홍길동 / onos

Go to a project
Toggle navigation Toggle navigation pinning
Changhoon Yoon
Committed by Gerrit Code Review
bdeb88a7 1 parent 3310a341

ONOS-1896 Modify Application Subsystem to support Security-Mode ONOS 

Change-Id: Ie3686e0d5071f9f6e946bc48ed7562bb2f5ec413
Inline Side-by-side
Showing 19 changed files with 268 additions and 28 deletions
...@@ -15,6 +15,7 @@ ...@@ -15,6 +15,7 @@
15 */ 15 */
16 package org.onosproject.app; 16 package org.onosproject.app;
17 17
18 +import org.onosproject.core.ApplicationRole;
18 import org.onosproject.core.Permission; 19 import org.onosproject.core.Permission;
19 import org.onosproject.core.Version; 20 import org.onosproject.core.Version;
20 21
...@@ -57,6 +58,13 @@ public interface ApplicationDescription { ...@@ -57,6 +58,13 @@ public interface ApplicationDescription {
57 String origin(); 58 String origin();
58 59
59 /** 60 /**
61 + * Returns the role of the application.
62 + *
63 + * @return application role
64 + */
65 + ApplicationRole role();
66 +
67 + /**
60 * Returns the permissions requested by the application. 68 * Returns the permissions requested by the application.
61 * 69 *
62 * @return requested permissions 70 * @return requested permissions
......
...@@ -15,6 +15,7 @@ ...@@ -15,6 +15,7 @@
15 */ 15 */
16 package org.onosproject.app; 16 package org.onosproject.app;
17 17
18 +import org.onosproject.core.ApplicationRole;
18 import org.onosproject.core.Permission; 19 import org.onosproject.core.Permission;
19 import org.onosproject.core.Version; 20 import org.onosproject.core.Version;
20 21
...@@ -36,6 +37,7 @@ public class DefaultApplicationDescription implements ApplicationDescription { ...@@ -36,6 +37,7 @@ public class DefaultApplicationDescription implements ApplicationDescription {
36 private final Version version; 37 private final Version version;
37 private final String description; 38 private final String description;
38 private final String origin; 39 private final String origin;
40 + private final ApplicationRole role;
39 private final Set<Permission> permissions; 41 private final Set<Permission> permissions;
40 private final Optional<URI> featuresRepo; 42 private final Optional<URI> featuresRepo;
41 private final List<String> features; 43 private final List<String> features;
...@@ -47,18 +49,20 @@ public class DefaultApplicationDescription implements ApplicationDescription { ...@@ -47,18 +49,20 @@ public class DefaultApplicationDescription implements ApplicationDescription {
47 * @param version application version 49 * @param version application version
48 * @param description application description 50 * @param description application description
49 * @param origin origin company 51 * @param origin origin company
52 + * @param role application role
50 * @param permissions requested permissions 53 * @param permissions requested permissions
51 * @param featuresRepo optional features repo URI 54 * @param featuresRepo optional features repo URI
52 * @param features application features 55 * @param features application features
53 */ 56 */
54 public DefaultApplicationDescription(String name, Version version, 57 public DefaultApplicationDescription(String name, Version version,
55 String description, String origin, 58 String description, String origin,
56 - Set<Permission> permissions, 59 + ApplicationRole role, Set<Permission> permissions,
57 URI featuresRepo, List<String> features) { 60 URI featuresRepo, List<String> features) {
58 this.name = checkNotNull(name, "Name cannot be null"); 61 this.name = checkNotNull(name, "Name cannot be null");
59 this.version = checkNotNull(version, "Version cannot be null"); 62 this.version = checkNotNull(version, "Version cannot be null");
60 this.description = checkNotNull(description, "Description cannot be null"); 63 this.description = checkNotNull(description, "Description cannot be null");
61 this.origin = checkNotNull(origin, "Origin cannot be null"); 64 this.origin = checkNotNull(origin, "Origin cannot be null");
65 + this.role = checkNotNull(role, "Role cannot be null");
62 this.permissions = checkNotNull(permissions, "Permissions cannot be null"); 66 this.permissions = checkNotNull(permissions, "Permissions cannot be null");
63 this.featuresRepo = Optional.ofNullable(featuresRepo); 67 this.featuresRepo = Optional.ofNullable(featuresRepo);
64 this.features = checkNotNull(features, "Features cannot be null"); 68 this.features = checkNotNull(features, "Features cannot be null");
...@@ -86,6 +90,11 @@ public class DefaultApplicationDescription implements ApplicationDescription { ...@@ -86,6 +90,11 @@ public class DefaultApplicationDescription implements ApplicationDescription {
86 } 90 }
87 91
88 @Override 92 @Override
93 + public ApplicationRole role() {
94 + return role;
95 + }
96 +
97 + @Override
89 public Set<Permission> permissions() { 98 public Set<Permission> permissions() {
90 return permissions; 99 return permissions;
91 } 100 }
...@@ -107,6 +116,7 @@ public class DefaultApplicationDescription implements ApplicationDescription { ...@@ -107,6 +116,7 @@ public class DefaultApplicationDescription implements ApplicationDescription {
107 .add("version", version) 116 .add("version", version)
108 .add("description", description) 117 .add("description", description)
109 .add("origin", origin) 118 .add("origin", origin)
119 + .add("role", role)
110 .add("permissions", permissions) 120 .add("permissions", permissions)
111 .add("featuresRepo", featuresRepo) 121 .add("featuresRepo", featuresRepo)
112 .add("features", features) 122 .add("features", features)
......
