27 import java.io.File; |
27 import java.io.File; |
28 import java.io.FileInputStream; |
28 import java.io.FileInputStream; |
29 import java.io.FileNotFoundException; |
29 import java.io.FileNotFoundException; |
30 import java.io.IOException; |
30 import java.io.IOException; |
31 import java.io.InputStream; |
31 import java.io.InputStream; |
|
32 import java.net.URL; |
32 import java.security.AccessController; |
33 import java.security.AccessController; |
|
34 import java.security.CodeSource; |
33 import java.security.PrivilegedAction; |
35 import java.security.PrivilegedAction; |
34 import java.security.PrivilegedActionException; |
36 import java.security.PrivilegedActionException; |
35 import java.security.PrivilegedExceptionAction; |
37 import java.security.PrivilegedExceptionAction; |
36 import java.text.MessageFormat; |
38 import java.text.MessageFormat; |
37 import java.util.Locale; |
39 import java.util.Locale; |
218 public static boolean isFileExists(final File f) { |
220 public static boolean isFileExists(final File f) { |
219 return (AccessController.doPrivileged((PrivilegedAction<Boolean>) () |
221 return (AccessController.doPrivileged((PrivilegedAction<Boolean>) () |
220 -> f.exists())); |
222 -> f.exists())); |
221 } |
223 } |
222 |
224 |
|
225 /** |
|
226 * Creates and returns a new FileInputStream from a file. |
|
227 * @param file the specified file |
|
228 * @return the FileInputStream |
|
229 * @throws FileNotFoundException if the file is not found |
|
230 */ |
223 public static FileInputStream getFileInputStream(final File file) |
231 public static FileInputStream getFileInputStream(final File file) |
224 throws FileNotFoundException { |
232 throws FileNotFoundException { |
225 try { |
233 try { |
226 return AccessController.doPrivileged((PrivilegedExceptionAction<FileInputStream>) () |
234 return AccessController.doPrivileged((PrivilegedExceptionAction<FileInputStream>) () |
227 -> new FileInputStream(file)); |
235 -> new FileInputStream(file)); |
228 } catch (PrivilegedActionException e) { |
236 } catch (PrivilegedActionException e) { |
229 throw (FileNotFoundException) e.getException(); |
237 throw (FileNotFoundException) e.getException(); |
230 } |
238 } |
|
239 } |
|
240 |
|
241 /** |
|
242 * Returns the resource as a stream. |
|
243 * @param name the resource name |
|
244 * @return the resource stream |
|
245 */ |
|
246 public static InputStream getResourceAsStream(final String name) { |
|
247 return AccessController.doPrivileged((PrivilegedAction<InputStream>) () -> |
|
248 SecuritySupport.class.getResourceAsStream("/"+name)); |
231 } |
249 } |
232 |
250 |
233 /** |
251 /** |
234 * Gets a resource bundle using the specified base name, the default locale, and the caller's class loader. |
252 * Gets a resource bundle using the specified base name, the default locale, and the caller's class loader. |
235 * @param bundle the base name of the resource bundle, a fully qualified class name |
253 * @param bundle the base name of the resource bundle, a fully qualified class name |
257 "Could not load any resource bundle by " + bundle, bundle, ""); |
275 "Could not load any resource bundle by " + bundle, bundle, ""); |
258 } |
276 } |
259 } |
277 } |
260 }); |
278 }); |
261 } |
279 } |
|
280 |
|
281 /** |
|
282 * Checks whether the file exists. |
|
283 * @param f the specified file |
|
284 * @return true if the file exists, false otherwise |
|
285 */ |
|
286 public static boolean doesFileExist(final File f) { |
|
287 return (AccessController.doPrivileged((PrivilegedAction<Boolean>) () -> f.exists())); |
|
288 } |
|
289 |
|
290 /** |
|
291 * Checks the LastModified attribute of a file. |
|
292 * @param f the specified file |
|
293 * @return the LastModified attribute |
|
294 */ |
|
295 static long getLastModified(final File f) { |
|
296 return (AccessController.doPrivileged((PrivilegedAction<Long>) () -> f.lastModified())); |
|
297 } |
|
298 |
|
299 /** |
|
300 * Strip off path from an URI |
|
301 * |
|
302 * @param uri an URI with full path |
|
303 * @return the file name only |
|
304 */ |
|
305 public static String sanitizePath(String uri) { |
|
306 if (uri == null) { |
|
307 return ""; |
|
308 } |
|
309 int i = uri.lastIndexOf("/"); |
|
310 if (i > 0) { |
|
311 return uri.substring(i+1, uri.length()); |
|
312 } |
|
313 return ""; |
|
314 } |
|
315 |
|
316 /** |
|
317 * Check the protocol used in the systemId against allowed protocols |
|
318 * |
|
319 * @param systemId the Id of the URI |
|
320 * @param allowedProtocols a list of allowed protocols separated by comma |
|
