You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by ff...@apache.org on 2014/05/27 08:27:17 UTC
[1/2] git commit: [KARAF-2995]RBAC - the shell command acl
configuration modification can't take effect unless we restart the Karaf
server
Repository: karaf
Updated Branches:
refs/heads/karaf-2.x 751549691 -> 7effe2591
[KARAF-2995]RBAC - the shell command acl configuration modification can't take effect unless we restart the Karaf server
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/9483f0ca
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/9483f0ca
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/9483f0ca
Branch: refs/heads/karaf-2.x
Commit: 9483f0caaf0aa5258f07e7ba95f36b008c4c5adc
Parents: 401d196
Author: Freeman Fang <fr...@gmail.com>
Authored: Tue May 27 14:11:13 2014 +0800
Committer: Freeman Fang <fr...@gmail.com>
Committed: Tue May 27 14:11:13 2014 +0800
----------------------------------------------------------------------
...rg.apache.karaf.command.acl.scope_bundle.cfg | 9 +++
.../impl/SecuredCommandConfigTransformer.java | 80 ++++++++++++++++++++
.../SecuredCommandConfigTransformerTest.java | 2 +
3 files changed, 91 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/9483f0ca/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.command.acl.scope_bundle.cfg
----------------------------------------------------------------------
diff --git a/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.command.acl.scope_bundle.cfg b/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.command.acl.scope_bundle.cfg
new file mode 100644
index 0000000..62c8d57
--- /dev/null
+++ b/assemblies/apache-karaf/src/main/distribution/text/etc/org.apache.karaf.command.acl.scope_bundle.cfg
@@ -0,0 +1,9 @@
+features=org.apache.karaf.features.command
+jaas=org.apache.karaf.jaas.command
+admin=org.apache.karaf.admin.command
+osgi=org.apache.karaf.shell.osgi
+log=org.apache.karaf.shell.log
+packages=org.apache.karaf.shell.packages
+config=org.apache.karaf.shell.config
+ssh=org.apache.karaf.shell.ssh
+shell=org.apache.karaf.shell.commands
http://git-wip-us.apache.org/repos/asf/karaf/blob/9483f0ca/shell/console/src/main/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformer.java
----------------------------------------------------------------------
diff --git a/shell/console/src/main/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformer.java b/shell/console/src/main/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformer.java
index d61911d..2991c48 100644
--- a/shell/console/src/main/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformer.java
+++ b/shell/console/src/main/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformer.java
@@ -17,17 +17,22 @@
package org.apache.karaf.shell.security.impl;
import org.apache.felix.service.command.CommandProcessor;
+import org.osgi.framework.Bundle;
+import org.osgi.framework.BundleContext;
import org.osgi.framework.Constants;
import org.osgi.framework.InvalidSyntaxException;
+import org.osgi.framework.ServiceReference;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.cm.ConfigurationEvent;
import org.osgi.service.cm.ConfigurationListener;
+import org.osgi.service.packageadmin.PackageAdmin;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.util.*;
+import java.util.Map.Entry;
public class SecuredCommandConfigTransformer implements ConfigurationListener {
@@ -37,8 +42,10 @@ public class SecuredCommandConfigTransformer implements ConfigurationListener {
private static final Logger LOGGER = LoggerFactory.getLogger(SecuredCommandConfigTransformer.class);
private static final String CONFIGURATION_FILTER =
"(" + Constants.SERVICE_PID + "=" + PROXY_COMMAND_ACL_PID_PREFIX + "*)";
+ private static final String ACL_SCOPE_BUNDLE_MAP = "org.apache.karaf.command.acl.scope_bundle";
private ConfigurationAdmin configAdmin;
+
public void setConfigAdmin(ConfigurationAdmin configAdmin) {
this.configAdmin = configAdmin;
@@ -154,6 +161,7 @@ public class SecuredCommandConfigTransformer implements ConfigurationListener {
break;
case ConfigurationEvent.CM_UPDATED:
generateServiceGuardConfig(configAdmin.getConfiguration(event.getPid()));
+ refreshTheAffectedShellCommandBundle(event, configAdmin.getConfiguration(event.getPid()));
break;
}
} catch (Exception e) {
@@ -161,4 +169,76 @@ public class SecuredCommandConfigTransformer implements ConfigurationListener {
