use of org.osgi.framework.PackagePermission in project rt.equinox.framework by eclipse.
the class PermissionTests method badPackagePermission.
protected void badPackagePermission(String name, String actions) {
try {
PackagePermission p = new PackagePermission(name, actions);
// $NON-NLS-1$
fail(p + " created with invalid actions");
} catch (IllegalArgumentException e) {
// expected
}
}
use of org.osgi.framework.PackagePermission in project rt.equinox.framework by eclipse.
the class PackagePermissionTests method testPackagePermission.
public void testPackagePermission() {
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", "x");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", " get , x ");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", "");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", " ");
// $NON-NLS-1$
badPackagePermission("a.b.c", null);
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", ",");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", ",xxx");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", "xxx,");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", "import,");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", "export, ");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", "importme,");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", "exportme,");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", ",import");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", ",export");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", " importme ");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", " exportme ");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", " impor");
// $NON-NLS-1$ //$NON-NLS-2$
badPackagePermission("a.b.c", " expor");
// $NON-NLS-1$ //$NON-NLS-2$
Permission op = new PropertyPermission("java.home", "read");
// $NON-NLS-1$ //$NON-NLS-2$
PackagePermission p11 = new PackagePermission("com.foo.service1", " IMPORT,export ");
// $NON-NLS-1$ //$NON-NLS-2$
PackagePermission p12 = new PackagePermission("com.foo.service1", "EXPORT , import");
// $NON-NLS-1$ //$NON-NLS-2$
PackagePermission p13 = new PackagePermission("com.foo.service1", "expORT ");
// $NON-NLS-1$ //$NON-NLS-2$
PackagePermission p14 = new PackagePermission("com.foo.service1", " Import ");
shouldImply(p11, p11);
shouldImply(p11, p12);
shouldImply(p11, p13);
shouldImply(p11, p14);
shouldImply(p12, p11);
shouldImply(p12, p12);
shouldImply(p12, p13);
shouldImply(p12, p14);
shouldImply(p13, p11);
shouldImply(p13, p12);
shouldImply(p13, p13);
shouldImply(p13, p14);
shouldImply(p14, p14);
shouldNotImply(p14, p11);
shouldNotImply(p14, p12);
shouldNotImply(p14, p13);
shouldNotImply(p11, op);
shouldEqual(p11, p11);
shouldEqual(p11, p12);
shouldEqual(p11, p13);
shouldEqual(p12, p11);
shouldEqual(p12, p12);
shouldEqual(p12, p13);
shouldEqual(p13, p11);
shouldEqual(p13, p12);
shouldEqual(p13, p13);
shouldNotEqual(p11, p14);
shouldNotEqual(p12, p14);
shouldNotEqual(p13, p14);
shouldNotEqual(p14, p11);
shouldNotEqual(p14, p12);
shouldNotEqual(p14, p13);
PermissionCollection pc = p13.newPermissionCollection();
checkEnumeration(pc.elements(), true);
shouldNotImply(pc, p11);
shouldAdd(pc, p14);
shouldImply(pc, p14);
shouldNotImply(pc, p11);
shouldNotImply(pc, p12);
shouldNotImply(pc, p13);
shouldAdd(pc, p13);
shouldImply(pc, p11);
shouldImply(pc, p12);
shouldImply(pc, p13);
shouldImply(pc, p14);
shouldNotAdd(pc, op);
pc = p13.newPermissionCollection();
shouldAdd(pc, p13);
shouldImply(pc, p11);
shouldImply(pc, p12);
shouldImply(pc, p13);
shouldImply(pc, p14);
pc = p11.newPermissionCollection();
shouldAdd(pc, p11);
shouldImply(pc, p11);
shouldImply(pc, p12);
shouldImply(pc, p13);
shouldImply(pc, p14);
pc.setReadOnly();
shouldNotAdd(pc, p12);
checkEnumeration(pc.elements(), false);
// $NON-NLS-1$ //$NON-NLS-2$
PackagePermission p21 = new PackagePermission("com.foo.service2", "import");
// $NON-NLS-1$ //$NON-NLS-2$
PackagePermission p22 = new PackagePermission("com.foo.*", "import");
// $NON-NLS-1$ //$NON-NLS-2$
PackagePermission p23 = new PackagePermission("com.*", "import");
// $NON-NLS-1$ //$NON-NLS-2$
PackagePermission p24 = new PackagePermission("*", "import");
