[weld-commits] Weld SVN: r5473 - in core/trunk: impl/src/main/java/org/jboss/weld/introspector/jlr and 2 other directories.
weld-commits at lists.jboss.org
weld-commits at lists.jboss.org
Fri Jan 15 07:16:59 EST 2010
Author: nickarls
Date: 2010-01-15 07:16:58 -0500 (Fri, 15 Jan 2010)
New Revision: 5473
Modified:
core/trunk/impl/src/main/java/org/jboss/weld/bean/interceptor/ClassInterceptionHandlerFactory.java
core/trunk/impl/src/main/java/org/jboss/weld/introspector/jlr/WeldConstructorImpl.java
core/trunk/impl/src/main/java/org/jboss/weld/introspector/jlr/WeldFieldImpl.java
core/trunk/impl/src/main/java/org/jboss/weld/util/reflection/SecureReflectionAccess.java
core/trunk/impl/src/main/java/org/jboss/weld/util/reflection/SecureReflections.java
core/trunk/tests/src/test/java/org/jboss/weld/tests/unit/security/ReflectionTest.java
Log:
Only escalating privileges when actually used, was causing problems on GAE
Modified: core/trunk/impl/src/main/java/org/jboss/weld/bean/interceptor/ClassInterceptionHandlerFactory.java
===================================================================
--- core/trunk/impl/src/main/java/org/jboss/weld/bean/interceptor/ClassInterceptionHandlerFactory.java 2010-01-14 23:39:20 UTC (rev 5472)
+++ core/trunk/impl/src/main/java/org/jboss/weld/bean/interceptor/ClassInterceptionHandlerFactory.java 2010-01-15 12:16:58 UTC (rev 5473)
@@ -48,7 +48,7 @@
{
// this is not a managed instance - assume no-argument constructor exists
Constructor<T> constructor = (Constructor<T>) SecureReflections.getDeclaredConstructor(clazz);
- T interceptorInstance = constructor.newInstance();
+ T interceptorInstance = SecureReflections.ensureConstructorAccessible(constructor).newInstance();
// inject
manager.createInjectionTarget(manager.createAnnotatedType(clazz)).inject(interceptorInstance, creationalContext);
return new DirectClassInterceptionHandler<T>(interceptorInstance, clazz);
Modified: core/trunk/impl/src/main/java/org/jboss/weld/introspector/jlr/WeldConstructorImpl.java
===================================================================
--- core/trunk/impl/src/main/java/org/jboss/weld/introspector/jlr/WeldConstructorImpl.java 2010-01-14 23:39:20 UTC (rev 5472)
+++ core/trunk/impl/src/main/java/org/jboss/weld/introspector/jlr/WeldConstructorImpl.java 2010-01-15 12:16:58 UTC (rev 5473)
@@ -39,6 +39,7 @@
import org.jboss.weld.resources.ClassTransformer;
import org.jboss.weld.util.reflection.HierarchyDiscovery;
import org.jboss.weld.util.reflection.Reflections;
+import org.jboss.weld.util.reflection.SecureReflections;
import com.google.common.base.Supplier;
import com.google.common.collect.ListMultimap;
@@ -238,7 +239,7 @@
*/
public T newInstance(Object... parameters) throws IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException
{
- return getDelegate().newInstance(parameters);
+ return SecureReflections.ensureConstructorAccessible(getDelegate()).newInstance(parameters);
}
/**
Modified: core/trunk/impl/src/main/java/org/jboss/weld/introspector/jlr/WeldFieldImpl.java
===================================================================
--- core/trunk/impl/src/main/java/org/jboss/weld/introspector/jlr/WeldFieldImpl.java 2010-01-14 23:39:20 UTC (rev 5472)
+++ core/trunk/impl/src/main/java/org/jboss/weld/introspector/jlr/WeldFieldImpl.java 2010-01-15 12:16:58 UTC (rev 5473)
@@ -91,7 +91,7 @@
public void set(Object instance, Object value) throws IllegalArgumentException, IllegalAccessException
{
- field.set(instance, value);
+ SecureReflections.ensureFieldAccessible(field).set(instance, value);
}
public void setOnInstance(Object instance, Object value) throws IllegalArgumentException, SecurityException, IllegalAccessException, NoSuchFieldException
@@ -104,7 +104,7 @@
{
try
{
- return (T) getDelegate().get(instance);
+ return (T) SecureReflections.ensureFieldAccessible(getDelegate()).get(instance);
}
catch (Exception e)
{
Modified: core/trunk/impl/src/main/java/org/jboss/weld/util/reflection/SecureReflectionAccess.java
===================================================================
--- core/trunk/impl/src/main/java/org/jboss/weld/util/reflection/SecureReflectionAccess.java 2010-01-14 23:39:20 UTC (rev 5472)
