Class CapabilityPermission

  • All Implemented Interfaces:
    java.io.Serializable, java.security.Guard

    public final class CapabilityPermission
    extends java.security.BasicPermission
    A bundle's authority to provide or require a capability.
    • The provide action allows a bundle to provide a capability matching the specified filter.
    • The require action allows a bundle to require a capability matching the specified filter.
    Since:
    1.6
    See Also:
    Serialized Form
    • Field Summary

      Fields 
      Modifier and Type Field Description
      private static int ACTION_ALL  
      (package private) int action_mask
      The actions mask.
      (package private) static int ACTION_NONE  
      private static int ACTION_PROVIDE  
      private static int ACTION_REQUIRE  
      private java.lang.String actions
      The actions in canonical form.
      (package private) java.util.Map<java.lang.String,​java.lang.Object> attributes
      The attributes of the requested capability.
      (package private) Bundle bundle
      The bundle of the requested capability.
      (package private) Filter filter
      If this CapabilityPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.
      private java.util.Map<java.lang.String,​java.lang.Object> properties
      This map holds the properties of the permission, used to match a filter in implies.
      static java.lang.String PROVIDE
      The action string provide.
      static java.lang.String REQUIRE
      The action string require.
      (package private) static long serialVersionUID  
    • Constructor Summary

      Constructors 
      Constructor Description
      CapabilityPermission​(java.lang.String name, int mask)
      Package private constructor used by CapabilityPermissionCollection.
      CapabilityPermission​(java.lang.String name, java.lang.String actions)
      Create a new CapabilityPermission.
      CapabilityPermission​(java.lang.String namespace, java.util.Map<java.lang.String,​?> attributes, Bundle providingBundle, java.lang.String actions)
      Creates a new requested CapabilityPermission object to be used by code that must perform checkPermission for the require action.
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean equals​(java.lang.Object obj)
      Determines the equality of two CapabilityPermission objects.
      java.lang.String getActions()
      Returns the canonical string representation of the actions.
      private java.util.Map<java.lang.String,​java.lang.Object> getProperties()
      int hashCode()
      Returns the hash code value for this object.
      boolean implies​(java.security.Permission p)
      Determines if a CapabilityPermission object "implies" the specified permission.
      (package private) boolean implies0​(CapabilityPermission requested, int effective)
      Internal implies method.
      java.security.PermissionCollection newPermissionCollection()
      Returns a new PermissionCollection object for storing CapabilityPermission objects.
      private static int parseActions​(java.lang.String actions)
      Parse action string into action mask.
      private static Filter parseFilter​(java.lang.String filterString)
      Parse filter string into a Filter object.
      private void readObject​(java.io.ObjectInputStream s)
      readObject is called to restore the state of this permission from a stream.
      private void setTransients​(java.lang.String name, int mask)
      Called by constructors and when deserialized.
      private void writeObject​(java.io.ObjectOutputStream s)
      WriteObject is called to save the state of this permission to a stream.
      • Methods inherited from class java.security.Permission

        checkGuard, getName, toString
      • Methods inherited from class java.lang.Object

        clone, finalize, getClass, notify, notifyAll, wait, wait, wait
    • Field Detail

      • REQUIRE

        public static final java.lang.String REQUIRE
        The action string require.
        See Also:
        Constant Field Values
      • PROVIDE

        public static final java.lang.String PROVIDE
        The action string provide.
        See Also:
        Constant Field Values
      • action_mask

        transient int action_mask
        The actions mask.
      • actions

        private volatile java.lang.String actions
        The actions in canonical form.
      • attributes

        final transient java.util.Map<java.lang.String,​java.lang.Object> attributes
        The attributes of the requested capability. Must be null if not constructed with attributes.
      • bundle

        final transient Bundle bundle
        The bundle of the requested capability. Must be null if not constructed with bundle.
      • filter

        transient Filter filter
        If this CapabilityPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.
      • properties

        private transient volatile java.util.Map<java.lang.String,​java.lang.Object> properties
        This map holds the properties of the permission, used to match a filter in implies. This is not initialized until necessary, and then cached in this object.
    • Constructor Detail

      • CapabilityPermission

        public CapabilityPermission​(java.lang.String name,
                                    java.lang.String actions)
        Create a new CapabilityPermission.

        The name is specified as a dot-separated string. Wildcards may be used.

         name ::= <namespace> | <namespace ending in ".*"> | *
         
        Examples:
         com.acme.capability.*
         org.foo.capability
         *
         
        For the require action, the name can also be a filter expression. The filter gives access to the capability attributes as well as the following attributes:
        • signer - A Distinguished Name chain used to sign the bundle providing the capability. Wildcards in a DN are not matched according to the filter string rules, but according to the rules defined for a DN chain.
        • location - The location of the bundle providing the capability.
        • id - The bundle ID of the bundle providing the capability.
        • name - The symbolic name of the bundle providing the capability.
        • capability.namespace - The namespace of the required capability.
        Since the above attribute names may conflict with attribute names of a capability, you can prefix an attribute name with '@' in the filter expression to match against the capability attributes and not one of the above attributes. Filter attribute names are processed in a case sensitive manner.

