KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > kernel > KernelPermission


1 /*
2 * JBoss, Home of Professional Open Source
3 * Copyright 2005, JBoss Inc., and individual contributors as indicated
4 * by the @authors tag. See the copyright.txt in the distribution for a
5 * full listing of individual contributors.
6 *
7 * This is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU Lesser General Public License as
9 * published by the Free Software Foundation; either version 2.1 of
10 * the License, or (at your option) any later version.
11 *
12 * This software is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this software; if not, write to the Free
19 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21 */
22 package org.jboss.kernel;
23
24 import java.io.IOException JavaDoc;
25 import java.io.ObjectInputStream JavaDoc;
26 import java.security.BasicPermission JavaDoc;
27 import java.security.Permission JavaDoc;
28 import java.security.PermissionCollection JavaDoc;
29 import java.util.Enumeration JavaDoc;
30 import java.util.HashSet JavaDoc;
31 import java.util.Iterator JavaDoc;
32
33 /**
34  * This permission represents "trust" in a signer or codebase.
35  *
36  * It contains a target name but no actions list. The targets are
37  * <ul>
38  * <li> access - access the kernel configuration
39  * <li> configure - configure the kernel - implies access
40  * <li> * - all
41  * </ul>
42  *
43  * @author adrian@jboss.com
44  * @version $Revision: 57306 $
45  */
46 public class KernelPermission extends BasicPermission JavaDoc
47 {
48    /** For serialization */
49    private static final long serialVersionUID = 5661980843569388590L;
50
51    /** Whether we have all names */
52    private transient boolean allNames;
53
54    /**
55     * Create a new Permission
56     *
57     * @param name the target
58     * @throws IllegalArgumentException for invalid name
59     * @throws NullPointerException for null name
60     */
61    public KernelPermission(String JavaDoc name)
62    {
63       this(name, null);
64    }
65
66    /**
67     * Create a new Permission
68     *
69     * @param name the target
70     * @param actions the actions
71     * @throws IllegalArgumentException for an invalid name or target
72     * @throws NullPointerException for null name
73     */
74    public KernelPermission(String JavaDoc name, String JavaDoc actions)
75    {
76       super(name, actions);
77       init(name, actions);
78    }
79
80    /**
81     * @return human readable string.
82     */
83    public String JavaDoc toString()
84    {
85       StringBuffer JavaDoc buffer = new StringBuffer JavaDoc(100);
86       buffer.append(getClass().getName()).append(":");
87       buffer.append(" name=").append(getName());
88       buffer.append(" actions=").append(getActions());
89       return buffer.toString();
90    }
91
92    /**
93     * Checks if this KernelPermission object "implies" the specified
94     * permission. More specifically, this method returns true if:
95     * p is an instance of KernelPermission,
96     * p's target names are a subset of this object's target names
97     *
98     * The configure permission implies the access permission.
99     *
100     * @param p the permission
101     * @return true when the permission is implied
102     */
103    public boolean implies(Permission JavaDoc p)
104    {
105       if( (p instanceof KernelPermission) == false)
106          return false;
107
108       boolean implies = (allNames == true);
109       if( implies == false )
110       {
111          String JavaDoc n0 = getName();
112          String JavaDoc n1 = p.getName();
113          implies = n0.equals(n1);
114          if( implies == false )
115          {
116             // Check for a configure != access
117 implies = (n0.equals("configure") && n1.equals("access"));
118          }
119       }
120       return implies;
121    }
122
123    /**
124     * Must override to handle the configure implies access relationship.
125     *
126     * @return the permission collection
127     */
128    public PermissionCollection JavaDoc newPermissionCollection()
129    {
130       return new KernelPermissionCollection();
131    }
132
133    private void readObject(ObjectInputStream JavaDoc ois) throws IOException JavaDoc, ClassNotFoundException JavaDoc
134    {
135       ois.defaultReadObject();
136       init(getName(), getActions());
137    }
138
139    /**
140     * Construct a new KernelPermission for a given name
141     *
142     * @param name the name of the permission to grant
143     * @param actions unused
144     * @exception NullPointerException if the name is null
145     * @exception IllegalArgumentException if the name is not * or one of the
146     * allowed names or a comma-separated list of the allowed names, or if
147     * actions is a non-null non-empty string.
148     */
149    private void init(String JavaDoc name, String JavaDoc actions)
150    {
151       if( name == null )
152          throw new NullPointerException JavaDoc("name cannot be null");
153
154       if( actions != null && actions.length() > 0 )
155          throw new IllegalArgumentException JavaDoc("actions must be null or empty");
156
157       if (name.equals("*") == false &&
158           name.equals("access") == false &&
159           name.equals("configure") == false)
160          throw new IllegalArgumentException JavaDoc("Unknown name: " + name);
161       allNames = name.equals("*");
162    }
163
164    /**
165     * A KernelPermissionCollection.
166     */
167    class KernelPermissionCollection extends PermissionCollection JavaDoc
168    {
169       /** The serialVersionUID */
170       private static final long serialVersionUID = 3256442516797665329L;
171
172       /** The permissions */
173       private HashSet JavaDoc<Permission JavaDoc> permissions = new HashSet JavaDoc<Permission JavaDoc>();
174       
175       /** Whether we have all permissions */
176       private boolean hasAll;
177
178       public void add(Permission JavaDoc p)
179       {
180          if (isReadOnly())
181             throw new SecurityException JavaDoc("Collection is read-only");
182          if (p instanceof KernelPermission)
183             permissions.add(p);
184          if (p.getName().equals("configure"))
185             permissions.add(new KernelPermission("access"));
186          else if (p.getName().equals("*"))
187             hasAll = true;
188       }
189
190       public boolean implies(Permission JavaDoc p)
191       {
192          boolean implies = false;
193          if (p instanceof KernelPermission)
194          {
195             implies = hasAll;
196             if (implies == false)
197                implies = permissions.contains(p);
198          }
199          return implies;
200       }
201
202       public Enumeration JavaDoc<Permission JavaDoc> elements()
203       {
204          final Iterator JavaDoc<Permission JavaDoc> iter = permissions.iterator();
205          return new Enumeration JavaDoc<Permission JavaDoc>()
206          {
207             public boolean hasMoreElements()
208             {
209                return iter.hasNext();
210             }
211
212             public Permission JavaDoc nextElement()
213             {
214                return iter.next();
215             }
216          };
217       }
218    }
219 }
220
Popular Tags