HHH-12931 Revert "HHH-12542 - Add necessary privileged action blocks for SecurityManager used on WildFly."

This reverts commit 15a59a1a19.
This commit is contained in:
Guillaume Smet 2018-08-28 17:34:32 +02:00
parent fb54090329
commit d195ce03bc
9 changed files with 153 additions and 330 deletions

View File

@ -12,8 +12,6 @@ import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Properties;
import org.hibernate.boot.cfgxml.spi.LoadedConfig;
@ -50,35 +48,28 @@ public class ConfigLoader {
}
public LoadedConfig loadConfigXmlResource(String cfgXmlResourceName) {
final PrivilegedAction<JaxbCfgHibernateConfiguration> action = new PrivilegedAction<JaxbCfgHibernateConfiguration>() {
@Override
public JaxbCfgHibernateConfiguration run() {
final InputStream stream = bootstrapServiceRegistry.getService( ClassLoaderService.class ).locateResourceStream( cfgXmlResourceName );
if ( stream == null ) {
throw new ConfigurationException( "Could not locate cfg.xml resource [" + cfgXmlResourceName + "]" );
}
try {
return jaxbProcessorHolder.getValue().unmarshal(
final JaxbCfgHibernateConfiguration jaxbCfg = jaxbProcessorHolder.getValue().unmarshal(
stream,
new Origin( SourceType.RESOURCE, cfgXmlResourceName )
);
return LoadedConfig.consume( jaxbCfg );
}
finally {
try {
stream.close();
}
catch ( IOException e ) {
catch (IOException e) {
log.debug( "Unable to close cfg.xml resource stream", e );
}
}
}
};
return LoadedConfig.consume(
System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run()
);
}
public LoadedConfig loadConfigXmlFile(File cfgXmlFile) {
try {

View File

@ -7,9 +7,6 @@
package org.hibernate.boot.jaxb.internal;
import java.io.InputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
@ -101,16 +98,9 @@ public abstract class AbstractBinder implements Binder {
private Binding doBind(XMLEventReader eventReader, Origin origin) {
try {
final PrivilegedAction<Binding> action = new PrivilegedAction<Binding>() {
@Override
public Binding run() {
final StartElement rootElementStartEvent = seekRootElementStartEvent( eventReader, origin );
return doBind( eventReader, rootElementStartEvent, origin );
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
finally {
try {
eventReader.close();

View File

@ -83,16 +83,11 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
orderedClassLoaderSet.add( ClassLoaderServiceImpl.class.getClassLoader() );
// now build the aggregated class loader...
final PrivilegedAction<AggregatedClassLoader> action = new PrivilegedAction<AggregatedClassLoader>() {
@Override
this.aggregatedClassLoader = AccessController.doPrivileged( new PrivilegedAction<AggregatedClassLoader>() {
public AggregatedClassLoader run() {
return new AggregatedClassLoader( orderedClassLoaderSet, lookupPrecedence );
}
};
this.aggregatedClassLoader = System.getSecurityManager() != null
? AccessController.doPrivileged( action )
: action.run();
} );
}
/**
@ -352,9 +347,6 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
@Override
@SuppressWarnings({"unchecked"})
public <T> Class<T> classForName(String className) {
final PrivilegedAction<Class<T>> action = new PrivilegedAction<Class<T>>() {
@Override
public Class<T> run() {
try {
return (Class<T>) Class.forName( className, true, getAggregatedClassLoader() );
}
@ -365,16 +357,10 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
throw new ClassLoadingException( "Unable to load class [" + className + "]", e );
}
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
@Override
public URL locateResource(final String name) {
final PrivilegedAction<URL> action = new PrivilegedAction<URL>() {
@Override
public URL run() {
public URL locateResource(String name) {
// first we try name as a URL
try {
return new URL( name );
}
@ -391,10 +377,10 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
}
if ( name.startsWith( "/" ) ) {
final String resourceName = name.substring( 1 );
name = name.substring( 1 );
try {
final URL url = getAggregatedClassLoader().getResource( resourceName );
final URL url = getAggregatedClassLoader().getResource( name );
if ( url != null ) {
return url;
}
@ -405,10 +391,6 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
return null;
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
@Override
public InputStream locateResourceStream(String name) {
@ -474,9 +456,6 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
@Override
@SuppressWarnings("unchecked")
public <S> Collection<S> loadJavaServices(Class<S> serviceContract) {
final PrivilegedAction<Collection<S>> action = new PrivilegedAction<Collection<S>>() {
@Override
public Collection<S> run() {
ServiceLoader<S> serviceLoader = serviceLoaders.get( serviceContract );
if ( serviceLoader == null ) {
serviceLoader = ServiceLoader.load( serviceContract, getAggregatedClassLoader() );
@ -488,9 +467,6 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
}
return services;
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
@Override
@SuppressWarnings("unchecked")
@ -504,14 +480,8 @@ public class ClassLoaderServiceImpl implements ClassLoaderService {
@Override
public <T> T workWithClassLoader(Work<T> work) {
final PrivilegedAction<T> action = new PrivilegedAction<T>() {
@Override
public T run() {
return work.doWork( getAggregatedClassLoader() );
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
private ClassLoader getAggregatedClassLoader() {
final AggregatedClassLoader aggregated = this.aggregatedClassLoader;

