private MuleModule updateModuleForTests(MuleModule discoveredModule) { Set<String> privilegedArtifacts = new HashSet<>(discoveredModule.getPrivilegedArtifacts()); privilegedArtifacts.addAll(privilegedArtifactIds); return new MuleModule(discoveredModule.getName(), discoveredModule.getExportedPackages(), discoveredModule.getExportedPaths(), discoveredModule.getPrivilegedExportedPackages(), privilegedArtifacts, discoveredModule.getExportedServices()); } }
@Test public void discoversJreModule() throws Exception { final List<MuleModule> muleModules = moduleDiscoverer.discover(); assertThat(muleModules.size(), equalTo(1)); final MuleModule muleModule = muleModules.get(0); assertThat(muleModule.getName(), equalTo(JRE_MODULE_NAME)); assertThat(muleModule.getExportedPaths(), is(not(empty()))); assertThat(muleModule.getExportedPackages(), is(not(empty()))); assertThat(muleModule.getExportedServices(), is(not(empty()))); } }
@Test public void createsPluginWithPrivilegedContainerAccess() throws Exception { MuleModule privilegedModule = mock(MuleModule.class); when(privilegedModule.getPrivilegedArtifacts()).thenReturn(singleton(PLUGIN_ARTIFACT_ID1)); when(privilegedModule.getPrivilegedExportedPackages()).thenReturn(singleton(PRIVILEGED_PACKAGE)); when(moduleRepository.getModules()).thenReturn(singletonList(privilegedModule)); List<ArtifactPluginDescriptor> artifactPluginDescriptors = singletonList(plugin1Descriptor); ArgumentCaptor<Map> mapArgumentCaptor = forClass(Map.class); when(regionOwnerLookupPolicy.extend(mapArgumentCaptor.capture())).thenReturn(pluginLookupPolicy); List<ArtifactClassLoader> pluginClassLoaders = factory.createPluginClassLoaders(regionClassLoader, artifactPluginDescriptors, regionOwnerLookupPolicy); assertThat(pluginClassLoaders, contains(pluginClassLoader1)); Map<String, LookupStrategy> value = mapArgumentCaptor.getValue(); assertThat(value, hasEntry(equalTo(PRIVILEGED_PACKAGE), instanceOf(ContainerOnlyLookupStrategy.class))); }
@Override public List<MuleModule> discover() { DefaultModuleRepository containerModuleDiscoverer = new DefaultModuleRepository(delegateModuleDiscoverer); List<MuleModule> discoveredModules = containerModuleDiscoverer.getModules(); List<MuleModule> updateModules = new ArrayList<>(discoveredModules.size()); for (MuleModule discoveredModule : discoveredModules) { if (!discoveredModule.getPrivilegedExportedPackages().isEmpty()) { discoveredModule = updateModuleForTests(discoveredModule); } updateModules.add(discoveredModule); } return updateModules; }
@Override public List<MuleModule> discover() { Set<String> packages = new HashSet<>(1024); Set<String> resources = new HashSet<>(1024); List<ExportedService> services = new ArrayList<>(128); exploreJdk(packages, resources, services); if (logger.isDebugEnabled()) { logger.debug("Discovered JRE:\npackages: {}\nresources: {}\nservices: {}", packages, resources, services.stream().map(p -> p.getServiceInterface() + ":" + p.getResource().toString()).collect(toList())); } MuleModule jdkModule = new MuleModule(JRE_MODULE_NAME, packages, resources, emptySet(), emptySet(), services); return singletonList(jdkModule); } }
private Set<String> getModuleExportedPackages(List<MuleModule> muleModules) { Set<String> packages = new HashSet<>(); for (MuleModule muleModule : muleModules) { packages.addAll(muleModule.getExportedPackages()); } return packages; }
private boolean hasPrivilegedApiAccess(PluginUrlClassification pluginUrlClassification, MuleModule module) { return module.getPrivilegedArtifacts().stream() .filter(artifact -> pluginUrlClassification.getName().startsWith(artifact + ":")).findFirst().isPresent(); }
