January 2009 - portal-commits - Jboss List Archives

JBoss Portal SVN: r12760 - modules/authorization/trunk.

by portal-commits＠lists.jboss.org

Author: sohil.shah(a)jboss.com Date: 2009-01-31 18:58:05 -0500 (Sat, 31 Jan 2009) New Revision: 12760 Removed: modules/authorization/trunk/classes/ Log:

15 years, 2 months

1
0
0 / 0

JBoss Portal SVN: r12759 - in modules/authorization/trunk: common and 28 other directories.

by portal-commits＠lists.jboss.org

Author: sohil.shah(a)jboss.com Date: 2009-01-31 18:57:18 -0500 (Sat, 31 Jan 2009) New Revision: 12759 Added: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/HierarchialPolicy.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/NoPermitMeansDeniedAlg.java modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/RuleCombiningAlgImplies.java modules/authorization/trunk/policy-server/src/main/resources/META-INF/ modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml modules/authorization/trunk/policy-server/src/test/java/org/ modules/authorization/trunk/policy-server/src/test/java/org/jboss/ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsFunction.java modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRuleManager.java modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRules.java modules/authorization/trunk/policy-server/src/test/resources/log4j.properties modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml modules/authorization/trunk/policy-server/src/test/resources/rules/ modules/authorization/trunk/policy-server/src/test/resources/rules/add-security.drl modules/authorization/trunk/policy-server/src/test/resources/rules/test-security.drl Removed: modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/plugin/ modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/policy/HierarchialPolicy.java modules/authorization/trunk/provisioning/src/test/java/org/jboss/security/authz/pap/ modules/authorization/trunk/provisioning/src/test/java/org/jboss/security/authz/provisioning/plugin/ modules/authorization/trunk/provisioning/src/test/resources/pdp-config.xml modules/authorization/trunk/provisioning/src/test/resources/rules/ Modified: modules/authorization/trunk/common/pom.xml modules/authorization/trunk/core-components/pom.xml modules/authorization/trunk/decision-point/pom.xml modules/authorization/trunk/enforcement/pom.xml modules/authorization/trunk/http-profile/pom.xml modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/provisioning/HttpPolicyConfig.java modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyDeployer.java modules/authorization/trunk/http-profile/src/test/resources/META-INF/jboss-beans.xml modules/authorization/trunk/policy-server/pom.xml modules/authorization/trunk/pom.xml modules/authorization/trunk/provisioning/pom.xml Log: refactoring Modified: modules/authorization/trunk/common/pom.xml =================================================================== --- modules/authorization/trunk/common/pom.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/common/pom.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -18,17 +18,7 @@ <dependency> <groupId>org.jboss.security</groupId> <artifactId>jboss-xacml</artifactId> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-sunxacml</artifactId> - </dependency> - -  - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> + </dependency> </dependencies> <build> Modified: modules/authorization/trunk/core-components/pom.xml =================================================================== --- modules/authorization/trunk/core-components/pom.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/core-components/pom.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -24,19 +24,7 @@ <dependency> <groupId>org.jboss.security</groupId> <artifactId>jboss-xacml</artifactId> - </dependency> - -  - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> - - <dependency> - <groupId>org.jboss.microcontainer</groupId> - <artifactId>jboss-kernel</artifactId> - <scope>test</scope> - </dependency> + </dependency> </dependencies> <build> Modified: modules/authorization/trunk/decision-point/pom.xml =================================================================== --- modules/authorization/trunk/decision-point/pom.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/decision-point/pom.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -23,37 +23,7 @@ <groupId>org.jboss.security.authz</groupId> <artifactId>jboss-authz-enforcement</artifactId> <version>${project.version}</version> - </dependency> - -  - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-xacml</artifactId> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-sunxacml</artifactId> - </dependency> - -  - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-impl</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-xjc</artifactId> - </dependency> - -  - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> + </dependency> </dependencies> <build> Modified: modules/authorization/trunk/enforcement/pom.xml =================================================================== --- modules/authorization/trunk/enforcement/pom.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/enforcement/pom.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -20,35 +20,13 @@ <version>${project.version}</version> </dependency> +   <dependency> <groupId>org.jboss.security</groupId> - <artifactId>jboss-xacml</artifactId> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-sunxacml</artifactId> - </dependency> - -  - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-impl</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-xjc</artifactId> - </dependency> - -  - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> + <artifactId>jboss-xacml</artifactId> + <scope>test</scope> + </dependency> </dependencies> <build> @@ -58,10 +36,7 @@ <artifactId>maven-surefire-plugin</artifactId> <version>2.3.1</version> <configuration> - <includes> -  + <includes> </includes> </configuration> </plugin> Modified: modules/authorization/trunk/http-profile/pom.xml =================================================================== --- modules/authorization/trunk/http-profile/pom.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/http-profile/pom.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -29,31 +29,25 @@ <artifactId>jboss-authz-provisioning</artifactId> <version>${project.version}</version> </dependency> - -  + <dependency> + <groupId>org.jboss.security.authz</groupId> + <artifactId>jboss-authz-policy-server</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-xacml</artifactId> - </dependency> - -  - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> - - <dependency> <groupId>org.jboss.microcontainer</groupId> <artifactId>jboss-kernel</artifactId> <scope>test</scope> </dependency> +  +  <dependency> - <groupId>org.jboss.security.authz</groupId> - <artifactId>jboss-authz-policy-server</artifactId> - <version>${project.version}</version> - <scope>test</scope> - </dependency> + <groupId>org.jboss.security</groupId> + <artifactId>jboss-xacml</artifactId> + <scope>test</scope> + </dependency> </dependencies> <build> Modified: modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/provisioning/HttpPolicyConfig.java =================================================================== --- modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/provisioning/HttpPolicyConfig.java 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/http-profile/src/main/java/org/jboss/security/authz/http/provisioning/HttpPolicyConfig.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -43,7 +43,7 @@ import org.jboss.security.authz.model.Policy; import org.jboss.security.authz.model.Rule; import org.jboss.security.authz.model.Target; -import org.jboss.security.authz.provisioning.policy.HierarchialPolicy; +import org.jboss.security.authz.policy.server.plugin.HierarchialPolicy; import org.jboss.security.authz.provisioning.spi.PolicyConfig; /** Modified: modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyDeployer.java =================================================================== --- modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyDeployer.java 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/http-profile/src/test/java/org/jboss/security/authz/http/provisioning/TestHttpPolicyDeployer.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -46,11 +46,12 @@ public void testPolicyDeploy() throws Exception { - PolicyDeployer httpPolicyDeployer = (PolicyDeployer)Server.lookup("http://PolicyDeployer"); + PolicyDeployer policyDeployer = (PolicyDeployer)Server.lookup("/http-profile/PolicyDeployer"); - httpPolicyDeployer.deploy(Thread.currentThread().getContextClassLoader().getResource("http-policy.xml")); + policyDeployer.deploy(Thread.currentThread().getContextClassLoader().getResource("http-policy.xml")); - Policy[] policies = httpPolicyDeployer.getStore().readAllPolicies(); + Policy[] policies = policyDeployer.getStore().readAllPolicies(); + this.assertTrue("Should not be empty", policies != null && policies.length>0); for(int i=0; i<policies.length; i++) { log.info("-------------------------------------------------------------"); Modified: modules/authorization/trunk/http-profile/src/test/resources/META-INF/jboss-beans.xml =================================================================== --- modules/authorization/trunk/http-profile/src/test/resources/META-INF/jboss-beans.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/http-profile/src/test/resources/META-INF/jboss-beans.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -2,13 +2,12 @@ <deployment xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:jboss:bean-deployer:2.0 bean-deployer_2_0.xsd" - xmlns="urn:jboss:bean-deployer:2.0"> - - <bean name="http://PolicyDeployer" class="org.jboss.security.authz.provisioning.policy.PolicyDeployer"> - <property name="configuration"><inject bean="http://PolicyConfig"/></property> - <property name="store"><inject bean="http://PolicyStore"/></property> - </bean> + xmlns="urn:jboss:bean-deployer:2.0"> + <bean name="/http-profile/PolicyConfig" class="org.jboss.security.authz.http.provisioning.HttpPolicyConfig"/> + <bean name="/http-profile/PolicyStore" class="org.jboss.security.authz.http.provisioning.HttpPolicyStore"/> - <bean name="http://PolicyConfig" class="org.jboss.security.authz.http.provisioning.HttpPolicyConfig"/> - <bean name="http://PolicyStore" class="org.jboss.security.authz.http.provisioning.HttpPolicyStore"/> + <bean name="/http-profile/PolicyDeployer" class="org.jboss.security.authz.provisioning.policy.PolicyDeployer"> + <property name="configuration"><inject bean="/http-profile/PolicyConfig"/></property> + <property name="store"><inject bean="/http-profile/PolicyStore"/></property> + </bean> </deployment> \ No newline at end of file Modified: modules/authorization/trunk/policy-server/pom.xml =================================================================== --- modules/authorization/trunk/policy-server/pom.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/policy-server/pom.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -18,53 +18,29 @@ <groupId>org.jboss.security.authz</groupId> <artifactId>jboss-authz-common</artifactId> <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.security.authz</groupId> - <artifactId>jboss-authz-provisioning</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.jboss.security.authz</groupId> - <artifactId>jboss-authz-decision-point</artifactId> - <version>${project.version}</version> - </dependency> + </dependency>  <dependency> <groupId>org.jboss.security</groupId> <artifactId>jboss-xacml</artifactId> </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-sunxacml</artifactId> - </dependency> - -  - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-impl</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-xjc</artifactId> - </dependency> - +  <dependency> <groupId>org.jboss.microcontainer</groupId> <artifactId>jboss-kernel</artifactId> </dependency> -  +  <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> + <groupId>org.drools</groupId> + <artifactId>drools-core</artifactId> + </dependency> + <dependency> + <groupId>org.drools</groupId> + <artifactId>drools-compiler</artifactId> + </dependency> </dependencies> <build> Copied: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java (from rev 12740, modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/plugin/DroolsFunction.java) =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java (rev 0) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,113 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.policy.server.plugin; + +import java.util.List; +import java.util.ArrayList; + +import org.drools.RuleBase; +import org.drools.WorkingMemory; + +import org.jboss.security.xacml.sunxacml.EvaluationCtx; +import org.jboss.security.xacml.sunxacml.cond.EvaluationResult; +import org.jboss.security.xacml.sunxacml.cond.FunctionBase; +import org.jboss.security.xacml.sunxacml.ctx.Status; +import org.jboss.security.xacml.sunxacml.attr.BooleanAttribute; + +/** + * A custom XACML Function which is used to evaluate an XACML Condition based on the Evaluation Results of a specified Business Rule based on the + * Drools/JBoss Rules product + * + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public class DroolsFunction extends FunctionBase +{ + public static final String NAME = FUNCTION_NS + "drools:rule"; + + /** + * + * @param functionName + * @param functionId + * @param paramType + * @param paramIsBag + * @param numParams + * @param minParams + * @param returnType + * @param returnsBag + */ + public DroolsFunction() + { + super(NAME, + 0, //FunctionId + BooleanAttribute.identifier, //returnType + false //returns a Bag of values + ); + } + + + @Override + public void checkInputs(List inputs) throws IllegalArgumentException + { + if(inputs != null && inputs.size() != 1) + { + throw new IllegalArgumentException(NAME+ " function expects on a single parameter which is a reference to a Drools Rule"); + } + } + + + + @Override + public void checkInputsNoBag(List inputs) throws IllegalArgumentException + { + if(inputs != null && inputs.size() != 1) + { + throw new IllegalArgumentException(NAME+ " function expects on a single parameter which is a reference to a Drools Rule"); + } + } + + + /** + * + */ + public EvaluationResult evaluate(List inputs, EvaluationCtx context) + { + EvaluationResult result = null; + try + { + + /** + * TODO: start a Drools context and evaluate the specified Rule against the data presented in the EvaluationContext + */ + result = EvaluationResult.getTrueInstance(); + } + catch(Exception e) + { + List code = new ArrayList(); + code.add(Status.STATUS_PROCESSING_ERROR); + Status status = new Status(code, e.toString()+": "+e.getMessage()); + result = new EvaluationResult(status); + } + return result; + } +} Property changes on: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsFunction.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java (from rev 12740, modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/plugin/DroolsRuleManager.java) =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java (rev 0) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,203 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.policy.server.plugin; + +import java.io.InputStreamReader; +import java.io.Reader; +import java.io.ByteArrayInputStream; +import java.util.Map; +import java.util.HashMap; + +import org.drools.RuleBase; +import org.drools.RuleBaseFactory; +import org.drools.compiler.PackageBuilder; + +import org.jboss.security.authz.model.DroolsRuleExpression; + +/** + * This service provides management for Drools based authorization Rules/Logic used by the Drools Function extension of the XACML Engine + * + * TODO: Add Database Persistence to the State of this Manager + * + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public final class DroolsRuleManager +{ + private static String rulePkg = + "package security\n"+ + "import org.jboss.security.authz.model.*;\n"+ + "import org.jboss.security.xacml.interfaces.XACMLConstants;\n"; + + private RuleBase activeRuleBase = null; + private Map<String, String> drls = null; + + public DroolsRuleManager() + { + } + + public void start() + { + try + { + this.drls = new HashMap<String, String>(); + this.reloadActiveRuleBase(); + } + catch(Exception e) + { + throw new RuntimeException(e); + } + } + + public void stop() + { + this.activeRuleBase = null; + this.drls = null; + } + //--------------------------------------------------------------------------------------------------------------------------------------------------------- + RuleBase getActiveRuleBase() + { + return this.activeRuleBase; + } + + void addRule(DroolsRuleExpression rule) + { + try + { + if(rule.getRuleReference() == null || rule.getRuleReference().trim().length() == 0) + { + throw new IllegalArgumentException("Rule Reference is missing"); + } + if(rule.getWhen() == null || rule.getWhen().trim().length() == 0) + { + throw new IllegalArgumentException("LHS value is missing"); + } + + + this.drls.put(rule.getRuleReference(), rule.getWhen()); + this.reloadActiveRuleBase(); + } + catch(Exception e) + { + throw new RuntimeException(e); + } + } + + DroolsRuleExpression readRule(String ruleReference) + { + try + { + if(ruleReference == null || ruleReference.trim().length() == 0) + { + throw new IllegalArgumentException("Rule Reference is missing"); + } + + DroolsRuleExpression rule = null; + + String when = this.drls.get(ruleReference); + + rule = new DroolsRuleExpression(); + rule.setRuleReference(ruleReference); + rule.setWhen(when); + + return rule; + } + catch(Exception e) + { + throw new RuntimeException(e); + } + } + + void updateRule(DroolsRuleExpression rule) + { + try + { + if(rule.getRuleReference() == null || rule.getRuleReference().trim().length() == 0) + { + throw new IllegalArgumentException("Rule Reference is missing"); + } + if(rule.getWhen() == null || rule.getWhen().trim().length() == 0) + { + throw new IllegalArgumentException("LHS value is missing"); + } + + this.drls.put(rule.getRuleReference(), rule.getWhen()); + this.reloadActiveRuleBase(); + } + catch(Exception e) + { + throw new RuntimeException(e); + } + } + + void removeRule(String ruleReference) + { + try + { + if(ruleReference == null || ruleReference.trim().length() == 0) + { + throw new IllegalArgumentException("Rule Reference is missing"); + } + + this.drls.remove(ruleReference); + this.reloadActiveRuleBase(); + } + catch(Exception e) + { + throw new RuntimeException(e); + } + } + //----------------------------------------------------------------------------------------------------------------------------------------------------------- + private synchronized void reloadActiveRuleBase() throws Exception + { + StringBuilder buffer = new StringBuilder(); + + buffer.append(DroolsRuleManager.rulePkg+"\n"); + + for(String drl: this.drls.values()) + { + buffer.append(drl+"\n"); + } + + Reader source = new InputStreamReader(new ByteArrayInputStream(buffer.toString().getBytes())); + try + { + PackageBuilder packageBuilder = new PackageBuilder(); + packageBuilder.addPackageFromDrl(source); + + if(this.activeRuleBase == null) + { + this.activeRuleBase = RuleBaseFactory.newRuleBase(); + } + + //Perform the reloading of the RuleBase with the updated Rules + this.activeRuleBase.lock(); + this.activeRuleBase.addPackage(packageBuilder.getPackage()); + this.activeRuleBase.unlock(); + } + finally + { + source.close(); + } + } +} Property changes on: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/DroolsRuleManager.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java (from rev 12740, modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/plugin/EnterprisePolicyFinder.java) =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java (rev 0) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,43 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.policy.server.plugin; + +import org.jboss.security.xacml.sunxacml.finder.PolicyFinderModule; + +/** + * A production ready Enterprise Policy Finder that would be used by the Policy Server/PDP component. + * + * It is designed for being production ready from a performance/scalability/clustering standpoint + * + * This particular version will provide performance enhancement by the use of a clustered cache based on JBoss Cache + * The actual storage of the policies will be done within a relational database + * + * This also allows for runtime modification of Security Policies without requiring any restart/refresh of the Applications + * + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public abstract class EnterprisePolicyFinder extends PolicyFinderModule +{ + +} \ No newline at end of file Property changes on: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/EnterprisePolicyFinder.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/HierarchialPolicy.java (from rev 12740, modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/policy/HierarchialPolicy.java) =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/HierarchialPolicy.java (rev 0) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/HierarchialPolicy.