Initial implementation of Cali security manager and update of the REA…

…DME.md.

README.md

@@ -25,12 +25,14 @@ java -jar cali-0.8a.jar tests/interpreter.ca
 
 Embedding starts with first cloning and building Cali (See Above). Once you have the Cali .jar, include it in your project like any other .jar.
 
+Alternately you could add the git repo as a git submodule and then trigger the ant build script and including of the built .JAR as you like.
+
 Here are the most basic steps in creating a new Cali Engine object, parsing a source code file, and then running it.
 ```
 import com.cali.Engine;
 import com.cali.ast.caliException;
 
-... 
+...
 
 // Create new Cali-Lang Engine.
 Engine eng = new Engine();
@@ -42,10 +44,9 @@ eng.parseFile("cali-src/test.ca");
 eng.run();
 ```
 
-Currently the easiest way to add code to the interpreter to be available 
-to be included from Cali code is by using the Lang singleton object that holds 
-code in memory. Below is an example of adding a code file called test.ca with an 
-enum in it.
+Currently the easiest way to add code to the interpreter to be available
+to be included from Cali code is by using the Lang singleton object that holds
+code in memory. Below is an example of adding a code file called test.ca with an enum in it.
 
 ```
 import com.cali.stdlib.Lang;
@@ -64,9 +65,33 @@ en_val = tenum.one;
 ...
 ```
 
+A security manager implementation has been added to control security at the Engine level. The security manager is defined in the SecurityManagerInt interface. When the default Engine constructor is called, a SecurityManagerImpl which implements SecurityManagerInt is instantiated and added to the Engine as the default manager. In order to provide your own implementation of the security manager just implement SecurityManagerImpl or extend SecurityManagerInt and customize as you like. Then provide an instance of the new object in the constructor of the engine.
+
+```
+import com.cali.SecurityManagerImpl;
+...
+
+public class MySecurityManager extends SecurityManagerImpl {
+  public MySecurityManager() {
+    // Add your custom security manager properties here ...
+    this.props.put("dir.current.read", true);
+    this.props.put("dir.current.write", false);
+    this.props.put("remote.log.write", true);
+  }
+  // And override functions here if you like ...
+}
+
+...
+
+// Create an instance of my security manager.
+MySecurityManager mySecMan = new MySecurityManager();
+
+// Create new Cali-Lang Engine with our custom security manager.
+Engine eng = new Engine(mySecMan);
+```
+
 ## License
-Cali is licensed under the Apache 2.0 license. See accompanying LICENSE file for details. Much thanks to the authors of the [CUP Parser Generator](http://www2.cs.tum.edu/projects/cup/install.php) and good people at Georgia Tech. See the java-cup.LICENSE.txt file for open source license details.
+Cali is licensed under the Apache 2.0 license. See accompanying LICENSE file for details. Much thanks to the authors of the [CUP Parser Generator](http://www2.cs.tum.edu/projects/cup/install.php) and good people at Georgia Tech. See the java-cup.LICENSE.txt file for open source license details. Cali base interpreter also contains [json-simple - https://code.google.com/archive/p/json-simple/](https://code.google.com/archive/p/json-simple/) library and you can find the license file at cali.lang.base/lib-depends/json-simple-1.1.1.LICENSE.txt.
 
 ## TODO:
-Probably quite a bit. Here's the current list.
-* Implement security model.
+Probably quite a bit, but nothing documented currently.

cali.lang.base/src/com/cali/Engine.java

@@ -43,6 +43,11 @@
  * @author austin
  */
 public class Engine {
+	/**
+	 * The security manager instance for this engine.
+	 */
+	private SecurityManagerImpl secman = null;
+
 	/**
 	 * Flag for printing debug statements to standard out.
 	 */
@@ -105,6 +110,18 @@ public class Engine {
 	 * @throws Exception 
 	 */
 	public Engine () throws Exception {
+		this(new SecurityManagerImpl());
+	}
+
+	/**
+	 * Default constructor. When called this gets an instance of the Universe object 
+	 * and initializes it if not already done. It loads universe classes and instantiates 
+	 * static classes. Finally it sets the initComplete flag to true.
+	 * @throws Exception 
+	 */
+	public Engine(SecurityManagerImpl SecMan) throws Exception {
+		this.secman = SecMan;
+
 		Universe u = Universe.get();
 		u.init(this);
 
@@ -117,6 +134,14 @@ public Engine () throws Exception {
 		this.initComplete = true;
 	}
 
