/*
* Copyright (c) 1997, 2003, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package java.util;
import java.io.Serializable;
import java.security.Permission;
/**
* This class is for property permissions.
*
* <P>
* The name is the name of the property ("java.home",
* "os.name", etc). The naming
* convention follows the hierarchical property naming convention.
* Also, an asterisk
* may appear at the end of the name, following a ".", or by itself, to
* signify a wildcard match. For example: "java.*" or "*" is valid,
* "*java" or "a*b" is not valid.
* <P>
* <P>
* The actions to be granted are passed to the constructor in a string containing
* a list of one or more comma-separated keywords. The possible keywords are
* "read" and "write". Their meaning is defined as follows:
* <P>
* <DL>
* <DT> read
* <DD> read permission. Allows <code>System.getProperty</code> to
* be called.
* <DT> write
* <DD> write permission. Allows <code>System.setProperty</code> to
* be called.
* </DL>
* <P>
* The actions string is converted to lowercase before processing.
* <P>
* Care should be taken before granting code permission to access
* certain system properties. For example, granting permission to
* access the "java.home" system property gives potentially malevolent
* code sensitive information about the system environment (the Java
* installation directory). Also, granting permission to access
* the "user.name" and "user.home" system properties gives potentially
* malevolent code sensitive information about the user environment
* (the user's account name and home directory).
*
* @see java.security.BasicPermission
* @see java.security.Permission
* @see java.security.Permissions
* @see java.security.PermissionCollection
* @see java.lang.SecurityManager
*
*
* @author Roland Schemers
* @since 1.2
*
* @serial exclude
*/
public final class PropertyPermission
{
/**
* Read action.
*/
private final static int READ= 0x1;
/**
* Write action.
*/
private final static int WRITE= 0x2;
/**
* All actions (read,write);
*/
private final static int ALL= READ | WRITE;
/**
* No actions.
*/
private final static int NONE= 0x0;
/**
* The actions mask.
*
*/
private transient int mask;
/**
* The actions string.
*
* @serial
*/
private String actions; // Left null as long as possible, then
// created and re-used in the getAction function.
/**
* initialize a PropertyPermission object. Common to all constructors.
* Also called during de-serialization.
*
* @param mask the actions mask to use.
*
*/
private void init(int mask)
{
}
/**
* Creates a new PropertyPermission object with the specified name.
* The name is the name of the system property, and
* <i>actions</i> contains a comma-separated list of the
* desired actions granted on the property. Possible actions are
* "read" and "write".
*
* @param name the name of the PropertyPermission.
* @param actions the actions string.
*
* @throws NullPointerException if <code>name</code> is <code>null</code>.
* @throws IllegalArgumentException if <code>name</code> is empty or if
* <code>actions</code> is invalid.
*/
public PropertyPermission(String name, String actions)
{
init(getMask(actions));
}
/**
* Checks if this PropertyPermission object "implies" the specified
* permission.
* <P>
* More specifically, this method returns true if:<p>
* <ul>
* <li> <i>p</i> is an instanceof PropertyPermission,<p>
* <li> <i>p</i>'s actions are a subset of this
* object's actions, and <p>
* <li> <i>p</i>'s name is implied by this object's
* name. For example, "java.*" implies "java.home".
* </ul>
* @param p the permission to check against.
*
* @return true if the specified permission is implied by this object,
* false if not.
*/
public boolean implies(Permission p)
{
return false;
}
/**
* Checks two PropertyPermission objects for equality. Checks that <i>obj</i> is
* a PropertyPermission, and has the same name and actions as this object.
* <P>
* @param obj the object we are testing for equality with this object.
* @return true if obj is a PropertyPermission, and has the same name and
* actions as this PropertyPermission object.
*/
public boolean equals(Object obj)
{
if (obj == this)
return true;
if (!(obj instanceof PropertyPermission))
return false;
PropertyPermission that= (PropertyPermission) obj;
return false;
}
/**
* Returns the hash code value for this object.