321 * @param accessAny keyword to indicate allowing any protocol |
|
322 * @return the name of the protocol if rejected, null otherwise |
|
323 */ |
|
324 public static String checkAccess(String systemId, String allowedProtocols, |
|
325 String accessAny) throws IOException { |
|
326 if (systemId == null || (allowedProtocols != null && |
|
327 allowedProtocols.equalsIgnoreCase(accessAny))) { |
|
328 return null; |
|
329 } |
|
330 |
|
331 String protocol; |
|
332 if (!systemId.contains(":")) { |
|
333 protocol = "file"; |
|
334 } else { |
|
335 URL url = new URL(systemId); |
|
336 protocol = url.getProtocol(); |
|
337 if (protocol.equalsIgnoreCase("jar")) { |
|
338 String path = url.getPath(); |
|
339 protocol = path.substring(0, path.indexOf(":")); |
|
340 } else if (protocol.equalsIgnoreCase("jrt")) { |
|
341 // if the systemId is "jrt" then allow access if "file" allowed |
|
342 protocol = "file"; |
|
343 } |
|
344 } |
|
345 |
|
346 if (isProtocolAllowed(protocol, allowedProtocols)) { |
|
347 //access allowed |
|
348 return null; |
|
349 } else { |
|
350 return protocol; |
|
351 } |
|
352 } |
|
353 |
|
354 /** |
|
355 * Check if the protocol is in the allowed list of protocols. The check |
|
356 * is case-insensitive while ignoring whitespaces. |
|
357 * |
|
358 * @param protocol a protocol |
|
359 * @param allowedProtocols a list of allowed protocols |
|
360 * @return true if the protocol is in the list |
|
361 */ |
|
362 private static boolean isProtocolAllowed(String protocol, String allowedProtocols) { |
|
363 if (allowedProtocols == null) { |
|
364 return false; |
|
365 } |
|
366 String temp[] = allowedProtocols.split(","); |
|
367 for (String t : temp) { |
|
368 t = t.trim(); |
|
369 if (t.equalsIgnoreCase(protocol)) { |
|
370 return true; |
|
371 } |
|
372 } |
|
373 return false; |
|
374 } |
|
375 |
|
376 public static ClassLoader getContextClassLoader() { |
|
377 return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> { |
|
378 ClassLoader cl = Thread.currentThread().getContextClassLoader(); |
|
379 if (cl == null) |
|
380 cl = ClassLoader.getSystemClassLoader(); |
|
381 return cl; |
|
382 }); |
|
383 } |
|
384 |
|
385 |
|
386 public static ClassLoader getSystemClassLoader() { |
|
387 return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> { |
|
388 ClassLoader cl = null; |
|
389 try { |
|
390 cl = ClassLoader.getSystemClassLoader(); |
|
391 } catch (SecurityException ex) { |
|
392 } |
|
393 return cl; |
|
394 }); |
|
395 } |
|
396 |
|
397 public static ClassLoader getParentClassLoader(final ClassLoader cl) { |
|
398 return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> { |
|
399 ClassLoader parent = null; |
|
400 try { |
|
401 parent = cl.getParent(); |
|
402 } catch (SecurityException ex) { |
|
403 } |
|
404 |
|
405 // eliminate loops in case of the boot |
|
406 // ClassLoader returning itself as a parent |
|
407 return (parent == cl) ? null : parent; |
|
408 }); |
|
409 } |
|
410 |
|
411 |
|
412 // Used for debugging purposes |
|
413 public static String getClassSource(Class<?> cls) { |
|
414 return AccessController.doPrivileged((PrivilegedAction<String>) () -> { |
|
415 CodeSource cs = cls.getProtectionDomain().getCodeSource(); |
|
416 if (cs != null) { |
|
417 URL loc = cs.getLocation(); |
|
418 return loc != null ? loc.toString() : "(no location)"; |
|
419 } else { |
|
420 return "(no code source)"; |
|
421 } |
|
422 }); |
|
423 } |
|
424 |
|
425 // ---------------- For SAX ---------------------- |
|
426 /** |
|
427 * Returns the current thread's context class loader, or the system class loader |
|
428 * if the context class loader is null. |
|
429 * @return the current thread's context class loader, or the system class loader |
|
430 * @throws SecurityException |
|
431 */ |
|
432 public static ClassLoader getClassLoader() throws SecurityException{ |
|
433 return AccessController.doPrivileged((PrivilegedAction<ClassLoader>)() -> { |
|
434 ClassLoader cl = Thread.currentThread().getContextClassLoader(); |
|
435 if (cl == null) { |
|
436 cl = ClassLoader.getSystemClassLoader(); |
|
437 } |
|
438 |
|
439 return cl; |
|
440 }); |
|
441 } |
|
442 |
|
443 public static InputStream getResourceAsStream(final ClassLoader cl, final String name) |
|
444 { |
|
445 return AccessController.doPrivileged((PrivilegedAction<InputStream>) () -> { |
|
446 InputStream ris; |
|
447 if (cl == null) { |
|
448 ris = SecuritySupport.class.getResourceAsStream(name); |
|
449 } else { |
|
450 ris = cl.getResourceAsStream(name); |
|
451 } |
|
452 return ris; |
|
453 }); |
|
454 } |
262 } |
455 } |