Class AdminPermission
- java.lang.Object
-
- java.security.Permission
-
- java.security.BasicPermission
-
- org.osgi.framework.AdminPermission
-
- All Implemented Interfaces:
java.io.Serializable
,java.security.Guard
public final class AdminPermission extends java.security.BasicPermission
A bundle's authority to perform specific privileged administrative operations on or to get sensitive information about a bundle. The actions for this permission are:Action Methods class Bundle.loadClass execute Bundle.start Bundle.stop StartLevel.setBundleStartLevel extensionLifecycle BundleContext.installBundle for extension bundles Bundle.update for extension bundles Bundle.uninstall for extension bundles lifecycle BundleContext.installBundle Bundle.update Bundle.uninstall listener BundleContext.addBundleListener for SynchronousBundleListener BundleContext.removeBundleListener for SynchronousBundleListener metadata Bundle.getHeaders Bundle.getLocation resolve PackageAdmin.refreshPackages PackageAdmin.resolveBundles resource Bundle.getResource Bundle.getResources Bundle.getEntry Bundle.getEntryPaths Bundle.findEntries Bundle resource/entry URL creation startlevel StartLevel.setStartLevel StartLevel.setInitialBundleStartLevel context Bundle.getBundleContext
The special action "*" will represent all actions. The
resolve
action is implied by theclass
,execute
andresource
actions.The name of this permission is a filter expression. The filter gives access to the following attributes:
- signer - A Distinguished Name chain used to sign a bundle. Wildcards in a DN are not matched according to the filter string rules, but according to the rules defined for a DN chain.
- location - The location of a bundle.
- id - The bundle ID of the designated bundle.
- name - The symbolic name of a bundle.
- Version:
- $Revision: 7743 $
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description private static int
ACTION_ALL
private static int
ACTION_CLASS
private static int
ACTION_CONTEXT
private static int
ACTION_EXECUTE
private static int
ACTION_EXTENSIONLIFECYCLE
private static int
ACTION_LIFECYCLE
private static int
ACTION_LISTENER
(package private) int
action_mask
The actions mask.private static int
ACTION_METADATA
(package private) static int
ACTION_NONE
private static int
ACTION_RESOLVE
private static int
ACTION_RESOURCE
private static int
ACTION_STARTLEVEL
private java.lang.String
actions
The actions in canonical form.(package private) Bundle
bundle
The bundle governed by this AdminPermission - only used if filter == nullstatic java.lang.String
CLASS
The action stringclass
.static java.lang.String
CONTEXT
The action stringcontext
.static java.lang.String
EXECUTE
The action stringexecute
.static java.lang.String
EXTENSIONLIFECYCLE
The action stringextensionLifecycle
.(package private) Filter
filter
If this AdminPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.static java.lang.String
LIFECYCLE
The action stringlifecycle
.static java.lang.String
LISTENER
The action stringlistener
.static java.lang.String
METADATA
The action stringmetadata
.private java.util.Dictionary
properties
This dictionary holds the properties of the permission, used to match a filter in implies.private static java.lang.ThreadLocal
recurse
ThreadLocal used to determine if we have recursively called getProperties.static java.lang.String
RESOLVE
The action stringresolve
.static java.lang.String
RESOURCE
The action stringresource
.(package private) static long
serialVersionUID
static java.lang.String
STARTLEVEL
The action stringstartlevel
.
-
Constructor Summary
Constructors Constructor Description AdminPermission()
Creates a newAdminPermission
object that matches all bundles and has all actions.AdminPermission(java.lang.String filter, java.lang.String actions)
Create a new AdminPermission.AdminPermission(Bundle bundle, java.lang.String actions)
Creates a new requestedAdminPermission
object to be used by the code that must performcheckPermission
.AdminPermission(Filter filter, int mask)
Package private constructor used by AdminPermissionCollection.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private static java.lang.String
createName(Bundle bundle)
Create a permission name from a Bundleboolean
equals(java.lang.Object obj)
Determines the equality of twoAdminPermission
objects.java.lang.String
getActions()
Returns the canonical string representation of theAdminPermission
actions.private java.util.Dictionary
getProperties()
Called byimplies0
on an AdminPermission which was constructed with a Bundle.int
hashCode()
Returns the hash code value for this object.boolean
implies(java.security.Permission p)
Determines if the specified permission is implied by this object.(package private) boolean
implies0(AdminPermission requested, int effective)
Internal implies method.java.security.PermissionCollection
newPermissionCollection()
Returns a newPermissionCollection
object suitable for storingAdminPermission
s.private static int
parseActions(java.lang.String actions)
Parse action string into action mask.private static Filter
parseFilter(java.lang.String filterString)
Parse filter string into a Filter object.private void
readObject(java.io.ObjectInputStream s)
readObject is called to restore the state of this permission from a stream.private void
setTransients(Filter filter, int mask)
Called by constructors and when deserialized.private void
writeObject(java.io.ObjectOutputStream s)
WriteObject is called to save the state of this permission object to a stream.
