org.osgi.framework.ServicePermission Java Examples

The following examples show how to use org.osgi.framework.ServicePermission. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AbstractBundle.java    From concierge with Eclipse Public License 1.0 6 votes vote down vote up
/**
 * remove all ServiceReferences for which the requesting bundle does not
 * have appropriate permissions
 * 
 * @param refs
 *            the references.
 * @return the permitted references.
 */
protected static final ServiceReference<?>[] checkPermissions(
		final ServiceReferenceImpl<?>[] refs) {
	final List<ServiceReferenceImpl<?>[]> results = new ArrayList<ServiceReferenceImpl<?>[]>(
			refs.length);
	final AccessControlContext controller = AccessController.getContext();
	for (int i = 0; i < refs.length; i++) {
		final String[] interfaces = (String[]) refs[i].properties
				.get(Constants.OBJECTCLASS);
		for (int j = 0; j < interfaces.length; j++) {
			try {
				controller.checkPermission(new ServicePermission(
						interfaces[j], ServicePermission.GET));
				results.add(refs);
				break;
			} catch (final SecurityException se) {
				// does not have the permission, try with the next interface
			}
		}
	}
	return results.toArray(new ServiceReference[results.size()]);
}
 
Example #2
Source File: DefaultPolicyBuilderTest.java    From onos with Apache License 2.0 6 votes vote down vote up
@Before
public void setUp() throws Exception {
    List<Permission> permSet = Lists.newArrayList();
    permSet.add(new PackagePermission("*", PackagePermission.EXPORTONLY));
    permSet.add(new PackagePermission("*", PackagePermission.IMPORT));
    permSet.add(new AdaptPermission("*", AdaptPermission.ADAPT));
    permSet.add(new ConfigurationPermission("*", ConfigurationPermission.CONFIGURE));
    permSet.add(new AdminPermission("*", AdminPermission.METADATA));
    defaultPermissions = permSet;

    List<Permission> adminPermSet = Lists.newArrayList();
    adminPermSet.add(new ServicePermission(ApplicationAdminService.class.getName(), ServicePermission.GET));
    adminServicePermissions = adminPermSet;

    testPermission = new org.onosproject.security.Permission("testClass", "APP_READ", "testActions");
    testPermissions = new HashSet<org.onosproject.security.Permission>();
    testPermissions.add(testPermission);

    testJavaPerm = new AppPermission("testName");
    testJavaPerms = new HashSet<Permission>();
    testJavaPerms.add(testJavaPerm);
}
 
Example #3
Source File: DefaultPolicyBuilderTest.java    From onos with Apache License 2.0 6 votes vote down vote up
@Test
public void testConvertToJavaPermissions() {
    List<Permission> result = Lists.newArrayList();
    for (org.onosproject.security.Permission perm : testPermissions) {
        Permission javaPerm = new AppPermission(perm.getName());
        if (javaPerm != null) {
            if (javaPerm instanceof AppPermission) {
                if (((AppPermission) javaPerm).getType() != null) {
                    AppPermission ap = (AppPermission) javaPerm;
                    result.add(ap);
                }
            } else if (javaPerm instanceof ServicePermission) {
                if (!javaPerm.getName().contains(SecurityAdminService.class.getName())) {
                    result.add(javaPerm);
                }
            } else {
                result.add(javaPerm);
            }

        }
    }
    assertTrue(!result.isEmpty());
    assertEquals("APP_READ", result.get(0).getName());
}
 
