Package org.osgi.service.subsystem
Class SubsystemPermission
- java.lang.Object
-
- java.security.Permission
-
- java.security.BasicPermission
-
- org.osgi.service.subsystem.SubsystemPermission
-
- All Implemented Interfaces:
java.io.Serializable
,java.security.Guard
public final class SubsystemPermission extends java.security.BasicPermission
A bundle's authority to perform specific privileged administrative operations on or to get sensitive information about a subsystem. The actions for this permission are:Action Methods context Subsystem.getBundleContext execute Subsystem.start Subsystem.stop lifecycle Subsystem.install Subsystem.uninstall metadata Subsystem.getSubsystemHeaders Subsystem.getLocation
The name of this permission is a filter expression. The filter gives access to the following attributes:
- location - The location of a subsystem.
- id - The subsystem ID of the designated subsystem.
- name - The symbolic name of a subsystem.
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description private static int
ACTION_ALL
private static int
ACTION_CONTEXT
private static int
ACTION_EXECUTE
private static int
ACTION_LIFECYCLE
(package private) int
action_mask
The actions mask.private static int
ACTION_METADATA
(package private) static int
ACTION_NONE
private java.lang.String
actions
The actions in canonical form.static java.lang.String
CONTEXT
The action stringcontext
.static java.lang.String
EXECUTE
The action stringexecute
.(package private) org.osgi.framework.Filter
filter
If this SubsystemPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.static java.lang.String
LIFECYCLE
The action stringlifecycle
.static java.lang.String
METADATA
The action stringmetadata
.private java.util.Map<java.lang.String,java.lang.Object>
properties
This map holds the properties of the permission, used to match a filter in implies.private static java.lang.ThreadLocal<Subsystem>
recurse
ThreadLocal used to determine if we have recursively called getProperties.(package private) static long
serialVersionUID
(package private) Subsystem
subsystem
The subsystem governed by this SubsystemPermission - only used if filter == null
-
Constructor Summary
Constructors Constructor Description SubsystemPermission(java.lang.String filter, java.lang.String actions)
Create a new SubsystemPermission.SubsystemPermission(org.osgi.framework.Filter filter, int mask)
Package private constructor used by SubsystemPermissionCollection.SubsystemPermission(Subsystem subsystem, java.lang.String actions)
Creates a new requestedSubsystemPermission
object to be used by the code that must performcheckPermission
.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private static java.lang.String
createName(Subsystem subsystem)
Create a permission name from a Subsystemboolean
equals(java.lang.Object obj)
Determines the equality of twoSubsystemPermission
objects.java.lang.String
getActions()
Returns the canonical string representation of theSubsystemPermission
actions.private java.util.Map<java.lang.String,java.lang.Object>
getProperties()
Called byimplies0
on an SubsystemPermission which was constructed with a Subsystem.int
hashCode()
Returns the hash code value for this object.boolean
implies(java.security.Permission p)
Determines if the specified permission is implied by this object.(package private) boolean
implies0(SubsystemPermission requested, int effective)
Internal implies method.java.security.PermissionCollection
newPermissionCollection()
Returns a newPermissionCollection
object suitable for storingSubsystemPermission
s.private static int
parseActions(java.lang.String actions)
Parse action string into action mask.private static org.osgi.framework.Filter
parseFilter(java.lang.String filterString)
Parse filter string into a Filter object.private void
readObject(java.io.ObjectInputStream s)
readObject is called to restore the state of this permission from a stream.private void
setTransients(org.osgi.framework.Filter filter, int mask)
Called by constructors and when deserialized.private void
writeObject(java.io.ObjectOutputStream s)
WriteObject is called to save the state of this permission object to a stream.
-
-
-
Field Detail
-
serialVersionUID
static final long serialVersionUID
- See Also:
- Constant Field Values
-
EXECUTE
public static final java.lang.String EXECUTE
The action stringexecute
.- See Also:
- Constant Field Values
-
LIFECYCLE
public static final java.lang.String LIFECYCLE
The action stringlifecycle
.- See Also:
- Constant Field Values
-
METADATA
public static final java.lang.String METADATA
The action stringmetadata
.- See Also:
- Constant Field Values
-
CONTEXT
public static final java.lang.String CONTEXT
The action stringcontext
.- See Also:
- Constant Field Values
-
ACTION_EXECUTE
private static final int ACTION_EXECUTE
- See Also:
- Constant Field Values
-
ACTION_LIFECYCLE
private static final int ACTION_LIFECYCLE
- See Also:
- Constant Field Values
-
ACTION_METADATA
private static final int ACTION_METADATA
- See Also:
- Constant Field Values
-
ACTION_CONTEXT
private static final int ACTION_CONTEXT
- See Also:
- Constant Field Values
-
ACTION_ALL
private static final int ACTION_ALL
- See Also:
- Constant Field Values
-
ACTION_NONE
static final int ACTION_NONE
- See Also:
- Constant Field Values
-
actions
private volatile java.lang.String actions
The actions in canonical form.
-
action_mask
transient int action_mask
The actions mask.
-
filter
transient org.osgi.framework.Filter filter
If this SubsystemPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.
-
subsystem
final transient Subsystem subsystem
The subsystem governed by this SubsystemPermission - only used if filter == null
-
properties
private transient volatile java.util.Map<java.lang.String,java.lang.Object> properties
This map holds the properties of the permission, used to match a filter in implies. This is not initialized until necessary, and then cached in this object.
