Find Usages Diff Raw Download HTML Widget
Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions 
1
  /*
2
   * Copyright 1997-2006 Sun Microsystems, Inc.  All Rights Reserved.
3
   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
   *
5
   * This code is free software; you can redistribute it and/or modify it
6
   * under the terms of the GNU General Public License version 2 only, as
7
   * published by the Free Software Foundation.  Sun designates this
8
   * particular file as subject to the "Classpath" exception as provided
9
   * by Sun in the LICENSE file that accompanied this code.
10
  *
11
  * This code is distributed in the hope that it will be useful, but WITHOUT
12
  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13
  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14
  * version 2 for more details (a copy is included in the LICENSE file that
15
  * accompanied this code).
16
  *
17
  * You should have received a copy of the GNU General Public License version
18
  * 2 along with this work; if not, write to the Free Software Foundation,
19
  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20
  *
21
  * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
22
  * CA 95054 USA or visit www.sun.com if you need additional information or
23
  * have any questions.
24
  */
25
 
26
 package java.security;
27
 
31
 import java.util.Map;
33
 import java.util.List;
This class represents a heterogeneous collection of Permissions. That is, it contains different types of Permission objects, organized into PermissionCollections. For example, if any java.io.FilePermission objects are added to an instance of this class, they are all stored in a single PermissionCollection. It is the PermissionCollection returned by a call to the newPermissionCollection method in the FilePermission class. Similarly, any java.lang.RuntimePermission objects are stored in the PermissionCollection returned by a call to the newPermissionCollection method in the RuntimePermission class. Thus, this class represents a collection of PermissionCollections.

When the add method is called to add a Permission, the Permission is stored in the appropriate PermissionCollection. If no such collection exists yet, the Permission object's class is determined and the newPermissionCollection method is called on that class to create the PermissionCollection and add it to the Permissions object. If newPermissionCollection returns null, then a default PermissionCollection that uses a hashtable will be created and used. Each hashtable entry stores a Permission object as both the key and the value.

Enumerations returned via the elements method are not fail-fast. Modifications to a collection should not be performed while enumerating over that collection.

Author(s):
Marianne Mueller
Roland Schemers
See also:
Permission
PermissionCollection
AllPermission
Serial:
exclude
80
 
81
 
82
 public final class Permissions extends PermissionCollection
83
 implements Serializable
84
 {
    
Key is permissions Class, value is PermissionCollection for that class. Not serialized; see serialization section at end of class. 
88
 
89
     private transient Map<Class<?>, PermissionCollectionpermsMap;
90
 
91
     // optimization. keep track of whether unresolved permissions need to be
92
     // checked
93
     private transient boolean hasUnresolved = false;
94
 
95
     // optimization. keep track of the AllPermission collection
96
     // - package private for ProtectionDomain optimization
Creates a new Permissions object containing no PermissionCollections. 
102
    public Permissions() {
103
         = new HashMap<Class<?>, PermissionCollection>(11);
104
         = null;
105
    }

    
Adds a permission object to the PermissionCollection for the class the permission belongs to. For example, if permission is a FilePermission, it is added to the FilePermissionCollection stored in this Permissions object. This method creates a new PermissionCollection object (and adds the permission to it) if an appropriate collection does not yet exist.

Parameters:
permission the Permission object to add.
Throws:
java.lang.SecurityException if this Permissions object is marked as readonly.
See also:
PermissionCollection.isReadOnly()
125
    public void add(Permission permission) {
126
        if (isReadOnly())
127
            throw new SecurityException(
128
              "attempt to add a Permission to a readonly Permissions object");
130
        PermissionCollection pc;
132
        synchronized (this) {
133
            pc = getPermissionCollection(permissiontrue);
134
            pc.add(permission);
135
        }
137
        // No sync; staleness -> optimizations delayed, which is OK
138
        if (permission instanceof AllPermission) {
139
             = pc;
140
        }
141
        if (permission instanceof UnresolvedPermission) {
142
             = true;
143
        }
144
    }

    
Checks to see if this object's PermissionCollection for permissions of the specified permission's class implies the permissions expressed in the permission object. Returns true if the combination of permissions in the appropriate PermissionCollection (e.g., a FilePermissionCollection for a FilePermission) together imply the specified permission.

