Class AdminPermission
- java.lang.Object
-
- java.security.Permission
-
- java.security.BasicPermission
-
- org.osgi.framework.AdminPermission
-
- All Implemented Interfaces:
java.io.Serializable,java.security.Guard
public final class AdminPermission extends java.security.BasicPermissionA bundle's authority to perform specific privileged administrative operations on or to get sensitive information about a bundle. The actions for this permission are:Action Methods class Bundle.loadClass execute Bundle.start Bundle.stop BundleStartLevel.setStartLevel extensionLifecycle BundleContext.installBundle for extension bundles Bundle.update for extension bundles Bundle.uninstall for extension bundles lifecycle BundleContext.installBundle Bundle.update Bundle.uninstall listener BundleContext.addBundleListener for SynchronousBundleListener BundleContext.removeBundleListener for SynchronousBundleListener metadata Bundle.getHeaders Bundle.getLocation resolve FrameworkWiring.refreshBundles FrameworkWiring.resolveBundles resource Bundle.getResource Bundle.getResources Bundle.getEntry Bundle.getEntryPaths Bundle.findEntries Bundle resource/entry URL creation startlevel FrameworkStartLevel.setStartLevel FrameworkStartLevel.setInitialBundleStartLevel context Bundle.getBundleContext weave WovenClass.getBytes WovenClass.setBytes WovenClass.getDynamicImports for modificationThe special action "*" will represent all actions. The
resolveaction is implied by theclass,executeandresourceactions.The name of this permission is a filter expression. The filter gives access to the following attributes:
- signer - A Distinguished Name chain used to sign a bundle. Wildcards in a DN are not matched according to the filter string rules, but according to the rules defined for a DN chain.
- location - The location of a bundle.
- id - The bundle ID of the designated bundle.
- name - The symbolic name of a bundle.
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description private static intACTION_ALLprivate static intACTION_CLASSprivate static intACTION_CONTEXTprivate static intACTION_EXECUTEprivate static intACTION_EXTENSIONLIFECYCLEprivate static intACTION_LIFECYCLEprivate static intACTION_LISTENER(package private) intaction_maskThe actions mask.private static intACTION_METADATA(package private) static intACTION_NONEprivate static intACTION_RESOLVEprivate static intACTION_RESOURCEprivate static intACTION_STARTLEVELprivate static intACTION_WEAVEprivate java.lang.StringactionsThe actions in canonical form.(package private) BundlebundleThe bundle governed by this AdminPermission - only used if filter == nullstatic java.lang.StringCLASSThe action stringclass.static java.lang.StringCONTEXTThe action stringcontext.static java.lang.StringEXECUTEThe action stringexecute.static java.lang.StringEXTENSIONLIFECYCLEThe action stringextensionLifecycle.(package private) FilterfilterIf this AdminPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.static java.lang.StringLIFECYCLEThe action stringlifecycle.static java.lang.StringLISTENERThe action stringlistener.static java.lang.StringMETADATAThe action stringmetadata.private java.util.Map<java.lang.String,java.lang.Object>propertiesThis map holds the properties of the permission, used to match a filter in implies.private static java.lang.ThreadLocal<Bundle>recurseThreadLocal used to determine if we have recursively called getProperties.static java.lang.StringRESOLVEThe action stringresolve.static java.lang.StringRESOURCEThe action stringresource.(package private) static longserialVersionUIDstatic java.lang.StringSTARTLEVELThe action stringstartlevel.static java.lang.StringWEAVEThe action stringweave.
-
Constructor Summary
Constructors Constructor Description AdminPermission()Creates a newAdminPermissionobject that matches all bundles and has all actions.AdminPermission(java.lang.String filter, java.lang.String actions)Create a new AdminPermission.AdminPermission(Bundle bundle, java.lang.String actions)Creates a new requestedAdminPermissionobject to be used by the code that must performcheckPermission.AdminPermission(Filter filter, int mask)Package private constructor used by AdminPermissionCollection.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private static java.lang.StringcreateName(Bundle bundle)Create a permission name from a Bundlebooleanequals(java.lang.Object obj)Determines the equality of twoAdminPermissionobjects.java.lang.StringgetActions()Returns the canonical string representation of theAdminPermissionactions.private java.util.Map<java.lang.String,java.lang.Object>getProperties()Called byimplies0on an AdminPermission which was constructed with a Bundle.inthashCode()Returns the hash code value for this object.booleanimplies(java.security.Permission p)Determines if the specified permission is implied by this object.(package private) booleanimplies0(AdminPermission requested, int effective)Internal implies method.java.security.PermissionCollectionnewPermissionCollection()Returns a newPermissionCollectionobject suitable for storingAdminPermissions.private static intparseActions(java.lang.String actions)Parse action string into action mask.private static FilterparseFilter(java.lang.String filterString)Parse filter string into a Filter object.private voidreadObject(java.io.ObjectInputStream s)readObject is called to restore the state of this permission from a stream.private voidsetTransients(Filter filter, int mask)Called by constructors and when deserialized.private voidwriteObject(java.io.ObjectOutputStream s)WriteObject is called to save the state of this permission object to a stream.
