[ARIES-1776] Fixes for tck tests with SecurityManager

Project: http://git-wip-us.apache.org/repos/asf/aries-rsa/repo
Commit: http://git-wip-us.apache.org/repos/asf/aries-rsa/commit/75448368
Tree: http://git-wip-us.apache.org/repos/asf/aries-rsa/tree/75448368
Diff: http://git-wip-us.apache.org/repos/asf/aries-rsa/diff/75448368

Branch: refs/heads/master
Commit: 75448368d0efecbef48464bbf10791986e20c4b0
Parents: 2033037
Author: Christian Schneider <[email protected]>
Authored: Thu Feb 8 17:25:52 2018 +0100
Committer: Christian Schneider <[email protected]>
Committed: Thu Feb 8 17:40:34 2018 +0100

----------------------------------------------------------------------
 .../aries/rsa/core/RemoteServiceAdminCore.java  | 48 ++++++++++++++------
 .../rsa/core/RemoteServiceAdminInstance.java    |  7 +--
 .../aries/rsa/core/event/EventAdminSender.java  | 13 ++++--
 .../rsa/core/RemoteServiceAdminCoreTest.java    | 29 ++++--------
 4 files changed, 56 insertions(+), 41 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/aries-rsa/blob/75448368/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminCore.java
----------------------------------------------------------------------
diff --git 
a/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminCore.java 
b/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminCore.java
index 654e61d..1586307 100644
--- a/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminCore.java
+++ b/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminCore.java
@@ -18,6 +18,8 @@
  */
 package org.apache.aries.rsa.core;
 
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
@@ -44,6 +46,7 @@ import org.osgi.framework.ServiceListener;
 import org.osgi.framework.ServiceReference;
 import org.osgi.framework.ServiceRegistration;
 import org.osgi.service.remoteserviceadmin.EndpointDescription;
+import org.osgi.service.remoteserviceadmin.EndpointPermission;
 import org.osgi.service.remoteserviceadmin.ExportReference;
 import org.osgi.service.remoteserviceadmin.ExportRegistration;
 import org.osgi.service.remoteserviceadmin.ImportReference;
@@ -210,22 +213,29 @@ public class RemoteServiceAdminCore implements 
RemoteServiceAdmin {
         return null;
     }
 
-    private ExportRegistration exportService(List<String> interfaceNames,
-            ServiceReference<?> serviceReference, Map<String, Object> 
serviceProperties) {
+    private ExportRegistration exportService(
+            final List<String> interfaceNames,
+            final ServiceReference<?> serviceReference, 
+            final Map<String, Object> serviceProperties) {
         LOG.info("interfaces selected for export: " + interfaceNames);
 
         try {
-            Class<?>[] interfaces = getInterfaces(interfaceNames, 
serviceReference.getBundle());
-            Map<String, Object> eprops = 
createEndpointProps(serviceProperties, interfaces);
-            Bundle bundle = serviceReference.getBundle();
-            if (bundle == null) {
+            checkPermission(new EndpointPermission("*", 
EndpointPermission.EXPORT));
+            Bundle serviceBundle = serviceReference.getBundle();
+            if (serviceBundle == null) {
                 throw new IllegalStateException("Service is already 
unregistered");
             }
-            BundleContext serviceContext = bundle.getBundleContext();
+            final BundleContext serviceContext = 
serviceBundle.getBundleContext();
+            final Object serviceO = 
serviceContext.getService(serviceReference);
+            final Class<?>[] interfaces = getInterfaces(serviceO, 
interfaceNames);
+            final Map<String, Object> eprops = 
createEndpointProps(serviceProperties, interfaces);
             
             // TODO unget service when export is destroyed
-            Object serviceO = serviceContext.getService(serviceReference);
-            Endpoint endpoint = provider.exportService(serviceO, 
serviceContext, eprops, interfaces);
+            Endpoint endpoint = AccessController.doPrivileged(new 
PrivilegedAction<Endpoint>() {
+                public Endpoint run() {
+                    return provider.exportService(serviceO, serviceContext, 
eprops, interfaces);
+                }
+            });
             if (endpoint == null) {
                 return null;
             }
@@ -238,11 +248,16 @@ public class RemoteServiceAdminCore implements 
RemoteServiceAdmin {
         }
     }
     
