Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * Copyright (c) OSGi Alliance (2000, 2011). All Rights Reserved.
   * 
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *      http://www.apache.org/licenses/LICENSE-2.0
   *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 package org.osgi.framework;
 
 import java.util.List;
 import java.util.Map;
 import java.util.Set;

A bundle's authority to provide or require a capability.
  • The provide action allows a bundle to provide a capability matching the specified filter.
  • The require action allows a bundle to require a capability matching the specified filter.

Version:
$Id: bab1ac06b46613f6cff39b291295d8b3e51d58ce $
Since:
1.6
ThreadSafe:
 
 
 public final class CapabilityPermission extends BasicPermission {
 	static final long								serialVersionUID	= -7662148639076511574L;
The action string require.
 
 	public final static String						REQUIRE"require";
The action string provide.
 
 	public final static String						PROVIDE"provide";
 
 	private final static int						ACTION_REQUIRE		= 0x00000001;
 	private final static int						ACTION_PROVIDE		= 0x00000002;
 	private final static int						ACTION_ALL
 	final static int								ACTION_NONE			= 0;

The actions mask.
 
 	transient int									action_mask;

The actions in canonical form.

Serial:
 
 	private volatile String							actionsnull;

The attributes of the requested capability. Must be null if not constructed with attributes.
 
 	transient final Map<StringObject>				attributes;

The bundle of the requested capability. Must be null if not constructed with bundle.
 
 	transient final Bundle							bundle;

If this CapabilityPermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.
 
 	transient Filter								filter;

This map holds the properties of the permission, used to match a filter in implies. This is not initialized until necessary, and then cached in this object.
	private transient volatile Map<StringObject>	properties;

Create a new CapabilityPermission.

The name is specified as a dot-separated string. Wildcards may be used.

 name ::= <namespace> | <namespace ending in ".*"> | *
 
Examples:
 com.acme.capability.*
 org.foo.capability
 *
 
For the require action, the name can also be a filter expression. The filter gives access to the capability attributes as well as the following attributes:
  • signer - A Distinguished Name chain used to sign the bundle providing the capability. Wildcards in a DN are not matched according to the filter string rules, but according to the rules defined for a DN chain.
  • location - The location of the bundle providing the capability.
  • id - The bundle ID of the bundle providing the capability.
  • name - The symbolic name of the bundle providing the capability.
  • capability.namespace - The name space of the required capability.
Since the above attribute names may conflict with attribute names of a capability, you can prefix an attribute name with '@' in the filter expression to match against the capability attributes and not one of the above attributes. Filter attribute names are processed in a case sensitive manner.

There are two possible actions: require and provide. The require permission allows the owner of this permission to require a capability matching the attributes. The provide permission allows the bundle to provide a capability in the specified capability name space.

Parameters:
name The capability name space or a filter over the attributes.
actions require,provide (canonical order)
Throws:
java.lang.IllegalArgumentException If the specified name is a filter expression and either the specified action is not require or the filter has an invalid syntax.
	public CapabilityPermission(String nameString actions) {
		this(nameparseActions(actions));
		if ((this. != null)
					"invalid action string for filter expression");
		}
	}

Creates a new requested CapabilityPermission object to be used by code that must perform checkPermission for the require action. CapabilityPermission objects created with this constructor cannot be added to a CapabilityPermission permission collection.

Parameters:
namespace The requested capability name space.
attributes The requested capability attributes.
providingBundle The bundle providing the requested capability.
actions The action require.
Throws:
java.lang.IllegalArgumentException If the specified action is not require or attributes or providingBundle are null .
	public CapabilityPermission(String namespaceMap<String, ? > attributes,
			Bundle providingBundleString actions) {
		super(namespace);
		setTransients(namespaceparseActions(actions));
		if (attributes == null) {
			throw new IllegalArgumentException("attributes must not be null");
		}
		if (providingBundle == null) {
			throw new IllegalArgumentException("bundle must not be null");
		}
		this. = new HashMap<StringObject>(attributes);
		this. = providingBundle;
			throw new IllegalArgumentException("invalid action string");
		}
	}

Package private constructor used by CapabilityPermissionCollection.

Parameters:
name class name
mask action mask
	CapabilityPermission(String nameint mask) {
		super(name);
		setTransients(namemask);
		this. = null;
		this. = null;
	}

Called by constructors and when deserialized.

