use of org.osgi.service.condpermadmin.ConditionalPermissionAdmin in project jersey by jersey.
the class AbstractWebAppTest method updatePermissionsFromFile.
private void updatePermissionsFromFile() throws IOException {
final ServiceReference cpaRef = bundleContext.getServiceReference(ConditionalPermissionAdmin.class.getName());
final ConditionalPermissionAdmin conditionalPermissionAdmin = (ConditionalPermissionAdmin) bundleContext.getService(cpaRef);
final ConditionalPermissionUpdate permissionUpdate = conditionalPermissionAdmin.newConditionalPermissionUpdate();
final List conditionalPermissionInfos = permissionUpdate.getConditionalPermissionInfos();
try {
final BufferedReader reader = new BufferedReader(new FileReader(felixPolicy));
String line;
final Set<String> cpiNames = new HashSet<String>();
while ((line = reader.readLine()) != null) {
if (!line.startsWith("//")) {
final ConditionalPermissionInfo cpi = conditionalPermissionAdmin.newConditionalPermissionInfo(line);
final String cpiName = cpi.getName();
if (cpiNames.contains(cpiName)) {
throw new RuntimeException("Redundant policy name!");
}
cpiNames.add(cpiName);
conditionalPermissionInfos.add(cpi);
}
}
reader.close();
permissionUpdate.commit();
} finally {
bundleContext.ungetService(cpaRef);
}
}
use of org.osgi.service.condpermadmin.ConditionalPermissionAdmin in project aries by apache.
the class ScopeSecurityTest method testScopeSecurityWithServiceShared.
//@Test
public void testScopeSecurityWithServiceShared() throws Exception {
SecurityManager security = System.getSecurityManager();
assertNotNull("Security manager should not be null", security);
Bundle[] bundles = bundleContext.getBundles();
for (Bundle b : bundles) {
// set up condition permission for scope
if (b.getSymbolicName().indexOf("subsystem.scope.impl") > -1) {
ServiceReference permRef = bundleContext.getServiceReference(ConditionalPermissionAdmin.class.getName());
ConditionalPermissionAdmin permAdmin = (ConditionalPermissionAdmin) bundleContext.getService(permRef);
ConditionalPermissionUpdate update = permAdmin.newConditionalPermissionUpdate();
List<ConditionalPermissionInfo> infos = update.getConditionalPermissionInfos();
//infos.clear();
// set up the conditionInfo
ConditionInfo[] conditionInfo = new ConditionInfo[] { new ConditionInfo("org.osgi.service.condpermadmin.BundleLocationCondition", new String[] { b.getLocation() }) };
// Set up permissions which are common to all applications
infos.add(permAdmin.newConditionalPermissionInfo(null, conditionInfo, adminAllowInfo, "allow"));
update.commit();
}
}
ScopeUpdate su = scope.newScopeUpdate();
ScopeUpdate childScopeUpdate = su.newChild("scope_test1");
Map<String, List<SharePolicy>> sharePolicies = childScopeUpdate.getSharePolicies(SharePolicy.TYPE_EXPORT);
final Filter filter1 = FrameworkUtil.createFilter("(&" + "(osgi.package=org.apache.aries.subsystem.example.helloIsolation)" + ")");
final Filter filter2 = FrameworkUtil.createFilter("(&" + "(osgi.service=org.apache.aries.subsystem.example.helloIsolation.HelloIsolation)" + ")");
List<SharePolicy> packagePolicies = sharePolicies.get(BundleRevision.PACKAGE_NAMESPACE);
if (packagePolicies == null) {
packagePolicies = new ArrayList<SharePolicy>();
sharePolicies.put(BundleRevision.PACKAGE_NAMESPACE, packagePolicies);
}
packagePolicies.add(new SharePolicy(SharePolicy.TYPE_EXPORT, BundleRevision.PACKAGE_NAMESPACE, filter1));
List<SharePolicy> servicePolicies = sharePolicies.get("scope.share.service");
if (servicePolicies == null) {
servicePolicies = new ArrayList<SharePolicy>();
sharePolicies.put("scope.share.service", servicePolicies);
}
