9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.lang.reflect;
27
28 import java.security.AccessController;
29 import sun.reflect.ReflectionFactory;
30 import java.lang.annotation.Annotation;
31
32 /**
33 * The AccessibleObject class is the base class for Field, Method and
34 * Constructor objects. It provides the ability to flag a reflected
35 * object as suppressing default Java language access control checks
36 * when it is used. The access checks--for public, default (package)
37 * access, protected, and private members--are performed when Fields,
38 * Methods or Constructors are used to set or get fields, to invoke
39 * methods, or to create and initialize new instances of classes,
40 * respectively.
41 *
42 * <p>Setting the {@code accessible} flag in a reflected object
43 * permits sophisticated applications with sufficient privilege, such
44 * as Java Object Serialization or other persistence mechanisms, to
45 * manipulate objects in a manner that would normally be prohibited.
46 *
47 * <p>By default, a reflected object is <em>not</em> accessible.
48 *
184 * @since 1.5
185 */
186 public boolean isAnnotationPresent(
187 Class<? extends Annotation> annotationClass) {
188 return getAnnotation(annotationClass) != null;
189 }
190
191 /**
192 * @since 1.5
193 */
194 public Annotation[] getAnnotations() {
195 return getDeclaredAnnotations();
196 }
197
198 /**
199 * @since 1.5
200 */
201 public Annotation[] getDeclaredAnnotations() {
202 throw new AssertionError("All subclasses should override this method");
203 }
204 }
|
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.lang.reflect;
27
28 import java.security.AccessController;
29 import sun.reflect.Reflection;
30 import sun.reflect.ReflectionFactory;
31 import java.lang.annotation.Annotation;
32
33 /**
34 * The AccessibleObject class is the base class for Field, Method and
35 * Constructor objects. It provides the ability to flag a reflected
36 * object as suppressing default Java language access control checks
37 * when it is used. The access checks--for public, default (package)
38 * access, protected, and private members--are performed when Fields,
39 * Methods or Constructors are used to set or get fields, to invoke
40 * methods, or to create and initialize new instances of classes,
41 * respectively.
42 *
43 * <p>Setting the {@code accessible} flag in a reflected object
44 * permits sophisticated applications with sufficient privilege, such
45 * as Java Object Serialization or other persistence mechanisms, to
46 * manipulate objects in a manner that would normally be prohibited.
47 *
48 * <p>By default, a reflected object is <em>not</em> accessible.
49 *
185 * @since 1.5
186 */
187 public boolean isAnnotationPresent(
188 Class<? extends Annotation> annotationClass) {
189 return getAnnotation(annotationClass) != null;
190 }
191
192 /**
193 * @since 1.5
194 */
195 public Annotation[] getAnnotations() {
196 return getDeclaredAnnotations();
197 }
198
199 /**
200 * @since 1.5
201 */
202 public Annotation[] getDeclaredAnnotations() {
203 throw new AssertionError("All subclasses should override this method");
204 }
205
206
207 // Shared access checking logic.
208
209 // For non-public members or members in package-private classes,
210 // it is necessary to perform somewhat expensive security checks.
211 // If the security check succeeds for a given class, it will
212 // always succeed (it is not affected by the granting or revoking
213 // of permissions); we speed up the check in the common case by
214 // remembering the last Class for which the check succeeded.
215 //
216 // The simple security check for Constructor is to see if
217 // the caller has already been seen, verified, and cached.
218 // (See also Class.newInstance(), which uses a similar method.)
219 //
220 // A more complicated security check cache is needed for Method and Field
221 // The cache can be either null (empty cache), a 2-array of {caller,target},
222 // or a caller (with target implicitly equal to this.clazz).
223 // In the 2-array case, the target is always different from the clazz.
224 volatile Object securityCheckCache;
225
226 void checkAccess(Class<?> caller, Class<?> clazz, Object obj, int modifiers)
227 throws IllegalAccessException
228 {
229 if (caller == clazz) { // quick check
230 return; // ACCESS IS OK
231 }
232 Object cache = securityCheckCache; // read volatile
233 Class<?> targetClass = clazz;
234 if (obj != null
235 && Modifier.isProtected(modifiers)
236 && ((targetClass = obj.getClass()) != clazz)) {
237 // Must match a 2-list of { caller, targetClass }.
238 if (cache instanceof Class[]) {
239 Class<?>[] cache2 = (Class<?>[]) cache;
240 if (cache2[1] == targetClass &&
241 cache2[0] == caller) {
242 return; // ACCESS IS OK
243 }
244 // (Test cache[1] first since range check for [1]
245 // subsumes range check for [0].)
246 }
247 } else if (cache == caller) {
248 // Non-protected case (or obj.class == this.clazz).
249 return; // ACCESS IS OK
250 }
251
252 // If no return, fall through to the slow path.
253 slowCheckMemberAccess(caller, clazz, obj, modifiers, targetClass);
254 }
255
256 // Keep all this slow stuff out of line:
257 void slowCheckMemberAccess(Class<?> caller, Class<?> clazz, Object obj, int modifiers,
258 Class<?> targetClass)
259 throws IllegalAccessException
260 {
261 Reflection.ensureMemberAccess(caller, clazz, obj, modifiers);
262
263 // Success: Update the cache.
264 Object cache = ((targetClass == clazz)
265 ? caller
266 : new Class<?>[] { caller, targetClass });
267
268 // Note: The two cache elements are not volatile,
269 // but they are effectively final. The Java memory model
270 // guarantees that the initializing stores for the cache
271 // elements will occur before the volatile write.
272 securityCheckCache = cache; // write volatile
273 }
274 }
|