You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ga...@apache.org on 2009/07/23 17:48:10 UTC
svn commit: r797113 -
/geronimo/sandbox/blueprint/blueprint-core/src/main/java/org/apache/geronimo/blueprint/container/AggregateConverter.java
Author: gawor
Date: Thu Jul 23 15:48:10 2009
New Revision: 797113
URL: http://svn.apache.org/viewvc?rev=797113&view=rev
Log:
converter security checks
Modified:
geronimo/sandbox/blueprint/blueprint-core/src/main/java/org/apache/geronimo/blueprint/container/AggregateConverter.java
Modified: geronimo/sandbox/blueprint/blueprint-core/src/main/java/org/apache/geronimo/blueprint/container/AggregateConverter.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/blueprint/blueprint-core/src/main/java/org/apache/geronimo/blueprint/container/AggregateConverter.java?rev=797113&r1=797112&r2=797113&view=diff
==============================================================================
--- geronimo/sandbox/blueprint/blueprint-core/src/main/java/org/apache/geronimo/blueprint/container/AggregateConverter.java (original)
+++ geronimo/sandbox/blueprint/blueprint-core/src/main/java/org/apache/geronimo/blueprint/container/AggregateConverter.java Thu Jul 23 15:48:10 2009
@@ -21,6 +21,10 @@
import java.lang.reflect.Constructor;
import java.lang.reflect.Modifier;
import java.lang.reflect.Type;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
@@ -85,18 +89,29 @@
converters.remove(converter);
}
- public boolean canConvert(Object fromValue, ReifiedType toType) {
+ public boolean canConvert(final Object fromValue, final ReifiedType toType) {
if (fromValue == null) {
return true;
}
if (isAssignable(fromValue, toType)) {
return true;
}
- for (Converter converter : converters) {
- if (converter.canConvert(fromValue, toType)) {
- return true;
- }
+
+ boolean canConvert = false;
+ AccessControlContext acc = blueprintContainer.getAccessControlContext();
+ if (acc == null) {
+ canConvert = canConvertWithConverters(fromValue, toType);
+ } else {
+ canConvert = AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+ public Boolean run() {
+ return canConvertWithConverters(fromValue, toType);
+ }
+ }, acc);
+ }
+ if (canConvert) {
+ return true;
}
+
// TODO
if (fromValue instanceof String) {
//
@@ -104,7 +119,7 @@
return false;
}
- public Object convert(Object fromValue, ReifiedType type) throws Exception {
+ public Object convert(final Object fromValue, final ReifiedType type) throws Exception {
// Discard null values
if (fromValue == null) {
return null;
@@ -117,7 +132,17 @@
if (isAssignable(fromValue, type)) {
return fromValue;
}
- Object value = convertWithConverters(fromValue, type);
+ Object value = null;
+ AccessControlContext acc = blueprintContainer.getAccessControlContext();
+ if (acc == null) {
+ value = convertWithConverters(fromValue, type);
+ } else {
+ value = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+ public Object run() throws Exception {
+ return convertWithConverters(fromValue, type);
+ }
+ }, acc);
+ }
if (value == null) {
if (fromValue instanceof Number && Number.class.isAssignableFrom(unwrap(toClass(type)))) {
return convertToNumber((Number) fromValue, toClass(type));
@@ -138,6 +163,15 @@
return value;
}
+ private boolean canConvertWithConverters(Object source, ReifiedType type) {
+ for (Converter converter : converters) {
+ if (converter.canConvert(source, type)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
private Object convertWithConverters(Object source, ReifiedType type) throws Exception {
Object value = null;
for (Converter converter : converters) {
@@ -395,5 +429,5 @@
private Class toClass(ReifiedType type) {
return type.getRawClass();
}
-
+
}
\ No newline at end of file