1 /*
2 * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
27
28 import java.util.Enumeration;
29 import java.util.Hashtable;
30 import java.util.NoSuchElementException;
31 import java.util.Map;
32 import java.util.HashMap;
33 import java.util.List;
34 import java.util.Iterator;
35 import java.util.Collections;
36 import java.io.Serializable;
37 import java.io.ObjectStreamField;
38 import java.io.ObjectOutputStream;
39 import java.io.ObjectInputStream;
40 import java.io.IOException;
41
42
43 /**
44 * This class represents a heterogeneous collection of Permissions. That is,
45 * it contains different types of Permission objects, organized into
46 * PermissionCollections. For example, if any
47 * <code>java.io.FilePermission</code> objects are added to an instance of
48 * this class, they are all stored in a single
49 * PermissionCollection. It is the PermissionCollection returned by a call to
50 * the <code>newPermissionCollection</code> method in the FilePermission class.
51 * Similarly, any <code>java.lang.RuntimePermission</code> objects are
52 * stored in the PermissionCollection returned by a call to the
53 * <code>newPermissionCollection</code> method in the
54 * RuntimePermission class. Thus, this class represents a collection of
55 * PermissionCollections.
56 *
57 * <p>When the <code>add</code> method is called to add a Permission, the
58 * Permission is stored in the appropriate PermissionCollection. If no such
59 * collection exists yet, the Permission object's class is determined and the
60 * <code>newPermissionCollection</code> method is called on that class to create
61 * the PermissionCollection and add it to the Permissions object. If
62 * <code>newPermissionCollection</code> returns null, then a default
63 * PermissionCollection that uses a hashtable will be created and used. Each
64 * hashtable entry stores a Permission object as both the key and the value.
65 *
66 * <p> Enumerations returned via the <code>elements</code> method are
67 * not <em>fail-fast</em>. Modifications to a collection should not be
68 * performed while enumerating over that collection.
69 *
70 * @see Permission
71 * @see PermissionCollection
72 * @see AllPermission
73 *
74 *
75 * @author Marianne Mueller
76 * @author Roland Schemers
77 *
78 * @serial exclude
79 */
80
81 public final class Permissions extends PermissionCollection
82 implements Serializable
83 {
84 /**
85 * Key is permissions Class, value is PermissionCollection for that class.
86 * Not serialized; see serialization section at end of class.
138 allPermission = pc;
139 }
140 if (permission instanceof UnresolvedPermission) {
141 hasUnresolved = true;
142 }
143 }
144
145 /**
146 * Checks to see if this object's PermissionCollection for permissions of
147 * the specified permission's class implies the permissions
148 * expressed in the <i>permission</i> object. Returns true if the
149 * combination of permissions in the appropriate PermissionCollection
150 * (e.g., a FilePermissionCollection for a FilePermission) together
151 * imply the specified permission.
152 *
153 * <p>For example, suppose there is a FilePermissionCollection in this
154 * Permissions object, and it contains one FilePermission that specifies
155 * "read" access for all files in all subdirectories of the "/tmp"
156 * directory, and another FilePermission that specifies "write" access
157 * for all files in the "/tmp/scratch/foo" directory.
158 * Then if the <code>implies</code> method
159 * is called with a permission specifying both "read" and "write" access
160 * to files in the "/tmp/scratch/foo" directory, <code>true</code> is
161 * returned.
162 *
163 * <p>Additionally, if this PermissionCollection contains the
164 * AllPermission, this method will always return true.
165 * <p>
166 * @param permission the Permission object to check.
167 *
168 * @return true if "permission" is implied by the permissions in the
169 * PermissionCollection it
170 * belongs to, false if not.
171 */
172
173 public boolean implies(Permission permission) {
174 // No sync; staleness -> skip optimization, which is OK
175 if (allPermission != null) {
176 return true; // AllPermission has already been added
177 } else {
178 synchronized (this) {
179 PermissionCollection pc = getPermissionCollection(permission,
180 false);
197
198 public Enumeration<Permission> elements() {
199 // go through each Permissions in the hash table
200 // and call their elements() function.
201
202 synchronized (this) {
203 return new PermissionsEnumerator(permsMap.values().iterator());
204 }
205 }
206
207 /**
208 * Gets the PermissionCollection in this Permissions object for
209 * permissions whose type is the same as that of <i>p</i>.
210 * For example, if <i>p</i> is a FilePermission,
211 * the FilePermissionCollection
212 * stored in this Permissions object will be returned.
213 *
214 * If createEmpty is true,
215 * this method creates a new PermissionCollection object for the specified
216 * type of permission objects if one does not yet exist.
217 * To do so, it first calls the <code>newPermissionCollection</code> method
218 * on <i>p</i>. Subclasses of class Permission
219 * override that method if they need to store their permissions in a
220 * particular PermissionCollection object in order to provide the
221 * correct semantics when the <code>PermissionCollection.implies</code>
222 * method is called.
223 * If the call returns a PermissionCollection, that collection is stored
224 * in this Permissions object. If the call returns null and createEmpty
225 * is true, then
226 * this method instantiates and stores a default PermissionCollection
227 * that uses a hashtable to store its permission objects.
228 *
229 * createEmpty is ignored when creating empty PermissionCollection
230 * for unresolved permissions because of the overhead of determining the
231 * PermissionCollection to use.
232 *
233 * createEmpty should be set to false when this method is invoked from
234 * implies() because it incurs the additional overhead of creating and
235 * adding an empty PermissionCollection that will just return false.
236 * It should be set to true when invoked from add().
