/** * Delete all permissions from locally installed bundles */ private void deleteUserBundlePermissions() { Enumeration<ConditionalPermissionInfo> cpis = cpa.getConditionalPermissionInfos(); while (cpis.hasMoreElements()) { ConditionalPermissionInfo cpi = cpis.nextElement(); if (!NON_USER_CPI_NAMES.contains(cpi.getName())) { cpi.delete(); } } }
public void installPolicies(List<String> pInfos, boolean reset) { ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos(); if (reset) { cpi = cpa.newConditionalPermissionInfo(pInfo); } catch (Exception e) { try {
/** * The function is called whenever a bundle changes its state. According to * the state, the bundle recieves permissions or loses all permissions. * @param event A specific <code>BundleEvent</code> according to the bundle state */ @Override public void bundleChanged(BundleEvent event) { logger.debug("Got bundle event {}", event.getType()); final String bundleLocation = event.getBundle().getLocation(); switch (event.getType()) { // give the bundle permissions according to the system graph case BundleEvent.INSTALLED: logger.debug("Bundle INSTALLED: {}", bundleLocation); if (bundleLocation.startsWith("userbundle:")) { updateFromSystemGraph(bundleLocation); } break; // delete all permissions of this bundle case BundleEvent.UNINSTALLED: logger.debug("Bundle UNINSTALLED: {}", bundleLocation); cpa.getConditionalPermissionInfo(bundleLocation).delete(); break; } } }
@Override public void printPolicies(PrintStream os) { /* * Scan permission table */ // First get the permissions table ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos(); for (ConditionalPermissionInfo pInfo : piList) { os.println(pInfo.getEncoded()); } }
for (int i = 0; i < permLocations.length; i++) securityAdmin.setPermissions(permLocations[i], null); ConditionalPermissionUpdate update = condPermAdmin.newConditionalPermissionUpdate(); update.getConditionalPermissionInfos().clear(); update.commit(); for (Enumeration<ConditionalPermissionInfo> infos = condPermAdmin.getConditionalPermissionInfos(); infos.hasMoreElements();) infos.nextElement().delete();
@Override public ConditionalPermissionInfo getDeclarationInfo() { // Check if this type was already applied. In this case the declaration // can be obtained by CPA. if (pInfo != null) return pInfo; ConditionInfo conds[] = new ConditionInfo[this.conds.size()]; PermissionInfo perms[] = new PermissionInfo[this.perms.size()]; String access; if (mode) access = ConditionalPermissionInfo.ALLOW; else access = ConditionalPermissionInfo.DENY; ConditionalPermissionInfo cpi = cpa.newConditionalPermissionInfo(name, this.conds.toArray(conds), (this.perms .toArray(perms)), access); pInfo = cpi; return pInfo; }
/** * Give all bundles package permission * may be extended with more permissions in the future */ private void assignAllBundlePermissions() { logger.debug("Give PackagePermission to all bundles"); cpa.setConditionalPermissionInfo(PACKAGE_EXPORT_CPINAME, new ConditionInfo[]{ null }, new PermissionInfo[]{ new PermissionInfo( PackagePermission.class.getName(), "*", "export") }); }
public boolean addPermission(final Bundle bundle, final Class<? extends Permission> type, final String name, final String actions, final boolean allowOrDeny, int index) { if (type == null) return false; final ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); addPermission(bundle, type, name, actions, cpa, cpu, allowOrDeny, index); return cpu.commit(); }
for (int i = 0; i < permLocations.length; i++) securityAdmin.setPermissions(permLocations[i], null); ConditionalPermissionUpdate update = condPermAdmin.newConditionalPermissionUpdate(); update.getConditionalPermissionInfos().clear(); update.commit(); for (Enumeration<ConditionalPermissionInfo> infos = condPermAdmin.getConditionalPermissionInfos(); infos.hasMoreElements();) infos.nextElement().delete();
@Override public String getDeclarationString() { // Check if this type was already applied. In this case the declaration // can be obtained by CPA. if (pInfo != null) return pInfo.getEncoded(); ConditionInfo conds[] = new ConditionInfo[this.conds.size()]; PermissionInfo perms[] = new PermissionInfo[this.perms.size()]; String access; if (mode) access = ConditionalPermissionInfo.ALLOW; else access = ConditionalPermissionInfo.DENY; ConditionalPermissionInfo cpi = cpa.newConditionalPermissionInfo(name, this.conds.toArray(conds), (this.perms .toArray(perms)), access); pInfo = cpi; return pInfo.getEncoded(); }