...@@ -54,6 +54,13 @@ public interface Application { ...@@ -54,6 +54,13 @@ public interface Application {
54 String origin(); 54 String origin();
55 55
56 /** 56 /**
57 + * Returns the role of the application.
58 + *
59 + * @return application role
60 + */
61 + ApplicationRole role();
62 +
63 + /**
57 * Returns the permissions requested by the application. 64 * Returns the permissions requested by the application.
58 * 65 *
59 * @return requested permissions 66 * @return requested permissions
......
1 +/*
2 + * Copyright 2015 Open Networking Laboratory
3 + *
4 + * Licensed under the Apache License, Version 2.0 (the "License");
5 + * you may not use this file except in compliance with the License.
6 + * You may obtain a copy of the License at
7 + *
8 + * http://www.apache.org/licenses/LICENSE-2.0
9 + *
10 + * Unless required by applicable law or agreed to in writing, software
11 + * distributed under the License is distributed on an "AS IS" BASIS,
12 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 + * See the License for the specific language governing permissions and
14 + * limitations under the License.
15 + */
16 +
17 +package org.onosproject.core;
18 +
19 +public enum ApplicationRole {
20 + /**
21 + * Indicates that an application has an ADMIN role.
22 + */
23 + ADMIN,
24 +
25 + /**
26 + * Indicates that an application has a REGULAR role.
27 + */
28 + REGULAR,
29 +
30 + /**
31 + * Indicates that an application role has not been specified.
32 + */
33 + UNSPECIFIED,
34 +
35 + /**
36 + * More useful roles may be defined.
37 + */
38 +}
...@@ -16,10 +16,10 @@ ...@@ -16,10 +16,10 @@
16 package org.onosproject.core; 16 package org.onosproject.core;
17 17
18 import java.net.URI; 18 import java.net.URI;
19 +import java.util.Set;
20 +import java.util.Optional;
19 import java.util.List; 21 import java.util.List;
20 import java.util.Objects; 22 import java.util.Objects;
21 -import java.util.Optional;
22 -import java.util.Set;
23 23
24 import static com.google.common.base.MoreObjects.toStringHelper; 24 import static com.google.common.base.MoreObjects.toStringHelper;
25 import static com.google.common.base.Preconditions.checkArgument; 25 import static com.google.common.base.Preconditions.checkArgument;
...@@ -34,6 +34,7 @@ public class DefaultApplication implements Application { ...@@ -34,6 +34,7 @@ public class DefaultApplication implements Application {
34 private final Version version; 34 private final Version version;
35 private final String description; 35 private final String description;
36 private final String origin; 36 private final String origin;
37 + private final ApplicationRole role;
37 private final Set<Permission> permissions; 38 private final Set<Permission> permissions;
38 private final Optional<URI> featuresRepo; 39 private final Optional<URI> featuresRepo;
39 private final List<String> features; 40 private final List<String> features;
...@@ -45,18 +46,20 @@ public class DefaultApplication implements Application { ...@@ -45,18 +46,20 @@ public class DefaultApplication implements Application {
45 * @param version application version 46 * @param version application version
46 * @param description application description 47 * @param description application description
47 * @param origin origin company 48 * @param origin origin company
49 + * @param role application role
48 * @param permissions requested permissions 50 * @param permissions requested permissions
49 * @param featuresRepo optional features repo URI 51 * @param featuresRepo optional features repo URI
50 * @param features application features 52 * @param features application features
51 */ 53 */
52 public DefaultApplication(ApplicationId appId, Version version, 54 public DefaultApplication(ApplicationId appId, Version version,
53 String description, String origin, 55 String description, String origin,
54 - Set<Permission> permissions, 56 + ApplicationRole role, Set<Permission> permissions,
55 Optional<URI> featuresRepo, List<String> features) { 57 Optional<URI> featuresRepo, List<String> features) {
56 this.appId = checkNotNull(appId, "ID cannot be null"); 58 this.appId = checkNotNull(appId, "ID cannot be null");
57 this.version = checkNotNull(version, "Version cannot be null"); 59 this.version = checkNotNull(version, "Version cannot be null");
58 this.description = checkNotNull(description, "Description cannot be null"); 60 this.description = checkNotNull(description, "Description cannot be null");
59 this.origin = checkNotNull(origin, "Origin cannot be null"); 61 this.origin = checkNotNull(origin, "Origin cannot be null");
