db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rhille...@apache.org
Subject svn commit: r1625960 [3/3] - in /db/derby/code/trunk/java: drda/org/apache/derby/drda/ engine/org/apache/derby/catalog/ engine/org/apache/derby/diag/ engine/org/apache/derby/iapi/security/ engine/org/apache/derby/iapi/services/context/ engine/org/apach...
Date Thu, 18 Sep 2014 12:29:27 GMT
Added: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/no_derby_internals.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/no_derby_internals.policy?rev=1625960&view=auto
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/no_derby_internals.policy (added)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/no_derby_internals.policy Thu Sep 18 12:29:24 2014
@@ -0,0 +1,470 @@
+//
+// *  Derby - Class org.apache.derbyTesting.functionTests.util.no_derby_internals.policy
+// *  
+// * Licensed to the Apache Software Foundation (ASF) under one
+// * or more contributor license agreements.  See the NOTICE file
+// * distributed with this work for additional information
+// * regarding copyright ownership.  The ASF licenses this file
+// * to you under the Apache License, Version 2.0 (the
+// * "License"); you may not use this file except in compliance
+// * with the License.  You may obtain a copy of the License at
+// *
+// *   http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing,
+// * software distributed under the License is distributed on an
+// * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// * KIND, either express or implied.  See the License for the
+// * specific language governing permissions and limitations
+// * under the License.
+// *
+
+//
+// Policy file which does not grant the testing jar the userderbyinternals system permission.
+//
+// The test harness sets up four variables used by this policy file
+//
+// derbyTesting.codejar - URL to the jar files when they are in the classpath
+// derbyTesting.codeclasses - URL to the classes directory when it is in the classpath
+//
+// Only one of derbyTesting.codejar and derbyTesting.codeclasses will be valid, the
+// other will be set to a bogus URL like file://unused
+//
+// derbyTesting.codedir - File location of either derbyTesting.codejar or derbyTesting.codeclasses.
+// Only required due to a BUG (see below for more info).
+//
+// derbyTesting.jaxpjar - URL to the jar file containing the JAXP implementation
+//     for XML-based tests (ex. lang/XMLBindingTest.java).
+//
+// derbyTesting.serverhost - Host name or ip where network server is started 
+// derbyTesting.clienthost - specifies the clients ip address/hostName. 
+//     when testing with networkserver on a remote host, this needs to be passed in 
+//     with the NetworkServerControl start command
+
+//
+// Permissions for the embedded engine (derby.jar)
+//
+grant codeBase "${derbyTesting.codejar}derby.jar" {
+  permission java.util.PropertyPermission "derby.*", "read";
+  permission java.util.PropertyPermission "derby.storage.jvmInstanceId", 
+      "write"; 
+  // The next two properties are used to determine if the VM is 32 or 64 bit.
+  permission java.util.PropertyPermission "sun.arch.data.model", "read";
+  permission java.util.PropertyPermission "os.arch", "read";
+  permission java.util.PropertyPermission "java.class.path", "read";//sysinfo
+  permission java.util.PropertyPermission "java.runtime.version", "read";//sysinfo
+  permission java.util.PropertyPermission "java.fullversion", "read";//sysinfo
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
+  
+  // unit tests (e.g. store/T_RecoverFullLog) set this property 
+  // (called from derbyTesting.jar through code in derby.jar)
+  permission java.util.PropertyPermission "derbyTesting.unittest.*", "write";
+
+  permission java.lang.RuntimePermission "createClassLoader";
+
+  // getProtectionDomain is an optional permission needed for printing classpath
+  // information to derby.log
+  permission java.lang.RuntimePermission "getProtectionDomain";
+
+  // permissions so that we can set the context class loader to
+  // null for daemon threads to avoid class loader leak.
+  // DERBY-3745
+  permission java.lang.RuntimePermission "getClassLoader";
+  permission java.lang.RuntimePermission "setContextClassLoader";
+
+  permission java.security.SecurityPermission "getPolicy";
+  
+  permission java.io.FilePermission "${derby.system.home}${/}derby.properties", "read";
+  permission java.io.FilePermission "${derby.system.home}${/}derby.log", "read, write, delete";
+  // [DERBY-2000] The write permission was added to allow creation of the
+  // derby.system.home directory when running tests under a security manager.
+  permission java.io.FilePermission "${derby.system.home}", "read, write";
+  
+  // all databases under derby.system.home 
+  permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete";
+
+  // Import/export and other support files from these locations in tests
+  permission java.io.FilePermission "${user.dir}${/}extin${/}-", "read";
+  permission java.io.FilePermission "${user.dir}${/}extinout${/}-", "read,  write, delete";
+  permission java.io.FilePermission "${user.dir}${/}extout${/}-", "read,write";
+  permission java.io.FilePermission "${user.dir}${/}extinout", "read,write";
+
+  // needed to create a temp file in order to open a database in a jar file
+  permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read,write,delete";
+  
+  // These permissions are needed to load the JCE for encryption with Sun and IBM JDK131.
+  // JDK14 has the JCE  preloaded
+  permission java.security.SecurityPermission "insertProvider.SunJCE";
+  permission java.security.SecurityPermission "insertProvider.IBMJCE";
+  
+//
+// Permissions needed for JMX based management and monitoring, which is only
+// available for JVMs supporting "platform management", that is J2SE 5.0 or better.
+//
+// Allows this code to create an MBeanServer:
+//
+  permission javax.management.MBeanServerPermission "createMBeanServer";
+//
+// Allows access to Derby's built-in MBeans, within the domain org.apache.derby.
+// Derby must be allowed to register and unregister these MBeans.
+// To fine tune this permission, see the javadoc of javax.management.MBeanPermission
+// or the JMX Instrumentation and Agent Specification.
+//
+  permission javax.management.MBeanPermission "org.apache.derby.*#[org.apache.derby:*]","registerMBean,unregisterMBean";
+//
+// Trusts Derby code to be a source of MBeans and to register these in the MBean server.
+//
+  permission javax.management.MBeanTrustPermission "register";
+
+  // Gives permission for jmx to be used against Derby but
+  // only if JMX authentication is not being used.
+  // In that case the application would need to create
+  // a whole set of fine-grained permissions to allow specific
+  // users access to MBeans and actions they perform.
+  permission org.apache.derby.security.SystemPermission "jmx", "control";
+  permission org.apache.derby.security.SystemPermission "engine", "monitor";
+  permission org.apache.derby.security.SystemPermission "server", "monitor";  
+ 
+  // These permissions are needed by AssertFailure to dump the thread stack
+  // traces upon failure.
+  permission java.lang.RuntimePermission "getStackTrace";
+  permission java.lang.RuntimePermission "modifyThreadGroup";
+
+  // Needed by FileUtil#limitAccessToOwner
+  permission java.lang.RuntimePermission "accessUserInformation";
+  permission java.lang.RuntimePermission "getFileStoreAttributes";
+
+  // This permission is needed to call the Connection.abort(Executor) method added by JDBC 4.1
+  permission java.sql.SQLPermission "callAbort";
+
+  // This permission is needed to call DriverManager.deregisterDriver()
+  // on Java SE 8 and later.
+  permission java.sql.SQLPermission "deregisterDriver";
+};
+
+//
+// Permissions for the network server (derbynet.jar)
+//
+grant codeBase "${derbyTesting.codejar}derbynet.jar" {
+  permission java.util.PropertyPermission "java.class.path", "read";//sysinfo
+  permission java.util.PropertyPermission "java.runtime.version", "read";//sysinfo
+  permission java.util.PropertyPermission "java.fullversion", "read";//sysinfo
+  permission java.util.PropertyPermission "derby.__serverStartedFromCmdLine", "write";
+  
+  // accept is needed for the server accepting connections
+  // connect is needed for ping command (which is in the server jar)
+  // listen is needed for the server listening on the network port
+  permission java.net.SocketPermission "127.0.0.1", "accept,connect";
+  permission java.net.SocketPermission "localhost", "accept,connect,listen";
+  permission java.net.SocketPermission "${derbyTesting.clienthost}", "accept,connect";
+  permission java.net.SocketPermission "${derbyTesting.serverhost}", "accept,connect";
+
+  // Need to be able to write to trace file for NetworkServerControlApiTest
+  permission java.io.FilePermission "${user.dir}${/}system${/}trace", "read,write";
+  permission java.io.FilePermission "${user.dir}${/}system${/}trace${/}-", "read,write";
+
+  // Need read/write to trace file for RestrictiveFilePermissionsTest
+  permission java.io.FilePermission "${user.dir}${/}system${/}RFPT_db_tracefiles_restr", "read,write";
+  permission java.io.FilePermission "${user.dir}${/}system${/}RFPT_db_tracefiles_lax", "read,write";
+  permission java.io.FilePermission "${user.dir}${/}system${/}RFPT_db_tracefiles_restr${/}-", "read,write";
+  permission java.io.FilePermission "${user.dir}${/}system${/}RFPT_db_tracefiles_lax${/}-", "read,write";
+
+    // Needed for NetworkServerMBean access (see JMX section above)
+  permission org.apache.derby.security.SystemPermission "server", "control,monitor";
+
+  // For NetworkServerControlApiTest:
+  // Needed by FileUtil#limitAccessToOwner
+  permission java.lang.RuntimePermission "accessUserInformation";
+  permission java.lang.RuntimePermission "getFileStoreAttributes";
+};
+
+//
+// Permissions for the network client (derbyclient.jar)
+//
+grant codeBase "${derbyTesting.clientjar}derbyclient.jar" {
+  permission java.net.SocketPermission "127.0.0.1", "connect,resolve";
+  permission java.net.SocketPermission "localhost", "connect,resolve";
+  permission java.net.SocketPermission "${derbyTesting.serverhost}", "connect,resolve";
+
+  // DERBY-1883: Since some classes that are included in both derby.jar and
+  // derbyclient.jar read properties, derbyclient.jar needs permission to read
+  // derby.* properties to avoid failures when it is listed before derby.jar in
+  // the classpath.
+  permission java.util.PropertyPermission "derby.*", "read";
+
+  // DERBY-2302: derbyclient.jar needs to be able to read the user.dir property in order to
+  // do tracing in that directory. Also, it needs read/write permissions in user.dir in order
+  // to create the trace files in that directory.
+  permission java.util.PropertyPermission "user.dir", "read";
+  permission java.io.FilePermission "${user.dir}${/}-", "read, write"; 
+  
+  // These permissions are needed by AssertFailure to dump the thread stack
+  // traces upon failure.
+  permission java.lang.RuntimePermission "getStackTrace";
+  permission java.lang.RuntimePermission "modifyThreadGroup";
+
+  // This permission is needed to call the Connection.abort(Executor) method added by JDBC 4.1
+  permission java.sql.SQLPermission "callAbort";
+  
+};
+
+//
+// Permissions for the tools (derbytools.jar)
+// Ideally this would be more secure, for now the
+// focus is on getting the engine & network server secure.
+//
+grant codeBase "${derbyTesting.codejar}derbytools.jar" {
+  // Access all properties using System.getProperties -
+  // ij enumerates the properties in order to open connections
+  // for any property set in ij.connection.* and set protocols
+  // for any property in ij.protocol.*
+  permission java.util.PropertyPermission "*", "read, write";
+  
+  // Read all files under ${user.dir}
+  permission java.io.FilePermission "${user.dir}${/}-", "read";
+  
+  // IjTestCases read, write, and delete ij's output in the extinout dir
+  permission java.io.FilePermission "${user.dir}${/}extinout${/}-", "read, write, delete";
+ 
+  // ij needs permission to read the sql files in this jar
+  permission java.io.FilePermission "${derbyTesting.testjarpath}", "read";
+  
+
+};
+
+//
+// Permissions for the tests (derbyTesting.jar)
+// We are liberal here, it's not a goal to make the test harness
+// or tests secure.
+//
+grant codeBase "${derbyTesting.testjar}derbyTesting.jar" {
+  // Access all properties using System.getProperties
+  permission java.util.PropertyPermission "*", "read, write";
+  
+  // Access all files under ${user.dir}to write the test directory structure
+  permission java.io.FilePermission "${user.dir}${/}-", "read,write,delete"; 
+
+  // Tests need to be able to exec a java program. DERBY-6295: Also give them
+  // read permission so that detailed error message is shown.
+  permission java.io.FilePermission "${java.home}${/}-", "execute, read";
+
+  // When running with useprocess=false need to install and uninstall
+  // the security manager and allow setIO to change the system err and out
+  // streams. Currently the nist suite runs with useprocess=false.
+  permission java.lang.RuntimePermission "setSecurityManager";
+  permission java.security.SecurityPermission "getPolicy";
+  permission java.lang.RuntimePermission "setIO";  
+
+  // Needed by ClasspathSetup to change the classloader
+  permission java.lang.RuntimePermission "createClassLoader";
+  permission java.lang.RuntimePermission "setContextClassLoader";
+
+  // These permissions are needed to dump the thread stack
+  // traces upon failure.
+  permission java.lang.RuntimePermission "getStackTrace";
+  permission java.lang.RuntimePermission "modifyThreadGroup";
+  
+  // Allow MBeanTest to register the application management MBean.
+  permission javax.management.MBeanServerPermission "createMBeanServer";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#[org.apache.derby:type=Management]","registerMBean,unregisterMBean";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#-[-]", "instantiate";
+  permission javax.management.MBeanTrustPermission "register";
+   
+  // And to find and use Derby's MBeans
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#[org.apache.derby:*]", "getAttribute,setAttribute,invoke";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "getMBeanInfo";
+  permission javax.management.MBeanPermission "-#-[-]", "queryNames";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "queryNames";
+  
+  // Test code needs this as well for the platform MBeanServer
+  // tests where the testing code is in the stack frame.
+  permission org.apache.derby.security.SystemPermission "jmx", "control";
+  permission org.apache.derby.security.SystemPermission "engine", "monitor";
+  permission org.apache.derby.security.SystemPermission "server", "control,monitor";
+
+  // useful for debugging
+  //permission java.lang.RuntimePermission "getProtectionDomain";
+
+  // This permission is needed to call the Connection.abort(Executor) method added by JDBC 4.1
+  permission java.sql.SQLPermission "callAbort";
+  
+  // Needed by FileUtil#limitAccessToOwner
+  permission java.lang.RuntimePermission "accessUserInformation";
+  permission java.lang.RuntimePermission "getFileStoreAttributes";
+
+  // Needed by NetworkServerTestSetup when probing ports.
+  permission java.net.SocketPermission "localhost", "listen";
+
+  // Needed by ClasspathSetup for freeing resources.
+  permission java.lang.RuntimePermission "closeClassLoader";
+
+  // Needed by AutoloadTest to get at spawned process pid (Unixen) and call jstack:
+  permission java.lang.RuntimePermission "accessDeclaredMembers";
+  permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
+  // Presumes we have a JDK: First "..": back up past "jre"
+  permission java.io.FilePermission "${java.home}${/}..${/}bin${/}-", "execute, read";
+};
+
+//
+// super-set of the jar permissions for running out of the classes directory
+//
+grant codeBase "${derbyTesting.codeclasses}" {
+  // Access all properties using System.getProperties
+  permission java.util.PropertyPermission "*", "read, write";
+  
+  permission java.util.PropertyPermission "derby.*", "read";
+  permission java.lang.RuntimePermission "createClassLoader";
+
+  // permissions so that we can set the context class loader to
+  // null for daemon threads to avoid class loader leak.
+  // DERBY-3745
+  permission java.lang.RuntimePermission "getClassLoader";
+  permission java.lang.RuntimePermission "setContextClassLoader";
+
+  permission java.security.SecurityPermission "getPolicy";
+   
+  permission java.io.FilePermission "${derby.system.home}${/}derby.properties", "read";
+  permission java.io.FilePermission "${derby.system.home}${/}derby.log", "read, write, delete";
+  permission java.io.FilePermission "${derby.system.home}", "read";
+  permission java.io.FilePermission "${derby.system.home}${/}-", "read, write, delete";
+
+  // combination of client and server side.
+  permission java.net.SocketPermission "127.0.0.1", "accept,connect,resolve";
+  permission java.net.SocketPermission "localhost", "accept,connect,resolve,listen";
+  permission java.net.SocketPermission "${derbyTesting.clienthost}", "accept,connect";
+  permission java.net.SocketPermission "${derbyTesting.serverhost}", "connect,resolve";
+  
+  // Access all files under ${user.dir}to write the test directory structure
+  // Also covers extin, extout and extinout locations
+  permission java.io.FilePermission "${user.dir}${/}-", "read,write,delete"; 
+   
+  // Tests need to be able to exec a java program. DERBY-6295: Also give them
+  // read permission so that detailed error message is shown.
+  permission java.io.FilePermission "${java.home}${/}-", "execute, read";
+
+  // needed to create a temp file in order to open a database in a jar file
+  permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read,write,delete";
+
+  // These permissions are needed to load the JCE for encryption with Sun and IBM JDK131.
+  // JDK14 has the JCE  preloaded
+  permission java.security.SecurityPermission "insertProvider.SunJCE";
+  permission java.security.SecurityPermission "insertProvider.IBMJCE";
+
+  // When running with useprocess=false need to install and uninstall
+  // the security manager and allow setIO to change the system err and out
+  // streams. Currently the nist suite runs with useprocess=false.
+  permission java.lang.RuntimePermission "setSecurityManager";
+  permission java.lang.RuntimePermission "setIO"; 
+
+  // These permissions are needed by stress.multi to dump the thread stack
+  // traces upon failure.
+  permission java.lang.RuntimePermission "getStackTrace";
+  permission java.lang.RuntimePermission "modifyThreadGroup";
+  
+    // Allow MBeanTest to register the application management MBean.
+  permission javax.management.MBeanServerPermission "createMBeanServer";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#[org.apache.derby:type=Management]","registerMBean,unregisterMBean";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.Management#-[-]", "instantiate";
+  permission javax.management.MBeanTrustPermission "register";
+  
+  // Allows access to Derby's built-in MBeans, within the domain org.apache.derby.
+  permission javax.management.MBeanPermission "org.apache.derby.*#[org.apache.derby:*]","registerMBean,unregisterMBean";
+  
+   
+  // And to find and use Derby's MBeans
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#[org.apache.derby:*]", "getAttribute,setAttribute,invoke";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "getMBeanInfo";
+  permission javax.management.MBeanPermission "-#-[-]", "queryNames";
+  permission javax.management.MBeanPermission "org.apache.derby.mbeans.*#-[org.apache.derby:*]", "queryNames";
+  
+  // Test code needs this as well for the platform MBeanServer
+  // tests where the testing code is in the stack frame.
+  permission org.apache.derby.security.SystemPermission "jmx", "control";
+  permission org.apache.derby.security.SystemPermission "engine", "monitor";
+  permission org.apache.derby.security.SystemPermission "server", "control,monitor";
+
+  // Needed by FileUtil#limitAccessToOwner
+  permission java.lang.RuntimePermission "accessUserInformation";
+  permission java.lang.RuntimePermission "getFileStoreAttributes";
+
+  // This permission is needed to call DriverManager.deregisterDriver()
+  // on Java SE 8 and later.
+  permission java.sql.SQLPermission "deregisterDriver";
+
+  // Needed by ClasspathSetup for freeing resources.
+  permission java.lang.RuntimePermission "closeClassLoader";
+};
+
+// JUnit jar file tries to read junit.properties in the user's
+// home directory and seems to require permission to read the
+// property user.home as well.
+// junit.swingui.TestRunner writes to .junitsession on exit.
+grant codeBase "${derbyTesting.junit}" {
+    permission java.util.PropertyPermission "user.home", "read";
+    permission java.io.FilePermission "${user.home}${/}junit.properties", "read";
+    permission java.io.FilePermission "${user.home}${/}.junitsession", "write";
+
+    // This permission is needed when running the tests using ant 1.7
+    permission java.io.FilePermission "${user.dir}${/}*", "write";
+};
+
+// Ant's junit runner requires setOut to redirect the System output streams
+// to the forked JVM used when running junit tests inside Ant. Ant requires
+// forking the JVM if you want to run tests in a different directory than the
+// current one.
+grant codeBase "${derbyTesting.antjunit}" {
+    permission java.lang.RuntimePermission "setIO";
+
+    // This permission is needed when running the tests using ant 1.7
+    permission java.io.FilePermission "${user.dir}${/}*", "write";
+};
+
+// Starting with Ant 1.9.3, write permission has to be granted to ant.jar
+// as well so that Ant's JUnit runner can write test results to a file.
+// Only needed when running the tests under Ant. See DERBY-6685.
+grant codeBase "${derbyTesting.ant}" {
+    permission java.io.FilePermission "${user.dir}${/}*", "write";
+};
+
+// functionTests.tests.lang.RoutineSecurityTest requires this grant
+// to check to see if permissions are granted through generated code
+// through this mechanism.
+grant {
+    permission java.util.PropertyPermission "derbyRoutineSecurityTest.yes", "read";
+};
+
+// These permissions are needed when testing code instrumented with EMMA.
+// They will only be used if the emma.active system property property is
+// set, which should be set to "" for the permissions to be correct. Must
+// be granted to all code bases because EMMA doesn't use doPrivileged
+// blocks around the code that needs the permissions.
+grant {
+  permission java.util.PropertyPermission "${emma.active}user.dir", "read";
+  permission java.io.FilePermission "${emma.active}${user.dir}${/}coverage.ec", "read, write";
+  permission java.lang.RuntimePermission "${emma.active}writeFileDescriptor";
+};
+
+// Grant the required permissions for JaCoCo (code coverage tool).
+grant {
+  permission java.io.FilePermission "${jacoco.active}${user.dir}${/}*", "read, write";
+};
+
+// When inserting XML values that use external DTD's, the JAXP parser
+// needs permission to read the DTD files.  We assume that all DTD
+// files will be copied to extin/ by whichever tests need them.  So
+// grant the JAXP parser permissions to read that directory.
+grant codeBase "${derbyTesting.jaxpjar}" {
+  permission java.io.FilePermission "${user.dir}${/}extin${/}-", "read";
+};
+
+// Permissions for package-private tests run from 'classes.pptesting'
+grant codeBase "${derbyTesting.ppcodeclasses}" {
+
+  // Needed for ProtocolTest - allows connection to a server
+  permission java.net.SocketPermission "127.0.0.1", "connect,resolve";
+  permission java.net.SocketPermission "localhost", "connect,resolve";
+  permission java.net.SocketPermission "${derbyTesting.serverhost}", "connect,resolve";
+
+  // Allows reading support files in 'extin'
+  permission java.io.FilePermission "${user.dir}${/}extin${/}-", "read";
+};