        There are two possible actions: require and provide. The require permission allows the owner of this permission to require a capability matching the attributes. The provide permission allows the bundle to provide a capability in the specified capability namespace.

        Parameters:
        name - The capability namespace or a filter over the attributes.
        actions - require,provide (canonical order)
        Throws:
        java.lang.IllegalArgumentException - If the specified name is a filter expression and either the specified action is not require or the filter has an invalid syntax.
      • CapabilityPermission

        public CapabilityPermission​(java.lang.String namespace,
                                    java.util.Map<java.lang.String,​?> attributes,
                                    Bundle providingBundle,
                                    java.lang.String actions)
        Creates a new requested CapabilityPermission object to be used by code that must perform checkPermission for the require action. CapabilityPermission objects created with this constructor cannot be added to a CapabilityPermission permission collection.
        Parameters:
        namespace - The requested capability namespace.
        attributes - The requested capability attributes.
        providingBundle - The bundle providing the requested capability.
        actions - The action require.
        Throws:
        java.lang.IllegalArgumentException - If the specified action is not require or attributes or providingBundle are null .
      • CapabilityPermission

        CapabilityPermission​(java.lang.String name,
                             int mask)
        Package private constructor used by CapabilityPermissionCollection.
        Parameters:
        name - class name
        mask - action mask
    • Method Detail

      • setTransients

        private void setTransients​(java.lang.String name,
                                   int mask)
        Called by constructors and when deserialized.
        Parameters:
        mask - action mask
      • parseActions

        private static int parseActions​(java.lang.String actions)
        Parse action string into action mask.
        Parameters:
        actions - Action string.
        Returns:
        action mask.
      • parseFilter

        private static Filter parseFilter​(java.lang.String filterString)
        Parse filter string into a Filter object.
        Parameters:
        filterString - The filter string to parse.
        Returns:
        a Filter for this bundle. If the specified filterString is not a filter expression, then null is returned.
        Throws:
        java.lang.IllegalArgumentException - If the filter syntax is invalid.
      • implies

        public boolean implies​(java.security.Permission p)
        Determines if a CapabilityPermission object "implies" the specified permission.
        Overrides:
        implies in class java.security.BasicPermission
        Parameters:
        p - The target permission to check.
        Returns:
        true if the specified permission is implied by this object; false otherwise.
      • implies0

        boolean implies0​(CapabilityPermission requested,
                         int effective)
        Internal implies method. Used by the implies and the permission collection implies methods.
        Parameters:
        requested - The requested CapabilityPermission which has already be validated as a proper argument. The requested CapabilityPermission must not have a filter expression.
        effective - The effective actions with which to start.
        Returns:
        true if the specified permission is implied by this object; false otherwise.
      • getActions

        public java.lang.String getActions()
        Returns the canonical string representation of the actions. Always returns present actions in the following order: require, provide.
        Overrides:
        getActions in class java.security.BasicPermission
        Returns:
        The canonical string representation of the actions.
      • newPermissionCollection

        public java.security.PermissionCollection newPermissionCollection()
        Returns a new PermissionCollection object for storing CapabilityPermission objects.
        Overrides:
        newPermissionCollection in class java.security.BasicPermission
        Returns:
        A new PermissionCollection object suitable for storing CapabilityPermission objects.
      • equals

        public boolean equals​(java.lang.Object obj)
        Determines the equality of two CapabilityPermission objects. Checks that specified object has the same name and action as this CapabilityPermission.
        Overrides:
        equals in class java.security.BasicPermission
        Parameters:
        obj - The object to test for equality.
        Returns:
        true if obj is a CapabilityPermission, and has the same name and actions as this CapabilityPermission object; false otherwise.
      • hashCode

        public int hashCode()
        Returns the hash code value for this object.
        Overrides:
        hashCode in class java.security.BasicPermission
        Returns:
        Hash code value for this object.
      • writeObject

        private void writeObject​(java.io.ObjectOutputStream s)
                          throws java.io.IOException
        WriteObject is called to save the state of this permission to a stream. The actions are serialized, and the superclass takes care of the name.
        Throws:
        java.io.IOException
      • readObject

        private void readObject​(java.io.ObjectInputStream s)
                         throws java.io.IOException,
                                java.lang.ClassNotFoundException
        readObject is called to restore the state of this permission from a stream.
        Throws:
        java.io.IOException
        java.lang.ClassNotFoundException
      • getProperties

        private java.util.Map<java.lang.String,​java.lang.Object> getProperties()
        Called by implies(Permission). This method is only called on a requested permission which cannot have a filter set.
        Returns:
        a map of properties for this permission.