62 + this.role = checkNotNull(role, "Role cannot be null");
60 this.permissions = checkNotNull(permissions, "Permissions cannot be null"); 63 this.permissions = checkNotNull(permissions, "Permissions cannot be null");
61 this.featuresRepo = checkNotNull(featuresRepo, "Features repo cannot be null"); 64 this.featuresRepo = checkNotNull(featuresRepo, "Features repo cannot be null");
62 this.features = checkNotNull(features, "Features cannot be null"); 65 this.features = checkNotNull(features, "Features cannot be null");
...@@ -84,6 +87,11 @@ public class DefaultApplication implements Application { ...@@ -84,6 +87,11 @@ public class DefaultApplication implements Application {
84 } 87 }
85 88
86 @Override 89 @Override
90 + public ApplicationRole role() {
91 + return role;
92 + }
93 +
94 + @Override
87 public Set<Permission> permissions() { 95 public Set<Permission> permissions() {
88 return permissions; 96 return permissions;
89 } 97 }
...@@ -100,7 +108,7 @@ public class DefaultApplication implements Application { ...@@ -100,7 +108,7 @@ public class DefaultApplication implements Application {
100 108
101 @Override 109 @Override
102 public int hashCode() { 110 public int hashCode() {
103 - return Objects.hash(appId, version, description, origin, permissions, 111 + return Objects.hash(appId, version, description, origin, role, permissions,
104 featuresRepo, features); 112 featuresRepo, features);
105 } 113 }
106 114
...@@ -117,6 +125,7 @@ public class DefaultApplication implements Application { ...@@ -117,6 +125,7 @@ public class DefaultApplication implements Application {
117 Objects.equals(this.version, other.version) && 125 Objects.equals(this.version, other.version) &&
118 Objects.equals(this.description, other.description) && 126 Objects.equals(this.description, other.description) &&
119 Objects.equals(this.origin, other.origin) && 127 Objects.equals(this.origin, other.origin) &&
128 + Objects.equals(this.role, other.role) &&
120 Objects.equals(this.permissions, other.permissions) && 129 Objects.equals(this.permissions, other.permissions) &&
121 Objects.equals(this.featuresRepo, other.featuresRepo) && 130 Objects.equals(this.featuresRepo, other.featuresRepo) &&
122 Objects.equals(this.features, other.features); 131 Objects.equals(this.features, other.features);
...@@ -129,6 +138,7 @@ public class DefaultApplication implements Application { ...@@ -129,6 +138,7 @@ public class DefaultApplication implements Application {
129 .add("version", version) 138 .add("version", version)
130 .add("description", description) 139 .add("description", description)
131 .add("origin", origin) 140 .add("origin", origin)
141 + .add("role", role)
132 .add("permissions", permissions) 142 .add("permissions", permissions)
133 .add("featuresRepo", featuresRepo) 143 .add("featuresRepo", featuresRepo)
134 .add("features", features) 144 .add("features", features)
......
1 +/*
2 + * Copyright 2015 Open Networking Laboratory
3 + *
4 + * Licensed under the Apache License, Version 2.0 (the "License");
5 + * you may not use this file except in compliance with the License.
6 + * You may obtain a copy of the License at
7 + *
8 + * http://www.apache.org/licenses/LICENSE-2.0
9 + *
10 + * Unless required by applicable law or agreed to in writing, software
11 + * distributed under the License is distributed on an "AS IS" BASIS,
12 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 + * See the License for the specific language governing permissions and
14 + * limitations under the License.
15 + */
16 +
17 +package org.onosproject.core;
18 +
19 +import java.security.BasicPermission;
20 +
21 +/**
22 + * Default implementation of ONOS application permissions for API-level access control.
23 + */
24 +public class DefaultPermission extends BasicPermission implements Permission {
25 +
26 + public enum Type {
27 + APP_READ,
28 + APP_EVENT,
29 + CONFIG_READ,
30 + CONFIG_WRITE,
31 + CLUSTER_READ,
32 + CLUSTER_WRITE,
33 + CLUSTER_EVENT,
34 + DEVICE_READ,
35 + DEVICE_EVENT,
36 + DRIVER_READ,
37 + DRIVER_WRITE,
38 + FLOWRULE_READ,
39 + FLOWRULE_WRITE,
40 + FLOWRULE_EVENT,
41 + GROUP_READ,
42 + GROUP_WRITE,
43 + GROUP_EVENT,
44 + HOST_READ,
45 + HOST_WRITE,
46 + HOST_EVENT,
47 + INTENT_READ,
48 + INTENT_WRITE,
49 + INTENT_EVENT,
50 + LINK_READ,
51 + LINK_WRITE,
52 + LINK_EVENT,
53 + PACKET_READ,
54 + PACKET_WRITE,
55 + PACKET_EVENT,
56 + STATISTIC_READ,
57 + TOPOLOGY_READ,
58 + TOPOLOGY_EVENT,
59 + TUNNEL_READ,
60 + TUNNEL_WRITE,
61 + TUNNEL_EVENT,
62 + STORAGE_WRITE
63 + }
64 +
65 + /**
66 + * Creates a new DefaultPermission.