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,283 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.policy.server.plugin; + +import java.util.List; +import java.util.Set; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.UUID; + +import javax.xml.bind.JAXBElement; + +import org.jboss.security.authz.xacml.AttributeDesignatorUtil; +import org.jboss.security.authz.xacml.PolicyUtil; +import org.jboss.security.authz.model.AttributeExpression; +import org.jboss.security.authz.model.DroolsRuleExpression; +import org.jboss.security.authz.model.Effect; +import org.jboss.security.authz.model.Expression; +import org.jboss.security.authz.model.Policy; +import org.jboss.security.authz.model.PolicyException; +import org.jboss.security.authz.model.Rule; +import org.jboss.security.authz.model.Target; + +import org.jboss.security.xacml.core.model.policy.ActionMatchType; +import org.jboss.security.xacml.core.model.policy.SubjectMatchType; +import org.jboss.security.xacml.core.model.policy.ApplyType; +import org.jboss.security.xacml.core.model.policy.VariableReferenceType; +import org.jboss.security.xacml.core.model.policy.EffectType; +import org.jboss.security.xacml.core.model.policy.PolicyType; +import org.jboss.security.xacml.core.model.policy.ResourceMatchType; +import org.jboss.security.xacml.core.model.policy.ResourcesType; +import org.jboss.security.xacml.core.model.policy.ResourceType; +import org.jboss.security.xacml.core.model.policy.ActionsType; +import org.jboss.security.xacml.core.model.policy.ActionType; +import org.jboss.security.xacml.core.model.policy.SubjectsType; +import org.jboss.security.xacml.core.model.policy.SubjectType; +import org.jboss.security.xacml.core.model.policy.RuleType; +import org.jboss.security.xacml.core.model.policy.TargetType; +import org.jboss.security.xacml.core.model.policy.ConditionType; +import org.jboss.security.xacml.core.model.policy.ObjectFactory; +import org.jboss.security.xacml.core.model.policy.AttributeValueType; +import org.jboss.security.xacml.core.model.policy.SubjectAttributeDesignatorType; +import org.jboss.security.xacml.factories.PolicyAttributeFactory; + +/** + * Used for specifying policies for Resources represented by unique URIs, sometimes forming a tree like relationship with other Resources in the system + * + * An example of such resources would be tree of resources/nodes in a Content Management System + * + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public class HierarchialPolicy extends Policy +{ + /** + * + * @param policyUri + */ + public HierarchialPolicy(String policyUri) + { + super(policyUri); + } + + public HierarchialPolicy(String policyUri, Target target, Set<Rule> rules) throws PolicyException + { + super(policyUri, target, rules); + } + + + @Override + public String generateXACMLPolicy() throws PolicyException + { + ByteArrayOutputStream bos = null; + try + { + String xacmlXml = null; + + //SetUp the Policy Header + ObjectFactory objectFactory = new ObjectFactory(); + PolicyType policyType = new PolicyType(); + policyType.setPolicyId(this.policyUri); + policyType.setVersion("2.0"); + policyType.setRuleCombiningAlgId(new NoPermitMeansDeniedAlg().getIdentifier().toString()); + + TargetType targetType = new TargetType(); + policyType.setTarget(targetType); + + //Process Resource Matches as Targets for the Policy + List<AttributeExpression> resourceMatches = this.target.getResourceMatches(); + if(resourceMatches != null && !resourceMatches.isEmpty()) + { + ResourcesType resourcesType = new ResourcesType(); + targetType.setResources(resourcesType); + ResourceType resourceType = new ResourceType(); + + for(AttributeExpression resourceMatch: resourceMatches) + { + ResourceMatchType rmt = new ResourceMatchType(); + + rmt.setMatchId(resourceMatch.getFunctionId()); + rmt.setResourceAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(resourceMatch.getAttribute())); + rmt.setAttributeValue(PolicyAttributeFactory + .createStringAttributeType(resourceMatch.getAttribute().getValue())); + + resourceType.getResourceMatch().add(rmt); + } + + resourcesType.getResource().add(resourceType); + } + + //Process the Policy Rules + if(this.rules != null && !this.rules.isEmpty()) + { + for(Rule rule: this.rules) + { + RuleType ruleType = new RuleType(); + ruleType.setRuleId(rule.getRuleId()); + if(rule.getEffect() == Effect.PERMIT) + { + ruleType.setEffect(EffectType.PERMIT); + } + else + { + ruleType.setEffect(EffectType.DENY); + } + + //Process the Rule Target + if(rule.getTarget() != null) + { + List<AttributeExpression> actionMatches = rule.getTarget().getActionMatches(); + List<AttributeExpression> subjectMatches = rule.getTarget().getSubjectMatches(); + TargetType ruleTarget = new TargetType(); + + if(actionMatches != null && !actionMatches.isEmpty()) + { + ruleTarget.setActions(this.generateRuleActions(actionMatches)); + } + + if(subjectMatches != null && !subjectMatches.isEmpty()) + { + ruleTarget.setSubjects(this.generateRuleSubjects(subjectMatches)); + } + + ruleType.setTarget(ruleTarget); + } + + //Process the Rule Expression/Condition + ConditionType condition = this.generateCondition(objectFactory, rule.getExpression()); + ruleType.setCondition(condition); + + policyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(ruleType); + } + } + + bos = new ByteArrayOutputStream(); + PolicyUtil.marshall(bos, policyType); + xacmlXml = new String(bos.toByteArray()); + + return xacmlXml; + } + catch(Exception e) + { + throw new PolicyException(e); + } + finally + { + if(bos != null) + { + try{bos.close();}catch(IOException ioe){} + } + } + } + + private ActionsType generateRuleActions(List<AttributeExpression> actionMatches) + { + ActionsType actions = new ActionsType(); + + for(AttributeExpression action: actionMatches) + { + ActionType actionType = new ActionType(); + ActionMatchType amct = new ActionMatchType(); + amct.setMatchId(action.getFunctionId()); + amct.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(action.getAttribute().getValue())); + amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute())); + actionType.getActionMatch().add(amct); + actions.getAction().add(actionType); + } + + return actions; + } + + private SubjectsType generateRuleSubjects(List<AttributeExpression> subjectMatches) + { + SubjectsType subjects = new SubjectsType(); + + for(AttributeExpression subject: subjectMatches) + { + SubjectType subjectType = new SubjectType(); + SubjectMatchType match = new SubjectMatchType(); + match.setMatchId(subject.getFunctionId()); + match.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(subject.getAttribute().getValue())); + match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute())); + subjectType.getSubjectMatch().add(match); + subjects.getSubject().add(subjectType); + } + + return subjects; + } + + /** + * + * @param expression + * @return + */ + private ConditionType generateCondition(ObjectFactory objectFactory, Expression expression) + { + ConditionType condition = new ConditionType(); + + if(expression instanceof AttributeExpression) + { + AttributeExpression attributeExpression = (AttributeExpression)expression; + + //Function to be applied + ApplyType apply = new ApplyType(); + apply.setFunctionId(attributeExpression.getFunctionId()); + + //Value to check against + AttributeValueType attrValue = PolicyAttributeFactory.createStringAttributeType(attributeExpression.getAttribute().getValue()); + JAXBElement<AttributeValueType> jaxbAttrValue = objectFactory.createAttributeValue(attrValue); + apply.getExpression().add(jaxbAttrValue); + + //Place within the Context where this Value should exist during an Authorization Request + apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute())); + + + condition.setExpression(objectFactory.createApply(apply)); + } + else if(expression instanceof DroolsRuleExpression) + { + DroolsRuleExpression ruleExpression = (DroolsRuleExpression)expression; + + //Function to be applied + ApplyType apply = new ApplyType(); + apply.setFunctionId(ruleExpression.getFunctionId()); + + + VariableReferenceType ruleReference = new VariableReferenceType(); + ruleReference.setVariableId(ruleExpression.getRuleReference()); + JAXBElement<VariableReferenceType> jaxbRuleReference = objectFactory.createVariableReference(ruleReference); + apply.getExpression().add(jaxbRuleReference); + + + condition.setExpression(objectFactory.createApply(apply)); + } + + return condition; + } + + private String generateUniqueId() + { + return UUID.randomUUID().toString(); + } +} Property changes on: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/HierarchialPolicy.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/NoPermitMeansDeniedAlg.java (from rev 12740, modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/plugin/NoPermitMeansDeniedAlg.java) =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/NoPermitMeansDeniedAlg.java (rev 0) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/NoPermitMeansDeniedAlg.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,83 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.policy.server.plugin; + +import java.util.List; +import java.util.Iterator; +import java.net.URI; +import java.net.URISyntaxException; + +import org.jboss.security.xacml.sunxacml.combine.RuleCombiningAlgorithm; +import org.jboss.security.xacml.sunxacml.EvaluationCtx; +import org.jboss.security.xacml.sunxacml.ctx.Result; +import org.jboss.security.xacml.sunxacml.Rule; +import org.jboss.security.xacml.sunxacml.combine.RuleCombinerElement; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public class NoPermitMeansDeniedAlg extends RuleCombiningAlgorithm +{ + /** + * + * @throws URISyntaxException + */ + public NoPermitMeansDeniedAlg() throws URISyntaxException + { + super(new URI("rule-combining-alg:nopermit-means-denied")); + } + + /** + * + * @param context + * @param rules + * @return + */ + public Result combine(EvaluationCtx context, List parameters, List ruleElements) + { + Result result = new Result(Result.DECISION_PERMIT); + + Iterator rules = ruleElements.iterator(); + boolean permitFound = false; + while(rules.hasNext()) + { + RuleCombinerElement ruleCombinerElement = (RuleCombinerElement)rules.next(); + Rule rule = ruleCombinerElement.getRule(); + Result currentResult = rule.evaluate(context); + + if(currentResult.getDecision() == Result.DECISION_PERMIT) + { + permitFound = true; + break; + } + } + + if(!permitFound) + { + result = new Result(Result.DECISION_DENY); + } + + return result; + } +} Property changes on: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/NoPermitMeansDeniedAlg.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/RuleCombiningAlgImplies.java (from rev 12740, modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/plugin/RuleCombiningAlgImplies.java) =================================================================== --- modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/RuleCombiningAlgImplies.java (rev 0) +++ modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/RuleCombiningAlgImplies.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,69 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.policy.server.plugin; + +import java.util.List; +import java.util.Iterator; +import java.net.URI; +import java.net.URISyntaxException; + +import org.jboss.security.xacml.sunxacml.combine.RuleCombiningAlgorithm; +import org.jboss.security.xacml.sunxacml.EvaluationCtx; +import org.jboss.security.xacml.sunxacml.ctx.Result; +import org.jboss.security.xacml.sunxacml.Rule; +import org.jboss.security.xacml.sunxacml.combine.RuleCombinerElement; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public class RuleCombiningAlgImplies extends RuleCombiningAlgorithm +{ + /** + * + * @throws URISyntaxException + */ + public RuleCombiningAlgImplies() throws URISyntaxException + { + super(new URI("rule-combining-alg:cms-implies")); + } + + /** + * + * @param context + * @param rules + * @return + */ + public Result combine(EvaluationCtx context, List parameters, List ruleElements) + { + Iterator rules = ruleElements.iterator(); + while(rules.hasNext()) + { + RuleCombinerElement ruleCombinerElement = (RuleCombinerElement)rules.next(); + Rule rule = ruleCombinerElement.getRule(); + } + + // if nothing returned Permit, then the alg returns Deny + return new Result(Result.DECISION_DENY); + } +} Property changes on: modules/authorization/trunk/policy-server/src/main/java/org/jboss/security/authz/policy/server/plugin/RuleCombiningAlgImplies.java ___________________________________________________________________ Name: svn:mergeinfo + Added: modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml =================================================================== --- modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml (rev 0) +++ modules/authorization/trunk/policy-server/src/main/resources/META-INF/jboss-beans.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<deployment xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:jboss:bean-deployer:2.0 bean-deployer_2_0.xsd" + xmlns="urn:jboss:bean-deployer:2.0"> +</deployment> \ No newline at end of file Copied: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsFunction.java (from rev 12740, modules/authorization/trunk/provisioning/src/test/java/org/jboss/security/authz/provisioning/plugin/TestDroolsFunction.java) =================================================================== --- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsFunction.java (rev 0) +++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsFunction.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,219 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.policy.server.plugin; + +import java.io.File; +import java.io.FileOutputStream; +import java.util.Set; +import java.util.HashSet; + +import junit.framework.TestCase; + +import org.apache.log4j.Logger; + +import org.jboss.security.xacml.core.model.context.ActionType; +import org.jboss.security.xacml.core.model.context.AttributeType; +import org.jboss.security.xacml.core.model.context.AttributeValueType; +import org.jboss.security.xacml.core.model.context.ObjectFactory; +import org.jboss.security.xacml.core.model.context.RequestType; +import org.jboss.security.xacml.core.model.context.ResourceType; +import org.jboss.security.xacml.core.model.context.SubjectType; +import org.jboss.security.xacml.factories.RequestResponseContextFactory; +import org.jboss.security.xacml.interfaces.RequestContext; +import org.jboss.security.xacml.interfaces.ResponseContext; +import org.jboss.security.xacml.interfaces.XACMLConstants; +import org.jboss.security.xacml.interfaces.XMLSchemaConstants; +import org.jboss.security.xacml.sunxacml.PDP; +import org.jboss.security.xacml.sunxacml.ConfigurationStore; +import org.jboss.security.xacml.sunxacml.ctx.RequestCtx; +import org.jboss.security.xacml.sunxacml.ctx.ResponseCtx; + +import org.jboss.security.authz.model.*; +import org.jboss.security.authz.policy.server.plugin.DroolsFunction; + + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public class TestDroolsFunction extends TestCase +{ + private static Logger log = Logger.getLogger(TestDroolsFunction.class); + + private ConfigurationStore store = null; + + protected void setUp() throws Exception + { + this.store = new ConfigurationStore(new File("target/test-classes/pdp-config.xml")); + this.store.useDefaultFactories(); + + //Populate the HierarchialPolicy + Policy policy = this.getSimplePolicy(); + + String xacmlPolicy = policy.generateXACMLPolicy(); + + log.info("--------------------------------------------------------------------"); + log.info(xacmlPolicy); + log.info("--------------------------------------------------------------------"); + + //Store this policy on the File System to use the File based Policy Module of the PDP + FileOutputStream fos = null; + try + { + fos = new FileOutputStream(new File("simple-policy.xml")); + fos.write(xacmlPolicy.getBytes()); + fos.flush(); + } + finally + { + if(fos != null) + { + fos.close(); + } + } + } + + protected void tearDown() throws Exception + { + File file = new File("simple-policy.xml"); + file.delete(); + } + + + public void testSimplePolicy() throws Exception + { + //SetUp the PDP + PDP pdp = new PDP(this.store.getDefaultPDPConfig()); + + //SetUp the Authorization Request + RequestContext requestContext = this.createPermitRequestContext(); + log.info("-----------------------------------"); + requestContext.marshall(System.out); + + //Process the Authorization Request + ResponseCtx response = pdp.evaluate((RequestCtx)requestContext.get(XACMLConstants.REQUEST_CTX)); + assertNotNull(response); + log.info("-----------------------------------"); + response.encode(System.out); + + //Process the Authorization Response + ResponseContext responseContext = RequestResponseContextFactory.createResponseContext(); + responseContext.set(XACMLConstants.RESPONSE_CTX, response); + assertNotNull(responseContext); + assertEquals(responseContext.getDecision(), XACMLConstants.DECISION_PERMIT); + log.info("-----------------------------------"); + log.info("Decision="+responseContext.getDecision()); + } + //------------------------------------------------------------------------------------------------------------------------------------------------------------- + private RequestContext createPermitRequestContext() throws Exception + { + //Create ObjectFactory + ObjectFactory objectFactory = new ObjectFactory(); + + //Create Subjects + SubjectType subject = objectFactory.createSubjectType(); + AttributeType subjectAttribute = objectFactory.createAttributeType(); + subjectAttribute.setAttributeId(XACMLConstants.ATTRIBUTEID_ROLE); + subjectAttribute.setDataType(XMLSchemaConstants.DATATYPE_STRING); + AttributeValueType subjectId = objectFactory.createAttributeValueType(); + subjectId.getContent().add("developer"); + subjectAttribute.getAttributeValue().add(subjectId); + subject.getAttribute().add(subjectAttribute); + + //Create Resource + ResourceType resource = objectFactory.createResourceType(); + AttributeType resourceAttribute = objectFactory.createAttributeType(); + resourceAttribute.setAttributeId(XACMLConstants.ATTRIBUTEID_RESOURCE_ID); + resourceAttribute.setDataType(XMLSchemaConstants.DATATYPE_STRING); + AttributeValueType resourceId = objectFactory.createAttributeValueType(); + resourceId.getContent().add("http://www.redhat.com/protected/index.html"); + resourceAttribute.getAttributeValue().add(resourceId); + resource.getAttribute().add(resourceAttribute); + + //Create Action + ActionType action = objectFactory.createActionType(); + AttributeType actionAttribute = objectFactory.createAttributeType(); + actionAttribute.setAttributeId(XACMLConstants.ATTRIBUTEID_ACTION_ID); + actionAttribute.setDataType(XMLSchemaConstants.DATATYPE_STRING); + AttributeValueType actionId = objectFactory.createAttributeValueType(); + actionId.getContent().add("WRITE"); + actionAttribute.getAttributeValue().add(actionId); + action.getAttribute().add(actionAttribute); + + //Create RequestContext + RequestContext requestContext = RequestResponseContextFactory.createRequestCtx(); + + //Create a RequestType + RequestType requestType = objectFactory.createRequestType(); + requestType.getSubject().add(subject); + requestType.setAction(action); + requestType.getResource().add(resource); + + //Spit out RequestContext + requestContext.setRequest(requestType); + + return requestContext; + } + + private Policy getSimplePolicy() throws Exception + { + //SetUp the Policy Target + Target target = new Target(); + AttributeExpression resourceMatch = new AttributeExpression(); + resourceMatch.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL); + Attribute attribute = new Attribute(XACMLConstants.ATTRIBUTEID_RESOURCE_ID, + XMLSchemaConstants.DATATYPE_STRING, "http://www.redhat.com/protected/index.html"); + resourceMatch.setAttribute(attribute); + target.addResourceMatch(resourceMatch); + + //SetUp the Policy Rules + Set<Rule> rules = new HashSet<Rule>(); + Rule writeRule = new Rule(); + + writeRule.setRuleId("write"); + writeRule.setEffect(Effect.PERMIT); + + Target ruleTarget = new Target(); + + AttributeExpression actionMatch = new AttributeExpression(); + actionMatch.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL); + Attribute actionAttribute = new Attribute(XACMLConstants.ATTRIBUTEID_ACTION_ID, + XMLSchemaConstants.DATATYPE_STRING, "WRITE"); + actionMatch.setAttribute(actionAttribute); + ruleTarget.addActionMatch(actionMatch); + + writeRule.setTarget(ruleTarget); + + DroolsRuleExpression ruleExpression = new DroolsRuleExpression(); + ruleExpression.setFunctionId(DroolsFunction.NAME); + ruleExpression.setRuleReference("WriteRuleReference"); + writeRule.setExpression(ruleExpression); + + rules.add(writeRule); + + //Populate the HierarchialPolicy + HierarchialPolicy policy = new HierarchialPolicy("simpleHierarchialPolicy", target, rules); + + return policy; + } +} Property changes on: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsFunction.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRuleManager.java (from rev 12740, modules/authorization/trunk/provisioning/src/test/java/org/jboss/security/authz/provisioning/plugin/TestDroolsRuleManager.java) =================================================================== --- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRuleManager.java (rev 0) +++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRuleManager.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,135 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.policy.server.plugin; + + +import junit.framework.TestCase; + +import org.drools.WorkingMemory; +import org.drools.StatefulSession; + +import org.jboss.security.xacml.interfaces.XACMLConstants; +import org.jboss.security.xacml.interfaces.XMLSchemaConstants; +import org.jboss.security.authz.model.*; +import org.jboss.security.authz.policy.server.plugin.DroolsRuleManager; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public class TestDroolsRuleManager extends TestCase +{ + private static final String rule1 = + "rule \"Rule1\"\n"+ + "when\n"+ + "$subject: Subject()\n"+ + "String(toString == \"Rule1\")\n"+ + "Subject(category == XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT)\n"+ + "Attribute(uri == XACMLConstants.ATTRIBUTEID_ROLE && value == \"developer\") from $subject.attributes\n"+ + "then\n"+ + "System.out.println(\"Rule1 successfully fired\");\n"+ + "end\n"; + + private static final String rule2 = + "rule \"Rule2\"\n"+ + "when\n"+ + "$subject: Subject()\n"+ + "String(toString == \"Rule2\")\n"+ + "Subject(category == XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT)\n"+ + "Attribute(uri == XACMLConstants.ATTRIBUTEID_ROLE && value == \"developer\") from $subject.attributes\n"+ + "then\n"+ + "System.out.println(\"Rule2 successfully fired\");\n"+ + "end\n"; + + + private DroolsRuleManager ruleManager = null; + + + @Override + protected void setUp() throws Exception + { + this.ruleManager = new DroolsRuleManager(); + this.ruleManager.start(); + } + + @Override + protected void tearDown() throws Exception + { + this.ruleManager = null; + } + //------------------------------------------------------------------------------------------------------------------------------------------------------------ + public void testAddRule() throws Exception + { + DroolsRuleExpression expression = new DroolsRuleExpression(); + expression.setRuleReference("Rule2"); + expression.setWhen(TestDroolsRuleManager.rule2); + this.ruleManager.addRule(expression); + + WorkingMemory workingMemory = ruleManager.getActiveRuleBase().newStatefulSession(); + workingMemory.insert("Rule2"); + workingMemory.insert(this.getSubject()); + + //Fire + System.out.println("Firing Rule2........"); + workingMemory.fireAllRules(); + ((StatefulSession)workingMemory).dispose(); + + expression.setRuleReference("Rule1"); + expression.setWhen(TestDroolsRuleManager.rule1); + this.ruleManager.addRule(expression); + + workingMemory = ruleManager.getActiveRuleBase().newStatefulSession(); + workingMemory.insert("Rule1"); + workingMemory.insert(this.getSubject()); + + //Fire + System.out.println("Firing Rule1........"); + workingMemory.fireAllRules(); + ((StatefulSession)workingMemory).dispose(); + + workingMemory = ruleManager.getActiveRuleBase().newStatefulSession(); + workingMemory.insert("Rule2"); + workingMemory.insert(this.getSubject()); + + //Fire + System.out.println("Firing Rule2........"); + workingMemory.fireAllRules(); + ((StatefulSession)workingMemory).dispose(); + } + //----------------------------------------------------------------------------------------------------------------------------------------------------------- + private Subject getSubject() + { + Subject subject = new Subject(); + + subject.setCategory(XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT); + + //Create a Role Attribute + Attribute attribute = new Attribute(); + attribute.setUri(XACMLConstants.ATTRIBUTEID_ROLE); + attribute.setDatatType(XMLSchemaConstants.DATATYPE_STRING); + attribute.setValue("developer"); + subject.addAttribute(attribute); + + return subject; + } +} Property changes on: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRuleManager.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRules.java (from rev 12740, modules/authorization/trunk/provisioning/src/test/java/org/jboss/security/authz/provisioning/plugin/TestDroolsRules.java) =================================================================== --- modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRules.java (rev 0) +++ modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRules.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,134 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.policy.server.plugin; + + +import junit.framework.TestCase; + +import org.drools.WorkingMemory; +import org.drools.StatefulSession; + +import org.jboss.security.xacml.interfaces.XACMLConstants; +import org.jboss.security.xacml.interfaces.XMLSchemaConstants; +import org.jboss.security.authz.model.*; +import org.jboss.security.authz.policy.server.plugin.DroolsRuleManager; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public class TestDroolsRules extends TestCase +{ + private static final String rule2 = + "rule \"Rule2\"\n"+ + "when\n"+ + "$subject: Subject()\n"+ + "String(toString == \"Rule2\")\n"+ + "Subject(category == XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT)\n"+ + "Attribute(uri == XACMLConstants.ATTRIBUTEID_ROLE && value == \"developer\") from $subject.attributes\n"+ + "then\n"+ + "System.out.println(\"Rule2 successfully fired\");\n"+ + "end\n"; + + private static final String rule1 = + "rule \"Rule1\"\n"+ + "when\n"+ + "$subject: Subject()\n"+ + "String(toString == \"Rule1\")\n"+ + "Subject(category == XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT)\n"+ + "Attribute(uri == XACMLConstants.ATTRIBUTEID_ROLE && value == \"developer\") from $subject.attributes\n"+ + "then\n"+ + "System.out.println(\"Rule1 successfully fired\");\n"+ + "end\n"; + + private DroolsRuleManager ruleManager = null; + + + @Override + protected void setUp() throws Exception + { + this.ruleManager = new DroolsRuleManager(); + this.ruleManager.start(); + } + + @Override + protected void tearDown() throws Exception + { + this.ruleManager = null; + } + //------------------------------------------------------------------------------------------------------------------------------------------------------------ + public void testAddRule() throws Exception + { + DroolsRuleExpression expression = new DroolsRuleExpression(); + expression.setRuleReference("Rule2"); + expression.setWhen(TestDroolsRules.rule2); + this.ruleManager.addRule(expression); + + WorkingMemory workingMemory = ruleManager.getActiveRuleBase().newStatefulSession(); + workingMemory.insert("Rule2"); + workingMemory.insert(this.getSubject()); + + //Fire + System.out.println("Firing Rule2........"); + workingMemory.fireAllRules(); + ((StatefulSession)workingMemory).dispose(); + + expression.setRuleReference("Rule1"); + expression.setWhen(TestDroolsRules.rule1); + this.ruleManager.addRule(expression); + + workingMemory = ruleManager.getActiveRuleBase().newStatefulSession(); + workingMemory.insert("Rule1"); + workingMemory.insert(this.getSubject()); + + //Fire + System.out.println("Firing Rule1........"); + workingMemory.fireAllRules(); + ((StatefulSession)workingMemory).dispose(); + + workingMemory = ruleManager.getActiveRuleBase().newStatefulSession(); + workingMemory.insert("Rule2"); + workingMemory.insert(this.getSubject()); + + //Fire + System.out.println("Firing Rule2........"); + workingMemory.fireAllRules(); + ((StatefulSession)workingMemory).dispose(); + } + //----------------------------------------------------------------------------------------------------------------------------------------------------------- + private Subject getSubject() + { + Subject subject = new Subject(); + + subject.setCategory(XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT); + + //Create a Role Attribute + Attribute attribute = new Attribute(); + attribute.setUri(XACMLConstants.ATTRIBUTEID_ROLE); + attribute.setDatatType(XMLSchemaConstants.DATATYPE_STRING); + attribute.setValue("developer"); + subject.addAttribute(attribute); + + return subject; + } +} Property changes on: modules/authorization/trunk/policy-server/src/test/java/org/jboss/security/authz/policy/server/plugin/TestDroolsRules.java ___________________________________________________________________ Name: svn:mergeinfo + Added: modules/authorization/trunk/policy-server/src/test/resources/log4j.properties =================================================================== --- modules/authorization/trunk/policy-server/src/test/resources/log4j.properties (rev 0) +++ modules/authorization/trunk/policy-server/src/test/resources/log4j.properties 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,8 @@ +# Set root category priority to INFO and its only appender to CONSOLE. +log4j.rootCategory=INFO, CONSOLE + +# CONSOLE is set to be a ConsoleAppender using a PatternLayout. +log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender +log4j.appender.CONSOLE.Threshold=INFO +log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout +log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n Added: modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml =================================================================== --- modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml (rev 0) +++ modules/authorization/trunk/policy-server/src/test/resources/pdp-config.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8"?> +<config xmlns="http://sunxacml.sourceforge.net/schema/config-0.3" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + defaultPDP="pdp" defaultAttributeFactory="attr" + defaultCombiningAlgFactory="comb" defaultFunctionFactory="func"> + + <pdp name="pdp"> + <attributeFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.CurrentEnvModule"/> + <attributeFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.SelectorModule"/> + <policyFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.FilePolicyModule"> + <list> + <string>simple-policy.xml</string> + </list> + </policyFinderModule> + </pdp> + + <attributeFactory name="attr" useStandardDatatypes="true"/> + + <combiningAlgFactory name="comb" useStandardAlgorithms="true"> + <algorithm class="org.jboss.security.authz.policy.server.plugin.NoPermitMeansDeniedAlg"/> + </combiningAlgFactory> + + <functionFactory name="func" useStandardFunctions="true"> + <condition> + <function class="org.jboss.security.authz.policy.server.plugin.DroolsFunction"/> + </condition> + </functionFactory> +</config> Added: modules/authorization/trunk/policy-server/src/test/resources/rules/add-security.drl =================================================================== --- modules/authorization/trunk/policy-server/src/test/resources/rules/add-security.drl (rev 0) +++ modules/authorization/trunk/policy-server/src/test/resources/rules/add-security.drl 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,26 @@ +package test.security + +import java.lang.*; +import org.jboss.security.authz.model.*; +import org.jboss.security.xacml.interfaces.XACMLConstants; + + +rule "Rule1" + when + $subject: Subject() + String(toString == "Rule1") + Subject(category == XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT) + Attribute(uri == XACMLConstants.ATTRIBUTEID_ROLE && value == "developer") from $subject.attributes + then + System.out.println("Rule1 (Updated)...."); +end + +rule "Rule2" + when + $subject: Subject() + String(toString == "Rule2") + Subject(category == XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT) + Attribute(uri == XACMLConstants.ATTRIBUTEID_ROLE && value == "developer") from $subject.attributes + then + System.out.println("Rule2...."); +end \ No newline at end of file Added: modules/authorization/trunk/policy-server/src/test/resources/rules/test-security.drl =================================================================== --- modules/authorization/trunk/policy-server/src/test/resources/rules/test-security.drl (rev 0) +++ modules/authorization/trunk/policy-server/src/test/resources/rules/test-security.drl 2009-01-31 23:57:18 UTC (rev 12759) @@ -0,0 +1,16 @@ +package test.security + +import java.lang.*; +import org.jboss.security.authz.model.*; +import org.jboss.security.xacml.interfaces.XACMLConstants; + + +rule "Rule1" + when + $subject: Subject() + String(toString == "Rule1") + Subject(category == XACMLConstants.ATTRIBUTEID_ACCESS_SUBJECT) + Attribute(uri == XACMLConstants.ATTRIBUTEID_ROLE && value == "developer") from $subject.attributes + then + System.out.println("Rule1...."); +end \ No newline at end of file Modified: modules/authorization/trunk/pom.xml =================================================================== --- modules/authorization/trunk/pom.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/pom.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -227,6 +227,13 @@ <artifactId>activation</artifactId> <scope>test</scope> </dependency> + +  + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> </dependencies> <build> Modified: modules/authorization/trunk/provisioning/pom.xml =================================================================== --- modules/authorization/trunk/provisioning/pom.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/provisioning/pom.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -18,53 +18,7 @@ <groupId>org.jboss.security.authz</groupId> <artifactId>jboss-authz-common</artifactId> <version>${project.version}</version> - </dependency> - -  - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-xacml</artifactId> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-sunxacml</artifactId> - </dependency> - -  - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-api</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-impl</artifactId> - </dependency> - <dependency> - <groupId>sun-jaxb</groupId> - <artifactId>jaxb-xjc</artifactId> - </dependency> - -  - <dependency> - <groupId>org.drools</groupId> - <artifactId>drools-core</artifactId> - </dependency> - <dependency> - <groupId>org.drools</groupId> - <artifactId>drools-compiler</artifactId> - </dependency> - -  - <dependency> - <groupId>org.jboss.microcontainer</groupId> - <artifactId>jboss-kernel</artifactId> - </dependency> - -  - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - </dependency> + </dependency> </dependencies> <build> @@ -74,8 +28,7 @@ <artifactId>maven-surefire-plugin</artifactId> <version>2.3.1</version> <configuration> - <includes> - <include>**/TestIdentity.java</include> + <includes> </includes> </configuration> </plugin> Deleted: modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/policy/HierarchialPolicy.java =================================================================== --- modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/policy/HierarchialPolicy.java 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/provisioning/src/main/java/org/jboss/security/authz/provisioning/policy/HierarchialPolicy.java 2009-01-31 23:57:18 UTC (rev 12759) @@ -1,284 +0,0 @@ -/****************************************************************************** - * JBoss, a division of Red Hat * - * Copyright 2006, Red Hat Middleware, LLC, and individual * - * contributors as indicated by the @authors tag. See the * - * copyright.txt in the distribution for a full listing of * - * individual contributors. * - * * - * This is free software; you can redistribute it and/or modify it * - * under the terms of the GNU Lesser General Public License as * - * published by the Free Software Foundation; either version 2.1 of * - * the License, or (at your option) any later version. * - * * - * This software is distributed in the hope that it will be useful, * - * but WITHOUT ANY WARRANTY; without even the implied warranty of * - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * - * Lesser General Public License for more details. * - * * - * You should have received a copy of the GNU Lesser General Public * - * License along with this software; if not, write to the Free * - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * - ******************************************************************************/ -package org.jboss.security.authz.provisioning.policy; - -import java.util.List; -import java.util.Set; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.util.UUID; - -import javax.xml.bind.JAXBElement; - -import org.jboss.security.authz.model.Policy; -import org.jboss.security.authz.model.Rule; -import org.jboss.security.authz.model.Target; -import org.jboss.security.authz.model.Effect; -import org.jboss.security.authz.model.PolicyException; -import org.jboss.security.authz.model.AttributeExpression; -import org.jboss.security.authz.model.DroolsRuleExpression; -import org.jboss.security.authz.model.Expression; -import org.jboss.security.authz.xacml.AttributeDesignatorUtil; -import org.jboss.security.authz.xacml.PolicyUtil; -import org.jboss.security.authz.provisioning.plugin.NoPermitMeansDeniedAlg; - -import org.jboss.security.xacml.core.model.policy.ActionMatchType; -import org.jboss.security.xacml.core.model.policy.SubjectMatchType; -import org.jboss.security.xacml.core.model.policy.ApplyType; -import org.jboss.security.xacml.core.model.policy.VariableReferenceType; -import org.jboss.security.xacml.core.model.policy.EffectType; -import org.jboss.security.xacml.core.model.policy.PolicyType; -import org.jboss.security.xacml.core.model.policy.ResourceMatchType; -import org.jboss.security.xacml.core.model.policy.ResourcesType; -import org.jboss.security.xacml.core.model.policy.ResourceType; -import org.jboss.security.xacml.core.model.policy.ActionsType; -import org.jboss.security.xacml.core.model.policy.ActionType; -import org.jboss.security.xacml.core.model.policy.SubjectsType; -import org.jboss.security.xacml.core.model.policy.SubjectType; -import org.jboss.security.xacml.core.model.policy.RuleType; -import org.jboss.security.xacml.core.model.policy.TargetType; -import org.jboss.security.xacml.core.model.policy.ConditionType; -import org.jboss.security.xacml.core.model.policy.ObjectFactory; -import org.jboss.security.xacml.core.model.policy.AttributeValueType; -import org.jboss.security.xacml.core.model.policy.SubjectAttributeDesignatorType; -import org.jboss.security.xacml.factories.PolicyAttributeFactory; - -/** - * Used for specifying policies for Resources represented by unique URIs, sometimes forming a tree like relationship with other Resources in the system - * - * An example of such resources would be tree of resources/nodes in a Content Management System - * - * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> - * - */ -public class HierarchialPolicy extends Policy -{ - /** - * - * @param policyUri - */ - public HierarchialPolicy(String policyUri) - { - super(policyUri); - } - - public HierarchialPolicy(String policyUri, Target target, Set<Rule> rules) throws PolicyException - { - super(policyUri, target, rules); - } - - - @Override - public String generateXACMLPolicy() throws PolicyException - { - ByteArrayOutputStream bos = null; - try - { - String xacmlXml = null; - - //SetUp the Policy Header - ObjectFactory objectFactory = new ObjectFactory(); - PolicyType policyType = new PolicyType(); - policyType.setPolicyId(this.policyUri); - policyType.setVersion("2.0"); - policyType.setRuleCombiningAlgId(new NoPermitMeansDeniedAlg().getIdentifier().toString()); - - TargetType targetType = new TargetType(); - policyType.setTarget(targetType); - - //Process Resource Matches as Targets for the Policy - List<AttributeExpression> resourceMatches = this.target.getResourceMatches(); - if(resourceMatches != null && !resourceMatches.isEmpty()) - { - ResourcesType resourcesType = new ResourcesType(); - targetType.setResources(resourcesType); - ResourceType resourceType = new ResourceType(); - - for(AttributeExpression resourceMatch: resourceMatches) - { - ResourceMatchType rmt = new ResourceMatchType(); - - rmt.setMatchId(resourceMatch.getFunctionId()); - rmt.setResourceAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(resourceMatch.getAttribute())); - rmt.setAttributeValue(PolicyAttributeFactory - .createStringAttributeType(resourceMatch.getAttribute().getValue())); - - resourceType.getResourceMatch().add(rmt); - } - - resourcesType.getResource().add(resourceType); - } - - //Process the Policy Rules - if(this.rules != null && !this.rules.isEmpty()) - { - for(Rule rule: this.rules) - { - RuleType ruleType = new RuleType(); - ruleType.setRuleId(rule.getRuleId()); - if(rule.getEffect() == Effect.PERMIT) - { - ruleType.setEffect(EffectType.PERMIT); - } - else - { - ruleType.setEffect(EffectType.DENY); - } - - //Process the Rule Target - if(rule.getTarget() != null) - { - List<AttributeExpression> actionMatches = rule.getTarget().getActionMatches(); - List<AttributeExpression> subjectMatches = rule.getTarget().getSubjectMatches(); - TargetType ruleTarget = new TargetType(); - - if(actionMatches != null && !actionMatches.isEmpty()) - { - ruleTarget.setActions(this.generateRuleActions(actionMatches)); - } - - if(subjectMatches != null && !subjectMatches.isEmpty()) - { - ruleTarget.setSubjects(this.generateRuleSubjects(subjectMatches)); - } - - ruleType.setTarget(ruleTarget); - } - - //Process the Rule Expression/Condition - ConditionType condition = this.generateCondition(objectFactory, rule.getExpression()); - ruleType.setCondition(condition); - - policyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(ruleType); - } - } - - bos = new ByteArrayOutputStream(); - PolicyUtil.marshall(bos, policyType); - xacmlXml = new String(bos.toByteArray()); - - return xacmlXml; - } - catch(Exception e) - { - throw new PolicyException(e); - } - finally - { - if(bos != null) - { - try{bos.close();}catch(IOException ioe){} - } - } - } - - private ActionsType generateRuleActions(List<AttributeExpression> actionMatches) - { - ActionsType actions = new ActionsType(); - - for(AttributeExpression action: actionMatches) - { - ActionType actionType = new ActionType(); - ActionMatchType amct = new ActionMatchType(); - amct.setMatchId(action.getFunctionId()); - amct.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(action.getAttribute().getValue())); - amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute())); - actionType.getActionMatch().add(amct); - actions.getAction().add(actionType); - } - - return actions; - } - - private SubjectsType generateRuleSubjects(List<AttributeExpression> subjectMatches) - { - SubjectsType subjects = new SubjectsType(); - - for(AttributeExpression subject: subjectMatches) - { - SubjectType subjectType = new SubjectType(); - SubjectMatchType match = new SubjectMatchType(); - match.setMatchId(subject.getFunctionId()); - match.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(subject.getAttribute().getValue())); - match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute())); - subjectType.getSubjectMatch().add(match); - subjects.getSubject().add(subjectType); - } - - return subjects; - } - - /** - * - * @param expression - * @return - */ - private ConditionType generateCondition(ObjectFactory objectFactory, Expression expression) - { - ConditionType condition = new ConditionType(); - - if(expression instanceof AttributeExpression) - { - AttributeExpression attributeExpression = (AttributeExpression)expression; - - //Function to be applied - ApplyType apply = new ApplyType(); - apply.setFunctionId(attributeExpression.getFunctionId()); - - //Value to check against - AttributeValueType attrValue = PolicyAttributeFactory.createStringAttributeType(attributeExpression.getAttribute().getValue()); - JAXBElement<AttributeValueType> jaxbAttrValue = objectFactory.createAttributeValue(attrValue); - apply.getExpression().add(jaxbAttrValue); - - //Place within the Context where this Value should exist during an Authorization Request - apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute())); - - - condition.setExpression(objectFactory.createApply(apply)); - } - else if(expression instanceof DroolsRuleExpression) - { - DroolsRuleExpression ruleExpression = (DroolsRuleExpression)expression; - - //Function to be applied - ApplyType apply = new ApplyType(); - apply.setFunctionId(ruleExpression.getFunctionId()); - - - VariableReferenceType ruleReference = new VariableReferenceType(); - ruleReference.setVariableId(ruleExpression.getRuleReference()); - JAXBElement<VariableReferenceType> jaxbRuleReference = objectFactory.createVariableReference(ruleReference); - apply.getExpression().add(jaxbRuleReference); - - - condition.setExpression(objectFactory.createApply(apply)); - } - - return condition; - } - - private String generateUniqueId() - { - return UUID.randomUUID().toString(); - } -} Deleted: modules/authorization/trunk/provisioning/src/test/resources/pdp-config.xml =================================================================== --- modules/authorization/trunk/provisioning/src/test/resources/pdp-config.xml 2009-01-31 21:46:59 UTC (rev 12758) +++ modules/authorization/trunk/provisioning/src/test/resources/pdp-config.xml 2009-01-31 23:57:18 UTC (rev 12759) @@ -1,28 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<config xmlns="http://sunxacml.sourceforge.net/schema/config-0.3" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - defaultPDP="pdp" defaultAttributeFactory="attr" - defaultCombiningAlgFactory="comb" defaultFunctionFactory="func"> - - <pdp name="pdp"> - <attributeFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.CurrentEnvModule"/> - <attributeFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.SelectorModule"/> - <policyFinderModule class="org.jboss.security.xacml.sunxacml.finder.impl.FilePolicyModule"> - <list> - <string>simple-policy.xml</string> - </list> - </policyFinderModule> - </pdp> - - <attributeFactory name="attr" useStandardDatatypes="true"/> - - <combiningAlgFactory name="comb" useStandardAlgorithms="true"> - <algorithm class="org.jboss.security.authz.pap.plugin.NoPermitMeansDeniedAlg"/> - </combiningAlgFactory> - - <functionFactory name="func" useStandardFunctions="true"> - <condition> - <function class="org.jboss.security.authz.pap.plugin.DroolsFunction"/> - </condition> - </functionFactory> -</config>