/** * Update the permissions from the graph. * @param bundleLocation */ private void updateFromSystemGraph(String bundleLocation) { logger.debug("Updating from system graph"); logger.debug("location: {}, cpa: {}", bundleLocation, cpa); cpa.setConditionalPermissionInfo(bundleLocation, new ConditionInfo[]{ new ConditionInfo( BundleLocationCondition.class.getName(), new String[]{bundleLocation}) }, permissionDefinitions.retrievePermissions(bundleLocation)); }
@Override public boolean addPermissions(String user, List<Permission> permissions) { UserRightsProxy urp = urpMap.get(user); if (urp == null) throw new IllegalStateException( String.format("User rights proxy installation for the user %s not yet completed.", user)); Bundle b = urp.getBundle(); final ConditionalPermissionAdmin cpa = (ConditionalPermissionAdmin) permMan.getSystemPermissionAdmin(); final ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); final List<ConditionalPermissionInfo> perms = cpu.getConditionalPermissionInfos(); int id = getNextUserPermId(user, perms); for (Permission perm: permissions) { final String name = "user_" + user + id++; perms.add(perms.size(), cpa.newConditionalPermissionInfo( name, new ConditionInfo[]{ new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[]{b.getLocation()})}, new PermissionInfo[]{ new PermissionInfo(perm.getClass().getName(), perm.getName(), perm.getActions())}, "allow")); } return cpu.commit(); }
public boolean addPermission(final Bundle bundle, final Permission perm, final boolean allowOrDeny, int index) { if (perm == null) return false; final ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); addPermission(bundle, perm, cpa, cpu, allowOrDeny, index); return cpu.commit(); }
for (Enumeration e = cpa.getConditionalPermissionInfos(); e.hasMoreElements();)
public void addPermission(final Bundle bundle, final Class<? extends Permission> type, final String name, final String actions, final ConditionalPermissionAdmin cpAdmin, final ConditionalPermissionUpdate update, final boolean allowOrDeny, int index) { if (type == null) return; if (index == -1) { index = update.getConditionalPermissionInfos().size(); } update.getConditionalPermissionInfos().add(index, cpAdmin.newConditionalPermissionInfo( "testCond" + PERMISSION_COUNTER.getAndIncrement(), new ConditionInfo[]{ new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[]{bundle.getLocation()})}, new PermissionInfo[]{ new PermissionInfo(type.getName(), name, actions)}, allowOrDeny ? "allow" : "deny")); }
@Override public Object run() { cpa.setConditionalPermissionInfo(ALL_EXCEPT_USER_BUNDLES_CPINAME, new ConditionInfo[]{ new ConditionInfo( NotBundleLocationCondition.class.getName(), new String[]{"userbundle:*"}) }, new PermissionInfo[]{ new PermissionInfo( AllPermission.class.getName(), "", "") }); return null; // nothing to return } });
completeTypes(); ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos(); ConditionInfo conds[] = new ConditionInfo[aptimpl.conds.size()]; PermissionInfo perms[] = new PermissionInfo[aptimpl.perms.size()]; ConditionalPermissionInfo cpi = cpa.newConditionalPermissionInfo(name, aptimpl.conds.toArray(conds), aptimpl.perms.toArray(perms), ConditionalPermissionInfo.DENY); ConditionInfo conds[] = new ConditionInfo[aptimpl.conds.size()]; PermissionInfo perms[] = new PermissionInfo[aptimpl.perms.size()]; ConditionalPermissionInfo cpi = cpa.newConditionalPermissionInfo(name, aptimpl.conds.toArray(conds), aptimpl.perms.toArray(perms), ConditionalPermissionInfo.ALLOW);
void removeGranted(String name) { // First get the permissions table ConditionalPermissionUpdate cpu = cpa.newConditionalPermissionUpdate(); List<ConditionalPermissionInfo> piList = cpu.getConditionalPermissionInfos(); for (ConditionalPermissionInfo tmpcpi : piList) { // If a permission info exists in the table remove it if (tmpcpi.getName().equals(name)) { if (Configuration.DEBUG) log.info("Removed Policy: " + tmpcpi.getEncoded()); piList.remove(tmpcpi); break; } } cpu.commit(); }
for (Enumeration e = cpa.getConditionalPermissionInfos(); e.hasMoreElements();)
public void addPermission(final Bundle bundle, final Permission perm, final ConditionalPermissionAdmin cpAdmin, final ConditionalPermissionUpdate update, final boolean allowOrDeny, int index) { if (perm == null) return; if (index == -1) { index = update.getConditionalPermissionInfos().size(); } update.getConditionalPermissionInfos().add(index, cpAdmin.newConditionalPermissionInfo( "testCond" + PERMISSION_COUNTER.getAndIncrement(), new ConditionInfo[]{ new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[]{bundle.getLocation()})}, new PermissionInfo[]{ new PermissionInfo(perm.getClass().getName(), perm.getName(), perm.getActions())}, allowOrDeny ? "allow" : "deny")); }