Example #4
Source File: Concierge.java    From concierge with Eclipse Public License 1.0 5 votes vote down vote up
/**
 * get the service object.
 * 
 * @param reference
 *            the service reference.
 * @return the service object.
 * @see org.osgi.framework.BundleContext#getService(org.osgi.framework.ServiceReference)
 * 
 */
public <S> S getService(final ServiceReference<S> reference) {
	checkValid();
	if (reference == null) {
		throw new NullPointerException("Null service reference.");
	}

	if (SECURITY_ENABLED) {
		final String[] clazzes = (String[]) reference
				.getProperty(Constants.OBJECTCLASS);
		for (int i = 0; i < clazzes.length; i++) {
			try {
				AccessController.checkPermission(new ServicePermission(
						clazzes[i], ServicePermission.GET));
				return ((ServiceReferenceImpl<S>) reference)
						.getService(bundle);
			} catch (final SecurityException se) {
				continue;
			}
		}
		throw new SecurityException(
				"Caller does not have permissions for getting service from "
						+ reference);
	}

	return ((ServiceReferenceImpl<S>) reference).getService(bundle);
}
 
Example #5
Source File: SecurePermissionOps.java    From knopflerfish.org with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
@Override
void checkRegisterServicePerm(String clazz)
{
  final SecurityManager sm = System.getSecurityManager();
  if (null != sm) {
    sm.checkPermission(new ServicePermission(clazz,
                                             ServicePermission.REGISTER));
  }
}
 
Example #6
Source File: SecurePermissionOps.java    From knopflerfish.org with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
@Override
void checkGetServicePerms(ServiceReference<?> sr)
{
  final SecurityManager sm = System.getSecurityManager();
  if (null != sm) {
    sm.checkPermission(new ServicePermission(sr, ServicePermission.GET));
  }
}
 
Example #7
Source File: BundleLifecycleHandler.java    From ACDD with MIT License 5 votes vote down vote up
private boolean isLewaOS() {
    try {
        return StringUtils.isNotEmpty((String) Class
                .forName("android.os.SystemProperties")
                .getDeclaredMethod(ServicePermission.GET,
                        new Class[]{String.class})
                .invoke(null, "ro.lewa.version"));
    } catch (Exception e) {
        e.printStackTrace();
        return false;
    }
}
 
Example #8
Source File: BundleLifecycleHandler.java    From AtlasForAndroid with MIT License 5 votes vote down vote up
private boolean isLewaOS() {
    try {
        return StringUtils.isNotEmpty((String) Class.forName("android.os.SystemProperties").getDeclaredMethod(ServicePermission.GET, new Class[]{String.class}).invoke(null, new Object[]{"ro.lewa.version"}));
    } catch (Exception e) {
        e.printStackTrace();
        return false;
    }
}
 
Example #9
Source File: DefaultPolicyBuilder.java    From onos with Apache License 2.0 5 votes vote down vote up
public static List<Permission> convertToJavaPermissions(Set<org.onosproject.security.Permission> permissions) {
    List<Permission> result = Lists.newArrayList();
    for (org.onosproject.security.Permission perm : permissions) {
        Permission javaPerm = getPermission(perm);
        if (javaPerm != null) {
            if (javaPerm instanceof AppPermission) {
                if (((AppPermission) javaPerm).getType() != null) {
                    AppPermission ap = (AppPermission) javaPerm;
                    result.add(ap);
                    if (serviceDirectory.containsKey(ap.getType())) {
                        for (String service : serviceDirectory.get(ap.getType())) {
                            result.add(new ServicePermission(service, ServicePermission.GET));
                        }
                    }
                }
            } else if (javaPerm instanceof ServicePermission) {
                if (!javaPerm.getName().contains(SecurityAdminService.class.getName())) {
                    result.add(javaPerm);
                }
            } else {
                result.add(javaPerm);
            }

        }
    }
    return result;
}
 
Example #10
Source File: DefaultPolicyBuilderTest.java    From onos with Apache License 2.0 5 votes vote down vote up
@Test
public void testGetNBServiceList() {
    Set<String> permString = new HashSet<>();
    permString.add(new ServicePermission(ApplicationAdminService.class.getName(), ServicePermission.GET).getName());
    assertEquals(1, permString.size());
    assertEquals("org.onosproject.app.ApplicationAdminService", permString.toArray()[0]);
}
 
