Source code

001package org.intellimate.izou.security;
002
003import org.intellimate.izou.addon.AddOnModel;
004import org.intellimate.izou.main.Main;
005import org.intellimate.izou.security.exceptions.IzouPermissionException;
006import org.intellimate.izou.security.exceptions.IzouSocketPermissionException;
007import ro.fortsoft.pf4j.PluginDescriptor;
008
009import java.io.FilePermission;
010import java.security.Permission;
011import java.util.function.Function;
012
013/**
014 * @author LeanderK
015 * @version 1.0
016 */
017public class RootPermission extends PermissionModule {
018    /**
019     * Creates a new PermissionModule
020     *
021     * @param main an instance of main
022     * @param securityManager an instance of security-manager
023     */
024    RootPermission(Main main, SecurityManager securityManager) {
025        super(main, securityManager);
026    }
027
028    /**
029     * returns true if able to check permissions
030     *
031     * @param permission the permission to check
032     * @return true if able to, false if not
033     */
034    @Override
035    public boolean canCheckPermission(Permission permission) {
036        return true;
037    }
038
039    /**
040     * Checks if the given addOn is allowed to access the requested service and registers them if not yet registered.
041     *
042     * @param permission the Permission to check
043     * @param addon      the identifiable to check
044     * @throws IzouPermissionException thrown if the addOn is not allowed to access its requested service
045     */
046    @Override
047    public void checkPermission(Permission permission, AddOnModel addon) throws IzouPermissionException {
048        if (isRegistered(addon))
049            return;
050
051        if (permission instanceof FilePermission && !permission.getActions().intern().toLowerCase().equals("read")) {
052            String canonicalName = permission.getName().intern().toLowerCase();
053            getSecurityManager().getPermissionManager().getFilePermissionModule().fileWriteCheck(canonicalName, addon);
054        }
055
056        Function<PluginDescriptor, Boolean> checkPermission = descriptor -> {
057            try {
058                return descriptor.getAddOnProperties().get("root").equals("true");
059            } catch (NullPointerException e) {
060                return false;
061            }
062        };
063
064        String exceptionMessage = "Root permission denied for: " + addon + "is not registered to "
065                + "use socket root connections.";
066        registerOrThrow(addon, () -> new IzouSocketPermissionException(exceptionMessage), checkPermission);
067    }
068}