-    private Class<?>[] getInterfaces(List<String> interfaceNames, 
-                                         Bundle serviceBundle) throws 
ClassNotFoundException {
+    private Class<?>[] getInterfaces(
+            Object serviceO, 
+            List<String> interfaceNames
+            ) throws ClassNotFoundException {
         List<Class<?>> interfaces = new ArrayList<>();
-        for (String interfaceName : interfaceNames) {
-            interfaces.add(serviceBundle.loadClass(interfaceName));
+        Class<?>[] allInterfaces = serviceO.getClass().getInterfaces();
+        for (Class<?> iface : allInterfaces) {
+            if (interfaceNames.contains(iface.getName())) {
+                interfaces.add(iface);
+            }
         }
         return interfaces.toArray(new Class[]{});
     }
@@ -649,4 +664,11 @@ public class RemoteServiceAdminCore implements 
RemoteServiceAdmin {
             }
         }
     }
+    
+    private void checkPermission(EndpointPermission permission) {
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            sm.checkPermission(permission);
+        }
+    }
 }

http://git-wip-us.apache.org/repos/asf/aries-rsa/blob/75448368/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminInstance.java
----------------------------------------------------------------------
diff --git 
a/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminInstance.java 
b/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminInstance.java
index cd435ba..7158f52 100644
--- 
a/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminInstance.java
+++ 
b/rsa/src/main/java/org/apache/aries/rsa/core/RemoteServiceAdminInstance.java
@@ -52,12 +52,7 @@ public class RemoteServiceAdminInstance implements 
RemoteServiceAdmin {
     @Override
     @SuppressWarnings("rawtypes")
     public List<ExportRegistration> exportService(final ServiceReference ref, 
final Map properties) {
-        checkPermission(new EndpointPermission("*", 
EndpointPermission.EXPORT));
-        return AccessController.doPrivileged(new 
PrivilegedAction<List<ExportRegistration>>() {
-            public List<ExportRegistration> run() {
-                return closed ? Collections.<ExportRegistration>emptyList() : 
rsaCore.exportService(ref, properties);
-            }
-        });
+        return closed ? Collections.<ExportRegistration>emptyList() : 
rsaCore.exportService(ref, properties);
     }
 
     @Override

http://git-wip-us.apache.org/repos/asf/aries-rsa/blob/75448368/rsa/src/main/java/org/apache/aries/rsa/core/event/EventAdminSender.java
----------------------------------------------------------------------
diff --git 
a/rsa/src/main/java/org/apache/aries/rsa/core/event/EventAdminSender.java 
b/rsa/src/main/java/org/apache/aries/rsa/core/event/EventAdminSender.java
index f42afc9..9f3e55c 100644
--- a/rsa/src/main/java/org/apache/aries/rsa/core/event/EventAdminSender.java
+++ b/rsa/src/main/java/org/apache/aries/rsa/core/event/EventAdminSender.java
@@ -1,5 +1,7 @@
 package org.apache.aries.rsa.core.event;
 
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -30,11 +32,16 @@ public class EventAdminSender {
     }
 
     public void send(RemoteServiceAdminEvent rsaEvent) {
-       Event event = toEvent(rsaEvent);
+       final Event event = toEvent(rsaEvent);
        ServiceReference<EventAdmin> sref = 
this.context.getServiceReference(EventAdmin.class);
        if (sref != null) {
-           EventAdmin eventAdmin = this.context.getService(sref);
-           eventAdmin.postEvent(event);
+           final EventAdmin eventAdmin = this.context.getService(sref);
+           AccessController.doPrivileged(new PrivilegedAction<Void>() {
+               public Void run() {
+                   eventAdmin.postEvent(event);
+                   return null;
+               }
+           });
            this.context.ungetService(sref);           
        }
     }

