ONOS-1993 Implement API-level permission checking + security util code location replacement

Change-Id: I7bf20eda9c12ed2a44334504333b093057764cd2

@@ -15,12 +15,16 @@
  */
 package org.onosproject.net.packet;
 
+import org.onosproject.core.Permission;
 import org.onosproject.net.flow.DefaultTrafficTreatment;
 import org.onosproject.net.flow.TrafficTreatment;
 import org.onosproject.net.flow.TrafficTreatment.Builder;
 
 import java.util.concurrent.atomic.AtomicBoolean;
 
+import static org.onosproject.security.AppGuard.checkPermission;
+
+
 /**
  * Default implementation of a packet context.
  */
@@ -53,21 +57,29 @@ public abstract class DefaultPacketContext implements PacketContext {
 
     @Override
     public long time() {
+        checkPermission(Permission.PACKET_READ);
+
         return time;
     }
 
     @Override
     public InboundPacket inPacket() {
+        checkPermission(Permission.PACKET_READ);
+
         return inPkt;
     }
 
     @Override
     public OutboundPacket outPacket() {
+        checkPermission(Permission.PACKET_READ);
+
         return outPkt;
     }
 
     @Override
     public Builder treatmentBuilder() {
+        checkPermission(Permission.PACKET_READ);
+
         return builder;
     }
 
@@ -76,11 +88,15 @@ public abstract class DefaultPacketContext implements PacketContext {
 
     @Override
     public boolean block() {
+        checkPermission(Permission.PACKET_WRITE);
+
         return this.block.getAndSet(true);
     }
 
     @Override
     public boolean isHandled() {
+        checkPermission(Permission.PACKET_READ);
+
         return this.block.get();
     }
-}
+}
\ No newline at end of file

@@ -14,21 +14,26 @@
  * limitations under the License.
  */
 
-package org.onosproject.security.util;
+package org.onosproject.security;
+
+import org.onosproject.core.Permission;
 
 /**
- * Checks if the caller has the required permission to call each API.
+ * Aids SM-ONOS to perform API-level permission checking.
  */
 public final class AppGuard {
 
     private AppGuard() {
     }
 
-    public static boolean check(String perm) {
+    /**
+     * Checks if the caller has the required permission only when security-mode is enabled.
+     * @param permission permission to be checked
+     */
+    public static void checkPermission(Permission permission) {
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) {
-            System.getSecurityManager().checkPermission(new AppPermission(perm));
+            System.getSecurityManager().checkPermission(new AppPermission(permission.name()));
         }
-        return true;
     }
 }

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package org.onosproject.security.util;
+package org.onosproject.security;
 
 import java.security.BasicPermission;
 
@@ -23,10 +23,19 @@ import java.security.BasicPermission;
  */
 public class AppPermission extends BasicPermission {
 
+    /**
+     * Creates new application permission using the supplied data.
+     * @param name permission name
+     */
     public AppPermission(String name) {
         super(name.toUpperCase(), "");
     }
 
+    /**
+     * Creates new application permission using the supplied data.
+     * @param name permission name
+     * @param actions permission action
+     */
     public AppPermission(String name, String actions) {
         super(name.toUpperCase(), actions);
     }

@@ -42,6 +42,7 @@ import java.util.Set;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.onosproject.app.ApplicationEvent.Type.*;
+import static org.onosproject.security.AppGuard.checkPermission;
 import static org.slf4j.LoggerFactory.getLogger;
 
 /**
@@ -91,29 +92,39 @@ public class ApplicationManager implements ApplicationService, ApplicationAdminS
 
     @Override
     public Set<Application> getApplications() {
+        checkPermission(Permission.APP_READ);
+
         return store.getApplications();
     }
 
     @Override
     public ApplicationId getId(String name) {
+        checkPermission(Permission.APP_READ);
+
         checkNotNull(name, "Name cannot be null");
         return store.getId(name);
     }
 
     @Override
     public Application getApplication(ApplicationId appId) {
+        checkPermission(Permission.APP_READ);
+
         checkNotNull(appId, APP_ID_NULL);
         return store.getApplication(appId);
     }
 
     @Override
     public ApplicationState getState(ApplicationId appId) {
+        checkPermission(Permission.APP_READ);
+
         checkNotNull(appId, APP_ID_NULL);
         return store.getState(appId);
     }
 
     @Override
     public Set<Permission> getPermissions(ApplicationId appId) {
+        checkPermission(Permission.APP_READ);
+
         checkNotNull(appId, APP_ID_NULL);
         return store.getPermissions(appId);
     }
@@ -155,11 +166,15 @@ public class ApplicationManager implements ApplicationService, ApplicationAdminS
 
     @Override
     public void addListener(ApplicationListener listener) {
+        checkPermission(Permission.APP_EVENT);
+
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(ApplicationListener listener) {
+        checkPermission(Permission.APP_EVENT);
+
         listenerRegistry.removeListener(listener);
     }
 

@@ -28,6 +28,7 @@ import org.onosproject.cfg.ComponentConfigService;
 import org.onosproject.cfg.ComponentConfigStore;
 import org.onosproject.cfg.ComponentConfigStoreDelegate;
 import org.onosproject.cfg.ConfigProperty;
+import org.onosproject.core.Permission;
 import org.osgi.service.cm.Configuration;
 import org.osgi.service.cm.ConfigurationAdmin;
 import org.slf4j.Logger;
@@ -43,6 +44,8 @@ import java.util.Set;
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Implementation of the centralized component configuration service.
@@ -84,11 +87,15 @@ public class ComponentConfigManager implements ComponentConfigService {
 
     @Override
     public Set<String> getComponentNames() {
+        checkPermission(Permission.CONFIG_READ);
+
         return ImmutableSet.copyOf(properties.keySet());
     }
 
     @Override
     public void registerProperties(Class<?> componentClass) {
+        checkPermission(Permission.CONFIG_WRITE);
+
         String componentName = componentClass.getName();
         String resourceName = componentClass.getSimpleName() + RESOURCE_EXT;
         try (InputStream ris = componentClass.getResourceAsStream(resourceName)) {
@@ -111,6 +118,8 @@ public class ComponentConfigManager implements ComponentConfigService {
 
     @Override
     public void unregisterProperties(Class<?> componentClass, boolean clear) {
+        checkPermission(Permission.CONFIG_WRITE);
+
         String componentName = componentClass.getName();
         checkNotNull(componentName, COMPONENT_NULL);
         Map<String, ConfigProperty> cps = properties.remove(componentName);
@@ -127,12 +136,16 @@ public class ComponentConfigManager implements ComponentConfigService {
 
     @Override
     public Set<ConfigProperty> getProperties(String componentName) {
+        checkPermission(Permission.CONFIG_READ);
+
         Map<String, ConfigProperty> map = properties.get(componentName);
         return map != null ? ImmutableSet.copyOf(map.values()) : null;
     }
 
     @Override
     public void setProperty(String componentName, String name, String value) {
+        checkPermission(Permission.CONFIG_WRITE);
+
         checkNotNull(componentName, COMPONENT_NULL);
         checkNotNull(name, PROPERTY_NULL);
         store.setProperty(componentName, name, value);
@@ -140,6 +153,8 @@ public class ComponentConfigManager implements ComponentConfigService {
 
