You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by st...@apache.org on 2012/12/22 18:16:43 UTC
svn commit: r1425312 - in
/commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src:
it/maven-privilizer/src/main/java/org/apache/commons/weaver/privilizer/test/
main/java/org/apache/commons/weaver/privilizer/
Author: struberg
Date: Sat Dec 22 17:16:42 2012
New Revision: 1425312
URL: http://svn.apache.org/viewvc?rev=1425312&view=rev
Log:
resolve duplicate weaving error and blow up on wrong access level
If we configure that only private methods are allowed, then having
a @Privileged on a public method is clearly an error
Modified:
commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/it/maven-privilizer/src/main/java/org/apache/commons/weaver/privilizer/test/SomeTestClass.java
commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/FilesystemPrivilizer.java
commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/Privilizer.java
commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/PrivilizerWeaver.java
Modified: commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/it/maven-privilizer/src/main/java/org/apache/commons/weaver/privilizer/test/SomeTestClass.java
URL: http://svn.apache.org/viewvc/commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/it/maven-privilizer/src/main/java/org/apache/commons/weaver/privilizer/test/SomeTestClass.java?rev=1425312&r1=1425311&r2=1425312&view=diff
==============================================================================
--- commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/it/maven-privilizer/src/main/java/org/apache/commons/weaver/privilizer/test/SomeTestClass.java (original)
+++ commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/it/maven-privilizer/src/main/java/org/apache/commons/weaver/privilizer/test/SomeTestClass.java Sat Dec 22 17:16:42 2012
@@ -28,12 +28,12 @@ public class SomeTestClass
}
@Privileged
- public int privilegedMethod() {
+ private int privilegedMethod() {
return 21;
}
@Privileged
- public int anotherPrivilegedMethod() {
+ private int anotherPrivilegedMethod() {
return 21;
}
}
Modified: commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/FilesystemPrivilizer.java
URL: http://svn.apache.org/viewvc/commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/FilesystemPrivilizer.java?rev=1425312&r1=1425311&r2=1425312&view=diff
==============================================================================
--- commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/FilesystemPrivilizer.java (original)
+++ commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/FilesystemPrivilizer.java Sat Dec 22 17:16:42 2012
@@ -88,44 +88,6 @@ public class FilesystemPrivilizer extend
this.target = target;
}
- /*X TODO remove or fix!
- * Clear the way by deleting classfiles woven with a different
- * {@link Policy}.
- *
- * @throws NotFoundException
- public void prepare() throws NotFoundException {
- info("preparing %s; policy = %s", target, policy);
- final Set<File> toDelete = new TreeSet<File>();
- for (final Class<?> type : getDeclaringClasses(findPrivilegedMethods())) {
- final CtClass ctClass = classPool.get(type.getName());
- final String policyValue = toString(ctClass.getAttribute(generateName(POLICY_NAME)));
- if (policyValue == null || policyValue.equals(policy.name())) {
- continue;
- }
- debug("class %s previously woven with policy %s", type.getName(), policyValue);
- final File packageDir =
- new File(target, StringUtils.replaceChars(ctClass.getPackageName(), '.', File.separatorChar));
-
- // simple classname of outermost class, plus any inner classes:
- final String pattern =
- new StringBuilder(getOutermost(type).getSimpleName()).append("(\\$.+)??\\.class").toString();
-
- debug("searching %s for pattern '%s'", packageDir.getAbsolutePath(), pattern);
- toDelete.addAll(FileUtils.listFiles(packageDir, new RegexFileFilter(pattern), null));
- }
- if (toDelete.isEmpty()) {
- return;
- }
- info("Deleting %s files...", toDelete.size());
- debug(toDelete.toString());
- for (File f : toDelete) {
- if (!f.delete()) {
- debug("Failed to delete %s", f);
- }
- }
- }
- */
-
/**
* Weave all {@link Privileged} methods found.