15 years, 2 months

1
0
0 / 0

JBoss Portal SVN: r12758 - in modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src: main/java/org/jboss/portal/cms/impl/jcr/command and 5 other directories.

by portal-commits＠lists.jboss.org

Author: thomas.heute(a)jboss.com Date: 2009-01-31 16:46:59 -0500 (Sat, 31 Jan 2009) New Revision: 12758 Added: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/NodeUtilTestCase.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/resources/jcr/bad_cms.zip Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/FolderImpl.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileCreate.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/resources/jboss-unit.xml Log: - Minor improvement to StoreArchiveCommand. - Fixed tests - Fixed regex Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/FolderImpl.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/FolderImpl.java 2009-01-31 21:20:08 UTC (rev 12757) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/FolderImpl.java 2009-01-31 21:46:59 UTC (rev 12758) @@ -53,5 +53,11 @@ { this.files = files; } + + @Override + public String toString() + { + return "Folder " + getBasePath(); + } } Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java 2009-01-31 21:20:08 UTC (rev 12757) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java 2009-01-31 21:46:59 UTC (rev 12758) @@ -37,13 +37,12 @@ import java.io.File; import java.io.FileOutputStream; -import java.io.InputStream; import java.io.IOException; +import java.io.InputStream; import java.util.Date; import java.util.Enumeration; import java.util.Locale; import java.util.StringTokenizer; -import java.util.regex.Pattern; /** * Saves an uploaded archive to the repo. @@ -56,7 +55,7 @@ /** The serialVersionUID */ private static final long serialVersionUID = 1568453649437987499L; private static Logger log = Logger.getLogger(StoreArchiveCommand.class); - + String msRootPath; byte[] archiveBytes; String msLanguage; @@ -89,32 +88,24 @@ { zipEntry = (ZipEntry)entries.nextElement(); - if (!zipEntry.isDirectory()) + String itemName = zipEntry.getName(); + if (!NodeUtil.CHECK_FOR_XSS_PATTERN.matcher(itemName).matches()) { - String itemName = zipEntry.getName(); - if(!NodeUtil.CHECK_FOR_XSS_PATTERN.matcher(itemName).matches()) + log.info("Zip file: '" + itemName + "' is not a valid file name. It will be skipped."); + } + else + { + if (!zipEntry.isDirectory()) { - log.info("Zip file: '" + itemName + "' is not a valid file name. It will be skipped."); + this.addFile(zipFile, zipEntry); } - else + else // isDirectory { - this.addFile(zipFile, zipEntry); + this.addFolder(zipEntry); } } - else // isDirectory - { - String itemName = zipEntry.getName(); - if(!NodeUtil.CHECK_FOR_XSS_PATTERN.matcher(itemName).matches()) - { - log.info("Zip file: '" + itemName + "' is not a valid file name. It will be skipped."); - } - else - { - this.addFolder(zipEntry); - } - } } - + return null; } catch (Exception e) @@ -129,9 +120,8 @@ } } } - + /** - * * @param zipFile * @param zipEntry * @throws IOException @@ -145,18 +135,18 @@ byte[] zipBytes = new byte[(int)fileSize]; InputStream zipDataStream = zipFile.getInputStream(zipEntry); long bytesRead = 0; - + while (bytesRead < fileSize) { bytesRead += zipDataStream.read(zipBytes, (int)bytesRead, (int)(fileSize - bytesRead)); } - + org.jboss.portal.cms.model.File file = new FileImpl(); - + String sBasePath = FileUtil.cleanDoubleSlashes("/" + this.msRootPath + "/" + itemName); sBasePath = FileUtil.cleanDoubleSlashes(sBasePath); // hackish, but necessary for root path uploads. file.setBasePath(sBasePath); - + Content content = new ContentImpl(); content.setEncoding("UTF-8"); content.setTitle(itemName); @@ -164,7 +154,7 @@ content.setBasePath(sBasePath + "/" + this.msLanguage); content.setBytes(zipBytes); file.setContent(new Locale(this.msLanguage), content); - + //Store the file JCRCommand nodeExists = (JCRCommand)context.getCommandFactory().createItemExistsCommand(file.getBasePath()); Boolean bExists = (Boolean)context.execute(nodeExists); @@ -182,25 +172,25 @@ context.execute(updateFile); } } - catch(CMSException e) + catch (CMSException e) { //Log the error, but don't fail creation of other resources in the archive log.error(this, e); } } - + private void addFolder(ZipEntry zipEntry) { try { String itemName = zipEntry.getName(); - + //trim trailing slash. if (itemName.endsWith("/")) { itemName = itemName.substring(0, itemName.length() - 1); } - + if (!"".equals(itemName)) { String sBasePath = FileUtil.cleanDoubleSlashes("/" + this.msRootPath + "/" + itemName); @@ -212,7 +202,7 @@ { this.createParentHierarchy(sParentPath); } - + JCRCommand nodeExists2 = (JCRCommand)context.getCommandFactory().createItemExistsCommand(sBasePath); Boolean bExists2 = (Boolean)context.execute(nodeExists2); if (!bExists2.booleanValue()) @@ -223,13 +213,13 @@ folder.setTitle(itemName); folder.setLastModified(new Date()); folder.setBasePath(sBasePath); - + JCRCommand folderSave = (JCRCommand)context.getCommandFactory().createFolderSaveCommand(folder); context.execute(folderSave); } } } - catch(Exception e) + catch (Exception e) { //Log the error, but don't fail creation of other resources in the archive log.error(this, e); Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java 2009-01-31 21:20:08 UTC (rev 12757) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java 2009-01-31 21:46:59 UTC (rev 12758) @@ -35,7 +35,7 @@ public class NodeUtil { public static final String PATH_SEPARATOR = "/"; - public static final Pattern CHECK_FOR_XSS_PATTERN = Pattern.compile("[^<>\\\$\\\$=]*"); + public static final Pattern CHECK_FOR_XSS_PATTERN = Pattern.compile("[^<>\$\$=]*"); /** * Returns the parent basePath of the Node. Copied: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/NodeUtilTestCase.java (from rev 12757, modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/NodeUtilTestCase.java) =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/NodeUtilTestCase.java (rev 0) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/NodeUtilTestCase.java 2009-01-31 21:46:59 UTC (rev 12758) @@ -0,0 +1,44 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2008, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.jboss.portal.cms.test; + +import junit.framework.TestCase; +import org.jboss.portal.cms.util.NodeUtil; + +/** + * @author <a href="mailto:chris.laprun@jboss.com">Chris Laprun</a> + * @version $Revision$ + */ +public class NodeUtilTestCase extends TestCase +{ + public void testIsValidPath() + { + assertFalse(NodeUtil.isValidPath("/")); + assertFalse(NodeUtil.isValidPath("//")); + assertFalse(NodeUtil.isValidPath("/<body onload=alert(String.fromCharCode(88,83,83))>")); + assertFalse(NodeUtil.isValidPath("/foo/<body onload=alert(String.fromCharCode(88,83,83))>")); + assertFalse(NodeUtil.isValidPath("")); + + assertTrue(NodeUtil.isValidPath("/foo/bar")); + } +} Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java 2009-01-31 21:20:08 UTC (rev 12757) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java 2009-01-31 21:46:59 UTC (rev 12758) @@ -24,14 +24,13 @@ import org.jboss.portal.cms.CMSException; import org.jboss.portal.cms.Command; -import org.jboss.portal.cms.model.Folder; import org.jboss.portal.cms.model.File; +import org.jboss.portal.cms.model.Folder; import org.jboss.portal.common.io.IOTools; +import static org.jboss.unit.api.Assert.assertEquals; import org.jboss.unit.api.pojo.annotations.Test; import org.jboss.unit.mc.api.annotations.Bootstrap; -import static org.jboss.unit.api.Assert.*; - import java.io.IOException; import java.io.InputStream; import java.util.List; @@ -47,9 +46,9 @@ public class TestFileArchiveUpload extends AbstractCommandTestCase { /** - * + * */ - private String sZipFile = "jcr/ziptest.zip"; + private String sZipFile = "jcr/ziptest.zip"; /** * @@ -65,7 +64,7 @@ //create archive this.runArchive(this.sZipFile); this.assertArchiveUploadCreate(); - + //update archive this.runArchive(this.sZipFile); this.assertArchiveUploadUpdate(); @@ -80,7 +79,7 @@ Folder whopper = (Folder)service.execute(listCMD); List folders = whopper.getFolders(); List files = whopper.getFiles(); - assertEquals("Folder Size incorrect", folders.size(), 0); + assertEquals("Folder Size incorrect", folders.size(), 1); // we always have /default assertEquals("File Size incorrect", files.size(), 0); } @@ -96,7 +95,7 @@ assertEquals("Folder Size incorrect", folders.size(), 0); assertEquals("File Size incorrect", files.size(), 2); } - + private void runArchive(String sZipFile) throws IOException { service.setDefaultLocale(Locale.ENGLISH.getLanguage()); @@ -110,13 +109,13 @@ } finally { - if(is != null) + if (is != null) { is.close(); } } } - + private void assertArchiveUploadCreate() { //retrieve list @@ -134,27 +133,27 @@ List files2 = whopper2.getFiles(); assertEquals("Folder Size incorrect", folders2.size(), 0); assertEquals("File Size incorrect", files2.size(), 1); - + //Look for single versions of files - for(int i=0; i<files.size(); i++) + for (int i = 0; i < files.size(); i++) { File file = (File)files.get(i); - - Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath()+"/en"); + + Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath() + "/en"); List versions = (List)service.execute(versionsCMD); - assertEquals("Multiple Versions not Found", versions.size(), 1); + assertEquals("Multiple Versions not Found", versions.size(), 1); } - - for(int i=0; i<files2.size(); i++) + + for (int i = 0; i < files2.size(); i++) { File file = (File)files2.get(i); - - Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath()+"/en"); + + Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath() + "/en"); List versions = (List)service.execute(versionsCMD); - assertEquals("Multiple Versions not Found", versions.size(), 1); + assertEquals("Multiple Versions not Found", versions.size(), 1); } } - + private void assertArchiveUploadUpdate() { //retrieve list @@ -172,24 +171,24 @@ List files2 = whopper2.getFiles(); assertEquals("Folder Size incorrect", folders2.size(), 0); assertEquals("File Size incorrect", files2.size(), 1); - + //Look for multiple versions of files - for(int i=0; i<files.size(); i++) + for (int i = 0; i < files.size(); i++) { File file = (File)files.get(i); - - Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath()+"/en"); + + Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath() + "/en"); List versions = (List)service.execute(versionsCMD); - assertEquals("Multiple Versions not Found", versions.size(), 2); + assertEquals("Multiple Versions not Found", versions.size(), 2); } - - for(int i=0; i<files2.size(); i++) + + for (int i = 0; i < files2.size(); i++) { File file = (File)files2.get(i); - - Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath()+"/en"); + + Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath() + "/en"); List versions = (List)service.execute(versionsCMD); - assertEquals("Multiple Versions not Found", versions.size(), 2); + assertEquals("Multiple Versions not Found", versions.size(), 2); } } } Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileCreate.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileCreate.java 2009-01-31 21:20:08 UTC (rev 12757) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileCreate.java 2009-01-31 21:46:59 UTC (rev 12758) @@ -30,11 +30,10 @@ import org.jboss.portal.cms.model.File; import org.jboss.portal.cms.util.NodeUtil; import org.jboss.portal.cms.util.RepositoryUtil; +import static org.jboss.unit.api.Assert.*; import org.jboss.unit.api.pojo.annotations.Test; import org.jboss.unit.mc.api.annotations.Bootstrap; -import static org.jboss.unit.api.Assert.*; - import javax.jcr.Node; import javax.jcr.Session; import java.util.Locale; @@ -49,11 +48,11 @@ public class TestFileCreate extends AbstractCommandTestCase { /** - * + * */ private String sFilePath = "/testdoc.gif"; - + /** * * @@ -61,8 +60,8 @@ public TestFileCreate() { } - + /** * * @@ -139,27 +138,27 @@ session.logout(); } - + @Test public void testRootFileCreate() throws Exception - { + { try { this.fileCreate("/"); } - catch(CMSException e) + catch (CMSException e) { - String message = e.getMessage(); - assertTrue("Invalid Path Not Validated", message.contains("Path: / is invalid")); + String message = e.getMessage(); + assertTrue("Invalid Path Not Validated", message.contains("Path: / is not a legal path element.")); } } - + @Test public void testRecursiveFileCreate() throws Exception - { + { //Create a legal file this.fileCreate("/level-1/blah"); - + //Assert Command fileGet = service.getCommandFactory().createFileGetCommand("/level-1/blah", Locale.ENGLISH); File cour = (File)service.execute(fileGet); @@ -171,56 +170,53 @@ { this.fileCreate("/level-1/blah/blah2"); } - catch(CMSException e) + catch (CMSException e) { - String message = e.getMessage(); + String message = e.getMessage(); assertTrue("Invalid Parent Hierarchy Not Validated", message.contains("Trying to create a Folder inside a File")); } - + //Try to create a file way down the path hierarchy this.fileCreate("/level-1/level-2/level-3/blah"); - + //Assert fileGet = service.getCommandFactory().createFileGetCommand("/level-1/level-2/level-3/blah", Locale.ENGLISH); cour = (File)service.execute(fileGet); assertNotNull("File was not created", cour); assertEquals("Content Incorrect", new String(cour.getContent().getBytes()), "1234567890"); } - + @Test public void testEmptyFileCreate() throws Exception - { - String path = "/emptyfile.gif"; - - //create file english - File file = new FileImpl(); - file.setBasePath(path); + { + String path = "/emptyfile.gif"; - Content content = new ContentImpl(); - content.setEncoding("UTF-8"); - content.setTitle("English Title"); - content.setDescription("English Description"); - content.setBasePath(path + "/" + Locale.ENGLISH.getLanguage()); - content.setBytes("".getBytes()); - content.setMimeType("image/gif"); - file.setContent(Locale.ENGLISH, content); - - Command createFileCMD = service.getCommandFactory().createNewFileCommand(file, content); - service.execute(createFileCMD); - - //Assert the state of the newly created file - Command readFileCmd = service.getCommandFactory().createFileGetCommand(path, Locale.ENGLISH); - File storedFile = (File)service.execute(readFileCmd); - - assertNotNull("File not successfully stored!!", storedFile); - assertEquals("Encoding does not match!!", file.getContent().getEncoding(), "UTF-8"); - assertEquals("Bytes Check", file.getContent().getContentAsString().trim(), ""); + //create file english + File file = new FileImpl(); + file.setBasePath(path); + + Content content = new ContentImpl(); + content.setEncoding("UTF-8"); + content.setTitle("English Title"); + content.setDescription("English Description"); + content.setBasePath(path + "/" + Locale.ENGLISH.getLanguage()); + content.setBytes("".getBytes()); + content.setMimeType("image/gif"); + file.setContent(Locale.ENGLISH, content); + + Command createFileCMD = service.getCommandFactory().createNewFileCommand(file, content); + service.execute(createFileCMD); + + //Assert the state of the newly created file + Command readFileCmd = service.getCommandFactory().createFileGetCommand(path, Locale.ENGLISH); + File storedFile = (File)service.execute(readFileCmd); + + assertNotNull("File not successfully stored!!", storedFile); + assertEquals("Encoding does not match!!", file.getContent().getEncoding(), "UTF-8"); + assertEquals("Bytes Check", file.getContent().getContentAsString().trim(), ""); } - - /** - * - * @param path - */ + + /** @param path */ private void fileCreate(String path) { //create file english @@ -235,8 +231,8 @@ content.setBytes("1234567890".getBytes()); content.setMimeType("image/gif"); file.setContent(Locale.ENGLISH, content); - - Command createFileCMD = service.getCommandFactory().createNewFileCommand(file, content); + + Command createFileCMD = service.getCommandFactory().createNewFileCommand(file, content); service.execute(createFileCMD); - } + } } Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/resources/jboss-unit.xml =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/resources/jboss-unit.xml 2009-01-31 21:20:08 UTC (rev 12757) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/resources/jboss-unit.xml 2009-01-31 21:46:59 UTC (rev 12758) @@ -3,128 +3,131 @@ xmlns="urn:jboss:jboss-unit:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:jboss:jboss-unit:1.0 jboss-unit_1_0.xsd"> - <pojo> + <pojo> <parameter name="datasources" value="datasources.xml"/> - <parameter name="dataSourceName"> - <value>hsqldb</value> -  - </parameter> - <parameter name="hibernateConfig" value="hibernates.xml"/> - <test > + <parameter name="dataSourceName"> + <value>hsqldb</value> +  + </parameter> + <parameter name="hibernateConfig" value="hibernates.xml"/> + <test> <class name="org.jboss.portal.cms.test.commands.TestFileArchiveUpload"/> - </test> - <test > + </test> + <test> <class name="org.jboss.portal.cms.test.commands.TestFileCopy"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileCreate"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileCreateFailed"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileDelete"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileGet"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileGetList"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileGetVersion"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileSize"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileUpdate"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderCopy"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderCreate"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderDelete"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderGet"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderUpdate"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestSearch"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.TestJackrabbit"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.TestRegEx"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.TestRepositoryUtil"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestRepositoryBootStrap"/> </test> + <test> + <class name="org.jboss.portal.cms.test.NodeUtilTestCase"/> + </test> </pojo> <pojo> <parameter name="datasources" value="datasources.xml"/> - <parameter name="dataSourceName"> - <value>hsqldb</value> -  + <parameter name="dataSourceName"> + <value>hsqldb</value> +  </parameter> <parameter name="hibernateConfig" value="hibernates.xml"/> <parameter name="standardIdentityConfig" value="standardidentity-config.xml"/> <parameter name="identityConfig" value="db-config.xml"/> - <test > + <test> <class name="org.jboss.portal.cms.test.security.TestManageAccess"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.security.TestReadAccess"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.security.TestWriteAccess"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.security.TestNewReadCommand"/> </test> - </pojo> + </pojo> - <pojo> + <pojo> <parameter name="datasources" value="datasources.xml"/> <parameter name="dataSourceName"> - <value>hsqldb</value> -  + <value>hsqldb</value> +  </parameter> <parameter name="hibernateConfig" value="hibernates.xml"/> <parameter name="standardIdentityConfig" value="standardidentity-config.xml"/> <parameter name="identityConfig" value="db-config.xml"/> - - <test > + + <test> <class name="org.jboss.portal.cms.test.workflow.TestApprovedPublish"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.workflow.TestDeniedPublish"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.workflow.TestWorkflowEnvironment"/> </test> - </pojo> + </pojo> </jboss-unit> \ No newline at end of file Copied: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/resources/jcr/bad_cms.zip (from rev 12757, modules/cms/trunk/cms-jackrabbit/src/test/resources/jcr/bad_cms.zip) =================================================================== (Binary files differ)

15 years, 2 months

1
0
0 / 0

JBoss Portal SVN: r12757 - in modules/common/trunk/common/src: test/java/org/jboss/portal/test/common/util and 1 other directory.