     @Override
     public void unsetProperty(String componentName, String name) {
+        checkPermission(Permission.CONFIG_WRITE);
+
         checkNotNull(componentName, COMPONENT_NULL);
         checkNotNull(name, PROPERTY_NULL);
         store.unsetProperty(componentName, name);

@@ -33,6 +33,7 @@ import org.onosproject.cluster.ClusterStore;
 import org.onosproject.cluster.ClusterStoreDelegate;
 import org.onosproject.cluster.ControllerNode;
 import org.onosproject.cluster.NodeId;
+import org.onosproject.core.Permission;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.event.EventDeliveryService;
 import org.slf4j.Logger;
@@ -42,6 +43,8 @@ import java.util.Set;
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Implementation of the cluster service.
@@ -88,22 +91,30 @@ public class ClusterManager implements ClusterService, ClusterAdminService {
 
     @Override
     public ControllerNode getLocalNode() {
+        checkPermission(Permission.CLUSTER_READ);
+
         return store.getLocalNode();
     }
 
     @Override
     public Set<ControllerNode> getNodes() {
+        checkPermission(Permission.CLUSTER_READ);
+
         return store.getNodes();
     }
 
     @Override
     public ControllerNode getNode(NodeId nodeId) {
+        checkPermission(Permission.CLUSTER_READ);
+
         checkNotNull(nodeId, INSTANCE_ID_NULL);
         return store.getNode(nodeId);
     }
 
     @Override
     public ControllerNode.State getState(NodeId nodeId) {
+        checkPermission(Permission.CLUSTER_READ);
+
         checkNotNull(nodeId, INSTANCE_ID_NULL);
         return store.getState(nodeId);
     }
@@ -111,6 +122,8 @@ public class ClusterManager implements ClusterService, ClusterAdminService {
 
     @Override
     public DateTime getLastUpdated(NodeId nodeId) {
+        checkPermission(Permission.CLUSTER_READ);
+
         return store.getLastUpdated(nodeId);
     }
 
@@ -144,11 +157,15 @@ public class ClusterManager implements ClusterService, ClusterAdminService {
 
     @Override
     public void addListener(ClusterEventListener listener) {
+        checkPermission(Permission.CLUSTER_EVENT);
+
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(ClusterEventListener listener) {
+        checkPermission(Permission.CLUSTER_EVENT);
+
         listenerRegistry.removeListener(listener);
     }
 

@@ -32,6 +32,7 @@ import org.onosproject.cluster.ControllerNode;
 import org.onosproject.cluster.NodeId;
 import org.onosproject.cluster.RoleInfo;
 import org.onosproject.core.MetricsHelper;
+import org.onosproject.core.Permission;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.event.EventDeliveryService;
 import org.onosproject.mastership.MastershipAdminService;
@@ -62,6 +63,8 @@ import static org.onlab.metrics.MetricsUtil.stopTimer;
 import static org.onosproject.cluster.ControllerNode.State.ACTIVE;
 import static org.onosproject.net.MastershipRole.MASTER;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 @Component(immediate = true)
 @Service
@@ -142,12 +145,16 @@ public class MastershipManager
 
     @Override
     public MastershipRole getLocalRole(DeviceId deviceId) {
+        checkPermission(Permission.CLUSTER_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return store.getRole(clusterService.getLocalNode().id(), deviceId);
     }
 
     @Override
     public void relinquishMastership(DeviceId deviceId) {
+        checkPermission(Permission.CLUSTER_WRITE);
+
         store.relinquishRole(clusterService.getLocalNode().id(), deviceId)
              .whenComplete((event, error) -> {
                  if (event != null) {
@@ -158,6 +165,8 @@ public class MastershipManager
 
     @Override
     public CompletableFuture<MastershipRole> requestRoleFor(DeviceId deviceId) {
+        checkPermission(Permission.CLUSTER_WRITE);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         final Context timer = startTimer(requestRoleTimer);
         return store.requestRole(deviceId).whenComplete((result, error) -> stopTimer(timer));
@@ -166,18 +175,24 @@ public class MastershipManager
 
     @Override
     public NodeId getMasterFor(DeviceId deviceId) {
+        checkPermission(Permission.CLUSTER_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return store.getMaster(deviceId);
     }
 
     @Override
     public Set<DeviceId> getDevicesOf(NodeId nodeId) {
+        checkPermission(Permission.CLUSTER_READ);
+
         checkNotNull(nodeId, NODE_ID_NULL);
         return store.getDevices(nodeId);
     }
 
     @Override
     public RoleInfo getNodesFor(DeviceId deviceId) {
+        checkPermission(Permission.CLUSTER_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return store.getNodes(deviceId);
     }
@@ -189,12 +204,16 @@ public class MastershipManager
 
     @Override
     public void addListener(MastershipListener listener) {
+        checkPermission(Permission.CLUSTER_EVENT);
+
         checkNotNull(listener);
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(MastershipListener listener) {
+        checkPermission(Permission.CLUSTER_EVENT);
+
         checkNotNull(listener);
         listenerRegistry.removeListener(listener);
     }

@@ -31,6 +31,7 @@ import org.onosproject.core.ApplicationIdStore;
 import org.onosproject.core.CoreService;
 import org.onosproject.core.IdBlockStore;
 import org.onosproject.core.IdGenerator;
+import org.onosproject.core.Permission;
 import org.onosproject.core.Version;
 import org.onosproject.event.EventDeliveryService;
 import org.osgi.service.component.ComponentContext;
@@ -44,6 +45,8 @@ import java.util.Set;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static com.google.common.base.Strings.isNullOrEmpty;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Core service implementation.
@@ -97,21 +100,29 @@ public class CoreManager implements CoreService {
 
     @Override
     public Version version() {
+        checkPermission(Permission.APP_READ);
+
         return version;
     }
 
     @Override
     public Set<ApplicationId> getAppIds() {
+        checkPermission(Permission.APP_READ);
+
         return applicationIdStore.getAppIds();
     }
 
     @Override
     public ApplicationId getAppId(Short id) {
+        checkPermission(Permission.APP_READ);
+
         return applicationIdStore.getAppId(id);
     }
 
     @Override
     public ApplicationId getAppId(String name) {
+        checkPermission(Permission.APP_READ);
+
         return applicationIdStore.getAppId(name);
     }
 

@@ -25,6 +25,7 @@ import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
 import org.onosproject.cluster.ClusterService;
 import org.onosproject.cluster.NodeId;
+import org.onosproject.core.Permission;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.event.EventDeliveryService;
 import org.onosproject.mastership.MastershipEvent;
@@ -68,6 +69,8 @@ import static java.util.concurrent.Executors.newSingleThreadScheduledExecutor;
 import static org.onlab.util.Tools.groupedThreads;
 import static org.onosproject.net.MastershipRole.*;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Provides implementation of the device SB & NB APIs.
@@ -148,45 +151,61 @@ public class DeviceManager
 