67 + * @param name name of the permission
68 + * @param actions optional action field
69 + */
70 + public DefaultPermission(String name, String actions) {
71 + super(name, actions);
72 + }
73 +
74 + /**
75 + * Creates a new DefaultPermission.
76 + * @param name name of the permission
77 + */
78 + public DefaultPermission(String name) {
79 + super(name, "");
80 + }
81 +
82 + public DefaultPermission(Type permtype) {
83 + super(permtype.name(), "");
84 + }
85 +
86 + @Override
87 + public String name() {
88 + return super.getName();
89 + }
90 +
91 + @Override
92 + public String actions() {
93 + return super.getActions();
94 + }
95 +}
...@@ -19,5 +19,16 @@ package org.onosproject.core; ...@@ -19,5 +19,16 @@ package org.onosproject.core;
19 * Representation of an application permission. 19 * Representation of an application permission.
20 */ 20 */
21 public interface Permission { 21 public interface Permission {
22 - // TODO: to be fleshed out 22 +
23 + /**
24 + * Returns the name of the permission.
25 + * @return a string value
26 + */
27 + String name();
28 +
29 + /**
30 + * Returns the actions string of the permission if specified.
31 + * @return a string value
32 + */
33 + String actions();
23 } 34 }
......
...@@ -32,7 +32,7 @@ import static org.onosproject.core.DefaultApplicationTest.APP_ID; ...@@ -32,7 +32,7 @@ import static org.onosproject.core.DefaultApplicationTest.APP_ID;
32 public class ApplicationEventTest extends AbstractEventTest { 32 public class ApplicationEventTest extends AbstractEventTest {
33 33
34 private Application createApp() { 34 private Application createApp() {
35 - return new DefaultApplication(APP_ID, VER, DESC, ORIGIN, 35 + return new DefaultApplication(APP_ID, VER, DESC, ORIGIN, ROLE,
36 PERMS, Optional.of(FURL), FEATURES); 36 PERMS, Optional.of(FURL), FEATURES);
37 } 37 }
38 38
......
...@@ -18,6 +18,8 @@ package org.onosproject.app; ...@@ -18,6 +18,8 @@ package org.onosproject.app;
18 import com.google.common.collect.ImmutableList; 18 import com.google.common.collect.ImmutableList;
19 import com.google.common.collect.ImmutableSet; 19 import com.google.common.collect.ImmutableSet;
20 import org.junit.Test; 20 import org.junit.Test;
21 +import org.onosproject.core.ApplicationRole;
22 +import org.onosproject.core.DefaultPermission;
21 import org.onosproject.core.Permission; 23 import org.onosproject.core.Permission;
22 import org.onosproject.core.Version; 24 import org.onosproject.core.Version;
23 25
...@@ -27,6 +29,9 @@ import java.util.Set; ...@@ -27,6 +29,9 @@ import java.util.Set;
27 29
28 import static org.junit.Assert.assertEquals; 30 import static org.junit.Assert.assertEquals;
29 import static org.junit.Assert.assertTrue; 31 import static org.junit.Assert.assertTrue;
32 +import static org.onosproject.core.DefaultPermission.Type.FLOWRULE_WRITE;
33 +import static org.onosproject.core.DefaultPermission.Type.FLOWRULE_READ;
34 +
30 35
31 /** 36 /**
32 * Basic tests of the default app description. 37 * Basic tests of the default app description.
...@@ -37,7 +42,9 @@ public class DefaultApplicationDescriptionTest { ...@@ -37,7 +42,9 @@ public class DefaultApplicationDescriptionTest {
37 public static final Version VER = Version.version(1, 2, "a", null); 42 public static final Version VER = Version.version(1, 2, "a", null);
38 public static final String DESC = "Awesome application from Circus"; 43 public static final String DESC = "Awesome application from Circus";
39 public static final String ORIGIN = "Circus"; 44 public static final String ORIGIN = "Circus";
40 - public static final Set<Permission> PERMS = ImmutableSet.of(); 45 + public static final ApplicationRole ROLE = ApplicationRole.ADMIN;
46 + public static final Set<Permission> PERMS = ImmutableSet.of(new DefaultPermission(FLOWRULE_WRITE),
47 + new DefaultPermission(FLOWRULE_READ));
41 public static final URI FURL = URI.create("mvn:org.foo-features/1.2a/xml/features"); 48 public static final URI FURL = URI.create("mvn:org.foo-features/1.2a/xml/features");
42 public static final List<String> FEATURES = ImmutableList.of("foo", "bar"); 49 public static final List<String> FEATURES = ImmutableList.of("foo", "bar");
43 50
...@@ -45,11 +52,12 @@ public class DefaultApplicationDescriptionTest { ...@@ -45,11 +52,12 @@ public class DefaultApplicationDescriptionTest {
45 public void basics() { 52 public void basics() {
46 ApplicationDescription app = 53 ApplicationDescription app =
47 new DefaultApplicationDescription(APP_NAME, VER, DESC, ORIGIN, 54 new DefaultApplicationDescription(APP_NAME, VER, DESC, ORIGIN,
48 - PERMS, FURL, FEATURES); 55 + ROLE, PERMS, FURL, FEATURES);
49 assertEquals("incorrect id", APP_NAME, app.name()); 56 assertEquals("incorrect id", APP_NAME, app.name());
50 assertEquals("incorrect version", VER, app.version()); 57 assertEquals("incorrect version", VER, app.version());
51 assertEquals("incorrect description", DESC, app.description()); 58 assertEquals("incorrect description", DESC, app.description());
52 assertEquals("incorrect origin", ORIGIN, app.origin()); 59 assertEquals("incorrect origin", ORIGIN, app.origin());
60 + assertEquals("incorect role", ROLE, app.role());
53 assertEquals("incorrect permissions", PERMS, app.permissions()); 61 assertEquals("incorrect permissions", PERMS, app.permissions());
54 assertEquals("incorrect features repo", FURL, app.featuresRepo().get()); 62 assertEquals("incorrect features repo", FURL, app.featuresRepo().get());
55 assertEquals("incorrect features", FEATURES, app.features()); 63 assertEquals("incorrect features", FEATURES, app.features());
......
