svn commit: r1036367 - /incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java

Thu, 18 Nov 2010 01:37:38 -0800 

Author: ito
Date: Thu Nov 18 09:36:16 2010
New Revision: 1036367

URL: http://svn.apache.org/viewvc?rev=1036367&view=rev
Log:
CLEREZZA-360: check if user has SecurityPermission(getPolicy)

Modified:
    
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java

Modified: 
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
URL: 
http://svn.apache.org/viewvc/incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java?rev=1036367&r1=1036366&r2=1036367&view=diff
==============================================================================
--- 
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
 (original)
+++ 
incubator/clerezza/trunk/org.apache.clerezza.parent/org.apache.clerezza.platform.usermanager/src/main/java/org/apache/clerezza/platform/usermanager/UserManagerImpl.java
 Thu Nov 18 09:36:16 2010
@@ -24,6 +24,7 @@ import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.Policy;
 import java.security.PrivilegedAction;
+import java.security.SecurityPermission;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.Iterator;
@@ -227,6 +228,7 @@ public class UserManagerImpl implements 
 
        private void addPermissionEntriesForARole(NonLiteral role,
                        String id, List<String> permissionEntries) {
+               AccessController.checkPermission(new 
SecurityPermission("getPolicy"));
                if (role == null) {
                        logger.debug("Cannot assign permissions: {} does not 
exist", id);
                        return;
@@ -321,6 +323,7 @@ public class UserManagerImpl implements 
 
        private void deletePermissionEntriesOfARole(NonLiteral role,
                        String id, List<String> permissionEntries) {
+               AccessController.checkPermission(new 
SecurityPermission("getPolicy"));
                if (role == null) {
                        logger.debug("Cannot delete permissions: {} does not 
exist", id);
                        return;
@@ -355,6 +358,7 @@ public class UserManagerImpl implements 
        }
 
        private void deleteAllPermissionEntriesOfARole(NonLiteral role) {
+               AccessController.checkPermission(new 
SecurityPermission("getPolicy"));
                if (role == null) {
                        return;
                }
@@ -463,6 +467,7 @@ public class UserManagerImpl implements 
        public void updateUser(String name, String email, String password,
                        Collection<String> assignedRoles, String pathPrefix) {
 
+               AccessController.checkPermission(new 
SecurityPermission("getPolicy"));
                if (name == null) {
                        throw new IllegalArgumentException("userName may not be 
null");
                }

Reply via email to