Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 967622 - Server CLI script can't require modules from rhq://downloads
Server CLI script can't require modules from rhq://downloads
Status: CLOSED CURRENTRELEASE
Product: RHQ Project
Classification: Other
Component: CLI, Core Server (Show other bugs)
4.7
Unspecified Unspecified
unspecified Severity unspecified (vote)
: ---
: RHQ 4.8
Assigned To: Lukas Krejci
Mike Foley
:
Depends On:
Blocks: 967675
  Show dependency treegraph
 
Reported: 2013-05-27 11:56 EDT by Filip Brychta
Modified: 2013-09-11 05:52 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 967675 (view as bug list)
Environment:
Last Closed: 2013-09-11 05:52:50 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Filip Brychta 2013-05-27 11:56:04 EDT
Description of problem:
I have the following simple server CLI script:
var utils = require("rhq://downloads/util");

Execution of this script fails with exception.

Version-Release number of selected component (if applicable):
Version: 4.8.0-SNAPSHOT
Build Number: ff37cd9

How reproducible:
Always

Steps to Reproduce:
1. create an alarm definition with notification on some resource (i.e. platform)
  a. go to Alerts->Definitions->New
  b. fill some name
  c. add a condition - i.e. when some operation is invoked
  d. add a notification - choose a CLI script as a notification sender->upload the file (js file containing just var utils = require("rhq://downloads/util");)
  e. save the alert definition
2. invoke the operation from step c. 
3. go to Alerts->History
4. open relevant alert and check notification tab

Actual results:
from server log:
    11:34:51,724 INFO  [org.rhq.enterprise.server.plugins.alertCli.CliSender] (Thread-328) The script execution for CLI notification of alert [org.rhq.core.domain.alert.Alert[id=10071, alertDefinition=org.rhq.core.domain.alert.AlertDefinition[ id=10001, name=test, conditionExpression=ANY, priority=Medium, resourceId=10001 ], ctime=1369668891466]] failed.: java.security.AccessControlException: access denied (java.lang.RuntimePermission canAccessModelController)
            at java.security.AccessControlContext.checkPermission(AccessControlContext.java:393) [rt.jar:1.6.0_24]
            at java.security.AccessController.checkPermission(AccessController.java:553) [rt.jar:1.6.0_24]
            at java.lang.SecurityManager.checkPermission(SecurityManager.java:549) [rt.jar:1.6.0_24]
            at org.jboss.as.controller.ModelControllerImpl.createClient(ModelControllerImpl.java:311) [jboss-as-controller-7.2.0.Alpha1-redhat-4.jar:7.2.0.Alpha1-redhat-4]
            at org.rhq.enterprise.server.core.service.ManagementService.getClient(ManagementService.java:59) [rhq-enterprise-server-ejb3.jar:4.8.0-SNAPSHOT]
            at org.rhq.enterprise.server.core.CoreServer.getEarDeploymentDir(CoreServer.java:139) [rhq-enterprise-server-ejb3.jar:4.8.0-SNAPSHOT]
            at sun.reflect.GeneratedMethodAccessor205.invoke(Unknown Source) [:1.6.0_24]
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.6.0_24]
            at java.lang.reflect.Method.invoke(Method.java:616) [rt.jar:1.6.0_24]
            at com.sun.jmx.mbeanserver.StandardMBeanIntrospector.invokeM2(StandardMBeanIntrospector.java:111) [rt.jar:1.6.0_24]
            at com.sun.jmx.mbeanserver.StandardMBeanIntrospector.invokeM2(StandardMBeanIntrospector.java:45) [rt.jar:1.6.0_24]
            at com.sun.jmx.mbeanserver.MBeanIntrospector.invokeM(MBeanIntrospector.java:226) [rt.jar:1.6.0_24]
            at com.sun.jmx.mbeanserver.PerInterface.getAttribute(PerInterface.java:83) [rt.jar:1.6.0_24]
            at com.sun.jmx.mbeanserver.MBeanSupport.getAttribute(MBeanSupport.java:205) [rt.jar:1.6.0_24]
            at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.getAttribute(DefaultMBeanServerInterceptor.java:683) [rt.jar:1.6.0_24]
            at com.sun.jmx.mbeanserver.JmxMBeanServer.getAttribute(JmxMBeanServer.java:672) [rt.jar:1.6.0_24]
            at org.jboss.as.jmx.PluggableMBeanServerImpl$TcclMBeanServer.getAttribute(PluggableMBeanServerImpl.java:448)
            at org.jboss.as.jmx.PluggableMBeanServerImpl.getAttribute(PluggableMBeanServerImpl.java:171)
            at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:140) [jboss-jmx-4.2.3.GA.jar:4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807192035)]
            at $Proxy1033.getEarDeploymentDir(Unknown Source)       at org.rhq.enterprise.client.RhqDownloadsScriptSourceProvider.getDownloadHomeDir(RhqDownloadsScriptSourceProvider.java:74) [rhq-server-client-api-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.rhq.enterprise.client.RhqDownloadsScriptSourceProvider.doGetScriptSource(RhqDownloadsScriptSourceProvider.java:61) [rhq-server-client-api-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.rhq.bindings.script.BaseRhqSchemeScriptSourceProvider.getScriptSource(BaseRhqSchemeScriptSourceProvider.java:50) [rhq-script-bindings-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.rhq.bindings.util.MultiScriptSourceProvider.getScriptSource(MultiScriptSourceProvider.java:57) [rhq-script-bindings-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.rhq.scripting.javascript.util.ScriptSourceToModuleSourceProviderAdapter.loadFromUri(ScriptSourceToModuleSourceProviderAdapter.java:75) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.rhq.scripting.javascript.util.ScriptSourceToModuleSourceProviderAdapter.loadFromPrivilegedLocations(ScriptSourceToModuleSourceProviderAdapter.java:59) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.commonjs.module.provider.ModuleSourceProviderBase.loadSource(ModuleSourceProviderBase.java:41) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.commonjs.module.provider.CachingModuleScriptProviderBase.getModuleScript(CachingModuleScriptProviderBase.java:69) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.commonjs.module.provider.SoftCachingModuleScriptProvider.getModuleScript(SoftCachingModuleScriptProvider.java:67) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.commonjs.module.Require.getModule(Require.java:363) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.commonjs.module.Require.getExportedModuleInterface(Require.java:264) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.commonjs.module.Require.call(Require.java:218) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.Interpreter.interpretLoop(Interpreter.java:1473) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.Interpreter.interpret(Interpreter.java:815) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.InterpretedFunction.call(InterpretedFunction.java:109) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.rhq.scripting.javascript.engine.RhinoScriptEngine$1.superDoTopCall(RhinoScriptEngine.java:235) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.rhq.scripting.javascript.engine.RhinoScriptEngine$1.access$000(RhinoScriptEngine.java:199) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.rhq.scripting.javascript.engine.RhinoScriptEngine$1$1.run(RhinoScriptEngine.java:215) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.6.0_24]
            at org.rhq.scripting.javascript.engine.RhinoScriptEngine$1.doTopCall(RhinoScriptEngine.java:212) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.InterpretedFunction.exec(InterpretedFunction.java:120) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.mozilla.javascript.Context.evaluateReader(Context.java:1110) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at org.rhq.scripting.javascript.engine.RhinoScriptEngine.eval(RhinoScriptEngine.java:363) [rhq-scripting-javascript-4.8.0-SNAPSHOT.jar:4.8.0-SNAPSHOT]
            at javax.script.AbstractScriptEngine.eval(AbstractScriptEngine.java:249) [rt.jar:1.6.0_24]
            at org.rhq.enterprise.server.plugins.alertCli.CliSender$1.run(CliSender.java:168)
            at java.lang.Thread.run(Thread.java:679) [rt.jar:1.6.0_24]