Example #11
Source File: Concierge.java    From concierge with Eclipse Public License 1.0 4 votes vote down vote up
/**
 * register a new service.
 * 
 * @param clazzes
 *            the classes under which the service is registered.
 * @param service
 *            the service object
 * @param serviceProperties
 *            the properties.
 * @return the service registration.
 * @see org.osgi.framework.BundleContext#registerService(java.lang.String[],
 *      java.lang.Object, java.util.Dictionary)
 * @context BundleContext
 */
public ServiceRegistration<?> registerService(final String[] clazzes,
		final Object service,
		final Dictionary<String, ?> serviceProperties) {
	checkValid();

	if (service == null) {
		throw new IllegalArgumentException(
				"Cannot register a null service");
	}

	if (SECURITY_ENABLED) {
		for (int i = 0; i < clazzes.length; i++) {
			AccessController.checkPermission(new ServicePermission(
					clazzes[i], ServicePermission.REGISTER));
		}
	}

	final ServiceReferenceImpl<?> sref = new ServiceReferenceImpl<Object>(
			Concierge.this, bundle, service, serviceProperties,
			clazzes);

	// lazy initialization
	if (bundle.registeredServices == null) {
		bundle.registeredServices = new ArrayList<ServiceReference<?>>(
				1);
	}
	bundle.registeredServices.add(sref);

	boolean isHook = false;

	// and now register the service for all classes ...
	for (int counter = 0; counter < clazzes.length; counter++) {
		final String clazz = clazzes[counter];

		isHook = checkHook(clazz, sref, true);

		serviceRegistry.insert(clazz, sref);
		
		if(clazz.equals(WovenClassListener.class.getName())){
			wovenClassListeners.add((ServiceReferenceImpl<WovenClassListener>) sref);
		}
	}

	if (LOG_ENABLED && DEBUG_SERVICES) {
		logger.log(LogService.LOG_INFO,
				"Framework: REGISTERED SERVICE " + clazzes[0]);
	}

	if (!isHook) {
		notifyServiceListeners(ServiceEvent.REGISTERED, sref, null);
	}

	return sref.registration;
}
 
Example #12
Source File: PermissionTestSuite.java    From knopflerfish.org with BSD 3-Clause "New" or "Revised" License 4 votes vote down vote up
public void runTest() throws Throwable {
     buU = null;
     boolean teststatus = true;
     clearEvents();
     try {
buU = Util.installBundle(bc, "bundleU_test-1.0.0.jar");
buU.start();
teststatus = true;
     }
     catch (BundleException bexcA) {
fail("framework test bundle "+ bexcA +" :FRAME090A:FAIL");
teststatus = false;
     }
     catch (SecurityException secA) {
fail("framework test bundle "+ secA +" :FRAME090A:FAIL");
teststatus = false;
     }
     
     // Check that a service reference does not exist
     ServiceReference sr1 = bc.getServiceReference("org.knopflerfish.service.bundleU_test.BundleU");
     if (sr1 != null) {
fail("framework test bundle, found unexpected service from test bundle U found :FRAME090A:FAIL");
teststatus = false;
     }
     
     // check the listeners for events, expect none 
     boolean lStat = checkListenerEvents(out, false , 0, true , BundleEvent.STARTED, false, ServiceEvent.REGISTERED, buU, sr1);
     
     // get the permissions of bundle buU and check if they are as expected
     ServicePermission get = new ServicePermission("*", ServicePermission.GET);
     ServicePermission register = new ServicePermission("*", ServicePermission.REGISTER);
     
     boolean p1 = buU.hasPermission(get);
     boolean p2 = buU.hasPermission(register);
     // out.println("framework test bundle : p1, p2" + p1 + ",  "+  p2);
     
     if (!(p1 == true && p2 == false)) {
teststatus = false;
out.println("framework test bundle permissions of test bundleU not as expected");
fail("framework test bundle: GET is " + p1 +" should be true, REGISTER is " + p2 + ",  should be false");
     }
     
     if (teststatus == true && buU.getState() == Bundle.ACTIVE && lStat == true) {
out.println("### framework test bundle :FRAME090A:PASS");
     }
     else {
fail("### framework test bundle :FRAME090A:FAIL");
     }
   }
 
