Example 6 with SecurityManager
use of lucee.runtime.security.SecurityManager in project Lucee by lucee.
the class Admin method doGetDefaultSecurityManager.
/**
* @throws PageException
*/
private void doGetDefaultSecurityManager() throws PageException {
ConfigServer cs = ConfigImpl.getConfigServer(config, password);
SecurityManager dsm = cs.getDefaultSecurityManager();
_fillSecData(dsm);
}
Also used :
SecurityManager(lucee.runtime.security.SecurityManager)
ConfigServer(lucee.runtime.config.ConfigServer)
Example 7 with SecurityManager
use of lucee.runtime.security.SecurityManager in project Lucee by lucee.
the class XMLConfigAdmin method removeResourceProvider.
public void removeResourceProvider(String scheme) throws PageException {
checkWriteAccess();
SecurityManager sm = config.getSecurityManager();
short access = sm.getAccess(SecurityManager.TYPE_FILE);
boolean hasAccess = access == SecurityManager.VALUE_YES;
if (!hasAccess)
throw new SecurityException("no access to remove resource provider");
_removeResourceProvider(scheme);
}
Also used :
SecurityManager(lucee.runtime.security.SecurityManager)
SecurityException(lucee.runtime.exp.SecurityException)
Example 8 with SecurityManager
use of lucee.runtime.security.SecurityManager in project Lucee by lucee.
the class XMLConfigAdmin method updateDefaultResourceProvider.
public void updateDefaultResourceProvider(ClassDefinition cd, String arguments) throws PageException {
checkWriteAccess();
SecurityManager sm = config.getSecurityManager();
short access = sm.getAccess(SecurityManager.TYPE_FILE);
boolean hasAccess = access == SecurityManager.VALUE_YES;
if (!hasAccess)
throw new SecurityException("no access to update resources");
Element parent = _getRootElement("resources");
// Update
Element[] children = XMLConfigWebFactory.getChildren(parent, "default-resource-provider");
for (int i = 0; i < children.length; i++) {
Element el = children[i];
el.setAttribute("arguments", arguments);
return;
}
// Insert
Element el = doc.createElement("default-resource-provider");
parent.appendChild(el);
el.setAttribute("arguments", arguments);
setClass(el, null, "", cd);
}
Also used :
SecurityManager(lucee.runtime.security.SecurityManager)
Element(org.w3c.dom.Element)
SecurityException(lucee.runtime.exp.SecurityException)
Example 9 with SecurityManager
use of lucee.runtime.security.SecurityManager in project Lucee by lucee.
the class XMLConfigAdmin method updateDataSource.
/**
* update or insert new database connection
* @param name
* @param clazzName
* @param dsn
* @param username
* @param password
* @param host
* @param database
* @param port
* @param connectionLimit
* @param connectionTimeout
* @param blob
* @param clob
* @param allow
* @param storage
* @param custom
* @throws PageException
*/
public void updateDataSource(String name, String newName, ClassDefinition cd, String dsn, String username, String password, String host, String database, int port, int connectionLimit, int connectionTimeout, long metaCacheTimeout, boolean blob, boolean clob, int allow, boolean validate, boolean storage, String timezone, Struct custom, String dbdriver, ParamSyntax paramSyntax, boolean literalTimestampWithTSOffset, boolean alwaysSetTimeout) throws PageException {
checkWriteAccess();
SecurityManager sm = config.getSecurityManager();
short access = sm.getAccess(SecurityManager.TYPE_DATASOURCE);
boolean hasAccess = true;
boolean hasInsertAccess = true;
int maxLength = 0;
if (access == SecurityManager.VALUE_YES)
hasAccess = true;
else if (access == SecurityManager.VALUE_NO)
hasAccess = false;
else if (access >= SecurityManager.VALUE_1 && access <= SecurityManager.VALUE_10) {
int existingLength = getDatasourceLength(config);
maxLength = access - SecurityManager.NUMBER_OFFSET;
hasInsertAccess = maxLength > existingLength;
// print.ln("maxLength:"+maxLength);
// print.ln("existingLength:"+existingLength);
}
// boolean hasAccess=ConfigWebUtil.hasAccess(config,SecurityManager.TYPE_DATASOURCE);
if (!hasAccess)
throw new SecurityException("no access to update datsource connections");
// check parameters
if (name == null || name.length() == 0)
throw new ExpressionException("name can't be a empty value");
Element datasources = _getRootElement("data-sources");
// Update