View File

@ -10,8 +10,6 @@ import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedAction;
import org.hibernate.HibernateException;
import org.hibernate.cfg.Environment;
@ -115,9 +113,6 @@ public final class ConfigHelper {
}
public static InputStream getResourceAsStream(String resource) {
final PrivilegedAction<InputStream> action = new PrivilegedAction<InputStream>() {
@Override
public InputStream run() {
String stripped = resource.startsWith( "/" )
? resource.substring( 1 )
: resource;
@ -138,9 +133,7 @@ public final class ConfigHelper {
}
return stream;
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
public static InputStream getUserResourceAsStream(String resource) {
boolean hasLeadingSlash = resource.startsWith( "/" );

View File

@ -13,8 +13,6 @@ import java.lang.reflect.Field;
import java.lang.reflect.Member;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Locale;
import java.util.regex.Pattern;
import javax.persistence.Transient;
@ -237,15 +235,8 @@ public final class ReflectHelper {
}
private static Getter getter(Class clazz, String name) throws MappingException {
final PrivilegedAction<Getter> action = new PrivilegedAction<Getter>() {
@Override
public Getter run() {
return PropertyAccessStrategyMixedImpl.INSTANCE.buildPropertyAccess( clazz, name ).getGetter();
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
public static Object getConstantValue(String name, SessionFactoryImplementor factory) {
boolean conventionalJavaConstants = factory.getSessionFactoryOptions().isConventionalJavaConstants();
@ -281,24 +272,17 @@ public final class ReflectHelper {
return null;
}
final PrivilegedAction<Constructor> action = new PrivilegedAction<Constructor>() {
@Override
public Constructor run() {
try {
Constructor<T> constructor = clazz.getDeclaredConstructor( NO_PARAM_SIGNATURE );
ensureAccessibility( constructor );
return constructor;
}
catch (NoSuchMethodException e) {
catch ( NoSuchMethodException nme ) {
throw new PropertyNotFoundException(
"Object class [" + clazz.getName() + "] must declare a default (no-argument) constructor"
);
}
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
/**
* Determine if the given class is declared abstract.
@ -364,20 +348,13 @@ public final class ReflectHelper {
}
public static Method getMethod(Class clazz, Method method) {
final PrivilegedAction<Method> action = new PrivilegedAction<Method>() {
@Override
public Method run() {
try {
return clazz.getMethod( method.getName(), method.getParameterTypes() );
}
catch (Exception e){
catch (Exception e) {
return null;
}
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
public static Field findField(Class containerClass, String propertyName) {
if ( containerClass == null ) {
@ -387,14 +364,8 @@ public final class ReflectHelper {
throw new IllegalArgumentException( "Illegal attempt to locate field [" + propertyName + "] on Object.class" );
}
final PrivilegedAction<Field> action = new PrivilegedAction<Field>() {
@Override
public Field run() {
return locateField( containerClass, propertyName );
}
};
Field field = locateField( containerClass, propertyName );
final Field field = System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
if ( field == null ) {
throw new PropertyNotFoundException(
String.format(
@ -412,22 +383,11 @@ public final class ReflectHelper {
}
public static void ensureAccessibility(AccessibleObject accessibleObject) {
final PrivilegedAction<Object> action = new PrivilegedAction<Object>() {
@Override
public Object run() {
if ( !accessibleObject.isAccessible() ) {
accessibleObject.setAccessible( true );
if ( accessibleObject.isAccessible() ) {
return;
}
return null;
}
};
if ( System.getSecurityManager() != null ) {
AccessController.doPrivileged( action );
}
else {
action.run();
}
accessibleObject.setAccessible( true );
}
private static Field locateField(Class clazz, String propertyName) {
@ -502,7 +462,7 @@ public final class ReflectHelper {
}
private static Method getGetterOrNull(Class containerClass, String propertyName) {
for ( Method method : getDeclaredMethods( containerClass ) ) {
for ( Method method : containerClass.getDeclaredMethods() ) {
// if the method has parameters, skip it
if ( method.getParameterCount() != 0 ) {
continue;
@ -553,40 +513,18 @@ public final class ReflectHelper {
String propertyName,
Method getMethod,
String stemName) {
final Method isMethod = getDeclaredMethod( containerClass, "is" + stemName );
if ( isMethod != null ) {
// verify that the Class does not also define a method with the same stem name with 'is'
try {
final Method isMethod = containerClass.getDeclaredMethod( "is" + stemName );