}
}
+ private void refreshTheAffectedShellCommandBundle(ConfigurationEvent event, Configuration config) {
+ if (!config.getPid().startsWith(PROXY_COMMAND_ACL_PID_PREFIX)) {
+ // not a command scope configuration file
+ return;
+ }
+ String filter = "";
+ String scopeName = config.getPid().substring(PROXY_COMMAND_ACL_PID_PREFIX.length());
+ if (scopeName.indexOf('.') >= 0) {
+ // scopes don't contains dots, not a command scope
+ return;
+ }
+ scopeName = scopeName.trim();
+ for (Entry<String, String> entry : loadScopeBundleMaps().entrySet()) {
+ if (entry.getKey().equals(scopeName)) {
+ filter = "(" +
+ "osgi.blueprint.container.symbolicname" + "=" + entry.getValue() + ")";
+ break;
+ }
+ }
+
+
+
+ BundleContext bundleContext = event.getReference().getBundle().getBundleContext();
+
+ try {
+ ServiceReference<?>[] sr = bundleContext.getServiceReferences("org.osgi.service.blueprint.container.BlueprintContainer", filter);
+ if (sr == null) {
+ LOGGER.error("can't find the command bundle for scope " + scopeName);
+ return;
+ }
+ LOGGER.debug("the refreshed bundle is " + sr[0].getBundle().getSymbolicName());
+
+ ServiceReference ref = bundleContext.getServiceReference(PackageAdmin.class.getName());
+ if (ref == null) {
+ LOGGER.error("PackageAdmin service is unavailable.");
+ return;
+ }
+ try {
+ PackageAdmin pa = (PackageAdmin) bundleContext.getService(ref);
+ if (pa == null) {
+ LOGGER.error("PackageAdmin service is unavailable.");
+ return;
+ }
+ pa.refreshPackages(new Bundle[]{sr[0].getBundle()});
+ }
+ finally {
+ bundleContext.ungetService(ref);
+ }
+ } catch (InvalidSyntaxException ex) {
+ LOGGER.error("Problem refresh the affected shell command bundle", ex);
+ }
+
+
+ }
+
+ private Map<String, String> loadScopeBundleMaps() {
+ Map<String, String> scopeBundleMaps = new HashMap<String, String>();
+ try {
+ for (Configuration config : configAdmin.listConfigurations("(service.pid=" + ACL_SCOPE_BUNDLE_MAP + ")")) {
+ Enumeration<String> keys = config.getProperties().keys();
+ while (keys.hasMoreElements()) {
+ String key = keys.nextElement();
+ scopeBundleMaps.put(key, (String)config.getProperties().get(key));
+ }
+ }
+ } catch (Exception ex) {
+ LOGGER.error("Problem load the scope bundle map", ex);
+ }
+ return scopeBundleMaps;
+ }
+
}
+
http://git-wip-us.apache.org/repos/asf/karaf/blob/9483f0ca/shell/console/src/test/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformerTest.java
----------------------------------------------------------------------
diff --git a/shell/console/src/test/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformerTest.java b/shell/console/src/test/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformerTest.java
index 9fadcd4..28eda60 100644
--- a/shell/console/src/test/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformerTest.java
+++ b/shell/console/src/test/java/org/apache/karaf/shell/security/impl/SecuredCommandConfigTransformerTest.java
@@ -163,9 +163,11 @@ public class SecuredCommandConfigTransformerTest {
@SuppressWarnings("unchecked")
ServiceReference<ConfigurationAdmin> cmRef = EasyMock.createMock(ServiceReference.class);
+ EasyMock.expect(cmRef.getBundle()).andReturn(null).anyTimes();
EasyMock.replay(cmRef);
ConfigurationEvent event = new ConfigurationEvent(cmRef, ConfigurationEvent.CM_UPDATED, null, testPid);
+
assertEquals("Precondition", 0, generateCalled.size());
scct.configurationEvent(event);
[2/2] git commit: Merge branch 'karaf-2.x' of
https://git-wip-us.apache.org/repos/asf/karaf into karaf-2.x
Posted by ff...@apache.org.
Merge branch 'karaf-2.x' of https://git-wip-us.apache.org/repos/asf/karaf into karaf-2.x
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/7effe259
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/7effe259
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/7effe259
Branch: refs/heads/karaf-2.x
Commit: 7effe2591426bf90429a16525a959c345186aadd
Parents: 9483f0c 7515496
Author: Freeman Fang <fr...@gmail.com>
Authored: Tue May 27 14:25:52 2014 +0800
Committer: Freeman Fang <fr...@gmail.com>
Committed: Tue May 27 14:25:52 2014 +0800
----------------------------------------------------------------------
shell/osgi/src/main/java/org/apache/karaf/shell/osgi/Util.java | 4 ++++
1 file changed, 4 insertions(+)
----------------------------------------------------------------------