Element[] children = XMLConfigWebFactory.getChildren(datasources, "data-source");
for (int i = 0; i < children.length; i++) {
String n = children[i].getAttribute("name");
if (n.equalsIgnoreCase(name)) {
Element el = children[i];
if (password.equalsIgnoreCase("****************"))
password = el.getAttribute("password");
if (!StringUtil.isEmpty(newName) && !newName.equals(name))
el.setAttribute("name", newName);
setClass(el, null, "", cd);
el.setAttribute("dsn", dsn);
el.setAttribute("username", username);
el.setAttribute("password", ConfigWebUtil.encrypt(password));
el.setAttribute("host", host);
if (!StringUtil.isEmpty(timezone))
el.setAttribute("timezone", timezone);
else if (el.hasAttribute("timezone"))
el.removeAttribute("timezone");
el.setAttribute("database", database);
el.setAttribute("port", Caster.toString(port));
el.setAttribute("connectionLimit", Caster.toString(connectionLimit));
el.setAttribute("connectionTimeout", Caster.toString(connectionTimeout));
el.setAttribute("metaCacheTimeout", Caster.toString(metaCacheTimeout));
el.setAttribute("blob", Caster.toString(blob));
el.setAttribute("clob", Caster.toString(clob));
el.setAttribute("allow", Caster.toString(allow));
el.setAttribute("validate", Caster.toString(validate));
el.setAttribute("storage", Caster.toString(storage));
el.setAttribute("custom", toStringURLStyle(custom));
if (!StringUtil.isEmpty(dbdriver))
el.setAttribute("dbdriver", Caster.toString(dbdriver));
// Param Syntax
el.setAttribute("param-delimiter", (paramSyntax.delimiter));
el.setAttribute("param-leading-delimiter", (paramSyntax.leadingDelimiter));
el.setAttribute("param-separator", (paramSyntax.separator));
if (literalTimestampWithTSOffset)
el.setAttribute("literal-timestamp-with-tsoffset", "true");
else if (el.hasAttribute("literal-timestamp-with-tsoffset"))
el.removeAttribute("literal-timestamp-with-tsoffset");
if (alwaysSetTimeout)
el.setAttribute("always-set-timeout", "true");
else if (el.hasAttribute("always-set-timeout"))
el.removeAttribute("always-set-timeout");
return;
}
}
if (!hasInsertAccess)
throw new SecurityException("no access to add datasource connections, the maximum count of [" + maxLength + "] datasources is reached");
// Insert
Element el = doc.createElement("data-source");
datasources.appendChild(el);
if (!StringUtil.isEmpty(newName))
el.setAttribute("name", newName);
else
el.setAttribute("name", name);
setClass(el, null, "", cd);
el.setAttribute("dsn", dsn);
if (username.length() > 0)
el.setAttribute("username", username);
if (password.length() > 0)
el.setAttribute("password", ConfigWebUtil.encrypt(password));
el.setAttribute("host", host);
if (!StringUtil.isEmpty(timezone))
el.setAttribute("timezone", timezone);
el.setAttribute("database", database);
if (port > -1)
el.setAttribute("port", Caster.toString(port));
if (connectionLimit > -1)
el.setAttribute("connectionLimit", Caster.toString(connectionLimit));
if (connectionTimeout > -1)
el.setAttribute("connectionTimeout", Caster.toString(connectionTimeout));
if (metaCacheTimeout > -1)
el.setAttribute("metaCacheTimeout", Caster.toString(metaCacheTimeout));
el.setAttribute("blob", Caster.toString(blob));
el.setAttribute("clob", Caster.toString(clob));
el.setAttribute("validate", Caster.toString(validate));
el.setAttribute("storage", Caster.toString(storage));
if (allow > -1)
el.setAttribute("allow", Caster.toString(allow));
el.setAttribute("custom", toStringURLStyle(custom));
if (!StringUtil.isEmpty(dbdriver))
el.setAttribute("dbdriver", Caster.toString(dbdriver));
// Param Syntax
el.setAttribute("param-delimiter", (paramSyntax.delimiter));
el.setAttribute("param-leading-delimiter", (paramSyntax.leadingDelimiter));
el.setAttribute("param-separator", (paramSyntax.separator));
if (literalTimestampWithTSOffset)
el.setAttribute("literal-timestamp-with-tsoffset", "true");
if (alwaysSetTimeout)
el.setAttribute("always-set-timeout", "true");
}
Also used :
SecurityManager(lucee.runtime.security.SecurityManager)
Element(org.w3c.dom.Element)
SecurityException(lucee.runtime.exp.SecurityException)
ExpressionException(lucee.runtime.exp.ExpressionException)
Example 10 with SecurityManager
use of lucee.runtime.security.SecurityManager in project Lucee by lucee.
the class XMLConfigWebFactory method loadDataSources.
