Skip to content

Commit 6dd55b7

Browse files
kumargukumargu
committed
Don't support policy placholder and expansion
1 parent d6f928c commit 6dd55b7

File tree

2 files changed

+31
-43
lines changed

2 files changed

+31
-43
lines changed

libs/agent-sm/agent-policy/src/main/java/org/opensearch/secure_sm/policy/PolicyFile.java

Lines changed: 29 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -136,64 +136,52 @@ private void initPolicyFile(final PolicyInfo newInfo, final URL url) {
136136
}
137137

138138
private boolean initPolicyFile(final String propname, final String urlname, final PolicyInfo newInfo) {
139-
boolean loaded_policy = false;
139+
boolean loadedPolicy = false;
140140

141141
if (allowSystemProperties) {
142-
String extra_policy = System.getProperty(propname);
143-
if (extra_policy != null) {
144-
boolean overrideAll = false;
145-
if (extra_policy.startsWith("=")) {
146-
overrideAll = true;
147-
extra_policy = extra_policy.substring(1);
142+
String extraPolicy = System.getProperty(propname);
143+
if (extraPolicy != null) {
144+
boolean overrideAll = extraPolicy.startsWith("=");
145+
if (overrideAll) {
146+
extraPolicy = extraPolicy.substring(1);
148147
}
148+
149149
try {
150-
extra_policy = PropertyExpander.expand(extra_policy);
151-
URL policyURL;
152-
153-
File policyFile = new File(extra_policy);
154-
if (policyFile.exists()) {
155-
policyURL = ParseUtil.fileToEncodedURL(new File(policyFile.getCanonicalPath()));
156-
} else {
157-
policyURL = newURL(extra_policy);
158-
}
150+
File policyFile = new File(extraPolicy);
151+
URL policyURL = policyFile.exists() ? policyFile.getCanonicalFile().toURI().toURL() : new URL(extraPolicy);
152+
159153
if (init(policyURL, newInfo)) {
160-
loaded_policy = true;
154+
loadedPolicy = true;
161155
}
162-
} catch (Exception e) {}
156+
} catch (Exception e) {
157+
// ignore invalid policy path
158+
}
159+
163160
if (overrideAll) {
164-
return Boolean.valueOf(loaded_policy);
161+
return loadedPolicy;
165162
}
166163
}
167164
}
168165

169-
int n = 1;
170-
String policy_uri;
171-
172-
while ((policy_uri = Security.getProperty(urlname + n)) != null) {
166+
int index = 1;
167+
String policyUri;
168+
while ((policyUri = Security.getProperty(urlname + index)) != null) {
173169
try {
174-
URL policy_url = null;
175-
String expanded_uri = PropertyExpander.expand(policy_uri).replace(File.separatorChar, '/');
176-
177-
if (policy_uri.startsWith("file:${java.home}/") || policy_uri.startsWith("file:${user.home}/")) {
178-
179-
// this special case accommodates
180-
// the situation java.home/user.home
181-
// expand to a single slash, resulting in
182-
// a file://foo URI
183-
policy_url = new File(expanded_uri.substring(5)).toURI().toURL();
184-
} else {
185-
policy_url = new URI(expanded_uri).toURL();
186-
}
170+
URL policyUrl = policyUri.startsWith("file:")
171+
? new File(policyUri.substring(5)).toURI().toURL()
172+
: new URI(policyUri).toURL();
187173

188-
if (init(policy_url, newInfo)) {
189-
loaded_policy = true;
174+
if (init(policyUrl, newInfo)) {
175+
loadedPolicy = true;
190176
}
191177
} catch (Exception e) {
192-
// ignore that policy
178+
// ignore bad entry
193179
}
194-
n++;
180+
181+
index++;
195182
}
196-
return Boolean.valueOf(loaded_policy);
183+
184+
return loadedPolicy;
197185
}
198186

199187
/**

libs/agent-sm/agent-policy/src/test/java/org/opensearch/secure_sm/policy/PolicyParserTests.java renamed to libs/secure-sm/src/test/java/org/opensearch/secure_sm/PolicyParserTests.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,9 +5,9 @@
55
* this file be licensed under the Apache-2.0 license or a
66
* compatible open source license.
77
*/
8+
package org.opensearch.secure_sm;
89

9-
package org.opensearch.secure_sm.policy;
10-
10+
import org.opensearch.secure_sm.policy.PolicyParser;
1111
import org.opensearch.test.OpenSearchTestCase;
1212

1313
import java.io.IOException;

0 commit comments

Comments
 (0)