1 11 12 package org.eclipse.osgi.framework.internal.core; 13 14 import java.security.*; 15 import java.util.*; 16 import org.osgi.service.condpermadmin.Condition; 17 18 24 public class FrameworkSecurityManager extends SecurityManager { 25 29 static { 30 Class c; 31 c = CheckPermissionAction.class; 32 c = CheckContext.class; 33 c.getName(); } 35 36 static class CheckContext { 37 ArrayList depthCondSets = new ArrayList(2); 39 ArrayList accs = new ArrayList(2); 40 ArrayList CondClassSet; 41 42 public int getDepth() { 43 return depthCondSets.size() - 1; 44 } 45 } 46 47 54 boolean addConditionsForDomain(Condition condSet[][]) { 55 CheckContext cc = (CheckContext) localCheckContext.get(); 56 if (cc == null) { 57 return false; 60 } 61 Vector condSets = (Vector) cc.depthCondSets.get(cc.getDepth()); 62 if (condSets == null) { 63 condSets = new Vector(2); 64 cc.depthCondSets.set(cc.getDepth(), condSets); 65 } 66 condSets.add(condSet); 67 return true; 68 } 69 70 ThreadLocal localCheckContext = new ThreadLocal (); 71 72 static class CheckPermissionAction implements PrivilegedAction { 73 Permission perm; 74 Object context; 75 FrameworkSecurityManager fsm; 76 77 CheckPermissionAction(FrameworkSecurityManager fsm, Permission perm, Object context) { 78 this.fsm = fsm; 79 this.perm = perm; 80 this.context = context; 81 } 82 83 public Object run() { 84 fsm.internalCheckPermission(perm, context); 85 return null; 86 } 87 } 88 89 public void checkPermission(Permission perm, Object context) { 90 AccessController.doPrivileged(new CheckPermissionAction(this, perm, context)); 91 } 92 93 102 public AccessControlContext getContextToBeChecked() { 103 CheckContext cc = (CheckContext) localCheckContext.get(); 104 if (cc != null && cc.accs != null && !cc.accs.isEmpty()) 105 return (AccessControlContext) cc.accs.get(cc.accs.size()-1); 106 return null; 107 } 108 109 public void internalCheckPermission(Permission perm, Object context) { 110 AccessControlContext acc = (AccessControlContext) context; 111 CheckContext cc = (CheckContext) localCheckContext.get(); 112 if (cc == null) { 113 cc = new CheckContext(); 114 localCheckContext.set(cc); 115 } 116 cc.depthCondSets.add(null); cc.accs.add(acc); 118 try { 119 acc.checkPermission(perm); 120 Vector remainingSets = (Vector) cc.depthCondSets.get(cc.getDepth()); 122 if (remainingSets != null) { 123 133 Hashtable condContextDict = new Hashtable(2); 134 Condition conds[][] = (Condition[][]) remainingSets.remove(0); 136 for (int i = 0; i < conds.length; i++) 137 if (recursiveCheck(remainingSets, conds[i], null, condContextDict, cc)) 138 return; throw new SecurityException ("Conditions not satisfied"); } 141 } finally { 142 cc.depthCondSets.remove(cc.getDepth()); 143 cc.accs.remove(cc.accs.size()-1); 144 } 145 } 146 147 160 private boolean recursiveCheck(Vector remainingSets, Condition[] conditions, Hashtable condDict, Hashtable condContextDict, CheckContext cc) { 161 if (condDict == null) { 163 condDict = new Hashtable(2); 164 } else { 165 Hashtable copyCondDict = new Hashtable(2); 166 for (Enumeration keys = condDict.keys(); keys.hasMoreElements();) { 167 Object key = keys.nextElement(); 168 copyCondDict.put(key, ((Vector) condDict.get(key)).clone()); 169 } 170 condDict = copyCondDict; 171 } 172 for (int i = 0; i < conditions.length; i++) { 173 if (conditions[i] == null) 174 continue; 175 Vector condList = (Vector) condDict.get(conditions[i].getClass()); 176 if (condList == null) { 177 condList = new Vector(); 178 condDict.put(conditions[i].getClass(), condList); 179 } 180 condList.add(conditions[i]); 181 } 182 if (remainingSets.size() > 0) { 183 Condition conds[][] = (Condition[][]) remainingSets.get(0); 184 Vector newSets = (Vector) remainingSets.clone(); 185 newSets.remove(0); 186 for (int i = 0; i < conds.length; i++) 187 if (recursiveCheck(newSets, conds[i], condDict, condContextDict, cc)) 188 return true; 189 return false; 190 } 191 Enumeration keys = condDict.keys(); 192 while (keys.hasMoreElements()) { 193 Class key = (Class ) keys.nextElement(); 194 Vector conds = (Vector) condDict.get(key); 195 if (conds.size() == 0) 196 continue; Condition condArray[] = (Condition[]) conds.toArray(new Condition[conds.size()]); 198 Dictionary context = (Dictionary) condContextDict.get(key); 199 if (context == null) { 200 context = new Hashtable(2); 201 condContextDict.put(key, context); 202 } 203 if (cc.CondClassSet == null) 204 cc.CondClassSet = new ArrayList(2); 205 if (cc.CondClassSet.contains(condArray[0].getClass())) 206 return false; cc.CondClassSet.add(condArray[0].getClass()); 208 try { 209 if (!condArray[0].isSatisfied(condArray, context)) 210 return false; 211 } finally { 212 cc.CondClassSet.remove(condArray[0].getClass()); 213 } 214 } 215 return true; 216 } 217 218 public void checkPermission(Permission perm) { 219 checkPermission(perm, getSecurityContext()); 220 } 221 222 public Object getSecurityContext() { 223 return AccessController.getContext(); 224 } 225 } 226 | Popular Tags |