Source code

001package org.intellimate.izou.security;
002
003import org.intellimate.izou.util.IzouModule;
004import org.intellimate.izou.addon.AddOnModel;
005import org.intellimate.izou.main.Main;
006import org.intellimate.izou.security.exceptions.IzouPermissionException;
007
008import java.security.Permission;
009import java.util.ArrayList;
010import java.util.List;
011
012/**
013 * The PermissionManager handles all permission conflicts within Izou. For example, if two addOns want to play music at
014 * the same time, the PermissionManager will interfere and decide who gets the play the music. The PermissionManager
015 * has nothing to do with general system security, it is only there to avoid "collisions" between addOns. If you are
016 * looking for system security, look at the {@link SecurityManager}.
017 */
018public final class PermissionManager extends IzouModule {
019    private final List<PermissionModule> standardCheck;
020    private final FilePermissionModule filePermissionModule;
021    private final RootPermission rootPermission;
022
023    /**
024     * Creates a new PermissionManager instance if and only if none has been created yet
025     *
026     * @throws IllegalAccessException thrown if this method is called more than once
027     * @param main an instance of Main
028     * @param securityManager an instance of SecurityManager
029     */
030    PermissionManager(Main main, SecurityManager securityManager) throws IllegalAccessException {
031        super(main);
032        standardCheck = new ArrayList<>();
033        standardCheck.add(new AudioPermissionModule(main, securityManager));
034        standardCheck.add(new SocketPermissionModule(main, securityManager));
035        filePermissionModule = new FilePermissionModule(main, securityManager);
036        standardCheck.add(new ReflectionPermissionModule(main, securityManager));
037        rootPermission = new RootPermission(main, securityManager);
038        standardCheck.add(filePermissionModule);
039    }
040
041    public FilePermissionModule getFilePermissionModule() {
042        return filePermissionModule;
043    }
044
045    /**
046     * checks the permission
047     * @param perm the permission
048     * @param addOnModel the associated AddOnModel
049     * @throws IzouPermissionException if the permission was not granted
050     */
051    public void checkPermission(Permission perm, AddOnModel addOnModel) throws IzouPermissionException {
052        try {
053            rootPermission.checkPermission(perm, addOnModel);
054            //its root
055            return;
056        } catch (IzouPermissionException ignored) {
057            //its just not root
058        }
059        standardCheck.stream()
060                .filter(permissionModule -> permissionModule.canCheckPermission(perm))
061                .forEach(permissionModule -> permissionModule.checkPermission(perm, addOnModel));
062    }
063}