From 4ec8b7059a110ee43f668ce88ae172451fea16f1 Mon Sep 17 00:00:00 2001 From: Simeon Andreev Date: Mon, 15 Oct 2018 15:02:19 +0200 Subject: Bug 540139 - Cannot disable security providers via product customization With this change, its possible to disable security providers per default by using plugin_customization.ini. The necessary entry in the ini file is e.g.: org.eclipse.equinox.security/org.eclipse.equinox.security.preferences.disabledProviders=org.eclipse.equinox.security.linuxkeystoreintegration The ini file can be specified with a command line argument as follows: -pluginCustomization .../plugin_customization.ini Additionally, restoration of default configured values is now supported. The preference page for this is : General -> Security -> Secure Storage Change-Id: Iae3d3467ab84954ef1bb544955f07f09ed6aa39b Signed-off-by: Simeon Andreev --- .../internal/security/ui/storage/TabPassword.java | 67 +++++++++++++++------- .../META-INF/MANIFEST.MF | 2 +- bundles/org.eclipse.equinox.security/pom.xml | 2 +- .../security/storage/PasswordProviderSelector.java | 24 ++++++-- 4 files changed, 69 insertions(+), 26 deletions(-) diff --git a/bundles/org.eclipse.equinox.security.ui/src/org/eclipse/equinox/internal/security/ui/storage/TabPassword.java b/bundles/org.eclipse.equinox.security.ui/src/org/eclipse/equinox/internal/security/ui/storage/TabPassword.java index 086aa7eea..cd7ba96b6 100644 --- a/bundles/org.eclipse.equinox.security.ui/src/org/eclipse/equinox/internal/security/ui/storage/TabPassword.java +++ b/bundles/org.eclipse.equinox.security.ui/src/org/eclipse/equinox/internal/security/ui/storage/TabPassword.java @@ -13,11 +13,10 @@ *******************************************************************************/ package org.eclipse.equinox.internal.security.ui.storage; -import java.util.HashSet; -import java.util.Iterator; +import java.util.*; import java.util.List; -import org.eclipse.core.runtime.preferences.ConfigurationScope; -import org.eclipse.core.runtime.preferences.IEclipsePreferences; +import org.eclipse.core.runtime.Platform; +import org.eclipse.core.runtime.preferences.*; import org.eclipse.equinox.internal.security.storage.friends.*; import org.eclipse.equinox.internal.security.ui.nls.SecUIMessages; import org.eclipse.equinox.security.storage.ISecurePreferences; @@ -33,6 +32,7 @@ import org.eclipse.swt.layout.GridData; import org.eclipse.swt.layout.GridLayout; import org.eclipse.swt.widgets.*; import org.osgi.service.prefs.BackingStoreException; +import org.osgi.service.prefs.Preferences; public class TabPassword { @@ -249,25 +249,26 @@ public class TabPassword { } protected HashSet getDisabledModules() { - IEclipsePreferences node = ConfigurationScope.INSTANCE.getNode(PREFERENCES_PLUGIN); - String tmp = node.get(IStorageConstants.DISABLED_PROVIDERS_KEY, null); - if (tmp == null || tmp.length() == 0) - return null; - HashSet modules = new HashSet<>(); - String[] disabledProviders = tmp.split(","); //$NON-NLS-1$ - for (int i = 0; i < disabledProviders.length; i++) { - modules.add(disabledProviders[i]); - } - return modules; + IScopeContext[] scopes = {ConfigurationScope.INSTANCE, DefaultScope.INSTANCE}; + IPreferencesService preferencesService = Platform.getPreferencesService(); + String defaultPreferenceValue = ""; //$NON-NLS-1$ + String tmp = preferencesService.getString(PREFERENCES_PLUGIN, IStorageConstants.DISABLED_PROVIDERS_KEY, defaultPreferenceValue, scopes); + HashSet disabledModules = splitModuleIds(tmp); + return disabledModules; } public void performDefaults() { if (providerTable == null) return; + Set defaultDisabledModules = getDefaultDisabledModules(); + TableItem[] items = providerTable.getItems(); for (int i = 0; i < items.length; i++) { - if (!items[i].getChecked()) { - items[i].setChecked(true); + TableItem item = items[i]; + String moduleId = getModuleId(item); + boolean enabled = defaultDisabledModules == null || moduleId == null || !defaultDisabledModules.contains(moduleId); + if (item.getChecked() != enabled) { + item.setChecked(enabled); providerModified = true; } } @@ -291,10 +292,8 @@ public class TabPassword { } IEclipsePreferences node = ConfigurationScope.INSTANCE.getNode(PREFERENCES_PLUGIN); - if (first) - node.remove(IStorageConstants.DISABLED_PROVIDERS_KEY); - else - node.put(IStorageConstants.DISABLED_PROVIDERS_KEY, tmp.toString()); + node.put(IStorageConstants.DISABLED_PROVIDERS_KEY, tmp.toString()); + try { node.flush(); } catch (BackingStoreException e) { @@ -348,4 +347,32 @@ public class TabPassword { detailsText.setText(selectedModule.getDescription()); } + private HashSet getDefaultDisabledModules() { + String defaultPreferenceValue = ""; //$NON-NLS-1$ + Preferences