Propchange: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/no_derby_internals.policy
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/resultSetReader.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/resultSetReader.policy?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/resultSetReader.policy (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/resultSetReader.policy Thu Sep 18 12:29:24 2014
@@ -39,6 +39,7 @@ grant codeBase "${derbyTesting.codejar}d
   permission java.util.PropertyPermission "java.class.path", "read";//sysinfo
   permission java.util.PropertyPermission "java.runtime.version", "read";//sysinfo
   permission java.util.PropertyPermission "java.fullversion", "read";//sysinfo
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
   
   // unit tests (e.g. store/T_RecoverFullLog) set this property 
   // (called from derbyTesting.jar through code in derby.jar)

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby3980DeadlockTest.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby3980DeadlockTest.policy?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby3980DeadlockTest.policy (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/store/Derby3980DeadlockTest.policy Thu Sep 18 12:29:24 2014
@@ -55,6 +55,7 @@ grant codeBase "${derbyTesting.codejar}d
   permission java.util.PropertyPermission "java.class.path", "read";//sysinfo
   permission java.util.PropertyPermission "java.runtime.version", "read";//sysinfo
   permission java.util.PropertyPermission "java.fullversion", "read";//sysinfo
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
   
   // unit tests (e.g. store/T_RecoverFullLog) set this property 
   // (called from derbyTesting.jar through code in derby.jar)