237 */
238 private PermissionCollection getPermissionCollection(Permission p,
239 boolean createEmpty) {
240 Class<?> c = p.getClass();
241
|
1 /*
2 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
27
28 import java.util.Enumeration;
29 import java.util.Hashtable;
30 import java.util.NoSuchElementException;
31 import java.util.Map;
32 import java.util.HashMap;
33 import java.util.List;
34 import java.util.Iterator;
35 import java.util.Collections;
36 import java.io.Serializable;
37 import java.io.ObjectStreamField;
38 import java.io.ObjectOutputStream;
39 import java.io.ObjectInputStream;
40 import java.io.IOException;
41
42
43 /**
44 * This class represents a heterogeneous collection of Permissions. That is,
45 * it contains different types of Permission objects, organized into
46 * PermissionCollections. For example, if any
47 * {@code java.io.FilePermission} objects are added to an instance of
48 * this class, they are all stored in a single
49 * PermissionCollection. It is the PermissionCollection returned by a call to
50 * the {@code newPermissionCollection} method in the FilePermission class.
51 * Similarly, any {@code java.lang.RuntimePermission} objects are
52 * stored in the PermissionCollection returned by a call to the
53 * {@code newPermissionCollection} method in the
54 * RuntimePermission class. Thus, this class represents a collection of
55 * PermissionCollections.
56 *
57 * <p>When the {@code add} method is called to add a Permission, the
58 * Permission is stored in the appropriate PermissionCollection. If no such
59 * collection exists yet, the Permission object's class is determined and the
60 * {@code newPermissionCollection} method is called on that class to create
61 * the PermissionCollection and add it to the Permissions object. If
62 * {@code newPermissionCollection} returns null, then a default
63 * PermissionCollection that uses a hashtable will be created and used. Each
64 * hashtable entry stores a Permission object as both the key and the value.
65 *
66 * <p> Enumerations returned via the {@code elements} method are
67 * not <em>fail-fast</em>. Modifications to a collection should not be
68 * performed while enumerating over that collection.
69 *
70 * @see Permission
71 * @see PermissionCollection
72 * @see AllPermission
73 *
74 *
75 * @author Marianne Mueller
76 * @author Roland Schemers
77 *
78 * @serial exclude
79 */
80
81 public final class Permissions extends PermissionCollection
82 implements Serializable
83 {
84 /**
85 * Key is permissions Class, value is PermissionCollection for that class.
86 * Not serialized; see serialization section at end of class.
138 allPermission = pc;
139 }
140 if (permission instanceof UnresolvedPermission) {
141 hasUnresolved = true;
142 }
143 }
144
145 /**
146 * Checks to see if this object's PermissionCollection for permissions of
147 * the specified permission's class implies the permissions
148 * expressed in the <i>permission</i> object. Returns true if the
149 * combination of permissions in the appropriate PermissionCollection
150 * (e.g., a FilePermissionCollection for a FilePermission) together
151 * imply the specified permission.
152 *
153 * <p>For example, suppose there is a FilePermissionCollection in this
154 * Permissions object, and it contains one FilePermission that specifies
155 * "read" access for all files in all subdirectories of the "/tmp"
156 * directory, and another FilePermission that specifies "write" access
157 * for all files in the "/tmp/scratch/foo" directory.
158 * Then if the {@code implies} method
159 * is called with a permission specifying both "read" and "write" access
160 * to files in the "/tmp/scratch/foo" directory, {@code true} is
161 * returned.
162 *
163 * <p>Additionally, if this PermissionCollection contains the
164 * AllPermission, this method will always return true.
165 * <p>
166 * @param permission the Permission object to check.
167 *
168 * @return true if "permission" is implied by the permissions in the
169 * PermissionCollection it
170 * belongs to, false if not.
171 */
172
173 public boolean implies(Permission permission) {
174 // No sync; staleness -> skip optimization, which is OK
175 if (allPermission != null) {
176 return true; // AllPermission has already been added
177 } else {
178 synchronized (this) {
179 PermissionCollection pc = getPermissionCollection(permission,
180 false);
197
198 public Enumeration<Permission> elements() {
199 // go through each Permissions in the hash table
200 // and call their elements() function.
201
202 synchronized (this) {
203 return new PermissionsEnumerator(permsMap.values().iterator());
204 }
205 }
206
207 /**
208 * Gets the PermissionCollection in this Permissions object for
209 * permissions whose type is the same as that of <i>p</i>.
210 * For example, if <i>p</i> is a FilePermission,
211 * the FilePermissionCollection
212 * stored in this Permissions object will be returned.
213 *
214 * If createEmpty is true,
215 * this method creates a new PermissionCollection object for the specified
216 * type of permission objects if one does not yet exist.
217 * To do so, it first calls the {@code newPermissionCollection} method
218 * on <i>p</i>. Subclasses of class Permission
219 * override that method if they need to store their permissions in a
220 * particular PermissionCollection object in order to provide the
221 * correct semantics when the {@code PermissionCollection.implies}
222 * method is called.
223 * If the call returns a PermissionCollection, that collection is stored
224 * in this Permissions object. If the call returns null and createEmpty
225 * is true, then
226 * this method instantiates and stores a default PermissionCollection
227 * that uses a hashtable to store its permission objects.
228 *
229 * createEmpty is ignored when creating empty PermissionCollection
230 * for unresolved permissions because of the overhead of determining the
231 * PermissionCollection to use.
232 *
233 * createEmpty should be set to false when this method is invoked from
234 * implies() because it incurs the additional overhead of creating and
235 * adding an empty PermissionCollection that will just return false.
236 * It should be set to true when invoked from add().
237 */
238 private PermissionCollection getPermissionCollection(Permission p,
239 boolean createEmpty) {
240 Class<?> c = p.getClass();
241
|