Commits

Anonymous committed 531a394

Issue XW-661 fixed and new test

git-svn-id: http://svn.opensymphony.com/svn/xwork/trunk@1897e221344d-f017-0410-9bd5-d282ab1896d7

Comments (0)

Files changed (3)

                         <exclude>**/TestBean2.java</exclude>
                         <exclude>**/TestInterceptor.java</exclude>
                         <exclude>**/AnnotatedTestBean.java</exclude>
+                        <exclude>**/ContainerImplTest.java</exclude>
                     </excludes>
                 </configuration>
             </plugin>

src/java/com/opensymphony/xwork2/inject/ContainerImpl.java

 import java.lang.reflect.*;
 import java.util.*;
 import java.util.Map.Entry;
+import java.security.AccessControlException;
 
 /**
  * Default {@link Container} implementation.
     public FieldInjector(ContainerImpl container, Field field, String name)
         throws MissingDependencyException {
       this.field = field;
-      field.setAccessible(true);
+        if (!field.isAccessible()) {
+            SecurityManager sm = System.getSecurityManager();
+            try {
+                if (sm != null) sm.checkPermission(new ReflectPermission("suppressAccessChecks"));
+                field.setAccessible(true);
+            } catch(AccessControlException e) {
+                throw new DependencyException("Security manager in use, could not access field: "
+                        + field.getDeclaringClass().getName() + "(" + field.getName() + ")", e);
+            }
+        }
 
       Key<?> key = Key.newInstance(field.getType(), name);
       factory = container.getFactory(key);
     public MethodInjector(ContainerImpl container, Method method, String name)
         throws MissingDependencyException {
       this.method = method;
-      method.setAccessible(true);
+        if (!method.isAccessible()) {
+            SecurityManager sm = System.getSecurityManager();
+            try {
+                if (sm != null) sm.checkPermission(new ReflectPermission("suppressAccessChecks"));
+                method.setAccessible(true);
+            } catch(AccessControlException e) {
+                throw new DependencyException("Security manager in use, could not access method: "
+                        + name + "(" + method.getName() + ")", e);
+            }
+        }
 
       Class<?>[] parameterTypes = method.getParameterTypes();
       if (parameterTypes.length == 0) {
       this.implementation = implementation;
 
       constructor = findConstructorIn(implementation);
-      constructor.setAccessible(true);
+        if (!constructor.isAccessible()) {
+            SecurityManager sm = System.getSecurityManager();
+            try {
+                if (sm != null) sm.checkPermission(new ReflectPermission("suppressAccessChecks"));
+                constructor.setAccessible(true);
+            } catch(AccessControlException e) {
+                throw new DependencyException("Security manager in use, could not access constructor: "
+                        + implementation.getName() + "(" + constructor.getName() + ")", e);
+            }
+        }
 
       MissingDependencyException exception = null;
       Inject inject = null;

src/test/com/opensymphony/xwork2/inject/ContainerImplTest.java

+package com.opensymphony.xwork2.inject;
+
+import junit.framework.TestCase;
+
+/**
+ * ContainerImpl Tester.
+ *
+ * @author Lukasz Lenart
+ * @version 1.0
+ * @since <pre>11/26/2008</pre>
+ */
+public class ContainerImplTest extends TestCase {
+
+    private Container c;
+
+    @Override
+    protected void setUp() throws Exception {
+        super.setUp();
+        ContainerBuilder cb = new ContainerBuilder();
+        cb.constant("methodCheck.name", "Lukasz");
+        cb.constant("fieldCheck.name", "Lukasz");
+        c = cb.create(false);
+    }
+
+    /**
+     * Inject values into field
+     */
+    public void testFieldInjector() throws Exception {
+
+        FieldCheck fieldCheck = new FieldCheck();
+
+        try {
+            c.inject(fieldCheck);
+            assertTrue(true);
+        } catch (DependencyException expected) {
+            fail("No exception expected!");
+        }
+
+        assertEquals(fieldCheck.getName(), "Lukasz");
+    }
+
+    /**
+     * Inject values into method
+     */
+    public void testMethodInjector() throws Exception {
+
+        MethodCheck methodCheck = new MethodCheck();
+
+        try {
+            c.inject(methodCheck);
+            assertTrue(true);
+        } catch (DependencyException expected) {
+            fail("No exception expected!");
+        }
+    }
+
+    /**
+     * Inject values into field under SecurityManager
+     */
+    public void testFieldInjectorWithSecurityEnabled() throws Exception {
+
+        System.setSecurityManager(new SecurityManager());
+
+        FieldCheck fieldCheck = new FieldCheck();
+
+        try {
+            c.inject(fieldCheck);
+            assertEquals(fieldCheck.getName(), "Lukasz");
+            fail("Exception should be thrown!");
+        } catch (DependencyException expected) {
+            // that was expected
+        }
+    }
+
+    /**
+     * Inject values into method under SecurityManager
+     */
+    public void testMethodInjectorWithSecurityEnabled() throws Exception {
+
+        // not needed, already set
+        //System.setSecurityManager(new SecurityManager());
+
+        MethodCheck methodCheck = new MethodCheck();
+
+        try {
+            c.inject(methodCheck);
+            assertEquals(methodCheck.getName(), "Lukasz");
+            fail("Exception sould be thrown!");
+        } catch (DependencyException expected) {
+            // that was expected
+        }
+    }
+
+    class FieldCheck {
+
+        @Inject("fieldCheck.name")
+        private String name;
+
+        public String getName() {
+            return name;
+        }
+    }
+
+    class MethodCheck {
+
+        private String name;
+
+        @Inject("methodCheck.name")
+        private void setName(String name) {
+            this.name = name;
+        }
+
+        public String getName() {
+            return name;
+        }
+
+    }
+
+}