changeset 87:c6c932e7ba18

8069355: Registry permission check refactoring Summary: Move permission check into public registry classes. Reviewed-by: jld
author snazarki
date Fri, 23 Jan 2015 13:33:49 +0400
parents 3e262febedc3
children 344490bdebb8
files src/se/classes/com/oracle/dio/registry/RegistryImpl.java src/share/classes/com/oracle/dio/registry/Registry.java src/share/classes/jdk/dio/DeviceManager.java
diffstat 3 files changed, 53 insertions(+), 53 deletions(-) [+]
line wrap: on
line diff
--- a/src/se/classes/com/oracle/dio/registry/RegistryImpl.java	Thu Jan 22 14:19:29 2015 +0400
+++ b/src/se/classes/com/oracle/dio/registry/RegistryImpl.java	Fri Jan 23 13:33:49 2015 +0400
@@ -25,25 +25,28 @@
 
 package com.oracle.dio.registry;
 
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.OutputStreamWriter;
+import java.lang.ref.WeakReference;
+import java.util.Collection;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.Properties;
+import java.util.Vector;
+
+import com.oracle.dio.impl.PeripheralDescriptorImpl;
+import com.oracle.dio.utils.Configuration;
+import com.oracle.dio.utils.Constants;
+
 import jdk.dio.Device;
 import jdk.dio.DeviceConfig;
 import jdk.dio.DeviceDescriptor;
+import jdk.dio.DeviceMgmtPermission;
 import jdk.dio.UnsupportedDeviceTypeException;
-import java.lang.ref.WeakReference;
-import java.util.Iterator;
-import java.util.Properties;
-import java.util.Enumeration;
-import java.util.Vector;
-import java.util.Collection;
-import java.io.FileInputStream;
-import java.io.InputStreamReader;
-import java.io.FileOutputStream;
-import java.io.OutputStreamWriter;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import com.oracle.dio.impl.PeripheralDescriptorImpl;
-import com.oracle.dio.utils.Configuration;
-import com.oracle.dio.utils.Constants;
 
 class RegistryImpl<T extends Device> extends Registry<T> {
 
@@ -80,6 +83,9 @@
             throw new UnsupportedDeviceTypeException("Unsupported type: " + intf.getName());
         }
         DeviceDescriptor<? super T> descriptor = new PeripheralDescriptorImpl(id, name, config, intf, properties);
+
+        Registry.checkPermission(descriptor, DeviceMgmtPermission.REGISTER);
+
         RegistryData data = null;
         try {
             data = ((DeviceRegistryFactory)Class.forName(factory).newInstance()).createRegistryData(descriptor);
@@ -98,7 +104,7 @@
     }
 
     @Override
-    public synchronized DeviceDescriptor unregister(int id, UnregisterProcessor p) {
+    public synchronized DeviceDescriptor unregister(int id) {
         Properties registry = loadRegistry();
         RegistryContent content = readRegistryContent(registry);
         RegistryData config = content.get(id);
@@ -111,6 +117,8 @@
             throw new IllegalArgumentException("Device cannot be unregistered");
         }
 
+        Registry.checkPermission(d, DeviceMgmtPermission.UNREGISTER);
+
         content.remove(id);
         registry.remove(Integer.toString(id));
         try {
--- a/src/share/classes/com/oracle/dio/registry/Registry.java	Thu Jan 22 14:19:29 2015 +0400
+++ b/src/share/classes/com/oracle/dio/registry/Registry.java	Fri Jan 23 13:33:49 2015 +0400
@@ -26,15 +26,18 @@
 package com.oracle.dio.registry;
 
 import java.io.IOException;
+import java.security.AccessController;
 import java.util.Hashtable;
 import java.util.Iterator;
 
