This is an automated email from the ASF dual-hosted git repository.
ffang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/karaf.git
The following commit(s) were added to refs/heads/master by this push:
new 0edb20b [KARAF-5506]ensure we also check the ACL for alias cmds
before auto-completer
0edb20b is described below
commit 0edb20b4f00eb29f2bf2019f0f6564a62625fe41
Author: Freeman Fang <[email protected]>
AuthorDate: Mon Nov 27 17:41:33 2017 +0800
[KARAF-5506]ensure we also check the ACL for alias cmds before
auto-completer
---
.../shell/impl/console/CommandsCompleter.java | 31 +++++++++++++++++++++-
.../osgi/secured/SecuredSessionFactoryImpl.java | 2 +-
2 files changed, 31 insertions(+), 2 deletions(-)
diff --git
a/shell/core/src/main/java/org/apache/karaf/shell/impl/console/CommandsCompleter.java
b/shell/core/src/main/java/org/apache/karaf/shell/impl/console/CommandsCompleter.java
index b75489b..99833b7 100644
---
a/shell/core/src/main/java/org/apache/karaf/shell/impl/console/CommandsCompleter.java
+++
b/shell/core/src/main/java/org/apache/karaf/shell/impl/console/CommandsCompleter.java
@@ -36,6 +36,8 @@ import org.apache.karaf.shell.api.console.CommandLine;
import org.apache.karaf.shell.api.console.Completer;
import org.apache.karaf.shell.api.console.Session;
import org.apache.karaf.shell.api.console.SessionFactory;
+import org.apache.karaf.shell.impl.console.osgi.secured.SecuredCommand;
+import
org.apache.karaf.shell.impl.console.osgi.secured.SecuredSessionFactoryImpl;
import org.apache.karaf.shell.support.completers.ArgumentCommandLine;
import org.apache.karaf.shell.support.completers.StringsCompleter;
import org.jline.reader.LineReader;
@@ -270,7 +272,34 @@ public class CommandsCompleter extends
org.apache.karaf.shell.support.completers
for (String var : vars) {
Object content = session.get(var);
if (content != null &&
"org.apache.felix.gogo.runtime.Closure".equals(content.getClass().getName())) {
- aliases.add(var);
+
+ //check both acl for alias and original cmd to determine if it
should be visible
+ int index = var.indexOf(":");
+ if (index > 0 && (factory instanceof
SecuredSessionFactoryImpl)) {
+ String scope = var.substring(0, index);
+ String command = var.substring(index + 1);
+ String originalCmd = content.toString();
+ index = originalCmd.indexOf(" ");
+ Object securityCmd = null;
+ if (index > 0) {
+ securityCmd =
((org.apache.felix.gogo.runtime.Closure)content).
+ get(originalCmd.substring(0, index));
+ }
+ if (securityCmd instanceof SecuredCommand) {
+ if
(((SecuredSessionFactoryImpl)factory).isVisible(scope, command)
+ &&
((SecuredSessionFactoryImpl)factory).isVisible(((SecuredCommand)securityCmd).getScope(),
+
((SecuredCommand)securityCmd).getName())) {
+ aliases.add(var);
+ }
+ } else {
+ if
(((SecuredSessionFactoryImpl)factory).isVisible(scope, command)) {
+ aliases.add(var);
+ }
+ }
+
+ } else {
+ aliases.add(var);
+ }
}
}
return aliases;
diff --git
a/shell/core/src/main/java/org/apache/karaf/shell/impl/console/osgi/secured/SecuredSessionFactoryImpl.java
b/shell/core/src/main/java/org/apache/karaf/shell/impl/console/osgi/secured/SecuredSessionFactoryImpl.java
index 7fe015c..2140aab 100644
---
a/shell/core/src/main/java/org/apache/karaf/shell/impl/console/osgi/secured/SecuredSessionFactoryImpl.java
+++
b/shell/core/src/main/java/org/apache/karaf/shell/impl/console/osgi/secured/SecuredSessionFactoryImpl.java
@@ -108,7 +108,7 @@ public class SecuredSessionFactoryImpl extends
SessionFactoryImpl implements Con
}
}
- protected boolean isVisible(String scope, String name) {
+ public boolean isVisible(String scope, String name) {
Dictionary<String, Object> config = getScopeConfig(scope);
if (config != null) {
List<String> roles = new ArrayList<>();
--
To stop receiving notification emails like this one, please contact
['"[email protected]" <[email protected]>'].
