All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.sun.enterprise.security.perms.PermissionXMLParser Maven / Gradle / Ivy

There is a newer version: 4.1.2.181
Show newest version
/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright (c) 2013 Oracle and/or its affiliates. All rights reserved.
 *
 * The contents of this file are subject to the terms of either the GNU
 * General Public License Version 2 only ("GPL") or the Common Development
 * and Distribution License("CDDL") (collectively, the "License").  You
 * may not use this file except in compliance with the License.  You can
 * obtain a copy of the License at
 * https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html
 * or packager/legal/LICENSE.txt.  See the License for the specific
 * language governing permissions and limitations under the License.
 *
 * When distributing the software, include this License Header Notice in each
 * file and include the License file at packager/legal/LICENSE.txt.
 *
 * GPL Classpath Exception:
 * Oracle designates this particular file as subject to the "Classpath"
 * exception as provided by Oracle in the GPL Version 2 section of the License
 * file that accompanied this code.
 *
 * Modifications:
 * If applicable, add the following below the License Header, with the fields
 * enclosed by brackets [] replaced by your own identifying information:
 * "Portions Copyright [year] [name of copyright owner]"
 *
 * Contributor(s):
 * If you wish your version of this file to be governed by only the CDDL or
 * only the GPL Version 2, indicate your decision by adding "[Contributor]
 * elects to include this software in this distribution under the [CDDL or GPL
 * Version 2] license."  If you don't indicate a single choice of license, a
 * recipient has the option to distribute your version of this file under
 * either the CDDL, the GPL Version 2 or to extend the choice of license to
 * its licensees as provided above.  However, if you add GPL Version 2 code
 * and therefore, elected the GPL Version 2 license, then the option applies
 * only if the new code is made subject to such option by the copyright
 * holder.
 */
package com.sun.enterprise.security.perms;


import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
//import java.text.MessageFormat;

import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLResolver;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;

import static javax.xml.stream.XMLStreamConstants.END_DOCUMENT;
import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;

//import com.sun.enterprise.deploy.shared.LogMessageInfo;
import com.sun.enterprise.security.integration.PermissionCreator;

/**
 * Paser to parse permissions.xml packaged in a ear or in a standalone module
 */
public class PermissionXMLParser {

    protected static final String PERMISSIONS_XML = "META-INF/permissions.xml"; 
    protected static final String RESTRICTED_PERMISSIONS_XML = "META-INF/restricted-permissions.xml"; 

    protected XMLStreamReader parser = null;
    
    PermissionCollection pc = new Permissions();

    private PermissionCollection permissionCollectionToBeRestricted = null;
    
    private static XMLInputFactory xmlInputFactory;
    
    static {
        xmlInputFactory = XMLInputFactory.newInstance();
        xmlInputFactory.setProperty(XMLInputFactory.SUPPORT_DTD, false);
        xmlInputFactory.setProperty(XMLInputFactory.IS_NAMESPACE_AWARE, true);

        // set an zero-byte XMLResolver as IBM JDK does not take SUPPORT_DTD=false
        // unless there is a jvm option com.ibm.xml.xlxp.support.dtd.compat.mode=false
        xmlInputFactory.setXMLResolver(new XMLResolver() {
                @Override
                public Object resolveEntity(String publicID,
                        String systemID, String baseURI, String namespace)
                        throws XMLStreamException {

                    return new ByteArrayInputStream(new byte[0]);
                }
            });
    }

    
    //@LogMessageInfo(message = "This is an unexpected end of document", level = "WARNING")
    //public static final String UNEXPECTED_END_IN_XMLDOCUMENT = "NCLS-DEPLOYMENT-00048";

    
    public PermissionXMLParser(File permissionsXmlFile, 
            PermissionCollection permissionCollectionToBeRestricted)
            throws XMLStreamException, FileNotFoundException {
        
