// Licensed to the Apache Software Foundation (ASF) under one or more // contributor license agreements. See the NOTICE file distributed with // this work for additional information regarding copyright ownership. // The ASF licenses this file to You under the Apache License, Version 2.0 // (the "License"); you may not use this file except in compliance with // the License. You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // This is the policy file for JDO 2.0 assuming that // - the JDO API classes are in jar ${jdoapi}, // - the btree implementation is in ${jdobtree}, // - the JDO util classes are in ${jdoutil}, // - the JDO model classes are in ${jdomodel}, // - the JDO runtime classes are in ${jdoruntime}, // - the JDO query classes are in ${jdoquery}, // - the JDO fostore classes are in ${jdofostore}, // - your test classes are in jar ${jdoritests}, // - your application pc classes are in ${pcclasses}, // - your database files are in ${testdir}, // - junit is in ${junit}, // - commons-logging is in ${logging}, // - an XML parser implementation (if necessary) is in ${xmlparser} // - testlist is ${testlist} grant codeBase "file:${jdobtree}" { // Allow btree classes to read the properties // org.netbeans.mdr.persistence.*. permission java.util.PropertyPermission "org.netbeans.mdr.persistence.*", "read"; permission java.util.PropertyPermission "perf.mdr.MDRCache", "read"; permission java.util.PropertyPermission "debug.mdr.MDRCache", "read"; // Allow btree classes to manage fostore database files. permission java.io.FilePermission "${testdir}${/}*", "read,write,delete"; }; grant codeBase "file:${jdoutil}" { // Allow the jdori classes to configure the JDK 1.4 logging permission java.util.logging.LoggingPermission "control"; // Allow the jdori classes to read the JDK 1.4 logging properties file permission java.io.FilePermission "${jdoritests}", "read"; }; grant codeBase "file:${jdomodel}" { // Allow jdori classes to read the jdo.dtd from jdo.jar. permission java.io.FilePermission "${jdoapi}", "read"; // Allow jdori classes to read the JDO metadata files. permission java.io.FilePermission "${pcclasses}", "read"; // Allow jdori classes to get metadata for persistence-capable classes. permission javax.jdo.spi.JDOPermission "getMetadata"; // Allow jdo model classes to get a class loader permission java.lang.RuntimePermission "getClassLoader"; // Allow jdori classes to access declared members of a class // (e.g. a query accessing transient instances or non-managed fields). // The query component needs access to persistent fields. permission java.lang.RuntimePermission "accessDeclaredMembers"; // Allow the jdori classes to configure the JDK 1.4 logging permission java.util.logging.LoggingPermission "control"; // Allow the jdori classes to read the JDK 1.4 logging properties file permission java.io.FilePermission "${jdoritests}", "read"; }; grant codeBase "file:${jdoruntime}" { // Allow jdori classes to get metadata for persistence-capable classes. permission javax.jdo.spi.JDOPermission "getMetadata"; // Allow jdori classes to set the state manager for a // persistence-capable class instance. permission javax.jdo.spi.JDOPermission "setStateManager"; // Allow jdori classes to close the PersistenceManagerFactory permission javax.jdo.spi.JDOPermission "closePersistenceManagerFactory"; // Allow the jdori classes to register a JVM shutdown hook. permission java.lang.RuntimePermission "shutdownHooks"; // Allow the jdori classes to configure the JDK 1.4 logging permission java.util.logging.LoggingPermission "control"; // Allow the jdori classes to read the JDK 1.4 logging properties file permission java.io.FilePermission "${jdoritests}", "read"; }; grant codeBase "file:${jdoquery}" { // Allow jdori classes to get metadata for persistence-capable classes. permission javax.jdo.spi.JDOPermission "getMetadata"; // Allow jdori classes to access declared members of a class // (e.g. a query accessing transient instances or non-managed fields). // The query component needs access to persistent fields. permission java.lang.RuntimePermission "accessDeclaredMembers"; // Allow jdori classes to access transient instances or non-managed // fields during a query. permission java.lang.reflect.ReflectPermission "suppressAccessChecks"; // Allow the jdori classes to configure the JDK 1.4 logging permission java.util.logging.LoggingPermission "control"; // Allow the jdori classes to read the JDK 1.4 logging properties file permission java.io.FilePermission "${jdoritests}", "read"; }; grant codeBase "file:${jdofostore}" { // Allow jdori classes to read system properties including // org.netbeans.modules.mdr.btreestorage.