📄 permissions.java
字号:
/* Check every API entry to see if it's an alias */ for (apiIdx = 0; apiIdx < apiList.size(); apiIdx++) { String apiName = (String)apiList.elementAt(apiIdx); /* If the API name contains a period, it cannot be an alias */ if (apiName.indexOf('.') == -1) { Enumeration e = aliasTable.keys(); while (e.hasMoreElements()) { String aliasName = (String)e.nextElement(); if (apiName.equals(aliasName)) { Vector aliasVector = (Vector)aliasTable.get(aliasName); // Add all API names contained in the alias for (int i = 0; i < aliasVector.size(); i++) { returnList.addElement(aliasVector.elementAt(i)); } aliasMatch = true; break; // Can only match one alias name per apiName } } } if (aliasMatch) { aliasMatch = false; continue; // Do not add apiName if it is an alias } /* Did not match an alias name; this must be a real API name */ returnList.addElement(apiName); } return returnList; } /** * Clear the permissions list by setting all permissions to * Permissions.DENY. * * @param perms a permission array to clear. */ private static void clearPerms(byte[] perms) { // Assume perms array is non-null for (int i = 0; i < perms.length; i++) { perms[i] = Permissions.NEVER; // This is default perm } } /** * Find the given permission name in the global names list. * * @param apiName the name of the API to find. * * @return int the index into global names list. * * @exception IllegalArgumentException if apiName is not found in * the global names list */ private static int getPermIndex(String apiName) { int nameIdx; for (nameIdx = 0; nameIdx < names.length; nameIdx++) { if (names[nameIdx].equals(apiName)) { return nameIdx; } } // Abort processing throw new IllegalArgumentException("bad API name: " + apiName); } /** * Set the default and highest permission level for the given * API(s). The API list must only include real API names and * not alias names. * * @param perms the permission array to set * @param apiList a list of APIs to set * @param highestLevel the highest permission level for every API in * apiList * @param defaultLevel the default permission level for every API in * apiList */ private static void setPerms(byte[] perms, Vector apiList, byte highestLevel, byte defaultLevel) { int apiIdx; for (apiIdx = 0; apiIdx < apiList.size(); apiIdx++) { int permIdx; permIdx = getPermIndex((String)apiList.elementAt(apiIdx)) * 2; perms[permIdx] = highestLevel; perms[permIdx+1] = defaultLevel; } } /** * Convert the string permission name to the byte constant value. * * @param permString the permission string to convert * * @return byte the permission constant value * * @exception IllegalArgumentException if permString is not one of * pre-defined permission values */ private static byte getPermFromString(String permString) { /* Do not check for 'null'; we should throw an NPE */ if ("allow".equals(permString)) { return Permissions.ALLOW; } else if ("blanket".equals(permString)) { return Permissions.BLANKET; } else if ("session".equals(permString)) { return Permissions.SESSION; } else if ("oneshot".equals(permString)) { return Permissions.ONE_SHOT; } else { // Abort processing throw new IllegalArgumentException("bad perm level: " + permString); } } /** * Read the permissions file into the global permissions table. * * @param token security token of the calling class * * @exception InvalidJadException if there was any trouble reading * or parsing the permissions file. */ private static void readPermissionsTable(SecurityToken token) throws InvalidJadException { RandomAccessStream storage; InputStream permIS; try { storage = new RandomAccessStream(token); storage.connect(File.getStorageRoot() + POLICY_FILENAME, Connector.READ); permIS = storage.openInputStream(); } catch (Exception e) { throw new InvalidJadException(InvalidJadException.JAD_NOT_FOUND); } try { PermissionProperties pp = new PermissionProperties(); byte[] newPerms = new byte[NUMBER_OF_PERMISSIONS*2]; String currentDomain = null; Hashtable aliasTable = null; String propertyValue; String propertyKey; pp.load(permIS); clearPerms(newPerms); for (int i = 0; i < pp.size(); i++) { propertyKey = pp.getKeyAt(i); propertyValue = pp.getValueAt(i); if ("alias".equals(propertyKey)) { String aliasName; String aliasValue; int nameIdx; nameIdx = propertyValue.indexOf(' '); aliasName = propertyValue.substring(0, nameIdx); aliasValue = propertyValue.substring(nameIdx + 1, propertyValue.length()); if (aliasTable == null) { aliasTable = new Hashtable(); } aliasTable.put(aliasName, Util.getCommaSeparatedValues(aliasValue)); } else if ("domain".equals(propertyKey)) { if (permissionsTable == null) { permissionsTable = new Hashtable(); } if (currentDomain != null) { permissionsTable.put(currentDomain, newPerms); // hash tables do not copy values newPerms = new byte[NUMBER_OF_PERMISSIONS*2]; clearPerms(newPerms); } currentDomain = propertyValue; } else if ("allow".equals(propertyKey)) { Vector apiNames; apiNames = Util.getCommaSeparatedValues(propertyValue); apiNames = expandAlias(apiNames, aliasTable); setPerms(newPerms, apiNames, Permissions.ALLOW, Permissions.ALLOW); } else { /* * Must be a user permission level. If it is some * other string, getPermFromString() will throw * an IllegalArgumentException and abort processing * of the policy file */ byte perm; byte defaultPerm; int defaultPermIdx; if ((defaultPermIdx = propertyKey.indexOf('(')) != -1) { String permString = propertyKey.substring(0, defaultPermIdx); String defaultPermString = propertyKey.substring(defaultPermIdx + 1, propertyKey.indexOf(')')); perm = getPermFromString(permString); defaultPerm = getPermFromString(defaultPermString); } else { perm = getPermFromString(propertyKey); defaultPerm = Permissions.DENY; } Vector apiNames; apiNames = Util.getCommaSeparatedValues(propertyValue); apiNames = expandAlias(apiNames, aliasTable); setPerms(newPerms, apiNames, perm, defaultPerm); } } if (permissionsTable == null) { permissionsTable = new Hashtable(); } if (currentDomain != null) { permissionsTable.put(currentDomain, newPerms); } } catch (Exception e) { System.out.println("Corrupt policy file"); e.printStackTrace(); permissionsTable = null; // Do not save half-processed permissions throw new InvalidJadException(InvalidJadException.INVALID_KEY); } finally { try { storage.disconnect(); } catch (Exception e) { // nothing we can do. } } } /** * Get the list of permissions and defaults for a domain. * * @param token security token of the calling class * @param domain name of domain * @param permissions array to hold the permissions * @param defaults array to hold the defaults for the user query * * @return true if the domain was found, otherwise false */ private static boolean getPermissions(SecurityToken token, String domain, byte[] permissions, byte[] defaults) { if (permissionsTable == null) { // We have not read the policy file yet.. try { readPermissionsTable(token); } catch (InvalidJadException ije) { return false; } } byte[] permList = (byte[])permissionsTable.get(domain); if (permList != null) { // Copy permissions from permission table for (int idx = 0; idx < NUMBER_OF_PERMISSIONS; idx++) { int permIdx = idx * 2; permissions[idx] = permList[permIdx]; defaults[idx] = permList[permIdx+1]; } return true; } return false; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -