantsCnt + " / " + unexpectedDenialCnt);
247                         result.setAttributeNS(null, "result", "failed");
248                         result.setAttributeNS(null, "errorCode", "unexpected.grants.or.denials");
249                         
250                         String JavaDoc unexpectedGrantsString = "";
251                         String JavaDoc unexpectedDenialString = "";
252                         
253                         for (int i=0; i<unexpectedGrantsCnt; i++) {
254                             unexpectedGrantsString += unexpectedGrants.elementAt(i).toString();
255                         }
256                         
257                         for (int i=0; i<unexpectedDenialCnt; i++) {
258                             unexpectedDenialString += unexpectedDenial.elementAt(i).toString();
259                         }
260                         
261                         System.out.println("unexpected.grants : " + unexpectedGrantsString);
262                         Element JavaDoc entry = null;
263                         
264                         entry = document.createElementNS(testNS, "errorDescriptiongEntry");
265                         entry.setAttributeNS(null, "id", "unexpected.grants.count");
266                         entry.setAttributeNS(null, "value", "" + unexpectedGrantsCnt);
267                         result.appendChild(entry);
268                         
269                         entry = document.createElementNS(testNS, "errorDescriptionEntry");
270                         entry.setAttributeNS(null, "id", "unexpected.grants");
271                         entry.setAttributeNS(null, "value", unexpectedGrantsString);
272                         result.appendChild(entry);
273                         
274                         entry = document.createElementNS(testNS, "errorDescriptiongEntry");
275                         entry.setAttributeNS(null, "id", "unexpected.denials.count");
276                         entry.setAttributeNS(null, "value", "" + unexpectedDenialCnt);
277                         result.appendChild(entry);
278                         
279                         System.out.println("unexpected.denials : " + unexpectedDenialString);
280                         entry = document.createElementNS(testNS, "errorDescriptionEntry");
281                         entry.setAttributeNS(null, "id", "unexpected.denials");
282                         entry.setAttributeNS(null, "value", unexpectedDenialString);
283                         result.appendChild(entry);
284                     }
285                 } }, false);
286     }
287 }
288
Popular Tags