For example, suppose there is a FilePermissionCollection in this Permissions object, and it contains one FilePermission that specifies "read" access for all files in all subdirectories of the "/tmp" directory, and another FilePermission that specifies "write" access for all files in the "/tmp/scratch/foo" directory. Then if the implies method is called with a permission specifying both "read" and "write" access to files in the "/tmp/scratch/foo" directory, true is returned.

Additionally, if this PermissionCollection contains the AllPermission, this method will always return true.

Parameters:
permission the Permission object to check.
Returns:
true if "permission" is implied by the permissions in the PermissionCollection it belongs to, false if not.
174
    public boolean implies(Permission permission) {
175
        // No sync; staleness -> skip optimization, which is OK
176
        if ( != null) {
177
            return true// AllPermission has already been added
178
        } else {
179
            synchronized (this) {
180
                PermissionCollection pc = getPermissionCollection(permission,
181
                    false);
182
                if (pc != null) {
183
                    return pc.implies(permission);
184
                } else {
185
                    // none found
186
                    return false;
187
                }
188
            }
189
        }
190
    }

    
Returns an enumeration of all the Permission objects in all the PermissionCollections in this Permissions object.

Returns:
an enumeration of all the Permissions.
199
    public Enumeration<Permissionelements() {
200
        // go through each Permissions in the hash table
201
        // and call their elements() function.
203
        synchronized (this) {
204
            return new PermissionsEnumerator(.values().iterator());
205
        }
206
    }

    
Gets the PermissionCollection in this Permissions object for permissions whose type is the same as that of p. For example, if p is a FilePermission, the FilePermissionCollection stored in this Permissions object will be returned. If createEmpty is true, this method creates a new PermissionCollection object for the specified type of permission objects if one does not yet exist. To do so, it first calls the newPermissionCollection method on p. Subclasses of class Permission override that method if they need to store their permissions in a particular PermissionCollection object in order to provide the correct semantics when the PermissionCollection.implies method is called. If the call returns a PermissionCollection, that collection is stored in this Permissions object. If the call returns null and createEmpty is true, then this method instantiates and stores a default PermissionCollection that uses a hashtable to store its permission objects. createEmpty is ignored when creating empty PermissionCollection for unresolved permissions because of the overhead of determining the PermissionCollection to use. createEmpty should be set to false when this method is invoked from implies() because it incurs the additional overhead of creating and adding an empty PermissionCollection that will just return false. It should be set to true when invoked from add(). 
240
        boolean createEmpty) {
241
        Class c = p.getClass();
243
        PermissionCollection pc = .get(c);
245
        if (! && !createEmpty) {
246
            return pc;
247
        } else if (pc == null) {
249
            // Check for unresolved permissions
250
            pc = ( ? getUnresolvedPermissions(p) : null);
252
            // if still null, create a new collection
253
            if (pc == null && createEmpty) {
255
                pc = p.newPermissionCollection();
257
                // still no PermissionCollection?
258
                // We'll give them a PermissionsHash.
259
                if (pc == null)
260
                    pc = new PermissionsHash();
261
            }
263
            if (pc != null) {
264
                .put(cpc);
265
            }
266
        }
267
        return pc;
268
    }

    
Resolves any unresolved permissions of type p.