+++ core/trunk/impl/src/main/java/org/jboss/weld/util/reflection/SecureReflectionAccess.java 2010-01-15 12:16:58 UTC (rev 5473)
@@ -16,11 +16,8 @@
*/
package org.jboss.weld.util.reflection;
-import java.lang.reflect.AccessibleObject;
import java.lang.reflect.InvocationTargetException;
-import java.security.AccessController;
import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
/**
* Helper class for doing work in a privileged context under the
@@ -34,7 +31,6 @@
* @return The value of the operation
* @throws Exception If the operation failed
*/
- @SuppressWarnings("unchecked")
public Object run() throws Exception
{
// SecurityManager securityManager = System.getSecurityManager();
@@ -78,8 +74,7 @@
/**
* Runs the work and unwraps and NoSuchFieldException from a possible
- * PrivilegedActionException. Wraps any other exceptions in
- * RuntimeException
+ * PrivilegedActionException. Wraps any other exceptions in RuntimeException
*
* @return The result of the work (usually a Field)
* @throws NoSuchFieldException If a field with the specified name is not
@@ -111,12 +106,11 @@
/**
* Runs the work and unwraps and NoSuchMethodException from a possible
- * PrivilegedActionException. Wraps any other exceptions in
- * RuntimeException
+ * PrivilegedActionException. Wraps any other exceptions in RuntimeException
*
* @return The result of the work (usually a Method)
- * @throws NoSuchMethodException If a method with the specified name is
- * not found.
+ * @throws NoSuchMethodException If a method with the specified name is not
+ * found.
*/
public Object runAsMethodAccess() throws NoSuchMethodException
{
@@ -145,22 +139,20 @@
/**
* Runs the work and unwraps any IllegalAccessException,
* IllegalArgumentException or InvocationTargetException from a possible
- * PrivilegedActionException. Wraps any other exceptions in
- * RuntimeException
+ * PrivilegedActionException. Wraps any other exceptions in RuntimeException
*
* @return The return value of the method invoked
* @throws IllegalAccessException If this Method object enforces Java
* language access control and the underlying method is
* inaccessible.
- * @throws IllegalArgumentException If the method is an instance method
- * and the specified object argument is not an instance of the
- * class or interface declaring the underlying method (or of a
- * subclass or implementor thereof); if the number of actual
- * and formal parameters differ; if an unwrapping conversion
- * for primitive arguments fails; or if, after possible
- * unwrapping, a parameter value cannot be converted to the
- * corresponding formal parameter type by a method invocation
- * conversion.
+ * @throws IllegalArgumentException If the method is an instance method and
+ * the specified object argument is not an instance of the class
+ * or interface declaring the underlying method (or of a subclass
+ * or implementor thereof); if the number of actual and formal
+ * parameters differ; if an unwrapping conversion for primitive
+ * arguments fails; or if, after possible unwrapping, a parameter
+ * value cannot be converted to the corresponding formal parameter
+ * type by a method invocation conversion.
* @throws InvocationTargetException I the underlying method throws an
* exception.
*/
@@ -207,16 +199,15 @@
/**
* Runs the work and unwraps any IllegalAccessException,
* InstantiationException or IllegalAccessException from a possible
- * PrivilegedActionException. Wraps any other exceptions in
- * RuntimeException
+ * PrivilegedActionException. Wraps any other exceptions in RuntimeException
*
* @return The result of the work (usually a new instance)
- * @throws InstantiationException If the class or its nullary constructor
- * is not accessible.
- * @throws IllegalAccessException If this Class represents an abstract
- * class, an interface, an array class, a primitive type, or
- * void; or if the class has no nullary constructor; or if the
- * instantiation fails for some other reason.
+ * @throws InstantiationException If the class or its nullary constructor is
+ * not accessible.
+ * @throws IllegalAccessException If this Class represents an abstract class,
+ * an interface, an array class, a primitive type, or void; or if
+ * the class has no nullary constructor; or if the instantiation
+ * fails for some other reason.