shouldImply(p21, p21);
shouldImply(p22, p21);
shouldImply(p23, p21);
shouldImply(p24, p21);
shouldImply(p22, p22);
shouldImply(p23, p22);
shouldImply(p24, p22);
shouldImply(p23, p23);
shouldImply(p24, p23);
shouldImply(p24, p24);
shouldNotImply(p21, p22);
shouldNotImply(p21, p23);
shouldNotImply(p21, p24);
shouldNotImply(p22, p23);
shouldNotImply(p22, p24);
shouldNotImply(p23, p24);
pc = p21.newPermissionCollection();
shouldAdd(pc, p21);
shouldImply(pc, p21);
shouldNotImply(pc, p22);
shouldNotImply(pc, p23);
shouldNotImply(pc, p24);
shouldAdd(pc, p22);
shouldImply(pc, p21);
shouldImply(pc, p22);
shouldNotImply(pc, p23);
shouldNotImply(pc, p24);
shouldAdd(pc, p23);
shouldImply(pc, p21);
shouldImply(pc, p22);
shouldImply(pc, p23);
shouldNotImply(pc, p24);
shouldAdd(pc, p24);
shouldImply(pc, p21);
shouldImply(pc, p22);
shouldImply(pc, p23);
shouldImply(pc, p24);
pc = p22.newPermissionCollection();
shouldAdd(pc, p22);
shouldImply(pc, p21);
shouldImply(pc, p22);
shouldNotImply(pc, p23);
shouldNotImply(pc, p24);
pc = p23.newPermissionCollection();
shouldAdd(pc, p23);
shouldImply(pc, p21);
shouldImply(pc, p22);
shouldImply(pc, p23);
shouldNotImply(pc, p24);
pc = p24.newPermissionCollection();
shouldAdd(pc, p24);
shouldImply(pc, p21);
shouldImply(pc, p22);
shouldImply(pc, p23);
shouldImply(pc, p24);
testSerialization(p11);
testSerialization(p12);
testSerialization(p13);
testSerialization(p14);
testSerialization(p21);
testSerialization(p22);
testSerialization(p23);
testSerialization(p24);
}
use of org.osgi.framework.PackagePermission in project rt.equinox.framework by eclipse.
the class DynamicImportList method validateSyntaxAndCheckPackagePermission.
private void validateSyntaxAndCheckPackagePermission(String dynamicImportPackageDescription) {
ManifestElement[] clauses;
// Validate the syntax of imports that are added.
try {
clauses = ManifestElement.parseHeader(Constants.IMPORT_PACKAGE, dynamicImportPackageDescription);
} catch (Exception e) {
throw new IllegalArgumentException(e);
}
SecurityManager sm = System.getSecurityManager();
if (sm == null)
return;
// for each dynamic import added.
for (ManifestElement clause : clauses) for (String pkg : clause.getValueComponents()) sm.checkPermission(new PackagePermission(pkg, PackagePermission.IMPORT));
}
use of org.osgi.framework.PackagePermission in project aries by apache.
the class ScopeSecurityTest method testScopeSecurityWithServiceShared.
// @Test
public void testScopeSecurityWithServiceShared() throws Exception {
SecurityManager security = System.getSecurityManager();
assertNotNull("Security manager should not be null", security);
Bundle[] bundles = bundleContext.getBundles();
for (Bundle b : bundles) {
// set up condition permission for scope
if (b.getSymbolicName().indexOf("subsystem.scope.impl") > -1) {
ServiceReference permRef = bundleContext.getServiceReference(ConditionalPermissionAdmin.class.getName());
ConditionalPermissionAdmin permAdmin = (ConditionalPermissionAdmin) bundleContext.getService(permRef);
ConditionalPermissionUpdate update = permAdmin.newConditionalPermissionUpdate();
List<ConditionalPermissionInfo> infos = update.getConditionalPermissionInfos();
// infos.clear();
// set up the conditionInfo
ConditionInfo[] conditionInfo = new ConditionInfo[] { new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[] { b.getLocation() }) };
// Set up permissions which are common to all applications
infos.add(permAdmin.newConditionalPermissionInfo(null, conditionInfo, adminAllowInfo, "allow"));
update.commit();
}
}
ScopeUpdate su = scope.newScopeUpdate();
ScopeUpdate childScopeUpdate = su.newChild("scope_test1");
Map<String, List<SharePolicy>> sharePolicies = childScopeUpdate.getSharePolicies(SharePolicy.TYPE_EXPORT);
final Filter filter1 = FrameworkUtil.createFilter("(&" + "(osgi.package=org.apache.aries.subsystem.example.helloIsolation)" + ")");
final Filter filter2 = FrameworkUtil.createFilter("(&" + "(osgi.service=org.apache.aries.subsystem.example.helloIsolation.HelloIsolation)" + ")");
List<SharePolicy> packagePolicies = sharePolicies.get(BundleRevision.PACKAGE_NAMESPACE);
if (packagePolicies == null) {
