Secure model refactoring

777b5206 · serge-rider · 5cb923fd · 777b5206 · 777b5206 · 777b5206
7 changed file
--- a/plugins/org.jkiss.dbeaver.core/src/org/jkiss/dbeaver/core/DBeaverCore.java
+++ b/plugins/org.jkiss.dbeaver.core/src/org/jkiss/dbeaver/core/DBeaverCore.java
@@ -29,9 +29,10 @@ import org.jkiss.code.NotNull;
 import org.jkiss.dbeaver.DBException;
 import org.jkiss.dbeaver.Log;
 import org.jkiss.dbeaver.model.*;
+import org.jkiss.dbeaver.model.admin.DBACertificateStorage;
 import org.jkiss.dbeaver.model.data.DBDRegistry;
 import org.jkiss.dbeaver.model.edit.DBERegistry;
-import org.jkiss.dbeaver.model.impl.security.DefaultSecurityManager;
+import org.jkiss.dbeaver.model.impl.security.DefaultCertificateStorage;
 import org.jkiss.dbeaver.model.navigator.DBNModel;
 import org.jkiss.dbeaver.model.qm.QMController;
 import org.jkiss.dbeaver.model.qm.QMUtils;
@@ -86,7 +87,7 @@ public class DBeaverCore implements DBPApplication {
    private QMControllerImpl queryManager;
    private QMLogFileWriter qmLogWriter;
    private ProjectRegistry projectRegistry;
-    private DefaultSecurityManager securityManager;
+    private DefaultCertificateStorage certificateStorage;

    private final List<IPluginService> activatedServices = new ArrayList<>();

@@ -194,7 +195,7 @@ public class DBeaverCore implements DBPApplication {
        Authenticator.setDefault(new GlobalProxyAuthenticator());
        ProxySelector.setDefault(new GlobalProxySelector(ProxySelector.getDefault()));

-        this.securityManager = new DefaultSecurityManager(
+        this.certificateStorage = new DefaultCertificateStorage(
            new File(DBeaverActivator.getInstance().getStateLocation().toFile(), "security"));

        // Init project registry
@@ -349,8 +350,8 @@ public class DBeaverCore implements DBPApplication {

    @NotNull
    @Override
-    public DBPSecurityManager getSecurityManager() {
-        return securityManager;
+    public DBACertificateStorage getCertificateStorage() {
+        return certificateStorage;
    }

    public ProjectRegistry getProjectRegistry()

--- a/plugins/org.jkiss.dbeaver.ext.mysql/src/org/jkiss/dbeaver/ext/mysql/model/MySQLDataSource.java
+++ b/plugins/org.jkiss.dbeaver.ext.mysql/src/org/jkiss/dbeaver/ext/mysql/model/MySQLDataSource.java
@@ -32,7 +32,7 @@ import org.jkiss.dbeaver.ext.mysql.model.plan.MySQLPlanAnalyser;
 import org.jkiss.dbeaver.ext.mysql.model.session.MySQLSessionManager;
 import org.jkiss.dbeaver.model.DBPDataSourceContainer;
 import org.jkiss.dbeaver.model.DBPErrorAssistant;
-import org.jkiss.dbeaver.model.DBPSecurityManager;
+import org.jkiss.dbeaver.model.admin.DBACertificateStorage;
 import org.jkiss.dbeaver.model.DBUtils;
 import org.jkiss.dbeaver.model.admin.sessions.DBAServerSessionManager;
 import org.jkiss.dbeaver.model.exec.*;
@@ -110,7 +110,7 @@ public class MySQLDataSource extends JDBCDataSource implements DBSObjectSelector

    private void initSSL(DBRProgressMonitor monitor, Map<String, String> props, DBWHandlerConfiguration sslConfig) throws Exception {
        monitor.subTask("Install SSL certificates");
-        final DBPSecurityManager securityManager = getContainer().getApplication().getSecurityManager();
+        final DBACertificateStorage securityManager = getContainer().getApplication().getCertificateStorage();

        props.put("useSSL", "true");
        props.put("verifyServerCertificate", String.valueOf(CommonUtils.toBoolean(sslConfig.getProperties().get(MySQLConstants.PROP_VERIFY_SERVER_SERT))));

--- a/plugins/org.jkiss.dbeaver.model/META-INF/MANIFEST.MF
+++ b/plugins/org.jkiss.dbeaver.model/META-INF/MANIFEST.MF
@@ -9,6 +9,7 @@ Bundle-Activator: org.jkiss.dbeaver.bundle.ModelActivator
 Export-Package: org.jkiss.dbeaver,
 org.jkiss.dbeaver.model,
 org.jkiss.dbeaver.model.access,
+ org.jkiss.dbeaver.model.admin,
 org.jkiss.dbeaver.model.admin.sessions,
 org.jkiss.dbeaver.model.connection,
 org.jkiss.dbeaver.model.data,

--- a/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/DBPApplication.java
+++ b/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/DBPApplication.java
@@ -21,6 +21,7 @@ package org.jkiss.dbeaver.model;
 import org.eclipse.core.resources.IProject;
 import org.eclipse.core.resources.IWorkspace;
 import org.jkiss.code.NotNull;
+import org.jkiss.dbeaver.model.admin.DBACertificateStorage;
 import org.jkiss.dbeaver.model.data.DBDRegistry;
 import org.jkiss.dbeaver.model.edit.DBERegistry;
 import org.jkiss.dbeaver.model.navigator.DBNModel;
@@ -61,7 +62,7 @@ public interface DBPApplication
    DBPPreferenceStore getPreferenceStore();

    @NotNull
-    DBPSecurityManager getSecurityManager();
+    DBACertificateStorage getCertificateStorage();

    @NotNull
    File getTempFolder(DBRProgressMonitor monitor, String name) throws IOException;

--- a/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/DBPSecurityManager.java
+++ b/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/DBPSecurityManager.java
@@ -16,7 +16,7 @@
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */

-package org.jkiss.dbeaver.model;
+package org.jkiss.dbeaver.model.admin;

 import org.jkiss.dbeaver.DBException;

@@ -25,9 +25,9 @@ import java.io.InputStream;
 import java.security.KeyStore;

 /**
- * Security manager
+ * Certificate storage
 */
-public interface DBPSecurityManager
+public interface DBACertificateStorage
 {
    KeyStore getKeyStore(String ksId) throws DBException;


--- a/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/admin/DBASecurePreferences.java
+++ b/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/admin/DBASecurePreferences.java
+/*
+ * DBeaver - Universal Database Manager
+ * Copyright (C) 2010-2016 Serge Rieder (serge@jkiss.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License (version 2)
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+package org.jkiss.dbeaver.model.admin;
+
+/**
+ * Secure preferences.
+ * Used to store passwords.
+ */
+public interface DBASecurePreferences
+{
+
+}
--- a/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/security/DefaultSecurityManager.java
+++ b/plugins/org.jkiss.dbeaver.model/src/org/jkiss/dbeaver/model/impl/security/DefaultSecurityManager.java
@@ -19,7 +19,7 @@ package org.jkiss.dbeaver.model.impl.security;

 import org.jkiss.dbeaver.DBException;
 import org.jkiss.dbeaver.Log;
-import org.jkiss.dbeaver.model.DBPSecurityManager;
+import org.jkiss.dbeaver.model.admin.DBACertificateStorage;

 import java.io.*;
 import java.security.KeyStore;
@@ -27,17 +27,17 @@ import java.security.cert.Certificate;
 import java.security.cert.CertificateFactory;

 /**
- * DefaultSecurityManager
+ * DefaultCertificateStorage
 */
-public class DefaultSecurityManager implements DBPSecurityManager {
+public class DefaultCertificateStorage implements DBACertificateStorage {

-    private static final Log log = Log.getLog(DefaultSecurityManager.class);
+    private static final Log log = Log.getLog(DefaultCertificateStorage.class);
    private static final char[] DEFAULT_PASSWORD = "".toCharArray();
    public static final String JKS_EXTENSION = ".jks";

    private final File localPath;

-    public DefaultSecurityManager(File localPath) {
+    public DefaultCertificateStorage(File localPath) {
        this.localPath = localPath;
        if (localPath.exists()) {
            // Cleanup old keystores