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/PropertyUtil.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/PropertyUtil.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/PropertyUtil.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/PropertyUtil.java Thu Sep 18 12:29:24 2014
@@ -20,6 +20,11 @@
  */
 
 package org.apache.derbyTesting.functionTests.util;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+import org.apache.derby.iapi.services.context.Context;
 import org.apache.derby.iapi.services.context.ContextService;
 import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
 import java.io.Serializable;
@@ -31,15 +36,41 @@ public abstract class PropertyUtil exten
 	public static Serializable getDatabasePropertyDefault(String k) throws Exception
 	{
         LanguageConnectionContext lcc =
-			(LanguageConnectionContext) ContextService.getContextOrNull(LanguageConnectionContext.CONTEXT_ID);
+			(LanguageConnectionContext) getContextOrNull(LanguageConnectionContext.CONTEXT_ID);
 		if (lcc == null) throw new Exception("getPropertyDefault only works in a connection");
 		return lcc.getTransactionExecute().getPropertyDefault(k);
 	}
 	public static void setDatabasePropertyDefault(String k,Serializable v) throws Exception
 	{
         LanguageConnectionContext lcc =
-			(LanguageConnectionContext) ContextService.getContextOrNull(LanguageConnectionContext.CONTEXT_ID);
+			(LanguageConnectionContext) getContextOrNull(LanguageConnectionContext.CONTEXT_ID);
 		if (lcc == null) throw new Exception("getPropertyDefault only works in a connection");
 		lcc.getTransactionExecute().setPropertyDefault(k,v);
 	}
+    
+    /**
+     * Privileged lookup of a Context. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  Context    getContextOrNull( final String contextID )
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getContextOrNull( contextID );
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<Context>()
+                 {
+                     public Context run()
+                     {
+                         return ContextService.getContextOrNull( contextID );
+                     }
+                 }
+                 );
+        }
+    }
+
 }

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/T_ConsistencyChecker.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/T_ConsistencyChecker.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/T_ConsistencyChecker.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/T_ConsistencyChecker.java Thu Sep 18 12:29:24 2014
@@ -21,9 +21,12 @@
 
 package org.apache.derbyTesting.functionTests.util;
 
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import org.apache.derby.iapi.error.StandardException;
 import org.apache.derby.iapi.reference.SQLState;
+import org.apache.derby.iapi.services.context.Context;
 import org.apache.derby.iapi.services.context.ContextService;
 import org.apache.derby.iapi.services.io.FormatableBitSet;
 import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
@@ -239,7 +242,7 @@ public class T_ConsistencyChecker
 		throws StandardException
 	{
 		lcc = (LanguageConnectionContext)
-			ContextService.getContext(LanguageConnectionContext.CONTEXT_ID);
+			getContext(LanguageConnectionContext.CONTEXT_ID);
 		tc = lcc.getTransactionExecute();
 
 		dd = lcc.getDataDictionary();
@@ -455,7 +458,7 @@ public class T_ConsistencyChecker
         TransactionController   tc;
 
         lcc = (LanguageConnectionContext)
-            ContextService.getContext(LanguageConnectionContext.CONTEXT_ID);
+           getContext(LanguageConnectionContext.CONTEXT_ID);
         tc = lcc.getTransactionExecute();
 
         numOpens = tc.countOpens(TransactionController.OPEN_TOTAL);
@@ -489,7 +492,7 @@ public class T_ConsistencyChecker
         StringBuffer            debugBuf = new StringBuffer();
 
         LanguageConnectionContext lcc = (LanguageConnectionContext)
-             ContextService.getContext(LanguageConnectionContext.CONTEXT_ID);
+             getContext(LanguageConnectionContext.CONTEXT_ID);
 
         dd = lcc.getDataDictionary();
         dm = dd.getDependencyManager();
@@ -507,4 +510,30 @@ public class T_ConsistencyChecker
 
         return debugBuf.toString();
     }
+    
+    /**
+     * Privileged lookup of a Context. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  Context    getContext( final String contextID )
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getContext( contextID );
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<Context>()
+                 {
+                     public Context run()
+                     {
+                         return ContextService.getContext( contextID );
+                     }
+                 }
+                 );
+        }
+    }
+
 }

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/util/derby_tests.policy Thu Sep 18 12:29:24 2014
@@ -55,6 +55,7 @@ grant codeBase "${derbyTesting.codejar}d
   permission java.util.PropertyPermission "java.class.path", "read";//sysinfo
   permission java.util.PropertyPermission "java.runtime.version", "read";//sysinfo
   permission java.util.PropertyPermission "java.fullversion", "read";//sysinfo
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
   
   // unit tests (e.g. store/T_RecoverFullLog) set this property 
   // (called from derbyTesting.jar through code in derby.jar)
@@ -241,6 +242,9 @@ grant codeBase "${derbyTesting.testjar}d
   // Access all properties using System.getProperties
   permission java.util.PropertyPermission "*", "read, write";
   
+  // Need by various tests which call the ContextService
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
+
   // Access all files under ${user.dir}to write the test directory structure
   permission java.io.FilePermission "${user.dir}${/}-", "read,write,delete"; 
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/harness/BasicUnitTestManager.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/harness/BasicUnitTestManager.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/harness/BasicUnitTestManager.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/harness/BasicUnitTestManager.java Thu Sep 18 12:29:24 2014
@@ -28,6 +28,8 @@ import org.apache.derby.iapi.error.Stand
 import org.apache.derby.iapi.services.monitor.Monitor;
 import org.apache.derby.shared.common.sanity.SanityManager;
 import org.apache.derby.iapi.services.stream.HeaderPrintWriter;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Date;
 import java.util.Enumeration;
 import java.util.Properties;
@@ -70,7 +72,7 @@ public class BasicUnitTestManager implem
 
 		output = Monitor.getStream();
 
-		contextService = ContextService.getFactory();
+		contextService = getContextService();
 
 		this.currentOutput = output;
 
@@ -285,5 +287,31 @@ public class BasicUnitTestManager implem
 		this.performanceReportOn = performanceReportOn;
 		return;
 	}	
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/harness/T_Bomb.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/harness/T_Bomb.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/harness/T_Bomb.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/harness/T_Bomb.java Thu Sep 18 12:29:24 2014
@@ -26,6 +26,8 @@ import org.apache.derby.iapi.services.co
 
 import org.apache.derby.iapi.services.context.Context;
 
