Package org.eclipse.osgi.framework.internal.core

Source Code of org.eclipse.osgi.framework.internal.core.ConditionalPermissions

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
/*******************************************************************************
* Copyright (c) 2005 IBM Corporation and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* which accompanies this distribution, and is available at
* http://www.eclipse.org/legal/epl-v10.html
*
* Contributors:
*     IBM Corporation - initial API and implementation
*******************************************************************************/
package org.eclipse.osgi.framework.internal.core;

import java.security.Permission;
import java.security.PermissionCollection;
import java.util.Enumeration;
import java.util.Vector;
import org.osgi.framework.FrameworkEvent;
import org.osgi.service.condpermadmin.Condition;
import org.osgi.service.condpermadmin.ConditionalPermissionAdmin;

/**
*
* This class manages the Permissions for a given code source. It tracks the
* permissions that have yet to be satisfied as well as conditions that are
* already satisfied.
*/
public class ConditionalPermissions extends PermissionCollection {
  private static final long serialVersionUID = 3907215965749000496L;
  private AbstractBundle bundle;
  /**
   * This is the list of satisfiedCPIs that we are waiting to process in bulk
   * when evaluating the satisfied permissions. Elements are of type
   * ConditionalPermissionInfoImpl.
   */
  private Vector satisfiedCPIs = new Vector();
  /**
   * This is set contains that ConditionalPermissionInfos that are satisfied
   * and immutable.
   */
  private ConditionalPermissionSet satisfiedCPS;
  /**
   * These are the CPIs that may match this CodeSource. Elements are of type
   * ConditionalPermissionSet.
   */
  private Vector satisfiableCPSs = new Vector();
  private boolean empty;

  /**
   * Constructs a ConditionalPermission for the given bundle.
   *
   * @param bundle the bundle for which this ConditionalPermission tracks Permissions.
   */
  public ConditionalPermissions(AbstractBundle bundle, ConditionalPermissionAdmin cpa) {
    this.bundle = bundle;
    satisfiedCPS = new ConditionalPermissionSet(bundle, ConditionalPermissionAdminImpl.EMPTY_COND_PERM_INFO, ConditionalPermissionAdminImpl.EMPTY_COND);
    Enumeration en = cpa.getConditionalPermissionInfos();
    while (en.hasMoreElements()) {
      ConditionalPermissionInfoImpl cpi = (ConditionalPermissionInfoImpl) en.nextElement();
      checkConditionalPermissionInfo(cpi);
    }
  }

  void checkConditionalPermissionInfo(ConditionalPermissionInfoImpl cpi) {
    try {
      // first remove the cpi incase of an update
      removeCPI(cpi);
      Condition conds[] = cpi.getConditions(bundle);
      if (conds == null) {
        /* Couldn't process the conditions, so we can't use them */
        return;
      }
      boolean satisfied = true;
      for (int i = 0; i < conds.length; i++) {
        Condition cond = conds[i];
        if (cond.isMutable()) {
          satisfied = false;
        } else if (!cond.isSatisfied()) {// Note: the RFC says if !mutable, evaluated must be true
          /*
           * We can just dump here since we have an immutable and
           * unsatisfied condition.
           */
          return;
        } else {
          conds[i] = null; /* We can remove satisfied conditions */
        }
      }
      if (satisfied) {
        satisfiedCPIs.add(cpi);
      } else {
        satisfiableCPSs.add(new ConditionalPermissionSet(bundle, new ConditionalPermissionInfoImpl[] {cpi}, conds));
      }
    } catch (Exception e) {
      bundle.framework.publishFrameworkEvent(FrameworkEvent.ERROR, bundle, e);
    }
  }

  private void removeCPI(ConditionalPermissionInfoImpl cpi) {
    satisfiedCPIs.remove(cpi);
    satisfiedCPS.remove(cpi);
    ConditionalPermissionSet cpsArray[] = (ConditionalPermissionSet[]) satisfiableCPSs.toArray(new ConditionalPermissionSet[0]);
    for (int i = 0; i < cpsArray.length; i++)
      if (cpsArray[i].remove(cpi))
        satisfiableCPSs.remove(cpsArray[i]);
  }