-
-
-
Field Detail
-
serialVersionUID
static final long serialVersionUID
- See Also:
- Constant Field Values
-
CLASS
public static final java.lang.String CLASS
The action stringclass. Theclassaction implies theresolveaction.- Since:
- 1.3
- See Also:
- Constant Field Values
-
EXECUTE
public static final java.lang.String EXECUTE
The action stringexecute. Theexecuteaction implies theresolveaction.- Since:
- 1.3
- See Also:
- Constant Field Values
-
EXTENSIONLIFECYCLE
public static final java.lang.String EXTENSIONLIFECYCLE
The action stringextensionLifecycle.- Since:
- 1.3
- See Also:
- Constant Field Values
-
LIFECYCLE
public static final java.lang.String LIFECYCLE
The action stringlifecycle.- Since:
- 1.3
- See Also:
- Constant Field Values
-
LISTENER
public static final java.lang.String LISTENER
The action stringlistener.- Since:
- 1.3
- See Also:
- Constant Field Values
-
METADATA
public static final java.lang.String METADATA
The action stringmetadata.- Since:
- 1.3
- See Also:
- Constant Field Values
-
RESOLVE
public static final java.lang.String RESOLVE
The action stringresolve. Theresolveaction is implied by theclass,executeandresourceactions.- Since:
- 1.3
- See Also:
- Constant Field Values
-
RESOURCE
public static final java.lang.String RESOURCE
The action stringresource. Theresourceaction implies theresolveaction.- Since:
- 1.3
- See Also:
- Constant Field Values
-
STARTLEVEL
public static final java.lang.String STARTLEVEL
The action stringstartlevel.- Since:
- 1.3
- See Also:
- Constant Field Values
-
CONTEXT
public static final java.lang.String CONTEXT
The action stringcontext.- Since:
- 1.4
- See Also:
- Constant Field Values
-
WEAVE
public static final java.lang.String WEAVE
The action stringweave.- Since:
- 1.6
- See Also:
- Constant Field Values
-
ACTION_CLASS
private static final int ACTION_CLASS
- See Also:
- Constant Field Values
-
ACTION_EXECUTE
private static final int ACTION_EXECUTE
- See Also:
- Constant Field Values
-
ACTION_LIFECYCLE
private static final int ACTION_LIFECYCLE
- See Also:
- Constant Field Values
-
ACTION_LISTENER
private static final int ACTION_LISTENER
- See Also:
- Constant Field Values
-
ACTION_METADATA
private static final int ACTION_METADATA
- See Also:
- Constant Field Values
-
ACTION_RESOLVE
private static final int ACTION_RESOLVE
- See Also:
- Constant Field Values
-
ACTION_RESOURCE
private static final int ACTION_RESOURCE
- See Also:
- Constant Field Values
-
ACTION_STARTLEVEL
private static final int ACTION_STARTLEVEL
- See Also:
- Constant Field Values
-
ACTION_EXTENSIONLIFECYCLE
private static final int ACTION_EXTENSIONLIFECYCLE
- See Also:
- Constant Field Values
-
ACTION_CONTEXT
private static final int ACTION_CONTEXT
- See Also:
- Constant Field Values
-
ACTION_WEAVE
private static final int ACTION_WEAVE
- See Also:
- Constant Field Values
-
ACTION_ALL
private static final int ACTION_ALL
- See Also:
- Constant Field Values
-
ACTION_NONE
static final int ACTION_NONE
- See Also:
- Constant Field Values
-
actions
private volatile java.lang.String actions
The actions in canonical form.
-
action_mask
transient int action_mask
The actions mask.
-
filter
transient Filter filter
If this AdminPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.
-
bundle
final transient Bundle bundle
The bundle governed by this AdminPermission - only used if filter == null
-
properties
private transient volatile java.util.Map<java.lang.String,java.lang.Object> properties
This map holds the properties of the permission, used to match a filter in implies. This is not initialized until necessary, and then cached in this object.
-
recurse
private static final java.lang.ThreadLocal<Bundle> recurse
ThreadLocal used to determine if we have recursively called getProperties.
-
-
Constructor Detail
-
AdminPermission
public AdminPermission()
Creates a newAdminPermissionobject that matches all bundles and has all actions. Equivalent to AdminPermission("*","*");
-
AdminPermission
public AdminPermission(java.lang.String filter, java.lang.String actions)Create a new AdminPermission. This constructor must only be used to create a permission that is going to be checked.Examples:
(signer=\*,o=ACME,c=US) (&(signer=\*,o=ACME,c=US)(name=com.acme.*) (location=http://www.acme.com/bundles/*)) (id>=1)
When a signer key is used within the filter expression the signer value must escape the special filter chars ('*', '(', ')').
Null arguments are equivalent to "*".