Example #13
Source File: DefaultPolicyBuilder.java    From onos with Apache License 2.0 4 votes vote down vote up
private static List<Permission> getAdminDefaultPerms() {
        List<Permission> permSet = Lists.newArrayList();
        permSet.add(new ServicePermission(ApplicationAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(ClusterAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(LeadershipAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(ClusterMetadataAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(MastershipAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(DeviceAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(DriverAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(HostAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(DeviceKeyAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(LinkAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(ResourceAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(RegionAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(PartitionAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(StorageAdminService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(ApplicationService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(ComponentConfigService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(ClusterMetadataService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(ClusterService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(LeadershipService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(CodecService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(CoreService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(EventDeliveryService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(MastershipService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(MastershipTermService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(BasicNetworkConfigService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(NetworkConfigService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(DeviceService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(DeviceClockService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(DriverService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(EdgePortService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(FlowRuleService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(FlowObjectiveService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(GroupService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(HostService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(IntentService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(IntentClockService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(IntentExtensionService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(WorkPartitionService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(DeviceKeyService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(LinkService.class.getName(), ServicePermission.GET));
//        permSet.add(new ServicePermission(MulticastRouteService.class.getName(), ServicePermission.GET));
//        permSet.add(new ServicePermission(MeterService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(ResourceService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(PacketService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(RegionService.class.getName(), ServicePermission.GET));
//      permSet.add(new ServicePermission(LinkResourceService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(FlowStatisticService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(StatisticService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(PathService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(TopologyService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(PersistenceService.class.getName(), ServicePermission.GET));
//        permSet.add(new ServicePermission(ApiDocService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(ClusterCommunicationService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(MessagingService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(PartitionService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(LogicalClockService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(StorageService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(UiExtensionService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(UpgradeService.class.getName(), ServicePermission.GET));
        permSet.add(new ServicePermission(UpgradeAdminService.class.getName(), ServicePermission.GET));
        return permSet;
    }
 
Example #14
Source File: DefaultPolicyBuilder.java    From onos with Apache License 2.0 4 votes vote down vote up
public static org.onosproject.security.Permission getOnosPermission(Permission permission) {
    if (permission instanceof AppPermission) {
        return new org.onosproject.security.Permission(AppPermission.class.getName(), permission.getName(), "");
    } else if (permission instanceof FilePermission) {
        return new org.onosproject.security.Permission(
                FilePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof SerializablePermission) {
        return new org.onosproject.security.Permission(
                SerializablePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof NetPermission) {
        return new org.onosproject.security.Permission(
                NetPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof RuntimePermission) {
        return new org.onosproject.security.Permission(
                RuntimePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof SocketPermission) {
        return new org.onosproject.security.Permission(
                SocketPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof SQLPermission) {
        return new org.onosproject.security.Permission(
                SQLPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof PropertyPermission) {
        return new org.onosproject.security.Permission(
                PropertyPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof LoggingPermission) {
        return new org.onosproject.security.Permission(
                LoggingPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof SSLPermission) {
        return new org.onosproject.security.Permission(
                SSLPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof AuthPermission) {
        return new org.onosproject.security.Permission(
                AuthPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof PrivateCredentialPermission) {
        return new org.onosproject.security.Permission(
                PrivateCredentialPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof DelegationPermission) {
        return new org.onosproject.security.Permission(
                DelegationPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof javax.security.auth.kerberos.ServicePermission) {
        return new org.onosproject.security.Permission(
                javax.security.auth.kerberos.ServicePermission.class.getName(), permission.getName(),
                permission.getActions());
    } else if (permission instanceof AudioPermission) {
        return new org.onosproject.security.Permission(
                AudioPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof AdaptPermission) {
        return new org.onosproject.security.Permission(
                AdaptPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof BundlePermission) {
        return new org.onosproject.security.Permission(
                BundlePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof CapabilityPermission) {
        return new org.onosproject.security.Permission(
                CapabilityPermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof PackagePermission) {
        return new org.onosproject.security.Permission(
                PackagePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof ServicePermission) {
        return new org.onosproject.security.Permission(
                ServicePermission.class.getName(), permission.getName(), permission.getActions());
    } else if (permission instanceof AdminPermission) {
        return new org.onosproject.security.Permission(
                AdminPermission.class.getName(), permission.getName(), permission.getActions());
    //} else if (permission instanceof ConfigurationPermission) {
    //    return new org.onosproject.security.Permission(
    //            ConfigurationPermission.class.getName(), permission.getName(), permission.getActions());
    }
    return null;
}
 
