public abstract class Permission extends Object implements Guard, Serializable
Abstract class for representing access to a system resource. All permissions have a name (whose interpretation depends on the subclass), as well as abstract functions for defining the semantics of the particular Permission subclass.
Most Permission objects also include an "actions" list that tells the actions that are permitted for the object. For example, for a java.io.FilePermission
object, the permission name is the pathname of a file (or directory), and the actions list (such as "read, write") specifies which actions are granted for the specified file (or for files in the specified directory). The actions list is optional for Permission objects, such as java.lang.RuntimePermission
, that don't need such a list; you either have the named permission (such as "system.exit") or you don't.
An important method that must be implemented by each subclass is the implies
method to compare Permissions. Basically, "permission p1 implies permission p2" means that if one is granted permission p1, one is naturally granted permission p2. Thus, this is not an equality test, but rather more of a subset test.
Permission objects are similar to String objects in that they are immutable once they have been created. Subclasses should not provide methods that can change the state of a permission once it has been created.
Permissions
, PermissionCollection
, Serialized Formpublic Permission(String name)
Constructs a permission with the specified name.
name
- name of the Permission object being created.public void checkGuard(Object object) throws SecurityException
Implements the guard interface for a permission. The SecurityManager.checkPermission
method is called, passing this permission object as the permission to check. Returns silently if access is granted. Otherwise, throws a SecurityException.
checkGuard
in interface Guard
object
- the object being guarded (currently ignored).SecurityException
- if a security manager exists and its checkPermission
method doesn't allow access.Guard
, GuardedObject
, SecurityManager.checkPermission(java.security.Permission)
public abstract boolean implies(Permission permission)
Checks if the specified permission's actions are "implied by" this object's actions.
This must be implemented by subclasses of Permission, as they are the only ones that can impose semantics on a Permission object.
The implies
method is used by the AccessController to determine whether or not a requested permission is implied by another permission that is known to be valid in the current execution context.
permission
- the permission to check against.public abstract boolean equals(Object obj)
Checks two Permission objects for equality.
Do not use the equals
method for making access control decisions; use the implies
method.
equals
in class Object
obj
- the object we are testing for equality with this object.Object.hashCode()
, HashMap
public abstract int hashCode()
Returns the hash code value for this Permission object.
The required hashCode
behavior for Permission Objects is the following:
hashCode
method must consistently return the same integer. This integer need not remain consistent from one execution of an application to another execution of the same application. equals
method, then calling the hashCode
method on each of the two Permission objects must produce the same integer result. hashCode
in class Object
Object.equals(java.lang.Object)
, System.identityHashCode(java.lang.Object)
public final String getName()
Returns the name of this Permission. For example, in the case of a java.io.FilePermission
, the name will be a pathname.
public abstract String getActions()
Returns the actions as a String. This is abstract so subclasses can defer creating a String representation until one is needed. Subclasses should always return actions in what they consider to be their canonical form. For example, two FilePermission objects created via the following:
perm1 = new FilePermission(p1,"read,write"); perm2 = new FilePermission(p2,"write,read");both return "read,write" when the
getActions
method is invoked. public PermissionCollection newPermissionCollection()
Returns an empty PermissionCollection for a given Permission object, or null if one is not defined. Subclasses of class Permission should override this if they need to store their permissions in a particular PermissionCollection object in order to provide the correct semantics when the PermissionCollection.implies
method is called. If null is returned, then the caller of this method is free to store permissions of this type in any PermissionCollection they choose (one that uses a Hashtable, one that uses a Vector, etc).
public String toString()
Returns a string describing this Permission. The convention is to specify the class name, the permission name, and the actions in the following format: '("ClassName" "name" "actions")', or '("ClassName" "name")' if actions list is null or empty.
© 1993–2017, Oracle and/or its affiliates. All rights reserved.
Documentation extracted from Debian's OpenJDK Development Kit package.
Licensed under the GNU General Public License, version 2, with the Classpath Exception.
Various third party code in OpenJDK is licensed under different licenses (see Debian package).
Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.