     @Override
     public int getDeviceCount() {
+        checkPermission(Permission.DEVICE_READ);
+
         return store.getDeviceCount();
     }
 
     @Override
     public Iterable<Device> getDevices() {
+        checkPermission(Permission.DEVICE_READ);
+
         return store.getDevices();
     }
 
     @Override
     public Iterable<Device> getAvailableDevices() {
+        checkPermission(Permission.DEVICE_READ);
+
         return store.getAvailableDevices();
     }
 
     @Override
     public Device getDevice(DeviceId deviceId) {
+        checkPermission(Permission.DEVICE_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return store.getDevice(deviceId);
     }
 
     @Override
     public MastershipRole getRole(DeviceId deviceId) {
+        checkPermission(Permission.DEVICE_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return mastershipService.getLocalRole(deviceId);
     }
 
     @Override
     public List<Port> getPorts(DeviceId deviceId) {
+        checkPermission(Permission.DEVICE_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return store.getPorts(deviceId);
     }
 
     @Override
     public List<PortStatistics> getPortStatistics(DeviceId deviceId) {
+        checkPermission(Permission.DEVICE_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return store.getPortStatistics(deviceId);
     }
 
     @Override
     public Port getPort(DeviceId deviceId, PortNumber portNumber) {
+        checkPermission(Permission.DEVICE_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         checkNotNull(portNumber, PORT_NUMBER_NULL);
         return store.getPort(deviceId, portNumber);
@@ -194,6 +213,8 @@ public class DeviceManager
 
     @Override
     public boolean isAvailable(DeviceId deviceId) {
+        checkPermission(Permission.DEVICE_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return store.isAvailable(deviceId);
     }
@@ -224,11 +245,15 @@ public class DeviceManager
 
     @Override
     public void addListener(DeviceListener listener) {
+        checkPermission(Permission.DEVICE_EVENT);
+
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(DeviceListener listener) {
+        checkPermission(Permission.DEVICE_EVENT);
+
         listenerRegistry.removeListener(listener);
     }
 

@@ -24,6 +24,7 @@ import org.apache.felix.scr.annotations.Deactivate;
 import org.apache.felix.scr.annotations.Reference;
 import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
+import org.onosproject.core.Permission;
 import org.onosproject.net.Device;
 import org.onosproject.net.DeviceId;
 import org.onosproject.net.device.DeviceService;
@@ -45,6 +46,8 @@ import java.util.stream.Collectors;
 
 import static org.onlab.util.Tools.nullIsNotFound;
 import static org.onosproject.net.AnnotationKeys.DRIVER;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Manages inventory of device drivers.
@@ -105,6 +108,8 @@ public class DriverManager extends DefaultDriverProvider implements DriverAdminS
 
     @Override
     public Set<Driver> getDrivers() {
+        checkPermission(Permission.DRIVER_READ);
+
         ImmutableSet.Builder<Driver> builder = ImmutableSet.builder();
         drivers.values().forEach(builder::add);
         return builder.build();
@@ -112,6 +117,8 @@ public class DriverManager extends DefaultDriverProvider implements DriverAdminS
 
     @Override
     public Set<Driver> getDrivers(Class<? extends Behaviour> withBehaviour) {
+        checkPermission(Permission.DRIVER_READ);
+
         return drivers.values().stream()
                 .filter(d -> d.hasBehaviour(withBehaviour))
                 .collect(Collectors.toSet());
@@ -119,11 +126,15 @@ public class DriverManager extends DefaultDriverProvider implements DriverAdminS
 
     @Override
     public Driver getDriver(String driverName) {
+        checkPermission(Permission.DRIVER_READ);
+
         return nullIsNotFound(drivers.get(driverName), NO_DRIVER);
     }
 
     @Override
     public Driver getDriver(String mfr, String hw, String sw) {
+        checkPermission(Permission.DRIVER_READ);
+
         // First attempt a literal search.
         Driver driver = driverByKey.get(key(mfr, hw, sw));
         if (driver != null) {
@@ -149,6 +160,8 @@ public class DriverManager extends DefaultDriverProvider implements DriverAdminS
 
     @Override
     public Driver getDriver(DeviceId deviceId) {
+        checkPermission(Permission.DRIVER_READ);
+
         Device device = nullIsNotFound(deviceService.getDevice(deviceId), NO_DEVICE);
         String driverName = device.annotations().value(DRIVER);
         if (driverName != null) {
@@ -161,6 +174,8 @@ public class DriverManager extends DefaultDriverProvider implements DriverAdminS
 
     @Override
     public DriverHandler createHandler(DeviceId deviceId, String... credentials) {
+        checkPermission(Permission.DRIVER_WRITE);
+
         Driver driver = getDriver(deviceId);
         return new DefaultDriverHandler(new DefaultDriverData(driver));
     }

@@ -35,6 +35,7 @@ import org.onosproject.cfg.ComponentConfigService;
 import org.onosproject.core.ApplicationId;
 import org.onosproject.core.CoreService;
 import org.onosproject.core.IdGenerator;
+import org.onosproject.core.Permission;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.event.EventDeliveryService;
 import org.onosproject.net.Device;
@@ -77,6 +78,8 @@ import java.util.concurrent.atomic.AtomicBoolean;
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.onlab.util.Tools.groupedThreads;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Provides implementation of the flow NB & SB APIs.
@@ -167,16 +170,22 @@ public class FlowRuleManager
 
     @Override
     public int getFlowRuleCount() {
+        checkPermission(Permission.FLOWRULE_READ);
+
         return store.getFlowRuleCount();
     }
 
     @Override
     public Iterable<FlowEntry> getFlowEntries(DeviceId deviceId) {
+        checkPermission(Permission.FLOWRULE_READ);
+
         return store.getFlowEntries(deviceId);
     }
 
     @Override
     public void applyFlowRules(FlowRule... flowRules) {
+        checkPermission(Permission.FLOWRULE_WRITE);
+
         FlowRuleOperations.Builder builder = FlowRuleOperations.builder();
         for (int i = 0; i < flowRules.length; i++) {
             builder.add(flowRules[i]);
@@ -186,6 +195,8 @@ public class FlowRuleManager
 
     @Override
     public void removeFlowRules(FlowRule... flowRules) {
+        checkPermission(Permission.FLOWRULE_WRITE);
+
         FlowRuleOperations.Builder builder = FlowRuleOperations.builder();
         for (int i = 0; i < flowRules.length; i++) {
             builder.remove(flowRules[i]);
@@ -195,11 +206,15 @@ public class FlowRuleManager
 
     @Override
     public void removeFlowRulesById(ApplicationId id) {
+        checkPermission(Permission.FLOWRULE_WRITE);
+
         removeFlowRules(Iterables.toArray(getFlowRulesById(id), FlowRule.class));
     }
 
     @Override
     public Iterable<FlowRule> getFlowRulesById(ApplicationId id) {
+        checkPermission(Permission.FLOWRULE_READ);
+
         Set<FlowRule> flowEntries = Sets.newHashSet();
         for (Device d : deviceService.getDevices()) {
             for (FlowEntry flowEntry : store.getFlowEntries(d.id())) {
@@ -213,6 +228,8 @@ public class FlowRuleManager
 