by portal-commits＠lists.jboss.org

Author: chris.laprun(a)jboss.com Date: 2009-01-31 16:20:08 -0500 (Sat, 31 Jan 2009) New Revision: 12757 Modified: modules/common/trunk/common/src/main/java/org/jboss/portal/common/util/ParameterValidation.java modules/common/trunk/common/src/test/java/org/jboss/portal/test/common/util/ParameterValidationTestCase.java Log: - JBPORTAL-2291: + Added sanitize*WithHandler methods taking a ValidationErrorHandler as a parameter to speficy the behavior to run in case of error. + Added LoggingValidationErrorHandler as a default ValidationErrorHandler. + Added related test cases. Modified: modules/common/trunk/common/src/main/java/org/jboss/portal/common/util/ParameterValidation.java =================================================================== --- modules/common/trunk/common/src/main/java/org/jboss/portal/common/util/ParameterValidation.java 2009-01-31 19:50:20 UTC (rev 12756) +++ modules/common/trunk/common/src/main/java/org/jboss/portal/common/util/ParameterValidation.java 2009-01-31 21:20:08 UTC (rev 12757) @@ -22,6 +22,8 @@ ******************************************************************************/ package org.jboss.portal.common.util; +import org.apache.log4j.Logger; + import java.util.Arrays; import java.util.List; import java.util.regex.Pattern; @@ -34,7 +36,75 @@ public class ParameterValidation { public final static Pattern CSS_DISTANCE = Pattern.compile("\\d+\\W*(em|ex|px|in|cm|mm|pt|pc|%)?"); + public final static Pattern XSS_CHECK = Pattern.compile("[^<>\$\$=]*"); + /** + * Implements a behavior to be executed in case a value fails to be validated. Uses the Chain of responsibility + * pattern so that several orthogonal behaviors can be chained if needed. + */ + public abstract static class ValidationErrorHandler + { + private ValidationErrorHandler next; + private String defaultValue; + protected static final String CONTINUE = "__JBP__CONTINUE__"; + + public ValidationErrorHandler(String defaultValue) + { + this.defaultValue = defaultValue; + } + + public ValidationErrorHandler setNext(ValidationErrorHandler next) + { + this.next = next; + return this; + } + + public String handleValidationError(String failedValue) + { + String result = internalValidationErrorHandling(failedValue); + if (!CONTINUE.equals(result)) + { + return result; + } + else if (next != null) + { + return next.handleValidationError(failedValue); + } + else + { + return defaultValue; + } + + } + + /** + * Decide what to do with the failed value. + * + * @param failedValue the value that failed passing validation + * @return a new value to be used by the client code or {@link #CONTINUE} if this ValidationErrorHandler allows + * downstream handlers to further process the value. + */ + protected abstract String internalValidationErrorHandling(String failedValue); + } + + public static class LoggingValidationErrorHandler extends ValidationErrorHandler + { + private static final Logger log = Logger.getLogger(ParameterValidation.class); + private String contextMessage; + + public LoggingValidationErrorHandler(String defaultValue, String contextMessage) + { + super(defaultValue); + this.contextMessage = contextMessage; + } + + protected String internalValidationErrorHandling(String failedValue) + { + log.debug("'" + failedValue + "' failed validation." + (contextMessage != null ? "\n" + contextMessage : "")); + return CONTINUE; + } + } + public static void throwIllegalArgExceptionIfNullOrEmpty(String valueToCheck, String valueName, String contextName) { if (isNullOrEmpty(valueToCheck)) @@ -99,11 +169,28 @@ */ public static String sanitizeFromPattern(String value, Pattern regex, String defaultValue) { + return sanitizeFromPatternWithHandler(value, regex, new LoggingValidationErrorHandler(defaultValue, null)); + } + + /** + * Checks if a given value matches the given format (as a regular expression) and delegates what to do to the + * specified ValidationErrorHandler. + * + * @param value value to sanitize if needed, <code>null</code> is considered as not matching + * @param regex format the value needs to conform to + * @param handler ValidationErrorHandler implementing the behavior to apply in case the specified value failed to + * validate + * @return the specified value if it conforms to the expected format, whatever value the specified + * ValidationErrorHandler thinks appropriate otherwise. + */ + public static String sanitizeFromPatternWithHandler(String value, Pattern regex, ValidationErrorHandler handler) + { throwIllegalArgExceptionIfNull(regex, "expected value format"); + throwIllegalArgExceptionIfNull(handler, "ValidationErrorHandler"); if (value == null || !regex.matcher(value).matches()) { - return defaultValue; + return handler.handleValidationError(value); } else { @@ -122,12 +209,29 @@ */ public static String sanitizeFromValues(String value, String[] possibleValues, String defaultValue) { + return sanitizeFromValuesWithHandler(value, possibleValues, new LoggingValidationErrorHandler(defaultValue, null)); + } + + /** + * Checks if a given value matches one of the possible values and delegates what to do to the specified + * ValidationErrorHandler. + * + * @param value value to sanitize if needed, <code>null</code> is considered as not matching + * @param possibleValues possible values + * @param handler ValidationErrorHandler implementing the behavior to apply in case the specified value failed + * to validate + * @return the specified value if it conforms to the expected format, whatever value the specified + * ValidationErrorHandler thinks appropriate otherwise. + */ + public static String sanitizeFromValuesWithHandler(String value, String[] possibleValues, ValidationErrorHandler handler) + { throwIllegalArgExceptionIfNullOrEmpty(possibleValues, "possible values"); + throwIllegalArgExceptionIfNull(handler, "ValidationErrorHandler"); List<String> values = Arrays.asList(possibleValues); if (!values.contains(value)) { - return defaultValue; + return handler.handleValidationError(value); } else { Modified: modules/common/trunk/common/src/test/java/org/jboss/portal/test/common/util/ParameterValidationTestCase.java =================================================================== --- modules/common/trunk/common/src/test/java/org/jboss/portal/test/common/util/ParameterValidationTestCase.java 2009-01-31 19:50:20 UTC (rev 12756) +++ modules/common/trunk/common/src/test/java/org/jboss/portal/test/common/util/ParameterValidationTestCase.java 2009-01-31 21:20:08 UTC (rev 12757) @@ -33,6 +33,14 @@ */ public class ParameterValidationTestCase extends TestCase { + private String appender; + + @Override + protected void setUp() throws Exception + { + appender = ""; + } + public void testSanitizeFromPatternNullPattern() { try @@ -115,4 +123,86 @@ assertEquals("windowmove", ParameterValidation.sanitizeFromValues("windowmove", possible, defaultValue)); assertEquals("windowremove", ParameterValidation.sanitizeFromValues("windowremove", possible, defaultValue)); } + + public void testSanitizeNullHandler() + { + try + { + ParameterValidation.sanitizeFromPatternWithHandler("foo", Pattern.compile(""), null); + fail("Should have thrown an IAE on null handler"); + } + catch (Exception e) + { + // expected + } + + try + { + ParameterValidation.sanitizeFromValuesWithHandler("foo", new String[]{""}, null); + fail("Should have thrown an IAE on null handler"); + } + catch (Exception e) + { + // expected + } + } + + public void testSanitizeHandlerChain() + { + ParameterValidation.ValidationErrorHandler handler = new TestValidationErrorHandler("default", "1"); + handler.setNext(new TestValidationErrorHandler("default", "2").setNext(new TestValidationErrorHandler("default", "3"))); + + assertEquals("default", ParameterValidation.sanitizeFromPatternWithHandler("foo", Pattern.compile("bar"), handler)); + assertEquals("1/2/3/", appender); + + appender = ""; + assertEquals("default", ParameterValidation.sanitizeFromValuesWithHandler("foo", new String[]{"bar"}, handler)); + assertEquals("1/2/3/", appender); + } + + public void testSanitizeInterruptedHandlerChain() + { + ParameterValidation.ValidationErrorHandler interruptor = new InterruptingValidationErrorHandler("default"); + ParameterValidation.ValidationErrorHandler handler = new TestValidationErrorHandler("default", "1"); + handler.setNext(interruptor.setNext(new TestValidationErrorHandler("default", "3"))); + + assertNull(ParameterValidation.sanitizeFromPatternWithHandler("foo", Pattern.compile("bar"), handler)); + assertEquals("1/", appender); + + appender = ""; + assertNull(ParameterValidation.sanitizeFromValuesWithHandler("foo", new String[]{"bar"}, handler)); + assertEquals("1/", appender); + } + + private class InterruptingValidationErrorHandler extends ParameterValidation.ValidationErrorHandler + { + private InterruptingValidationErrorHandler(String defaultValue) + { + super(defaultValue); + } + + @Override + protected String internalValidationErrorHandling(String failedValue) + { + return null; + } + } + + private class TestValidationErrorHandler extends ParameterValidation.ValidationErrorHandler + { + String order; + + private TestValidationErrorHandler(String defaultValue, String order) + { + super(defaultValue); + this.order = order; + } + + @Override + protected String internalValidationErrorHandling(String failedValue) + { + appender += order + "/"; + return ParameterValidation.ValidationErrorHandler.CONTINUE; + } + } }

15 years, 2 months

1
0
0 / 0

JBoss Portal SVN: r12756 - modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util.

by portal-commits＠lists.jboss.org

Author: chris.laprun(a)jboss.com Date: 2009-01-31 14:50:20 -0500 (Sat, 31 Jan 2009) New Revision: 12756 Modified: modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java Log: Fixed regex. Modified: modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java =================================================================== --- modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java 2009-01-31 19:49:19 UTC (rev 12755) +++ modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java 2009-01-31 19:50:20 UTC (rev 12756) @@ -35,7 +35,7 @@ public class NodeUtil { public static final String PATH_SEPARATOR = "/"; - public static final Pattern CHECK_FOR_XSS_PATTERN = Pattern.compile("[^<>\\\$\\\$=]*"); + public static final Pattern CHECK_FOR_XSS_PATTERN = Pattern.compile("[^<>\$\$=]*"); /** * Returns the parent basePath of the Node.

15 years, 2 months

1
0
0 / 0

JBoss Portal SVN: r12755 - in branches/JBoss_Portal_Branch_2_7: core-cms/src/resources/portal-cms-war/WEB-INF/classes and 1 other directories.