...@@ -33,12 +33,13 @@ public class DefaultApplicationTest { ...@@ -33,12 +33,13 @@ public class DefaultApplicationTest {
33 33
34 @Test 34 @Test
35 public void basics() { 35 public void basics() {
36 - Application app = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, 36 + Application app = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, ROLE,
37 PERMS, Optional.of(FURL), FEATURES); 37 PERMS, Optional.of(FURL), FEATURES);
38 assertEquals("incorrect id", APP_ID, app.id()); 38 assertEquals("incorrect id", APP_ID, app.id());
39 assertEquals("incorrect version", VER, app.version()); 39 assertEquals("incorrect version", VER, app.version());
40 assertEquals("incorrect description", DESC, app.description()); 40 assertEquals("incorrect description", DESC, app.description());
41 assertEquals("incorrect origin", ORIGIN, app.origin()); 41 assertEquals("incorrect origin", ORIGIN, app.origin());
42 + assertEquals("incorrect role", ROLE, app.role());
42 assertEquals("incorrect permissions", PERMS, app.permissions()); 43 assertEquals("incorrect permissions", PERMS, app.permissions());
43 assertEquals("incorrect features repo", FURL, app.featuresRepo().get()); 44 assertEquals("incorrect features repo", FURL, app.featuresRepo().get());
44 assertEquals("incorrect features", FEATURES, app.features()); 45 assertEquals("incorrect features", FEATURES, app.features());
...@@ -47,13 +48,13 @@ public class DefaultApplicationTest { ...@@ -47,13 +48,13 @@ public class DefaultApplicationTest {
47 48
48 @Test 49 @Test
49 public void testEquality() { 50 public void testEquality() {
50 - Application a1 = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, 51 + Application a1 = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, ROLE,
51 PERMS, Optional.of(FURL), FEATURES); 52 PERMS, Optional.of(FURL), FEATURES);
52 - Application a2 = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, 53 + Application a2 = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, ROLE,
53 PERMS, Optional.of(FURL), FEATURES); 54 PERMS, Optional.of(FURL), FEATURES);
54 - Application a3 = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, 55 + Application a3 = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, ROLE,
55 PERMS, Optional.empty(), FEATURES); 56 PERMS, Optional.empty(), FEATURES);
56 - Application a4 = new DefaultApplication(APP_ID, VER, DESC, ORIGIN + "asd", 57 + Application a4 = new DefaultApplication(APP_ID, VER, DESC, ORIGIN + "asd", ROLE,
57 PERMS, Optional.of(FURL), FEATURES); 58 PERMS, Optional.of(FURL), FEATURES);
58 new EqualsTester().addEqualityGroup(a1, a2) 59 new EqualsTester().addEqualityGroup(a1, a2)
59 .addEqualityGroup(a3).addEqualityGroup(a4).testEquals(); 60 .addEqualityGroup(a3).addEqualityGroup(a4).testEquals();
......