     @Override
     public Iterable<FlowRule> getFlowRulesByGroupId(ApplicationId appId, short groupId) {
+        checkPermission(Permission.FLOWRULE_READ);
+
         Set<FlowRule> matches = Sets.newHashSet();
         long toLookUp = ((long) appId.id() << 16) | groupId;
         for (Device d : deviceService.getDevices()) {
@@ -227,16 +244,22 @@ public class FlowRuleManager
 
     @Override
     public void apply(FlowRuleOperations ops) {
+        checkPermission(Permission.FLOWRULE_WRITE);
+
         operationsService.submit(new FlowOperationsProcessor(ops));
     }
 
     @Override
     public void addListener(FlowRuleListener listener) {
+        checkPermission(Permission.FLOWRULE_EVENT);
+
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(FlowRuleListener listener) {
+        checkPermission(Permission.FLOWRULE_EVENT);
+
         listenerRegistry.removeListener(listener);
     }
 

@@ -27,6 +27,7 @@ import org.onlab.osgi.DefaultServiceDirectory;
 import org.onlab.osgi.ServiceDirectory;
 import org.onlab.util.ItemNotFoundException;
 import org.onosproject.cluster.ClusterService;
+import org.onosproject.core.Permission;
 import org.onosproject.mastership.MastershipEvent;
 import org.onosproject.mastership.MastershipListener;
 import org.onosproject.mastership.MastershipService;
@@ -59,6 +60,8 @@ import java.util.concurrent.ExecutorService;
 
 import static java.util.concurrent.Executors.newFixedThreadPool;
 import static org.onlab.util.Tools.groupedThreads;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Provides implementation of the flow objective programming service.
@@ -212,11 +215,15 @@ public class FlowObjectiveManager implements FlowObjectiveService {
 
     @Override
     public void filter(DeviceId deviceId, FilteringObjective filteringObjective) {
+        checkPermission(Permission.FLOWRULE_WRITE);
+
         executorService.submit(new ObjectiveInstaller(deviceId, filteringObjective));
     }
 
     @Override
     public void forward(DeviceId deviceId, ForwardingObjective forwardingObjective) {
+        checkPermission(Permission.FLOWRULE_WRITE);
+
         if (queueObjective(deviceId, forwardingObjective)) {
             return;
         }
@@ -225,11 +232,15 @@ public class FlowObjectiveManager implements FlowObjectiveService {
 
     @Override
     public void next(DeviceId deviceId, NextObjective nextObjective) {
+        checkPermission(Permission.FLOWRULE_WRITE);
+
         executorService.submit(new ObjectiveInstaller(deviceId, nextObjective));
     }
 
     @Override
     public int allocateNextId() {
+        checkPermission(Permission.FLOWRULE_WRITE);
+
         return flowObjectiveStore.allocateNextId();
     }
 

@@ -27,6 +27,7 @@ import org.apache.felix.scr.annotations.Reference;
 import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
 import org.onosproject.core.ApplicationId;
+import org.onosproject.core.Permission;
 import org.onosproject.event.EventDeliveryService;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.net.DeviceId;
@@ -52,6 +53,9 @@ import org.onosproject.net.provider.AbstractProviderRegistry;
 import org.onosproject.net.provider.AbstractProviderService;
 import org.slf4j.Logger;
 
+import static org.onosproject.security.AppGuard.checkPermission;
+
+
 /**
  * Provides implementation of the group service APIs.
  */
@@ -100,6 +104,8 @@ public class GroupManager
      */
     @Override
     public void addGroup(GroupDescription groupDesc) {
+        checkPermission(Permission.GROUP_WRITE);
+
         log.trace("In addGroup API");
         store.storeGroupDescription(groupDesc);
     }
@@ -119,6 +125,8 @@ public class GroupManager
      */
     @Override
     public Group getGroup(DeviceId deviceId, GroupKey appCookie) {
+        checkPermission(Permission.GROUP_READ);
+
         log.trace("In getGroup API");
         return store.getGroup(deviceId, appCookie);
     }
@@ -141,6 +149,8 @@ public class GroupManager
                            GroupBuckets buckets,
                            GroupKey newCookie,
                            ApplicationId appId) {
+        checkPermission(Permission.GROUP_WRITE);
+
         log.trace("In addBucketsToGroup API");
         store.updateGroupDescription(deviceId,
                                      oldCookie,
@@ -167,6 +177,8 @@ public class GroupManager
                                 GroupBuckets buckets,
                                 GroupKey newCookie,
                                 ApplicationId appId) {
+        checkPermission(Permission.GROUP_WRITE);
+
         log.trace("In removeBucketsFromGroup API");
         store.updateGroupDescription(deviceId,
                                      oldCookie,
@@ -189,6 +201,8 @@ public class GroupManager
     public void removeGroup(DeviceId deviceId,
                             GroupKey appCookie,
                             ApplicationId appId) {
+        checkPermission(Permission.GROUP_WRITE);
+
         log.trace("In removeGroup API");
         store.deleteGroupDescription(deviceId, appCookie);
     }
@@ -204,12 +218,16 @@ public class GroupManager
     @Override
     public Iterable<Group> getGroups(DeviceId deviceId,
                                      ApplicationId appId) {
+        checkPermission(Permission.GROUP_READ);
+
         log.trace("In getGroups API");
         return store.getGroups(deviceId);
     }
 
     @Override
     public Iterable<Group> getGroups(DeviceId deviceId) {
+        checkPermission(Permission.GROUP_READ);
+
         log.trace("In getGroups API");
         return store.getGroups(deviceId);
     }
@@ -221,6 +239,8 @@ public class GroupManager
      */
     @Override
     public void addListener(GroupListener listener) {
+        checkPermission(Permission.GROUP_EVENT);
+
         log.trace("In addListener API");
         listenerRegistry.addListener(listener);
     }
@@ -232,6 +252,8 @@ public class GroupManager
      */
     @Override
     public void removeListener(GroupListener listener) {
+        checkPermission(Permission.GROUP_EVENT);
+
         log.trace("In removeListener API");
         listenerRegistry.removeListener(listener);
     }

@@ -24,6 +24,7 @@ import org.apache.felix.scr.annotations.Service;
 import org.onlab.packet.IpAddress;
 import org.onlab.packet.MacAddress;
 import org.onlab.packet.VlanId;
+import org.onosproject.core.Permission;
 import org.onosproject.event.EventDeliveryService;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.net.ConnectPoint;
@@ -51,6 +52,8 @@ import java.util.Set;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Provides basic implementation of the host SB & NB APIs.
@@ -109,56 +112,76 @@ public class HostManager
 
     @Override
     public int getHostCount() {
+        checkPermission(Permission.HOST_READ);
+
         return store.getHostCount();
     }
 
     @Override
     public Iterable<Host> getHosts() {
+        checkPermission(Permission.HOST_READ);
+
         return store.getHosts();
     }
 
     @Override
     public Host getHost(HostId hostId) {
+        checkPermission(Permission.HOST_READ);
+
         checkNotNull(hostId, HOST_ID_NULL);
         return store.getHost(hostId);
     }
 
