/** * Copyright (C) 2010 eXo Platform SAS. * * This is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this software; if not, write to the Free * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ package org.exoplatform.services.jcr.impl.core.security; import org.exoplatform.services.jcr.BaseStandaloneTest; import java.net.URL; import java.security.AccessControlContext; import java.security.AccessController; import java.security.AllPermission; import java.security.CodeSource; import java.security.Permission; import java.security.PermissionCollection; import java.security.Permissions; import java.security.PrivilegedAction; import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.security.ProtectionDomain; import java.util.Enumeration; /** * @author <a href="mailto:andrew00x@gmail.com">Andrey Parfonov</a> * @version $Id$ */ public abstract class BaseSecurityTest extends BaseStandaloneTest { public void setUp() throws Exception { super.setUp(); SecurityManager security = System.getSecurityManager(); assertNotNull("SecurityManager must be ON.", security); } public String getRepositoryName() { return "db1"; } /** * Run privileged action with specified privileges. */ protected <T> T doPrivilegedAction(PrivilegedExceptionAction<T> action, ProtectionDomain[] protectionDomains) throws Throwable { try { return AccessController.doPrivileged(action, new AccessControlContext(protectionDomains)); } catch (PrivilegedActionException pae) { throw pae.getCause(); } } /** * Run privileged action without any privileges. */ protected <T> T doPrivilegedAction(PrivilegedExceptionAction<T> action) throws Throwable { ProtectionDomain[] protectionDomains = new ProtectionDomain[]{new ProtectionDomain(new CodeSource(getCodeSource(), (java.security.cert.Certificate[])null), new Permissions())}; try { return AccessController.doPrivileged(action, new AccessControlContext(protectionDomains)); } catch (PrivilegedActionException pae) { throw pae.getCause(); } } /** * Run privileged action with static permissions only. */ protected <T> T doPrivilegedActionStaticPermissions(PrivilegedExceptionAction<T> action) throws Throwable { try { return AccessController.doPrivileged(action); } catch (PrivilegedActionException pae) { throw pae.getCause(); } } /** * Run privileged action with specified privileges. */ protected <T> T doPrivilegedAction(PrivilegedAction<T> action, ProtectionDomain[] protectionDomains) { return AccessController.doPrivileged(action, new AccessControlContext(protectionDomains)); } /** * Run privileged action without any privileges. */ protected <T> T doPrivilegedAction(PrivilegedAction<T> action) { ProtectionDomain[] protectionDomains = new ProtectionDomain[]{new ProtectionDomain(new CodeSource(getCodeSource(), (java.security.cert.Certificate[])null), new Permissions())}; return AccessController.doPrivileged(action, new AccessControlContext(protectionDomains)); } /** * Run privileged action with static permissions only. */ protected <T> T doPrivilegedActionStaticPermissions(PrivilegedAction<T> action) { return AccessController.doPrivileged(action); } /** * Get code-source of class. */ protected URL getCodeSource() { return getClass().getProtectionDomain().getCodeSource().getLocation(); } protected static final PermissionCollection ALL = new PermissionCollection() { public boolean implies(Permission permission) { return true; } public Enumeration<Permission> elements() { return new Enumeration<Permission>() { private boolean hasMore = true; public boolean hasMoreElements() { return hasMore; } public Permission nextElement() { hasMore = false; return new AllPermission(); } }; } public void add(Permission permission) { } }; }