Search in sources :

Example 1 with ConditionalPermissionAdmin

use of org.osgi.service.condpermadmin.ConditionalPermissionAdmin in project jersey by jersey.

the class AbstractWebAppTest method updatePermissionsFromFile.

private void updatePermissionsFromFile() throws IOException {
    final ServiceReference cpaRef = bundleContext.getServiceReference(ConditionalPermissionAdmin.class.getName());
    final ConditionalPermissionAdmin conditionalPermissionAdmin = (ConditionalPermissionAdmin) bundleContext.getService(cpaRef);
    final ConditionalPermissionUpdate permissionUpdate = conditionalPermissionAdmin.newConditionalPermissionUpdate();
    final List conditionalPermissionInfos = permissionUpdate.getConditionalPermissionInfos();
    try {
        final BufferedReader reader = new BufferedReader(new FileReader(felixPolicy));
        String line;
        final Set<String> cpiNames = new HashSet<String>();
        while ((line = reader.readLine()) != null) {
            if (!line.startsWith("//")) {
                final ConditionalPermissionInfo cpi = conditionalPermissionAdmin.newConditionalPermissionInfo(line);
                final String cpiName = cpi.getName();
                if (cpiNames.contains(cpiName)) {
                    throw new RuntimeException("Redundant policy name!");
                }
                cpiNames.add(cpiName);
                conditionalPermissionInfos.add(cpi);
            }
        }
        reader.close();
        permissionUpdate.commit();
    } finally {
        bundleContext.ungetService(cpaRef);
    }
}
Also used : ConditionalPermissionAdmin(org.osgi.service.condpermadmin.ConditionalPermissionAdmin) ConditionalPermissionInfo(org.osgi.service.condpermadmin.ConditionalPermissionInfo) BufferedReader(java.io.BufferedReader) ArrayList(java.util.ArrayList) LinkedList(java.util.LinkedList) List(java.util.List) FileReader(java.io.FileReader) ConditionalPermissionUpdate(org.osgi.service.condpermadmin.ConditionalPermissionUpdate) ServiceReference(org.osgi.framework.ServiceReference) HashSet(java.util.HashSet)

Example 2 with ConditionalPermissionAdmin

use of org.osgi.service.condpermadmin.ConditionalPermissionAdmin in project aries by apache.

the class ScopeSecurityTest method testScopeSecurityWithServiceShared.