packagePolicies = new ArrayList<SharePolicy>();
sharePolicies.put(BundleRevision.PACKAGE_NAMESPACE, packagePolicies);
}
packagePolicies.add(new SharePolicy(SharePolicy.TYPE_EXPORT, BundleRevision.PACKAGE_NAMESPACE, filter1));
List<SharePolicy> servicePolicies = sharePolicies.get("scope.share.service");
if (servicePolicies == null) {
servicePolicies = new ArrayList<SharePolicy>();
sharePolicies.put("scope.share.service", servicePolicies);
}
servicePolicies.add(new SharePolicy(SharePolicy.TYPE_EXPORT, "scope.share.service", filter2));
// build up installInfo object for the scope
InstallInfo info1 = new InstallInfo("helloIsolation", new URL("mvn:org.apache.aries.subsystem.example/org.apache.aries.subsystem.example.helloIsolation/0.4-SNAPSHOT"));
InstallInfo info2 = new InstallInfo("helloIsolationRef", new URL("mvn:org.apache.aries.subsystem.example/org.apache.aries.subsystem.example.helloIsolationRef/0.4-SNAPSHOT"));
List<InstallInfo> bundlesToInstall = childScopeUpdate.getBundlesToInstall();
bundlesToInstall.add(info1);
bundlesToInstall.add(info2);
// add bundles to be installed, based on subsystem content
su.commit();
// start all bundles in the scope scope_test1
Collection<Bundle> bundlesToStart = childScopeUpdate.getBundles();
for (Bundle b : bundlesToStart) {
b.start();
}
try {
ServiceReference sr = bundleContext.getServiceReference("org.apache.aries.subsystem.example.helloIsolation.HelloIsolation");
fail("should not be able to get the sr for HelloIsolation service");
} catch (Exception ex) {
// expected
} catch (Error er) {
// expected
}
// test bundle find hooks
bundles = bundleContext.getBundles();
for (Bundle b : bundles) {
System.out.println("Bundle is " + b.getBundleId() + ": " + b.getSymbolicName());
if (b.getSymbolicName().indexOf("org.apache.aries.subsystem.example.helloIsolation") > -1) {
fail("bundles with name starts with org.apache.aries.subsystem.example.helloIsolation should be in a different scope");
}
}
// test bundle service find hook
// ServiceReference sr = bundleContext.getServiceReference(HelloIsolation.class.getName());
// assertNull("sr should be null", sr);
Collection<Scope> children = scope.getChildren();
assertEquals(1, children.size());
for (Scope child : children) {
if (child.getName().equals("scope_test1")) {
Collection<Bundle> buns = child.getBundles();
assertEquals(2, buns.size());
assertEquals(0, child.getChildren().size());
BundleContext childScopebundleContext = null;
for (Bundle b : buns) {
assertTrue(b.getSymbolicName().indexOf("org.apache.aries.subsystem.example.helloIsolation") > -1);
if (b.getSymbolicName().indexOf("org.apache.aries.subsystem.example.helloIsolationRef") > -1) {
childScopebundleContext = b.getBundleContext();
}
}
assertNotNull(childScopebundleContext);
ServiceReference sr = childScopebundleContext.getServiceReference("org.apache.aries.subsystem.example.helloIsolation.HelloIsolation");
assertNotNull("sr is not null", sr);
System.out.println("got the sr, go get service next");
HelloIsolation hi = (HelloIsolation) childScopebundleContext.getService(sr);
hi.hello();
Permission permission = new PackagePermission("*", PackagePermission.IMPORT);
hi.checkPermission(permission);
}
}
// install a test bundle in the root scope
URL url = new URL("mvn:org.apache.felix/org.apache.felix.fileinstall/2.0.8");
bundleContext.installBundle("org.apache.felix.fileinstall-rootScope", url.openStream());
// remove child scope
su = scope.newScopeUpdate();
Collection<ScopeUpdate> scopes = su.getChildren();
// obtain child scope admin from service registry
// String filter = "ScopeName=scope_test1";
Scope childScopeAdmin = childScopeUpdate.getScope();
assertEquals(scope, childScopeAdmin.getParent());
scopes.remove(childScopeUpdate);
su.commit();
assertFalse(scope.getChildren().contains(childScopeAdmin));
su = scope.newScopeUpdate();
assertFalse(su.getChildren().contains(childScopeUpdate));
// childScopeAdmin = null;
// try {
// childScopeAdmin = getOsgiService(Scope.class, filter, DEFAULT_TIMEOUT);
// } catch (Exception ex) {
// // ignore
// }
// assertNull("scope admin service for the scope should be unregistered", childScopeAdmin);
}
Aggregations