/** * Query the <code>SecurityManager</code> agains the given * <code>Permission</code>. * * @param permission */ public static final void checkPermissions(Permission permission) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { String perm = null; switch (permission) { case PLAY: perm = "play"; break; case RECORD: perm = "record"; break; case ALL: default: perm = "*"; break; } sm.checkPermission(new AudioPermission(perm)); } }
/** * Adds a couple of common permissions for both unsigned extensions as well as Groovy scripts. * * @param permissions * the permissions object which will get the permissions added to it */ private static void addCommonPermissions(Permissions permissions) { permissions.add(new AudioPermission("play")); permissions.add(new AWTPermission("listenToAllAWTEvents")); permissions.add(new AWTPermission("setWindowAlwaysOnTop")); permissions.add(new AWTPermission("watchMousePointer")); permissions.add(new LoggingPermission("control", "")); permissions.add(new SocketPermission("*", "connect, listen, accept, resolve")); permissions.add(new URLPermission("http://-", "*:*")); permissions.add(new URLPermission("https://-", "*:*")); // because random Java library calls use sun classes which may or may not do an acess check, // we have to grant access to all of them // this is a very unfortunate permission and I would love to not have it // so if at any point in the future this won't be necessary any longer, remove it!!! permissions.add(new RuntimePermission("accessClassInPackage.sun.*")); permissions.add(new RuntimePermission("accessDeclaredMembers")); permissions.add(new RuntimePermission("getenv.*")); permissions.add(new RuntimePermission("getFileSystemAttributes")); permissions.add(new RuntimePermission("readFileDescriptor")); permissions.add(new RuntimePermission("writeFileDescriptor")); permissions.add(new RuntimePermission("queuePrintJob")); permissions.add(new NetPermission("specifyStreamHandler")); }
static void checkRecordPermission() throws SecurityException { if(Printer.trace) Printer.trace("JSSecurityManager.checkRecordPermission()"); SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(new AudioPermission("record")); } }
@Test public void testAddRolePermissionsAdministrator() throws Exception { Set<Class<? extends Permission>> permissionClassList = new HashSet<>(); permissionClassList.add(FilePermission.class); permissionClassList.add(AudioPermission.class); List<Long> roleUids = new ArrayList<Long>(); roleUids.add(RoleCodeType.AdministratorCode.ID); Set<Class<? extends Permission>> result = PermissionUtility.addRolePermissions(roleUids, permissionClassList); Assert.assertEquals("2 Permissions", 2, result.size()); }
@Test public void testGetPermissionsGroup() throws Exception { final Permission playAudio = new AudioPermission("play"); final Permission recordAudio = new AudioPermission("record"); final Permission print = new RuntimePermission("queuePrintJob"); final Permission clipboard = new AWTPermission("accessClipboard"); final Set<Permission> expected = new HashSet<>(Arrays.asList(playAudio, recordAudio, print, clipboard)); final Set<Permission> generated = new HashSet<>(TemporaryPermissions.getPermissions(PolicyEditorPermissions.Group.MediaAccess)); assertEquals(expected, generated); }
public static org.onosproject.security.Permission getOnosPermission(Permission permission) { if (permission instanceof AppPermission) { return new org.onosproject.security.Permission(AppPermission.class.getName(), permission.getName(), ""); } else if (permission instanceof FilePermission) { return new org.onosproject.security.Permission( FilePermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof SerializablePermission) { return new org.onosproject.security.Permission( SerializablePermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof NetPermission) { return new org.onosproject.security.Permission( NetPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof RuntimePermission) { return new org.onosproject.security.Permission( RuntimePermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof SocketPermission) { return new org.onosproject.security.Permission( SocketPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof SQLPermission) { return new org.onosproject.security.Permission( SQLPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof PropertyPermission) { return new org.onosproject.security.Permission( PropertyPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof LoggingPermission) { return new org.onosproject.security.Permission( LoggingPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof SSLPermission) { return new org.onosproject.security.Permission( SSLPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof AuthPermission) { return new org.onosproject.security.Permission( AuthPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof PrivateCredentialPermission) { return new org.onosproject.security.Permission( PrivateCredentialPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof DelegationPermission) { return new org.onosproject.security.Permission( DelegationPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof javax.security.auth.kerberos.ServicePermission) { return new org.onosproject.security.Permission( javax.security.auth.kerberos.ServicePermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof AudioPermission) { return new org.onosproject.security.Permission( AudioPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof AdaptPermission) { return new org.onosproject.security.Permission( AdaptPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof BundlePermission) { return new org.onosproject.security.Permission( BundlePermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof CapabilityPermission) { return new org.onosproject.security.Permission( CapabilityPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof PackagePermission) { return new org.onosproject.security.Permission( PackagePermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof ServicePermission) { return new org.onosproject.security.Permission( ServicePermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof AdminPermission) { return new org.onosproject.security.Permission( AdminPermission.class.getName(), permission.getName(), permission.getActions()); } else if (permission instanceof ConfigurationPermission) { return new org.onosproject.security.Permission( ConfigurationPermission.class.getName(), permission.getName(), permission.getActions()); } return null; }
private static Permission getPermission(org.onosproject.security.Permission permission) { String classname = permission.getClassName(); String name = permission.getName(); String actions = permission.getActions(); if (classname == null || name == null) { return null; } classname = classname.trim(); name = name.trim(); actions = actions.trim(); if (AppPermission.class.getName().equals(classname)) { return new AppPermission(name); } else if (FilePermission.class.getName().equals(classname)) { return new FilePermission(name, actions); } else if (SerializablePermission.class.getName().equals(classname)) { return new SerializablePermission(name, actions); } else if (NetPermission.class.getName().equals(classname)) { return new NetPermission(name, actions); } else if (RuntimePermission.class.getName().equals(classname)) { return new RuntimePermission(name, actions); } else if (SocketPermission.class.getName().equals(classname)) { return new SocketPermission(name, actions); } else if (SQLPermission.class.getName().equals(classname)) { return new SQLPermission(name, actions); } else if (PropertyPermission.class.getName().equals(classname)) { return new PropertyPermission(name, actions); } else if (LoggingPermission.class.getName().equals(classname)) { return new LoggingPermission(name, actions); } else if (SSLPermission.class.getName().equals(classname)) { return new SSLPermission(name, actions); } else if (AuthPermission.class.getName().equals(classname)) { return new AuthPermission(name, actions); } else if (PrivateCredentialPermission.class.getName().equals(classname)) { return new PrivateCredentialPermission(name, actions); } else if (DelegationPermission.class.getName().equals(classname)) { return new DelegationPermission(name, actions); } else if (javax.security.auth.kerberos.ServicePermission.class.getName().equals(classname)) { return new javax.security.auth.kerberos.ServicePermission(name, actions); } else if (AudioPermission.class.getName().equals(classname)) { return new AudioPermission(name, actions); } else if (AdaptPermission.class.getName().equals(classname)) { return new AdaptPermission(name, actions); } else if (BundlePermission.class.getName().equals(classname)) { return new BundlePermission(name, actions); } else if (CapabilityPermission.class.getName().equals(classname)) { return new CapabilityPermission(name, actions); } else if (PackagePermission.class.getName().equals(classname)) { return new PackagePermission(name, actions); } else if (ServicePermission.class.getName().equals(classname)) { return new ServicePermission(name, actions); } else if (AdminPermission.class.getName().equals(classname)) { return new AdminPermission(name, actions); } else if (ConfigurationPermission.class.getName().equals(classname)) { return new ConfigurationPermission(name, actions); } else if (ReflectPermission.class.getName().equals(classname)) { return new ReflectPermission(name, actions); } //AllPermission, SecurityPermission, UnresolvedPermission //AWTPermission, ReflectPermission not allowed return null; }
protected boolean checkAudioPermission(AudioPermission perm) { /* * If SUT plays some music, then I do not see any major side effect. In worst case, tester can just switch off the speakers during testing. */ return true; }
/** * returns true if able to check permissions * * @param permission the permission to check * @return true if able to, false if not */ @Override public boolean canCheckPermission(Permission permission) { return permission instanceof AudioPermission; }