@Override public List<MuleModule> getModules() { if (modules == null) { synchronized (this) { if (modules == null) { modules = discoverModules(); if (logger.isDebugEnabled()) { logger.debug("Found {} modules: ", modules.size(), modules.stream().map(m -> m.getName()).collect(toList())); } } } } return modules; }
private Set<String> getExportedResourcePaths(List<MuleModule> muleModules) { Set<String> resources = new HashSet<>(); for (MuleModule muleModule : muleModules) { resources.addAll(muleModule.getExportedPaths()); } return resources; }
private List<ExportedService> getExportedServices(List<MuleModule> muleModules) { List<ExportedService> exportedServices = new ArrayList<>(); for (MuleModule muleModule : muleModules) { exportedServices.addAll(muleModule.getExportedServices()); } return exportedServices; }
if (module.getPrivilegedArtifacts() .contains(descriptor.getBundleDescriptor().getGroupId() + ":" + descriptor.getBundleDescriptor().getArtifactId())) { for (String packageName : module.getPrivilegedExportedPackages()) { pluginsLookupPolicies.put(packageName, containerOnlyLookupStrategy);
private ClassLoaderLookupPolicy extendLookupPolicyForPrivilegedAccess(ClassLoaderLookupPolicy childClassLoaderLookupPolicy, ModuleRepository moduleRepository, TestContainerClassLoaderFactory testContainerClassLoaderFactory, PluginUrlClassification pluginUrlClassification) { ContainerOnlyLookupStrategy containerOnlyLookupStrategy = new ContainerOnlyLookupStrategy(testContainerClassLoaderFactory.getContainerClassLoader().getClassLoader()); Map<String, LookupStrategy> privilegedLookupStrategies = new HashMap<>(); for (MuleModule module : moduleRepository.getModules()) { if (hasPrivilegedApiAccess(pluginUrlClassification, module)) { for (String packageName : module.getPrivilegedExportedPackages()) { privilegedLookupStrategies.put(packageName, containerOnlyLookupStrategy); } } } if (privilegedLookupStrategies.isEmpty()) { return childClassLoaderLookupPolicy; } else { return childClassLoaderLookupPolicy.extend(privilegedLookupStrategies); } }
/** * Creates a module with the configured state * * @return a new {@link MuleModule} with the configured state. */ public MuleModule build() { return new MuleModule(name, packages, resources, emptySet(), emptySet(), emptyList()); } }
/** * Creates a {@link Map<String, LookupStrategy>} for the packages exported on the container. * * @param containerClassLoader class loader containing container's classes. Non null. * @param modules to be used for collecting the exported packages. Non null * @return a {@link Map<String, LookupStrategy>} for the packages exported on the container */ private Map<String, LookupStrategy> buildClassLoaderLookupStrategy(ClassLoader containerClassLoader, List<MuleModule> modules) { checkArgument(containerClassLoader != null, "containerClassLoader cannot be null"); checkArgument(modules != null, "modules cannot be null"); ContainerOnlyLookupStrategy containerOnlyLookupStrategy = new ContainerOnlyLookupStrategy(containerClassLoader); final Map<String, LookupStrategy> result = new HashMap<>(); for (MuleModule muleModule : modules) { for (String exportedPackage : muleModule.getExportedPackages()) { // Let artifacts extend non "java." JRE packages result.put(exportedPackage, ALLOW_JRE_EXTENSION && stream(JRE_EXTENDABLE_PACKAGES).anyMatch(exportedPackage::startsWith) ? PARENT_FIRST : containerOnlyLookupStrategy); } } return result; }
private boolean hasPrivilegedApiAccess(PluginUrlClassification pluginUrlClassification, MuleModule module) { return module.getPrivilegedArtifacts().stream() .filter(artifact -> pluginUrlClassification.getName().startsWith(artifact + ":")).findFirst().isPresent(); }