http://git-wip-us.apache.org/repos/asf/aries-rsa/blob/75448368/rsa/src/test/java/org/apache/aries/rsa/core/RemoteServiceAdminCoreTest.java
----------------------------------------------------------------------
diff --git 
a/rsa/src/test/java/org/apache/aries/rsa/core/RemoteServiceAdminCoreTest.java 
b/rsa/src/test/java/org/apache/aries/rsa/core/RemoteServiceAdminCoreTest.java
index 02f6f18..c6f3378 100644
--- 
a/rsa/src/test/java/org/apache/aries/rsa/core/RemoteServiceAdminCoreTest.java
+++ 
b/rsa/src/test/java/org/apache/aries/rsa/core/RemoteServiceAdminCoreTest.java
@@ -212,6 +212,7 @@ public class RemoteServiceAdminCoreTest {
         ServiceReference sref = mockServiceReference(sProps);
 
         provider.endpoint = createEndpoint(sProps);
+        ServiceReference sref2 = mockServiceReference(sProps);
         c.replay();
 
         // Export the service for the first time
@@ -230,7 +231,6 @@ public class RemoteServiceAdminCoreTest {
 
         // Ask to export the same service again, this should not go through 
the whole process again but simply return
         // a copy of the first instance.
-        ServiceReference sref2 = mockServiceReference(sProps);
         List<ExportRegistration> eregs2 = rsaCore.exportService(sref2, null);
         assertEquals(1, eregs2.size());
         ExportRegistration ereg2 = eregs2.iterator().next();
@@ -296,6 +296,7 @@ public class RemoteServiceAdminCoreTest {
         sProps.put("service.exported.interfaces", "*");
         ServiceReference sref = mockServiceReference(sProps);
 
+        c.replay();
         provider.ex = new TestException();
 
         List<ExportRegistration> ereg = rsaCore.exportService(sref, sProps);
@@ -304,6 +305,7 @@ public class RemoteServiceAdminCoreTest {
 
         Collection<ExportReference> exportedServices = 
rsaCore.getExportedServices();
         assertEquals("No service was exported", 0, exportedServices.size());
+        c.verify();
     }
 
     @Test
@@ -345,34 +347,23 @@ public class RemoteServiceAdminCoreTest {
     }
 
     private ServiceReference mockServiceReference(final Map<String, Object> 
sProps) {
-        BundleContext bc = EasyMock.createNiceMock(BundleContext.class);
-    
-        Bundle sb = EasyMock.createNiceMock(Bundle.class);
+        BundleContext bc = c.createMock(BundleContext.class);
+        Bundle sb = c.createMock(Bundle.class);
         expect(sb.getBundleContext()).andReturn(bc).anyTimes();
-        try {
-            
expect((Class)sb.loadClass(Runnable.class.getName())).andReturn(Runnable.class);
-        } catch (ClassNotFoundException e) {
-            throw new IllegalStateException(e.getMessage(), e);
-        }
-        EasyMock.replay(sb);
-    
         expect(bc.getBundle()).andReturn(sb).anyTimes();
-        EasyMock.replay(bc);
     
-        ServiceReference sref = 
EasyMock.createNiceMock(ServiceReference.class);
+        String[] propKeys = sProps.keySet().toArray(new String[] {});
+        ServiceReference sref = c.createMock(ServiceReference.class);
         expect(sref.getBundle()).andReturn(sb).anyTimes();
-        expect(sref.getPropertyKeys()).andReturn(sProps.keySet().toArray(new 
String[] {})).anyTimes();
+        expect(sref.getPropertyKeys()).andReturn(propKeys).anyTimes();
         expect(sref.getProperty((String) EasyMock.anyObject())).andAnswer(new 
IAnswer<Object>() {
             @Override
             public Object answer() throws Throwable {
                 return sProps.get(EasyMock.getCurrentArguments()[0]);
             }
         }).anyTimes();
-        EasyMock.replay(sref);
-        
-        Runnable svcObject = EasyMock.createNiceMock(Runnable.class);
-        EasyMock.replay(svcObject);
-
+        Runnable svcObject = c.createMock(Runnable.class);
+        expect(bc.getService(sref)).andReturn(svcObject).anyTimes();
         return sref;
     }
     

Reply via email to