1 /* |
|
2 * CDDL HEADER START |
|
3 * |
|
4 * The contents of this file are subject to the terms of the |
|
5 * Common Development and Distribution License (the "License"). |
|
6 * You may not use this file except in compliance with the License. |
|
7 * |
|
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
|
9 * or http://www.opensolaris.org/os/licensing. |
|
10 * See the License for the specific language governing permissions |
|
11 * and limitations under the License. |
|
12 * |
|
13 * When distributing Covered Code, include this CDDL HEADER in each |
|
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
|
15 * If applicable, add the following below this CDDL HEADER, with the |
|
16 * fields enclosed by brackets "[]" replaced with your own identifying |
|
17 * information: Portions Copyright [yyyy] [name of copyright owner] |
|
18 * |
|
19 * CDDL HEADER END |
|
20 */ |
|
21 |
|
22 /* |
|
23 * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved. |
|
24 */ |
|
25 |
|
26 package com.oracle.solaris.vp.panels.firewall.client.swing; |
|
27 |
|
28 import java.util.*; |
|
29 import com.oracle.solaris.vp.panel.common.smf.*; |
|
30 import com.oracle.solaris.scf.common.ScfException; |
|
31 import com.oracle.solaris.vp.panels.firewall.client.swing.AccessPolicy.Type; |
|
32 import com.oracle.solaris.vp.panels.firewall.client.swing.AccessPolicy.Type; |
|
33 |
|
34 public class SimpleAccessPolicy implements AccessPolicy { |
|
35 |
|
36 |
|
37 // Firewall policy is stored in SMF property groups |
|
38 // firewall_config stores active policy |
|
39 // firewall_context stores static firewall information. |
|
40 // |
|
41 // The following sets of strings are |
|
42 // - firewall_config pg and its properties |
|
43 // - possible policy values |
|
44 // |
|
45 // Note that policy configuration only modifies properties in |
|
46 // firewall_config property group. |
|
47 // |
|
48 public static final String FW_CONFIG_PG = "firewall_config"; |
|
49 public static final String POLICY_PROP = "policy"; |
|
50 public static final String APPLY_TO_PROP = "apply_to"; |
|
51 public static final String EXCEPTIONS_PROP = "exceptions"; |
|
52 public static final String CUSTOM_FILE_PROP = "custom_policy_file"; |
|
53 public static final String OPEN_PORT_PROP = "open_ports"; |
|
54 |
|
55 // |
|
56 // Instance data |
|
57 // |
|
58 |
|
59 private Type type_; |
|
60 private String customFile_; |
|
61 |
|
62 private List<String> aList_ = new ArrayList<String>(); |
|
63 private List<String> roAList_ = Collections.unmodifiableList(aList_); |
|
64 |
|
65 private List<String> eList_ = new ArrayList<String>(); |
|
66 private List<String> roEList_ = Collections.unmodifiableList(eList_); |
|
67 |
|
68 private List<String> pList_ = new ArrayList<String>(); |
|
69 private List<String> roPList_ = Collections.unmodifiableList(pList_); |
|
70 |
|
71 private SimpleSmfPropertyGroupInfo pgInfo_; |
|
72 private BasicSmfMutableProperty<String> policy_; |
|
73 private BasicSmfMutableProperty<String> apply_; |
|
74 private BasicSmfMutableProperty<String> exceptions_; |
|
75 private BasicSmfMutableProperty<String> ports_; |
|
76 private BasicSmfMutableProperty<String> file_; |
|
77 |
|
78 // |
|
79 // Constructors |
|
80 // |
|
81 |
|
82 public SimpleAccessPolicy(Type type, String customFile, |
|
83 List<String> aList, List<String> eList, List<String> portList) { |
|
84 init(type, customFile, aList, eList, portList); |
|
85 } |
|
86 |
|
87 public SimpleAccessPolicy(Type type) { |
|
88 this(type, null, null, null, null); |
|
89 } |
|
90 |
|
91 public SimpleAccessPolicy(Type type, List<String> pList) { |
