diff options
Diffstat (limited to 'framework/src/onos/core/api/src/main/java/org/onosproject/security')
6 files changed, 0 insertions, 417 deletions
diff --git a/framework/src/onos/core/api/src/main/java/org/onosproject/security/AppGuard.java b/framework/src/onos/core/api/src/main/java/org/onosproject/security/AppGuard.java deleted file mode 100644 index 4b80dfcd..00000000 --- a/framework/src/onos/core/api/src/main/java/org/onosproject/security/AppGuard.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright 2015 Open Networking Laboratory - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onosproject.security; - - -import com.google.common.annotations.Beta; - -/** - * Aids SM-ONOS to perform API-level permission checking. - */ -@Beta -public final class AppGuard { - - private AppGuard() { - } - - /** - * Checks if the caller has the required permission only when security-mode is enabled. - * @param permission permission to be checked - */ - public static void checkPermission(AppPermission.Type permission) { - SecurityManager sm = System.getSecurityManager(); - if (sm != null) { - System.getSecurityManager().checkPermission(new AppPermission(permission)); - } - } -} diff --git a/framework/src/onos/core/api/src/main/java/org/onosproject/security/AppPermission.java b/framework/src/onos/core/api/src/main/java/org/onosproject/security/AppPermission.java deleted file mode 100644 index 09fe17a8..00000000 --- a/framework/src/onos/core/api/src/main/java/org/onosproject/security/AppPermission.java +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright 2015 Open Networking Laboratory - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onosproject.security; - -import com.google.common.annotations.Beta; - -import java.security.BasicPermission; - -/** - * Implementation of API access permission. - */ -@Beta -public class AppPermission extends BasicPermission { - - public enum Type { - APP_READ, - APP_EVENT, - CONFIG_READ, - CONFIG_WRITE, - CLUSTER_READ, - CLUSTER_WRITE, - CLUSTER_EVENT, - DEVICE_READ, - DEVICE_EVENT, - DRIVER_READ, - DRIVER_WRITE, - FLOWRULE_READ, - FLOWRULE_WRITE, - FLOWRULE_EVENT, - GROUP_READ, - GROUP_WRITE, - GROUP_EVENT, - HOST_READ, - HOST_WRITE, - HOST_EVENT, - INTENT_READ, - INTENT_WRITE, - INTENT_EVENT, - LINK_READ, - LINK_WRITE, - LINK_EVENT, - PACKET_READ, - PACKET_WRITE, - PACKET_EVENT, - STATISTIC_READ, - TOPOLOGY_READ, - TOPOLOGY_EVENT, - TUNNEL_READ, - TUNNEL_WRITE, - TUNNEL_EVENT, - STORAGE_WRITE - } - - protected Type type; - /** - * Creates new application permission using the supplied data. - * @param name permission name - */ - public AppPermission(String name) { - super(name.toUpperCase(), ""); - try { - type = Type.valueOf(name); - } catch (IllegalArgumentException e) { - type = null; - } - } - - /** - * Creates new application permission using the supplied data. - * @param name permission name - * @param actions permission action - */ - public AppPermission(String name, String actions) { - super(name.toUpperCase(), actions); - try { - type = Type.valueOf(name); - } catch (IllegalArgumentException e) { - type = null; - } - } - - /** - * Crates new application permission using the supplied data. - * @param type permission type - */ - public AppPermission(Type type) { - super(type.name(), ""); - this.type = type; - } - - /** - * Returns type of permission. - * @return application permission type - */ - public Type getType() { - return this.type; - } - -} diff --git a/framework/src/onos/core/api/src/main/java/org/onosproject/security/Permission.java b/framework/src/onos/core/api/src/main/java/org/onosproject/security/Permission.java deleted file mode 100644 index 0c874c9d..00000000 --- a/framework/src/onos/core/api/src/main/java/org/onosproject/security/Permission.java +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright 2015 Open Networking Laboratory - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onosproject.security; - -import com.google.common.annotations.Beta; - -@Beta -public class Permission { - - protected String classname; - protected String name; - protected String actions; - - public Permission(String classname, String name, String actions) { - this.classname = classname; - this.name = name; - if (actions == null) { - this.actions = ""; - } else { - this.actions = actions; - } - } - - public Permission(String classname, String name) { - this.classname = classname; - this.name = name; - this.actions = ""; - } - - public String getClassName() { - return classname; - } - - public String getName() { - return name; - } - - public String getActions() { - return actions; - } - - @Override - public int hashCode() { - return 0; - } - - @Override - public boolean equals(Object thatPerm) { - if (this == thatPerm) { - return true; - } - - if (!(thatPerm instanceof Permission)) { - return false; - } - - Permission that = (Permission) thatPerm; - return (this.classname.equals(that.classname)) && (this.name.equals(that.name)) - && (this.actions.equals(that.actions)); - } - - @Override - public String toString() { - return String.format("(%s, %s, %s)", classname, name, actions); - } -} diff --git a/framework/src/onos/core/api/src/main/java/org/onosproject/security/SecurityAdminService.java b/framework/src/onos/core/api/src/main/java/org/onosproject/security/SecurityAdminService.java deleted file mode 100644 index 30d143c0..00000000 --- a/framework/src/onos/core/api/src/main/java/org/onosproject/security/SecurityAdminService.java +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright 2015 Open Networking Laboratory - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onosproject.security; - -import com.google.common.annotations.Beta; -import org.onosproject.core.ApplicationId; - -import java.security.Permission; -import java.util.List; -import java.util.Map; - -/** - * Security-Mode ONOS service. - */ -@Beta -public interface SecurityAdminService { - - /** - * Returns true if security policy has been enforced to specified application. - * @param appId application identifier - * @return true if secured. - */ - boolean isSecured(ApplicationId appId); - - /** - * Changes SecurityModeState of specified application to REVIEWED. - * @param appId application identifier - */ - void review(ApplicationId appId); - - /** - * Accepts and enforces security policy to specified application. - * @param appId application identifier - */ - void acceptPolicy(ApplicationId appId); - - /** - * Register application to SM-ONOS subsystem. - * @param appId application identifier - */ - void register(ApplicationId appId); - - /** - * Returns sorted developer specified permission Map. - * @param appId application identifier - * @return Map of list of permissions sorted by permission type - */ - Map<Integer, List<Permission>> getPrintableSpecifiedPermissions(ApplicationId appId); - - /** - * Returns sorted granted permission Map. - * @param appId application identifier - * @return Map of list of permissions sorted by permission type - */ - Map<Integer, List<Permission>> getPrintableGrantedPermissions(ApplicationId appId); - - /** - * Returns sorted requested permission Map. - * @param appId application identifier - * @return Map of list of permissions sorted by permission type - */ - Map<Integer, List<Permission>> getPrintableRequestedPermissions(ApplicationId appId); - - -} diff --git a/framework/src/onos/core/api/src/main/java/org/onosproject/security/SecurityUtil.java b/framework/src/onos/core/api/src/main/java/org/onosproject/security/SecurityUtil.java deleted file mode 100644 index 444b6bb5..00000000 --- a/framework/src/onos/core/api/src/main/java/org/onosproject/security/SecurityUtil.java +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright 2015 Open Networking Laboratory - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onosproject.security; - -import com.google.common.annotations.Beta; -import org.onlab.osgi.DefaultServiceDirectory; -import org.onlab.osgi.ServiceDirectory; -import org.onlab.osgi.ServiceNotFoundException; -import org.onosproject.core.ApplicationId; - -/** - * Utility class to aid Security-Mode ONOS. - */ -@Beta -public final class SecurityUtil { - - protected static ServiceDirectory serviceDirectory = new DefaultServiceDirectory(); - - private SecurityUtil() { - } - - public static boolean isSecurityModeEnabled() { - if (System.getSecurityManager() != null) { - try { - SecurityAdminService securityService = serviceDirectory.get(SecurityAdminService.class); - if (securityService != null) { - return true; - } - } catch (ServiceNotFoundException e) { - return false; - } - } - return false; - } - - public static SecurityAdminService getSecurityService() { - if (System.getSecurityManager() != null) { - try { - SecurityAdminService securityService = serviceDirectory.get(SecurityAdminService.class); - if (securityService != null) { - return securityService; - } - } catch (ServiceNotFoundException e) { - return null; - } - } - return null; - } - - public static boolean isAppSecured(ApplicationId appId) { - SecurityAdminService service = getSecurityService(); - if (service != null) { - if (!service.isSecured(appId)) { - System.out.println("\n*******************************"); - System.out.println(" SM-ONOS APP WARNING "); - System.out.println("*******************************"); - System.out.println(appId.name() + " has not been secured."); - System.out.println("Please review before activating."); - return false; - } - } - return true; - } - public static void register(ApplicationId appId) { - SecurityAdminService service = getSecurityService(); - if (service != null) { - service.register(appId); - } - } -} diff --git a/framework/src/onos/core/api/src/main/java/org/onosproject/security/package-info.java b/framework/src/onos/core/api/src/main/java/org/onosproject/security/package-info.java deleted file mode 100644 index 88c3529d..00000000 --- a/framework/src/onos/core/api/src/main/java/org/onosproject/security/package-info.java +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Copyright 2015 Open Networking Laboratory - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * Application security constructs. - */ -package org.onosproject.security;
\ No newline at end of file |