by portal-commits＠lists.jboss.org

Author: chris.laprun(a)jboss.com Date: 2009-01-31 14:49:19 -0500 (Sat, 31 Jan 2009) New Revision: 12755 Modified: branches/JBoss_Portal_Branch_2_7/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource.properties branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource_it.properties branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource_ja.properties branches/JBoss_Portal_Branch_2_7/security/build.xml Log: - Forbid filenames and folders with < > ( ) - Fixed regex - Updated error handling Modified: branches/JBoss_Portal_Branch_2_7/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java =================================================================== --- branches/JBoss_Portal_Branch_2_7/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-31 19:08:32 UTC (rev 12754) +++ branches/JBoss_Portal_Branch_2_7/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-31 19:49:19 UTC (rev 12755) @@ -107,7 +107,7 @@ private ApprovePublish approvePublish; private AuthorizationManager authorizationManager; private ResourceBundle resources = null; - private static final Pattern CHECK_FOR_XSS_PATTERN = Pattern.compile("^[<>\$\$=]"); + private static final Pattern CHECK_FOR_XSS_PATTERN = Pattern.compile("[^<>\$\$=]*"); private static final String SLASH = "/"; @@ -1428,6 +1428,10 @@ Boolean bExists = null; try { + if (!CHECK_FOR_XSS_PATTERN.matcher(content.getBasePath()).matches()) + { + throw new CMSException(content.getBasePath() + " is not a legal path element"); + } bExists = (Boolean)CMSService.execute(existsCMD); } catch (CMSException cme) @@ -1484,7 +1488,7 @@ sMakeLive = "on"; } - if (!"".equals(sFilePath)) + if (!"".equals(sFilePath) && !CHECK_FOR_XSS_PATTERN.matcher(sFilePath).matches()) { String sContent = aReq.getParameter("elm1"); Modified: branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource.properties =================================================================== --- branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource.properties 2009-01-31 19:08:32 UTC (rev 12754) +++ branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource.properties 2009-01-31 19:49:19 UTC (rev 12755) @@ -1,6 +1,6 @@ ################################################################################ # JBoss, a division of Red Hat # -# Copyright 2006, Red Hat Middleware, LLC, and individual # +# Copyright 2009, Red Hat Middleware, LLC, and individual # # contributors as indicated by the @authors tag. See the # # copyright.txt in the distribution for a full listing of # # individual contributors. # @@ -21,77 +21,7 @@ # 02110-1301 USA, or see the FSF site: http://www.fsf.org. # ################################################################################ -## CMS ADMIN PORTLET -TITLE_HEAD=CMS Admin -TITLE_BROWSE=Directory Browser -TITLE_FILEBROWSE=File Browser -TITLE_DELETECONFIRM=Confirm Delete -TITLE_CREATECOLLCONFIRM=Confirm Directory Creation -TITLE_COPYCONFIRM=Confirm Resource Copy -TITLE_MOVECONFIRM=Confirm Resource Move -TITLE_VIEWFILE=Viewing File Properties -TITLE_EDIT=Edit File -TITLE_CREATE=Create File -TITLE_UPLOAD=Upload File -TITLE_SECURECONFIRM=Secure Node - -CMS_SEARCH=Search -CMS_SEARCHNORESULT=No result for this search -CMS_MENU=Action Menu -CMS_ACTION=Action -CMS_NAME=Name -CMS_TYPE=Type -CMS_CREATED=Created -CMS_MODIFIED=Modified -CMS_DESCRIPTION=Description -CMS_VIEW=View -CMS_COPY=Copy -CMS_MOVE=Move -CMS_DELETE=Delete -CMS_FOLDER=Folder -CMS_FILE=File -CMS_CREATE=Create -CMS_CANCEL=Cancel -CMS_EDIT=Edit -CMS_UPLOAD=Upload -CMS_MODIFY=Modify -CMS_CREATEFOLDER= Create Folder -CMS_CREATEFILE=Create File -CMS_UPLOADARCHIVE=Upload Archive -CMS_UPLOADARCHIVE_ASYNC=Process Asynchronously -CMS_BACKTOBROWSER=Back to Directory Browser -CMS_TRANSFER=Import/Export -CMS_EXPORTARCHIVE=Export Folder -CMS_SECURE=Secure -CMS_PREVIEW=Preview -CMS_GO=Go - -CMS_CREATEFILEINDIR=Creating File in Directory -CMS_FILENAME=FileName -CMS_TITLE=Title -CMS_LANGUAGE=Language - -CMS_DELETEPATH=Confirm Deletion of -CMS_DELETEWARN1=WARNING! You will not be able to undo these change\! -CMS_DELETEWARN2=Are you sure you want to delete this resource\? - -CMS_DESTINATION=Destination -CMS_SOURCE=Source - -CMS_EDITING=Editing File -CMS_LIVE=Make \"Live\" -CMS_VERSION=Version -CMS_WYSIWYG=WYSIWYG Editor - -CMS_LIVEVERSION=Live Version -CMS_SIZE=Size - -CMS_CONTENT_DIR=Content Directory -CMS_CONTENT_DIR_USE=Use the directory tree to navigate the portal folder structure. -CMS_MAIN_USE=Use the CMS Administration portlet to manage the content of your portal. -CMS_MANAGE=Manage Content - -CMS_CREATED_BY=Created By +ATED_BY=Created By CMS_APPROVE=Approve CMS_DENY=Deny CMS_APPROVAL=Pending Items @@ -141,8 +71,8 @@ CMS_MISSING_DOCUMENT=404 - Page Not Found CMS_MISSING_DOCUMENT_DESCRIPTION=The document you tried to access is not available -CMS_FILENAME_INVALID=File Name is invalid. It may not contain illegal characters such as '.', '/', ':', '[', ']', '*', ''', '"', '|' or any whitespace character. -CMS_FOLDERNAME_INVALID=Folder Name is invalid. It may not contain illegal characters such as '.', '/', ':', '[', ']', '*', ''', '"', '|' or any whitespace character. +CMS_FILENAME_INVALID=File Name is invalid. It may not contain illegal characters such as '.', '/', ':', '[', ']', '*', ''', '"', '>', ,'<', '(', ')', '|' or any whitespace character. +CMS_FOLDERNAME_INVALID=Folder Name is invalid. It may not contain illegal characters such as '.', '/', ':', '[', ']', '*', ''', '"', '>', ,'<', '(', ')', '|' or any whitespace character. CMS_MSG_DESTINATION_ALREADY_EXISTS=The command was not performed, because the destination already exists. CMS_CANT_MOVE_SAME_DESTINATION=You cannot move a folder to the same location Modified: branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource_it.properties =================================================================== --- branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource_it.properties 2009-01-31 19:08:32 UTC (rev 12754) +++ branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource_it.properties 2009-01-31 19:49:19 UTC (rev 12755) @@ -1,6 +1,6 @@ ################################################################################ # JBoss, a division of Red Hat # -# Copyright 2006, Red Hat Middleware, LLC, and individual # +# Copyright 2009, Red Hat Middleware, LLC, and individual # # contributors as indicated by the @authors tag. See the # # copyright.txt in the distribution for a full listing of # # individual contributors. # @@ -21,72 +21,7 @@ # 02110-1301 USA, or see the FSF site: http://www.fsf.org. # ################################################################################ -## CMS ADMIN PORTLET -TITLE_HEAD=Amministrazione CMS -TITLE_BROWSE=Navigatore delle Directory -TITLE_FILEBROWSE=Navigatore dei File -TITLE_DELETECONFIRM=Conferma di Cancellazione -TITLE_CREATECOLLCONFIRM=Conferma di creazione della Directory -TITLE_COPYCONFIRM=Conferma di Copia della Risorsa -TITLE_MOVECONFIRM=Conferma di Spostamento della Risorsa -TITLE_VIEWFILE=Visualizzazione delle Propriet\u00e0 dei File -TITLE_EDIT=Modifica File -TITLE_CREATE=Creazione File -TITLE_UPLOAD=Caricamento File -TITLE_SECURECONFIRM=Sicurezza sul Nodo - -CMS_SEARCH=Ricerca -CMS_SEARCHNORESULT=Nessun risultato per questa ricerca -CMS_MENU=Menu delle Azioni -CMS_ACTION=Azione -CMS_NAME=Nome -CMS_TYPE=Tipo -CMS_CREATED=Creato -CMS_MODIFIED=Modificato -CMS_DESCRIPTION=Descrizione -CMS_VIEW=Visualizza -CMS_COPY=Copia -CMS_MOVE=Sposta -CMS_DELETE=Cancella -CMS_FOLDER=Cartella -CMS_FILE=File -CMS_CREATE=Crea -CMS_CANCEL=Annulla -CMS_EDIT=Edita -CMS_UPLOAD=Caricamento -CMS_MODIFY=Modifica -CMS_CREATEFOLDER= Crea Cartella -CMS_CREATEFILE=Crea File -CMS_UPLOADARCHIVE=Carica Archivio -CMS_UPLOADARCHIVE_ASYNC=Processione asincrona -CMS_BACKTOBROWSER=Torna al Navigatore delle Directory -CMS_TRANSFER=Importa/Esporta -CMS_EXPORTARCHIVE=Esporta Cartella -CMS_SECURE=Rendi sicuro -CMS_PREVIEW=Anteprima -CMS_GO=Vai - -CMS_CREATEFILEINDIR=Crea File nella Directory -CMS_FILENAME=Nome del File -CMS_TITLE=Titolo -CMS_LANGUAGE=Lingua - -CMS_DELETEPATH=Conferma la Cancellazione di -CMS_DELETEWARN1=ATTENZIONE! Non ti \u00e8 permesso tornare alla vecchia configurazione\! -CMS_DELETEWARN2=Sei sicuro di voler cancellare questa risorsa\? - -CMS_DESTINATION=Destinazione -CMS_SOURCE=Sorgente - -CMS_EDITING=Editaggio del File -CMS_LIVE=Rendi \"Dal Vivo\" -CMS_VERSION=Versione -CMS_WYSIWYG=Editor WYSIWYG - -CMS_LIVEVERSION=Versione dal vivo -CMS_SIZE=Grandezza - -CMS_CONTENT_DIR=Contenuto della Directory +Contenuto della Directory CMS_CONTENT_DIR_USE=Usa l\'albero delle directory per navigare nella struttura a cartelle del portale. CMS_MAIN_USE=Usa la portlet di Amministrazione CMS per gestire il contenuto del tuo portale. CMS_MANAGE=Gestione dei contenuti @@ -140,10 +75,10 @@ CMS_MISSING_DOCUMENT=404 - Pagina non trovata CMS_MISSING_DOCUMENT_DESCRIPTION=Il documento a cui hai tentato di accedere non \u00e8 disponibile -CMS_FILENAME_INVALID=Il nome del File non \u00e8 valido. Non sono permessi caratteri quali '.', '/', ':', '[', ']', '*', ''', '"', '|' o lo spazio. -CMS_FOLDERNAME_INVALID=Il nome della cartella non \u00e8 valido. Non sono permessi caratteri quali '.', '/', ':', '[', ']', '*', ''', '"', '|' o lo spazio. +CMS_FILENAME_INVALID=Il nome del File non \u00e8 valido. Non sono permessi caratteri quali '.', '/', ':', '[', ']', '*', ''', '"', '>', ,'<', '(', ')', '|' o lo spazio. +CMS_FOLDERNAME_INVALID=Il nome della cartella non \u00e8 valido. Non sono permessi caratteri quali '.', '/', ':', '[', ']', '*', ''', '"', '>', ,'<', '(', ')', '|' o lo spazio. -CMS_MSG_DESTINATION_ALREADY_EXISTS=Il comando non pu\u00F2 essere eseguito, perch\u00e8 la destinazione esiste gi\u00e0. +CMS_MSG_DESTINATION_ALREADY_EXISTS=Il comando non pu\u00f2 essere eseguito, perch\u00e8 la destinazione esiste gi\u00e0. CMS_CANT_MOVE_SAME_DESTINATION=Non puoi spostare la cartella nella stessa destinazione CMS_DATE_PATTERN=MM/dd/yy HH:mm \ No newline at end of file Modified: branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource_ja.properties =================================================================== --- branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource_ja.properties 2009-01-31 19:08:32 UTC (rev 12754) +++ branches/JBoss_Portal_Branch_2_7/core-cms/src/resources/portal-cms-war/WEB-INF/classes/Resource_ja.properties 2009-01-31 19:49:19 UTC (rev 12755) @@ -1,6 +1,6 @@ ################################################################################ # JBoss, a division of Red Hat # -# Copyright 2006, Red Hat Middleware, LLC, and individual # +# Copyright 2009, Red Hat Middleware, LLC, and individual # # contributors as indicated by the @authors tag. See the # # copyright.txt in the distribution for a full listing of # # individual contributors. # @@ -21,91 +21,7 @@ # 02110-1301 USA, or see the FSF site: http://www.fsf.org. # ################################################################################ -org.jboss.portal.object.name.admin.CMS=\u30b3\u30f3\u30c6\u30f3\u30c4\u7ba1\u7406 - -## CMS ADMIN PORTLET -TITLE_HEAD=CMS \u7ba1\u7406 -TITLE_BROWSE=\u30c7\u30a3\u30ec\u30af\u30c8\u30ea \u30d6\u30e9\u30a6\u30b6 -TITLE_FILEBROWSE=\u30d5\u30a1\u30a4\u30eb \u30d6\u30e9\u30a6\u30b6 -TITLE_DELETECONFIRM=\u524a\u9664\u78ba\u8a8d -TITLE_CREATECOLLCONFIRM=\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u4f5c\u6210\u78ba\u8a8d -TITLE_COPYCONFIRM=\u30ea\u30bd\u30fc\u30b9\u30b3\u30d4\u30fc\u78ba\u8a8d -TITLE_MOVECONFIRM=\u30ea\u30bd\u30fc\u30b9\u79fb\u52d5\u78ba\u8a8d -TITLE_VIEWFILE=\u89b3\u89a7\u30d5\u30a1\u30a4\u30eb\u30d7\u30ed\u30d1\u30c6\u30a3 -TITLE_EDIT=\u30d5\u30a1\u30a4\u30eb\u7de8\u96c6 -TITLE_CREATE=\u30d5\u30a1\u30a4\u30eb\u4f5c\u6210 -TITLE_UPLOAD=\u30d5\u30a1\u30a4\u30eb\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9 -TITLE_SECURECONFIRM=\u30bb\u30ad\u30e5\u30a2\u30ce\u30fc\u30c9 - -CMS_SEARCH=\u691c\u7d22 -CMS_SEARCHNORESULT=\u691c\u7d22\u7d50\u679c\u304c\u3042\u308a\u307e\u305b\u3093 -CMS_MENU=\u30a2\u30af\u30b7\u30e7\u30f3\u30e1\u30cb\u30e5\u30fc -CMS_ACTION=\u30a2\u30af\u30b7\u30e7\u30f3 -CMS_NAME=\u540d\u524d -CMS_TYPE=\u30bf\u30a4\u30d7 -CMS_CREATED=\u4f5c\u6210 -CMS_MODIFIED=\u4fee\u6b63 -CMS_DESCRIPTION=\u8aac\u660e -CMS_VIEW=\u89b3\u89a7 -CMS_COPY=\u30b3\u30d4\u30fc -CMS_MOVE=\u79fb\u52d5 -CMS_DELETE=\u524a\u9664 -CMS_FOLDER=\u30d5\u30a9\u30eb\u30c0 -CMS_FILE=\u30d5\u30a1\u30a4\u30eb -CMS_CREATE=\u4f5c\u6210 -CMS_CANCEL=\u30ad\u30e3\u30f3\u30bb\u30eb -CMS_EDIT=\u7de8\u96c6 -CMS_UPLOAD=\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9 -CMS_MODIFY=\u4fee\u6b63 -CMS_CREATEFOLDER= \u30d5\u30a9\u30eb\u30c0\u4f5c\u6210 -CMS_CREATEFILE=\u30d5\u30a1\u30a4\u30eb\u4f5c\u6210 -CMS_UPLOADARCHIVE=\u30a2\u30fc\u30ab\u30a4\u30d6\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9 -CMS_UPLOADARCHIVE_ASYNC=\u975e\u540c\u671f\u30d7\u30ed\u30bb\u30b9 -CMS_BACKTOBROWSER=\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30d6\u30e9\u30a6\u30b6\u306b\u623b\u308b -CMS_TRANSFER=\u30a4\u30f3\u30dd\u30fc\u30c8/\u30a8\u30af\u30b9\u30dd\u30fc\u30c8 -CMS_EXPORTARCHIVE=\u30d5\u30a9\u30eb\u30c0\u306e\u30a8\u30af\u30b9\u30dd\u30fc\u30c8 -CMS_SECURE=\u30bb\u30ad\u30e5\u30a2 -CMS_PREVIEW=\u30d7\u30ec\u30d3\u30e5\u30fc -CMS_GO=Go - -CMS_CREATEFILEINDIR=\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210 -CMS_FILENAME=\u30d5\u30a1\u30a4\u30eb\u540d -CMS_TITLE=\u30bf\u30a4\u30c8\u30eb -CMS_LANGUAGE=\u8a00\u8a9e - -CMS_DELETEPATH=\u524a\u9664\u5bfe\u8c61\u306e\u78ba\u8a8d: -CMS_DELETEWARN1=\u8b66\u544a! \u3053\u306e\u5909\u66f4\u3092\u3082\u3068\u306b\u623b\u3059\u3053\u3068\u306f\u51fa\u6765\u307e\u305b\u3093\! -CMS_DELETEWARN2=\u3053\u306e\u30ea\u30bd\u30fc\u30b9\u3092\u672c\u5f53\u306b\u524a\u9664\u3057\u307e\u3059\u304b\? - -CMS_DESTINATION=\u5834\u6240 -CMS_SOURCE=\u30bd\u30fc\u30b9 - -CMS_EDITING=\u30d5\u30a1\u30a4\u30eb\u7de8\u96c6 -CMS_LIVE=Make \"Live\" -CMS_VERSION=\u30d0\u30fc\u30b8\u30e7\u30f3 -CMS_WYSIWYG=WYSIWYG \u30a8\u30c7\u30a3\u30bf - -CMS_LIVEVERSION=Live \u30d0\u30fc\u30b8\u30e7\u30f3 -CMS_SIZE=\u30b5\u30a4\u30ba - -CMS_CONTENT_DIR=\u30b3\u30f3\u30c6\u30f3\u30c4\u30c7\u30a3\u30ec\u30af\u30c8\u30ea -CMS_CONTENT_DIR_USE=\u30dd\u30fc\u30bf\u30eb\u30d5\u30a9\u30eb\u30c0\u69cb\u9020\u3092\u64cd\u4f5c\u3059\u308b\u305f\u3081\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30c4\u30ea\u30fc\u3092\u5229\u7528\u3057\u3066\u304f\u3060\u3055\u3044\u3002 -CMS_MAIN_USE=\u30dd\u30fc\u30bf\u30eb\u30b3\u30f3\u30c6\u30f3\u30c4\u3092\u7ba1\u7406\u3059\u308b\u305f\u3081\u306bCMS\u7ba1\u7406\u30dd\u30fc\u30c8\u30ec\u30c3\u30c8\u3092\u5229\u7528\u3057\u3066\u304f\u3060\u3055\u3044\u3002 -CMS_MANAGE=\u7ba1\u7406\u30b3\u30f3\u30c6\u30f3\u30c4 - -CMS_CREATED_BY=Created By -CMS_APPROVE=\u627f\u8a8d -CMS_DENY=\u5426\u8a8d -CMS_APPROVAL=\u30da\u30f3\u30c7\u30a3\u30f3\u30b0\u30a2\u30a4\u30c6\u30e0 -CMS_PATH=\u30ed\u30b1\u30fc\u30b7\u30e7\u30f3 - -CMS_EMPTY_FOLDER=\u3053\u306e\u30d5\u30a9\u30eb\u30c0\u306f\u7a7a\u3067\u3059\u3002 - -CMS_ERROR_UPLOADARCHIVE_ASYNC=\u30a2\u30fc\u30ab\u30a4\u30d6\u51e6\u7406\u4e2d\u306b\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u307e\u3057\u305f\u3002\u300e\u975e\u540c\u671f\u30d7\u30ed\u30bb\u30b9\u300f\u3092\u8d77\u52d5\u3055\u305b\u3082\u3046\u4e00\u5ea6\u305f\u3081\u3057\u3066\u304f\u3060\u3055\u3044\u3002 -CMS_MSG_UPLOADARCHIVE_ASYNC=\u30a2\u30fc\u30ab\u30a4\u30d6\u306f\u51e6\u7406\u4e2d\u3067\u3059\u3002\u51e6\u7406\u304c\u7d42\u308f\u308b\u3068\u30ea\u30bd\u30fc\u30b9\u3092\u30d5\u30a9\u30eb\u30c0\u5185\u306b\u78ba\u8a8d\u3067\u304d\u307e\u3059\u3002 - -CMS_REQUIRED=\u5fc5\u9808 -CMS_LINK_TO_RESOURCES=\u30dd\u30fc\u30bf\u30eb\u5185\u306e\u30ea\u30bd\u30fc\u30b9\u30ea\u30f3\u30af\u306f\u53b3\u5bc6\u306b\u8a18\u8ff0\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u4f8b\u3048\u3070 default/images/back.gif\u306b\u914d\u7f6e\u3055\u308c\u305f\u30a4\u30e1\u30fc\u30b8\u30d5\u30a1\u30a4\u30eb\u306e\u30ea\u30f3\u30af\u306f\u3053\u3053\u3067\u793a\u3055\u308c\u3066\u3044\u308b\u901a\u308a\u306b\u30bf\u30a4\u30d7\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u3064\u307e\u308a\u30b9\u30e9\u30c3\u30b7\u30e5(/)\u3092\u30ea\u30bd\u30fc\u30b9\u30d1\u30b9\u306e\u5148\u982d\u306b\u8a18\u8ff0\u3057\u3066\u306f\u3044\u3051\u307e\u305b\u3093\u3002\u3042\u306a\u305f\u306f\u30a8\u30c7\u30a3\u30bf\u306ePreview\u30dc\u30bf\u30f3\u3092\u30af\u30ea\u30c3\u30af\u3059\u308b\u3053\u3068\u3067\u30ea\u30f3\u30af\u304c\u6b63\u3057\u3044\u304b\u3092\u78ba\u8a8d\u3059\u308b\u4e8b\u304c\u3067\u304d\u307e\u3059\u3002 +ges/back.gif\u306b\u914d\u7f6e\u3055\u308c\u305f\u30a4\u30e1\u30fc\u30b8\u30d5\u30a1\u30a4\u30eb\u306e\u30ea\u30f3\u30af\u306f\u3053\u3053\u3067\u793a\u3055\u308c\u3066\u3044\u308b\u901a\u308a\u306b\u30bf\u30a4\u30d7\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u3064\u307e\u308a\u30b9\u30e9\u30c3\u30b7\u30e5(/)\u3092\u30ea\u30bd\u30fc\u30b9\u30d1\u30b9\u306e\u5148\u982d\u306b\u8a18\u8ff0\u3057\u3066\u306f\u3044\u3051\u307e\u305b\u3093\u3002\u3042\u306a\u305f\u306f\u30a8\u30c7\u30a3\u30bf\u306ePreview\u30dc\u30bf\u30f3\u3092\u30af\u30ea\u30c3\u30af\u3059\u308b\u3053\u3068\u3067\u30ea\u30f3\u30af\u304c\u6b63\u3057\u3044\u304b\u3092\u78ba\u8a8d\u3059\u308b\u4e8b\u304c\u3067\u304d\u307e\u3059\u3002 CMS_ERROR_PROCESSING=\u30a8\u30af\u30b9\u30dd\u30fc\u30c8\u51e6\u7406\u4e2d\u306b\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u307e\u3057\u305f\u3002 CMS_ERROR_EXPORT=\u30a8\u30af\u30b9\u30dd\u30fc\u30c8\u51e6\u7406\u4e2d\u306b\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u307e\u3057\u305f\u3002\u30a8\u30af\u30b9\u30dd\u30fc\u30c8\u3055\u308c\u3066\u3044\u308b\u30d5\u30a9\u30eb\u30c0\u304c\u7a7a\u3067\u306a\u3044\u3053\u3068\u3092\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002 CMS_YOUR_EXPORT_0=\u30a8\u30af\u30b9\u30dd\u30fc\u30c8\u30d5\u30a9\u30eb\u30c0: @@ -143,8 +59,8 @@ CMS_MISSING_DOCUMENT=404 - \u30da\u30fc\u30b8\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093 CMS_MISSING_DOCUMENT_DESCRIPTION=\u3042\u306a\u305f\u304c\u30a2\u30af\u30bb\u30b9\u3057\u3088\u3046\u3068\u3057\u305f\u6587\u66f8\u306f\u5229\u7528\u3067\u304d\u307e\u305b\u3093\u3002 -CMS_FILENAME_INVALID=\u30d5\u30a1\u30a4\u30eb\u540d\u304c\u7121\u52b9\u3067\u3059\u3002\u7121\u52b9\u306a\u6587\u5b57\u5217\uff08 '.', '/', ':', '[', ']', '*', ''', '"', '|'\uff09\u3084\u30b9\u30da\u30fc\u30b9\u304c\u4f7f\u308f\u308c\u3066\u3044\u306a\u3044\u304b\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002 -CMS_FOLDERNAME_INVALID=\u30d5\u30a9\u30eb\u30c0\u540d\u304c\u7121\u52b9\u3067\u3059\u3002\u7121\u52b9\u306a\u6587\u5b57\u5217\uff08 '.', '/', ':', '[', ']', '*', ''', '"', '|'\uff09\u3084\u30b9\u30da\u30fc\u30b9\u304c\u4f7f\u308f\u308c\u3066\u3044\u306a\u3044\u304b\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002 +CMS_FILENAME_INVALID=\u30d5\u30a1\u30a4\u30eb\u540d\u304c\u7121\u52b9\u3067\u3059\u3002\u7121\u52b9\u306a\u6587\u5b57\u5217\uff08 '.', '/', ':', '[', ']', '*', ''', '"', '>', ,'<', '(', ')', '|'\uff09\u3084\u30b9\u30da\u30fc\u30b9\u304c\u4f7f\u308f\u308c\u3066\u3044\u306a\u3044\u304b\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002 +CMS_FOLDERNAME_INVALID=\u30d5\u30a9\u30eb\u30c0\u540d\u304c\u7121\u52b9\u3067\u3059\u3002\u7121\u52b9\u306a\u6587\u5b57\u5217\uff08 '.', '/', ':', '[', ']', '*', ''', '"', '>', ,'<', '(', ')', '|'\uff09\u3084\u30b9\u30da\u30fc\u30b9\u304c\u4f7f\u308f\u308c\u3066\u3044\u306a\u3044\u304b\u78ba\u8a8d\u3057\u3066\u304f\u3060\u3055\u3044\u3002 CMS_MSG_DESTINATION_ALREADY_EXISTS=\u3053\u306e\u30b3\u30de\u30f3\u30c9\u306f\u5b9f\u884c\u3055\u308c\u307e\u305b\u3093\u3067\u3057\u305f\u3002 CMS_CANT_MOVE_SAME_DESTINATION=\u540c\u3058\u30d5\u30a9\u30eb\u30c0\u306b\u30d5\u30a1\u30a4\u30eb\u3092\u79fb\u52d5\u3059\u308b\u3053\u3068\u306f\u3067\u304d\u307e\u305b\u3093\u3002 Modified: branches/JBoss_Portal_Branch_2_7/security/build.xml =================================================================== --- branches/JBoss_Portal_Branch_2_7/security/build.xml 2009-01-31 19:08:32 UTC (rev 12754) +++ branches/JBoss_Portal_Branch_2_7/security/build.xml 2009-01-31 19:49:19 UTC (rev 12755) @@ -1,24 +1,24 @@ <?xml version="1.0" encoding="UTF-8"?>  @@ -206,6 +206,9 @@ </target> <target name="tests" depends="init"> + <property name="build.testlog" value="${module.output}/log"/> + <echo message="testlog: ${build.testlog}"/> + <mkdir dir="${build.testlog}"/> <execute-tests> <x-test> <test todir="${test.reports}" name="org.jboss.portal.test.security.SimpleTestCase"/>

15 years, 2 months

1
0
0 / 0

JBoss Portal SVN: r12754 - in modules/cms/trunk/cms-jackrabbit/src: main/java/org/jboss/portal/cms/impl/jcr/command and 4 other directories.