-
-
-
Field Detail
-
serialVersionUID
static final long serialVersionUID
- See Also:
- Constant Field Values
-
CLASS
public static final java.lang.String CLASS
The action stringclass
. Theclass
action implies theresolve
action.- Since:
- 1.3
- See Also:
- Constant Field Values
-
EXECUTE
public static final java.lang.String EXECUTE
The action stringexecute
. Theexecute
action implies theresolve
action.- Since:
- 1.3
- See Also:
- Constant Field Values
-
EXTENSIONLIFECYCLE
public static final java.lang.String EXTENSIONLIFECYCLE
The action stringextensionLifecycle
.- Since:
- 1.3
- See Also:
- Constant Field Values
-
LIFECYCLE
public static final java.lang.String LIFECYCLE
The action stringlifecycle
.- Since:
- 1.3
- See Also:
- Constant Field Values
-
LISTENER
public static final java.lang.String LISTENER
The action stringlistener
.- Since:
- 1.3
- See Also:
- Constant Field Values
-
METADATA
public static final java.lang.String METADATA
The action stringmetadata
.- Since:
- 1.3
- See Also:
- Constant Field Values
-
RESOLVE
public static final java.lang.String RESOLVE
The action stringresolve
. Theresolve
action is implied by theclass
,execute
andresource
actions.- Since:
- 1.3
- See Also:
- Constant Field Values
-
RESOURCE
public static final java.lang.String RESOURCE
The action stringresource
. Theresource
action implies theresolve
action.- Since:
- 1.3
- See Also:
- Constant Field Values
-
STARTLEVEL
public static final java.lang.String STARTLEVEL
The action stringstartlevel
.- Since:
- 1.3
- See Also:
- Constant Field Values
-
CONTEXT
public static final java.lang.String CONTEXT
The action stringcontext
.- Since:
- 1.4
- See Also:
- Constant Field Values
-
ACTION_CLASS
private static final int ACTION_CLASS
- See Also:
- Constant Field Values
-
ACTION_EXECUTE
private static final int ACTION_EXECUTE
- See Also:
- Constant Field Values
-
ACTION_LIFECYCLE
private static final int ACTION_LIFECYCLE
- See Also:
- Constant Field Values
-
ACTION_LISTENER
private static final int ACTION_LISTENER
- See Also:
- Constant Field Values
-
ACTION_METADATA
private static final int ACTION_METADATA
- See Also:
- Constant Field Values
-
ACTION_RESOLVE
private static final int ACTION_RESOLVE
- See Also:
- Constant Field Values
-
ACTION_RESOURCE
private static final int ACTION_RESOURCE
- See Also:
- Constant Field Values
-
ACTION_STARTLEVEL
private static final int ACTION_STARTLEVEL
- See Also:
- Constant Field Values
-
ACTION_EXTENSIONLIFECYCLE
private static final int ACTION_EXTENSIONLIFECYCLE
- See Also:
- Constant Field Values
-
ACTION_CONTEXT
private static final int ACTION_CONTEXT
- See Also:
- Constant Field Values
-
ACTION_ALL
private static final int ACTION_ALL
- See Also:
- Constant Field Values
-
ACTION_NONE
static final int ACTION_NONE
- See Also:
- Constant Field Values
-
actions
private volatile java.lang.String actions
The actions in canonical form.
-
action_mask
transient int action_mask
The actions mask.
-
filter
transient Filter filter
If this AdminPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.
-
bundle
final transient Bundle bundle
The bundle governed by this AdminPermission - only used if filter == null
-
properties
private transient volatile java.util.Dictionary properties
This dictionary holds the properties of the permission, used to match a filter in implies. This is not initialized until necessary, and then cached in this object.
-
recurse
private static final java.lang.ThreadLocal recurse
ThreadLocal used to determine if we have recursively called getProperties.
-
-
Constructor Detail
-
AdminPermission
public AdminPermission()
Creates a newAdminPermission
object that matches all bundles and has all actions. Equivalent to AdminPermission("*","*");
-
AdminPermission
public AdminPermission(java.lang.String filter, java.lang.String actions)
Create a new AdminPermission. This constructor must only be used to create a permission that is going to be checked.Examples:
(signer=\*,o=ACME,c=US) (&(signer=\*,o=ACME,c=US)(name=com.acme.*)(location=http://www.acme.com/bundles/*)) (id>=1)
When a signer key is used within the filter expression the signer value must escape the special filter chars ('*', '(', ')').
Null arguments are equivalent to "*".
- Parameters:
filter
- A filter expression that can use signer, location, id, and name keys. A value of "*" ornull
matches all bundle. Filter attribute names are processed in a case sensitive manner.actions
-class
,execute
,extensionLifecycle
,lifecycle
,listener
,metadata
,resolve
,resource
,startlevel
orcontext
. A value of "*" ornull
indicates all actions.- Throws:
java.lang.IllegalArgumentException
- If the filter has an invalid syntax.