*/
public Object runAsInstantiation() throws InstantiationException, IllegalAccessException
{
@@ -250,38 +241,6 @@
}
}
- /**
- * Makes an list of objects accessible. Must be run from within work() or
- * another privileged location
- *
- * @param accessibleObjects The objects to manipulate
- * @return The accessible objects
- */
- protected AccessibleObject[] ensureAccessible(AccessibleObject[] accessibleObjects)
- {
- for (AccessibleObject accessibleObject : accessibleObjects)
- {
- ensureAccessible(accessibleObject);
- }
- return accessibleObjects;
- }
-
- /**
- * Makes an object accessible. Must be run from within work() or another
- * privileged location
- *
- * @param accessibleObjects The object to manipulate
- * @return The accessible object
- */
- protected AccessibleObject ensureAccessible(AccessibleObject accessibleObject)
- {
- if (!accessibleObject.isAccessible())
- {
- accessibleObject.setAccessible(true);
- }
- return accessibleObject;
- }
-
protected abstract Object work() throws Exception;
}
Modified: core/trunk/impl/src/main/java/org/jboss/weld/util/reflection/SecureReflections.java
===================================================================
--- core/trunk/impl/src/main/java/org/jboss/weld/util/reflection/SecureReflections.java 2010-01-14 23:39:20 UTC (rev 5472)
+++ core/trunk/impl/src/main/java/org/jboss/weld/util/reflection/SecureReflections.java 2010-01-15 12:16:58 UTC (rev 5473)
@@ -19,6 +19,7 @@
import static org.jboss.weld.logging.messages.UtilMessage.ANNOTATION_VALUES_INACCESSIBLE;
import java.lang.annotation.Annotation;
+import java.lang.reflect.AccessibleObject;
import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
@@ -73,7 +74,7 @@
@Override
protected Object work() throws Exception
{
- return ensureAccessible(clazz.getDeclaredField(fieldName));
+ return clazz.getDeclaredField(fieldName);
}
}.runAsFieldAccess();
}
@@ -111,7 +112,7 @@
@Override
protected Object work() throws Exception
{
- return ensureAccessible(clazz.getDeclaredFields());
+ return clazz.getDeclaredFields();
}
}.runAndWrap();
}
@@ -155,7 +156,7 @@
@Override
protected Object work() throws Exception
{
- return ensureAccessible(clazz.getDeclaredMethod(methodName, parameterTypes));
+ return clazz.getDeclaredMethod(methodName, parameterTypes);
}
}.runAsMethodAccess();
}
@@ -193,7 +194,7 @@
@Override
protected Object work() throws Exception
{
- return ensureAccessible(clazz.getDeclaredMethods());
+ return clazz.getDeclaredMethods();
}
}.runAndWrap();
}
@@ -235,8 +236,7 @@
@Override
protected Object work() throws Exception
{
- Constructor<?> constructor = clazz.getDeclaredConstructor(parameterTypes);
- return clazz == Class.class ? constructor : ensureAccessible(constructor);
+ return clazz.getDeclaredConstructor(parameterTypes);
}
}.runAsMethodAccess();
}
@@ -274,8 +274,7 @@
@Override
protected Object work() throws Exception
{
- Constructor<?>[] constructors = clazz.getDeclaredConstructors();
- return clazz == Class.class ? constructors : ensureAccessible(constructors);
+ return clazz.getDeclaredConstructors();
}
}.runAndWrap();
@@ -301,12 +300,67 @@
@Override
protected Object work() throws Exception
{
- return ((Method) ensureAccessible(method)).invoke(instance, parameters);
+ return ensureMethodAccessible(method).invoke(instance, parameters);
}
}.runAsInvocation();
}
-
+
/**
+ * Makes a method accessible
+ *
+ * @param method The method to make accessible
+ * @return The accessible method
+ */
+ public static Method ensureMethodAccessible(final Method method)
+ {
+ return (Method) ensureAccessible(method);
+ }
+
+ /**
+ * Makes a field accessible
+ *
+ * @param field The field to make accessible
+ * @return The accessible field
+ */
+ public static Field ensureFieldAccessible(final Field field)
+ {
+ return (Field) ensureAccessible(field);
+ }
+
+ /**
+ * Makes a constructor accessible
+ *
+ * @param constructor The constructor to make accessible
+ * @return The accessible constructor
+ */
+ public static <T> Constructor<T> ensureConstructorAccessible(final Constructor<T> constructor)
+ {
+ return (Constructor<T>) ensureAccessible(constructor);
+ }
+
+ /**
+ * Makes an object accessible.