if ( !Modifier.isStatic( isMethod.getModifiers() ) && isMethod.getAnnotation( Transient.class ) == null ) {
// No such method should throw the caught exception. So if we get here, there was
// such a method.
checkGetAndIsVariants( containerClass, propertyName, getMethod, isMethod );
}
}
}
private static Method getDeclaredMethod(Class containerClass, String methodName) {
final PrivilegedAction<Method> action = new PrivilegedAction<Method>() {
@Override
public Method run() {
try {
return containerClass.getDeclaredMethod( methodName );
}
catch (NoSuchMethodException ignore) {
return null;
}
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
private static Method[] getDeclaredMethods(Class containerClass) {
final PrivilegedAction<Method[]> action = new PrivilegedAction<Method[]>() {
@Override
public Method[] run() {
return containerClass.getDeclaredMethods();
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
private static void checkGetAndIsVariants(
Class containerClass,
@ -616,14 +554,16 @@ public final class ReflectHelper {
Method isMethod,
String stemName) {
// verify that the Class does not also define a method with the same stem name with 'is'
final Method getMethod = getDeclaredMethod( containerClass, "get" + stemName );
if ( getMethod != null ) {
try {
final Method getMethod = containerClass.getDeclaredMethod( "get" + stemName );
// No such method should throw the caught exception. So if we get here, there was
// such a method.
if ( !Modifier.isStatic( getMethod.getModifiers() ) && getMethod.getAnnotation( Transient.class ) == null ) {
checkGetAndIsVariants( containerClass, propertyName, getMethod, isMethod );
}
}
catch (NoSuchMethodException ignore) {
}
}
public static Method getterMethodOrNull(Class containerJavaType, String propertyName) {
@ -691,7 +631,7 @@ public final class ReflectHelper {
private static Method setterOrNull(Class theClass, String propertyName, Class propertyType) {
Method potentialSetter = null;
for ( Method method : getDeclaredMethods( theClass ) ) {
for ( Method method : theClass.getDeclaredMethods() ) {
final String methodName = method.getName();
if ( method.getParameterCount() == 1 && methodName.startsWith( "set" ) ) {
final String testOldMethod = methodName.substring( 3 );
@ -716,7 +656,7 @@ public final class ReflectHelper {
* as an abstract - but again, that is such an edge case...
*/
public static Method findGetterMethodForFieldAccess(Field field, String propertyName) {
for ( Method method : getDeclaredMethods( field.getDeclaringClass() ) ) {
for ( Method method : field.getDeclaringClass().getDeclaredMethods() ) {
// if the method has parameters, skip it
if ( method.getParameterCount() != 0 ) {
continue;

View File

@ -10,8 +10,6 @@ import java.lang.annotation.Annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Target;
import java.lang.reflect.Method;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.List;
import javax.persistence.Entity;
@ -74,7 +72,6 @@ public class CallbackBuilderLegacyImpl implements CallbackBuilder {
}
continue;
}
final Callback[] callbacks = resolveEntityCallbacks( entityXClass, callbackType, reflectionManager );
callbackRegistrar.registerCallbacks( entityClass, callbacks );
}
@ -122,7 +119,7 @@ public class CallbackBuilderLegacyImpl implements CallbackBuilder {
final boolean debugEnabled = log.isDebugEnabled();
do {
Callback callback = null;
List<XMethod> methods = getDeclaredMethods( currentClazz );
List<XMethod> methods = currentClazz.getDeclaredMethods();
for ( final XMethod xMethod : methods ) {
if ( xMethod.isAnnotationPresent( callbackType.getCallbackAnnotation() ) ) {
Method method = reflectionManager.toMethod( xMethod );
@ -193,7 +190,7 @@ public class CallbackBuilderLegacyImpl implements CallbackBuilder {
if ( listener != null ) {
XClass xListener = reflectionManager.toXClass( listener );
callbacksMethodNames = new ArrayList<>();
List<XMethod> methods = getDeclaredMethods( xListener );
List<XMethod> methods = xListener.getDeclaredMethods();
for ( final XMethod xMethod : methods ) {
if ( xMethod.isAnnotationPresent( callbackType.getCallbackAnnotation() ) ) {
final Method method = reflectionManager.toMethod( xMethod );
@ -341,14 +338,4 @@ public class CallbackBuilderLegacyImpl implements CallbackBuilder {
}
}
}
private static List<XMethod> getDeclaredMethods(XClass clazz) {
final PrivilegedAction<List<XMethod>> action = new PrivilegedAction<List<XMethod>>() {
@Override
public List<XMethod> run() {
return clazz.getDeclaredMethods();
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
}

