HADOOP-5740 writable permissions on a codebase

steveloughran · steveloughran · commit 5d3f5c7d9832 · 2009-04-28T15:47:32.000Z
git-svn-id: https://svn.apache.org/repos/asf/hadoop/core/branches/HADOOP-3628@769439 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/src/core/org/apache/hadoop/security/authorize/ConfiguredPolicy.java b/src/core/org/apache/hadoop/security/authorize/ConfiguredPolicy.java
@@ -22,6 +22,8 @@
 import java.security.Policy;
 import java.security.Principal;
 import java.security.ProtectionDomain;
+import java.security.CodeSource;
+import java.security.Permissions;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
@@ -77,7 +79,20 @@ public boolean implies(ProtectionDomain domain, Permission permission) {
     return super.implies(domain, permission);
   }
 
+  /**
+   * {@inheritDoc}
+   * @return a writable permission collection
+   */
   @Override
+  public PermissionCollection getPermissions(CodeSource codesource) {
+    return new Permissions();
+  }
+
+/**
+ * {@inheritDoc}
+ * @return a writable permission collection
+ */
+@Override
   public PermissionCollection getPermissions(ProtectionDomain domain) {
     PermissionCollection permissionCollection = super.getPermissions(domain);
     for (Principal principal : domain.getPrincipals()) {
@@ -153,4 +168,14 @@ private void addPermission(Map<Principal, Set<Permission>> permissions,
       LOG.debug("Policy - Adding  " + permission + " to " + principal);
     }
   }
+
+  /**
+   * For debugging: identify ourselves and the policyproviders 
+   *
+   * @return a string representation of the object.
+   */
+  @Override
+  public String toString() {
+    return "Hadoop ConfiguredPolicy " + super.toString() + " Policy provider "+ policyProvider;
+  }
 }
diff --git a/src/test/org/apache/hadoop/security/authorize/TestConfiguredPolicy.java b/src/test/org/apache/hadoop/security/authorize/TestConfiguredPolicy.java
@@ -18,6 +18,8 @@
 package org.apache.hadoop.security.authorize;
 
 import java.security.Permission;
+import java.security.CodeSource;
+import java.util.PropertyPermission;
 
 import javax.security.auth.Subject;
 
@@ -79,4 +81,11 @@ public void testConfiguredPolicy() throws Exception {
     }
     assertTrue(failed);
   }
+
+    public void testPolicySupportsAddCodebase() throws Throwable {
+        Configuration conf = new Configuration();
+        ConfiguredPolicy policy = new ConfiguredPolicy(conf, new TestPolicyProvider());
+        policy.getPermissions((CodeSource) null).add(new PropertyPermission("org.apache.hadoop", "read"));
+    }
+
 }

Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,8 @@`
`18`	`18`	`package org.apache.hadoop.security.authorize;`
`19`	`19`
`20`	`20`	`import java.security.Permission;`
	`21`	`+import java.security.CodeSource;`
	`22`	`+import java.util.PropertyPermission;`
`21`	`23`
`22`	`24`	`import javax.security.auth.Subject;`
`23`	`25`
`@@ -79,4 +81,11 @@ public void testConfiguredPolicy() throws Exception {`
`79`	`81`	`}`
`80`	`82`	`assertTrue(failed);`
`81`	`83`	`}`
	`84`	`+`
	`85`	`+ public void testPolicySupportsAddCodebase() throws Throwable {`
	`86`	`+ Configuration conf = new Configuration();`
	`87`	`+ ConfiguredPolicy policy = new ConfiguredPolicy(conf, new TestPolicyProvider());`
	`88`	`+ policy.getPermissions((CodeSource) null).add(new PropertyPermission("org.apache.hadoop", "read"));`
	`89`	`+ }`
	`90`	`+`
`82`	`91`	`}`