  /**
   * This method is not implemented since this PermissionCollection should
   * only be used by the ConditionalPolicy which never calls this method.
   *
   * @see java.security.PermissionCollection#elements()
   */
  public void add(Permission perm) {
    // do nothing
  }

  public boolean implies(Permission perm) {
    processPending();
    boolean newEmpty = !satisfiedCPS.isNonEmpty();
    if (!newEmpty && satisfiedCPS.implies(perm)) {
      this.empty = false;
      return true;
    }
    boolean satisfied = false;
    Vector unevalCondsSets = null;
    SecurityManager sm = System.getSecurityManager();
    FrameworkSecurityManager fsm = null;
    if (sm instanceof FrameworkSecurityManager)
      fsm = (FrameworkSecurityManager) sm;
    ConditionalPermissionSet cpsArray[] = (ConditionalPermissionSet[]) satisfiableCPSs.toArray(new ConditionalPermissionSet[0]);
    cpsLoop: for (int i = 0; i < cpsArray.length; i++) {
      if (cpsArray[i].isNonEmpty()) {
        newEmpty = false;
        Condition conds[] = cpsArray[i].getNeededConditions();
        if (conds == null)
          continue;
        // check mutable !isPostponed conditions first;
        // note that !mutable conditions have already been evaluated
        for (int j = 0; j < conds.length; j++)
          if (conds[j] != null && !conds[j].isPostponed() && !conds[j].isSatisfied())
            continue cpsLoop;
        // check the implies now
        if (cpsArray[i].implies(perm)) {
          // the permission is implied; the only unevaluated conditions left are mutable postponed conditions
          // postpone their evaluation until the end
          Vector unevaluatedConds = null;
          for (int j = 0; j < conds.length; j++) {
            if (conds[j] != null && conds[j].isPostponed()) {
              if (fsm == null) {
                // If there is no FrameworkSecurityManager, we must evaluate now
                if (!conds[j].isSatisfied())
                  continue cpsLoop;
              } else {
                if (unevaluatedConds == null)
                  unevaluatedConds = new Vector();
                unevaluatedConds.add(conds[j]);
              }
            }
          }
          if (unevaluatedConds == null) {
            // no postponed conditions exist return true now
            this.empty = false;
            return true;
          }
          if (unevalCondsSets == null)
            unevalCondsSets = new Vector(2);
          unevalCondsSets.add(unevaluatedConds.toArray(new Condition[unevaluatedConds.size()]));
          satisfied = true;
        }
      } else {
        satisfiableCPSs.remove(cpsArray[i]);
      }
    }
    this.empty = newEmpty;
    if (satisfied && fsm != null) {
      // There must be at least one set of Conditions to evaluate since
      // we didn't return right we we realized the permission was satisfied
      // so unevalCondsSets must be non-null.
      Condition[][] condArray = (Condition[][]) unevalCondsSets.toArray(new Condition[unevalCondsSets.size()][]);
      satisfied = fsm.addConditionsForDomain(condArray);
    }
    return satisfied;
  }

  /**
   * Process any satisfiedCPIs that have been added.
   */
  private void processPending() {
    if (satisfiedCPIs.size() > 0) {
      synchronized (satisfiedCPIs) {
        for (int i = 0; i < satisfiedCPIs.size(); i++) {
          ConditionalPermissionInfoImpl cpi = (ConditionalPermissionInfoImpl) satisfiedCPIs.get(i);
          if (!cpi.isDeleted())
            satisfiedCPS.addConditionalPermissionInfo(cpi);
        }
        satisfiedCPIs.clear();
      }
    }
  }

  /**
   * This method is not implemented since this PermissionCollection should
   * only be used by the ConditionalPolicy which never calls this method.
   *
   * @return always returns null.
   *
   * @see java.security.PermissionCollection#elements()
   */
  public Enumeration elements() {
    return null;
  }

  /**
   * This method returns true if there are no ConditionalPermissionInfos in
   * this PermissionCollection. The empty condition is only checked during the
   * implies method, it should only be checked after implies has been called.
   *
   * @return false if there are any Conditions that may provide permissions to
   *         this bundle.
   */
  boolean isEmpty() {
    return empty;
  }

  void unresolvePermissions() {
    satisfiedCPS.unresolvePermissions();
    synchronized (satisfiableCPSs) {
      Enumeration en = satisfiableCPSs.elements();
      while (en.hasMoreElements()) {
        ConditionalPermissionSet cs = (ConditionalPermissionSet) en.nextElement();
        cs.unresolvePermissions();
      }
    }
  }
}
TOP

Related Classes of org.eclipse.osgi.framework.internal.core.ConditionalPermissions

  • org.osgi.service.condpermadmin.Condition
  • java.util.Vector
  • java.util.Enumeration
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.