You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by ff...@apache.org on 2017/12/29 01:01:35 UTC

[karaf] branch master updated: [KARAF-5554]the karaf.secured.command.compulsory.roles shouldn't apply for alias commands

This is an automated email from the ASF dual-hosted git repository.

ffang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/karaf.git


The following commit(s) were added to refs/heads/master by this push:
     new 989cadc  [KARAF-5554]the karaf.secured.command.compulsory.roles shouldn't apply for alias commands
989cadc is described below

commit 989cadc9cab63b224e34bd70ac4ec4fb5ac90f1c
Author: Freeman Fang <fr...@gmail.com>
AuthorDate: Fri Dec 29 09:01:20 2017 +0800

    [KARAF-5554]the karaf.secured.command.compulsory.roles shouldn't apply for alias commands
---
 .../guard/tools/ACLConfigurationParser.java        | 24 ++++++++++++++++++++++
 .../osgi/secured/SecuredSessionFactoryImpl.java    |  4 ++--
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/service/guard/src/main/java/org/apache/karaf/service/guard/tools/ACLConfigurationParser.java b/service/guard/src/main/java/org/apache/karaf/service/guard/tools/ACLConfigurationParser.java
index dbc2ee1..6902b3d 100644
--- a/service/guard/src/main/java/org/apache/karaf/service/guard/tools/ACLConfigurationParser.java
+++ b/service/guard/src/main/java/org/apache/karaf/service/guard/tools/ACLConfigurationParser.java
@@ -110,6 +110,30 @@ public class ACLConfigurationParser {
             
     }
     
+    public static Specificity getRolesForInvocationForAlias(String methodName, Object[] params, String[] signature,
+                                                    Dictionary<String, Object> config, List<String> addToRoles) {
+        Dictionary<String, Object> properties = trimKeys(config);
+        String pid = (String)properties.get("service.pid");
+        Specificity s = getRolesBasedOnSignature(methodName, params, signature, properties, addToRoles);
+        if (s != Specificity.NO_MATCH) {
+            return s;
+        }
+
+        s = getRolesBasedOnSignature(methodName, params, null, properties, addToRoles);
+        if (s != Specificity.NO_MATCH) {
+            return s;
+        }
+
+        List<String> roles = getMethodNameWildcardRoles(properties, methodName);
+        if (roles != null) {
+            addToRoles.addAll(roles);
+            return Specificity.WILDCARD_MATCH;
+        } else {
+            return Specificity.NO_MATCH;
+        }
+            
+    }
+    
     public static void getCompulsoryRoles(List<String> roles) {
         if (compulsoryRoles != null) {
             roles.addAll(ACLConfigurationParser.parseRoles(compulsoryRoles));
diff --git a/shell/core/src/main/java/org/apache/karaf/shell/impl/console/osgi/secured/SecuredSessionFactoryImpl.java b/shell/core/src/main/java/org/apache/karaf/shell/impl/console/osgi/secured/SecuredSessionFactoryImpl.java
index b47594e..3f7f8f0 100644
--- a/shell/core/src/main/java/org/apache/karaf/shell/impl/console/osgi/secured/SecuredSessionFactoryImpl.java
+++ b/shell/core/src/main/java/org/apache/karaf/shell/impl/console/osgi/secured/SecuredSessionFactoryImpl.java
@@ -150,7 +150,7 @@ public class SecuredSessionFactoryImpl extends SessionFactoryImpl implements Con
         Dictionary<String, Object> config = getScopeConfig(scope);
         if (config != null) {
             List<String> roles = new ArrayList<>();
-            ACLConfigurationParser.getRolesForInvocation(name, null, null, config, roles);
+            ACLConfigurationParser.getRolesForInvocationForAlias(name, null, null, config, roles);
             if (roles.isEmpty()) {
                 return true;
             } else {
@@ -245,7 +245,7 @@ public class SecuredSessionFactoryImpl extends SessionFactoryImpl implements Con
                     throw new CommandNotFoundException(aliasCommand.getScope() + ":" + aliasCommand.getName());
                 }
                 List<String> roles = new ArrayList<>();
-                ACLConfigurationParser.Specificity s = ACLConfigurationParser.getRolesForInvocation(aliasCommand.getName(), new Object[] { arguments.toString() }, null, config, roles);
+                ACLConfigurationParser.Specificity s = ACLConfigurationParser.getRolesForInvocationForAlias(aliasCommand.getName(), new Object[] { arguments.toString() }, null, config, roles);
                 if (s == ACLConfigurationParser.Specificity.NO_MATCH) {
                     return;
                 }

-- 
To stop receiving notification emails like this one, please contact
['"commits@karaf.apache.org" <co...@karaf.apache.org>'].