1. /*

  2.  * @(#)Permission.java	1.35 00/02/02

  3.  *

  4.  * Copyright 1997-2000 Sun Microsystems, Inc. All Rights Reserved.

  5.  * 

  6.  * This software is the proprietary information of Sun Microsystems, Inc.  

  7.  * Use is subject to license terms.

  8.  * 

  9.  */

  10.  

  11. package java.security;

  12. 

  13. /**

  14.  * Abstract class for representing access to a system resource.

  15.  * All permissions have a name (whose interpretation depends on the subclass),

  16.  * as well as abstract functions for defining the semantics of the

  17.  * particular Permission subclass. 

  18.  * 

  19.  * <p>Most Permission objects also include an "actions" list that tells the actions 

  20.  * that are permitted for the object.  For example, 

  21.  * for a <code>java.io.FilePermission</code> object, the permission name is

  22.  * the pathname of a file (or directory), and the actions list

  23.  * (such as "read, write") specifies which actions are granted for the

  24.  * specified file (or for files in the specified directory).

  25.  * The actions list is optional for Permission objects, such as 

  26.  * <code>java.lang.RuntimePermission</code>,

  27.  * that don't need such a list; you either have the named permission (such

  28.  * as "system.exit") or you don't.

  29.  * 

  30.  * <p>An important method that must be implemented by each subclass is

  31.  * the <code>implies</code> method to compare Permissions. Basically,

  32.  * "permission p1 implies permission p2" means that

  33.  * if one is granted permission p1, one is naturally granted permission p2.

  34.  * Thus, this is not an equality test, but rather more of a

  35.  * subset test.

  36.  * 

  37.  * <P> Permission objects are similar to String objects in that they

  38.  * are immutable once they have been created. Subclasses should not

  39.  * provide methods that can change the state of a permission

  40.  * once it has been created.

  41.  *

  42.  * @see Permissions

  43.  * @see PermissionCollection

  44.  *

  45.  * @version 1.35 00/02/02

  46.  *

  47.  * @author Marianne Mueller

  48.  * @author Roland Schemers 

  49.  */

  50. 

  51. public abstract class Permission implements Guard, java.io.Serializable {

  52. 

  53.     private String name;

  54. 

  55.     /**

  56.      * Constructs a permission with the specified name.

  57.      *

  58.      * @param name name of the Permission object being created.

  59.      *

  60.      */

  61. 

  62.     public Permission(String name) {

  63. 	this.name = name;

  64.     }

  65. 

  66.     /**

  67.      * Implements the guard interface for a permission. The 

  68.      * <code>SecurityManager.checkPermission</code> method is called, 

  69.      * passing this permission object as the permission to check.

  70.      * Returns silently if access is granted. Otherwise, throws

  71.      * a SecurityException.

  72.      * 

  73.      * @param object the object being guarded (currently ignored).

  74.      *

  75.      * @throws SecurityException

  76.      *        if a security manager exists and its 

  77.      *        <code>checkPermission</code> method doesn't allow access.

  78.      * 

  79.      * @see Guard

  80.      * @see GuardedObject

  81.      * @see SecurityManager#checkPermission

  82.      * 

  83.      */

  84.     public void checkGuard(Object object) throws SecurityException {

  85. 	SecurityManager sm = System.getSecurityManager();

  86. 	if (sm != null) sm.checkPermission(this);

  87.     }

  88. 

  89.     /**

  90.      * Checks if the specified permission's actions are "implied by" 

  91.      * this object's actions.

  92.      * <P>

  93.      * This must be implemented by subclasses of Permission, as they are the 

  94.      * only ones that can impose semantics on a Permission object.

  95.      * 

  96.      * <p>The <code>implies</code> method is used by the AccessController to determine

  97.      * whether or not a requested permission is implied by another permission that

  98.      * is known to be valid in the current execution context.

  99.      *

  100.      * @param permission the permission to check against.

  101.      *

  102.      * @return true if the specified permission is implied by this object,

  103.      * false if not.

  104.      */

  105. 

