FELIX-3176 Implement Config Admin 1.4 Changes
- Implicit permission for bundles to read, manage, and receive their own config and un-owned config
- A lot of DEBUG logging statements
git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@1189621 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdapter.java b/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdapter.java
index 396f564..eae4dfb 100644
--- a/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdapter.java
+++ b/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdapter.java
@@ -85,7 +85,7 @@
{
// CM 1.4 / 104.13.2.4
configurationAdmin.checkPermission( delegatee.getBundleLocation() );
- configurationAdmin.checkPermission( bundleLocation );
+ configurationAdmin.checkPermission( ( bundleLocation == null ) ? "*" : bundleLocation );
checkDeleted();
delegatee.setStaticBundleLocation( bundleLocation );
}
diff --git a/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdminImpl.java b/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdminImpl.java
index 73bf15a..6f40898 100644
--- a/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdminImpl.java
+++ b/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationAdminImpl.java
@@ -25,6 +25,7 @@
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.cm.ConfigurationPermission;
+import org.osgi.service.log.LogService;
/**
@@ -95,6 +96,10 @@
if ( config.getBundleLocation() == null )
{
+ configurationManager.log( LogService.LOG_DEBUG, "Binding configuration {0} (isNew: {1}) to bundle {2}",
+ new Object[]
+ { config.getPid(), Boolean.valueOf( config.isNew() ), getBundle().getLocation() } );
+
config.setStaticBundleLocation( this.getBundle().getLocation() );
}
else if ( !config.getBundleLocation().equals( this.getBundle().getLocation() ) )
@@ -178,11 +183,9 @@
* the given permission for the given bundle location and throws a
* <code>SecurityException</code> if this is not the case.
*
- * @param name The bundle location to check for permission. If
- * <code>null</code> assumes <code>*</code>.
- * @param permission The actual permission to check. This must be one
- * of the constants defined in the
- * <code>ConfigurationPermission</code> class.
+ * @param name The bundle location to check for permission. If this
+ * is <code>null</code> or exactly matches the using bundle's
+ * location, permission is always granted.
*
* @throws SecurityException if the access control context does not
* have the appropriate permission
@@ -193,11 +196,34 @@
final SecurityManager sm = System.getSecurityManager();
if ( sm != null )
{
- if (name == null) {
- name = "*";
- }
+ // CM 1.4 / 104.11.1 Implicit permission
+ if ( name != null && !name.equals( getBundle().getLocation() ) )
+ {
+ sm.checkPermission( new ConfigurationPermission( name, ConfigurationPermission.CONFIGURE ) );
- sm.checkPermission( new ConfigurationPermission( name, ConfigurationPermission.CONFIGURE ) );
+ if ( configurationManager.isLogEnabled( LogService.LOG_DEBUG ) )
+ {
+ configurationManager.log( LogService.LOG_DEBUG,
+ "Explicit Permission; grant CONFIGURE permission on configuration bound to {0} to bundle {1}",
+ new Object[]
+ { name, getBundle().getLocation() } );
+ }
+ }
+ else if ( configurationManager.isLogEnabled( LogService.LOG_DEBUG ) )
+ {
+ configurationManager.log( LogService.LOG_DEBUG,
+ "Implicit Permission; grant CONFIGURE permission on configuration bound to {0} to bundle {1}",
+ new Object[]
+ { name, getBundle().getLocation() } );
+
+ }
+ }
+ else if ( configurationManager.isLogEnabled( LogService.LOG_DEBUG ) )
+ {
+ configurationManager.log( LogService.LOG_DEBUG,
+ "No SecurityManager installed; grant CONFIGURE permission on configuration bound to {0} to bundle {1}",
+ new Object[]
+ { name, getBundle().getLocation() } );
}
}
diff --git a/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationManager.java b/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationManager.java
index 83ee386..c9039b2 100644
--- a/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationManager.java
+++ b/configadmin/src/main/java/org/apache/felix/cm/impl/ConfigurationManager.java
@@ -434,6 +434,8 @@
ConfigurationImpl config = getCachedConfiguration( pid );
if ( config != null )
{
+ log( LogService.LOG_DEBUG, "Found cached configuration {0} bound to {1}", new Object[]
+ { pid, config.getBundleLocation() } );
return config;
}
@@ -444,6 +446,8 @@
{
Dictionary props = pmList[i].load( pid );
config = new ConfigurationImpl( this, pmList[i], props );
+ log( LogService.LOG_DEBUG, "Found existing configuration {0} bound to {1}", new Object[]
+ { pid, config.getBundleLocation() } );
return cacheConfiguration( config );
}
}
@@ -504,7 +508,7 @@
{
log(
LogService.LOG_DEBUG,
- "Omitting configuration {0}: No permission for {1} on {2}",
+ "Omitting configuration {0}: No permission for bundle {1} on configuration bound to {2}",
new Object[]
{ config.get( Constants.SERVICE_PID ), configurationAdmin.getBundle().getLocation(),
config.get( ConfigurationAdmin.SERVICE_BUNDLELOCATION ) } );