|
92 this(type, null, null, null, pList); |
|
93 } |
|
94 |
|
95 public SimpleAccessPolicy(Type type, List<String> aList, |
|
96 List<String> eList) { |
|
97 this(type, null, aList, eList, null); |
|
98 } |
|
99 |
|
100 public SimpleAccessPolicy(Type type, String customFile, |
|
101 List<String> aList, List<String> eList) { |
|
102 this(type, customFile, aList, eList, null); |
|
103 } |
|
104 |
|
105 public SimpleAccessPolicy(SimpleSmfPropertyGroupInfo pgInfo) |
|
106 throws ScfException { |
|
107 |
|
108 setPgInfo(pgInfo); |
|
109 initFromRepo(); |
|
110 } |
|
111 |
|
112 // |
|
113 // AccessPolicy methods |
|
114 // |
|
115 |
|
116 public List<String> getApplyToList() { |
|
117 return roAList_; |
|
118 } |
|
119 |
|
120 public List<String> getExceptionsList() { |
|
121 return roEList_; |
|
122 } |
|
123 |
|
124 public List<String> getOpenPortList() { |
|
125 return roPList_; |
|
126 } |
|
127 |
|
128 public String getCustomFile() { |
|
129 return customFile_; |
|
130 } |
|
131 |
|
132 public Type getType() { |
|
133 return type_; |
|
134 } |
|
135 |
|
136 // |
|
137 // SimpleAccessPolicy methods |
|
138 // |
|
139 |
|
140 public void setType(Type type) { |
|
141 type_ = type; |
|
142 } |
|
143 |
|
144 public void setPortList(List<String> portList) { |
|
145 pList_.clear(); |
|
146 pList_.addAll(portList); |
|
147 } |
|
148 |
|
149 public List<String> getSavedApplyToList() { |
|
150 return (pgInfo_ == null ? null : |
|
151 AccessPolicyUtil.cleanList(apply_.getSavedValue())); |
|
152 } |
|
153 |
|
154 public List<String> getSavedExceptionsList() { |
|
155 return (pgInfo_ == null ? null : |
|
156 AccessPolicyUtil.cleanList(exceptions_.getSavedValue())); |
|
157 } |
|
158 |
|
159 public List<String> getSavedOpenPortList() { |
|
160 return (pgInfo_ == null ? null : |
|
161 AccessPolicyUtil.cleanList(ports_.getSavedValue())); |
|
162 } |
|
163 |
|
164 public String getSavedCustomFile() { |
|
165 return (pgInfo_ == null ? null : file_.getFirstSavedValue()); |
|
166 } |
|
167 |
|
168 public Type getSavedType() { |
|
169 return (pgInfo_ == null ? null : |
|
170 AccessPolicyUtil.toType(policy_.getFirstSavedValue())); |
|
171 } |
|
172 |
|
173 public void setPgInfo(SimpleSmfPropertyGroupInfo pgInfo) { |
|
174 pgInfo_ = pgInfo; |
|
175 |
|
176 try { |
|
177 policy_ = new StringSmfProperty(POLICY_PROP, |
|
178 new SimpleSmfPropertyInfo(pgInfo_.getService(), |
|
179 pgInfo_.getPropertyGroupName(), POLICY_PROP)); |
|
180 |
|
181 apply_ = new StringSmfProperty(APPLY_TO_PROP, |
|
182 new SimpleSmfPropertyInfo(pgInfo_.getService(), |
|
183 pgInfo_.getPropertyGroupName(), APPLY_TO_PROP)); |
|
184 |
|
185 exceptions_ = new StringSmfProperty(EXCEPTIONS_PROP, |
|
186 new SimpleSmfPropertyInfo(pgInfo_.getService(), |
|
187 pgInfo_.getPropertyGroupName(), EXCEPTIONS_PROP)); |
|
188 |
|
189 ports_ = new StringSmfProperty(OPEN_PORT_PROP, |
|
190 new SimpleSmfPropertyInfo(pgInfo_.getService(), |
|
191 pgInfo_.getPropertyGroupName(), OPEN_PORT_PROP)); |
|
192 |
|
193 file_ = new StringSmfProperty(CUSTOM_FILE_PROP, |
|
194 new SimpleSmfPropertyInfo(pgInfo_.getService(), |
|
195 pgInfo_.getPropertyGroupName(), CUSTOM_FILE_PROP)); |
|
196 } catch (ScfException e) {} |
|
197 } |
|
198 |
|
199 public void setRepoValue() throws ScfException { |
|
200 if (pgInfo_ == null) |
|
201 return; |
|
202 |
|
203 AggregatedRefreshService service = |
|
204 (AggregatedRefreshService) pgInfo_.getService(); |
|
205 |
|
206 ScfRunnable r = new ScfRunnable() { |
|
207 @Override |
|
208 public void run() throws ScfException { |
|
209 policy_.setFirstValue(AccessPolicyUtil.toPropValue(type_)); |