  106.     public abstract boolean implies(Permission permission);

  107. 

  108.     /**

  109.      * Checks two Permission objects for equality.

  110.      * <P>

  111.      * Do not use the <code>equals</code> method for making access control

  112.      * decisions; use the <code>implies</code> method.

  113.      *  

  114.      * @param obj the object we are testing for equality with this object.

  115.      *

  116.      * @return true if both Permission objects are equivalent.

  117.      */

  118. 

  119.     public abstract boolean equals(Object obj);

  120. 

  121.     /**

  122.      * Returns the hash code value for this Permission object.

  123.      * <P>

  124.      * The required <code>hashCode</code> behavior for Permission Objects is

  125.      * the following: <p>

  126.      * <ul>

  127.      * <li>Whenever it is invoked on the same Permission object more than 

  128.      *     once during an execution of a Java application, the 

  129.      *     <code>hashCode</code> method

  130.      *     must consistently return the same integer. This integer need not 

  131.      *     remain consistent from one execution of an application to another 

  132.      *     execution of the same application. <p>

  133.      * <li>If two Permission objects are equal according to the 

  134.      *     <code>equals</code> 

  135.      *     method, then calling the <code>hashCode</code> method on each of the

  136.      *     two Permission objects must produce the same integer result. 

  137.      * </ul>

  138.      *

  139.      * @return a hash code value for this object.

  140.      */

  141. 

  142.     public abstract int hashCode();

  143. 

  144.     /**

  145.      * Returns the name of this Permission.

  146.      * For example, in the case of a <code>java.io.FilePermission</code>,

  147.      * the name will be a pathname.

  148.      *

  149.      * @return the name of this Permission.

  150.      * 

  151.      */

  152. 

  153.     public final String getName() {

  154. 	return name;

  155.     }

  156. 

  157.     /**

  158.      * Returns the actions as a String. This is abstract

  159.      * so subclasses can defer creating a String representation until 

  160.      * one is needed. Subclasses should always return actions in what they

  161.      * consider to be their

  162.      * canonical form. For example, two FilePermission objects created via

  163.      * the following:

  164.      * 

  165.      * <pre>

  166.      *   perm1 = new FilePermission(p1,"read,write");

  167.      *   perm2 = new FilePermission(p2,"write,read"); 

  168.      * </pre>

  169.      * 

  170.      * both return 

  171.      * "read,write" when the <code>getActions</code> method is invoked.

  172.      *

  173.      * @return the actions of this Permission.

  174.      *

  175.      */

  176. 

  177.     public abstract String getActions();

  178. 

  179.     /**

  180.      * Returns an empty PermissionCollection for a given Permission object, or null if

  181.      * one is not defined. Subclasses of class Permission should 

  182.      * override this if they need to store their permissions in a particular

  183.      * PermissionCollection object in order to provide the correct semantics

  184.      * when the <code>PermissionCollection.implies</code> method is called. 

  185.      * If null is returned,

  186.      * then the caller of this method is free to store permissions of this

  187.      * type in any PermissionCollection they choose (one that uses a Hashtable,

  188.      * one that uses a Vector, etc).

  189.      *

  190.      * @return a new PermissionCollection object for this type of Permission, or 

  191.      * null if one is not defined.

  192.      */

  193. 

  194.     public PermissionCollection newPermissionCollection() {

  195. 	return null;

  196.     }

  197. 

  198.     /**

  199.      * Returns a string describing this Permission.  The convention is to

  200.      * specify the class name, the permission name, and the actions in

  201.      * the following format: '("ClassName" "name" "actions")'.

  202.      * 

  203.      * @return information about this Permission.

  204.      */

  205. 

  206.     public String toString() {

  207. 	String actions = getActions();

  208. 	if ((actions == null) || (actions.length() == 0)) { // OPTIONAL

  209. 	    return "(" + getClass().getName() + " " + name + ")";

  210. 	} else {

  211. 	    return "(" + getClass().getName() + " " + name + " " +

  212. 		actions + ")";

  213. 	}

  214.     }

  215. }

  216.