Parameters:
p the type of unresolved permission to resolve
Returns:
PermissionCollection containing the unresolved permissions, or null if there were no unresolved permissions of type p.
280
    {
281
        // Called from within synchronized method so permsMap doesn't need lock
283
        UnresolvedPermissionCollection uc =
286
        // we have no unresolved permissions if uc is null
287
        if (uc == null)
288
            return null;
290
        List<UnresolvedPermissionunresolvedPerms =
291
                                        uc.getUnresolvedPermissions(p);
293
        // we have no unresolved permissions of this type if unresolvedPerms is null
294
        if (unresolvedPerms == null)
295
            return null;
297
        java.security.cert.Certificate certs[] = null;
299
        Object signers[] = p.getClass().getSigners();
301
        int n = 0;
302
        if (signers != null) {
303
            for (int j=0; j < signers.lengthj++) {
304
                if (signers[jinstanceof java.security.cert.Certificate) {
305
                    n++;
306
                }
307
            }
308
            certs = new java.security.cert.Certificate[n];
309
            n = 0;
310
            for (int j=0; j < signers.lengthj++) {
311
                if (signers[jinstanceof java.security.cert.Certificate) {
312
                    certs[n++] = (java.security.cert.Certificate)signers[j];
313
                }
314
            }
315
        }
317
        PermissionCollection pc = null;
318
        synchronized (unresolvedPerms) {
319
            int len = unresolvedPerms.size();
320
            for (int i = 0; i < leni++) {
321
                UnresolvedPermission up = unresolvedPerms.get(i);
322
                Permission perm = up.resolve(pcerts);
323
                if (perm != null) {
324
                    if (pc == null) {
325
                        pc = p.newPermissionCollection();
326
                        if (pc == null)
327
                            pc = new PermissionsHash();
328
                    }
329
                    pc.add(perm);
330
                }
331
            }
332
        }
333
        return pc;
334
    }
336
    private static final long serialVersionUID = 4858622370623524688L;
338
    // Need to maintain serialization interoperability with earlier releases,
339
    // which had the serializable field:
340
    // private Hashtable perms;
341

    

SerialField:
perms java.util.Hashtable A table of the Permission classes and PermissionCollections.
SerialField:
allPermission java.security.PermissionCollection
347
    private static final ObjectStreamField[] serialPersistentFields = {
348
        new ObjectStreamField("perms"Hashtable.class),
349
        new ObjectStreamField("allPermission"PermissionCollection.class),
350
    };

    

SerialData:
Default fields.
355
    /*
356
     * Writes the contents of the permsMap field out as a Hashtable for
357
     * serialization compatibility with earlier releases. allPermission
358
     * unchanged.
359
     */
360
    private void writeObject(ObjectOutputStream outthrows IOException {
361
        // Don't call out.defaultWriteObject()
363
        // Copy perms into a Hashtable
364
        Hashtable<Class<?>, PermissionCollectionperms =
365
            new Hashtable<Class<?>, PermissionCollection>(.size()*2); // no sync; estimate
366
        synchronized (this) {
367
            perms.putAll();
368
        }
370
        // Write out serializable fields
371
        ObjectOutputStream.PutField pfields = out.putFields();
373
        pfields.put("allPermission"); // no sync; staleness OK
374
        pfields.put("perms"perms);
375
        out.writeFields();
376
    }
378
    /*
379
     * Reads in a Hashtable of Class/PermissionCollections and saves them in the
380
     * permsMap field. Reads in allPermission.
381
     */
382
    private void readObject(ObjectInputStream inthrows IOException,
384
        // Don't call defaultReadObject()
386
        // Read in serialized fields
387
        ObjectInputStream.GetField gfields = in.readFields();
389
        // Get allPermission
390
         = (PermissionCollectiongfields.get("allPermission"null);
392
        // Get permissions
393
        Hashtable<Class<?>, PermissionCollectionperms =
394
            (Hashtable<Class<?>, PermissionCollection>)gfields.get("perms"null);
395
         = new HashMap<Class<?>, PermissionCollection>(perms.size()*2);
396
        .putAll(perms);
398
        // Set hasUnresolved
399
        UnresolvedPermissionCollection uc =
401
         = (uc != null && uc.elements().hasMoreElements());
402
    }
405
final class PermissionsEnumerator implements Enumeration<Permission> {
407
    // all the perms
409
    // the current set
410
    private Enumeration<Permissionpermset;
413
         = e;
414
         = getNextEnumWithMore();
415
    }
417
    // No need to synchronize; caller should sync on object as required
418
    public boolean hasMoreElements() {
419
        // if we enter with permissionimpl null, we know
420
        // there are no more left.
422
        if ( == null)
423
            return  false;
425
        // try to see if there are any left in the current one
427
        if (.hasMoreElements())
428
            return true;
430
        // get the next one that has something in it...
431
         = getNextEnumWithMore();
433
        // if it is null, we are done!
434
        return ( != null);
435
    }
437
    // No need to synchronize; caller should sync on object as required
438
    public Permission nextElement() {
440
        // hasMoreElements will update permset to the next permset
441
        // with something in it...
443
        if (hasMoreElements()) {
444
            return .nextElement();
445
        } else {
446
            throw new NoSuchElementException("PermissionsEnumerator");
447
        }
449
    }
452
        while (.hasNext()) {
453
            PermissionCollection pc = .next();
454
            Enumeration<Permissionnext =pc.elements();
455
            if (next.hasMoreElements())
456
                return next;
457
        }
458
        return null;
460
    }
A PermissionsHash stores a homogeneous set of permissions in a hashtable.