     @Override
     public Set<Host> getHostsByVlan(VlanId vlanId) {
+        checkPermission(Permission.HOST_READ);
+
         return store.getHosts(vlanId);
     }
 
     @Override
     public Set<Host> getHostsByMac(MacAddress mac) {
+        checkPermission(Permission.HOST_READ);
+
         checkNotNull(mac, "MAC address cannot be null");
         return store.getHosts(mac);
     }
 
     @Override
     public Set<Host> getHostsByIp(IpAddress ip) {
+        checkPermission(Permission.HOST_READ);
+
         checkNotNull(ip, "IP address cannot be null");
         return store.getHosts(ip);
     }
 
     @Override
     public Set<Host> getConnectedHosts(ConnectPoint connectPoint) {
+        checkPermission(Permission.HOST_READ);
+
         checkNotNull(connectPoint, "Connection point cannot be null");
         return store.getConnectedHosts(connectPoint);
     }
 
     @Override
     public Set<Host> getConnectedHosts(DeviceId deviceId) {
+        checkPermission(Permission.HOST_READ);
+
         checkNotNull(deviceId, "Device ID cannot be null");
         return store.getConnectedHosts(deviceId);
     }
 
     @Override
     public void startMonitoringIp(IpAddress ip) {
+        checkPermission(Permission.HOST_EVENT);
+
         monitor.addMonitoringFor(ip);
     }
 
     @Override
     public void stopMonitoringIp(IpAddress ip) {
+        checkPermission(Permission.HOST_EVENT);
+
         monitor.stopMonitoring(ip);
     }
 
@@ -169,11 +192,15 @@ public class HostManager
 
     @Override
     public void addListener(HostListener listener) {
+        checkPermission(Permission.HOST_EVENT);
+
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(HostListener listener) {
+        checkPermission(Permission.HOST_EVENT);
+
         listenerRegistry.removeListener(listener);
     }
 
@@ -203,11 +230,15 @@ public class HostManager
 
     @Override
     public Set<PortAddresses> getAddressBindings() {
+        checkPermission(Permission.HOST_READ);
+
         return store.getAddressBindings();
     }
 
     @Override
     public Set<PortAddresses> getAddressBindingsForPort(ConnectPoint connectPoint) {
+        checkPermission(Permission.HOST_READ);
+
         return store.getAddressBindingsForPort(connectPoint);
     }
 

@@ -24,6 +24,7 @@ import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
 import org.onosproject.core.CoreService;
 import org.onosproject.core.IdGenerator;
+import org.onosproject.core.Permission;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.event.EventDeliveryService;
 import org.onosproject.net.flow.FlowRule;
@@ -65,6 +66,8 @@ import static org.onlab.util.Tools.groupedThreads;
 import static org.onosproject.net.intent.IntentState.*;
 import static org.onosproject.net.intent.impl.phase.IntentProcessPhase.newInitialPhase;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * An implementation of Intent Manager.
@@ -139,6 +142,8 @@ public class IntentManager
 
     @Override
     public void submit(Intent intent) {
+        checkPermission(Permission.INTENT_WRITE);
+
         checkNotNull(intent, INTENT_NULL);
         IntentData data = new IntentData(intent, IntentState.INSTALL_REQ, null);
         store.addPending(data);
@@ -146,6 +151,8 @@ public class IntentManager
 
     @Override
     public void withdraw(Intent intent) {
+        checkPermission(Permission.INTENT_WRITE);
+
         checkNotNull(intent, INTENT_NULL);
         IntentData data = new IntentData(intent, IntentState.WITHDRAW_REQ, null);
         store.addPending(data);
@@ -153,6 +160,8 @@ public class IntentManager
 
     @Override
     public void purge(Intent intent) {
+        checkPermission(Permission.INTENT_WRITE);
+
         checkNotNull(intent, INTENT_NULL);
         IntentData data = new IntentData(intent, IntentState.PURGE_REQ, null);
         store.addPending(data);
@@ -160,43 +169,59 @@ public class IntentManager
 
     @Override
     public Intent getIntent(Key key) {
+        checkPermission(Permission.INTENT_READ);
+
         return store.getIntent(key);
     }
 
     @Override
     public Iterable<Intent> getIntents() {
+        checkPermission(Permission.INTENT_READ);
+
         return store.getIntents();
     }
 
     @Override
     public long getIntentCount() {
+        checkPermission(Permission.INTENT_READ);
+
         return store.getIntentCount();
     }
 
     @Override
     public IntentState getIntentState(Key intentKey) {
+        checkPermission(Permission.INTENT_READ);
+
         checkNotNull(intentKey, INTENT_ID_NULL);
         return store.getIntentState(intentKey);
     }
 
     @Override
     public List<Intent> getInstallableIntents(Key intentKey) {
+        checkPermission(Permission.INTENT_READ);
+
         checkNotNull(intentKey, INTENT_ID_NULL);
         return store.getInstallableIntents(intentKey);
     }
 
     @Override
     public boolean isLocal(Key intentKey) {
+        checkPermission(Permission.INTENT_READ);
+
         return store.isMaster(intentKey);
     }
 
     @Override
     public void addListener(IntentListener listener) {
+        checkPermission(Permission.INTENT_EVENT);
+
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(IntentListener listener) {
+        checkPermission(Permission.INTENT_EVENT);
+
         listenerRegistry.removeListener(listener);
     }
 
@@ -217,6 +242,8 @@ public class IntentManager
 
     @Override
     public Iterable<Intent> getPending() {
+        checkPermission(Permission.INTENT_READ);
+
         return store.getPending();
     }
 

@@ -24,6 +24,7 @@ import org.apache.felix.scr.annotations.Deactivate;
 import org.apache.felix.scr.annotations.Reference;
 import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
+import org.onosproject.core.Permission;
 import org.onosproject.event.EventDeliveryService;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.net.ConnectPoint;
@@ -52,6 +53,8 @@ import java.util.Set;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Provides basic implementation of the link SB & NB APIs.
@@ -102,16 +105,22 @@ public class LinkManager
 
     @Override
     public int getLinkCount() {
+        checkPermission(Permission.LINK_READ);
+
         return store.getLinkCount();
     }
 
     @Override
     public Iterable<Link> getLinks() {
+        checkPermission(Permission.LINK_READ);
+
         return store.getLinks();
     }
 
     @Override
     public Iterable<Link> getActiveLinks() {
+        checkPermission(Permission.LINK_READ);
+
         return FluentIterable.from(getLinks())
                 .filter(new Predicate<Link>() {
 
@@ -124,6 +133,8 @@ public class LinkManager
 
     @Override
     public Set<Link> getDeviceLinks(DeviceId deviceId) {
+        checkPermission(Permission.LINK_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return Sets.union(store.getDeviceEgressLinks(deviceId),
                           store.getDeviceIngressLinks(deviceId));
@@ -131,18 +142,24 @@ public class LinkManager
 
     @Override
     public Set<Link> getDeviceEgressLinks(DeviceId deviceId) {
+        checkPermission(Permission.LINK_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return store.getDeviceEgressLinks(deviceId);
     }
 