-
recurse
private static final java.lang.ThreadLocal<Subsystem> recurse
ThreadLocal used to determine if we have recursively called getProperties.
-
-
Constructor Detail
-
SubsystemPermission
public SubsystemPermission(java.lang.String filter, java.lang.String actions)
Create a new SubsystemPermission. This constructor must only be used to create a permission that is going to be checked.Examples:
(name=com.acme.*)(location=http://www.acme.com/subsystems/*)) (id>=1)
- Parameters:
filter
- A filter expression that can use, location, id, and name keys. Filter attribute names are processed in a case sensitive manner. A special value of"*"
can be used to match all subsystems.actions
-execute
,lifecycle
,metadata
, orcontext
.- Throws:
java.lang.IllegalArgumentException
- If the filter has an invalid syntax.
-
SubsystemPermission
public SubsystemPermission(Subsystem subsystem, java.lang.String actions)
Creates a new requestedSubsystemPermission
object to be used by the code that must performcheckPermission
.SubsystemPermission
objects created with this constructor cannot be added to anSubsystemPermission
permission collection.- Parameters:
subsystem
- A subsystem.actions
-execute
,lifecycle
,metadata
, orcontext
.
-
SubsystemPermission
SubsystemPermission(org.osgi.framework.Filter filter, int mask)
Package private constructor used by SubsystemPermissionCollection.- Parameters:
filter
- name filter ornull
for wildcard.mask
- action mask
-
-
Method Detail
-
createName
private static java.lang.String createName(Subsystem subsystem)
Create a permission name from a Subsystem- Parameters:
subsystem
- Subsystem to use to create permission name.- Returns:
- permission name.
-
setTransients
private void setTransients(org.osgi.framework.Filter filter, int mask)
Called by constructors and when deserialized.- Parameters:
filter
- Permission's filter ornull
for wildcard.mask
- action mask
-
parseActions
private static int parseActions(java.lang.String actions)
Parse action string into action mask.- Parameters:
actions
- Action string.- Returns:
- action mask.
-
parseFilter
private static org.osgi.framework.Filter parseFilter(java.lang.String filterString)
Parse filter string into a Filter object.- Parameters:
filterString
- The filter string to parse.- Returns:
- a Filter for this subsystem. If the specified filterString equals
"*", then
null
is returned to indicate a wildcard. - Throws:
java.lang.IllegalArgumentException
- If the filter syntax is invalid.
-
implies
public boolean implies(java.security.Permission p)
Determines if the specified permission is implied by this object. This method throws an exception if the specified permission was not constructed with a subsystem.This method returns
true
if the specified permission is a SubsystemPermission AND- this object's filter matches the specified permission's subsystem ID, subsystem symbolic name, and subsystem location OR
- this object's filter is "*"
Special case: if the specified permission was constructed with "*" filter, then this method returns
true
if this object's filter is "*" and this object's actions include all of the specified permission's actions- Overrides:
implies
in classjava.security.BasicPermission
- Parameters:
p
- The requested permission.- Returns:
true
if the specified permission is implied by this object;false
otherwise.
-
implies0
boolean implies0(SubsystemPermission requested, int effective)
Internal implies method. Used by the implies and the permission collection implies methods.- Parameters:
requested
- The requested SubsystemPermision which has already been validated as a proper argument. The requested SubsystemPermission must not have a filter expression.effective
- The effective actions with which to start.- Returns:
true
if the specified permission is implied by this object;false
otherwise.
-
getActions
public java.lang.String getActions()
Returns the canonical string representation of theSubsystemPermission
actions.Always returns present
SubsystemPermission
actions in the following order:execute
,lifecycle
,metadata
,context
.- Overrides:
getActions
in classjava.security.BasicPermission
- Returns:
- Canonical string representation of the
SubsystemPermission
actions.
-
newPermissionCollection
public java.security.PermissionCollection newPermissionCollection()
Returns a newPermissionCollection
object suitable for storingSubsystemPermission
s.- Overrides:
newPermissionCollection
in classjava.security.BasicPermission
- Returns:
- A new
PermissionCollection
object.
-
equals
public boolean equals(java.lang.Object obj)
Determines the equality of twoSubsystemPermission
objects.- Overrides:
equals
in classjava.security.BasicPermission
- Parameters:
obj
- The object being compared for equality with this object.- Returns:
true
ifobj
is equivalent to thisSubsystemPermission
;false
otherwise.
-
hashCode
public int hashCode()
Returns the hash code value for this object.- Overrides:
hashCode
in classjava.security.BasicPermission
- Returns:
- Hash code value for this object.
-
writeObject
private void writeObject(java.io.ObjectOutputStream s) throws java.io.IOException
WriteObject is called to save the state of this permission object to a stream. The actions are serialized, and the superclass takes care of the name.- Throws:
java.io.IOException
-
readObject
private void readObject(java.io.ObjectInputStream s) throws java.io.IOException, java.lang.ClassNotFoundException
readObject is called to restore the state of this permission from a stream.- Throws:
java.io.IOException
java.lang.ClassNotFoundException
-
getProperties
private java.util.Map<java.lang.String,java.lang.Object> getProperties()
Called byimplies0
on an SubsystemPermission which was constructed with a Subsystem. This method loads a map with the filter-matchable properties of this subsystem. The map is cached so this lookup only happens once. This method should only be called on an SubsystemPermission which was constructed with a subsystem- Returns:
- a map of properties for this subsystem
-
-