View File

@ -7,8 +7,6 @@
package org.hibernate.metamodel.internal;
import java.lang.reflect.Field;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@ -378,10 +376,6 @@ class MetadataContext {
return;
}
final String metamodelClassName = managedTypeClass.getName() + '_';
final PrivilegedAction<Object> action = new PrivilegedAction<Object>() {
@Override
public Object run() {
try {
final Class metamodelClass = Class.forName( metamodelClassName, true, managedTypeClass.getClassLoader() );
// we found the class; so populate it...
@ -390,15 +384,6 @@ class MetadataContext {
catch (ClassNotFoundException ignore) {
// nothing to do...
}
return null;
}
};
if ( System.getSecurityManager() != null ) {
AccessController.doPrivileged( action );
}
else {
action.run();
}
// todo : this does not account for @MappeSuperclass, mainly because this is not being tracked in our
// internal metamodel as populated from the annotatios properly

View File

@ -8,8 +8,6 @@ package org.hibernate.tuple.entity;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
@ -159,9 +157,6 @@ public class PojoEntityTuplizer extends AbstractEntityTuplizer {
null :
ReflectHelper.getMethod( proxyInterface, idSetterMethod );
final PrivilegedAction<ProxyFactory> action = new PrivilegedAction<ProxyFactory>() {
@Override
public ProxyFactory run() {
ProxyFactory pf = buildProxyFactoryInternal( persistentClass, idGetter, idSetter );
try {
pf.postInstantiate(
@ -181,10 +176,6 @@ public class PojoEntityTuplizer extends AbstractEntityTuplizer {
}
return pf;
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
protected ProxyFactory buildProxyFactoryInternal(
PersistentClass persistentClass,

View File

@ -7,8 +7,6 @@
package org.hibernate.envers.configuration.internal.metadata.reader;
import java.lang.annotation.Annotation;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
@ -49,7 +47,6 @@ import org.hibernate.loader.PropertyPath;
import org.hibernate.mapping.Component;
import org.hibernate.mapping.Property;
import org.hibernate.mapping.Value;
import org.jboss.logging.Logger;
import static org.hibernate.envers.internal.tools.Tools.newHashMap;
@ -357,47 +354,26 @@ public class AuditedPropertiesReader {
//look in the class
addFromProperties(
getPropertiesFromClassByType( clazz, AccessType.FIELD ),
clazz.getDeclaredProperties( "field" ),
it -> "field",
fieldAccessedPersistentProperties,
allClassAudited
);
addFromProperties(
getPropertiesFromClassByType( clazz, AccessType.PROPERTY ),
clazz.getDeclaredProperties( "property" ),
propertyAccessedPersistentProperties::get,
propertyAccessedPersistentProperties.keySet(),
allClassAudited
);
if ( allClassAudited != null || !auditedPropertiesHolder.isEmpty() ) {
final PrivilegedAction<XClass> action = new PrivilegedAction<XClass>() {
@Override
public XClass run() {
return clazz.getSuperclass();
}
};
final XClass superclazz = System.getSecurityManager() != null
? AccessController.doPrivileged( action )
: action.run();
final XClass superclazz = clazz.getSuperclass();
if ( !clazz.isInterface() && !"java.lang.Object".equals( superclazz.getName() ) ) {
addPropertiesFromClass( superclazz );
}
}
}
private Iterable<XProperty> getPropertiesFromClassByType(XClass clazz, AccessType accessType) {
final PrivilegedAction<Iterable<XProperty>> action = new PrivilegedAction<Iterable<XProperty>>() {
@Override
public Iterable<XProperty> run() {
return clazz.getDeclaredProperties( accessType.getType() );
}
};
return System.getSecurityManager() != null ? AccessController.doPrivileged( action ) : action.run();
}
private void addFromProperties(
Iterable<XProperty> properties,
Function<String, String> accessTypeProvider,