        FileInputStream fi = null;
        try {
            this.permissionCollectionToBeRestricted = permissionCollectionToBeRestricted;
            fi = new FileInputStream(permissionsXmlFile); 
            init(fi);
        } finally {
            if (fi != null)
                try {
                    fi.close();
                } catch (IOException e) {
                }            
        }
        
    }

    
    public PermissionXMLParser(InputStream input,
            PermissionCollection permissionCollectionToBeRestricted)
            throws XMLStreamException, FileNotFoundException {

        this.permissionCollectionToBeRestricted = permissionCollectionToBeRestricted;
        init(input);

    }
    
    protected static XMLInputFactory getXMLInputFactory() {
        return xmlInputFactory;
    }

    
    /**
     * This method will parse the input stream and set the XMLStreamReader
     * object for latter use.
     *
     * @param input InputStream
     * @exception XMLStreamException;
     */
    //@Override
    protected void read(InputStream input) throws XMLStreamException {
        parser = getXMLInputFactory().createXMLStreamReader(input);

        int event = 0;
        String classname = null;
        String target = null;
        String actions = null;
        while (parser.hasNext() && (event = parser.next()) != END_DOCUMENT) {
            if (event == START_ELEMENT) {
                String name = parser.getLocalName();
                if ("permission".equals(name)) {
                    classname = null;
                    target = null;
                    actions = null;
                } else if ("class-name".equals(name)) {
                    classname = parser.getElementText();
                } else if ("name".equals(name)) {
                    target = parser.getElementText();
                } else if ("actions".equals(name)) {
                    actions = parser.getElementText();
                } else if ("permissions".equals(name)) {
                    // continue trough subtree
                }  else {
                    skipSubTree(name);
                }
            }
            else if (event == END_ELEMENT) {
                String name = parser.getLocalName();
                if ("permission".equals(name)) {
                    if(classname != null && !classname.isEmpty()) {
                        addPermission(classname, target, actions);
                    }
                }
            }
        }
    }
    
    protected void init(InputStream input) throws XMLStreamException {

        try {
            read(input);
        } finally {
            if (parser != null) {
                try {
                    parser.close();
                } catch (Exception ex) {
                    // ignore
                }
            }
        }
    }

    protected void skipRoot(String name) throws XMLStreamException {
        while (true) {
            int event = parser.next();
            if (event == START_ELEMENT) {
                String localName = parser.getLocalName();
                if (!name.equals(localName)) {
                    //String msg = rb.getString(UNEXPECTED_ELEMENT_IN_XML);
                    //msg = MessageFormat.format(msg, new Object[] { name,
                    //        localName });
                    //throw new XMLStreamException(msg);
                    throw new  XMLStreamException("Unexpected element with name " + name);
                }
                return;
            }
        }
    }

    protected void skipSubTree(String name) throws XMLStreamException {
        while (true) {
            int event = parser.next();
            if (event == END_DOCUMENT) {
                throw new XMLStreamException(
                        //rb.getString(UNEXPECTED_END_IN_XMLDOCUMENT));
                        "Unexpected element with name " + name);
            } else if (event == END_ELEMENT
                    && name.equals(parser.getLocalName())) {
                return;
            }
        }
    }
    
    private void addPermission(String classname, String target, String actions)  {
        try {
            Permission pm = PermissionCreator.getInstance(classname, target, actions);

            if (pm != null) {
                if (permissionCollectionToBeRestricted != null && permissionCollectionToBeRestricted.implies(pm)) {
                    throw new SecurityException("Restricted Permission Declared - fail deployment!");
                }
                else {
                    pc.add(pm);
                }
            }
        } catch (ClassNotFoundException e) {
            throw new SecurityException(e);
        } catch (NoSuchMethodException e) {
            throw new SecurityException(e);
        } catch (InstantiationException e) {
            throw new SecurityException(e);
        } catch (IllegalAccessException e) {
            throw new SecurityException(e);
        } catch (InvocationTargetException e) {
            throw new SecurityException(e);
        }
    }
    
    
    
    protected PermissionCollection getPermissions() {
        return pc;
    }

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy