Use again Permissions to catch non zero exit statuses when using the Java task

with FailOnError = "true"
PR: 22533


git-svn-id: https://svn.apache.org/repos/asf/ant/core/trunk@275162 13f79535-47bb-0310-9956-ffa450edef68

docs/manual/CoreTasks/java.html

@@ -88,7 +88,7 @@ JVM.
   <tr>
     <td valign="top">failonerror</td>
     <td valign="top">Stop the buildprocess if the command exits with a
-      returncode other than 0. Default is "false"<!--(see <a href="#failonerror">note)--></a></td>
+      returncode other than 0. Default is "false" (see <a href="#failonerror">note)</a></td>
     <td align="center" valign="top">No</td>
   </tr>
   <tr>
@@ -220,13 +220,11 @@ see <a href="../CoreTypes/permissions.html">permissions</a></p>
 <p>When the permission RuntimePermission exitVM has not been granted (or has
 been revoked) the System.exit() call will be intercepted 
 and treated like indicated in <i>failonerror</i>.</p>
-<!--
 <p><a name="failonerror"/>
 If you specify <code>failonerror=&quot;true&quot;</code> and you do not specify permissions,
 a set of default permissions will be added to your java invocation making sure that
 a non zero return code will lead to a <code>BuildException</code>.
 </p>
--->
 <p>Settings will be ignored if fork is enabled.</p>
 
 <p><em>since Ant 1.6</em>.</p>

src/main/org/apache/tools/ant/taskdefs/Java.java

@@ -180,13 +180,11 @@ public class Java extends Task {
                 log("bootclasspath ignored when same JVM is used.",
                     Project.MSG_WARN);
             }
-            /*
             if (perm == null && failOnError == true) {
-                perm = new Permissions();
+                perm = new Permissions(true);
                 log("running " + this.cmdl.getClassname()
                     + " with default permissions (exit forbidden)", Project.MSG_VERBOSE);
             }
-            */
             log("Running in same VM " + cmdl.describeJavaCommand(),
                 Project.MSG_VERBOSE);
         }

src/main/org/apache/tools/ant/types/Permissions.java

@@ -86,8 +86,24 @@ public class Permissions {
     private java.security.Permissions granted = null;
     private SecurityManager origSm = null;
     private boolean active = false;
-    
-    /** 
+    private boolean delegateToOldSM = false;
+
+    /**
+     * default constructor
+     */
+    public Permissions() {
+    }
+    /**
+     * create a new set of permissions
+     * @param delegateToOldSM  if <code>true</code> the old security manager
+     * will be used if the permission has not been explicitly granted or revoked
+     * in this instance
+     * if false, it behaves like the default constructor
+     */
+    public Permissions(boolean delegateToOldSM) {
+        this.delegateToOldSM = delegateToOldSM;
+    }
+    /**
      * Adds a permission to be granted.
      * @param perm The Permissions.Permission to be granted. 
      */
@@ -194,20 +210,43 @@ public class Permissions {
          * The central point in checking permissions.
          * Overridden from java.lang.SecurityManager
          * 
-         * @parem perm The permission requested. 
+         * @param perm The permission requested.
          */
         public void checkPermission(java.security.Permission perm) {
             if (active) {
-                if (!granted.implies(perm)) {
-                    throw new SecurityException("Permission " + perm +" was not granted.");
-                }
-                for (Iterator i = revokedPermissions.listIterator(); i.hasNext();) {
-                    if (((Permissions.Permission)i.next()).matches(perm)) {
-                        throw new SecurityException("Permission " + perm +" was revoked.");
+                if (delegateToOldSM && !perm.getName().equals("exitVM")) {
+                    boolean permOK = false;
+                    if (granted.implies(perm)) {
+                        permOK = true;
                     }
+                    checkRevoked(perm);
+                    /*
+                     if the permission was not explicitly granted or revoked
+                     the original security manager will do its work
+                    */
+                    if (!permOK && origSm != null) {
+                        origSm.checkPermission(perm);
+                    }
+                }  else {
+                    if (!granted.implies(perm)) {
+                        throw new SecurityException("Permission " + perm + " was not granted.");
+                    }
+                    checkRevoked(perm);
                 }
             }
         }
+        /**
+         * throws an exception if this permission is revoked
+         * @param perm the permission being checked
+         */
+        private void checkRevoked(java.security.Permission perm) {
+            for (Iterator i = revokedPermissions.listIterator(); i.hasNext();) {
+                if (((Permissions.Permission)i.next()).matches(perm)) {
+                    throw new SecurityException("Permission " + perm + " was revoked.");
+                }
+            }
+
+        }
     }
 
     /** Represents a permission. */
@@ -279,7 +318,7 @@ public class Permissions {
             
             if (name != null) {
                 if (name.endsWith("*")) {
-                    if (!perm.getName().startsWith(name.substring(0,name.length()-1))) {
+                    if (!perm.getName().startsWith(name.substring(0, name.length() - 1))) {
                         return false;
                     }
                 } else {
@@ -304,7 +343,7 @@ public class Permissions {
   
         /** 
          * Parses the actions into a set of separate strings.
-         * @param action The actions to be parsed.
+         * @param actions The actions to be parsed.
          */
         private Set parseActions(String actions) {
             Set result = new HashSet();
@@ -317,9 +356,12 @@ public class Permissions {
             }
             return result;
         }
-        
+        /**
+         * get a string description of the permissions
+         * @return  string description of the permissions
+         */
         public String toString() {
-            return ("Permission: " + className + " (\""+name+"\", \""+actions+"\")");
+            return ("Permission: " + className + " (\"" + name + "\", \"" + actions + "\")");
         }
     }   
 }

src/testcases/org/apache/tools/ant/taskdefs/JavaTest.java

@@ -195,7 +195,7 @@ public class JavaTest extends BuildFileTest {
         executeTarget("testResultPropertyNonZeroNoFork");
          assertEquals("-1",project.getProperty("exitcode"));
      }
-    /*
+
     public void testRunFailWithFailOnError() {
         expectBuildExceptionContaining("testRunFailWithFailOnError",
             "non zero return code",
@@ -205,7 +205,7 @@ public class JavaTest extends BuildFileTest {
     public void testRunSuccessWithFailOnError() {
         executeTarget("testRunSuccessWithFailOnError");
     }
-    */
+
     public void testSpawn() {
         FileUtils fileutils  = FileUtils.newFileUtils();
         File logFile = fileutils.createTempFile("spawn","log", project.getBaseDir());