//@Test
public void testScopeSecurityWithServiceShared() throws Exception {
    SecurityManager security = System.getSecurityManager();
    assertNotNull("Security manager should not be null", security);
    Bundle[] bundles = bundleContext.getBundles();
    for (Bundle b : bundles) {
        // set up condition permission for scope
        if (b.getSymbolicName().indexOf("subsystem.scope.impl") > -1) {
            ServiceReference permRef = bundleContext.getServiceReference(ConditionalPermissionAdmin.class.getName());
            ConditionalPermissionAdmin permAdmin = (ConditionalPermissionAdmin) bundleContext.getService(permRef);
            ConditionalPermissionUpdate update = permAdmin.newConditionalPermissionUpdate();
            List<ConditionalPermissionInfo> infos = update.getConditionalPermissionInfos();
            //infos.clear();
            // set up the conditionInfo
            ConditionInfo[] conditionInfo = new ConditionInfo[] { new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[] { b.getLocation() }) };
            // Set up permissions which are common to all applications
            infos.add(permAdmin.newConditionalPermissionInfo(null, conditionInfo, adminAllowInfo, "allow"));
            update.commit();
        }
    }
    ScopeUpdate su = scope.newScopeUpdate();
    ScopeUpdate childScopeUpdate = su.newChild("scope_test1");
    Map<String, List<SharePolicy>> sharePolicies = childScopeUpdate.getSharePolicies(SharePolicy.TYPE_EXPORT);
    final Filter filter1 = FrameworkUtil.createFilter("(&" + "(osgi.package=org.apache.aries.subsystem.example.helloIsolation)" + ")");
    final Filter filter2 = FrameworkUtil.createFilter("(&" + "(osgi.service=org.apache.aries.subsystem.example.helloIsolation.HelloIsolation)" + ")");
    List<SharePolicy> packagePolicies = sharePolicies.get(BundleRevision.PACKAGE_NAMESPACE);
    if (packagePolicies == null) {
        packagePolicies = new ArrayList<SharePolicy>();
        sharePolicies.put(BundleRevision.PACKAGE_NAMESPACE, packagePolicies);
    }
    packagePolicies.add(new SharePolicy(SharePolicy.TYPE_EXPORT, BundleRevision.PACKAGE_NAMESPACE, filter1));
    List<SharePolicy> servicePolicies = sharePolicies.get("scope.share.service");
    if (servicePolicies == null) {
        servicePolicies = new ArrayList<SharePolicy>();
        sharePolicies.put("scope.share.service", servicePolicies);
    }
    servicePolicies.add(new SharePolicy(SharePolicy.TYPE_EXPORT, "scope.share.service", filter2));
    // build up installInfo object for the scope
    InstallInfo info1 = new InstallInfo("helloIsolation", new URL("mvn:org.apache.aries.subsystem.example/org.apache.aries.subsystem.example.helloIsolation/0.4-SNAPSHOT"));
    InstallInfo info2 = new InstallInfo("helloIsolationRef", new URL("mvn:org.apache.aries.subsystem.example/org.apache.aries.subsystem.example.helloIsolationRef/0.4-SNAPSHOT"));
    List<InstallInfo> bundlesToInstall = childScopeUpdate.getBundlesToInstall();
    bundlesToInstall.add(info1);
    bundlesToInstall.add(info2);
    // add bundles to be installed, based on subsystem content
    su.commit();
    // start all bundles in the scope scope_test1
    Collection<Bundle> bundlesToStart = childScopeUpdate.getBundles();
    for (Bundle b : bundlesToStart) {
        b.start();
    }
    try {
        ServiceReference sr = bundleContext.getServiceReference("org.apache.aries.subsystem.example.helloIsolation.HelloIsolation");
        fail("should not be able to get the sr for HelloIsolation service");
    } catch (Exception ex) {
    // expected 
    } catch (Error er) {
    // expected
    }
    // test bundle find hooks
    bundles = bundleContext.getBundles();
    for (Bundle b : bundles) {
        System.out.println("Bundle is " + b.getBundleId() + ": " + b.getSymbolicName());
        if (b.getSymbolicName().indexOf("org.apache.aries.subsystem.example.helloIsolation") > -1) {
            fail("bundles with name starts with org.apache.aries.subsystem.example.helloIsolation should be in a different scope");
        }
    }
    // test bundle service find hook
    //ServiceReference sr = bundleContext.getServiceReference(HelloIsolation.class.getName());
    //assertNull("sr should be null", sr);
    Collection<Scope> children = scope.getChildren();
    assertEquals(1, children.size());
    for (Scope child : children) {
        if (child.getName().equals("scope_test1")) {
            Collection<Bundle> buns = child.getBundles();
            assertEquals(2, buns.size());
            assertEquals(0, child.getChildren().size());
            BundleContext childScopebundleContext = null;
            for (Bundle b : buns) {
                assertTrue(b.getSymbolicName().indexOf("org.apache.aries.subsystem.example.helloIsolation") > -1);
                if (b.getSymbolicName().indexOf("org.apache.aries.subsystem.example.helloIsolationRef") > -1) {
                    childScopebundleContext = b.getBundleContext();
                }
            }
            assertNotNull(childScopebundleContext);
            ServiceReference sr = childScopebundleContext.getServiceReference("org.apache.aries.subsystem.example.helloIsolation.HelloIsolation");
            assertNotNull("sr is not null", sr);
            System.out.println("got the sr, go get service next");
            HelloIsolation hi = (HelloIsolation) childScopebundleContext.getService(sr);
            hi.hello();
            Permission permission = new PackagePermission("*", PackagePermission.IMPORT);
            hi.checkPermission(permission);
        }
    }
    // install a test bundle in the root scope
    URL url = new URL("mvn:org.apache.felix/org.apache.felix.fileinstall/2.0.8");
    bundleContext.installBundle("org.apache.felix.fileinstall-rootScope", url.openStream());
    // remove child scope
    su = scope.newScopeUpdate();
    Collection<ScopeUpdate> scopes = su.getChildren();
    // obtain child scope admin from service registry
    //        String filter = "ScopeName=scope_test1";
    Scope childScopeAdmin = childScopeUpdate.getScope();
    assertEquals(scope, childScopeAdmin.getParent());
    scopes.remove(childScopeUpdate);
    su.commit();
    assertFalse(scope.getChildren().contains(childScopeAdmin));
    su = scope.newScopeUpdate();
    assertFalse(su.getChildren().contains(childScopeUpdate));
//        childScopeAdmin = null;
//        try {
//            childScopeAdmin = getOsgiService(Scope.class, filter, DEFAULT_TIMEOUT);
//        } catch (Exception ex) {
//            // ignore
//        }
//        assertNull("scope admin service for the scope should be unregistered", childScopeAdmin);
}
Also used : SharePolicy(org.apache.aries.subsystem.scope.SharePolicy) URL(java.net.URL) HelloIsolation(org.apache.aries.subsystem.example.helloIsolation.HelloIsolation) ConditionalPermissionInfo(org.osgi.service.condpermadmin.ConditionalPermissionInfo) PackagePermission(org.osgi.framework.PackagePermission) Permission(java.security.Permission) ArrayList(java.util.ArrayList) List(java.util.List) ConditionalPermissionUpdate(org.osgi.service.condpermadmin.ConditionalPermissionUpdate) ConditionInfo(org.osgi.service.condpermadmin.ConditionInfo) ConditionalPermissionAdmin(org.osgi.service.condpermadmin.ConditionalPermissionAdmin) InstallInfo(org.apache.aries.subsystem.scope.InstallInfo) Bundle(org.osgi.framework.Bundle) CoreOptions.mavenBundle(org.ops4j.pax.exam.CoreOptions.mavenBundle) ScopeUpdate(org.apache.aries.subsystem.scope.ScopeUpdate) PackagePermission(org.osgi.framework.PackagePermission) ServiceReference(org.osgi.framework.ServiceReference) Scope(org.apache.aries.subsystem.scope.Scope) Filter(org.osgi.framework.Filter) BundleContext(org.osgi.framework.BundleContext)