     @Override
     public Set<Link> getDeviceIngressLinks(DeviceId deviceId) {
+        checkPermission(Permission.LINK_READ);
+
         checkNotNull(deviceId, DEVICE_ID_NULL);
         return store.getDeviceIngressLinks(deviceId);
     }
 
     @Override
     public Set<Link> getLinks(ConnectPoint connectPoint) {
+        checkPermission(Permission.LINK_READ);
+
         checkNotNull(connectPoint, CONNECT_POINT_NULL);
         return Sets.union(store.getEgressLinks(connectPoint),
                           store.getIngressLinks(connectPoint));
@@ -150,18 +167,24 @@ public class LinkManager
 
     @Override
     public Set<Link> getEgressLinks(ConnectPoint connectPoint) {
+        checkPermission(Permission.LINK_READ);
+
         checkNotNull(connectPoint, CONNECT_POINT_NULL);
         return store.getEgressLinks(connectPoint);
     }
 
     @Override
     public Set<Link> getIngressLinks(ConnectPoint connectPoint) {
+        checkPermission(Permission.LINK_READ);
+
         checkNotNull(connectPoint, CONNECT_POINT_NULL);
         return store.getIngressLinks(connectPoint);
     }
 
     @Override
     public Link getLink(ConnectPoint src, ConnectPoint dst) {
+        checkPermission(Permission.LINK_READ);
+
         checkNotNull(src, CONNECT_POINT_NULL);
         checkNotNull(dst, CONNECT_POINT_NULL);
         return store.getLink(src, dst);
@@ -185,11 +208,15 @@ public class LinkManager
 
     @Override
     public void addListener(LinkListener listener) {
+        checkPermission(Permission.LINK_EVENT);
+
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(LinkListener listener) {
+        checkPermission(Permission.LINK_EVENT);
+
         listenerRegistry.removeListener(listener);
     }
 

@@ -23,6 +23,7 @@ import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
 import org.onosproject.core.ApplicationId;
 import org.onosproject.core.CoreService;
+import org.onosproject.core.Permission;
 import org.onosproject.net.Device;
 import org.onosproject.net.device.DeviceEvent;
 import org.onosproject.net.device.DeviceListener;
@@ -60,6 +61,8 @@ import java.util.concurrent.ConcurrentHashMap;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Provides a basic implementation of the packet SB & NB APIs.
@@ -113,12 +116,16 @@ public class PacketManager
 
     @Override
     public void addProcessor(PacketProcessor processor, int priority) {
+        checkPermission(Permission.PACKET_EVENT);
+
         checkNotNull(processor, "Processor cannot be null");
         processors.put(priority, processor);
     }
 
     @Override
     public void removeProcessor(PacketProcessor processor) {
+        checkPermission(Permission.PACKET_EVENT);
+
         checkNotNull(processor, "Processor cannot be null");
         processors.values().remove(processor);
     }
@@ -126,6 +133,8 @@ public class PacketManager
     @Override
     public void requestPackets(TrafficSelector selector, PacketPriority priority,
                                ApplicationId appId) {
+        checkPermission(Permission.PACKET_READ);
+
         checkNotNull(selector, "Selector cannot be null");
         checkNotNull(appId, "Application ID cannot be null");
 
@@ -140,6 +149,8 @@ public class PacketManager
     @Override
     public void requestPackets(TrafficSelector selector, PacketPriority priority,
                                ApplicationId appId, FlowRule.Type tableType) {
+        checkPermission(Permission.PACKET_READ);
+
         checkNotNull(selector, "Selector cannot be null");
         checkNotNull(appId, "Application ID cannot be null");
         checkNotNull(tableType, "Table Type cannot be null. For requesting packets +"
@@ -205,6 +216,8 @@ public class PacketManager
 
     @Override
     public void emit(OutboundPacket packet) {
+        checkPermission(Permission.PACKET_WRITE);
+
         checkNotNull(packet, "Packet cannot be null");
 
         store.emit(packet);

@@ -36,6 +36,7 @@ import org.onlab.packet.VlanId;
 import org.onlab.packet.ndp.NeighborAdvertisement;
 import org.onlab.packet.ndp.NeighborDiscoveryOptions;
 import org.onlab.packet.ndp.NeighborSolicitation;
+import org.onosproject.core.Permission;
 import org.onosproject.net.ConnectPoint;
 import org.onosproject.net.Device;
 import org.onosproject.net.Host;
@@ -70,6 +71,8 @@ import java.util.Set;
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 @Component(immediate = true)
 @Service
@@ -123,6 +126,8 @@ public class ProxyArpManager implements ProxyArpService {
 
     @Override
     public boolean isKnown(IpAddress addr) {
+        checkPermission(Permission.PACKET_READ);
+
         checkNotNull(addr, MAC_ADDR_NULL);
         Set<Host> hosts = hostService.getHostsByIp(addr);
         return !hosts.isEmpty();
@@ -130,6 +135,8 @@ public class ProxyArpManager implements ProxyArpService {
 
     @Override
     public void reply(Ethernet eth, ConnectPoint inPort) {
+        checkPermission(Permission.PACKET_WRITE);
+
         checkNotNull(eth, REQUEST_NULL);
 
         if (eth.getEtherType() == Ethernet.TYPE_ARP) {
@@ -353,6 +360,8 @@ public class ProxyArpManager implements ProxyArpService {
 
     @Override
     public void forward(Ethernet eth, ConnectPoint inPort) {
+        checkPermission(Permission.PACKET_WRITE);
+
         checkNotNull(eth, REQUEST_NULL);
 
         Host h = hostService.getHost(HostId.hostId(eth.getDestinationMAC(),
@@ -371,6 +380,8 @@ public class ProxyArpManager implements ProxyArpService {
 
     @Override
     public boolean handlePacket(PacketContext context) {
+        checkPermission(Permission.PACKET_WRITE);
+
         InboundPacket pkt = context.inPacket();
         Ethernet ethPkt = pkt.parsed();
 

@@ -21,6 +21,7 @@ import org.apache.felix.scr.annotations.Deactivate;
 import org.apache.felix.scr.annotations.Reference;
 import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
+import org.onosproject.core.Permission;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.event.EventDeliveryService;
 import org.onosproject.net.Link;
@@ -56,6 +57,8 @@ import java.util.Set;
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Provides basic implementation of link resources allocation.
@@ -150,6 +153,8 @@ public class LinkResourceManager implements LinkResourceService {
 
     @Override
     public LinkResourceAllocations requestResources(LinkResourceRequest req) {
+        checkPermission(Permission.LINK_WRITE);
+
         // TODO Concatenate multiple bandwidth requests.
         // TODO Support multiple lambda resource requests.
         // TODO Throw appropriate exception.
@@ -211,6 +216,8 @@ public class LinkResourceManager implements LinkResourceService {
 
     @Override
     public void releaseResources(LinkResourceAllocations allocations) {
+        checkPermission(Permission.LINK_WRITE);
+
         final LinkResourceEvent event = store.releaseResources(allocations);
         if (event != null) {
             post(event);
@@ -220,27 +227,37 @@ public class LinkResourceManager implements LinkResourceService {
     @Override
     public LinkResourceAllocations updateResources(LinkResourceRequest req,
             LinkResourceAllocations oldAllocations) {
-         releaseResources(oldAllocations);
+        checkPermission(Permission.LINK_WRITE);
+
+        releaseResources(oldAllocations);
          return requestResources(req);
     }
 