...@@ -27,6 +27,8 @@ import org.onosproject.app.ApplicationEvent; ...@@ -27,6 +27,8 @@ import org.onosproject.app.ApplicationEvent;
27 import org.onosproject.app.ApplicationException; 27 import org.onosproject.app.ApplicationException;
28 import org.onosproject.app.ApplicationStoreDelegate; 28 import org.onosproject.app.ApplicationStoreDelegate;
29 import org.onosproject.app.DefaultApplicationDescription; 29 import org.onosproject.app.DefaultApplicationDescription;
30 +import org.onosproject.core.ApplicationRole;
31 +import org.onosproject.core.DefaultPermission;
30 import org.onosproject.core.Permission; 32 import org.onosproject.core.Permission;
31 import org.onosproject.core.Version; 33 import org.onosproject.core.Version;
32 import org.onosproject.store.AbstractStore; 34 import org.onosproject.store.AbstractStore;
...@@ -42,7 +44,9 @@ import java.io.InputStream; ...@@ -42,7 +44,9 @@ import java.io.InputStream;
42 import java.net.URI; 44 import java.net.URI;
43 import java.nio.charset.Charset; 45 import java.nio.charset.Charset;
44 import java.nio.file.NoSuchFileException; 46 import java.nio.file.NoSuchFileException;
47 +import java.util.ArrayList;
45 import java.util.List; 48 import java.util.List;
49 +import java.util.Locale;
46 import java.util.Set; 50 import java.util.Set;
47 import java.util.zip.ZipEntry; 51 import java.util.zip.ZipEntry;
48 import java.util.zip.ZipInputStream; 52 import java.util.zip.ZipInputStream;
...@@ -74,6 +78,9 @@ public class ApplicationArchive ...@@ -74,6 +78,9 @@ public class ApplicationArchive
74 private static final String FEATURES = "[@features]"; 78 private static final String FEATURES = "[@features]";
75 private static final String DESCRIPTION = "description"; 79 private static final String DESCRIPTION = "description";
76 80
81 + private static final String ROLE = "security.role";
82 + private static final String PERMISSIONS = "security.permissions.permission";
83 +
77 private static final String OAR = ".oar"; 84 private static final String OAR = ".oar";
78 private static final String APP_XML = "app.xml"; 85 private static final String APP_XML = "app.xml";
79 private static final String M2_PREFIX = "m2"; 86 private static final String M2_PREFIX = "m2";
...@@ -267,12 +274,13 @@ public class ApplicationArchive ...@@ -267,12 +274,13 @@ public class ApplicationArchive
267 Version version = Version.version(cfg.getString(VERSION)); 274 Version version = Version.version(cfg.getString(VERSION));
268 String desc = cfg.getString(DESCRIPTION); 275 String desc = cfg.getString(DESCRIPTION);
269 String origin = cfg.getString(ORIGIN); 276 String origin = cfg.getString(ORIGIN);
270 - Set<Permission> perms = ImmutableSet.of(); 277 + ApplicationRole role = getRole(cfg.getString(ROLE));
278 + Set<Permission> perms = getPermissions(cfg);
271 String featRepo = cfg.getString(FEATURES_REPO); 279 String featRepo = cfg.getString(FEATURES_REPO);
272 URI featuresRepo = featRepo != null ? URI.create(featRepo) : null; 280 URI featuresRepo = featRepo != null ? URI.create(featRepo) : null;
273 List<String> features = ImmutableList.copyOf(cfg.getStringArray(FEATURES)); 281 List<String> features = ImmutableList.copyOf(cfg.getStringArray(FEATURES));
274 282
275 - return new DefaultApplicationDescription(name, version, desc, origin, 283 + return new DefaultApplicationDescription(name, version, desc, origin, role,
276 perms, featuresRepo, features); 284 perms, featuresRepo, features);
277 } 285 }
278 286
...@@ -368,4 +376,34 @@ public class ApplicationArchive ...@@ -368,4 +376,34 @@ public class ApplicationArchive
368 return new File(new File(appsDir, appName), fileName); 376 return new File(new File(appsDir, appName), fileName);
369 } 377 }
370 378
379 + // Returns the set of Permissions specified in the app.xml file
380 + private ImmutableSet<Permission> getPermissions(XMLConfiguration cfg) {
381 + List<Permission> perms = new ArrayList();
382 + for (Object o : cfg.getList(PERMISSIONS)) {
383 + DefaultPermission perm = null;
384 + if (o != null) {
385 + String permStr = (String) o;
386 + perm = new DefaultPermission(permStr);
387 + }
388 + if (perm != null) {
389 + perms.add(perm);
390 + }
391 + }
392 +
393 + return ImmutableSet.copyOf(perms);
394 + }
395 +
396 + // Returns application role type
397 + public ApplicationRole getRole(String value) {
398 + if (value == null) {
399 + return ApplicationRole.UNSPECIFIED;
400 + } else {
401 + try {
402 + return ApplicationRole.valueOf(value.toUpperCase(Locale.ENGLISH));
403 + } catch (IllegalArgumentException e) {
404 + log.debug("Unknown role value: %s", value);
405 + return ApplicationRole.UNSPECIFIED;
406 + }
407 + }
408 + }
371 } 409 }
......
...@@ -56,6 +56,7 @@ public class ApplicationArchiveTest { ...@@ -56,6 +56,7 @@ public class ApplicationArchiveTest {
56 assertEquals("incorrect name", APP_NAME, app.name()); 56 assertEquals("incorrect name", APP_NAME, app.name());
57 assertEquals("incorrect version", VER, app.version()); 57 assertEquals("incorrect version", VER, app.version());
58 assertEquals("incorrect origin", ORIGIN, app.origin()); 58 assertEquals("incorrect origin", ORIGIN, app.origin());
59 + assertEquals("incorrect role", ROLE, app.role());
59 60
60 assertEquals("incorrect description", DESC, app.description()); 61 assertEquals("incorrect description", DESC, app.description());
61 assertEquals("incorrect features URI", FURL, app.featuresRepo().get()); 62 assertEquals("incorrect features URI", FURL, app.featuresRepo().get());
......