- Parameters:
filter- A filter expression that can use signer, location, id, and name keys. A value of "*" ornullmatches all bundle. Filter attribute names are processed in a case sensitive manner.actions-class,execute,extensionLifecycle,lifecycle,listener,metadata,resolve,resource,startlevel,contextorweave. A value of "*" ornullindicates all actions.- Throws:
java.lang.IllegalArgumentException- If the filter has an invalid syntax.
-
AdminPermission
public AdminPermission(Bundle bundle, java.lang.String actions)
Creates a new requestedAdminPermissionobject to be used by the code that must performcheckPermission.AdminPermissionobjects created with this constructor cannot be added to anAdminPermissionpermission collection.- Parameters:
bundle- A bundle.actions-class,execute,extensionLifecycle,lifecycle,listener,metadata,resolve,resource,startlevel,context,weave. A value of "*" ornullindicates all actions.- Since:
- 1.3
-
AdminPermission
AdminPermission(Filter filter, int mask)
Package private constructor used by AdminPermissionCollection.- Parameters:
filter- name filter ornullfor wildcard.mask- action mask
-
-
Method Detail
-
createName
private static java.lang.String createName(Bundle bundle)
Create a permission name from a Bundle- Parameters:
bundle- Bundle to use to create permission name.- Returns:
- permission name.
-
setTransients
private void setTransients(Filter filter, int mask)
Called by constructors and when deserialized.- Parameters:
filter- Permission's filter ornullfor wildcard.mask- action mask
-
parseActions
private static int parseActions(java.lang.String actions)
Parse action string into action mask.- Parameters:
actions- Action string.- Returns:
- action mask.
-
parseFilter
private static Filter parseFilter(java.lang.String filterString)
Parse filter string into a Filter object.- Parameters:
filterString- The filter string to parse.- Returns:
- a Filter for this bundle. If the specified filterString is
nullor equals "*", thennullis returned to indicate a wildcard. - Throws:
java.lang.IllegalArgumentException- If the filter syntax is invalid.
-
implies
public boolean implies(java.security.Permission p)
Determines if the specified permission is implied by this object. This method throws an exception if the specified permission was not constructed with a bundle.This method returns
trueif the specified permission is an AdminPermission AND- this object's filter matches the specified permission's bundle ID, bundle symbolic name, bundle location and bundle signer distinguished name chain OR
- this object's filter is "*"
Special case: if the specified permission was constructed with "*" filter, then this method returns
trueif this object's filter is "*" and this object's actions include all of the specified permission's actions- Overrides:
impliesin classjava.security.BasicPermission- Parameters:
p- The requested permission.- Returns:
trueif the specified permission is implied by this object;falseotherwise.
-
implies0
boolean implies0(AdminPermission requested, int effective)
Internal implies method. Used by the implies and the permission collection implies methods.- Parameters:
requested- The requested AdminPermision which has already be validated as a proper argument. The requested AdminPermission must not have a filter expression.effective- The effective actions with which to start.- Returns:
trueif the specified permission is implied by this object;falseotherwise.
-
getActions
public java.lang.String getActions()
Returns the canonical string representation of theAdminPermissionactions.Always returns present
AdminPermissionactions in the following order:class,execute,extensionLifecycle,lifecycle,listener,metadata,resolve,resource,startlevel,context,weave.- Overrides:
getActionsin classjava.security.BasicPermission- Returns:
- Canonical string representation of the
AdminPermissionactions.
-
newPermissionCollection
public java.security.PermissionCollection newPermissionCollection()
Returns a newPermissionCollectionobject suitable for storingAdminPermissions.- Overrides:
newPermissionCollectionin classjava.security.BasicPermission- Returns:
- A new
PermissionCollectionobject.
-
equals
public boolean equals(java.lang.Object obj)
Determines the equality of twoAdminPermissionobjects.- Overrides:
equalsin classjava.security.BasicPermission- Parameters:
obj- The object being compared for equality with this object.- Returns:
trueifobjis equivalent to thisAdminPermission;falseotherwise.
-
hashCode
public int hashCode()
Returns the hash code value for this object.- Overrides:
hashCodein classjava.security.BasicPermission- Returns:
- Hash code value for this object.
-
writeObject
private void writeObject(java.io.ObjectOutputStream s) throws java.io.IOExceptionWriteObject is called to save the state of this permission object to a stream. The actions are serialized, and the superclass takes care of the name.- Throws:
java.io.IOException
-
readObject
private void readObject(java.io.ObjectInputStream s) throws java.io.IOException, java.lang.ClassNotFoundExceptionreadObject is called to restore the state of this permission from a stream.- Throws:
java.io.IOExceptionjava.lang.ClassNotFoundException
-
getProperties
private java.util.Map<java.lang.String,java.lang.Object> getProperties()
Called byimplies0on an AdminPermission which was constructed with a Bundle. This method loads a map with the filter-matchable properties of this bundle. The map is cached so this lookup only happens once. This method should only be called on an AdminPermission which was constructed with a bundle- Returns:
- a map of properties for this bundle
-
-