1 /*
   2  * Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 
  27 package java.sql;
  28 
  29 import java.security.*;
  30 
  31 /**
  32  * The permission for which the <code>SecurityManager</code> will check
  33  * when code that is running an application with a
  34  * <code>SecurityManager</code> enabled, calls the
  35  * {@code DriverManager.deregisterDriver} method,
  36  * <code>DriverManager.setLogWriter</code> method,
  37  * <code>DriverManager.setLogStream</code> (deprecated) method,
  38  * {@code SyncFactory.setJNDIContext} method,
  39  * {@code SyncFactory.setLogger} method,
  40  * {@code Connection.setNetworktimeout} method,
  41  * or the <code>Connection.abort</code> method.
  42  * If there is no <code>SQLPermission</code> object, these methods
  43  * throw a <code>java.lang.SecurityException</code> as a runtime exception.
  44  * <P>
  45  * A <code>SQLPermission</code> object contains
  46  * a name (also referred to as a "target name") but no actions
  47  * list; there is either a named permission or there is not.
  48  * The target name is the name of the permission (see below). The
  49  * naming convention follows the  hierarchical property naming convention.
  50  * In addition, an asterisk
  51  * may appear at the end of the name, following a ".", or by itself, to
  52  * signify a wildcard match. For example: <code>loadLibrary.*</code>
  53  * and <code>*</code> signify a wildcard match,
  54  * while <code>*loadLibrary</code> and <code>a*b</code> do not.
  55  * <P>
  56  * The following table lists all the possible <code>SQLPermission</code> target names.
  57  * The table gives a description of what the permission allows
  58  * and a discussion of the risks of granting code the permission.
  59  *
  60  *
  61  * <table border=1 cellpadding=5 summary="permission target name, what the permission allows, and associated risks">
  62  * <tr>
  63  * <th>Permission Target Name</th>
  64  * <th>What the Permission Allows</th>
  65  * <th>Risks of Allowing this Permission</th>
  66  * </tr>
  67  *
  68  * <tr>
  69  *   <td>setLog</td>
  70  *   <td>Setting of the logging stream</td>
  71  *   <td>This is a dangerous permission to grant.
  72  * The contents of the log may contain usernames and passwords,
  73  * SQL statements, and SQL data.</td>
  74  * </tr>
  75  * <tr>
  76  * <td>callAbort</td>
  77  *   <td>Allows the invocation of the {@code Connection} method
  78  *   {@code abort}</td>
  79  *   <td>Permits an application to terminate a physical connection to a
  80  *  database.</td>
  81  * </tr>
  82  * <tr>
  83  * <td>setSyncFactory</td>
  84  *   <td>Allows the invocation of the {@code SyncFactory} methods
  85  *   {@code setJNDIContext} and {@code setLogger}</td>
  86  *   <td>Permits an application to specify the JNDI context from which the
  87  *   {@code SyncProvider} implementations can be retrieved from and the logging
  88  *   object to be used by the {@code SyncProvider} implementation.</td>
  89  * </tr>
  90  *
  91  * <tr>
  92  * <td>setNetworkTimeout</td>
  93  *   <td>Allows the invocation of the {@code Connection} method
  94  *   {@code setNetworkTimeout}</td>
  95  *   <td>Permits an application to specify the maximum period a
  96  * <code>Connection</code> or
  97  * objects created from the <code>Connection</code>
  98  * will wait for the database to reply to any one request.</td>
  99  * <tr>
 100  * <td>deregisterDriver</td>
 101  *   <td>Allows the invocation of the {@code DriverManager}
 102  * method {@code deregisterDriver}</td>
 103  *   <td>Permits an application to remove a JDBC driver from the list of
 104  * registered Drivers and release its resources.</td>
 105  * </tr>
 106  * </table>
 107  *
 108  * @since 1.3
 109  * @see java.security.BasicPermission
 110  * @see java.security.Permission
 111  * @see java.security.Permissions
 112  * @see java.security.PermissionCollection
 113  * @see java.lang.SecurityManager
 114  *
 115  */
 116 
 117 public final class SQLPermission extends BasicPermission {
 118 
 119     /**
 120      * Creates a new <code>SQLPermission</code> object with the specified name.
 121      * The name is the symbolic name of the <code>SQLPermission</code>.
 122      *
 123      * @param name the name of this <code>SQLPermission</code> object, which must
 124      * be either {@code  setLog}, {@code callAbort}, {@code setSyncFactory},
 125      *  {@code deregisterDriver}, or {@code setNetworkTimeout}
 126      * @throws NullPointerException if <code>name</code> is <code>null</code>.
 127      * @throws IllegalArgumentException if <code>name</code> is empty.
 128 
 129      */
 130 
 131     public SQLPermission(String name) {
 132         super(name);
 133     }
 134 
 135     /**
 136      * Creates a new <code>SQLPermission</code> object with the specified name.
 137      * The name is the symbolic name of the <code>SQLPermission</code>; the
 138      * actions <code>String</code> is currently unused and should be
 139      * <code>null</code>.
 140      *
 141      * @param name the name of this <code>SQLPermission</code> object, which must
 142      * be either {@code  setLog}, {@code callAbort}, {@code setSyncFactory},
 143      *  {@code deregisterDriver}, or {@code setNetworkTimeout}
 144      * @param actions should be <code>null</code>
 145      * @throws NullPointerException if <code>name</code> is <code>null</code>.
 146      * @throws IllegalArgumentException if <code>name</code> is empty.
 147 
 148      */
 149 
 150     public SQLPermission(String name, String actions) {
 151         super(name, actions);
 152     }
 153 
 154     /**
 155      * Private serial version unique ID to ensure serialization
 156      * compatibility.
 157      */
 158     static final long serialVersionUID = -1439323187199563495L;
 159 
 160 }