org.apache.felix.framework.security.condpermadmin

Class ConditionalPermissionAdminImpl

java.lang.Object

org.apache.felix.framework.security.condpermadmin.ConditionalPermissionAdminImpl

All Implemented Interfaces:

org.osgi.service.condpermadmin.ConditionalPermissionAdmin

public final class ConditionalPermissionAdminImpl
extends java.lang.Object
implements org.osgi.service.condpermadmin.ConditionalPermissionAdmin

An implementation of the ConditionalPermissionAdmin service that doesn't need to have a framework specific security manager set. It use the DomainGripper to know what bundleprotectiondomains are expected.

Constructor Summary

Constructors

Constructor and Description
ConditionalPermissionAdminImpl(Permissions permissions, Conditions condtions, LocalPermissions localPermissions, PropertiesCache cache, PermissionAdminImpl pai)

Method Summary

Methods

Modifier and Type	Method and Description
org.osgi.service.condpermadmin.ConditionalPermissionInfo	addConditionalPermissionInfo(org.osgi.service.condpermadmin.ConditionInfo[] conditions, org.osgi.service.permissionadmin.PermissionInfo[] permissions)
void	clearPD()
java.security.AccessControlContext	getAccessControlContext(java.lang.String[] signers)
org.osgi.service.condpermadmin.ConditionalPermissionInfo	getConditionalPermissionInfo(java.lang.String name)
java.util.Enumeration	getConditionalPermissionInfos()
boolean	handlePAHandle(org.apache.felix.framework.BundleProtectionDomain pd)
boolean	hasPermission(org.apache.felix.framework.BundleRevisionImpl module, org.apache.felix.framework.cache.Content content, java.security.ProtectionDomain pd, java.security.Permission permission, boolean direct, java.lang.Object admin) This method does the actual permission check.
boolean	impliesLocal(org.osgi.framework.Bundle felixBundle, org.apache.felix.framework.cache.Content content, java.security.Permission permission)
boolean	isEmpty()
org.osgi.service.condpermadmin.ConditionalPermissionInfo	newConditionalPermissionInfo(java.lang.String encodedConditionalPermissionInfo)
org.osgi.service.condpermadmin.ConditionalPermissionInfo	newConditionalPermissionInfo(java.lang.String name, org.osgi.service.condpermadmin.ConditionInfo[] conditions, org.osgi.service.permissionadmin.PermissionInfo[] permissions, java.lang.String access)
org.osgi.service.condpermadmin.ConditionalPermissionUpdate	newConditionalPermissionUpdate()
org.osgi.service.condpermadmin.ConditionalPermissionInfo	setConditionalPermissionInfo(java.lang.String name, org.osgi.service.condpermadmin.ConditionInfo[] conditions, org.osgi.service.permissionadmin.PermissionInfo[] permissions)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ConditionalPermissionAdminImpl

public ConditionalPermissionAdminImpl(Permissions permissions,
                              Conditions condtions,
                              LocalPermissions localPermissions,
                              PropertiesCache cache,
                              PermissionAdminImpl pai)
                               throws java.io.IOException

Throws:

java.io.IOException

Method Detail

addConditionalPermissionInfo

public org.osgi.service.condpermadmin.ConditionalPermissionInfo addConditionalPermissionInfo(org.osgi.service.condpermadmin.ConditionInfo[] conditions,
                                                                                    org.osgi.service.permissionadmin.PermissionInfo[] permissions)

Specified by:

addConditionalPermissionInfo in interface org.osgi.service.condpermadmin.ConditionalPermissionAdmin

getAccessControlContext

public java.security.AccessControlContext getAccessControlContext(java.lang.String[] signers)

Specified by:

getAccessControlContext in interface org.osgi.service.condpermadmin.ConditionalPermissionAdmin

getConditionalPermissionInfo

public org.osgi.service.condpermadmin.ConditionalPermissionInfo getConditionalPermissionInfo(java.lang.String name)

Specified by:

getConditionalPermissionInfo in interface org.osgi.service.condpermadmin.ConditionalPermissionAdmin

getConditionalPermissionInfos

public java.util.Enumeration getConditionalPermissionInfos()

Specified by:

getConditionalPermissionInfos in interface org.osgi.service.condpermadmin.ConditionalPermissionAdmin

setConditionalPermissionInfo

public org.osgi.service.condpermadmin.ConditionalPermissionInfo setConditionalPermissionInfo(java.lang.String name,
                                                                                    org.osgi.service.condpermadmin.ConditionInfo[] conditions,
                                                                                    org.osgi.service.permissionadmin.PermissionInfo[] permissions)

Specified by:

setConditionalPermissionInfo in interface org.osgi.service.condpermadmin.ConditionalPermissionAdmin

hasPermission

public boolean hasPermission(org.apache.felix.framework.BundleRevisionImpl module,
                    org.apache.felix.framework.cache.Content content,
                    java.security.ProtectionDomain pd,
                    java.security.Permission permission,
                    boolean direct,
                    java.lang.Object admin)

This method does the actual permission check. If it is not a direct check it will try to determine the other bundle domains that will follow automatically in case this is the first check in one permission check. If not then it will keep track of which domains we have already see. While it keeps track it builds up a list of postponed tuples which it will evaluate at the last domain. See the core spec 9.5.1 and following for a general description.

Parameters:

felixBundle - the bundle in question.

loader - the content loader of the bundle to get access to the jar to check for local permissions.

root - the bundle id.

signers - the signers (this is to support the ACC based on signers)

pd - the bundle protection domain

permission - the permission currently checked

direct - whether this is a direct check or not. direct check will not expect any further bundle domains on the stack

Returns:

true in case the permission is granted or there are postponed tuples false if not. Again, see the spec for more explanations.

impliesLocal

public boolean impliesLocal(org.osgi.framework.Bundle felixBundle,
                   org.apache.felix.framework.cache.Content content,
                   java.security.Permission permission)

isEmpty

public boolean isEmpty()

newConditionalPermissionInfo

public org.osgi.service.condpermadmin.ConditionalPermissionInfo newConditionalPermissionInfo(java.lang.String encodedConditionalPermissionInfo)

Specified by:

newConditionalPermissionInfo in interface org.osgi.service.condpermadmin.ConditionalPermissionAdmin

newConditionalPermissionInfo

public org.osgi.service.condpermadmin.ConditionalPermissionInfo newConditionalPermissionInfo(java.lang.String name,
                                                                                    org.osgi.service.condpermadmin.ConditionInfo[] conditions,
                                                                                    org.osgi.service.permissionadmin.PermissionInfo[] permissions,
                                                                                    java.lang.String access)

Specified by:

newConditionalPermissionInfo in interface org.osgi.service.condpermadmin.ConditionalPermissionAdmin

newConditionalPermissionUpdate

public org.osgi.service.condpermadmin.ConditionalPermissionUpdate newConditionalPermissionUpdate()

Specified by:

newConditionalPermissionUpdate in interface org.osgi.service.condpermadmin.ConditionalPermissionAdmin

handlePAHandle

public boolean handlePAHandle(org.apache.felix.framework.BundleProtectionDomain pd)

clearPD

public void clearPD()