|
210 policy_.saveToRepo(); |
|
211 |
|
212 List<String> list; |
|
213 switch (type_) { |
|
214 case CUSTOM: |
|
215 file_.setFirstValue(customFile_); |
|
216 file_.saveToRepo(); |
|
217 break; |
|
218 |
|
219 case ALLOW: |
|
220 case DENY: |
|
221 if (apply_.getExistsInRepo()) { |
|
222 if (roAList_.size() > 0) { |
|
223 apply_.setValue(new ArrayList<String>(roAList_)); |
|
224 } else { |
|
225 apply_.setFirstValue(""); |
|
226 } |
|
227 |
|
228 apply_.saveToRepo(); |
|
229 } |
|
230 |
|
231 if (exceptions_.getExistsInRepo()) { |
|
232 if (roEList_.size() > 0) { |
|
233 exceptions_.setValue( |
|
234 new ArrayList<String>(roEList_)); |
|
235 } else { |
|
236 exceptions_.setFirstValue(""); |
|
237 } |
|
238 |
|
239 exceptions_.saveToRepo(); |
|
240 } |
|
241 break; |
|
242 |
|
243 case USE_GLOBAL: |
|
244 case NONE: |
|
245 default: |
|
246 break; |
|
247 } |
|
248 |
|
249 // |
|
250 // Commit changes for open port list |
|
251 // |
|
252 if (ports_.getExistsInRepo()) { |
|
253 if (roPList_.size() > 0) { |
|
254 ports_.setValue(new ArrayList<String>(roPList_)); |
|
255 } else { |
|
256 ports_.setFirstValue(""); |
|
257 } |
|
258 |
|
259 ports_.saveToRepo(); |
|
260 } |
|
261 } |
|
262 }; // End of runnable |
|
263 |
|
264 synchronized (service) { |
|
265 boolean needLock = !service.isPaused(); |
|
266 if (needLock) { |
|
267 service.pause(); |
|
268 } |
|
269 |
|
270 boolean success = false; |
|
271 try { |
|
272 // Throws ScfException |
|
273 r.run(); |
|
274 success = true; |
|
275 } finally { |
|
276 if (needLock) { |
|
277 if (success) { |
|
278 // Throws ScfException |
|
279 service.unpause(); |
|
280 } else { |
|
281 // Unlock, refresh if needed, ignore any exceptions |
|
282 // since we are already in the midst of throwing one |
|
283 try { |
|
284 service.unpause(); |
|
285 } catch (Throwable ignore) { |
|
286 } |
|
287 } |
|
288 } |
|
289 } |
|
290 } |
|
291 } |
|
292 |
|
293 public void initFromRepo() throws ScfException { |
|
294 Type type; |
|
295 List<String> aList = null; |
|
296 List<String> eList = null; |
|
297 List<String> pList = null; |
|
298 String cFile = null; |
|
299 |
|
300 policy_.updateFromRepo(true); |
|
301 apply_.updateFromRepo(true); |
|
302 exceptions_.updateFromRepo(true); |
|
303 |
|
304 type = AccessPolicyUtil.toType(policy_.getFirstSavedValue()); |
|
305 aList = AccessPolicyUtil.cleanList(apply_.getSavedValue()); |
|
306 eList = AccessPolicyUtil.cleanList(exceptions_.getSavedValue()); |
|
307 |
|
308 if (ports_.getExistsInRepo()) { |
|
309 ports_.updateFromRepo(true); |
|
310 pList = AccessPolicyUtil.cleanList(ports_.getSavedValue()); |
|
311 } |
|
312 |
|
313 if (file_.getExistsInRepo()) { |
|
314 file_.updateFromRepo(true); |
|
315 cFile = file_.getFirstSavedValue(); |
|
316 } |
|
317 |
|
318 init(type, cFile, aList, eList, pList); |
|
319 } |
|
320 |
|
321 public void update(Type type, String customFile, |
|
322 List<String> aList, List<String> eList, List<String> pList) { |
|
323 init(type, customFile, aList, eList, pList); |
|
324 } |
|
325 |
|
326 // |
|
327 // Private methods |
|
328 // |
|
329 |
|
330 private void init(Type type, String customFile, |
|
331 List<String> aList, List<String> eList, List<String> portList) { |
|
332 |
|
333 type_ = type; |
|
334 customFile_ = customFile; |
|
335 |
|
336 if (aList != null) { |
|
337 aList_.clear(); |
|
338 aList_.addAll(aList); |
|
339 } |
|
340 |
|
341 if (eList != null) { |
|
342 eList_.clear(); |
|
343 eList_.addAll(eList); |
|
344 } |
|
345 |
|
346 if (portList != null) { |
|
347 pList_.clear(); |
|
348 pList_.addAll(portList); |
|
349 } |
|
350 } |
|
351 } |
|