HHH-12932 Execute ByteBuddy code requiring privileges inside a privileged block
This commit is contained in:
parent
56a29af496
commit
b04de4c9f7
|
@ -262,6 +262,7 @@ public final class ByteBuddyState {
|
||||||
}
|
}
|
||||||
|
|
||||||
private static ForDeclaredMethods getDeclaredMethodMemberSubstitution() {
|
private static ForDeclaredMethods getDeclaredMethodMemberSubstitution() {
|
||||||
|
// this should only be called if the security manager is enabled, thus the privileged calls
|
||||||
return MemberSubstitution.relaxed()
|
return MemberSubstitution.relaxed()
|
||||||
.method( ElementMatchers.is( AccessController.doPrivileged( new GetDeclaredMethodAction( Class.class,
|
.method( ElementMatchers.is( AccessController.doPrivileged( new GetDeclaredMethodAction( Class.class,
|
||||||
"getDeclaredMethod", String.class, Class[].class ) ) ) )
|
"getDeclaredMethod", String.class, Class[].class ) ) ) )
|
||||||
|
@ -272,6 +273,7 @@ public final class ByteBuddyState {
|
||||||
}
|
}
|
||||||
|
|
||||||
private static ForDeclaredMethods getMethodMemberSubstitution() {
|
private static ForDeclaredMethods getMethodMemberSubstitution() {
|
||||||
|
// this should only be called if the security manager is enabled, thus the privileged calls
|
||||||
return MemberSubstitution.relaxed()
|
return MemberSubstitution.relaxed()
|
||||||
.method( ElementMatchers.is( AccessController.doPrivileged( new GetDeclaredMethodAction( Class.class,
|
.method( ElementMatchers.is( AccessController.doPrivileged( new GetDeclaredMethodAction( Class.class,
|
||||||
"getMethod", String.class, Class[].class ) ) ) )
|
"getMethod", String.class, Class[].class ) ) ) )
|
||||||
|
@ -321,10 +323,33 @@ public final class ByteBuddyState {
|
||||||
.and( returns( td -> "groovy.lang.MetaClass".equals( td.getName() ) ) ) );
|
.and( returns( td -> "groovy.lang.MetaClass".equals( td.getName() ) ) ) );
|
||||||
this.virtualNotFinalizerFilter = isVirtual().and( not( isFinalizer() ) );
|
this.virtualNotFinalizerFilter = isVirtual().and( not( isFinalizer() ) );
|
||||||
this.hibernateGeneratedMethodFilter = nameStartsWith( "$$_hibernate_" ).and( isVirtual() );
|
this.hibernateGeneratedMethodFilter = nameStartsWith( "$$_hibernate_" ).and( isVirtual() );
|
||||||
this.delegateToInterceptorDispatcherMethodDelegation = MethodDelegation
|
|
||||||
.to( ProxyConfiguration.InterceptorDispatcher.class );
|
PrivilegedAction<MethodDelegation> delegateToInterceptorDispatcherMethodDelegationPrivilegedAction =
|
||||||
this.interceptorFieldAccessor = FieldAccessor.ofField( ProxyConfiguration.INTERCEPTOR_FIELD_NAME )
|
new PrivilegedAction<MethodDelegation>() {
|
||||||
.withAssigner( Assigner.DEFAULT, Assigner.Typing.DYNAMIC );
|
|
||||||
|
@Override
|
||||||
|
public MethodDelegation run() {
|
||||||
|
return MethodDelegation.to( ProxyConfiguration.InterceptorDispatcher.class );
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
this.delegateToInterceptorDispatcherMethodDelegation = System.getSecurityManager() != null
|
||||||
|
? AccessController.doPrivileged( delegateToInterceptorDispatcherMethodDelegationPrivilegedAction )
|
||||||
|
: delegateToInterceptorDispatcherMethodDelegationPrivilegedAction.run();
|
||||||
|
|
||||||
|
PrivilegedAction<FieldAccessor.PropertyConfigurable> interceptorFieldAccessorPrivilegedAction =
|
||||||
|
new PrivilegedAction<FieldAccessor.PropertyConfigurable>() {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public FieldAccessor.PropertyConfigurable run() {
|
||||||
|
return FieldAccessor.ofField( ProxyConfiguration.INTERCEPTOR_FIELD_NAME )
|
||||||
|
.withAssigner( Assigner.DEFAULT, Assigner.Typing.DYNAMIC );
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
this.interceptorFieldAccessor = System.getSecurityManager() != null
|
||||||
|
? AccessController.doPrivileged( interceptorFieldAccessorPrivilegedAction )
|
||||||
|
: interceptorFieldAccessorPrivilegedAction.run();
|
||||||
}
|
}
|
||||||
|
|
||||||
public ElementMatcher<? super MethodDescription> getGroovyGetMetaClassFilter() {
|
public ElementMatcher<? super MethodDescription> getGroovyGetMetaClassFilter() {
|
||||||
|
|
Loading…
Reference in New Issue