* The hash code used is the hash code of this permissions name, that is,
* <code>getName().hashCode()</code>, where <code>getName</code> is
* from the Permission superclass.
*
* @return a hash code value for this object.
*/
public int hashCode()
{
return 0;
}
/**
* Converts an actions String to an actions mask.
*
* @param action the action string.
* @return the actions mask.
*/
private static int getMask(String actions)
{
return 0;
}
/**
* Return the canonical string representation of the actions.
* Always returns present actions in the following order:
* read, write.
*
* @return the canonical string representation of the actions.
*/
static String getActions(int mask)
{
StringBuilder sb= new StringBuilder();
boolean comma= false;
if ((mask & READ) == READ)
{
comma= true;
sb.append("read");
}
if ((mask & WRITE) == WRITE)
{
if (comma)
sb.append(',');
else
comma= true;
sb.append("write");
}
return sb.toString();
}
/**
* Returns the "canonical string representation" of the actions.
* That is, this method always returns present actions in the following order:
* read, write. For example, if this PropertyPermission object
* allows both write and read actions, a call to <code>getActions</code>
* will return the string "read,write".
*
* @return the canonical string representation of the actions.
*/
public String getActions()
{
if (actions == null)
actions= getActions(this.mask);
return actions;
}
/**
* Return the current action mask.
* Used by the PropertyPermissionCollection
*
* @return the actions mask.
*/
int getMask()
{
return mask;
}
/**
* Returns a new PermissionCollection object for storing
* PropertyPermission objects.
* <p>
*
* @return a new PermissionCollection object suitable for storing
* PropertyPermissions.
*/
private static final long serialVersionUID= 885438825399942851L;
/**
* WriteObject is called to save the state of the PropertyPermission
* to a stream. The actions are serialized, and the superclass
* takes care of the name.
*/
}
/**
* A PropertyPermissionCollection stores a set of PropertyPermission
* permissions.
*
* @see java.security.Permission
* @see java.security.Permissions
* @see java.security.PermissionCollection
*
*
* @author Roland Schemers
*
* @serial include
*/
final class PropertyPermissionCollection implements Serializable
{
/**
* Key is property name; value is PropertyPermission.
* Not serialized; see serialization section at end of class.
*/
private transient Map perms;
/**
* Boolean saying if "*" is in the collection.
*
* @see #serialPersistentFields
*/
// No sync access; OK for this to be stale.
private boolean all_allowed;
/**
* Create an empty PropertyPermissions object.
*
*/
public PropertyPermissionCollection()
{
perms= new HashMap(32); // Capacity for default policy
all_allowed= false;
}
/**
* Adds a permission to the PropertyPermissions. The key for the hash is
* the name.
*
* @param permission the Permission object to add.
*
* @exception IllegalArgumentException - if the permission is not a
* PropertyPermission
*
* @exception SecurityException - if this PropertyPermissionCollection
* object has been marked readonly
*/
public void add(Permission permission)
{
}
/**
* Check and see if this set of permissions implies the permissions
* expressed in "permission".
*
* @param p the Permission object to compare
*
* @return true if "permission" is a proper subset of a permission in
* the set, false if not.
*/
public boolean implies(Permission permission)
{
return false;
}
/**
* Returns an enumeration of all the PropertyPermission objects in the
* container.
*
* @return an enumeration of all the PropertyPermission objects.
*/
public Enumeration elements()
{
// Convert Iterator of Map values into an Enumeration
synchronized (this)
{
return Collections.enumeration(perms.values());
}
}
private static final long serialVersionUID= 7015263904581634791L;
// Need to maintain serialization interoperability with earlier releases,
// which had the serializable field:
//
// Table of permissions.
//
// @serial
//
// private Hashtable permissions;
/**
* @serialField permissions java.util.Hashtable
* A table of the PropertyPermissions.
* @serialField all_allowed boolean
* boolean saying if "*" is in the collection.
*/
}