* // user.home, status.verbose, maxInstances permission java.util.PropertyPermission "*", "read"; // Allow jdori classes to read the directory where // fostore database files are located. permission java.io.FilePermission "${testdir}", "read"; // Allow jdori classes to manage fostore database files. permission java.io.FilePermission "${testdir}${/}*", "read,write,delete"; // Allow jdori classes to specify a stream handler // when constructing a fostore URL. permission java.net.NetPermission "specifyStreamHandler"; // Allow jdori classes to get metadata for persistence-capable classes. permission javax.jdo.spi.JDOPermission "getMetadata"; // Allow jdori classes to close the PersistenceManagerFactory permission javax.jdo.spi.JDOPermission "closePersistenceManagerFactory"; // Allow the jdori classes to register a JVM shutdown hook. permission java.lang.RuntimePermission "shutdownHooks"; // Allow the jdori classes to configure the JDK 1.4 logging permission java.util.logging.LoggingPermission "control"; // Allow the jdori classes to read the JDK 1.4 logging properties file permission java.io.FilePermission "${jdoritests}", "read"; }; grant codeBase "file:${jdoapi}" { // Allow jdo classes to get metadata for persistence-capable classes. permission javax.jdo.spi.JDOPermission "getMetadata"; // Allow jdo classes to manage metadata for persistence-capable classes. permission javax.jdo.spi.JDOPermission "manageMetadata"; // Allow jdo classes to set the state manager for a // persistence-capable class instance. permission javax.jdo.spi.JDOPermission "setStateManager"; }; grant codeBase "file:${jdoritests}" { // Allow the test classes to read system properties. permission java.util.PropertyPermission "*", "read"; // Allow the test classes to read test lists. permission java.io.FilePermission "${testlist}", "read"; // Allow the query test to write a log file. permission java.io.FilePermission "${testdir}", "write"; // Allow test classes to close the PersistenceManagerFactory permission javax.jdo.spi.JDOPermission "closePersistenceManagerFactory"; // Allow test classes to create a class loader permission java.lang.RuntimePermission "createClassLoader"; // Allow test classes to get a class loader permission java.lang.RuntimePermission "getClassLoader"; // Allow class loaders in test classes to read jar files permission java.io.FilePermission "${pcclasses}", "read"; permission java.io.FilePermission "${fsuidjar}", "read"; permission java.io.FilePermission "${jdoapi}", "read"; // Allow test classes to manage fostore database files. permission java.io.FilePermission "${testdir}${/}*", "read,write,delete"; // Allow test classes to get metadata for persistence-capable classes. permission javax.jdo.spi.JDOPermission "getMetadata"; // Allow test classes to manage metadata for persistence-capable classes. permission javax.jdo.spi.JDOPermission "manageMetadata"; // Allow test classes to access declared constructors via reflection permission java.lang.RuntimePermission "accessDeclaredMembers"; // JUnit problem: accessing junit.properties is not privileged permission java.io.FilePermission "${user.home}${/}junit.properties", "read"; // JUnit problem: accessing .junitsession is not privileged permission java.io.FilePermission "${user.home}${/}.junitsession", "read,write"; // JUnit problem: accessing JUnit GUI icons is not privileged permission java.io.FilePermission "${junit}", "read"; }; grant codeBase "file:${junit}" { // Allow junit classes to read system properties permission java.util.PropertyPermission "*", "read"; // Allow junit classes to read the default file to specify junit properties. permission java.io.FilePermission "${user.home}${/}junit.properties", "read"; // Allow junit classes to manage a file to specify the junit session. permission java.io.FilePermission "${user.home}${/}.junitsession", "read,write"; }; grant codeBase "file:${logging}" { // Allow apache commons logging classes to read system properties permission java.util.PropertyPermission "org.apache.commons.logging.LogFactory.HashtableImpl", "read"; // Allow the apache commons logging classes to read logging properties files permission java.io.FilePermission "${jdoritests}", "read"; }; grant codeBase "file:${xmlparser}" { // Allow the xmlparser classes to read system properties. permission java.util.PropertyPermission "*", "read"; };