     @Override
     public Iterable<LinkResourceAllocations> getAllocations() {
+        checkPermission(Permission.LINK_READ);
+
         return store.getAllocations();
     }
 
     @Override
     public Iterable<LinkResourceAllocations> getAllocations(Link link) {
+        checkPermission(Permission.LINK_READ);
+
         return store.getAllocations(link);
     }
 
     @Override
     public LinkResourceAllocations getAllocations(IntentId intentId) {
+        checkPermission(Permission.LINK_READ);
+
         return store.getAllocations(intentId);
     }
 
     @Override
     public Iterable<ResourceRequest> getAvailableResources(Link link) {
+        checkPermission(Permission.LINK_READ);
+
         Set<ResourceAllocation> freeRes = store.getFreeResources(link);
         Set<ResourceRequest> result = new HashSet<>();
         for (ResourceAllocation alloc : freeRes) {
@@ -265,6 +282,8 @@ public class LinkResourceManager implements LinkResourceService {
     @Override
     public Iterable<ResourceRequest> getAvailableResources(Link link,
             LinkResourceAllocations allocations) {
+        checkPermission(Permission.LINK_READ);
+
         Set<ResourceRequest> result = new HashSet<>();
         Set<ResourceAllocation> allocatedRes = allocations.getResourceAllocation(link);
         result = (Set<ResourceRequest>) getAvailableResources(link);
@@ -274,11 +293,15 @@ public class LinkResourceManager implements LinkResourceService {
 
     @Override
     public void addListener(LinkResourceListener listener) {
+        checkPermission(Permission.LINK_EVENT);
+
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(LinkResourceListener listener) {
+        checkPermission(Permission.LINK_EVENT);
+
         listenerRegistry.removeListener(listener);
     }
 

@@ -27,6 +27,7 @@ import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
 import org.onosproject.core.ApplicationId;
 import org.onosproject.core.GroupId;
+import org.onosproject.core.Permission;
 import org.onosproject.net.ConnectPoint;
 import org.onosproject.net.Link;
 import org.onosproject.net.Path;
@@ -49,6 +50,8 @@ import java.util.Set;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Provides an implementation of the Statistic Service.
@@ -83,11 +86,15 @@ public class StatisticManager implements StatisticService {
 
     @Override
     public Load load(Link link) {
-       return load(link.src());
+        checkPermission(Permission.STATISTIC_READ);
+
+        return load(link.src());
     }
 
     @Override
     public Load load(Link link, ApplicationId appId, Optional<GroupId> groupId) {
+        checkPermission(Permission.STATISTIC_READ);
+
         Statistics stats = getStatistics(link.src());
         if (!stats.isValid()) {
             return new DefaultLoad();
@@ -107,11 +114,15 @@ public class StatisticManager implements StatisticService {
 
     @Override
     public Load load(ConnectPoint connectPoint) {
+        checkPermission(Permission.STATISTIC_READ);
+
         return loadInternal(connectPoint);
     }
 
     @Override
     public Link max(Path path) {
+        checkPermission(Permission.STATISTIC_READ);
+
         if (path.links().isEmpty()) {
             return null;
         }
@@ -129,6 +140,8 @@ public class StatisticManager implements StatisticService {
 
     @Override
     public Link min(Path path) {
+        checkPermission(Permission.STATISTIC_READ);
+
         if (path.links().isEmpty()) {
             return null;
         }
@@ -146,6 +159,8 @@ public class StatisticManager implements StatisticService {
 
     @Override
     public FlowRule highestHitter(ConnectPoint connectPoint) {
+        checkPermission(Permission.STATISTIC_READ);
+
         Set<FlowEntry> hitters = statisticStore.getCurrentStatistic(connectPoint);
         if (hitters.isEmpty()) {
             return null;

@@ -24,6 +24,7 @@ import org.apache.felix.scr.annotations.Deactivate;
 import org.apache.felix.scr.annotations.Reference;
 import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
+import org.onosproject.core.Permission;
 import org.onosproject.net.ConnectPoint;
 import org.onosproject.net.DefaultEdgeLink;
 import org.onosproject.net.DefaultPath;
@@ -49,6 +50,8 @@ import java.util.Set;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
+
 
 /**
  * Provides implementation of a path selection service atop the current
@@ -85,11 +88,15 @@ public class PathManager implements PathService {
 
     @Override
     public Set<Path> getPaths(ElementId src, ElementId dst) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         return getPaths(src, dst, null);
     }
 
     @Override
     public Set<Path> getPaths(ElementId src, ElementId dst, LinkWeight weight) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(src, ELEMENT_ID_NULL);
         checkNotNull(dst, ELEMENT_ID_NULL);
 

@@ -21,6 +21,7 @@ import org.apache.felix.scr.annotations.Deactivate;
 import org.apache.felix.scr.annotations.Reference;
 import org.apache.felix.scr.annotations.ReferenceCardinality;
 import org.apache.felix.scr.annotations.Service;
+import org.onosproject.core.Permission;
 import org.onosproject.event.ListenerRegistry;
 import org.onosproject.event.Event;
 import org.onosproject.event.EventDeliveryService;
@@ -51,6 +52,7 @@ import java.util.Set;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static org.slf4j.LoggerFactory.getLogger;
+import static org.onosproject.security.AppGuard.checkPermission;
 
 /**
  * Provides basic implementation of the topology SB & NB APIs.
@@ -97,23 +99,31 @@ public class TopologyManager
 
     @Override
     public Topology currentTopology() {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         return store.currentTopology();
     }
 
     @Override
     public boolean isLatest(Topology topology) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         return store.isLatest(topology);
     }
 
     @Override
     public Set<TopologyCluster> getClusters(Topology topology) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         return store.getClusters(topology);
     }
 
     @Override
     public TopologyCluster getCluster(Topology topology, ClusterId clusterId) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         checkNotNull(topology, CLUSTER_ID_NULL);
         return store.getCluster(topology, clusterId);
@@ -121,6 +131,8 @@ public class TopologyManager
 
     @Override
     public Set<DeviceId> getClusterDevices(Topology topology, TopologyCluster cluster) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         checkNotNull(topology, CLUSTER_NULL);
         return store.getClusterDevices(topology, cluster);
@@ -128,6 +140,8 @@ public class TopologyManager
 
     @Override
     public Set<Link> getClusterLinks(Topology topology, TopologyCluster cluster) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         checkNotNull(topology, CLUSTER_NULL);
         return store.getClusterLinks(topology, cluster);
@@ -135,12 +149,16 @@ public class TopologyManager
 
     @Override
     public TopologyGraph getGraph(Topology topology) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         return store.getGraph(topology);
     }
 
     @Override
     public Set<Path> getPaths(Topology topology, DeviceId src, DeviceId dst) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         checkNotNull(src, DEVICE_ID_NULL);
         checkNotNull(dst, DEVICE_ID_NULL);
@@ -149,6 +167,8 @@ public class TopologyManager
 