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Vector;
 
 public class T_Bomb implements Runnable { 
@@ -115,7 +117,7 @@ public class T_Bomb implements Runnable 
 	private void blowUp()
 	{
 			performLastGasp();
-			ContextService csf = ContextService.getFactory();
+			ContextService csf = getContextService();
 			if (csf != null)
 			{
 				System.out.println("ran out of time");
@@ -146,4 +148,30 @@ public class T_Bomb implements Runnable 
 		} //end for
 
 	}
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest.policy?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest.policy (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest.policy Thu Sep 18 12:29:24 2014
@@ -23,6 +23,7 @@ grant codeBase "${derbyTesting.codejar}d
   permission java.lang.RuntimePermission "setSecurityManager";
   permission java.util.PropertyPermission "derby.*", "read";
   permission java.util.PropertyPermission "user.dir", "read";
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
 
   // The next two properties are used to determine if the VM is 32 or 64 bit.
   //

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest1.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest1.policy?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest1.policy (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest1.policy Thu Sep 18 12:29:24 2014
@@ -21,6 +21,7 @@ grant codeBase "${derbyTesting.codejar}d
   //
   permission java.lang.RuntimePermission "createClassLoader";
   permission java.lang.RuntimePermission "setSecurityManager";
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
   //
   // **** Removed these for this test:
   //      permission java.util.PropertyPermission "derby.*", "read";

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest2.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest2.policy?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest2.policy (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/MissingPermissionsTest2.policy Thu Sep 18 12:29:24 2014
@@ -23,6 +23,7 @@ grant codeBase "${derbyTesting.codejar}d
   permission java.lang.RuntimePermission "setSecurityManager";
   permission java.util.PropertyPermission "derby.*", "read";
   permission java.util.PropertyPermission "user.dir", "read";
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
 
   // The next two properties are used to determine if the VM is 32 or 64 bit.
   //

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest.policy Thu Sep 18 12:29:24 2014
@@ -89,6 +89,7 @@ grant codeBase "${derbyTesting.testjar}d
 grant codeBase "${derbyTesting.codejar}derby.jar" {
   // System Privileges framework needs to run "doAsPrivileged"
   //permission javax.security.auth.AuthPermission "doAsPrivileged";
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
 
   // System Privileges framework needs to resolve relative directory names,
   // which requires a property-read permission

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest1.policy
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest1.policy?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest1.policy (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/junit/SystemPrivilegesPermissionTest1.policy Thu Sep 18 12:29:24 2014
@@ -69,6 +69,7 @@ grant codeBase "${derbyTesting.testjar}d
 grant codeBase "${derbyTesting.codejar}derby.jar" {
   // System Privileges framework needs to run "doAsPrivileged"
   //permission javax.security.auth.AuthPermission "doAsPrivileged";
+  permission org.apache.derby.security.SystemPermission "engine", "usederbyinternals";
 
   // System Privileges framework needs to resolve relative directory names,
   // which requires a property-read permission

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_AccessFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_AccessFactory.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_AccessFactory.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_AccessFactory.java Thu Sep 18 12:29:24 2014
@@ -46,6 +46,8 @@ import org.apache.derby.iapi.reference.P
 import org.apache.derby.iapi.reference.SQLState;
 import org.apache.derby.iapi.services.io.FormatableBitSet;
 import org.apache.derby.iapi.services.i18n.MessageService;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.io.Serializable;
 import java.util.Hashtable;
 import java.util.Properties;
@@ -119,7 +121,7 @@ public class T_AccessFactory extends T_G
 		try {
 
             ContextManager cm = 
-                    ContextService.getFactory().getCurrentContextManager();
+                    getContextService().getCurrentContextManager();
 
 			tc = store.getAndNameTransaction(
                     cm, AccessFactoryGlobals.USER_TRANS_NAME);
@@ -2980,7 +2982,7 @@ public class T_AccessFactory extends T_G
 
         TransactionController current_xact = 
             store.getTransaction(
-                ContextService.getFactory().getCurrentContextManager());
+                getContextService().getCurrentContextManager());
 
         // get a nested user transaction
         TransactionController child_tc = 
@@ -2988,7 +2990,7 @@ public class T_AccessFactory extends T_G
 
         TransactionController current_xact_after_nest = 
             store.getTransaction(
-                ContextService.getFactory().getCurrentContextManager());
+                getContextService().getCurrentContextManager());
 
         if (current_xact_after_nest != current_xact)
         {
@@ -3337,9 +3339,9 @@ public class T_AccessFactory extends T_G
 
 
 		// get another transaction going
-		ContextManager cm2 = ContextService.getFactory().newContextManager();
+		ContextManager cm2 = getContextService().newContextManager();
 
-		ContextService.getFactory().setCurrentContextManager(cm2);
+		getContextService().setCurrentContextManager(cm2);
 
 		TransactionController tc2 = null;
 		ConglomerateController cc2 = null;
@@ -3368,7 +3370,7 @@ public class T_AccessFactory extends T_G
 				throw lfe;
 		}
 		finally {
-			ContextService.getFactory().resetCurrentContextManager(cm2);
+			getContextService().resetCurrentContextManager(cm2);
 		}
 
 
@@ -3382,7 +3384,7 @@ public class T_AccessFactory extends T_G
 		// now really commit the transaction
 		tc.commit();
 		
-		ContextService.getFactory().setCurrentContextManager(cm2);
+		getContextService().setCurrentContextManager(cm2);
 
 		try {
 		cc2.fetch(rowloc, r1.getRowArray(), (FormatableBitSet)null);
@@ -3391,7 +3393,7 @@ public class T_AccessFactory extends T_G
 		tc2.destroy();
 		}
 		finally {
-			ContextService.getFactory().resetCurrentContextManager(cm2);
+			getContextService().resetCurrentContextManager(cm2);
 		}
 
 		REPORT("(commitTest) succeeded");
@@ -4367,4 +4369,30 @@ public class T_AccessFactory extends T_G
 		return s;
 	}
 