+ *
+ * @param accessibleObjects The object to manipulate
+ * @return The accessible object
+ */
+ private static AccessibleObject ensureAccessible(final AccessibleObject accessibleObject)
+ {
+ return (AccessibleObject) new SecureReflectionAccess()
+ {
+ @Override
+ protected Object work() throws Exception
+ {
+ if (!accessibleObject.isAccessible())
+ {
+ accessibleObject.setAccessible(true);
+ }
+ return accessibleObject;
+ }
+ }.runAndWrap();
+ }
+
+ /**
* Invokes a given method with given parameters on an instance
*
* @param instance The instance to invoke on
@@ -318,7 +372,7 @@
* @throws InvocationTargetException If there was another error invoking the
* method
* @see java.lang.reflect.Method#invoke(Object, Object...)
- */
+ */
public static Object invoke(final Object instance, final String methodName, final Object... parameters) throws IllegalArgumentException, IllegalAccessException, InvocationTargetException
{
return new SecureReflectionAccess()
@@ -332,7 +386,7 @@
parameterTypes[i] = parameters[i].getClass();
}
Method method = getMethod(instance.getClass(), methodName, parameterTypes);
- return method.invoke(instance, parameters);
+ return ensureMethodAccessible(method).invoke(instance, parameters);
}
}.runAsInvocation();
}
@@ -371,8 +425,8 @@
public static Method lookupMethod(Object instance, Method method) throws NoSuchMethodException
{
return lookupMethod(instance.getClass(), method.getName(), method.getParameterTypes());
- }
-
+ }
+
/**
* Returns a method from the class or any class/interface in the inheritance
* hierarchy
@@ -424,7 +478,7 @@
}
/**
- * Helper class for reading the value of an annotation
+ * Helper class for reading the value of an annotation
*
* @param annotation The annotation to inspect
* @return The array of classes
@@ -445,7 +499,7 @@
/**
* Checks if a method is found in a class
*
- * @param clazz The class to inspect
+ * @param clazz The class to inspect
* @param methodName The name of the method
* @param parameterTypes The parameter types of the method
* @return true if method is present, false otherwise
Modified: core/trunk/tests/src/test/java/org/jboss/weld/tests/unit/security/ReflectionTest.java
===================================================================
--- core/trunk/tests/src/test/java/org/jboss/weld/tests/unit/security/ReflectionTest.java 2010-01-14 23:39:20 UTC (rev 5472)
+++ core/trunk/tests/src/test/java/org/jboss/weld/tests/unit/security/ReflectionTest.java 2010-01-15 12:16:58 UTC (rev 5473)
@@ -1,6 +1,8 @@
package org.jboss.weld.tests.unit.security;
import java.lang.reflect.AccessibleObject;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
@@ -49,9 +51,23 @@
@Test
public void testFieldAccess()
{
- testAllAccessible(SecureReflections.getDeclaredFields(TestObject.class));
+ testAllAccessible(grantAccess(SecureReflections.getDeclaredFields(TestObject.class)));
}
-
+
+ private AccessibleObject[] grantAccess(AccessibleObject[] objects) {
+ for (AccessibleObject object : objects)
+ {
+ if (object instanceof Field) {
+ SecureReflections.ensureFieldAccessible((Field) object);
+ } else if (object instanceof Method) {
+ SecureReflections.ensureMethodAccessible((Method) object);
+ } else if (object instanceof Constructor<?>) {
+ SecureReflections.ensureConstructorAccessible((Constructor<?>)object);
+ }
+ }
+ return objects;
+ }
+
private void testAllAccessible(AccessibleObject[] objects)
{
for (AccessibleObject object : objects)
@@ -102,7 +118,7 @@
@Test
public void testMethodAccess()
{
- testAllAccessible(SecureReflections.getDeclaredMethods(TestObject.class));
+ testAllAccessible(grantAccess(SecureReflections.getDeclaredMethods(TestObject.class)));
}
@Test
@@ -144,7 +160,7 @@
@Test
public void testConstructorAccess()
{
- testAllAccessible(SecureReflections.getDeclaredConstructors(TestObject.class));
+ testAllAccessible(grantAccess(SecureReflections.getDeclaredConstructors(TestObject.class)));
}
@Test
More information about the weld-commits
mailing list