...@@ -18,4 +18,11 @@ ...@@ -18,4 +18,11 @@
18 featuresRepo="mvn:org.foo-features/1.2a/xml/features" 18 featuresRepo="mvn:org.foo-features/1.2a/xml/features"
19 features="foo,bar"> 19 features="foo,bar">
20 <description>Awesome application from Circus, Inc.</description> 20 <description>Awesome application from Circus, Inc.</description>
21 + <security>
22 + <role>ADMIN</role>
23 + <permissions>
24 + <permission>FLOWRULE_WRITE</permission>
25 + <permission>FLOWRULE_READ</permission>
26 + </permissions>
27 + </security>
21 </app> 28 </app>
......
...@@ -127,7 +127,7 @@ public class ApplicationManagerTest { ...@@ -127,7 +127,7 @@ public class ApplicationManagerTest {
127 127
128 @Override 128 @Override
129 public Application create(InputStream appDescStream) { 129 public Application create(InputStream appDescStream) {
130 - app = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, PERMS, 130 + app = new DefaultApplication(APP_ID, VER, DESC, ORIGIN, ROLE, PERMS,
131 Optional.of(FURL), FEATURES); 131 Optional.of(FURL), FEATURES);
132 state = INSTALLED; 132 state = INSTALLED;
133 delegate.notify(new ApplicationEvent(APP_INSTALLED, app)); 133 delegate.notify(new ApplicationEvent(APP_INSTALLED, app));
......
...@@ -431,7 +431,7 @@ public class GossipApplicationStore extends ApplicationArchive ...@@ -431,7 +431,7 @@ public class GossipApplicationStore extends ApplicationArchive
431 private Application registerApp(ApplicationDescription appDesc) { 431 private Application registerApp(ApplicationDescription appDesc) {
432 ApplicationId appId = idStore.registerApplication(appDesc.name()); 432 ApplicationId appId = idStore.registerApplication(appDesc.name());
433 return new DefaultApplication(appId, appDesc.version(), appDesc.description(), 433 return new DefaultApplication(appId, appDesc.version(), appDesc.description(),
434 - appDesc.origin(), appDesc.permissions(), 434 + appDesc.origin(), appDesc.role(), appDesc.permissions(),
435 appDesc.featuresRepo(), appDesc.features()); 435 appDesc.featuresRepo(), appDesc.features());
436 } 436 }
437 } 437 }
......
...@@ -74,7 +74,7 @@ public class SimpleApplicationStore extends ApplicationArchive implements Applic ...@@ -74,7 +74,7 @@ public class SimpleApplicationStore extends ApplicationArchive implements Applic
74 DefaultApplication app = 74 DefaultApplication app =
75 new DefaultApplication(appId, appDesc.version(), 75 new DefaultApplication(appId, appDesc.version(),
76 appDesc.description(), appDesc.origin(), 76 appDesc.description(), appDesc.origin(),
77 - appDesc.permissions(), 77 + appDesc.role(), appDesc.permissions(),
78 appDesc.featuresRepo(), appDesc.features()); 78 appDesc.featuresRepo(), appDesc.features());
79 apps.put(appId, app); 79 apps.put(appId, app);
80 states.put(appId, isActive(name) ? INSTALLED : ACTIVE); 80 states.put(appId, isActive(name) ? INSTALLED : ACTIVE);
...@@ -116,7 +116,7 @@ public class SimpleApplicationStore extends ApplicationArchive implements Applic ...@@ -116,7 +116,7 @@ public class SimpleApplicationStore extends ApplicationArchive implements Applic
116 ApplicationId appId = idStore.registerApplication(appDesc.name()); 116 ApplicationId appId = idStore.registerApplication(appDesc.name());
117 DefaultApplication app = 117 DefaultApplication app =
118 new DefaultApplication(appId, appDesc.version(), appDesc.description(), 118 new DefaultApplication(appId, appDesc.version(), appDesc.description(),
119 - appDesc.origin(), appDesc.permissions(), 119 + appDesc.origin(), appDesc.role(), appDesc.permissions(),
120 appDesc.featuresRepo(), appDesc.features()); 120 appDesc.featuresRepo(), appDesc.features());
121 apps.put(appId, app); 121 apps.put(appId, app);
122 states.put(appId, INSTALLED); 122 states.put(appId, INSTALLED);
......