Example #15
Source File: DefaultPolicyBuilder.java    From onos with Apache License 2.0 4 votes vote down vote up
private static Permission getPermission(org.onosproject.security.Permission permission) {

        String classname = permission.getClassName();
        String name = permission.getName();
        String actions = permission.getActions();

        if (classname == null || name == null) {
            return null;
        }
        classname = classname.trim();
        name = name.trim();
        actions = actions.trim();

        if (AppPermission.class.getName().equals(classname)) {
            return new AppPermission(name);
        } else if (FilePermission.class.getName().equals(classname)) {
            return new FilePermission(name, actions);
        } else if (SerializablePermission.class.getName().equals(classname)) {
            return new SerializablePermission(name, actions);
        } else if (NetPermission.class.getName().equals(classname)) {
            return new NetPermission(name, actions);
        } else if (RuntimePermission.class.getName().equals(classname)) {
            return new RuntimePermission(name, actions);
        } else if (SocketPermission.class.getName().equals(classname)) {
            return new SocketPermission(name, actions);
        } else if (SQLPermission.class.getName().equals(classname)) {
            return new SQLPermission(name, actions);
        } else if (PropertyPermission.class.getName().equals(classname)) {
            return new PropertyPermission(name, actions);
        } else if (LoggingPermission.class.getName().equals(classname)) {
            return new LoggingPermission(name, actions);
        } else if (SSLPermission.class.getName().equals(classname)) {
            return new SSLPermission(name, actions);
        } else if (AuthPermission.class.getName().equals(classname)) {
            return new AuthPermission(name, actions);
        } else if (PrivateCredentialPermission.class.getName().equals(classname)) {
            return new PrivateCredentialPermission(name, actions);
        } else if (DelegationPermission.class.getName().equals(classname)) {
            return new DelegationPermission(name, actions);
        } else if (javax.security.auth.kerberos.ServicePermission.class.getName().equals(classname)) {
            return new javax.security.auth.kerberos.ServicePermission(name, actions);
        } else if (AudioPermission.class.getName().equals(classname)) {
            return new AudioPermission(name, actions);
        } else if (AdaptPermission.class.getName().equals(classname)) {
            return new AdaptPermission(name, actions);
        } else if (BundlePermission.class.getName().equals(classname)) {
            return new BundlePermission(name, actions);
        } else if (CapabilityPermission.class.getName().equals(classname)) {
            return new CapabilityPermission(name, actions);
        } else if (PackagePermission.class.getName().equals(classname)) {
            return new PackagePermission(name, actions);
        } else if (ServicePermission.class.getName().equals(classname)) {
            return new ServicePermission(name, actions);
        } else if (AdminPermission.class.getName().equals(classname)) {
            return new AdminPermission(name, actions);
        //} else if (ConfigurationPermission.class.getName().equals(classname)) {
        //    return new ConfigurationPermission(name, actions);
        } else if (ReflectPermission.class.getName().equals(classname)) {
            return new ReflectPermission(name, actions);
        }

        //AllPermission, SecurityPermission, UnresolvedPermission
        //AWTPermission,  ReflectPermission not allowed
        return null;

    }