001
014
015 package com.liferay.portal.security.pacl.checker;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019
020 import java.awt.AWTPermission;
021
022 import java.security.Permission;
023 import java.security.Permissions;
024
025 import java.util.Set;
026
027
030 public class AWTChecker extends BaseChecker {
031
032 public void afterPropertiesSet() {
033 initOperations();
034 }
035
036 @Override
037 public AuthorizationProperty generateAuthorizationProperty
038 (Object... arguments) {
039
040 if ((arguments != null) && (arguments.length == 1) &&
041 (arguments[0] instanceof Permission)) {
042
043 return null;
044 }
045
046 Permission permission = (Permission)arguments[0];
047
048 AuthorizationProperty authorizationProperty =
049 new AuthorizationProperty();
050
051 authorizationProperty.setKey("security-manager-awt-operations");
052 authorizationProperty.setValue(permission.getName());
053
054 return authorizationProperty;
055 }
056
057 public boolean implies(Permission permission) {
058 if (_permissions.implies(permission)) {
059 return true;
060 }
061
062 String name = permission.getName();
063
064 logSecurityException(_log, "Attempted operation " + name + " on AWT");
065
066 return false;
067 }
068
069 protected void initOperations() {
070 Set<String> names = getPropertySet("security-manager-awt-operations");
071
072 for (String name : names) {
073 Permission permission = new AWTPermission(name);
074
075 _permissions.add(permission);
076 }
077 }
078
079 private static Log _log = LogFactoryUtil.getLog(AWTChecker.class);
080
081 private Permissions _permissions = new Permissions();
082
083 }