More APIs permission for new ONOS APIs
Change-Id: I43fee65254adca451f77431bfbf5accdf95b81ab
diff --git a/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/ClusterCommunicationManager.java b/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/ClusterCommunicationManager.java
index 1d962d0..6ce41b3 100644
--- a/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/ClusterCommunicationManager.java
+++ b/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/ClusterCommunicationManager.java
@@ -50,6 +50,8 @@
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Preconditions.checkNotNull;
+import static org.onosproject.security.AppGuard.checkPermission;
+import static org.onosproject.security.AppPermission.Type.CLUSTER_WRITE;
@Component(immediate = true)
@Service
@@ -94,6 +96,7 @@
public <M> void broadcast(M message,
MessageSubject subject,
Function<M, byte[]> encoder) {
+ checkPermission(CLUSTER_WRITE);
multicast(message,
subject,
encoder,
@@ -108,6 +111,7 @@
public <M> void broadcastIncludeSelf(M message,
MessageSubject subject,
Function<M, byte[]> encoder) {
+ checkPermission(CLUSTER_WRITE);
multicast(message,
subject,
encoder,
@@ -122,6 +126,7 @@
MessageSubject subject,
Function<M, byte[]> encoder,
NodeId toNodeId) {
+ checkPermission(CLUSTER_WRITE);
try {
byte[] payload = new ClusterMessage(
localNodeId,
@@ -139,6 +144,7 @@
MessageSubject subject,
Function<M, byte[]> encoder,
Set<NodeId> nodes) {
+ checkPermission(CLUSTER_WRITE);
byte[] payload = new ClusterMessage(
localNodeId,
subject,
@@ -153,6 +159,7 @@
Function<M, byte[]> encoder,
Function<byte[], R> decoder,
NodeId toNodeId) {
+ checkPermission(CLUSTER_WRITE);
try {
ClusterMessage envelope = new ClusterMessage(
clusterService.getLocalNode().id(),
@@ -193,6 +200,7 @@
public void addSubscriber(MessageSubject subject,
ClusterMessageHandler subscriber,
ExecutorService executor) {
+ checkPermission(CLUSTER_WRITE);
messagingService.registerHandler(subject.value(),
new InternalClusterMessageHandler(subscriber),
executor);
@@ -200,6 +208,7 @@
@Override
public void removeSubscriber(MessageSubject subject) {
+ checkPermission(CLUSTER_WRITE);
messagingService.unregisterHandler(subject.value());
}
@@ -209,6 +218,7 @@
Function<M, R> handler,
Function<R, byte[]> encoder,
Executor executor) {
+ checkPermission(CLUSTER_WRITE);
messagingService.registerHandler(subject.value(),
new InternalMessageResponder<M, R>(decoder, encoder, m -> {
CompletableFuture<R> responseFuture = new CompletableFuture<>();
@@ -228,6 +238,7 @@
Function<byte[], M> decoder,
Function<M, CompletableFuture<R>> handler,
Function<R, byte[]> encoder) {
+ checkPermission(CLUSTER_WRITE);
messagingService.registerHandler(subject.value(),
new InternalMessageResponder<>(decoder, encoder, handler));
}
@@ -237,6 +248,7 @@
Function<byte[], M> decoder,
Consumer<M> handler,
Executor executor) {
+ checkPermission(CLUSTER_WRITE);
messagingService.registerHandler(subject.value(),
new InternalMessageConsumer<>(decoder, handler),
executor);
diff --git a/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/NettyMessagingManager.java b/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/NettyMessagingManager.java
index 2f883e1..53611f3 100644
--- a/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/NettyMessagingManager.java
+++ b/core/store/dist/src/main/java/org/onosproject/store/cluster/messaging/impl/NettyMessagingManager.java
@@ -82,6 +82,9 @@
import java.util.function.BiFunction;
import java.util.function.Consumer;
+import static org.onosproject.security.AppGuard.checkPermission;
+import static org.onosproject.security.AppPermission.Type.CLUSTER_WRITE;
+
/**
* Netty based MessagingService.
*/
@@ -213,6 +216,7 @@
@Override
public CompletableFuture<Void> sendAsync(Endpoint ep, String type, byte[] payload) {
+ checkPermission(CLUSTER_WRITE);
InternalMessage message = new InternalMessage(messageIdGenerator.incrementAndGet(),
localEp,
type,
@@ -221,6 +225,7 @@
}
protected CompletableFuture<Void> sendAsync(Endpoint ep, InternalMessage message) {
+ checkPermission(CLUSTER_WRITE);
if (ep.equals(localEp)) {
try {
dispatchLocally(message);
@@ -247,11 +252,13 @@
@Override
public CompletableFuture<byte[]> sendAndReceive(Endpoint ep, String type, byte[] payload) {
+ checkPermission(CLUSTER_WRITE);
return sendAndReceive(ep, type, payload, MoreExecutors.directExecutor());
}
@Override
public CompletableFuture<byte[]> sendAndReceive(Endpoint ep, String type, byte[] payload, Executor executor) {
+ checkPermission(CLUSTER_WRITE);
CompletableFuture<byte[]> response = new CompletableFuture<>();
Callback callback = new Callback(response, executor);
Long messageId = messageIdGenerator.incrementAndGet();
@@ -266,11 +273,13 @@
@Override
public void registerHandler(String type, BiConsumer<Endpoint, byte[]> handler, Executor executor) {
+ checkPermission(CLUSTER_WRITE);
handlers.put(type, message -> executor.execute(() -> handler.accept(message.sender(), message.payload())));
}
@Override
public void registerHandler(String type, BiFunction<Endpoint, byte[], byte[]> handler, Executor executor) {
+ checkPermission(CLUSTER_WRITE);
handlers.put(type, message -> executor.execute(() -> {
byte[] responsePayload = null;
Status status = Status.OK;
@@ -285,6 +294,7 @@
@Override
public void registerHandler(String type, BiFunction<Endpoint, byte[], CompletableFuture<byte[]>> handler) {
+ checkPermission(CLUSTER_WRITE);
handlers.put(type, message -> {
handler.apply(message.sender(), message.payload()).whenComplete((result, error) -> {
Status status = error == null ? Status.OK : Status.ERROR_HANDLER_EXCEPTION;
@@ -295,6 +305,7 @@
@Override
public void unregisterHandler(String type) {
+ checkPermission(CLUSTER_WRITE);
handlers.remove(type);
}
diff --git a/core/store/dist/src/main/java/org/onosproject/store/core/impl/LogicalClockManager.java b/core/store/dist/src/main/java/org/onosproject/store/core/impl/LogicalClockManager.java
index 4b2f780..c094425 100644
--- a/core/store/dist/src/main/java/org/onosproject/store/core/impl/LogicalClockManager.java
+++ b/core/store/dist/src/main/java/org/onosproject/store/core/impl/LogicalClockManager.java
@@ -30,6 +30,9 @@
import org.onosproject.store.service.StorageService;
import org.slf4j.Logger;
+import static org.onosproject.security.AppGuard.checkPermission;
+import static org.onosproject.security.AppPermission.Type.CLOCK_WRITE;
+
/**
* LogicalClockService implementation based on a AtomicCounter.
*/
@@ -62,6 +65,7 @@
@Override
public Timestamp getTimestamp() {
+ checkPermission(CLOCK_WRITE);
return new LogicalTimestamp(atomicCounter.incrementAndGet());
}
}
\ No newline at end of file