*
@@ -134,7 +96,8 @@ public class FilesystemPrivilizer extend
* @throws CannotCompileException
* @throws ClassNotFoundException
*/
- public boolean weaveClass(Class<?> clazz) throws NotFoundException, IOException, CannotCompileException, ClassNotFoundException {
+ public boolean weaveClass(Class<?> clazz)
+ throws NotFoundException, IOException, CannotCompileException, ClassNotFoundException, IllegalAccessException {
return weave(classPool.get(clazz.getName()));
}
Modified: commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/Privilizer.java
URL: http://svn.apache.org/viewvc/commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/Privilizer.java?rev=1425312&r1=1425311&r2=1425312&view=diff
==============================================================================
--- commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/Privilizer.java (original)
+++ commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/Privilizer.java Sat Dec 22 17:16:42 2012
@@ -129,35 +129,7 @@ public abstract class Privilizer<SELF ex
private boolean settingsReported;
- private Log log = new Log() {
- final Logger logger = Logger.getLogger(Privilizer.class.getName());
-
- @Override
- public void debug(String message) {
- logger.finer(message);
- }
-
- @Override
- public void verbose(String message) {
- logger.fine(message);
- }
-
- @Override
- public void error(String message) {
- logger.severe(message);
- }
-
- @Override
- public void info(String message) {
- logger.info(message);
- }
-
- @Override
- public void warn(String message) {
- logger.warning(message);
- }
-
- };
+ private static final Logger log = Logger.getLogger(Privilizer.class.getName());
private static final Comparator<CtMethod> CTMETHOD_COMPARATOR = new Comparator<CtMethod>() {
@@ -197,14 +169,6 @@ public abstract class Privilizer<SELF ex
this.classPool = Validate.notNull(classPool, "classPool");
}
- public SELF loggingTo(Log log) {
- this.log = Validate.notNull(log);
- settingsReported = false;
- @SuppressWarnings("unchecked")
- final SELF self = (SELF) this;
- return self;
- }
-
/**
* Weave the specified class.
*
@@ -215,8 +179,8 @@ public abstract class Privilizer<SELF ex
* @throws CannotCompileException
* @throws ClassNotFoundException
*/
- public boolean weave(CtClass type) throws NotFoundException, IOException, CannotCompileException,
- ClassNotFoundException {
+ public boolean weave(CtClass type)
+ throws NotFoundException, IOException, CannotCompileException, ClassNotFoundException, IllegalAccessException {
reportSettings();
final String policyName = generateName(POLICY_NAME);
final String policyValue = toString(type.getAttribute(policyName));
@@ -229,8 +193,14 @@ public abstract class Privilizer<SELF ex
}
boolean result = false;
if (policy.compareTo(Policy.NEVER) > 0) {
+ if (type.getAttribute(policyName) != null) {
+ // if this class already got enhanced then abort
+ return false;
+ }
+
if (policy == Policy.ON_INIT) {
debug("Initializing field %s to %s", policy.condition, HAS_SECURITY_MANAGER_CONDITION);
+
type.addField(new CtField(CtClass.booleanType, policy.condition, type),
CtField.Initializer.byExpr(HAS_SECURITY_MANAGER_CONDITION));
}
@@ -242,20 +212,20 @@ public abstract class Privilizer<SELF ex
getClassFileWriter().write(type);
}
}
- log.verbose(String.format(result ? "Wove class %s" : "Nothing to do for class %s", type.getName()));
+ log.info(String.format(result ? "Wove class %s" : "Nothing to do for class %s", type.getName()));
return result;
}
protected void debug(String message, Object... args) {
- log.debug(String.format(message, args));
+ log.fine(String.format(message, args));
}
protected void verbose(String message, Object... args) {
- log.verbose(String.format(message, args));
+ log.fine(String.format(message, args));
}
protected void warn(String message, Object... args) {
- log.warn(String.format(message, args));
+ log.warning(String.format(message, args));
}
protected abstract ClassFileWriter getClassFileWriter();
@@ -372,11 +342,12 @@ public abstract class Privilizer<SELF ex
}
private boolean weave(CtClass type, CtMethod method) throws ClassNotFoundException, CannotCompileException,
- NotFoundException, IOException {
+ NotFoundException, IOException, IllegalAccessException {
final AccessLevel accessLevel = AccessLevel.of(method.getModifiers());
if (!permitMethodWeaving(accessLevel)) {
- warn("Ignoring %s method %s.%s", accessLevel, type.getName(), toString(method));
- return false;
+ throw new IllegalAccessException("Method " + type.getName() + "#" + toString(method)
+ + " must have maximum access level " + accessLevel
+ + " but is defined wider");
}
if (AccessLevel.PACKAGE.compareTo(accessLevel) > 0) {
warn("Possible security leak: granting privileges to %s method %s.%s", accessLevel, type.getName(),
@@ -483,7 +454,7 @@ public abstract class Privilizer<SELF ex
private void reportSettings() {
if (!settingsReported) {
settingsReported = true;
- info("Weave policy == %s", policy);
+ debug("Weave policy == %s", policy);
}
}
}
Modified: commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/PrivilizerWeaver.java
URL: http://svn.apache.org/viewvc/commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/PrivilizerWeaver.java?rev=1425312&r1=1425311&r2=1425312&view=diff
==============================================================================
--- commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/PrivilizerWeaver.java (original)
+++ commons/sandbox/privilizer/trunk/modules/privilizer/weaver/src/main/java/org/apache/commons/weaver/privilizer/PrivilizerWeaver.java Sat Dec 22 17:16:42 2012
@@ -106,6 +106,10 @@ public class PrivilizerWeaver implements
{
throw new RuntimeException(e);
}
+ catch (IllegalAccessException e)
+ {
+ throw new RuntimeException(e);
+ }
return true;
}