Author(s):
Roland Schemers
See also:
Permission
Permissions
Serial:
include
476
implements Serializable
477
{
    
Key and value are (same) permissions objects. Not serialized; see serialization section at end of class. 
482
    private transient Map<PermissionPermissionpermsMap;

    
Create an empty PermissionsHash object. 
488
    PermissionsHash() {
489
         = new HashMap<PermissionPermission>(11);
490
    }

    
Adds a permission to the PermissionsHash.

Parameters:
permission the Permission object to add.
498
    public void add(Permission permission) {
499
        synchronized (this) {
500
            .put(permissionpermission);
501
        }
502
    }

    
Check and see if this set of permissions implies the permissions expressed in "permission".

Parameters:
permission the Permission object to compare
Returns:
true if "permission" is a proper subset of a permission in the set, false if not.
514
    public boolean implies(Permission permission) {
515
        // attempt a fast lookup and implies. If that fails
516
        // then enumerate through all the permissions.
517
        synchronized (this) {
518
            Permission p = .get(permission);
520
            // If permission is found, then p.equals(permission)
521
            if (p == null) {
522
                for (Permission p_ : .values()) {
523
                    if (p_.implies(permission))
524
                        return true;
525
                }
526
                return false;
527
            } else {
528
                return true;
529
            }
530
        }
531
    }

    
Returns an enumeration of all the Permission objects in the container.

Returns:
an enumeration of all the Permissions.
539
    public Enumeration<Permissionelements() {
540
        // Convert Iterator of Map values into an Enumeration
541
        synchronized (this) {
542
            return Collections.enumeration(.values());
543
        }
544
    }
546
    private static final long serialVersionUID = -8491988220802933440L;
547
    // Need to maintain serialization interoperability with earlier releases,
548
    // which had the serializable field:
549
    // private Hashtable perms;
550
    

SerialField:
perms java.util.Hashtable A table of the Permissions (both key and value are same).
554
    private static final ObjectStreamField[] serialPersistentFields = {
555
        new ObjectStreamField("perms"Hashtable.class),
556
    };

    

SerialData:
Default fields.
561
    /*
562
     * Writes the contents of the permsMap field out as a Hashtable for
563
     * serialization compatibility with earlier releases.
564
     */
565
    private void writeObject(ObjectOutputStream outthrows IOException {
566
        // Don't call out.defaultWriteObject()
568
        // Copy perms into a Hashtable
569
        Hashtable<PermissionPermissionperms =
570
                new Hashtable<PermissionPermission>(.size()*2);
571
        synchronized (this) {
572
            perms.putAll();
573
        }
575
        // Write out serializable fields
576
        ObjectOutputStream.PutField pfields = out.putFields();
577
        pfields.put("perms"perms);
578
        out.writeFields();
579
    }
581
    /*
582
     * Reads in a Hashtable of Permission/Permission and saves them in the
583
     * permsMap field.
584
     */
585
    private void readObject(ObjectInputStream inthrows IOException,
587
        // Don't call defaultReadObject()
589
        // Read in serialized fields
590
        ObjectInputStream.GetField gfields = in.readFields();
592
        // Get permissions
593
        Hashtable<PermissionPermissionperms =
594
                (Hashtable<PermissionPermission>)gfields.get("perms"null);
595
         = new HashMap<PermissionPermission>(perms.size()*2);
596
        .putAll(perms);
597
    }
New to GrepCode? Check out our FAQ X