     @Override
     public Set<Path> getPaths(Topology topology, DeviceId src, DeviceId dst, LinkWeight weight) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         checkNotNull(src, DEVICE_ID_NULL);
         checkNotNull(dst, DEVICE_ID_NULL);
@@ -158,6 +178,8 @@ public class TopologyManager
 
     @Override
     public boolean isInfrastructure(Topology topology, ConnectPoint connectPoint) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         checkNotNull(connectPoint, CONNECTION_POINT_NULL);
         return store.isInfrastructure(topology, connectPoint);
@@ -165,6 +187,8 @@ public class TopologyManager
 
     @Override
     public boolean isBroadcastPoint(Topology topology, ConnectPoint connectPoint) {
+        checkPermission(Permission.TOPOLOGY_READ);
+
         checkNotNull(topology, TOPOLOGY_NULL);
         checkNotNull(connectPoint, CONNECTION_POINT_NULL);
         return store.isBroadcastPoint(topology, connectPoint);
@@ -172,11 +196,15 @@ public class TopologyManager
 
     @Override
     public void addListener(TopologyListener listener) {
+        checkPermission(Permission.TOPOLOGY_EVENT);
+
         listenerRegistry.addListener(listener);
     }
 
     @Override
     public void removeListener(TopologyListener listener) {
+        checkPermission(Permission.TOPOLOGY_EVENT);
+
         listenerRegistry.removeListener(listener);
     }
 

@@ -47,14 +47,19 @@
             <artifactId>onos-api</artifactId>
         </dependency>
         <dependency>
-            <groupId>org.onosproject</groupId>
-            <artifactId>onos-security-util</artifactId>
-            <version>${project.version}</version>
-        </dependency>
-        <dependency>
             <groupId>org.apache.karaf.features</groupId>
             <artifactId>org.apache.karaf.features.core</artifactId>
         </dependency>
     </dependencies>
 
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.felix</groupId>
+                <artifactId>maven-scr-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+
+
 </project>
\ No newline at end of file

@@ -5,7 +5,7 @@ import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Sets;
 import org.apache.commons.collections.FastHashMap;
 import org.onosproject.core.Permission;
-import org.onosproject.security.util.AppPermission;
+import org.onosproject.security.AppPermission;
 import org.osgi.service.permissionadmin.PermissionInfo;
 
 import org.onosproject.app.ApplicationAdminService;

@@ -17,7 +17,7 @@ import org.onosproject.app.ApplicationState;
 import org.onosproject.core.Application;
 import org.onosproject.core.ApplicationId;
 import org.onosproject.core.Permission;
-import org.onosproject.security.util.AppPermission;
+import org.onosproject.security.AppPermission;
 import org.osgi.framework.Bundle;
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.BundleEvent;
@@ -109,7 +109,6 @@ public class SecurityModeManager {
 
         permissionAdmin.setPermissions(bundle.getLocation(), allPerm);
         log.warn("Security-Mode Started");
-
     }
 
 

@@ -14,7 +14,6 @@
     <artifactId>onos-security</artifactId>
     <packaging>pom</packaging>
     <modules>
-        <module>util</module>
         <module>impl</module>
     </modules>
 

-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-
-    <parent>
-        <artifactId>onos-security</artifactId>
-        <groupId>org.onosproject</groupId>
-        <version>1.2.0-SNAPSHOT</version>
-    </parent>
-
-    <artifactId>onos-security-util</artifactId>
-    <packaging>bundle</packaging>
-
-</project>

-/*
- * Copyright 2015 Open Networking Laboratory
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * Security mode utilities.
- */
-package org.onosproject.security.util;
\ No newline at end of file

@@ -132,9 +132,9 @@
 
     <feature name="onos-security" version="@FEATURE-VERSION"
              description="Security-Mode ONOS">
-        <!--<bundle>mvn:org.onosproject/onos-security-felix/2.2.0-ONOS</bundle>-->
+        <feature>onos-api</feature>
+        <bundle>mvn:org.onosproject/org.apache.felix.framework.security/2.2.0.onos-SNAPSHOT</bundle>
         <bundle>mvn:org.onosproject/onos-security-impl/@ONOS-VERSION</bundle>
-        <bundle>mvn:org.onosproject/onos-security-util/@ONOS-VERSION</bundle>
     </feature>
 
     <!-- Deprecated! For standalone testing only. -->

@@ -17,6 +17,7 @@ package org.onosproject.openflow.controller;
 
 
 import org.onlab.packet.Ethernet;
+import org.onosproject.core.Permission;
 import org.projectfloodlight.openflow.protocol.OFPacketIn;
 import org.projectfloodlight.openflow.protocol.OFPacketOut;
 import org.projectfloodlight.openflow.protocol.OFVersion;
@@ -30,6 +31,9 @@ import java.nio.BufferUnderflowException;
 import java.util.Collections;
 import java.util.concurrent.atomic.AtomicBoolean;
 
+import static org.onosproject.security.AppGuard.checkPermission;
+
+
 /**
  * Default implementation of an OpenFlowPacketContext.
  */
@@ -51,6 +55,8 @@ public final class DefaultOpenFlowPacketContext implements OpenFlowPacketContext
 
     @Override
     public void send() {
+        checkPermission(Permission.PACKET_WRITE);
+
         if (block() && isBuilt.get()) {
             sw.sendMsg(pktout);
         }
@@ -89,6 +95,8 @@ public final class DefaultOpenFlowPacketContext implements OpenFlowPacketContext
 
     @Override
     public Ethernet parsed() {
+        checkPermission(Permission.PACKET_READ);
+
         Ethernet eth = new Ethernet();
         try {
             eth.deserialize(pktin.getData(), 0, pktin.getData().length);
@@ -100,6 +108,8 @@ public final class DefaultOpenFlowPacketContext implements OpenFlowPacketContext
 
     @Override
     public Dpid dpid() {
+        checkPermission(Permission.PACKET_READ);
+
         return new Dpid(sw.getId());
     }
 
@@ -117,6 +127,8 @@ public final class DefaultOpenFlowPacketContext implements OpenFlowPacketContext
 
     @Override
     public Integer inPort() {
+        checkPermission(Permission.PACKET_READ);
+
         return pktinInPort().getPortNumber();
     }
 
@@ -129,6 +141,7 @@ public final class DefaultOpenFlowPacketContext implements OpenFlowPacketContext
 
     @Override
     public byte[] unparsed() {
+        checkPermission(Permission.PACKET_READ);
 
         return pktin.getData().clone();
 
@@ -144,16 +157,22 @@ public final class DefaultOpenFlowPacketContext implements OpenFlowPacketContext
 
     @Override
     public boolean block() {
+        checkPermission(Permission.PACKET_WRITE);
+
         return free.getAndSet(false);
     }
 
     @Override
     public boolean isHandled() {
+        checkPermission(Permission.PACKET_READ);
+
         return !free.get();
     }
 
     @Override
     public boolean isBuffered() {
+        checkPermission(Permission.PACKET_READ);
+
         return isBuffered;
     }