pluginNode = DefaultScope.INSTANCE.getNode(PREFERENCES_PLUGIN); + String tmp = pluginNode.get(IStorageConstants.DISABLED_PROVIDERS_KEY, defaultPreferenceValue); + HashSet defaultDisabledModules = splitModuleIds(tmp); + return defaultDisabledModules; + } + + private String getModuleId(TableItem item) { + String moduleId = null; + Object itemData = item.getData(); + if (itemData instanceof PasswordProviderDescription) { + PasswordProviderDescription module = (PasswordProviderDescription) itemData; + moduleId = module.getId(); + } + return moduleId; + } + + private static HashSet splitModuleIds(String joinedModuleIds) { + if (joinedModuleIds == null || joinedModuleIds.isEmpty()) + return null; + HashSet modules = new HashSet<>(); + String[] disabledProviders = joinedModuleIds.split(","); //$NON-NLS-1$ + for (int i = 0; i < disabledProviders.length; i++) { + modules.add(disabledProviders[i]); + } + return modules; + } } diff --git a/bundles/org.eclipse.equinox.security/META-INF/MANIFEST.MF b/bundles/org.eclipse.equinox.security/META-INF/MANIFEST.MF index 981c19be6..d43f4ec28 100644 --- a/bundles/org.eclipse.equinox.security/META-INF/MANIFEST.MF +++ b/bundles/org.eclipse.equinox.security/META-INF/MANIFEST.MF @@ -2,7 +2,7 @@ Manifest-Version: 1.0 Bundle-ManifestVersion: 2 Bundle-Name: %pluginName Bundle-SymbolicName: org.eclipse.equinox.security;singleton:=true -Bundle-Version: 1.2.500.qualifier +Bundle-Version: 1.2.600.qualifier Bundle-Vendor: %providerName Bundle-Localization: plugin Bundle-Activator: org.eclipse.equinox.internal.security.auth.AuthPlugin diff --git a/bundles/org.eclipse.equinox.security/pom.xml b/bundles/org.eclipse.equinox.security/pom.xml index c59c5b287..6b717855b 100644 --- a/bundles/org.eclipse.equinox.security/pom.xml +++ b/bundles/org.eclipse.equinox.security/pom.xml @@ -19,7 +19,7 @@ org.eclipse.equinox org.eclipse.equinox.security - 1.2.500-SNAPSHOT + 1.2.600-SNAPSHOT eclipse-plugin diff --git a/bundles/org.eclipse.equinox.security/src/org/eclipse/equinox/internal/security/storage/PasswordProviderSelector.java b/bundles/org.eclipse.equinox.security/src/org/eclipse/equinox/internal/security/storage/PasswordProviderSelector.java index e7719ca52..6763b179f 100644 --- a/bundles/org.eclipse.equinox.security/src/org/eclipse/equinox/internal/security/storage/PasswordProviderSelector.java +++ b/bundles/org.eclipse.equinox.security/src/org/eclipse/equinox/internal/security/storage/PasswordProviderSelector.java @@ -15,14 +15,15 @@ package org.eclipse.equinox.internal.security.storage; import java.util.*; import org.eclipse.core.runtime.*; -import org.eclipse.core.runtime.preferences.ConfigurationScope; -import org.eclipse.core.runtime.preferences.IEclipsePreferences; +import org.eclipse.core.runtime.preferences.*; import org.eclipse.equinox.internal.security.auth.AuthPlugin; import org.eclipse.equinox.internal.security.auth.nls.SecAuthMessages; import org.eclipse.equinox.internal.security.storage.friends.IStorageConstants; import org.eclipse.equinox.security.storage.StorageException; import org.eclipse.equinox.security.storage.provider.PasswordProvider; import org.eclipse.osgi.util.NLS; +import org.osgi.framework.BundleContext; +import org.osgi.framework.ServiceReference; //XXX add validation on module IDs - AZaz09 and dots, absolutely no tabs // XXX reserved name DEFAULT_PASSWORD_ID @@ -238,8 +239,10 @@ public class PasswordProviderSelector implements IRegistryEventListener { } protected HashSet getDisabledModules() { - IEclipsePreferences node = ConfigurationScope.INSTANCE.getNode(AuthPlugin.PI_AUTH); - String tmp = node.get(IStorageConstants.DISABLED_PROVIDERS_KEY, null); + IScopeContext[] scopes = {ConfigurationScope.INSTANCE, DefaultScope.INSTANCE}; + String defaultPreferenceValue = ""; //$NON-NLS-1$ + IPreferencesService preferencesService = getPreferencesService(); + String tmp = preferencesService.getString(AuthPlugin.PI_AUTH, IStorageConstants.DISABLED_PROVIDERS_KEY, defaultPreferenceValue, scopes); if (tmp == null || tmp.length() == 0) return null; HashSet disabledModules = new HashSet(); @@ -249,4 +252,17 @@ public class PasswordProviderSelector implements IRegistryEventListener { } return disabledModules; } + + private IPreferencesService getPreferencesService() { + BundleContext context = AuthPlugin.getDefault().getBundleContext(); + ServiceReference reference = context.getServiceReference(IPreferencesService.class); + if (reference == null) { + throw new IllegalStateException("Failed to find service: " + IPreferencesService.class); //$NON-NLS-1$ + } + try { + return (IPreferencesService) context.getService(reference); + } finally { + context.ungetService(reference); + } + } } -- cgit v1.2.3