+	/**
+	 * Gets the instance of the security manager for this Engine.
+	 * @return A SecurityManagerImpl object of the security manager.
+	 */
+	public SecurityManagerImpl getSecurityManager() {
+		return this.secman;
+	}
+
 	/**
 	 * Adds a Cali include to the interpreter. The include can be a standard library 
 	 * language include. It can also be a file that exists in one f the includePaths 

cali.lang.base/src/com/cali/SecurityManagerImpl.java

@@ -0,0 +1,100 @@
+/*
+ * Copyright 2017 Austin Lehman
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.cali;
+
+import java.util.ArrayList;
+import java.util.concurrent.ConcurrentHashMap;
+
+import com.cali.types.CaliBool;
+import com.cali.types.CaliDouble;
+import com.cali.types.CaliException;
+import com.cali.types.CaliInt;
+import com.cali.types.CaliNull;
+import com.cali.types.CaliString;
+import com.cali.types.CaliType;
+
+/**
+ * Default implementation of the security manager. This can be extended
+ * to implement custom security manager functionality or properties. This 
+ * object is provided in the cali environment as secman object.
+ * @author Austin Lehman
+ */
+public class SecurityManagerImpl implements SecurityManagerInt {
+	/**
+	 * Holds the properties for the security manager.
+	 */
+	protected ConcurrentHashMap<String, Object> props = new ConcurrentHashMap<String, Object>();
+
+	/**
+	 * Default constructor adds the standard properties.
+	 */
+	public SecurityManagerImpl() {
+		// System information view. See com.cali.stdlib.CSys.java.
+		this.props.put("os.info.view", false);
+		this.props.put("java.info.view", false);
+		this.props.put("java.home.view", false);
+		this.props.put("java.classpath.view", false);
+		this.props.put("cali.info.view", false);
+		this.props.put("cali.path.view", false);
+		this.props.put("current.path.view", false);
+		this.props.put("home.path.view", false);
+		this.props.put("user.name.view", false);
+	}
+
+	/**
+	 * Java get property.
+	 */
+	@Override
+	public Object getProperty(String PropName) {
+		return this.props.get(PropName);
+	}
+
+	/**
+	 * Cali setProperty. This method by default returns an exception 
+	 * because we don't normally want the application code modifying the 
+	 * contents of the security manager. This can be overridden if other 
+	 * functionality is desired.
+	 */
+	@Override
+	public CaliType setProp(Environment env, ArrayList<CaliType> args) {
+		return new CaliException("secman.setProp(): Setting property not allowed.");
+	}
+
+	/**
+	 * Cali getProperty. This method will get the property, match it to a 
+	 * standard CaliType and return it.
+	 */
+	@Override
+	public CaliType getProp(Environment env, ArrayList<CaliType> args) {
+		String PropName = ((CaliString)args.get(0)).getValueString();
+		Object obj = this.props.get(PropName);
+		if (obj == null) {
+			return new CaliNull();
+		} else if (obj instanceof Boolean) {
+			return new CaliBool((Boolean)obj);
+		} else if (obj instanceof Long) {
+			return new CaliInt((Long)obj);
+		} else if (obj instanceof Double) {
+			return new CaliDouble((Double)obj);
+		} else if (obj instanceof String) {
+			return new CaliString((String)obj);
+		} else {
+			return new CaliString(obj.toString());
+		}
+	}
+
+}

cali.lang.base/src/com/cali/SecurityManagerInt.java

@@ -0,0 +1,38 @@
+/*
+ * Copyright 2017 Austin Lehman
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.cali;
+
+import java.util.ArrayList;
+import com.cali.types.CaliType;
+
+/**
+ * Security manager interface. The security manager defines the Java and Cali 
+ * interfaces for setting and getting properties that manage security settings 
+ * for the Cali Engine.
+ * @author Austin Lehman
+ */
+public interface SecurityManagerInt {
+	// Java get property value.
+	public Object getProperty(String PropName);
+
+	/*
+	 * Cali set or get property. Either one of these may throw not permitted or 
+	 * not implemented exceptions.
+	 */
+	public CaliType setProp(Environment env, ArrayList<CaliType> args);
+	public CaliType getProp(Environment env, ArrayList<CaliType> args);
+}

cali.lang.base/src/com/cali/stdlib/CSecurityManager.java

@@ -0,0 +1,47 @@
+/*
+ * Copyright 2017 Austin Lehman
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.cali.stdlib;
+
+import java.util.ArrayList;
+
+import com.cali.Environment;
+import com.cali.types.CaliType;
+
+/**
+ * Cali security manager. This class is the implementation within Cali that gives access 
+ * to the set/get prop functions from the security manager within the current Engine.
+ * @author Austin Lehman
+ */
+public class CSecurityManager {
+	/**
+	 * Cali setProperty. This method by default returns an exception 
+	 * because we don't normally want the application code modifying the 
+	 * contents of the security manager. This can be overridden if other 
+	 * functionality is desired.
+	 */
+	public CaliType setProp(Environment env, ArrayList<CaliType> args) {
+		return env.getEngine().getSecurityManager().setProp(env, args);
+	}
+
+	/**
+	 * Cali getProperty. This method will get the property, match it to a 
+	 * standard CaliType and return it.
+	 */
+	public CaliType getProp(Environment env, ArrayList<CaliType> args) {
+		return env.getEngine().getSecurityManager().getProp(env, args);
+	}
+}