1 /*
2 * Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package com.sun.rmi.rmid;
27
28 import java.security.*;
29 import java.io.*;
30 import java.util.*;
31
32 /**
33 * The ExecPermission class represents permission for rmid to execute
34 * a specific command to launch an activation group. An ExecPermission
35 * consists of a pathname of a command to launch an activation group.
36 * <P>
37 * Pathname is the pathname of the file or directory to grant rmid
38 * execute permission. A pathname that ends in "/*" (where "/" is
39 * the file separator character, <code>File.separatorChar</code>) indicates
40 * all the files and directories contained in that directory. A pathname
41 * that ends with "/-" indicates (recursively) all files
42 * and subdirectories contained in that directory. A pathname consisting of
43 * the special token "<<ALL FILES>>" matches <bold>any</bold> file.
44 * <P>
45 * Note: A pathname consisting of a single "*" indicates all the files
46 * in the current directory, while a pathname consisting of a single "-"
47 * indicates all the files in the current directory and
48 * (recursively) all files and subdirectories contained in the current
49 * directory.
50 * <P>
51 *
52 *
53 * @author Ann Wollrath
54 *
55 * @serial exclude
56 */
57 public final class ExecPermission extends Permission
58 {
59 /**
60 * UID for serialization
61 */
62 private static final long serialVersionUID = -6208470287358147919L;
63
64 private transient FilePermission fp;
65
66 /**
67 * Creates a new ExecPermission object with the specified path.
68 * <i>path</i> is the pathname of a file or directory.
69 *
70 * <p>A pathname that ends in "/*" (where "/" is
71 * the file separator character, <code>File.separatorChar</code>) indicates
72 * a directory and all the files contained in that directory. A pathname
73 * that ends with "/-" indicates a directory and (recursively) all files
74 * and subdirectories contained in that directory. The special pathname
75 * "<<ALL FILES>>" matches all files.
76 *
77 * <p>A pathname consisting of a single "*" indicates all the files
78 * in the current directory, while a pathname consisting of a single "-"
79 * indicates all the files in the current directory and
80 * (recursively) all files and subdirectories contained in the current
81 * directory.
82 *
83 * @param path the pathname of the file/directory.
84 */
85 public ExecPermission(String path) {
86 super(path);
87 init(path);
88 }
89
90 /**
91 * Creates a new ExecPermission object with the specified path.
92 * <i>path</i> is the pathname of a file or directory.
93 *
94 * <p>A pathname that ends in "/*" (where "/" is
95 * the file separator character, <code>File.separatorChar</code>) indicates
96 * a directory and all the files contained in that directory. A pathname
97 * that ends with "/-" indicates a directory and (recursively) all files
98 * and subdirectories contained in that directory. The special pathname
99 * "<<ALL FILES>>" matches all files.
100 *
101 * <p>A pathname consisting of a single "*" indicates all the files
102 * in the current directory, while a pathname consisting of a single "-"
103 * indicates all the files in the current directory and
104 * (recursively) all files and subdirectories contained in the current
105 * directory.
106 *
107 * @param path the pathname of the file/directory.
108 * @param actions the action string (unused)
109 */
110 public ExecPermission(String path, String actions) {
111 this(path);
112 }
113
114 /**
115 * Checks if this ExecPermission object "implies" the specified permission.
116 * <P>
117 * More specifically, this method returns true if:<p>
118 * <ul>
119 * <li> <i>p</i> is an instanceof ExecPermission,<p> and
120 * <li> <i>p</i>'s pathname is implied by this object's
121 * pathname. For example, "/tmp/*" implies "/tmp/foo", since
122 * "/tmp/*" encompasses the "/tmp" directory and all files in that
123 * directory, including the one named "foo".
124 * </ul>
125 * @param p the permission to check against.
126 *
127 * @return true if the specified permission is implied by this object,
128 * false if not.
129 */
130 public boolean implies(Permission p) {
131 if (!(p instanceof ExecPermission))
132 return false;
133
134 ExecPermission that = (ExecPermission) p;
135
136 return fp.implies(that.fp);
137 }
138
139 /**
140 * Checks two ExecPermission objects for equality.
141 * Checks that <i>obj</i>'s class is the same as this object's class
142 * and has the same name as this object.