@Override public List<MuleModule> discover() { List<MuleModule> modules = new LinkedList<>(); Set<String> moduleNames = new HashSet<>(); try { for (Properties moduleProperties : discoverProperties(classLoader, getModulePropertiesFileName())) { final MuleModule module = createModule(moduleProperties); if (moduleNames.contains(module.getName())) { logger.warn(format("Ignoring duplicated module '%s'", module.getName())); } else { moduleNames.add(module.getName()); modules.add(module); } } } catch (IOException e) { throw new RuntimeException("Cannot discover mule modules", e); } return modules; }
@Test public void discoversModuleWithExportedPrivilegedApi() throws Exception { runTest(moduleDiscoverer -> { List<URL> moduleProperties = new ArrayList(); moduleProperties.add(getClass().getClassLoader().getResource("moduleJavaPrivilegedApi.properties")); when(classLoader.getResources(ClasspathModuleDiscoverer.MODULE_PROPERTIES)) .thenReturn(new EnumerationAdapter(moduleProperties)); List<MuleModule> muleModules = moduleDiscoverer.discover(); assertThat(muleModules, hasSize(1)); MuleModule muleModule = muleModules.get(0); assertThat(muleModule.getName(), is("moduleJavaPrivilegedApi")); assertThat(muleModule.getExportedPackages(), is(empty())); assertThat(muleModule.getExportedPaths(), is(empty())); assertThat(muleModule.getPrivilegedExportedPackages(), contains("org.foo", "org.bar")); assertThat(muleModule.getPrivilegedArtifacts(), contains("privilegedArtifact1", "privilegedArtifact2")); assertThat(muleModule.getExportedServices(), is(empty())); }); }
@Test public void createsPluginWithPrivilegedContainerAccess() throws Exception { MuleModule privilegedModule = mock(MuleModule.class); when(privilegedModule.getPrivilegedArtifacts()).thenReturn(singleton(PLUGIN_ARTIFACT_ID1)); when(privilegedModule.getPrivilegedExportedPackages()).thenReturn(singleton(PRIVILEGED_PACKAGE)); when(moduleRepository.getModules()).thenReturn(singletonList(privilegedModule)); List<ArtifactPluginDescriptor> artifactPluginDescriptors = singletonList(plugin1Descriptor); ArgumentCaptor<Map> mapArgumentCaptor = forClass(Map.class); when(regionOwnerLookupPolicy.extend(mapArgumentCaptor.capture())).thenReturn(pluginLookupPolicy); List<ArtifactClassLoader> pluginClassLoaders = factory.createPluginClassLoaders(regionClassLoader, artifactPluginDescriptors, regionOwnerLookupPolicy); assertThat(pluginClassLoaders, contains(pluginClassLoader1)); Map<String, LookupStrategy> value = mapArgumentCaptor.getValue(); assertThat(value, hasEntry(equalTo(PRIVILEGED_PACKAGE), instanceOf(ContainerOnlyLookupStrategy.class))); }
@Override public List<MuleModule> discover() { DefaultModuleRepository containerModuleDiscoverer = new DefaultModuleRepository(delegateModuleDiscoverer); List<MuleModule> discoveredModules = containerModuleDiscoverer.getModules(); List<MuleModule> updateModules = new ArrayList<>(discoveredModules.size()); for (MuleModule discoveredModule : discoveredModules) { if (!discoveredModule.getPrivilegedExportedPackages().isEmpty()) { discoveredModule = updateModuleForTests(discoveredModule); } updateModules.add(discoveredModule); } return updateModules; }
private MuleModule createModule(Properties moduleProperties) { final String moduleName = (String) moduleProperties.get("module.name"); Set<String> modulePackages = getExportedPackageByProperty(moduleProperties, EXPORTED_CLASS_PACKAGES_PROPERTY); Set<String> modulePaths = getExportedResourcePaths(moduleProperties); Set<String> modulePrivilegedPackages = getExportedPackageByProperty(moduleProperties, PRIVILEGED_EXPORTED_CLASS_PACKAGES_PROPERTY); Set<String> privilegedArtifacts = getPrivilegedArtifactIds(moduleProperties); List<ExportedService> exportedServices = getExportedServices(moduleProperties, EXPORTED_SERVICES_PROPERTY); return new MuleModule(moduleName, modulePackages, modulePaths, modulePrivilegedPackages, privilegedArtifacts, exportedServices); }