1. /*

  2.  * @(#)Permission.java	1.33 01/11/29

  3.  *

  4.  * Copyright 2002 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7.  

  8. package java.security;

  9. 

  10. /**

  11.  * Abstract class for representing access to a system resource.

  12.  * All permissions have a name (whose interpretation depends on the subclass),

  13.  * as well as abstract functions for defining the semantics of the

  14.  * particular Permission subclass. 

  15.  * 

  16.  * <p>Most Permission objects also include an "actions" list that tells the actions 

  17.  * that are permitted for the object.  For example, 

  18.  * for a <code>java.io.FilePermission</code> object, the permission name is

  19.  * the pathname of a file (or directory), and the actions list

  20.  * (such as "read, write") specifies which actions are granted for the

  21.  * specified file (or for files in the specified directory).

  22.  * The actions list is optional for Permission objects, such as 

  23.  * <code>java.lang.RuntimePermission</code>,

  24.  * that don't need such a list; you either have the named permission (such

  25.  * as "system.exit") or you don't.

  26.  * 

  27.  * <p>An important method that must be implemented by each subclass is

  28.  * the <code>implies</code> method to compare Permissions. Basically,

  29.  * "permission p1 implies permission p2" means that

  30.  * if one is granted permission p1, one is naturally granted permission p2.

  31.  * Thus, this is not an equality test, but rather more of a

  32.  * subset test.

  33.  * 

  34.  * <P> Permission objects are similar to String objects in that they

  35.  * are immutable once they have been created. Subclasses should not

  36.  * provide methods that can change the state of a permission

  37.  * once it has been created.

  38.  *

  39.  * @see Permissions

  40.  * @see PermissionCollection

  41.  *

  42.  * @version 1.33 01/11/29

  43.  *

  44.  * @author Marianne Mueller

  45.  * @author Roland Schemers 

  46.  */

  47. 

  48. public abstract class Permission implements Guard, java.io.Serializable {

  49. 

  50.     private String name;

  51. 

  52.     /**

  53.      * Constructs a permission with the specified name.

  54.      *

  55.      * @param name name of the Permission object being created.

  56.      *

  57.      */

  58. 

  59.     public Permission(String name) {

  60. 	this.name = name;

  61.     }

  62. 

  63.     /**

  64.      * Implements the guard interface for a permission. The 

  65.      * <code>SecurityManager.checkPermission</code> method is called, 

  66.      * passing this permission object as the permission to check.

  67.      * Returns silently if access is granted. Otherwise, throws

  68.      * a SecurityException.

  69.      * 

  70.      * @param object the object being guarded (currently ignored).

  71.      *

  72.      * @throws SecurityException

  73.      *        if a security manager exists and its 

  74.      *        <code>checkPermission</code> method doesn't allow access.

  75.      * 

  76.      * @see Guard

  77.      * @see GuardedObject

  78.      * @see SecurityManager#checkPermission

  79.      * 

  80.      */

  81.     public void checkGuard(Object object) throws SecurityException {

  82. 	SecurityManager sm = System.getSecurityManager();

  83. 	if (sm != null) sm.checkPermission(this);

  84.     }

  85. 

  86.     /**

  87.      * Checks if the specified permission's actions are "implied by" 

  88.      * this object's actions.

  89.      * <P>

  90.      * This must be implemented by subclasses of Permission, as they are the 

  91.      * only ones that can impose semantics on a Permission object.

  92.      * 

  93.      * <p>The <code>implies</code> method is used by the AccessController to determine

  94.      * whether or not a requested permission is implied by another permission that

  95.      * is known to be valid in the current execution context.

  96.      *

  97.      * @param permission the permission to check against.

  98.      *

  99.      * @return true if the specified permission is implied by this object,

  100.      * false if not.

  101.      */

  102. 

  103.     public abstract boolean implies(Permission permission);

  104. 

  105.     /**

  106.      * Checks two Permission objects for equality.

  107.      * <P>

  108.      * Do not use the <code>equals</code> method for making access control

  109.      * decisions; use the <code>implies</code> method.

  110.      *  

  111.      * @param obj the object we are testing for equality with this object.

  112.      *

  113.      * @return true if both Permission objects are equivalent.

  114.      */

  115. 

  116.     public abstract boolean equals(Object obj);

  117. 

  118.     /**

  119.      * Returns the hash code value for this Permission object.

  120.      * <P>

  121.      * The required <code>hashCode</code> behavior for Permission Objects is

  122.      * the following: <p>

  123.      * <ul>

  124.      * <li>Whenever it is invoked on the same Permission object more than 

  125.      *     once during an execution of a Java application, the 

  126.      *     <code>hashCode</code> method

  127.      *     must consistently return the same integer. This integer need not 

  128.      *     remain consistent from one execution of an application to another 

  129.      *     execution of the same application. <p>

  130.      * <li>If two Permission objects are equal according to the 

  131.      *     <code>equals</code> 

  132.      *     method, then calling the <code>hashCode</code> method on each of the

  133.      *     two Permission objects must produce the same integer result. 

  134.      * </ul>

  135.      *

  136.      * @return a hash code value for this object.

  137.      */

  138. 

  139.     public abstract int hashCode();

  140. 

  141.     /**

  142.      * Returns the name of this Permission.

  143.      * For example, in the case of a <code>java.io.FilePermission</code>,

  144.      * the name will be a pathname.

  145.      *

  146.      * @return the name of this Permission.

  147.      * 

  148.      */

  149. 

  150.     public final String getName() {

  151. 	return name;

  152.     }

  153. 

  154.     /**

  155.      * Returns the actions as a String. This is abstract

  156.      * so subclasses can defer creating a String representation until 

  157.      * one is needed. Subclasses should always return actions in what they

  158.      * consider to be their

  159.      * canonical form. For example, two FilePermission objects created via

  160.      * the following:

  161.      * 

  162.      * <pre>

  163.      *   perm1 = new FilePermission(p1,"read,write");

  164.      *   perm2 = new FilePermission(p2,"write,read"); 

  165.      * </pre>

  166.      * 

  167.      * both return 

  168.      * "read,write" when the <code>getActions</code> method is invoked.

  169.      *

  170.      * @return the actions of this Permission.

  171.      *

  172.      */

  173. 

  174.     public abstract String getActions();

  175. 

  176.     /**

  177.      * Returns an empty PermissionCollection for a given Permission object, or null if

  178.      * one is not defined. Subclasses of class Permission should 

  179.      * override this if they need to store their permissions in a particular

  180.      * PermissionCollection object in order to provide the correct semantics

  181.      * when the <code>PermissionCollection.implies</code> method is called. 

  182.      * If null is returned,

  183.      * then the caller of this method is free to store permissions of this

  184.      * type in any PermissionCollection they choose (one that uses a Hashtable,

  185.      * one that uses a Vector, etc).

  186.      *

  187.      * @return a new PermissionCollection object for this type of Permission, or 

  188.      * null if one is not defined.

  189.      */

  190. 

  191.     public PermissionCollection newPermissionCollection() {

  192. 	return null;

  193.     }

  194. 

  195.     /**

  196.      * Returns a string describing this Permission.  The convention is to

  197.      * specify the class name, the permission name, and the actions in

  198.      * the following format: '("ClassName" "name" "actions")'.

  199.      * 

  200.      * @return information about this Permission.

  201.      */

  202. 

  203.     public String toString() {

  204. 	return "(" + getClass().getName() + " " + 

  205. 	                  name + " " + getActions() + ")";

  206.     }

  207. }

  208.