ONOS-1993 Implement API-level permission checking + security util code location replacement
Change-Id: I7bf20eda9c12ed2a44334504333b093057764cd2
diff --git a/core/api/src/main/java/org/onosproject/net/packet/DefaultPacketContext.java b/core/api/src/main/java/org/onosproject/net/packet/DefaultPacketContext.java
index ffea2d8..b227b92 100644
--- a/core/api/src/main/java/org/onosproject/net/packet/DefaultPacketContext.java
+++ b/core/api/src/main/java/org/onosproject/net/packet/DefaultPacketContext.java
@@ -15,12 +15,16 @@
*/
package org.onosproject.net.packet;
+import org.onosproject.core.Permission;
import org.onosproject.net.flow.DefaultTrafficTreatment;
import org.onosproject.net.flow.TrafficTreatment;
import org.onosproject.net.flow.TrafficTreatment.Builder;
import java.util.concurrent.atomic.AtomicBoolean;
+import static org.onosproject.security.AppGuard.checkPermission;
+
+
/**
* Default implementation of a packet context.
*/
@@ -53,21 +57,29 @@
@Override
public long time() {
+ checkPermission(Permission.PACKET_READ);
+
return time;
}
@Override
public InboundPacket inPacket() {
+ checkPermission(Permission.PACKET_READ);
+
return inPkt;
}
@Override
public OutboundPacket outPacket() {
+ checkPermission(Permission.PACKET_READ);
+
return outPkt;
}
@Override
public Builder treatmentBuilder() {
+ checkPermission(Permission.PACKET_READ);
+
return builder;
}
@@ -76,11 +88,15 @@
@Override
public boolean block() {
+ checkPermission(Permission.PACKET_WRITE);
+
return this.block.getAndSet(true);
}
@Override
public boolean isHandled() {
+ checkPermission(Permission.PACKET_READ);
+
return this.block.get();
}
-}
+}
\ No newline at end of file