1 /*
2 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.security.util;
27
28 import java.io.File;
29 import java.io.FilePermission;
30 import java.io.IOException;
31 import java.net.URL;
32 import java.security.CodeSource;
33 import java.security.Permission;
34 import java.security.PermissionCollection;
35 import java.security.Permissions;
36 import java.util.Enumeration;
37
38 /**
39 * Delegating implementation of PermissionCollection which avoid opening and
40 * initializing the permissions for the given CodeSource until permissions are
41 * actually accessed, i.e., either elements, implies or toString is called.
42 */
43 public final class LazyCodeSourcePermissionCollection
44 extends PermissionCollection
45 {
46 private static final long serialVersionUID = -6727011328946861783L;
47 private final PermissionCollection perms;
48 private final CodeSource cs;
49 private volatile boolean initialized;
50
51 public LazyCodeSourcePermissionCollection(PermissionCollection perms,
52 CodeSource cs) {
53 this.perms = perms;
54 this.cs = cs;
55 }
56
57 private void initialize() {
58 if (!initialized) {
59 synchronized(perms) {
60 if (initialized)
61 return;
62
63 // open connection to determine the permission needed
64 URL location = cs.getLocation();
65 if (location != null) {
66 try {
67 Permission p = location.openConnection().getPermission();
68 if (p != null) {
69 // for directories then need recursive access
70 if (p instanceof FilePermission) {
71 String path = p.getName();
72 if (path.endsWith(File.separator)) {
73 path += "-";
74 p = new FilePermission(path, "read");
75 }
76 }
77 perms.add(p);
78 }
79 } catch (IOException ioe) {
80 }
81 }
82 if (isReadOnly()) {
83 perms.setReadOnly();
84 }
85 initialized = true;
86 }
87 }
88 }
89
90 @Override
91 public void add(Permission permission) {
92 if (isReadOnly())
93 throw new SecurityException(
94 "attempt to add a Permission to a readonly PermissionCollection");
95 perms.add(permission);
96 }
97
98 @Override
99 public boolean implies(Permission permission) {
100 initialize();
101 return perms.implies(permission);
102 }
103
104 @Override
105 public Enumeration<Permission> elements() {
106 initialize();
107 return perms.elements();
108 }
109
110 @Override
111 public String toString() {
112 initialize();
113 return perms.toString();
114 }
115
116 /**
117 * On serialization, initialize and replace with the underlying
118 * permissions. This removes the laziness on deserialization.
119 */
120 private Object writeReplace() {
121 initialize();
122 return perms;
123 }
124 }