-
AdminPermission
public AdminPermission(Bundle bundle, java.lang.String actions)
Creates a new requestedAdminPermission
object to be used by the code that must performcheckPermission
.AdminPermission
objects created with this constructor cannot be added to anAdminPermission
permission collection.- Parameters:
bundle
- A bundle.actions
-class
,execute
,extensionLifecycle
,lifecycle
,listener
,metadata
,resolve
,resource
,startlevel
,context
. A value of "*" ornull
indicates all actions.- Since:
- 1.3
-
AdminPermission
AdminPermission(Filter filter, int mask)
Package private constructor used by AdminPermissionCollection.- Parameters:
filter
- name filter ornull
for wildcard.mask
- action mask
-
-
Method Detail
-
createName
private static java.lang.String createName(Bundle bundle)
Create a permission name from a Bundle- Parameters:
bundle
- Bundle to use to create permission name.- Returns:
- permission name.
-
setTransients
private void setTransients(Filter filter, int mask)
Called by constructors and when deserialized.- Parameters:
filter
- Permission's filter ornull
for wildcard.mask
- action mask
-
parseActions
private static int parseActions(java.lang.String actions)
Parse action string into action mask.- Parameters:
actions
- Action string.- Returns:
- action mask.
-
parseFilter
private static Filter parseFilter(java.lang.String filterString)
Parse filter string into a Filter object.- Parameters:
filterString
- The filter string to parse.- Returns:
- a Filter for this bundle. If the specified filterString is
null
or equals "*", thennull
is returned to indicate a wildcard. - Throws:
java.lang.IllegalArgumentException
- If the filter syntax is invalid.
-
implies
public boolean implies(java.security.Permission p)
Determines if the specified permission is implied by this object. This method throws an exception if the specified permission was not constructed with a bundle.This method returns
true
if the specified permission is an AdminPermission AND- this object's filter matches the specified permission's bundle ID, bundle symbolic name, bundle location and bundle signer distinguished name chain OR
- this object's filter is "*"
Special case: if the specified permission was constructed with "*" filter, then this method returns
true
if this object's filter is "*" and this object's actions include all of the specified permission's actions- Overrides:
implies
in classjava.security.BasicPermission
- Parameters:
p
- The requested permission.- Returns:
true
if the specified permission is implied by this object;false
otherwise.
-
implies0
boolean implies0(AdminPermission requested, int effective)
Internal implies method. Used by the implies and the permission collection implies methods.- Parameters:
requested
- The requested AdminPermision which has already be validated as a proper argument. The requested AdminPermission must not have a filter expression.effective
- The effective actions with which to start.- Returns:
true
if the specified permission is implied by this object;false
otherwise.
-
getActions
public java.lang.String getActions()
Returns the canonical string representation of theAdminPermission
actions.Always returns present
AdminPermission
actions in the following order:class
,execute
,extensionLifecycle
,lifecycle
,listener
,metadata
,resolve
,resource
,startlevel
,context
.- Overrides:
getActions
in classjava.security.BasicPermission
- Returns:
- Canonical string representation of the
AdminPermission
actions.
-
newPermissionCollection
public java.security.PermissionCollection newPermissionCollection()
Returns a newPermissionCollection
object suitable for storingAdminPermission
s.- Overrides:
newPermissionCollection
in classjava.security.BasicPermission
- Returns:
- A new
PermissionCollection
object.
-
equals
public boolean equals(java.lang.Object obj)
Determines the equality of twoAdminPermission
objects.- Overrides:
equals
in classjava.security.BasicPermission
- Parameters:
obj
- The object being compared for equality with this object.- Returns:
true
ifobj
is equivalent to thisAdminPermission
;false
otherwise.
-
hashCode
public int hashCode()
Returns the hash code value for this object.- Overrides:
hashCode
in classjava.security.BasicPermission
- Returns:
- Hash code value for this object.
-
writeObject
private void writeObject(java.io.ObjectOutputStream s) throws java.io.IOException
WriteObject is called to save the state of this permission object to a stream. The actions are serialized, and the superclass takes care of the name.- Throws:
java.io.IOException
-
readObject
private void readObject(java.io.ObjectInputStream s) throws java.io.IOException, java.lang.ClassNotFoundException
readObject is called to restore the state of this permission from a stream.- Throws:
java.io.IOException
java.lang.ClassNotFoundException
-
getProperties
private java.util.Dictionary getProperties()
Called byimplies0
on an AdminPermission which was constructed with a Bundle. This method loads a dictionary with the filter-matchable properties of this bundle. The dictionary is cached so this lookup only happens once. This method should only be called on an AdminPermission which was constructed with a bundle- Returns:
- a dictionary of properties for this bundle
-
-