 import jdk.dio.Device;
+import jdk.dio.DeviceAlreadyExistsException;
 import jdk.dio.DeviceConfig;
+import jdk.dio.DeviceDescriptor;
+import jdk.dio.DeviceManager;
+import jdk.dio.DeviceMgmtPermission;
+import jdk.dio.DeviceNotFoundException;
 import jdk.dio.InvalidDeviceConfigException;
-import jdk.dio.DeviceDescriptor;
-import jdk.dio.DeviceAlreadyExistsException;
-import jdk.dio.DeviceNotFoundException;
 import jdk.dio.UnsupportedDeviceTypeException;
 /**
  * Device configuration registry.
@@ -99,23 +102,26 @@
     /**
      * @see
      *      jdk.dio.DeviceManager#unregister(int)
+     */
+    public abstract DeviceDescriptor unregister(int id);
+
+
+    /**
+     * Checks if the application is authorized to perform one of
+     * DeviceMgmtPermission actions
      *
-     * To avoid double heavy calls for storage getters we can pass
-     * preUnregister method to invoke security checks right
-     * after DeviceDecriptor getting but before deleting.
-     * @see UnregisterProcessor
+     * @param d      ID and NAME holder
+     * @param action <code>DeviceMgmtPermission</code> action
      */
-    public abstract DeviceDescriptor unregister(int id, UnregisterProcessor p);
+    public static void checkPermission(DeviceDescriptor d, String action) {
+        String perm = (DeviceManager.UNSPECIFIED_ID == d.getID()) ? "" : ":"+d.getID();
+        perm = (null == d.getName()) ? perm : d.getName() + perm;
+        AccessController.checkPermission(new DeviceMgmtPermission(perm, action));
+    }
 
     /**
      *
      * @see jdk.dio.DeviceManager.list(Class)
      */
     public abstract Iterator<DeviceDescriptor<? super T>> list(Class<T> type);
-
-    /** Special processor for device unregistering */
-    public static abstract class UnregisterProcessor
-    {
-        public abstract void preUnregister(DeviceDescriptor d);
-    }
 }
--- a/src/share/classes/jdk/dio/DeviceManager.java	Thu Jan 22 14:19:29 2015 +0400
+++ b/src/share/classes/jdk/dio/DeviceManager.java	Fri Jan 23 13:33:49 2015 +0400
@@ -879,17 +879,17 @@
             );
         }
 
-        do {
-            String perm = (UNSPECIFIED_ID == id) ? "" : ":"+id;
-            perm = (null == name) ? perm : name + perm;
-            AccessController.checkPermission(new DeviceMgmtPermission(perm, DeviceMgmtPermission.REGISTER));
-        } while (false);
+        int new_id = checkConfig(id, intf, config, name, properties);
 
+        Registry.getInstance().register(new_id, intf, config, name, properties);
 
-        return registerUnchecked(id, intf, config, name, properties);
+        // send notification in non-priveleged mode
+        RegistrationEventSender.notifyRegistered(null, new PeripheralDescriptorImpl(new_id, name, config, intf, properties));
+
+        return new_id;
     }
 
-    private static <P extends Device<? super P>> int registerUnchecked(final int id, final Class<P> intf, final DeviceConfig<? super P> config,
+    private static <P extends Device<? super P>> int checkConfig(final int id, final Class<P> intf, final DeviceConfig<? super P> config,
                                                                       final String name, final String... properties)
     throws IOException, UnsupportedDeviceTypeException, InvalidDeviceConfigException, DeviceNotFoundException, DeviceAlreadyExistsException {
 
@@ -944,14 +944,11 @@
                         p.close();
                     } catch (UnavailableDeviceException pnae3) {}
 
-                    Registry.getInstance().register(new_id, intf, config, name, properties);
-
                     return new_id;
                 }
 
         }).intValue();
-        // send notification in non-priveleged mode
-        RegistrationEventSender.notifyRegistered(null, new PeripheralDescriptorImpl(new_id, name, config, intf, properties));
+
         return new_id;
     }
 
@@ -982,18 +979,7 @@
         checkID(id);
 
         final Registry r = Registry.getInstance();
-        DeviceDescriptor unreg_d = r.unregister(id,
-                                    new Registry.UnregisterProcessor() {
-                                        public void preUnregister(DeviceDescriptor d) {
-
-                                            do {
-                                                String perm = (UNSPECIFIED_ID == d.getID()) ? "" : ":"+d.getID();
-                                                perm = (null == d.getName()) ? perm : d.getName() + perm;
-                                                AccessController.checkPermission(new DeviceMgmtPermission(perm, DeviceMgmtPermission.UNREGISTER));
-                                            } while (false);
-
-                                        }
-                                    });
+        DeviceDescriptor unreg_d = r.unregister(id);
         // send notify
         if (null != unreg_d)
             RegistrationEventSender.notifyUnregistered(null, unreg_d);