Parameters:
mask action mask
	private void setTransients(String nameint mask) {
		if ((mask == ) || ((mask & ) != mask)) {
			throw new IllegalArgumentException("invalid action string");
		}
		 = mask;
	}

Parse action string into action mask.

Parameters:
actions Action string.
Returns:
action mask.
	private static int parseActions(String actions) {
		boolean seencomma = false;
		int mask = ;
		if (actions == null) {
			return mask;
		}
		char[] a = actions.toCharArray();
		int i = a.length - 1;
		if (i < 0)
			return mask;
		while (i != -1) {
			char c;
			// skip whitespace
			while ((i != -1)
					&& ((c = a[i]) == ' ' || c == '\r' || c == '\n'
							|| c == '\f' || c == '\t'))
				i--;
			// check for the known strings
			int matchlen;
			if (i >= 6 && (a[i - 6] == 'r' || a[i - 6] == 'R')
					&& (a[i - 5] == 'e' || a[i - 5] == 'E')
					&& (a[i - 4] == 'q' || a[i - 4] == 'Q')
					&& (a[i - 3] == 'u' || a[i - 3] == 'U')
					&& (a[i - 2] == 'i' || a[i - 2] == 'I')
					&& (a[i - 1] == 'r' || a[i - 1] == 'R')
					&& (a[i] == 'e' || a[i] == 'E')) {
				matchlen = 7;
				mask |= ;
			}
			else
				if (i >= 6 && (a[i - 6] == 'p' || a[i - 6] == 'P')
						&& (a[i - 5] == 'r' || a[i - 5] == 'R')
						&& (a[i - 4] == 'o' || a[i - 4] == 'O')
						&& (a[i - 3] == 'v' || a[i - 3] == 'V')
						&& (a[i - 2] == 'i' || a[i - 2] == 'I')
						&& (a[i - 1] == 'd' || a[i - 1] == 'D')
						&& (a[i] == 'e' || a[i] == 'E')) {
					matchlen = 7;
					mask |= ;
				}
				else {
					// parse error
					throw new IllegalArgumentException("invalid permission: "
actions);
				}
			// make sure we didn't just match the tail of a word
			// like "ackbarfprovide". Also, skip to the comma.
			seencomma = false;
			while (i >= matchlen && !seencomma) {
				switch (a[i - matchlen]) {
					case ',' :
						seencomma = true;
						/* FALLTHROUGH */
					case ' ' :
					case '\r' :
					case '\n' :
					case '\f' :
					case '\t' :
						break;
					default :
								"invalid permission: " + actions);
				}
				i--;
			}
			// point i at the location of the comma minus one (or -1).
			i -= matchlen;
		}
		if (seencomma) {
			throw new IllegalArgumentException("invalid permission: " + actions);
		}
		return mask;
	}

Parse filter string into a Filter object.

Parameters:
filterString The filter string to parse.
Returns:
a Filter for this bundle. If the specified filterString is not a filter expression, then null is returned.
Throws:
java.lang.IllegalArgumentException If the filter syntax is invalid.
	private static Filter parseFilter(String filterString) {
		filterString = filterString.trim();
		if (filterString.charAt(0) != '(') {
			return null;
		}
		try {
			return FrameworkUtil.createFilter(filterString);
		}
					"invalid filter");
			iae.initCause(e);
			throw iae;
		}
	}

Determines if a CapabilityPermission object "implies" the specified permission.

Parameters:
p The target permission to check.
Returns:
true if the specified permission is implied by this object; false otherwise.
	public boolean implies(Permission p) {
		if (!(p instanceof CapabilityPermission)) {
			return false;
		}
		if ( != null) {
			return false;
		}
		// if requested permission has a filter, then it is an invalid argument
		if (requested.filter != null) {
			return false;
		}
		return implies0(requested);
	}

Internal implies method. Used by the implies and the permission collection implies methods.

Parameters:
requested The requested CapabilityPermission which has already be validated as a proper argument. The requested CapabilityPermission must not have a filter expression.
effective The effective actions with which to start.
Returns:
true if the specified permission is implied by this object; false otherwise.
	boolean implies0(CapabilityPermission requestedint effective) {
		/* check actions first - much faster */
		effective |= ;
		final int desired = requested.action_mask;
		if ((effective & desired) != desired) {
			return false;
		}
		/* Get filter if any */
		Filter f = ;
		if (f == null) {
			return super.implies(requested);
		}
		return f.matches(requested.getProperties());
	}

Returns the canonical string representation of the actions. Always returns present actions in the following order: require, provide.

