Examples with ImmediatePermissionFactory org.jboss.modules.security.ImmediatePermissionFactory used on opensource projects

Example 1 with ImmediatePermissionFactory

use of org.jboss.modules.security.ImmediatePermissionFactory in project wildfly by wildfly.

the class EEDefaultPermissionsProcessor method deploy.

public void deploy(final DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
    DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
    final ModuleSpecification attachment = deploymentUnit.getAttachment(Attachments.MODULE_SPECIFICATION);
    if (attachment == null) {
        return;
    }
    final List<PermissionFactory> permissions = attachment.getPermissionFactories();
    final Enumeration<Permission> e = DEFAULT_PERMISSIONS.elements();
    while (e.hasMoreElements()) {
        permissions.add(new ImmediatePermissionFactory(e.nextElement()));
    }
    //make sure they can read the contents of the deployment
    ResourceRoot root = deploymentUnit.getAttachment(Attachments.DEPLOYMENT_ROOT);
    try {
        File file = root.getRoot().getPhysicalFile();
        if (file != null && file.isDirectory()) {
            FilePermission permission = new FilePermission(file.getAbsolutePath() + File.separatorChar + "-", "read");
            permissions.add(new ImmediatePermissionFactory(permission));
        }
    } catch (IOException ex) {
        throw new DeploymentUnitProcessingException(ex);
    }
}

Example 2 with ImmediatePermissionFactory

use of org.jboss.modules.security.ImmediatePermissionFactory in project wildfly by wildfly.

the class WarStructureDeploymentProcessor method deploy.

@Override
public void deploy(DeploymentPhaseContext phaseContext) throws DeploymentUnitProcessingException {
    final DeploymentUnit deploymentUnit = phaseContext.getDeploymentUnit();
    if (!DeploymentTypeMarker.isType(DeploymentType.WAR, deploymentUnit)) {
        // Skip non web deployments
        return;
    }
    final ResourceRoot deploymentResourceRoot = deploymentUnit.getAttachment(Attachments.DEPLOYMENT_ROOT);
    final VirtualFile deploymentRoot = deploymentResourceRoot.getRoot();
    if (deploymentRoot == null) {
        return;
    }
    // set the child first behaviour
    final ModuleSpecification moduleSpecification = deploymentUnit.getAttachment(Attachments.MODULE_SPECIFICATION);
    if (moduleSpecification == null) {
        return;
    }
    moduleSpecification.setPrivateModule(true);
    // other sub deployments should not have access to classes in the war module
    PrivateSubDeploymentMarker.mark(deploymentUnit);
    // OSGi WebApp deployments (WAB) may use the deployment root if they don't use WEB-INF/classes already
    if (!deploymentUnit.hasAttachment(Attachments.OSGI_MANIFEST) || deploymentRoot.getChild(WEB_INF_CLASSES).exists()) {
        // we do not want to index the resource root, only WEB-INF/classes and WEB-INF/lib
        deploymentResourceRoot.putAttachment(Attachments.INDEX_RESOURCE_ROOT, false);
        // Make sure the root does not end up in the module, only META-INF
        deploymentResourceRoot.getExportFilters().add(new FilterSpecification(PathFilters.getMetaInfFilter(), true));
        deploymentResourceRoot.getExportFilters().add(new FilterSpecification(PathFilters.getMetaInfSubdirectoriesFilter(), true));
        deploymentResourceRoot.getExportFilters().add(new FilterSpecification(PathFilters.acceptAll(), false));
        ModuleRootMarker.mark(deploymentResourceRoot, true);
    }
    // TODO: This needs to be ported to add additional resource roots the standard way
    final MountHandle mountHandle = deploymentResourceRoot.getMountHandle();
    try {
        // add standard resource roots, this should eventually replace ClassPathEntry
        final List<ResourceRoot> resourceRoots = createResourceRoots(deploymentRoot, deploymentUnit);
        for (ResourceRoot root : resourceRoots) {
            deploymentUnit.addToAttachmentList(Attachments.RESOURCE_ROOTS, root);
        }
    } catch (Exception e) {
        throw new DeploymentUnitProcessingException(e);
    }
    // Add the war metadata
    final WarMetaData warMetaData = new WarMetaData();
    deploymentUnit.putAttachment(WarMetaData.ATTACHMENT_KEY, warMetaData);
    String deploymentName;
    if (deploymentUnit.getParent() == null) {
        deploymentName = deploymentUnit.getName();
    } else {
        deploymentName = deploymentUnit.getParent().getName() + "." + deploymentUnit.getName();
    }
    PathManager pathManager = deploymentUnit.getAttachment(Attachments.PATH_MANAGER);
    File tempDir = new File(pathManager.getPathEntry(TEMP_DIR).resolvePath(), deploymentName);
    tempDir.mkdirs();
    warMetaData.setTempDir(tempDir);
    moduleSpecification.addPermissionFactory(new ImmediatePermissionFactory(new FilePermission(tempDir.getAbsolutePath() + File.separatorChar + "-", "read,write,delete")));
    // Add the shared TLDs metadata
    final TldsMetaData tldsMetaData = new TldsMetaData();
    tldsMetaData.setSharedTlds(sharedTldsMetaData);
    deploymentUnit.putAttachment(TldsMetaData.ATTACHMENT_KEY, tldsMetaData);
    processExternalMounts(deploymentUnit, deploymentRoot);
}