143 * <P>
144 * @param obj the object we are testing for equality with this object.
145 * @return true if <i>obj</i> is an ExecPermission, and has the same
146 * pathname as this ExecPermission object, false otherwise.
147 */
148 public boolean equals(Object obj) {
149 if (obj == this)
150 return true;
151
152 if (! (obj instanceof ExecPermission))
153 return false;
154
155 ExecPermission that = (ExecPermission) obj;
156
157 return fp.equals(that.fp);
158 }
159
160 /**
161 * Returns the hash code value for this object.
162 *
163 * @return a hash code value for this object.
164 */
165 public int hashCode() {
166 return this.fp.hashCode();
167 }
168
169 /**
170 * Returns the canonical string representation of the actions.
171 *
172 * @return the canonical string representation of the actions.
173 */
174 public String getActions() {
175 return "";
176 }
177
178 /**
179 * Returns a new PermissionCollection object for storing
180 * ExecPermission objects.
181 * <p>
182 * A ExecPermissionCollection stores a collection of
183 * ExecPermission permissions.
184 *
185 * <p>ExecPermission objects must be stored in a manner that allows
186 * them to be inserted in any order, but that also enables the
187 * PermissionCollection <code>implies</code> method
188 * to be implemented in an efficient (and consistent) manner.
189 *
190 * @return a new PermissionCollection object suitable for
191 * storing ExecPermissions.
192 */
193 public PermissionCollection newPermissionCollection() {
194 return new ExecPermissionCollection();
195 }
196
197 /**
198 * readObject is called to restore the state of the ExecPermission
199 * from a stream.
200 */
201 private synchronized void readObject(java.io.ObjectInputStream s)
202 throws IOException, ClassNotFoundException
203 {
204 s.defaultReadObject();
205 // init is called to initialize the rest of the values.
206 init(getName());
207 }
208
209 /**
210 * Initialize a ExecPermission object. Common to all constructors.
211 * Also called during de-serialization.
212 */
213 private void init(String path) {
214 this.fp = new FilePermission(path, "execute");
215 }
216
217 /**
218 * A ExecPermissionCollection stores a collection
219 * of ExecPermission permissions. ExecPermission objects
220 * must be stored in a manner that allows them to be inserted in any
221 * order, but enable the implies function to evaluate the implies
222 * method in an efficient (and consistent) manner.
223 *
224 * @serial include
225 */
226 private static class ExecPermissionCollection
227 extends PermissionCollection
228 implements java.io.Serializable
229 {
230 private Vector permissions;
231
232 private static final long serialVersionUID = -3352558508888368273L;
233
234 /**
235 * Create an empty ExecPermissionCollection.
236 */
237 public ExecPermissionCollection() {
238 permissions = new Vector();
239 }
240
241 /**
242 * Adds a permission to the collection.
243 *
244 * @param permission the Permission object to add.
245 *
246 * @exception IllegalArgumentException - if the permission is not a
247 * ExecPermission
248 *
249 * @exception SecurityException - if this ExecPermissionCollection
250 * object has been marked readonly
251 */
252 public void add(Permission permission)
253 {
254 if (! (permission instanceof ExecPermission))
255 throw new IllegalArgumentException("invalid permission: "+
256 permission);
257 if (isReadOnly())
258 throw new SecurityException("attempt to add a Permission to a readonly PermissionCollection");
259
260 permissions.addElement(permission);
261 }
262
263 /**
264 * Check and see if this set of permissions implies the permissions
265 * expressed in "permission".
266 *
267 * @param p the Permission object to compare
268 *
269 * @return true if "permission" is a proper subset of a permission in
270 * the set, false if not.
271 */
272 public boolean implies(Permission permission)
273 {
274 if (! (permission instanceof ExecPermission))
275 return false;
276
277 Enumeration e = permissions.elements();
278
279 while (e.hasMoreElements()) {
280 ExecPermission x = (ExecPermission) e.nextElement();
281 if (x.implies(permission)) {
282 return true;
283 }
284 }
285 return false;
286 }
287
288 /**
289 * Returns an enumeration of all the ExecPermission objects in the
290 * container.
291 *
292 * @return an enumeration of all the ExecPermission objects.
293 */
294 public Enumeration elements()
295 {
296 return permissions.elements();
297 }
298 }
299 }