servicePolicies.add(new SharePolicy(SharePolicy.TYPE_EXPORT, "scope.share.service", filter2));
// build up installInfo object for the scope
InstallInfo info1 = new InstallInfo("helloIsolation", new URL("mvn:org.apache.aries.subsystem.example/org.apache.aries.subsystem.example.helloIsolation/0.4-SNAPSHOT"));
InstallInfo info2 = new InstallInfo("helloIsolationRef", new URL("mvn:org.apache.aries.subsystem.example/org.apache.aries.subsystem.example.helloIsolationRef/0.4-SNAPSHOT"));
List<InstallInfo> bundlesToInstall = childScopeUpdate.getBundlesToInstall();
bundlesToInstall.add(info1);
bundlesToInstall.add(info2);
// add bundles to be installed, based on subsystem content
su.commit();
// start all bundles in the scope scope_test1
Collection<Bundle> bundlesToStart = childScopeUpdate.getBundles();
for (Bundle b : bundlesToStart) {
b.start();
}
try {
ServiceReference sr = bundleContext.getServiceReference("org.apache.aries.subsystem.example.helloIsolation.HelloIsolation");
fail("should not be able to get the sr for HelloIsolation service");
} catch (Exception ex) {
// expected
} catch (Error er) {
// expected
}
// test bundle find hooks
bundles = bundleContext.getBundles();
for (Bundle b : bundles) {
System.out.println("Bundle is " + b.getBundleId() + ": " + b.getSymbolicName());
if (b.getSymbolicName().indexOf("org.apache.aries.subsystem.example.helloIsolation") > -1) {
fail("bundles with name starts with org.apache.aries.subsystem.example.helloIsolation should be in a different scope");
}
}
// test bundle service find hook
//ServiceReference sr = bundleContext.getServiceReference(HelloIsolation.class.getName());
//assertNull("sr should be null", sr);
Collection<Scope> children = scope.getChildren();
assertEquals(1, children.size());
for (Scope child : children) {
if (child.getName().equals("scope_test1")) {
Collection<Bundle> buns = child.getBundles();
assertEquals(2, buns.size());
assertEquals(0, child.getChildren().size());
BundleContext childScopebundleContext = null;
for (Bundle b : buns) {
assertTrue(b.getSymbolicName().indexOf("org.apache.aries.subsystem.example.helloIsolation") > -1);
if (b.getSymbolicName().indexOf("org.apache.aries.subsystem.example.helloIsolationRef") > -1) {
childScopebundleContext = b.getBundleContext();
}
}
assertNotNull(childScopebundleContext);
ServiceReference sr = childScopebundleContext.getServiceReference("org.apache.aries.subsystem.example.helloIsolation.HelloIsolation");
assertNotNull("sr is not null", sr);
System.out.println("got the sr, go get service next");
HelloIsolation hi = (HelloIsolation) childScopebundleContext.getService(sr);
hi.hello();
Permission permission = new PackagePermission("*", PackagePermission.IMPORT);
hi.checkPermission(permission);
}
}
// install a test bundle in the root scope
URL url = new URL("mvn:org.apache.felix/org.apache.felix.fileinstall/2.0.8");
bundleContext.installBundle("org.apache.felix.fileinstall-rootScope", url.openStream());
// remove child scope
su = scope.newScopeUpdate();
Collection<ScopeUpdate> scopes = su.getChildren();
// obtain child scope admin from service registry
// String filter = "ScopeName=scope_test1";
Scope childScopeAdmin = childScopeUpdate.getScope();
assertEquals(scope, childScopeAdmin.getParent());
scopes.remove(childScopeUpdate);
su.commit();
assertFalse(scope.getChildren().contains(childScopeAdmin));
su = scope.newScopeUpdate();
assertFalse(su.getChildren().contains(childScopeUpdate));
// childScopeAdmin = null;
// try {
// childScopeAdmin = getOsgiService(Scope.class, filter, DEFAULT_TIMEOUT);
// } catch (Exception ex) {
// // ignore
// }
// assertNull("scope admin service for the scope should be unregistered", childScopeAdmin);
}
Aggregations