Class CapabilityPermission

All Implemented Interfaces:
Serializable, Guard

public final class CapabilityPermission extends BasicPermission
A bundle's authority to provide or require a capability.
  • The provide action allows a bundle to provide a capability matching the specified filter.
  • The require action allows a bundle to require a capability matching the specified filter.
Since:
1.6
See Also:
  • Field Details

    • serialVersionUID

      static final long serialVersionUID
      See Also:
    • REQUIRE

      public static final String REQUIRE
      The action string require.
      See Also:
    • PROVIDE

      public static final String PROVIDE
      The action string provide.
      See Also:
    • ACTION_REQUIRE

      private static final int ACTION_REQUIRE
      See Also:
    • ACTION_PROVIDE

      private static final int ACTION_PROVIDE
      See Also:
    • ACTION_ALL

      private static final int ACTION_ALL
      See Also:
    • ACTION_NONE

      static final int ACTION_NONE
      See Also:
    • action_mask

      transient int action_mask
      The actions mask.
    • actions

      private volatile String actions
      The actions in canonical form.
    • attributes

      final transient Map<String,Object> attributes
      The attributes of the requested capability. Must be null if not constructed with attributes.
    • bundle

      final transient Bundle bundle
      The bundle of the requested capability. Must be null if not constructed with bundle.
    • filter

      transient Filter filter
      If this CapabilityPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.
    • properties

      private transient volatile Map<String,Object> properties
      This map holds the properties of the permission, used to match a filter in implies. This is not initialized until necessary, and then cached in this object.
  • Constructor Details

    • CapabilityPermission

      public CapabilityPermission(String name, String actions)
      Create a new CapabilityPermission.

      The name is specified as a dot-separated string. Wildcards may be used.

       name ::= <namespace> | <namespace ending in ".*"> | *
       
      Examples:
       com.acme.capability.*
       org.foo.capability
       *
       
      For the require action, the name can also be a filter expression. The filter gives access to the capability attributes as well as the following attributes:
      • signer - A Distinguished Name chain used to sign the bundle providing the capability. Wildcards in a DN are not matched according to the filter string rules, but according to the rules defined for a DN chain.
      • location - The location of the bundle providing the capability.
      • id - The bundle ID of the bundle providing the capability.
      • name - The symbolic name of the bundle providing the capability.
      • capability.namespace - The namespace of the required capability.
      Since the above attribute names may conflict with attribute names of a capability, you can prefix an attribute name with '@' in the filter expression to match against the capability attributes and not one of the above attributes. Filter attribute names are processed in a case sensitive manner.

      There are two possible actions: require and provide. The require permission allows the owner of this permission to require a capability matching the attributes. The provide permission allows the bundle to provide a capability in the specified capability namespace.

      Parameters:
      name - The capability namespace or a filter over the attributes.
      actions - require,provide (canonical order)
      Throws:
      IllegalArgumentException - If the specified name is a filter expression and either the specified action is not require or the filter has an invalid syntax.
    • CapabilityPermission

      public CapabilityPermission(String namespace, Map<String,?> attributes, Bundle providingBundle, String actions)
      Creates a new requested CapabilityPermission object to be used by code that must perform checkPermission for the require action. CapabilityPermission objects created with this constructor cannot be added to a CapabilityPermission permission collection.
      Parameters:
      namespace - The requested capability namespace.
      attributes - The requested capability attributes.
      providingBundle - The bundle providing the requested capability.
      actions - The action require.
      Throws:
      IllegalArgumentException - If the specified action is not require or attributes or providingBundle are null .
    • CapabilityPermission

      CapabilityPermission(String name, int mask)
      Package private constructor used by CapabilityPermissionCollection.
      Parameters:
      name - class name
      mask - action mask
  • Method Details

    • setTransients

      private void setTransients(String name, int mask)
      Called by constructors and when deserialized.
      Parameters:
      mask - action mask
    • parseActions

      private static int parseActions(String actions)
      Parse action string into action mask.
      Parameters:
      actions - Action string.
      Returns:
      action mask.
    • parseFilter

      private static Filter parseFilter(String filterString)
      Parse filter string into a Filter object.
      Parameters:
      filterString - The filter string to parse.
      Returns:
      a Filter for this bundle. If the specified filterString is not a filter expression, then null is returned.
      Throws:
      IllegalArgumentException - If the filter syntax is invalid.
    • implies

      public boolean implies(Permission p)
      Determines if a CapabilityPermission object "implies" the specified permission.
      Overrides:
      implies in class BasicPermission
      Parameters:
      p - The target permission to check.
      Returns:
      true if the specified permission is implied by this object; false otherwise.
    • implies0

      boolean implies0(CapabilityPermission requested, int effective)
      Internal implies method. Used by the implies and the permission collection implies methods.
      Parameters:
      requested - The requested CapabilityPermission which has already be validated as a proper argument. The requested CapabilityPermission must not have a filter expression.
      effective - The effective actions with which to start.
      Returns:
      true if the specified permission is implied by this object; false otherwise.
    • getActions

      public String getActions()
      Returns the canonical string representation of the actions. Always returns present actions in the following order: require, provide.
      Overrides:
      getActions in class BasicPermission
      Returns:
      The canonical string representation of the actions.
    • newPermissionCollection

      public PermissionCollection newPermissionCollection()
      Returns a new PermissionCollection object for storing CapabilityPermission objects.
      Overrides:
      newPermissionCollection in class BasicPermission
      Returns:
      A new PermissionCollection object suitable for storing CapabilityPermission objects.
    • equals

      public boolean equals(Object obj)
      Determines the equality of two CapabilityPermission objects. Checks that specified object has the same name and action as this CapabilityPermission.
      Overrides:
      equals in class BasicPermission
      Parameters:
      obj - The object to test for equality.
      Returns:
      true if obj is a CapabilityPermission, and has the same name and actions as this CapabilityPermission object; false otherwise.
    • hashCode

      public int hashCode()
      Returns the hash code value for this object.
      Overrides:
      hashCode in class BasicPermission
      Returns:
      Hash code value for this object.
    • writeObject

      private void writeObject(ObjectOutputStream s) throws IOException
      WriteObject is called to save the state of this permission to a stream. The actions are serialized, and the superclass takes care of the name.
      Throws:
      IOException
    • readObject

      private void readObject(ObjectInputStream s) throws IOException, ClassNotFoundException
      readObject is called to restore the state of this permission from a stream.
      Throws:
      IOException
      ClassNotFoundException
    • getProperties

      private Map<String,Object> getProperties()
      Called by implies(Permission). This method is only called on a requested permission which cannot have a filter set.
      Returns:
      a map of properties for this permission.