/**
* loads datasource settings from XMl DOM
*
* @param configServer
* @param config
* @param doc
* @throws BundleException
* @throws ClassNotFoundException
*/
private static void loadDataSources(ConfigServerImpl configServer, ConfigImpl config, Document doc, Log log) {
// load JDBC Driver defintion
{
Element jdbc = getChildByName(doc.getDocumentElement(), "jdbc");
Element[] drivers = getChildren(jdbc, "driver");
Map<String, JDBCDriver> map = new HashMap<String, JDBCDriver>();
// first add the server drivers, so they can be overwritten
if (configServer != null) {
JDBCDriver[] sds = configServer.getJDBCDrivers();
for (JDBCDriver sd : sds) {
map.put(sd.cd.toString(), sd);
}
}
ClassDefinition cd;
String label;
for (Element driver : drivers) {
cd = getClassDefinition(driver, "", config.getIdentification());
label = getAttr(driver, "label");
// check if label exists
if (StringUtil.isEmpty(label)) {
log.error("Datasource", "missing label for jdbc driver [" + cd.getClassName() + "]");
continue;
}
// check if it is a bundle
if (!cd.isBundle()) {
log.error("Datasource", "jdbc driver [" + label + "] does not describe a bundle");
continue;
}
map.put(cd.toString(), new JDBCDriver(label, cd));
}
config.setJDBCDrivers(map.values().toArray(new JDBCDriver[map.size()]));
}
// When set to true, makes JDBC use a representation for DATE data that
// is compatible with the Oracle8i database.
System.setProperty("oracle.jdbc.V8Compatible", "true");
boolean hasCS = configServer != null;
Map<String, DataSource> datasources = new HashMap<String, DataSource>();
// Copy Parent datasources as readOnly
if (hasCS) {
Map<String, DataSource> ds = configServer.getDataSourcesAsMap();
Iterator<Entry<String, DataSource>> it = ds.entrySet().iterator();
Entry<String, DataSource> entry;
while (it.hasNext()) {
entry = it.next();
if (!entry.getKey().equals(QOQ_DATASOURCE_NAME))
datasources.put(entry.getKey(), entry.getValue().cloneReadOnly());
}
}
// Default query of query DB
try {
setDatasource(config, datasources, QOQ_DATASOURCE_NAME, new ClassDefinitionImpl("org.hsqldb.jdbcDriver", "hsqldb", "1.8.0", config.getIdentification()), "hypersonic-hsqldb", "", -1, "jdbc:hsqldb:.", "sa", "", DEFAULT_MAX_CONNECTION, -1, 60000, true, true, DataSource.ALLOW_ALL, false, false, null, new StructImpl(), "", ParamSyntax.DEFAULT, false, false);
} catch (Exception e) {
log.error("Datasource", e);
}
SecurityManager sm = config.getSecurityManager();
short access = sm.getAccess(SecurityManager.TYPE_DATASOURCE);
int accessCount = -1;
if (access == SecurityManager.VALUE_YES)
accessCount = -1;
else if (access == SecurityManager.VALUE_NO)
accessCount = 0;
else if (access >= SecurityManager.VALUE_1 && access <= SecurityManager.VALUE_10) {
accessCount = access - SecurityManager.NUMBER_OFFSET;
}
// Databases
Element databases = getChildByName(doc.getDocumentElement(), "data-sources");
// if(databases==null)databases=doc.createElement("data-sources");
// PSQ
String strPSQ = getAttr(databases, "psq");
if (StringUtil.isEmpty(strPSQ)) {
// prior version was buggy, was the opposite
strPSQ = getAttr(databases, "preserve-single-quote");
if (!StringUtil.isEmpty(strPSQ)) {
Boolean b = Caster.toBoolean(strPSQ, null);
if (b != null)
strPSQ = b.booleanValue() ? "false" : "true";
}
}
if (access != SecurityManager.VALUE_NO && !StringUtil.isEmpty(strPSQ)) {
config.setPSQL(toBoolean(strPSQ, true));
} else if (hasCS)
config.setPSQL(configServer.getPSQL());
// Data Sources
Element[] dataSources = getChildren(databases, "data-source");
if (accessCount == -1)
accessCount = dataSources.length;
if (dataSources.length < accessCount)
accessCount = dataSources.length;
// if(hasAccess) {
ClassDefinition cd;
for (int i = 0; i < accessCount; i++) {
Element dataSource = dataSources[i];
if (dataSource.hasAttribute("database")) {
try {