...@@ -24,12 +24,18 @@ import org.onosproject.app.ApplicationStoreDelegate; ...@@ -24,12 +24,18 @@ import org.onosproject.app.ApplicationStoreDelegate;
24 import org.onosproject.common.app.ApplicationArchive; 24 import org.onosproject.common.app.ApplicationArchive;
25 import org.onosproject.core.Application; 25 import org.onosproject.core.Application;
26 import org.onosproject.core.ApplicationId; 26 import org.onosproject.core.ApplicationId;
27 +import org.onosproject.core.Permission;
28 +import org.onosproject.core.DefaultPermission;
27 import org.onosproject.core.ApplicationIdStoreAdapter; 29 import org.onosproject.core.ApplicationIdStoreAdapter;
28 import org.onosproject.core.DefaultApplicationId; 30 import org.onosproject.core.DefaultApplicationId;
29 -import org.onosproject.core.Permission;
30 31
32 +import static org.onosproject.core.DefaultPermission.Type.FLOWRULE_WRITE;
31 import static org.junit.Assert.assertEquals; 33 import static org.junit.Assert.assertEquals;
32 -import static org.onosproject.app.ApplicationEvent.Type.*; 34 +import static org.onosproject.app.ApplicationEvent.Type.APP_INSTALLED;
35 +import static org.onosproject.app.ApplicationEvent.Type.APP_DEACTIVATED;
36 +import static org.onosproject.app.ApplicationEvent.Type.APP_ACTIVATED;
37 +import static org.onosproject.app.ApplicationEvent.Type.APP_UNINSTALLED;
38 +import static org.onosproject.app.ApplicationEvent.Type.APP_PERMISSIONS_CHANGED;
33 import static org.onosproject.app.ApplicationState.ACTIVE; 39 import static org.onosproject.app.ApplicationState.ACTIVE;
34 import static org.onosproject.app.ApplicationState.INSTALLED; 40 import static org.onosproject.app.ApplicationState.INSTALLED;
35 41
...@@ -100,8 +106,7 @@ public class SimpleApplicationStoreTest { ...@@ -100,8 +106,7 @@ public class SimpleApplicationStoreTest {
100 @Test 106 @Test
101 public void permissions() { 107 public void permissions() {
102 Application app = createTestApp(); 108 Application app = createTestApp();
103 - ImmutableSet<Permission> permissions = ImmutableSet.of(new Permission() { 109 + ImmutableSet<Permission> permissions = ImmutableSet.of(new DefaultPermission(FLOWRULE_WRITE));
104 - });
105 store.setPermissions(app.id(), permissions); 110 store.setPermissions(app.id(), permissions);
106 assertEquals("incorrect app perms", 1, store.getPermissions(app.id()).size()); 111 assertEquals("incorrect app perms", 1, store.getPermissions(app.id()).size());
107 assertEquals("incorrect app state", INSTALLED, store.getState(app.id())); 112 assertEquals("incorrect app state", INSTALLED, store.getState(app.id()));
......
...@@ -37,6 +37,7 @@ import org.onosproject.codec.impl.CodecManager; ...@@ -37,6 +37,7 @@ import org.onosproject.codec.impl.CodecManager;
37 import org.onosproject.codec.impl.MockCodecContext; 37 import org.onosproject.codec.impl.MockCodecContext;
38 import org.onosproject.core.Application; 38 import org.onosproject.core.Application;
39 import org.onosproject.core.ApplicationId; 39 import org.onosproject.core.ApplicationId;
40 +import org.onosproject.core.ApplicationRole;
40 import org.onosproject.core.DefaultApplication; 41 import org.onosproject.core.DefaultApplication;
41 import org.onosproject.core.DefaultApplicationId; 42 import org.onosproject.core.DefaultApplicationId;
42 import org.onosproject.core.Version; 43 import org.onosproject.core.Version;
...@@ -83,19 +84,19 @@ public class ApplicationsResourceTest extends ResourceTest { ...@@ -83,19 +84,19 @@ public class ApplicationsResourceTest extends ResourceTest {
83 84
84 private Application app1 = 85 private Application app1 =
85 new DefaultApplication(id1, VER, 86 new DefaultApplication(id1, VER,
86 - "app1", "origin1", ImmutableSet.of(), Optional.of(FURL), 87 + "app1", "origin1", ApplicationRole.ADMIN, ImmutableSet.of(), Optional.of(FURL),
87 ImmutableList.of("My Feature")); 88 ImmutableList.of("My Feature"));
88 private Application app2 = 89 private Application app2 =
89 new DefaultApplication(id2, VER, 90 new DefaultApplication(id2, VER,
90 - "app2", "origin2", ImmutableSet.of(), Optional.of(FURL), 91 + "app2", "origin2", ApplicationRole.ADMIN, ImmutableSet.of(), Optional.of(FURL),
91 ImmutableList.of("My Feature")); 92 ImmutableList.of("My Feature"));
92 private Application app3 = 93 private Application app3 =
93 new DefaultApplication(id3, VER, 94 new DefaultApplication(id3, VER,
94 - "app3", "origin3", ImmutableSet.of(), Optional.of(FURL), 95 + "app3", "origin3", ApplicationRole.ADMIN, ImmutableSet.of(), Optional.of(FURL),
95 ImmutableList.of("My Feature")); 96 ImmutableList.of("My Feature"));
96 private Application app4 = 97 private Application app4 =
97 new DefaultApplication(id4, VER, 98 new DefaultApplication(id4, VER,
98 - "app4", "origin4", ImmutableSet.of(), Optional.of(FURL), 99 + "app4", "origin4", ApplicationRole.ADMIN, ImmutableSet.of(), Optional.of(FURL),
99 ImmutableList.of("My Feature")); 100 ImmutableList.of("My Feature"));
100 101
101 /** 102 /**
......