Author: tolusha Date: 2010-11-10 05:59:48 -0500 (Wed, 10 Nov 2010) New Revision: 3421 Modified: ws/trunk/exo.ws.commons/pom.xml ws/trunk/exo.ws.frameworks.json/pom.xml ws/trunk/exo.ws.rest.core/pom.xml ws/trunk/exo.ws.rest.core/src/main/java/org/exoplatform/services/rest/impl/method/DefaultMethodInvoker.java ws/trunk/exo.ws.rest.ext/pom.xml ws/trunk/pom.xml Log: EXOJCR-986: Enable SecurityManager by default Modified: ws/trunk/exo.ws.commons/pom.xml =================================================================== --- ws/trunk/exo.ws.commons/pom.xml 2010-11-10 10:57:53 UTC (rev 3420) +++ ws/trunk/exo.ws.commons/pom.xml 2010-11-10 10:59:48 UTC (rev 3421) @@ -40,7 +40,6 @@ <dependency> <groupId>org.exoplatform.kernel</groupId> <artifactId>exo.kernel.commons.test</artifactId> - <scope>test</scope> </dependency> <dependency> <groupId>javax.xml.stream</groupId> Modified: ws/trunk/exo.ws.frameworks.json/pom.xml =================================================================== --- ws/trunk/exo.ws.frameworks.json/pom.xml 2010-11-10 10:57:53 UTC (rev 3420) +++ ws/trunk/exo.ws.frameworks.json/pom.xml 2010-11-10 10:59:48 UTC (rev 3421) @@ -47,7 +47,6 @@ <dependency> <groupId>org.exoplatform.kernel</groupId> <artifactId>exo.kernel.commons.test</artifactId> - <scope>test</scope> </dependency> </dependencies> Modified: ws/trunk/exo.ws.rest.core/pom.xml =================================================================== --- ws/trunk/exo.ws.rest.core/pom.xml 2010-11-10 10:57:53 UTC (rev 3420) +++ ws/trunk/exo.ws.rest.core/pom.xml 2010-11-10 10:59:48 UTC (rev 3421) @@ -44,7 +44,6 @@ <dependency> <groupId>org.exoplatform.kernel</groupId> <artifactId>exo.kernel.commons.test</artifactId> - <scope>test</scope> </dependency> <dependency> <groupId>org.exoplatform.ws</groupId> Modified: ws/trunk/exo.ws.rest.core/src/main/java/org/exoplatform/services/rest/impl/method/DefaultMethodInvoker.java =================================================================== --- ws/trunk/exo.ws.rest.core/src/main/java/org/exoplatform/services/rest/impl/method/DefaultMethodInvoker.java 2010-11-10 10:57:53 UTC (rev 3420) +++ ws/trunk/exo.ws.rest.core/src/main/java/org/exoplatform/services/rest/impl/method/DefaultMethodInvoker.java 2010-11-10 10:59:48 UTC (rev 3421) @@ -18,6 +18,7 @@ */ package org.exoplatform.services.rest.impl.method; +import org.exoplatform.commons.utils.SecurityHelper; import org.exoplatform.services.log.ExoLogger; import org.exoplatform.services.log.Log; import org.exoplatform.services.rest.ApplicationContext; @@ -31,6 +32,8 @@ import java.io.InputStream; import java.lang.annotation.Annotation; import java.lang.reflect.InvocationTargetException; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; import java.util.List; import javax.ws.rs.MatrixParam; @@ -174,37 +177,55 @@ return invokeMethod(resource, methodResource, p); } - protected Object invokeMethod(Object resource, GenericMethodResource methodResource, Object[] p) + protected Object invokeMethod(final Object resource, final GenericMethodResource methodResource, final Object[] p) { try { - return methodResource.getMethod().invoke(resource, p); + return SecurityHelper.doPriviledgedExceptionAction(new PrivilegedExceptionAction<Object>() + { + public Object run() throws Exception + { + return methodResource.getMethod().invoke(resource, p); + } + }); } - catch (IllegalArgumentException argExc) + catch (PrivilegedActionException pae) { - // should not be thrown - throw new InternalException(argExc); - } - catch (IllegalAccessException accessExc) - { - // should not be thrown - throw new InternalException(accessExc); - } - catch (InvocationTargetException invExc) - { - if (LOG.isDebugEnabled()) + Throwable cause = pae.getCause(); + if (cause instanceof IllegalArgumentException) { - invExc.printStackTrace(); + // should not be thrown + throw new InternalException(cause); } - // get cause of exception that method produces - Throwable cause = invExc.getCause(); - // if WebApplicationException than it may contain response - if (WebApplicationException.class == cause.getClass()) + else if (cause instanceof IllegalAccessException) { - throw (WebApplicationException)cause; + // should not be thrown + throw new InternalException(cause); } + else if (cause instanceof InvocationTargetException) + { + if (LOG.isDebugEnabled()) + { + cause.printStackTrace(); + } + // get cause of exception that method produces + Throwable throwable = cause.getCause(); + // if WebApplicationException than it may contain response + if (WebApplicationException.class == throwable.getClass()) + { + throw (WebApplicationException)throwable; + } - throw new InternalException(cause); + throw new InternalException(throwable); + } + else if (cause instanceof RuntimeException) + { + throw (RuntimeException)cause; + } + else + { + throw new RuntimeException(cause); + } } } Modified: ws/trunk/exo.ws.rest.ext/pom.xml =================================================================== --- ws/trunk/exo.ws.rest.ext/pom.xml 2010-11-10 10:57:53 UTC (rev 3420) +++ ws/trunk/exo.ws.rest.ext/pom.xml 2010-11-10 10:59:48 UTC (rev 3421) @@ -44,7 +44,6 @@ <dependency> <groupId>org.exoplatform.kernel</groupId> <artifactId>exo.kernel.commons.test</artifactId> - <scope>test</scope> </dependency> <dependency> <groupId>org.exoplatform.core</groupId> Modified: ws/trunk/pom.xml =================================================================== --- ws/trunk/pom.xml 2010-11-10 10:57:53 UTC (rev 3420) +++ ws/trunk/pom.xml 2010-11-10 10:59:48 UTC (rev 3421) @@ -80,6 +80,7 @@ <groupId>org.exoplatform.kernel</groupId> <artifactId>exo.kernel.commons.test</artifactId> <version>${org.exoplatform.kernel.version}</version> + <scope>test</scope> </dependency> <dependency> <groupId>org.exoplatform.core</groupId>