Aggregations

ArrayList (java.util.ArrayList)2 List (java.util.List)2 ServiceReference (org.osgi.framework.ServiceReference)2 ConditionalPermissionAdmin (org.osgi.service.condpermadmin.ConditionalPermissionAdmin)2 ConditionalPermissionInfo (org.osgi.service.condpermadmin.ConditionalPermissionInfo)2 ConditionalPermissionUpdate (org.osgi.service.condpermadmin.ConditionalPermissionUpdate)2 BufferedReader (java.io.BufferedReader)1 FileReader (java.io.FileReader)1 URL (java.net.URL)1 Permission (java.security.Permission)1 HashSet (java.util.HashSet)1 LinkedList (java.util.LinkedList)1 HelloIsolation (org.apache.aries.subsystem.example.helloIsolation.HelloIsolation)1 InstallInfo (org.apache.aries.subsystem.scope.InstallInfo)1 Scope (org.apache.aries.subsystem.scope.Scope)1 ScopeUpdate (org.apache.aries.subsystem.scope.ScopeUpdate)1 SharePolicy (org.apache.aries.subsystem.scope.SharePolicy)1 CoreOptions.mavenBundle (org.ops4j.pax.exam.CoreOptions.mavenBundle)1 Bundle (org.osgi.framework.Bundle)1 BundleContext (org.osgi.framework.BundleContext)1