Returns:
The canonical string representation of the actions.
	public String getActions() {
		String result = ;
		if (result == null) {
			StringBuffer sb = new StringBuffer();
			boolean comma = false;
			int mask = ;
			if ((mask & ) == ) {
				comma = true;
			}
			if ((mask & ) == ) {
				if (comma)
					sb.append(',');
			}
			 = result = sb.toString();
		}
		return result;
	}

Returns a new PermissionCollection object for storing CapabilityPermission objects.

Returns:
A new PermissionCollection object suitable for storing CapabilityPermission objects.
	}

Determines the equality of two CapabilityPermission objects. Checks that specified object has the same name and action as this CapabilityPermission.

Parameters:
obj The object to test for equality.
Returns:
true if obj is a CapabilityPermission, and has the same name and actions as this CapabilityPermission object; false otherwise.
	public boolean equals(Object obj) {
		if (obj == this) {
			return true;
		}
		if (!(obj instanceof CapabilityPermission)) {
			return false;
		}
		return ( == cp.action_mask)
				&& (( == cp.attributes) || (( != null) && (
						.equals(cp.attributes))))
				&& (( == cp.bundle) || (( != null) && 
						.equals(cp.bundle)));
	}

Returns the hash code value for this object.

Returns:
Hash code value for this object.
	public int hashCode() {
		int h = 31 * 17 + getName().hashCode();
		h = 31 * h + getActions().hashCode();
		if ( != null) {
			h = 31 * h + .hashCode();
		}
		if ( != null) {
			h = 31 * h + .hashCode();
		}
		return h;
	}

WriteObject is called to save the state of this permission to a stream. The actions are serialized, and the superclass takes care of the name.
	private synchronized void writeObject(java.io.ObjectOutputStream s)
			throws IOException {
		if ( != null) {
			throw new NotSerializableException("cannot serialize");
		}
		// Write out the actions. The superclass takes care of the name
		// call getActions to make sure actions field is initialized
		if ( == null)
	}

readObject is called to restore the state of this permission from a stream.
	private synchronized void readObject(java.io.ObjectInputStream s)
		// Read in the action, then initialize the rest
	}

Called by <@link CapabilityPermission#implies(Permission)>. This method is only called on a requested permission which cannot have a filter set.

Returns:
a map of properties for this permission.
	private Map<StringObjectgetProperties() {
		Map<StringObjectresult = ;
		if (result != null) {
			return result;
		}
		final Map<StringObjectprops = new HashMap<StringObject>(5);
		props.put("capability.namespace"getName());
		if ( == null) {
			return  = props;
		}
		AccessController.doPrivileged(new PrivilegedAction<Object>() {
			public Object run() {
				props.put("id"new Long(.getBundleId()));
				props.put("location".getLocation());
				if (name != null) {
					props.put("name"name);
				}
				if (signer.isBundleSigned()) {
					props.put("signer"signer);
				}
				return null;
			}
		});
		return  = new Properties(props);
	}
	static private final class Properties extends AbstractMap<StringObject> {
		private final Map<StringObject>							properties;
		private final Map<StringObject>							attributes;
		private transient volatile Set<Map.Entry<StringObject>>	entries;
		Properties(Map<StringObjectproperties,
				Map<StringObjectattributes) {
			this. = properties;
			this. = attributes;
			 = null;
		}
		public Object get(Object k) {
			if (!(k instanceof String)) {
				return null;
			}
			String key = (Stringk;
			if (key.charAt(0) == '@') {
				return .get(key.substring(1));
			}
			Object value = .get(key);
			if (value != null) { // fall back to service properties
				return value;
			}
			return .get(key);
		}
		public Set<Map.Entry<StringObject>> entrySet() {
			if ( != null) {
				return ;
			}
			return  = Collections.unmodifiableSet(all);
		}
	}
Stores a set of CapabilityPermission permissions.

	static final long							serialVersionUID	= -615322242639008920L;

Table of permissions.

Serial:
GuardedBy:
this
Boolean saying if "*" is in the collection.

Serial:
GuardedBy:
this
	private boolean								all_allowed;

Table of permissions with filter expressions.