Expected results:
No exception
Comment 1 Lukas Krejci 2013-05-27 21:13:36 EDT
commit eeffaed93e68612eb6a88226479702d4f373e510
Author: Lukas Krejci <lkrejci@redhat.com>
Date:   Tue May 28 03:11:56 2013 +0200

    [BZ 967622 - Server CLI script can't require modules from rhq://downloads]
    
    This was primarily caused by a new permission required by EAP 6.1 we've
    switched to. To access the ModelControllerClient, the code now needs a
    RuntimePermission("canAccessModelController").
    
    We need the ModelControllerClient when determining the EAR installation
    dir, which we in turn need when determining where to locate the scripts
    in the "rhq://downloads" location. This is done while running a script,
    which is done in a restricted access control context which does not and
    should not have that permission.
    
    The minimal fix is to wrap the getting of the ModelControllerClient in a
    privileged action but some more "defensive" code was added in the
    RhqDownloadScriptSourceProvider, too, to guard against different times it
    might get instantiated during the script execution.
    
    Javadocs were updated to warn about the security considerations when
    writing a script source provider available on the server side.
Comment 2 Filip Brychta 2013-05-28 03:28:50 EDT
Verified on:
Version: 4.8.0-SNAPSHOT
Build Number: eeffaed
Comment 3 Heiko W. Rupp 2013-09-11 05:52:50 EDT
Bulk closing of old issues now that HRQ 4.9 is in front of the door.

If you think the issue has not been solved, then please open a new bug and mention this one in the description.

Note You need to log in before you can comment on or make changes to this bug.