cd = getClassDefinition(dataSource, "", config.getIdentification());
if (!cd.isBundle()) {
JDBCDriver jdbc = config.getJDBCDriverByClassName(cd.getClassName(), null);
if (jdbc != null)
cd = jdbc.cd;
}
setDatasource(config, datasources, getAttr(dataSource, "name"), cd, getAttr(dataSource, "host"), getAttr(dataSource, "database"), Caster.toIntValue(getAttr(dataSource, "port"), -1), getAttr(dataSource, "dsn"), getAttr(dataSource, "username"), ConfigWebUtil.decrypt(getAttr(dataSource, "password")), Caster.toIntValue(getAttr(dataSource, "connectionLimit"), DEFAULT_MAX_CONNECTION), Caster.toIntValue(getAttr(dataSource, "connectionTimeout"), -1), Caster.toLongValue(getAttr(dataSource, "metaCacheTimeout"), 60000), toBoolean(getAttr(dataSource, "blob"), true), toBoolean(getAttr(dataSource, "clob"), true), Caster.toIntValue(getAttr(dataSource, "allow"), DataSource.ALLOW_ALL), toBoolean(getAttr(dataSource, "validate"), false), toBoolean(getAttr(dataSource, "storage"), false), getAttr(dataSource, "timezone"), toStruct(getAttr(dataSource, "custom")), getAttr(dataSource, "dbdriver"), ParamSyntax.toParamSyntax(dataSource, ParamSyntax.DEFAULT), toBoolean(getAttr(dataSource, "literal-timestamp-with-tsoffset"), false), toBoolean(getAttr(dataSource, "always-set-timeout"), false));
} catch (Exception e) {
log.error("Datasource", e);
}
}
}
// }
config.setDataSources(datasources);
}
Also used :
SecurityManager(lucee.runtime.security.SecurityManager)
LinkedHashMap(java.util.LinkedHashMap)
HashMap(java.util.HashMap)
Element(org.w3c.dom.Element)
ClassDefinition(lucee.runtime.db.ClassDefinition)
FunctionLibException(lucee.transformer.library.function.FunctionLibException)
PageException(lucee.runtime.exp.PageException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
SecurityException(lucee.runtime.exp.SecurityException)
TagLibException(lucee.transformer.library.tag.TagLibException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SQLException(java.sql.SQLException)
IOException(java.io.IOException)
BundleException(org.osgi.framework.BundleException)
SAXException(org.xml.sax.SAXException)
ClassException(lucee.commons.lang.ClassException)
MalformedURLException(java.net.MalformedURLException)
ExpressionException(lucee.runtime.exp.ExpressionException)
ApplicationException(lucee.runtime.exp.ApplicationException)
lucee.aprint(lucee.aprint)
DataSource(lucee.runtime.db.DataSource)
DumpWriterEntry(lucee.runtime.dump.DumpWriterEntry)
Entry(java.util.Map.Entry)
GatewayEntry(lucee.runtime.gateway.GatewayEntry)
ClassDefinitionImpl(lucee.transformer.library.ClassDefinitionImpl)
StructImpl(lucee.runtime.type.StructImpl)
JDBCDriver(lucee.runtime.db.JDBCDriver)
Map(java.util.Map)
LinkedHashMap(java.util.LinkedHashMap)
HashMap(java.util.HashMap)
Aggregations
SecurityManager (lucee.runtime.security.SecurityManager)18
SecurityException (lucee.runtime.exp.SecurityException)7
ApplicationException (lucee.runtime.exp.ApplicationException)6
IOException (java.io.IOException)4
Element (org.w3c.dom.Element)4
FileResource (lucee.commons.io.res.type.file.FileResource)3
lucee.aprint (lucee.aprint)2
Resource (lucee.commons.io.res.Resource)2
AndResourceFilter (lucee.commons.io.res.filter.AndResourceFilter)2
DirectoryResourceFilter (lucee.commons.io.res.filter.DirectoryResourceFilter)2
FileResourceFilter (lucee.commons.io.res.filter.FileResourceFilter)2
NotResourceFilter (lucee.commons.io.res.filter.NotResourceFilter)2
OrResourceFilter (lucee.commons.io.res.filter.OrResourceFilter)2
ResourceFilter (lucee.commons.io.res.filter.ResourceFilter)2
ConfigServer (lucee.runtime.config.ConfigServer)2
ExpressionException (lucee.runtime.exp.ExpressionException)2
StructImpl (lucee.runtime.type.StructImpl)2
BufferedImage (java.awt.image.BufferedImage)1
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
MalformedURLException (java.net.MalformedURLException)1
