use of java.io.FilePermission in project Payara by payara.
the class VoidPermissionTest method testNotImplied.
@Test
public void testNotImplied() {
VoidPermission vPerm = new VoidPermission();
FilePermission fPerm = new FilePermission("/scratch/test/*", "read");
Assert.assertTrue(!vPerm.implies(fPerm));
Assert.assertTrue(!fPerm.implies(vPerm));
}
use of java.io.FilePermission in project Payara by payara.
the class PermissionsProcessor method addFilePermissionsForCurrentDir.
// add the current folder for the file permission
protected static void addFilePermissionsForCurrentDir(PermissionCollection revisedPC, DeploymentContext context, FilePermission perm) throws MalformedURLException {
if (!isFilePermforCurrentDir(perm)) {
// not recognized, add it as is
revisedPC.add(perm);
return;
}
String actions = perm.getActions();
String rootDir = context.getSource().getURI().toURL().toString();
Permission rootDirPerm = new FilePermission(rootDir, actions);
revisedPC.add(rootDirPerm);
Permission rootPerm = new FilePermission(rootDir + File.separator + "-", actions);
revisedPC.add(rootPerm);
if (context.getScratchDir("ejb") != null) {
String ejbTmpDir = context.getScratchDir("ejb").toURI().toURL().toString();
Permission ejbDirPerm = new FilePermission(ejbTmpDir, actions);
revisedPC.add(ejbDirPerm);
Permission ejbPerm = new FilePermission(ejbTmpDir + File.separator + "-", actions);
revisedPC.add(ejbPerm);
}
if (context.getScratchDir("jsp") != null) {
String jspdir = context.getScratchDir("jsp").toURI().toURL().toString();
Permission jpsDirPerm = new FilePermission(jspdir, actions);
revisedPC.add(jpsDirPerm);
Permission jpsPerm = new FilePermission(jspdir + File.separator + "-", actions);
revisedPC.add(jpsPerm);
}
}
use of java.io.FilePermission in project Payara by payara.
the class PermissionsProcessor method convertTempDirPermission.
// convert 'temp' dir to the absolute path for permission of 'temp' path
protected static Permission convertTempDirPermission(PermissionCollection revisedPC, DeploymentContext context, FilePermission perm) throws MalformedURLException {
if (!isFilePermforTempDir(perm)) {
return perm;
}
String actions = perm.getActions();
if (context.getScratchDir("jsp") != null) {
String jspdir = context.getScratchDir("jsp").toURI().toURL().toString();
Permission jspDirPerm = new FilePermission(jspdir, actions);
revisedPC.add(jspDirPerm);
Permission jspPerm = new FilePermission(jspdir + File.separator + "-", actions);
revisedPC.add(jspPerm);
return jspPerm;
}
return perm;
}
use of java.io.FilePermission in project jdk8u_jdk by JetBrains.
the class AppContextCreator method getPermissions.
/**
* Returns the permissions for the given codesource object.
* The implementation of this method first calls super.getPermissions,
* to get the permissions
* granted by the super class, and then adds additional permissions
* based on the URL of the codesource.
* <p>
* If the protocol is "file"
* and the path specifies a file, permission is granted to read all files
* and (recursively) all files and subdirectories contained in
* that directory. This is so applets with a codebase of
* file:/blah/some.jar can read in file:/blah/, which is needed to
* be backward compatible. We also add permission to connect back to
* the "localhost".
*
* @param codesource the codesource
* @throws NullPointerException if {@code codesource} is {@code null}.
* @return the permissions granted to the codesource
*/
protected PermissionCollection getPermissions(CodeSource codesource) {
final PermissionCollection perms = super.getPermissions(codesource);
URL url = codesource.getLocation();
String path = null;
Permission p;
try {
p = url.openConnection().getPermission();
} catch (java.io.IOException ioe) {
p = null;
}
if (p instanceof FilePermission) {
path = p.getName();
} else if ((p == null) && (url.getProtocol().equals("file"))) {
path = url.getFile().replace('/', File.separatorChar);
path = ParseUtil.decode(path);
}
if (path != null) {
final String rawPath = path;
if (!path.endsWith(File.separator)) {
int endIndex = path.lastIndexOf(File.separatorChar);
if (endIndex != -1) {
path = path.substring(0, endIndex + 1) + "-";
perms.add(new FilePermission(path, SecurityConstants.FILE_READ_ACTION));
}
}
final File f = new File(rawPath);
final boolean isDirectory = f.isDirectory();
// that ends with .jar or .zip
if (allowRecursiveDirectoryRead && (isDirectory || rawPath.toLowerCase().endsWith(".jar") || rawPath.toLowerCase().endsWith(".zip"))) {
Permission bperm;
try {
bperm = base.openConnection().getPermission();
} catch (java.io.IOException ioe) {
bperm = null;
}
if (bperm instanceof FilePermission) {
String bpath = bperm.getName();
if (bpath.endsWith(File.separator)) {
bpath += "-";
}
perms.add(new FilePermission(bpath, SecurityConstants.FILE_READ_ACTION));
} else if ((bperm == null) && (base.getProtocol().equals("file"))) {
String bpath = base.getFile().replace('/', File.separatorChar);
bpath = ParseUtil.decode(bpath);
if (bpath.endsWith(File.separator)) {
bpath += "-";
}
perms.add(new FilePermission(bpath, SecurityConstants.FILE_READ_ACTION));
}
}
}
return perms;
}
use of java.io.FilePermission in project jdk8u_jdk by JetBrains.
the class ImageIO method hasCachePermission.
/**
* Determines whether the caller has write access to the cache
* directory, stores the result in the <code>CacheInfo</code> object,
* and returns the decision. This method helps to prevent mysterious
* SecurityExceptions to be thrown when this convenience class is used
* in an applet, for example.
*/
private static boolean hasCachePermission() {
Boolean hasPermission = getCacheInfo().getHasPermission();
if (hasPermission != null) {
return hasPermission.booleanValue();
} else {
try {
SecurityManager security = System.getSecurityManager();
if (security != null) {
File cachedir = getCacheDirectory();
String cachepath;
if (cachedir != null) {
cachepath = cachedir.getPath();
} else {
cachepath = getTempDir();
if (cachepath == null || cachepath.isEmpty()) {
getCacheInfo().setHasPermission(Boolean.FALSE);
return false;
}
}
// we have to check whether we can read, write,
// and delete cache files.
// So, compose cache file path and check it.
String filepath = cachepath;
if (!filepath.endsWith(File.separator)) {
filepath += File.separator;
}
filepath += "*";
security.checkPermission(new FilePermission(filepath, "read, write, delete"));
}
} catch (SecurityException e) {
getCacheInfo().setHasPermission(Boolean.FALSE);
return false;
}
getCacheInfo().setHasPermission(Boolean.TRUE);
return true;
}
}
Aggregations