OpenSearch/src/main/java/org/elasticsearch/bootstrap/ESPolicy.java

/*
 * Licensed to Elasticsearch under one or more contributor
 * license agreements. See the NOTICE file distributed with
 * this work for additional information regarding copyright
 * ownership. Elasticsearch licenses this file to you under
 * the Apache License, Version 2.0 (the "License"); you may
 * not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.elasticsearch.bootstrap;

import java.net.URI;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Policy;
import java.security.ProtectionDomain;
import java.security.URIParameter;

/** custom policy for union of static and dynamic permissions */
public class ESPolicy extends Policy {
    
    /** template policy file, the one used in tests */
    static final String POLICY_RESOURCE = "security.policy";
    
    final Policy template;
    final PermissionCollection dynamic;

    public ESPolicy(PermissionCollection dynamic) throws Exception {
        URI uri = getClass().getResource(POLICY_RESOURCE).toURI();
        this.template = Policy.getInstance("JavaPolicy", new URIParameter(uri));
        this.dynamic = dynamic;
    }

    @Override
    public boolean implies(ProtectionDomain domain, Permission permission) {
        return template.implies(domain, permission) || dynamic.implies(permission);
    }
}
hacky state 2015-05-04 15:38:46 -04:00			`/*`
			`* Licensed to Elasticsearch under one or more contributor`
			`* license agreements. See the NOTICE file distributed with`
			`* this work for additional information regarding copyright`
			`* ownership. Elasticsearch licenses this file to you under`
			`* the Apache License, Version 2.0 (the "License"); you may`
			`* not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`*`
			`* http://www.apache.org/licenses/LICENSE-2.0`
			`*`
			`* Unless required by applicable law or agreed to in writing,`
			`* software distributed under the License is distributed on an`
			`* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY`
			`* KIND, either express or implied. See the License for the`
			`* specific language governing permissions and limitations`
			`* under the License.`
			`*/`

			`package org.elasticsearch.bootstrap;`

			`import java.net.URI;`
			`import java.security.Permission;`
			`import java.security.PermissionCollection;`
			`import java.security.Policy;`
			`import java.security.ProtectionDomain;`
			`import java.security.URIParameter;`

			`/** custom policy for union of static and dynamic permissions */`
			`public class ESPolicy extends Policy {`

			`/** template policy file, the one used in tests */`
			`static final String POLICY_RESOURCE = "security.policy";`

			`final Policy template;`
			`final PermissionCollection dynamic;`

			`public ESPolicy(PermissionCollection dynamic) throws Exception {`
			`URI uri = getClass().getResource(POLICY_RESOURCE).toURI();`
			`this.template = Policy.getInstance("JavaPolicy", new URIParameter(uri));`
			`this.dynamic = dynamic;`
			`}`

fix permissions bugs 2015-05-04 16:27:24 -04:00			`@Override`
hacky state 2015-05-04 15:38:46 -04:00			`public boolean implies(ProtectionDomain domain, Permission permission) {`
			`return template.implies(domain, permission) \|\| dynamic.implies(permission);`
			`}`
			`}`