001
014
015 package com.liferay.portal.dao.jdbc.pacl;
016
017 import com.liferay.portal.security.lang.PortalSecurityManagerThreadLocal;
018 import com.liferay.portal.security.pacl.PACLPolicy;
019
020 import java.lang.Object;
021 import java.lang.reflect.InvocationHandler;
022 import java.lang.reflect.InvocationTargetException;
023 import java.lang.reflect.Method;
024
025 import java.sql.Statement;
026
027
030 public class PACLStatementHandler implements InvocationHandler {
031
032 public PACLStatementHandler(Statement statement, PACLPolicy paclPolicy) {
033 _statement = statement;
034 _paclPolicy = paclPolicy;
035 }
036
037 public Object invoke(Object proxy, Method method, Object[] arguments)
038 throws Throwable {
039
040 try {
041 String methodName = method.getName();
042
043 if (methodName.equals("addBatch") || methodName.equals("execute") ||
044 methodName.equals("executeQuery") ||
045 methodName.equals("executeUpdate")) {
046
047 if ((arguments != null) && (arguments.length > 0)) {
048 String sql = (String)arguments[0];
049
050 if (!_paclPolicy.hasSQL(sql)) {
051 throw new SecurityException(
052 "Attempted to execute unapproved SQL " + sql);
053 }
054 }
055 }
056 else if (methodName.equals("equals")) {
057 if (proxy == arguments[0]) {
058 return true;
059 }
060 else {
061 return false;
062 }
063 }
064 else if (methodName.equals("hashCode")) {
065 return System.identityHashCode(proxy);
066 }
067
068 boolean enabled = PortalSecurityManagerThreadLocal.isEnabled();
069
070 try {
071 PortalSecurityManagerThreadLocal.setEnabled(false);
072
073 return method.invoke(_statement, arguments);
074 }
075 finally {
076 PortalSecurityManagerThreadLocal.setEnabled(enabled);
077 }
078 }
079 catch (InvocationTargetException ite) {
080 throw ite.getTargetException();
081 }
082 }
083
084 private PACLPolicy _paclPolicy;
085 private Statement _statement;
086
087 }