This class is for property permissions.
The name is the name of the property ("java.home",
"os.name", etc). The naming
convention follows the hierarchical property naming convention.
Also, an asterisk
may appear at the end of the name, following a ".", or by itself, to
signify a wildcard match. For example: "java.*" or "*" is valid,
"*java" or "a*b" is not valid.
The actions to be granted are passed to the constructor in a string containing
a list of zero or more comma-separated keywords. The possible keywords are
"read" and "write". Their meaning is defined as follows:
- read
- read permission. Allows
System.getProperty to
be called.
- write
- write permission. Allows
System.setProperty to
be called.
The actions string is converted to lowercase before processing.
Care should be taken before granting code permission to access
certain system properties. For example, granting permission to
access the "java.home" system property gives potentially malevolent
code sensitive information about the system environment (the Java
installation directory). Also, granting permission to access
the "user.name" and "user.home" system properties gives potentially
malevolent code sensitive information about the user environment
(the user's account name and home directory).
private final static int READ = 0x1;
private final static int WRITE = 0x2;
All actions (read,write);
private final static int NONE = 0x0;
private transient int mask;
initialize a PropertyPermission object. Common to all constructors.
Also called during de-serialization.
- Parameters:
mask the actions mask to use.
private void init(int mask)
if ((mask & ALL) != mask)
Creates a new PropertyPermission object with the specified name.
The name is the name of the system property, and
actions contains a comma-separated list of the
desired actions granted on the property. Possible actions are
"read" and "write".
Checks if this PropertyPermission object "implies" the specified
permission.
More specifically, this method returns true if:
- p is an instanceof PropertyPermission,
- p's actions are a subset of this
object's actions, and
- p's name is implied by this object's
name. For example, "java.*" implies "java.home".
- Parameters:
p the permission to check against.- Returns:
- true if the specified permission is implied by this object,
false if not.
return ((this.mask & that.mask) == that.mask) && super.implies(that);
Checks two PropertyPermission objects for equality. Checks that
obj is
a PropertyPermission, and has the same name and actions as this object.
- Parameters:
obj the object we are testing for equality with this object.- Returns:
- true if obj is a PropertyPermission, and has the same name and
actions as this PropertyPermission object.
return (this.mask == that.mask) &&
Returns the hash code value for this object.
The hash code used is the hash code of this permissions name, that is,
getName().hashCode(), where
getName is
from the Permission superclass.
- Returns:
- a hash code value for this object.
Converts an actions String to an actions mask.
- Parameters:
action the action string.- Returns:
- the actions mask.
while ((i!=-1) && ((c = a[i]) == ' ' ||
if (i >= 3 && (a[i-3] == 'r' || a[i-3] == 'R') &&
(a[i-2] == 'e' || a[i-2] == 'E') &&
(a[i-1] == 'a' || a[i-1] == 'A') &&
(a[i] == 'd' || a[i] == 'D'))
} else if (i >= 4 && (a[i-4] == 'w' || a[i-4] == 'W') &&
(a[i-3] == 'r' || a[i-3] == 'R') &&
(a[i-2] == 'i' || a[i-2] == 'I') &&
(a[i-1] == 't' || a[i-1] == 'T') &&
(a[i] == 'e' || a[i] == 'E'))
"invalid permission: " + actions);
boolean seencomma = false;
while (i >= matchlen && !seencomma) { case ' ': case '\r': case '\n':
"invalid permission: " + actions);
Return the canonical string representation of the actions.
Always returns present actions in the following order:
read, write.
- Returns:
- the canonical string representation of the actions.
Returns the "canonical string representation" of the actions.
That is, this method always returns present actions in the following order:
read, write. For example, if this PropertyPermission object
allows both write and read actions, a call to
getActions
will return the string "read,write".
- Returns:
- the canonical string representation of the actions.
Return the current action mask.
Used by the PropertyPermissionCollection
- Returns:
- the actions mask.
Returns a new PermissionCollection object for storing
PropertyPermission objects.
- Returns:
- a new PermissionCollection object suitable for storing
PropertyPermissions.
WriteObject is called to save the state of the PropertyPermission
to a stream. The actions are serialized, and the superclass
takes care of the name.
readObject is called to restore the state of the PropertyPermission from
a stream.
A PropertyPermissionCollection stores a set of PropertyPermission
permissions.
Key is property name; value is PropertyPermission.
Not serialized; see serialization section at end of class.
Boolean saying if "*" is in the collection.
Create an empty PropertyPermissions object.
Adds a permission to the PropertyPermissions. The key for the hash is
the name.
"attempt to add a Permission to a readonly PermissionCollection");
if (oldMask != newMask) { int effective = oldMask | newMask;
Check and see if this set of permissions implies the permissions
expressed in "permission".
- Parameters:
p the Permission object to compare- Returns:
- true if "permission" is a proper subset of a permission in
the set, false if not.
if ((effective & desired) == desired)
if ((effective & desired) == desired)
if ((effective & desired) == desired)
Returns an enumeration of all the PropertyPermission objects in the
container.
- Returns:
- an enumeration of all the PropertyPermission objects.
- SerialField:
- permissions java.util.Hashtable
A table of the PropertyPermissions.
- SerialField:
- all_allowed boolean
boolean saying if "*" is in the collection.
- SerialData:
- Default fields.
pfields.put("permissions", permissions);
