org.eclipse.osgi.internal.permadmin.BundlePermissions Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of aspectjtools Show documentation
Show all versions of aspectjtools Show documentation
AspectJ tools most notably contains the AspectJ compiler (AJC). AJC applies aspects to Java classes during
compilation, fully replacing Javac for plain Java classes and also compiling native AspectJ or annotation-based
@AspectJ syntax. Furthermore, AJC can weave aspects into existing class files in a post-compile binary weaving step.
This library is a superset of AspectJ weaver and hence also of AspectJ runtime.
/*******************************************************************************
* Copyright (c) 2008, 2013 IBM Corporation and others.
*
* This program and the accompanying materials
* are made available under the terms of the Eclipse Public License 2.0
* which accompanies this distribution, and is available at
* https://www.eclipse.org/legal/epl-2.0/
*
* SPDX-License-Identifier: EPL-2.0
*
* Contributors:
* IBM Corporation - initial API and implementation
*******************************************************************************/
package org.eclipse.osgi.internal.permadmin;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.util.Collections;
import java.util.Enumeration;
import org.osgi.framework.Bundle;
import org.osgi.framework.PackagePermission;
public final class BundlePermissions extends PermissionCollection {
private static final long serialVersionUID = -5443618108312606612L;
private final Bundle bundle;
private final SecurityAdmin securityAdmin;
private final PermissionInfoCollection impliedPermissions;
private final PermissionInfoCollection restrictedPermissions;
private final Permissions wovenPermissions;
public BundlePermissions(Bundle bundle, SecurityAdmin securityAdmin, PermissionInfoCollection impliedPermissions, PermissionInfoCollection restrictedPermissions) {
this.bundle = bundle;
this.securityAdmin = securityAdmin;
this.impliedPermissions = impliedPermissions;
this.restrictedPermissions = restrictedPermissions;
this.wovenPermissions = new Permissions();
setReadOnly(); // collections are managed with ConditionalPermissionAdmin
}
@Override
public void add(Permission permission) {
throw new SecurityException();
}
/**
* Add a package permission to this woven bundle.
*
* Bundles may require additional permissions in order to execute byte code
* woven by weaving hooks.
*
* @param permission The package permission to add to this woven bundle.
* @throws SecurityException If the permission
* does not have an action of {@link PackagePermission#IMPORT}.
*/
public void addWovenPermission(PackagePermission permission) {
if (!permission.getActions().equals(PackagePermission.IMPORT))
throw new SecurityException();
wovenPermissions.add(permission);
}
@Override
public Enumeration elements() {
// TODO return an empty enumeration for now;
// It does not seem possible to do this properly with multiple exports and conditional permissions.
return Collections.emptyEnumeration();
}
@Override
public boolean implies(Permission permission) {
// first check implied permissions
if ((impliedPermissions != null) && impliedPermissions.implies(permission))
return true;
// Now check implied permissions added by weaving hooks.
if (wovenPermissions.implies(permission))
return true;
// We must be allowed by the restricted permissions to have any hope of passing the check
if ((restrictedPermissions != null) && !restrictedPermissions.implies(permission))
return false;
return securityAdmin.checkPermission(permission, this);
}
public Bundle getBundle() {
return bundle;
}
public void clearPermissionCache() {
if (impliedPermissions != null)
impliedPermissions.clearPermissionCache();
if (restrictedPermissions != null)
restrictedPermissions.clearPermissionCache();
}
}