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_FileSystemData.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_FileSystemData.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_FileSystemData.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_FileSystemData.java Thu Sep 18 12:29:24 2014
@@ -44,6 +44,8 @@ import org.apache.derby.iapi.store.acces
 import org.apache.derby.iapi.reference.Property;
 
 import java.io.*;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Properties;
 /**
 	An Impl unittest for rawstore data that is based on the FileSystem
@@ -87,7 +89,7 @@ public class T_FileSystemData extends T_
 		 throws StandardException
 	{
 		super.boot(create, startParams);
-		contextService = ContextService.getFactory();
+		contextService = getContextService();
 	}
 
 
@@ -1105,4 +1107,30 @@ public class T_FileSystemData extends T_
 			return;
         }
 	}
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_Heap.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_Heap.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_Heap.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_Heap.java Thu Sep 18 12:29:24 2014
@@ -46,6 +46,8 @@ import org.apache.derby.iapi.store.acces
 
 import org.apache.derby.iapi.reference.Property;
 
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Properties;
 
 public class T_Heap extends T_Generic
@@ -96,7 +98,7 @@ public class T_Heap extends T_Generic
 		try {
 
             tc = store.getTransaction(
-                    ContextService.getFactory().getCurrentContextManager());
+                    getContextService().getCurrentContextManager());
 
             if (t_001(tc))
 			{
@@ -145,4 +147,30 @@ public class T_Heap extends T_Generic
 
         return(test_result);
     }
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RawStoreFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RawStoreFactory.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RawStoreFactory.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RawStoreFactory.java Thu Sep 18 12:29:24 2014
@@ -59,6 +59,8 @@ import org.apache.derby.iapi.reference.P
 import org.apache.derby.iapi.services.io.FormatableBitSet;
 
 import java.io.*;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Properties;
 
 /**
@@ -120,7 +122,7 @@ public class T_RawStoreFactory extends T
 		 throws StandardException
 	{
 		super.boot(create, startParams);
-		contextService = ContextService.getFactory();
+		contextService = getContextService();
 	}
 
 	/*
@@ -7633,5 +7635,31 @@ public class T_RawStoreFactory extends T
 		PASS(testInfo);
 	}
 
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RecoverBadLog.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RecoverBadLog.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RecoverBadLog.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RecoverBadLog.java Thu Sep 18 12:29:24 2014
@@ -51,6 +51,8 @@ import org.apache.derby.iapi.store.acces
 import java.io.IOException;
 import java.io.RandomAccessFile;
 import java.io.File;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Properties;
 
 
@@ -226,7 +228,7 @@ public class T_RecoverBadLog extends T_G
 		}
 
 		try {
-			contextService = ContextService.getFactory();
+			contextService = getContextService();
 
 			File ifile = new File(infoPath);
 
@@ -1827,6 +1829,32 @@ public class T_RecoverBadLog extends T_G
 		
 	}
 
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }
 
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RecoverFullLog.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RecoverFullLog.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RecoverFullLog.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_RecoverFullLog.java Thu Sep 18 12:29:24 2014
@@ -51,6 +51,8 @@ import org.apache.derby.iapi.store.acces
 import java.io.IOException;
 import java.io.RandomAccessFile;
 import java.io.File;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Properties;
 
 
@@ -165,7 +167,7 @@ public class T_RecoverFullLog extends T_
 
 		try {
 
-			contextService = ContextService.getFactory();
+			contextService = getContextService();
 
 			File ifile = new File(infoPath);
 			
@@ -862,6 +864,32 @@ public class T_RecoverFullLog extends T_
 	}
 
 
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 
 }
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_Recovery.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_Recovery.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_Recovery.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_Recovery.java Thu Sep 18 12:29:24 2014
@@ -59,6 +59,8 @@ import org.apache.derby.iapi.reference.A
 import org.apache.derby.iapi.services.io.FormatableBitSet;
 
 import java.io.*;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Properties;
 
 
@@ -174,7 +176,7 @@ public class T_Recovery extends T_Generi
 			// see if we are testing encryption
 			startParams = T_Util.setEncryptionParam(startParams);
 
-			contextService = ContextService.getFactory();
+			contextService = getContextService();
 
 			if (testRecovery)
 			{
@@ -4085,6 +4087,32 @@ public class T_Recovery extends T_Generi
 
 	}
 
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }
 
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_SortController.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_SortController.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_SortController.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_SortController.java Thu Sep 18 12:29:24 2014
@@ -144,7 +144,7 @@ public class T_SortController extends T_
 		}
 
 		tc = store.getTransaction(
-                ContextService.getFactory().getCurrentContextManager());
+                getContextService().getCurrentContextManager());
 
 		if (!sortExample(tc))
 			failcount++;
@@ -838,6 +838,32 @@ public class T_SortController extends T_
 
 		return (!mismatch && !toofew && !toomany);
 	}
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }
 
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_StreamFile.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_StreamFile.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_StreamFile.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_StreamFile.java Thu Sep 18 12:29:24 2014
@@ -50,6 +50,8 @@ import org.apache.derby.iapi.services.io
 import org.apache.derby.iapi.services.io.DynamicByteArrayOutputStream;
 
 import java.io.*;
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Properties;
 
 /**
@@ -92,7 +94,7 @@ public class T_StreamFile extends T_Mult
 	public void boot(boolean create, Properties startParams)
 		 throws StandardException {
 		super.boot(create, startParams);
-		contextService = ContextService.getFactory();
+		contextService = getContextService();
 	}
 
 
@@ -389,4 +391,30 @@ public class T_StreamFile extends T_Mult
 		
 		PASS("SF002");
 	}
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_XA.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_XA.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_XA.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_XA.java Thu Sep 18 12:29:24 2014
@@ -42,6 +42,8 @@ import org.apache.derby.iapi.services.io
 
 import org.apache.derby.iapi.error.StandardException; 
 
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Properties; 
 
 import javax.transaction.xa.XAResource;
@@ -179,7 +181,7 @@ public class T_XA extends T_Generic
         REPORT("(XATest_1) starting");
 
         ContextManager cm = 
-                ContextService.getFactory().getCurrentContextManager();
+                getContextService().getCurrentContextManager();
 
         // COMMIT AN IDLE TRANSACTION.
 
@@ -272,7 +274,7 @@ public class T_XA extends T_Generic
     {
         REPORT("(XATest_2) starting");
         ContextManager cm = 
-                ContextService.getFactory().getCurrentContextManager();
+                getContextService().getCurrentContextManager();
 
         // COMMIT AN IDLE TRANSACTION.
 