by portal-commits＠lists.jboss.org

Author: chris.laprun(a)jboss.com Date: 2009-01-31 14:08:32 -0500 (Sat, 31 Jan 2009) New Revision: 12754 Added: modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/NodeUtilTestCase.java modules/cms/trunk/cms-jackrabbit/src/test/resources/jcr/bad_cms.zip Modified: modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/FolderImpl.java modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileCreate.java modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml Log: - Minor improvement to StoreArchiveCommand. - Fixed tests Modified: modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/FolderImpl.java =================================================================== --- modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/FolderImpl.java 2009-01-31 16:32:09 UTC (rev 12753) +++ modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/FolderImpl.java 2009-01-31 19:08:32 UTC (rev 12754) @@ -53,5 +53,11 @@ { this.files = files; } + + @Override + public String toString() + { + return "Folder " + getBasePath(); + } } Modified: modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java =================================================================== --- modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java 2009-01-31 16:32:09 UTC (rev 12753) +++ modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java 2009-01-31 19:08:32 UTC (rev 12754) @@ -37,13 +37,12 @@ import java.io.File; import java.io.FileOutputStream; -import java.io.InputStream; import java.io.IOException; +import java.io.InputStream; import java.util.Date; import java.util.Enumeration; import java.util.Locale; import java.util.StringTokenizer; -import java.util.regex.Pattern; /** * Saves an uploaded archive to the repo. @@ -56,7 +55,7 @@ /** The serialVersionUID */ private static final long serialVersionUID = 1568453649437987499L; private static Logger log = Logger.getLogger(StoreArchiveCommand.class); - + String msRootPath; byte[] archiveBytes; String msLanguage; @@ -89,32 +88,24 @@ { zipEntry = (ZipEntry)entries.nextElement(); - if (!zipEntry.isDirectory()) + String itemName = zipEntry.getName(); + if (!NodeUtil.CHECK_FOR_XSS_PATTERN.matcher(itemName).matches()) { - String itemName = zipEntry.getName(); - if(!NodeUtil.CHECK_FOR_XSS_PATTERN.matcher(itemName).matches()) + log.info("Zip file: '" + itemName + "' is not a valid file name. It will be skipped."); + } + else + { + if (!zipEntry.isDirectory()) { - log.info("Zip file: '" + itemName + "' is not a valid file name. It will be skipped."); + this.addFile(zipFile, zipEntry); } - else + else // isDirectory { - this.addFile(zipFile, zipEntry); + this.addFolder(zipEntry); } } - else // isDirectory - { - String itemName = zipEntry.getName(); - if(!NodeUtil.CHECK_FOR_XSS_PATTERN.matcher(itemName).matches()) - { - log.info("Zip file: '" + itemName + "' is not a valid file name. It will be skipped."); - } - else - { - this.addFolder(zipEntry); - } - } } - + return null; } catch (Exception e) @@ -129,9 +120,8 @@ } } } - + /** - * * @param zipFile * @param zipEntry * @throws IOException @@ -145,18 +135,18 @@ byte[] zipBytes = new byte[(int)fileSize]; InputStream zipDataStream = zipFile.getInputStream(zipEntry); long bytesRead = 0; - + while (bytesRead < fileSize) { bytesRead += zipDataStream.read(zipBytes, (int)bytesRead, (int)(fileSize - bytesRead)); } - + org.jboss.portal.cms.model.File file = new FileImpl(); - + String sBasePath = FileUtil.cleanDoubleSlashes("/" + this.msRootPath + "/" + itemName); sBasePath = FileUtil.cleanDoubleSlashes(sBasePath); // hackish, but necessary for root path uploads. file.setBasePath(sBasePath); - + Content content = new ContentImpl(); content.setEncoding("UTF-8"); content.setTitle(itemName); @@ -164,7 +154,7 @@ content.setBasePath(sBasePath + "/" + this.msLanguage); content.setBytes(zipBytes); file.setContent(new Locale(this.msLanguage), content); - + //Store the file JCRCommand nodeExists = (JCRCommand)context.getCommandFactory().createItemExistsCommand(file.getBasePath()); Boolean bExists = (Boolean)context.execute(nodeExists); @@ -182,25 +172,25 @@ context.execute(updateFile); } } - catch(CMSException e) + catch (CMSException e) { //Log the error, but don't fail creation of other resources in the archive log.error(this, e); } } - + private void addFolder(ZipEntry zipEntry) { try { String itemName = zipEntry.getName(); - + //trim trailing slash. if (itemName.endsWith("/")) { itemName = itemName.substring(0, itemName.length() - 1); } - + if (!"".equals(itemName)) { String sBasePath = FileUtil.cleanDoubleSlashes("/" + this.msRootPath + "/" + itemName); @@ -212,7 +202,7 @@ { this.createParentHierarchy(sParentPath); } - + JCRCommand nodeExists2 = (JCRCommand)context.getCommandFactory().createItemExistsCommand(sBasePath); Boolean bExists2 = (Boolean)context.execute(nodeExists2); if (!bExists2.booleanValue()) @@ -223,13 +213,13 @@ folder.setTitle(itemName); folder.setLastModified(new Date()); folder.setBasePath(sBasePath); - + JCRCommand folderSave = (JCRCommand)context.getCommandFactory().createFolderSaveCommand(folder); context.execute(folderSave); } } } - catch(Exception e) + catch (Exception e) { //Log the error, but don't fail creation of other resources in the archive log.error(this, e); Added: modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/NodeUtilTestCase.java =================================================================== --- modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/NodeUtilTestCase.java (rev 0) +++ modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/NodeUtilTestCase.java 2009-01-31 19:08:32 UTC (rev 12754) @@ -0,0 +1,44 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2008, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.jboss.portal.cms.test; + +import junit.framework.TestCase; +import org.jboss.portal.cms.util.NodeUtil; + +/** + * @author <a href="mailto:chris.laprun@jboss.com">Chris Laprun</a> + * @version $Revision$ + */ +public class NodeUtilTestCase extends TestCase +{ + public void testIsValidPath() + { + assertFalse(NodeUtil.isValidPath("/")); + assertFalse(NodeUtil.isValidPath("//")); + assertFalse(NodeUtil.isValidPath("/<body onload=alert(String.fromCharCode(88,83,83))>")); + assertFalse(NodeUtil.isValidPath("/foo/<body onload=alert(String.fromCharCode(88,83,83))>")); + assertFalse(NodeUtil.isValidPath("")); + + assertTrue(NodeUtil.isValidPath("/foo/bar")); + } +} Modified: modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java =================================================================== --- modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java 2009-01-31 16:32:09 UTC (rev 12753) +++ modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java 2009-01-31 19:08:32 UTC (rev 12754) @@ -24,14 +24,13 @@ import org.jboss.portal.cms.CMSException; import org.jboss.portal.cms.Command; -import org.jboss.portal.cms.model.Folder; import org.jboss.portal.cms.model.File; +import org.jboss.portal.cms.model.Folder; import org.jboss.portal.common.io.IOTools; +import static org.jboss.unit.api.Assert.assertEquals; import org.jboss.unit.api.pojo.annotations.Test; import org.jboss.unit.mc.api.annotations.Bootstrap; -import static org.jboss.unit.api.Assert.*; - import java.io.IOException; import java.io.InputStream; import java.util.List; @@ -47,9 +46,9 @@ public class TestFileArchiveUpload extends AbstractCommandTestCase { /** - * + * */ - private String sZipFile = "jcr/ziptest.zip"; + private String sZipFile = "jcr/ziptest.zip"; /** * @@ -65,7 +64,7 @@ //create archive this.runArchive(this.sZipFile); this.assertArchiveUploadCreate(); - + //update archive this.runArchive(this.sZipFile); this.assertArchiveUploadUpdate(); @@ -80,7 +79,7 @@ Folder whopper = (Folder)service.execute(listCMD); List folders = whopper.getFolders(); List files = whopper.getFiles(); - assertEquals("Folder Size incorrect", folders.size(), 0); + assertEquals("Folder Size incorrect", folders.size(), 1); // we always have /default assertEquals("File Size incorrect", files.size(), 0); } @@ -96,7 +95,7 @@ assertEquals("Folder Size incorrect", folders.size(), 0); assertEquals("File Size incorrect", files.size(), 2); } - + private void runArchive(String sZipFile) throws IOException { service.setDefaultLocale(Locale.ENGLISH.getLanguage()); @@ -110,13 +109,13 @@ } finally { - if(is != null) + if (is != null) { is.close(); } } } - + private void assertArchiveUploadCreate() { //retrieve list @@ -134,27 +133,27 @@ List files2 = whopper2.getFiles(); assertEquals("Folder Size incorrect", folders2.size(), 0); assertEquals("File Size incorrect", files2.size(), 1); - + //Look for single versions of files - for(int i=0; i<files.size(); i++) + for (int i = 0; i < files.size(); i++) { File file = (File)files.get(i); - - Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath()+"/en"); + + Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath() + "/en"); List versions = (List)service.execute(versionsCMD); - assertEquals("Multiple Versions not Found", versions.size(), 1); + assertEquals("Multiple Versions not Found", versions.size(), 1); } - - for(int i=0; i<files2.size(); i++) + + for (int i = 0; i < files2.size(); i++) { File file = (File)files2.get(i); - - Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath()+"/en"); + + Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath() + "/en"); List versions = (List)service.execute(versionsCMD); - assertEquals("Multiple Versions not Found", versions.size(), 1); + assertEquals("Multiple Versions not Found", versions.size(), 1); } } - + private void assertArchiveUploadUpdate() { //retrieve list @@ -172,24 +171,24 @@ List files2 = whopper2.getFiles(); assertEquals("Folder Size incorrect", folders2.size(), 0); assertEquals("File Size incorrect", files2.size(), 1); - + //Look for multiple versions of files - for(int i=0; i<files.size(); i++) + for (int i = 0; i < files.size(); i++) { File file = (File)files.get(i); - - Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath()+"/en"); + + Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath() + "/en"); List versions = (List)service.execute(versionsCMD); - assertEquals("Multiple Versions not Found", versions.size(), 2); + assertEquals("Multiple Versions not Found", versions.size(), 2); } - - for(int i=0; i<files2.size(); i++) + + for (int i = 0; i < files2.size(); i++) { File file = (File)files2.get(i); - - Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath()+"/en"); + + Command versionsCMD = service.getCommandFactory().createContentGetVersionsCommand(file.getBasePath() + "/en"); List versions = (List)service.execute(versionsCMD); - assertEquals("Multiple Versions not Found", versions.size(), 2); + assertEquals("Multiple Versions not Found", versions.size(), 2); } } } Modified: modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileCreate.java =================================================================== --- modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileCreate.java 2009-01-31 16:32:09 UTC (rev 12753) +++ modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileCreate.java 2009-01-31 19:08:32 UTC (rev 12754) @@ -30,11 +30,10 @@ import org.jboss.portal.cms.model.File; import org.jboss.portal.cms.util.NodeUtil; import org.jboss.portal.cms.util.RepositoryUtil; +import static org.jboss.unit.api.Assert.*; import org.jboss.unit.api.pojo.annotations.Test; import org.jboss.unit.mc.api.annotations.Bootstrap; -import static org.jboss.unit.api.Assert.*; - import javax.jcr.Node; import javax.jcr.Session; import java.util.Locale; @@ -49,11 +48,11 @@ public class TestFileCreate extends AbstractCommandTestCase { /** - * + * */ private String sFilePath = "/testdoc.gif"; - + /** * * @@ -61,8 +60,8 @@ public TestFileCreate() { } - + /** * * @@ -139,27 +138,27 @@ session.logout(); } - + @Test public void testRootFileCreate() throws Exception - { + { try { this.fileCreate("/"); } - catch(CMSException e) + catch (CMSException e) { - String message = e.getMessage(); - assertTrue("Invalid Path Not Validated", message.contains("Path: / is invalid")); + String message = e.getMessage(); + assertTrue("Invalid Path Not Validated", message.contains("Path: / is not a legal path element.")); } } - + @Test public void testRecursiveFileCreate() throws Exception - { + { //Create a legal file this.fileCreate("/level-1/blah"); - + //Assert Command fileGet = service.getCommandFactory().createFileGetCommand("/level-1/blah", Locale.ENGLISH); File cour = (File)service.execute(fileGet); @@ -171,56 +170,53 @@ { this.fileCreate("/level-1/blah/blah2"); } - catch(CMSException e) + catch (CMSException e) { - String message = e.getMessage(); + String message = e.getMessage(); assertTrue("Invalid Parent Hierarchy Not Validated", message.contains("Trying to create a Folder inside a File")); } - + //Try to create a file way down the path hierarchy this.fileCreate("/level-1/level-2/level-3/blah"); - + //Assert fileGet = service.getCommandFactory().createFileGetCommand("/level-1/level-2/level-3/blah", Locale.ENGLISH); cour = (File)service.execute(fileGet); assertNotNull("File was not created", cour); assertEquals("Content Incorrect", new String(cour.getContent().getBytes()), "1234567890"); } - + @Test public void testEmptyFileCreate() throws Exception - { - String path = "/emptyfile.gif"; - - //create file english - File file = new FileImpl(); - file.setBasePath(path); + { + String path = "/emptyfile.gif"; - Content content = new ContentImpl(); - content.setEncoding("UTF-8"); - content.setTitle("English Title"); - content.setDescription("English Description"); - content.setBasePath(path + "/" + Locale.ENGLISH.getLanguage()); - content.setBytes("".getBytes()); - content.setMimeType("image/gif"); - file.setContent(Locale.ENGLISH, content); - - Command createFileCMD = service.getCommandFactory().createNewFileCommand(file, content); - service.execute(createFileCMD); - - //Assert the state of the newly created file - Command readFileCmd = service.getCommandFactory().createFileGetCommand(path, Locale.ENGLISH); - File storedFile = (File)service.execute(readFileCmd); - - assertNotNull("File not successfully stored!!", storedFile); - assertEquals("Encoding does not match!!", file.getContent().getEncoding(), "UTF-8"); - assertEquals("Bytes Check", file.getContent().getContentAsString().trim(), ""); + //create file english + File file = new FileImpl(); + file.setBasePath(path); + + Content content = new ContentImpl(); + content.setEncoding("UTF-8"); + content.setTitle("English Title"); + content.setDescription("English Description"); + content.setBasePath(path + "/" + Locale.ENGLISH.getLanguage()); + content.setBytes("".getBytes()); + content.setMimeType("image/gif"); + file.setContent(Locale.ENGLISH, content); + + Command createFileCMD = service.getCommandFactory().createNewFileCommand(file, content); + service.execute(createFileCMD); + + //Assert the state of the newly created file + Command readFileCmd = service.getCommandFactory().createFileGetCommand(path, Locale.ENGLISH); + File storedFile = (File)service.execute(readFileCmd); + + assertNotNull("File not successfully stored!!", storedFile); + assertEquals("Encoding does not match!!", file.getContent().getEncoding(), "UTF-8"); + assertEquals("Bytes Check", file.getContent().getContentAsString().trim(), ""); } - - /** - * - * @param path - */ + + /** @param path */ private void fileCreate(String path) { //create file english @@ -235,8 +231,8 @@ content.setBytes("1234567890".getBytes()); content.setMimeType("image/gif"); file.setContent(Locale.ENGLISH, content); - - Command createFileCMD = service.getCommandFactory().createNewFileCommand(file, content); + + Command createFileCMD = service.getCommandFactory().createNewFileCommand(file, content); service.execute(createFileCMD); - } + } } Modified: modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml =================================================================== --- modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml 2009-01-31 16:32:09 UTC (rev 12753) +++ modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml 2009-01-31 19:08:32 UTC (rev 12754) @@ -3,128 +3,131 @@ xmlns="urn:jboss:jboss-unit:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:jboss:jboss-unit:1.0 jboss-unit_1_0.xsd"> - <pojo> + <pojo> <parameter name="datasources" value="datasources.xml"/> - <parameter name="dataSourceName"> - <value>hsqldb</value> -  - </parameter> - <parameter name="hibernateConfig" value="hibernates.xml"/> - <test > + <parameter name="dataSourceName"> + <value>hsqldb</value> +  + </parameter> + <parameter name="hibernateConfig" value="hibernates.xml"/> + <test> <class name="org.jboss.portal.cms.test.commands.TestFileArchiveUpload"/> - </test> - <test > + </test> + <test> <class name="org.jboss.portal.cms.test.commands.TestFileCopy"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileCreate"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileCreateFailed"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileDelete"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileGet"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileGetList"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileGetVersion"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileSize"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFileUpdate"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderCopy"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderCreate"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderDelete"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderGet"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestFolderUpdate"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestSearch"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.TestJackrabbit"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.TestRegEx"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.TestRepositoryUtil"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.commands.TestRepositoryBootStrap"/> </test> + <test> + <class name="org.jboss.portal.cms.test.NodeUtilTestCase"/> + </test> </pojo> <pojo> <parameter name="datasources" value="datasources.xml"/> - <parameter name="dataSourceName"> - <value>hsqldb</value> -  + <parameter name="dataSourceName"> + <value>hsqldb</value> +  </parameter> <parameter name="hibernateConfig" value="hibernates.xml"/> <parameter name="standardIdentityConfig" value="standardidentity-config.xml"/> <parameter name="identityConfig" value="db-config.xml"/> - <test > + <test> <class name="org.jboss.portal.cms.test.security.TestManageAccess"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.security.TestReadAccess"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.security.TestWriteAccess"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.security.TestNewReadCommand"/> </test> - </pojo> + </pojo> - <pojo> + <pojo> <parameter name="datasources" value="datasources.xml"/> <parameter name="dataSourceName"> - <value>hsqldb</value> -  + <value>hsqldb</value> +  </parameter> <parameter name="hibernateConfig" value="hibernates.xml"/> <parameter name="standardIdentityConfig" value="standardidentity-config.xml"/> <parameter name="identityConfig" value="db-config.xml"/> - - <test > + + <test> <class name="org.jboss.portal.cms.test.workflow.TestApprovedPublish"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.workflow.TestDeniedPublish"/> </test> - <test > + <test> <class name="org.jboss.portal.cms.test.workflow.TestWorkflowEnvironment"/> </test> - </pojo> + </pojo> </jboss-unit> \ No newline at end of file Added: modules/cms/trunk/cms-jackrabbit/src/test/resources/jcr/bad_cms.zip =================================================================== (Binary files differ) Property changes on: modules/cms/trunk/cms-jackrabbit/src/test/resources/jcr/bad_cms.zip ___________________________________________________________________ Name: svn:mime-type + application/octet-stream

15 years, 2 months

1
0
0 / 0

JBoss Portal SVN: r12753 - modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/opensso.

by portal-commits＠lists.jboss.org

Author: bdaw Date: 2009-01-31 11:32:09 -0500 (Sat, 31 Jan 2009) New Revision: 12753 Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/opensso/OpenSSOAuthenticationValve.java Log: JBPORTAL-2286 - OpenSSO Valve Doesn't Set ssoEnabled (Login prompt in modal box instead of full page) Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/opensso/OpenSSOAuthenticationValve.java =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/opensso/OpenSSOAuthenticationValve.java 2009-01-31 16:07:43 UTC (rev 12752) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/opensso/OpenSSOAuthenticationValve.java 2009-01-31 16:32:09 UTC (rev 12753) @@ -33,6 +33,7 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; import javax.security.jacc.PolicyContext; import java.io.IOException; import java.security.Principal; @@ -73,6 +74,10 @@ public void invoke(Request request, Response response) throws IOException, ServletException { + HttpServletRequest httpRequest = (HttpServletRequest) request; + HttpSession session = httpRequest.getSession(); + request.setAttribute("ssoEnabled", "true"); + SSOToken token = getToken(); String requestURI = request.getRequestURI();

15 years, 2 months

1
0
0 / 0

JBoss Portal SVN: r12752 - tags/Enterprise_Portal_Platform_4_3_GA/core-cms/src/main/org/jboss/portal/core/cms/ui/admin.