Serial:
GuardedBy:
this
Creates an empty CapabilityPermissionCollection object.
		 = false;
	}

Adds a permission to this permission collection.

Parameters:
permission The Permission object to add.
Throws:
java.lang.IllegalArgumentException If the specified permission is not a CapabilityPermission object.
java.lang.SecurityException If this CapabilityPermissionCollection object has been marked read-only.
	public void add(final Permission permission) {
		if (!(permission instanceof CapabilityPermission)) {
			throw new IllegalArgumentException("invalid permission: "
permission);
		}
		if (isReadOnly()) {
			throw new SecurityException("attempt to add a Permission to a "
"readonly PermissionCollection");
		}
		final CapabilityPermission cp = (CapabilityPermissionpermission;
		if (cp.bundle != null) {
			throw new IllegalArgumentException("cannot add to collection: "
cp);
		}
		final String name = cp.getName();
		final Filter f = cp.filter;
		synchronized (this) {
			/* select the bucket for the permission */
			if (f != null) {
				if (pc == null) {
				}
			}
			else {
			}
			final CapabilityPermission existing = pc.get(name);
			if (existing != null) {
				final int oldMask = existing.action_mask;
				final int newMask = cp.action_mask;
				if (oldMask != newMask) {
					pc.put(namenew CapabilityPermission(nameoldMask
newMask));
				}
			}
			else {
				pc.put(namecp);
			}
			if (!) {
				if (name.equals("*")) {
					 = true;
				}
			}
		}
	}

Determines if a set of permissions implies the permissions expressed in permission.

Parameters:
permission The Permission object to compare.
Returns:
true if permission is a proper subset of a permission in the set; false otherwise.
	public boolean implies(final Permission permission) {
		if (!(permission instanceof CapabilityPermission)) {
			return false;
		}
		final CapabilityPermission requested = (CapabilityPermissionpermission;
		/* if requested permission has a filter, then it is an invalid argument */
		if (requested.filter != null) {
			return false;
		}
		String requestedName = requested.getName();
		final int desired = requested.action_mask;
		synchronized (this) {
			/* short circuit if the "*" Permission was added */
			if () {
				cp = pc.get("*");
				if (cp != null) {
					effective |= cp.action_mask;
					if ((effective & desired) == desired) {
						return true;
					}
				}
			}
			/*
			 * strategy: Check for full match first. Then work our way up the
			 * name looking for matches on a.b.*
			 */
			cp = pc.get(requestedName);
			if (cp != null) {
				/* we have a direct hit! */
				effective |= cp.action_mask;
				if ((effective & desired) == desired) {
					return true;
				}
			}
			/* work our way up the tree... */
			int last;
			int offset = requestedName.length() - 1;
			while ((last = requestedName.lastIndexOf("."offset)) != -1) {
				requestedName = requestedName.substring(0, last + 1) + "*";
				cp = pc.get(requestedName);
				if (cp != null) {
					effective |= cp.action_mask;
					if ((effective & desired) == desired) {
						return true;
					}
				}
				offset = last - 1;
			}
			/*
			 * we don't have to check for "*" as it was already checked before
			 * we were called.
			 */
			if (pc == null) {
				return false;
			}
			perms = pc.values();
		}
		/* iterate one by one over filteredPermissions */
		for (CapabilityPermission perm : perms) {
			if (perm.implies0(requestedeffective)) {
				return true;
			}
		}
		return false;
	}

Returns an enumeration of all the CapabilityPermission objects in the container.

Returns:
Enumeration of all the CapabilityPermission objects.
	public synchronized Enumeration<Permissionelements() {
		if (pc != null) {
			all.addAll(pc.values());
		}
		return Collections.enumeration(all);
	}
	/* serialization logic */
	private static final ObjectStreamField[]	serialPersistentFields	= {
			new ObjectStreamField("permissions"HashMap.class),
			new ObjectStreamField("all_allowed".),
			new ObjectStreamField("filterPermissions"HashMap.class)	};
	private synchronized void writeObject(ObjectOutputStream out)
			throws IOException {
		pfields.put("permissions");
		pfields.put("all_allowed");
		pfields.put("filterPermissions");
	}
	private synchronized void readObject(java.io.ObjectInputStream in)
				.get("permissions"null);
		 = gfields.get("all_allowed"false);
				.get("filterPermissions"null);
	}
New to GrepCode? Check out our FAQ X