@@ -437,7 +439,7 @@ public class T_XA extends T_Generic
         REPORT("(XATest_3) starting");
 
         ContextManager cm = 
-                ContextService.getFactory().getCurrentContextManager();
+                getContextService().getCurrentContextManager();
 
         // ABORT AN IDLE TRANSACTION.
 
@@ -557,7 +559,7 @@ public class T_XA extends T_Generic
         REPORT("(XATest_4) starting");
 
         ContextManager cm = 
-                ContextService.getFactory().getCurrentContextManager();
+                getContextService().getCurrentContextManager();
 
         // ABORT AN IDLE TRANSACTION.
 
@@ -827,7 +829,7 @@ public class T_XA extends T_Generic
         }
 
         ContextManager cm = 
-                ContextService.getFactory().getCurrentContextManager();
+                getContextService().getCurrentContextManager();
 
         // COMMIT AN IDLE TRANSACTION.
 
@@ -1068,7 +1070,7 @@ public class T_XA extends T_Generic
         REPORT("(XATest_5) starting");
 
         ContextManager cm = 
-                ContextService.getFactory().getCurrentContextManager();
+                getContextService().getCurrentContextManager();
 
         TransactionController   tc = store.getTransaction(cm);
 
@@ -1180,6 +1182,32 @@ public class T_XA extends T_Generic
         REPORT("(XATest_6) finishing");
     }
 
+    
+    /**
+     * Privileged lookup of the ContextService. Package protected so that user code
+     * can't call this entry point.
+     */
+    static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+
 }
 
 class commit_method
@@ -1230,10 +1258,10 @@ class commit_method
 
                 SanityManager.ASSERT(
                     cm == 
-                    ContextService.getFactory().getCurrentContextManager(),
+                    T_XA.getContextService().getCurrentContextManager(),
                     "cm = " + cm +
                     "current = " + 
-                        ContextService.getFactory().getCurrentContextManager());
+                        T_XA.getContextService().getCurrentContextManager());
             }
 
             ((XAResourceManager) store.getXAResourceManager()).commit(
@@ -1275,10 +1303,10 @@ class commit_method
 
                 SanityManager.ASSERT(
                     cm == 
-                    ContextService.getFactory().getCurrentContextManager(),
+                    T_XA.getContextService().getCurrentContextManager(),
                     "cm = " + cm +
                     "current = " + 
-                        ContextService.getFactory().getCurrentContextManager());
+                        T_XA.getContextService().getCurrentContextManager());
             }
 
             ((XAResourceManager) store.getXAResourceManager()).rollback(

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_b2i.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_b2i.java?rev=1625960&r1=1625959&r2=1625960&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_b2i.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/unitTests/store/T_b2i.java Thu Sep 18 12:29:24 2014
@@ -39,6 +39,7 @@ import org.apache.derby.iapi.services.mo
 
 import org.apache.derby.shared.common.sanity.SanityManager;
 import org.apache.derby.iapi.services.stream.HeaderPrintWriter;
+import org.apache.derby.iapi.services.context.Context;
 import org.apache.derby.iapi.services.context.ContextService;
 import org.apache.derby.iapi.services.context.ContextManager;
 import org.apache.derby.iapi.services.io.FormatIdUtil;
@@ -68,6 +69,8 @@ import org.apache.derby.impl.store.acces
 import org.apache.derby.iapi.types.SQLChar;
 
 
+import java.security.PrivilegedAction;
+import java.security.AccessController;
 import java.util.Properties;
 
 
@@ -111,7 +114,7 @@ public class T_b2i extends T_MultiIterat
 			store_module = Monitor.createPersistentService(
 				getModuleToTestProtocolName(), testService, startParams);
 			
-			contextService = ContextService.getFactory();
+			contextService = getContextService();
 
 		} catch (StandardException mse) {
 			throw T_Fail.exceptionFail(mse);
@@ -855,7 +858,7 @@ public class T_b2i extends T_MultiIterat
             }
             catch (StandardException e)
             {
-                ContextService contextFactory = ContextService.getFactory();
+                ContextService contextFactory = getContextService();
 
                 // Get the context manager.
                 ContextManager cm = contextFactory.getCurrentContextManager();
@@ -3261,7 +3264,7 @@ public class T_b2i extends T_MultiIterat
 					throw e;
 
                 ContextService contextFactory = 
-                    ContextService.getFactory();
+                    getContextService();
 
                 // Get the context manager.
                 ContextManager cm = contextFactory.getCurrentContextManager();
@@ -5096,12 +5099,64 @@ public class T_b2i extends T_MultiIterat
      * @return {@code true} if the database is active, {@code false} otherwise
      */
     public boolean isdbActive() {
-        LanguageConnectionContext lcc = (LanguageConnectionContext) ContextService
-                .getContextOrNull(LanguageConnectionContext.CONTEXT_ID);
+        LanguageConnectionContext lcc = (LanguageConnectionContext)
+                getContextOrNull(LanguageConnectionContext.CONTEXT_ID);
         Database db = (Database) (lcc != null ? lcc.getDatabase() : null);
         return (db != null ? db.isActive() : false);
     }
 
+    
+    /**
+     * Privileged lookup of the ContextService. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  ContextService    getContextService()
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getFactory();
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<ContextService>()
+                 {
+                     public ContextService run()
+                     {
+                         return ContextService.getFactory();
+                     }
+                 }
+                 );
+        }
+    }
+    
+    /**
+     * Privileged lookup of a Context. Must be private so that user code
+     * can't call this entry point.
+     */
+    private  static  Context    getContextOrNull( final String contextID )
+    {
+        if ( System.getSecurityManager() == null )
+        {
+            return ContextService.getContextOrNull( contextID );
+        }
+        else
+        {
+            return AccessController.doPrivileged
+                (
+                 new PrivilegedAction<Context>()
+                 {
+                     public Context run()
+                     {
+                         return ContextService.getContextOrNull( contextID );
+                     }
+                 }
+                 );
+        }
+    }
+
+
 }
 
 class T_CreateConglomRet 



Mime
View raw message