by portal-commits＠lists.jboss.org

Author: thomas.heute(a)jboss.com Date: 2009-01-31 11:07:43 -0500 (Sat, 31 Jan 2009) New Revision: 12752 Modified: tags/Enterprise_Portal_Platform_4_3_GA/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java Log: update error handling Modified: tags/Enterprise_Portal_Platform_4_3_GA/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java =================================================================== --- tags/Enterprise_Portal_Platform_4_3_GA/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-31 16:06:23 UTC (rev 12751) +++ tags/Enterprise_Portal_Platform_4_3_GA/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-31 16:07:43 UTC (rev 12752) @@ -925,19 +925,6 @@ folder.setName(sFolderName); folder.setBasePath(sNewPath); - if (!CHECK_FOR_XSS_PATTERN.matcher(sFolderName).matches() ) - { - // Invalid folder name - aRes.setRenderParameter("op", CMSAdminConstants.OP_CONFIRM_CREATE_COLLECTION_VALIDATION_ERROR); - aRes.setRenderParameter("path", aReq.getParameter("destination")); - - //used to remember the data already submitted by the user - aRes.setRenderParameter("error:message", CMSAdminConstants.CMS_FOLDERNAME_INVALID); - aRes.setRenderParameter("error:newcollectionname", aReq.getParameter("newcollectionname")); - aRes.setRenderParameter("error:newcollectiondescription", aReq.getParameter("newcollectiondescription")); - return; - } - try { Command saveCMD = CMSService.getCommandFactory().createFolderSaveCommand(folder); @@ -1389,7 +1376,7 @@ String sLanguage = aReq.getParameter("language"); //Perform server side data validation - if (sFileName == null || sFileName.trim().length() == 0 || !CHECK_FOR_XSS_PATTERN.matcher(sFileName).matches() ) + if (sFileName == null || sFileName.trim().length() == 0) { //Validation Error occurred //FileName should not be empty @@ -1442,7 +1429,11 @@ Boolean bExists = null; try { - bExists = (Boolean)CMSService.execute(existsCMD); + if (!CHECK_FOR_XSS_PATTERN.matcher(content.getBasePath()).matches()) + { + throw new CMSException(content.getBasePath() + " is not a legal path element"); + } + bExists = (Boolean)CMSService.execute(existsCMD); } catch (CMSException cme) {

15 years, 2 months

1
0
0 / 0

JBoss Portal SVN: r12751 - in modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src: main/java/org/jboss/portal/cms/impl/jcr/command and 2 other directories.

by portal-commits＠lists.jboss.org

Author: thomas.heute(a)jboss.com Date: 2009-01-31 11:06:23 -0500 (Sat, 31 Jan 2009) New Revision: 12751 Added: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileBasedJCRCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderBasedJCRCommand.java Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/JCRCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/AsyncStoreArchiveCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/ContentCreateCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/CopyCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileCreateCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileUpdateAndVersionCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileUpdateCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderCreateCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderUpdateCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/MoveCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/RenameCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java Log: XSS verifications Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/JCRCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/JCRCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/JCRCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -24,6 +24,7 @@ import org.jboss.portal.cms.CMSException; import org.jboss.portal.cms.Command; +import org.jboss.portal.cms.util.NodeUtil; import org.jboss.portal.common.invocation.InvocationContext; import java.io.Serializable; @@ -54,4 +55,13 @@ } public abstract Object execute() throws CMSException; + + protected void validatePath(String path) + { + boolean isValid = NodeUtil.isValidPath(path); + if (!isValid) + { + throw new CMSException("Path: " + path + " is not a legal path element."); + } + } } Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/AsyncStoreArchiveCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/AsyncStoreArchiveCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/AsyncStoreArchiveCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -158,8 +158,7 @@ } CMS cms = this.findCMSService(); - JCRCommand storeArchiveCommand = (JCRCommand)cms.getCommandFactory(). - createStoreArchiveCommand(msRootPath, archiveBytes, msLanguage); + JCRCommand storeArchiveCommand = (JCRCommand)cms.getCommandFactory().createStoreArchiveCommand(msRootPath, archiveBytes, msLanguage); cms.execute(storeArchiveCommand); log.info("Async Processing finished.................."); Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/ContentCreateCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/ContentCreateCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/ContentCreateCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -26,7 +26,6 @@ import org.apache.jackrabbit.value.DateValue; import org.apache.jackrabbit.value.StringValue; import org.jboss.portal.cms.CMSMimeMappings; -import org.jboss.portal.cms.impl.jcr.JCRCommand; import org.jboss.portal.cms.impl.jcr.JCRCommandContext; import org.jboss.portal.cms.model.File; @@ -37,23 +36,23 @@ * @author <a href="mailto:roy@jboss.org">Roy Russo</a> * @author <a href="mailto:theute@jboss.org">Thomas Heute</a> */ -public class ContentCreateCommand extends JCRCommand +public class ContentCreateCommand extends FileBasedJCRCommand { /** The serialVersionUID */ private static final long serialVersionUID = -2843288770902185840L; - File mFile; public ContentCreateCommand(File file) { - this.mFile = file; + super(file); } public Object execute() { try { + String basePath = mFile.getBasePath(); JCRCommandContext context = (JCRCommandContext)getContext(); - Node fileNode = (Node)context.getSession().getItem(mFile.getBasePath()); + Node fileNode = (Node)context.getSession().getItem(basePath); Node contentNode = fileNode.addNode(mFile.getContent().getLocale().getLanguage(), "portalcms:content"); contentNode.setProperty("jcr:encoding", "UTF-8"); @@ -72,7 +71,7 @@ } else { - String fileExt = mFile.getBasePath().substring(mFile.getBasePath().lastIndexOf(".") + 1, mFile.getBasePath().length()); + String fileExt = basePath.substring(basePath.lastIndexOf(".") + 1, basePath.length()); CMSMimeMappings mapper = new CMSMimeMappings(); if (mapper.getMimeType(fileExt) != null) { Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/CopyCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/CopyCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/CopyCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -22,8 +22,10 @@ ******************************************************************************/ package org.jboss.portal.cms.impl.jcr.command; +import org.jboss.portal.cms.CMSException; import org.jboss.portal.cms.impl.jcr.JCRCommand; import org.jboss.portal.cms.impl.jcr.util.VersionUtil; +import org.jboss.portal.cms.util.NodeUtil; import javax.jcr.Item; import javax.jcr.Node; @@ -42,6 +44,8 @@ public CopyCommand(String sFromPath, String sToPath) { + validatePath(sFromPath); + validatePath(sToPath); this.msFromPath = sFromPath; this.msToPath = sToPath; } Copied: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileBasedJCRCommand.java (from rev 12748, modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileBasedJCRCommand.java) =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileBasedJCRCommand.java (rev 0) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileBasedJCRCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -0,0 +1,43 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2008, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.jboss.portal.cms.impl.jcr.command; + +import org.jboss.portal.cms.impl.jcr.JCRCommand; +import org.jboss.portal.cms.model.File; +import org.jboss.portal.common.util.ParameterValidation; + +/** + * @author <a href="mailto:chris.laprun@jboss.com">Chris Laprun</a> + * @version $Revision$ + */ +public abstract class FileBasedJCRCommand extends JCRCommand +{ + File mFile; + + public FileBasedJCRCommand(File file) + { + ParameterValidation.throwIllegalArgExceptionIfNull(file, "file"); + validatePath(file.getBasePath()); + mFile = file; + } +} Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileCreateCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileCreateCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileCreateCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -38,17 +38,15 @@ * @author <a href="mailto:roy@jboss.org">Roy Russo</a> * @author <a href="mailto:theute@jboss.org">Thomas Heute</a> */ -public class FileCreateCommand extends JCRCommand +public class FileCreateCommand extends FileBasedJCRCommand { /** The serialVersionUID */ private static final long serialVersionUID = -653823238247348749L; private static Logger log = Logger.getLogger(FileCreateCommand.class); - - File mFile; public FileCreateCommand(File file) { - this.mFile = file; + super(file); } public Object execute() @@ -56,20 +54,15 @@ try { //Validate the FilePath - boolean isValid = NodeUtil.isValidPath(mFile.getBasePath()); - if(!isValid) - { - throw new CMSException("Path: "+mFile.getBasePath()+" is invalid"); - } - - JCRCommand existsCMD = (JCRCommand)context.getCommandFactory().createItemExistsCommand(mFile.getBasePath()); + String basePath = mFile.getBasePath(); + JCRCommand existsCMD = (JCRCommand)context.getCommandFactory().createItemExistsCommand(basePath); Boolean bExists = (Boolean)context.execute(existsCMD); //If fileNode exists already, ignore the creation. if (!bExists.booleanValue()) { - String parentPath = NodeUtil.getParentPath(mFile.getBasePath()); - String nodeName = NodeUtil.getNodeName(mFile.getBasePath()); + String parentPath = NodeUtil.getParentPath(basePath); + String nodeName = NodeUtil.getNodeName(basePath); //Make sure the Path hierarchy is complete ResourceUtil.createParentHierarchy(context, parentPath); Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileUpdateAndVersionCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileUpdateAndVersionCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileUpdateAndVersionCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -26,7 +26,6 @@ import org.apache.jackrabbit.value.DateValue; import org.apache.jackrabbit.value.StringValue; import org.jboss.portal.cms.CMSMimeMappings; -import org.jboss.portal.cms.impl.jcr.JCRCommand; import org.jboss.portal.cms.impl.jcr.util.VersionUtil; import org.jboss.portal.cms.model.File; @@ -34,11 +33,10 @@ import java.util.Calendar; /** @author <a href="mailto:roy@jboss.org">Roy Russo</a> */ -public class FileUpdateAndVersionCommand extends JCRCommand +public class FileUpdateAndVersionCommand extends FileBasedJCRCommand { /** The serialVersionUID */ private static final long serialVersionUID = 882238623005109537L; - File mFile; boolean bMakeLive; /** @@ -48,7 +46,7 @@ */ public FileUpdateAndVersionCommand(File file, boolean makeLive) { - this.mFile = file; + super(file); this.bMakeLive = makeLive; } @@ -70,13 +68,14 @@ contentNode.setProperty("portalcms:size", new StringValue(String .valueOf(mFile.getContent().getBytes().length))); + String basePath = mFile.getBasePath(); if (mFile.getContent().getMimeType() != null) { contentNode.setProperty("jcr:mimeType", mFile.getContent().getMimeType()); } else { - String fileExt = mFile.getBasePath().substring(mFile.getBasePath().lastIndexOf(".") + 1, mFile.getBasePath().length()); + String fileExt = basePath.substring(basePath.lastIndexOf(".") + 1, basePath.length()); CMSMimeMappings mapper = new CMSMimeMappings(); if (mapper.getMimeType(fileExt) != null) { @@ -93,7 +92,7 @@ VersionUtil.createVersion(versionNode, this.bMakeLive); //Update the lastModified Property of the FileNode of this content - Node fileNode = (Node)context.getSession().getItem(mFile.getBasePath()); + Node fileNode = (Node)context.getSession().getItem(basePath); fileNode.setProperty("jcr:lastModified", timestamp); // Update the folder modified date Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileUpdateCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileUpdateCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FileUpdateCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -26,7 +26,6 @@ import org.apache.jackrabbit.value.DateValue; import org.apache.jackrabbit.value.StringValue; import org.jboss.portal.cms.CMSMimeMappings; -import org.jboss.portal.cms.impl.jcr.JCRCommand; import org.jboss.portal.cms.model.File; import javax.jcr.Node; @@ -34,12 +33,10 @@ import java.util.Calendar; /** @author <a href="mailto:roy@jboss.org">Roy Russo</a> */ -public class FileUpdateCommand extends JCRCommand +public class FileUpdateCommand extends FileBasedJCRCommand { /** The serialVersionUID */ private static final long serialVersionUID = 882238623005109537L; - File mFile; - boolean bMakeLive; /** * Updates a given file content in the repo, creating a new version. @@ -48,7 +45,7 @@ */ public FileUpdateCommand(File file) { - this.mFile = file; + super(file); } public Object execute() @@ -69,13 +66,14 @@ contentNode.setProperty("portalcms:size", new StringValue(String .valueOf(mFile.getContent().getBytes().length))); + String basePath = mFile.getBasePath(); if (mFile.getContent().getMimeType() != null) { contentNode.setProperty("jcr:mimeType", mFile.getContent().getMimeType()); } else { - String fileExt = mFile.getBasePath().substring(mFile.getBasePath().lastIndexOf(".") + 1, mFile.getBasePath().length()); + String fileExt = basePath.substring(basePath.lastIndexOf(".") + 1, basePath.length()); CMSMimeMappings mapper = new CMSMimeMappings(); if (mapper.getMimeType(fileExt) != null) { @@ -88,7 +86,7 @@ } //Update the lastModified Property of the FileNode of this content - Node fileNode = (Node)context.getSession().getItem(mFile.getBasePath()); + Node fileNode = (Node)context.getSession().getItem(basePath); fileNode.setProperty("jcr:lastModified", timestamp); // Update the folder modified date Copied: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderBasedJCRCommand.java (from rev 12748, modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderBasedJCRCommand.java) =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderBasedJCRCommand.java (rev 0) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderBasedJCRCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -0,0 +1,43 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2008, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.jboss.portal.cms.impl.jcr.command; + +import org.jboss.portal.cms.impl.jcr.JCRCommand; +import org.jboss.portal.cms.model.Folder; +import org.jboss.portal.common.util.ParameterValidation; + +/** + * @author <a href="mailto:chris.laprun@jboss.com">Chris Laprun</a> + * @version $Revision$ + */ +public abstract class FolderBasedJCRCommand extends JCRCommand +{ + Folder mFolder; + + public FolderBasedJCRCommand(Folder folder) + { + ParameterValidation.throwIllegalArgExceptionIfNull(folder, "folder"); + validatePath(folder.getBasePath()); + mFolder = folder; + } +} Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderCreateCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderCreateCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderCreateCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -40,33 +40,25 @@ * @author <a href="mailto:roy@jboss.org">Roy Russo</a> * @author <a href="mailto:theute@jboss.org">Thomas Heute</a> */ -public class FolderCreateCommand extends JCRCommand +public class FolderCreateCommand extends FolderBasedJCRCommand { /** The serialVersionUID */ private static final long serialVersionUID = -3007711915681479942L; private static Logger log = Logger.getLogger(FolderCreateCommand.class); - - Folder mFolder; public FolderCreateCommand(Folder folder) { - this.mFolder = folder; + super(folder); } public Object execute() { try { - //Validate the FolderPath - boolean isValid = NodeUtil.isValidPath(mFolder.getBasePath()); - if(!isValid) - { - throw new CMSException("Path: "+mFolder.getBasePath()+" is invalid"); - } + String basePath = mFolder.getBasePath(); + String parentPath = NodeUtil.getParentPath(basePath); + String nodeName = NodeUtil.getNodeName(basePath); - String parentPath = NodeUtil.getParentPath(mFolder.getBasePath()); - String nodeName = NodeUtil.getNodeName(mFolder.getBasePath()); - //Make sure the Path hierarchy is complete ResourceUtil.createParentHierarchy(context, parentPath); Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderUpdateCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderUpdateCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/FolderUpdateCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -31,16 +31,14 @@ import java.util.Calendar; /** @author <a href="mailto:roy@jboss.org">Roy Russo</a> */ -public class FolderUpdateCommand extends JCRCommand +public class FolderUpdateCommand extends FolderBasedJCRCommand { /** The serialVersionUID */ private static final long serialVersionUID = 6606462970577037966L; - Folder mFolder; - public FolderUpdateCommand(Folder folder) { - this.mFolder = folder; + super(folder); } public Object execute() Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/MoveCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/MoveCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/MoveCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -36,6 +36,8 @@ public MoveCommand(String sFromPath, String sToPath) { + validatePath(sFromPath); + validatePath(sToPath); this.msFromPath = sFromPath; this.msToPath = sToPath; } Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/RenameCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/RenameCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/RenameCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -37,6 +37,7 @@ public RenameCommand(String sPath, String sNewName) { + validatePath(sNewName); this.msPath = sPath; this.msNewName = sNewName; } Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/StoreArchiveCommand.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -43,6 +43,7 @@ import java.util.Enumeration; import java.util.Locale; import java.util.StringTokenizer; +import java.util.regex.Pattern; /** * Saves an uploaded archive to the repo. @@ -62,7 +63,6 @@ /** * @param sRootPath - * @param is * @param sLanguage */ public StoreArchiveCommand(String sRootPath, byte[] archiveBytes, String sLanguage) @@ -88,14 +88,30 @@ while (entries.hasMoreElements()) { zipEntry = (ZipEntry)entries.nextElement(); - String itemName = zipEntry.getName(); + if (!zipEntry.isDirectory()) { - this.addFile(zipFile, zipEntry); + String itemName = zipEntry.getName(); + if(!NodeUtil.CHECK_FOR_XSS_PATTERN.matcher(itemName).matches()) + { + log.info("Zip file: '" + itemName + "' is not a valid file name. It will be skipped."); + } + else + { + this.addFile(zipFile, zipEntry); + } } else // isDirectory { - this.addFolder(zipEntry); + String itemName = zipEntry.getName(); + if(!NodeUtil.CHECK_FOR_XSS_PATTERN.matcher(itemName).matches()) + { + log.info("Zip file: '" + itemName + "' is not a valid file name. It will be skipped."); + } + else + { + this.addFolder(zipEntry); + } } } Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/main/java/org/jboss/portal/cms/util/NodeUtil.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -25,6 +25,7 @@ import javax.jcr.Node; import javax.jcr.Property; import javax.jcr.PropertyIterator; +import java.util.regex.Pattern; /** * Helper class for dealing with Nodes. Similar to common file utility functions, for now @@ -34,6 +35,7 @@ public class NodeUtil { public static final String PATH_SEPARATOR = "/"; + public static final Pattern CHECK_FOR_XSS_PATTERN = Pattern.compile("[^<>\\\$\\\$=]*"); /** * Returns the parent basePath of the Node. @@ -91,15 +93,12 @@ */ public static boolean isValidPath(String sPath) { - if ((sPath == null) || - (sPath.equals(PATH_SEPARATOR)) || - (sPath.endsWith(PATH_SEPARATOR)) || - (!sPath.startsWith(PATH_SEPARATOR)) || - (sPath.equals(""))) - { - return false; - } - return true; + return sPath != null && + !sPath.equals(PATH_SEPARATOR) && + !sPath.endsWith(PATH_SEPARATOR) && + sPath.startsWith(PATH_SEPARATOR) && + !sPath.equals("") && + CHECK_FOR_XSS_PATTERN.matcher(sPath).matches(); } /** Modified: modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java =================================================================== --- modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java 2009-01-31 16:02:41 UTC (rev 12750) +++ modules/cms/tags/JBP_CMS_1_2_4/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/commands/TestFileArchiveUpload.java 2009-01-31 16:06:23 UTC (rev 12751) @@ -63,22 +63,47 @@ public void testArchiveUpload() throws CMSException, IOException { //create archive - this.runArchive(); + this.runArchive(this.sZipFile); this.assertArchiveUploadCreate(); //update archive - this.runArchive(); + this.runArchive(this.sZipFile); this.assertArchiveUploadUpdate(); - } + + @Test + public void testBadArchiveUpload() throws IOException + { + this.runArchive("jcr/bad_cms.zip"); + + Command listCMD = service.getCommandFactory().createFolderGetListCommand("/"); + Folder whopper = (Folder)service.execute(listCMD); + List folders = whopper.getFolders(); + List files = whopper.getFiles(); + assertEquals("Folder Size incorrect", folders.size(), 0); + assertEquals("File Size incorrect", files.size(), 0); + } + + @Test + public void testInternationalUpload() throws IOException + { + this.runArchive("jcr/prueba.zip"); + + Command listCMD = service.getCommandFactory().createFolderGetListCommand("/prueba"); + Folder whopper = (Folder)service.execute(listCMD); + List folders = whopper.getFolders(); + List files = whopper.getFiles(); + assertEquals("Folder Size incorrect", folders.size(), 0); + assertEquals("File Size incorrect", files.size(), 2); + } - private void runArchive() throws IOException + private void runArchive(String sZipFile) throws IOException { service.setDefaultLocale(Locale.ENGLISH.getLanguage()); InputStream is = null; try { - is = IOTools.safeBufferedWrapper(Thread.currentThread().getContextClassLoader().getResourceAsStream(this.sZipFile)); + is = IOTools.safeBufferedWrapper(Thread.currentThread().getContextClassLoader().getResourceAsStream(sZipFile)); byte[] archiveBytes = IOTools.getBytes(is); Command storearchiveCMD = service.getCommandFactory().createStoreArchiveCommand("", archiveBytes, "en"); service.execute(storearchiveCMD);

15 years, 2 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

portal-commits January 2009