Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * Copyright (c) OSGi Alliance (2000, 2010). All Rights Reserved.
   * 
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *      http://www.apache.org/licenses/LICENSE-2.0
   *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 package org.osgi.framework;
 
 import java.util.List;
 import java.util.Map;
 import java.util.Set;

A bundle's authority to register or get a service.
  • The register action allows a bundle to register a service on the specified names.
  • The get action allows a bundle to detect a service and get it.
Permission to get a service is required in order to detect events regarding the service. Untrusted bundles should not be able to detect the presence of certain services unless they have the appropriate ServicePermission to get the specific service.

Version:
$Id: 1b6ee9543f4cbc16add8dc8c40dfa9a6dfee7aa2 $
ThreadSafe:
 
 
 public final class ServicePermission extends BasicPermission {
 	static final long			serialVersionUID	= -7662148639076511574L;
The action string get.
 
 	public final static String	GET"get";
The action string register.
 
 	public final static String	REGISTER"register";
 
 	private final static int	ACTION_GET			= 0x00000001;
 	private final static int	ACTION_REGISTER		= 0x00000002;
 	private final static int	ACTION_ALL
 	final static int						ACTION_NONE			= 0;

The actions mask.
 
 	transient int							action_mask;

The actions in canonical form.

Serial:
 
 	private volatile String		actionsnull;

The service used by this ServicePermission. Must be null if not constructed with a service.
 
 	transient final ServiceReference< ? >					service;

The object classes for this ServicePermission. Must be null if not constructed with a service.
 
 	transient final String[]				objectClass;

If this ServicePermission was constructed with a filter, this holds a Filter matching object used to evaluate the filter in implies.
	transient Filter						filter;

This map holds the properties of the permission, used to match a filter in implies. This is not initialized until necessary, and then cached in this object.
	private transient volatile Map<StringObject>	properties;

True if constructed with a name and the name is "*" or ends with ".*".
	private transient boolean				wildcard;

If constructed with a name and the name ends with ".*", this contains the name without the final "*".
	private transient String				prefix;

Create a new ServicePermission.

The name of the service is specified as a fully qualified class name. Wildcards may be used.

 name ::= <class name> | <class name ending in ".*"> | *
 
Examples:
 org.osgi.service.http.HttpService
 org.osgi.service.http.*
 *
 
For the get action, the name can also be a filter expression. The filter gives access to the service properties as well as the following attributes:
  • signer - A Distinguished Name chain used to sign the bundle publishing the service. Wildcards in a DN are not matched according to the filter string rules, but according to the rules defined for a DN chain.
  • location - The location of the bundle publishing the service.
  • id - The bundle ID of the bundle publishing the service.
  • name - The symbolic name of the bundle publishing the service.
Since the above attribute names may conflict with service property names used by a service, you can prefix an attribute name with '@' in the filter expression to match against the service property and not one of the above attributes. Filter attribute names are processed in a case sensitive manner unless the attribute references a service property. Service properties names are case insensitive.

There are two possible actions: get and register. The get permission allows the owner of this permission to obtain a service with this name. The register permission allows the bundle to register a service under that name.

Parameters:
name The service class name
actions get,register (canonical order)
Throws:
java.lang.IllegalArgumentException If the specified name is a filter expression and either the specified action is not get or the filter has an invalid syntax.
	public ServicePermission(String nameString actions) {
		this(nameparseActions(actions));
		if (( != null)
				&& (( & ) != )) {
					"invalid action string for filter expression");
		}
	}

Creates a new requested ServicePermission object to be used by code that must perform checkPermission for the get action. ServicePermission objects created with this constructor cannot be added to a ServicePermission permission collection.

Parameters:
reference The requested service.
actions The action get.
Throws:
java.lang.IllegalArgumentException If the specified action is not get or reference is null.
Since:
1.5
	public ServicePermission(ServiceReference< ? > referenceString actions) {
		super(createName(reference));
		setTransients(nullparseActions(actions));
		this. = reference;
		this. = (String[]) reference
		if (( & ) != ) {
			throw new IllegalArgumentException("invalid action string");
		}
	}

Create a permission name from a ServiceReference

Parameters:
reference ServiceReference to use to create permission name.
Returns:
permission name.
	private static String createName(ServiceReference< ? > reference) {
		if (reference == null) {
			throw new IllegalArgumentException("reference must not be null");
		}
		StringBuffer sb = new StringBuffer("(service.id=");
		sb.append(")");
		return sb.toString();
	}

Package private constructor used by ServicePermissionCollection.

Parameters:
name class name
mask action mask
	ServicePermission(String nameint mask) {
		super(name);
		this. = null;
		this. = null;
	}

Called by constructors and when deserialized.

Parameters:
mask action mask
	private void setTransients(Filter fint mask) {
		if ((mask == ) || ((mask & ) != mask)) {
			throw new IllegalArgumentException("invalid action string");
		}
		 = mask;
		 = f;
		if (f == null) {
			String name = getName();
			int l = name.length();
			/* if "*" or endsWith ".*" */
			 = ((name.charAt(l - 1) == '*') && ((l == 1) || (name
					.charAt(l - 2) == '.')));
			if ( && (l > 1)) {
				 = name.substring(0, l - 1);
			}
		}
	}

Parse action string into action mask.

Parameters:
actions Action string.
Returns:
action mask.
	private static int parseActions(String actions) {
		boolean seencomma = false;
		int mask = ;
		if (actions == null) {
			return mask;
		}
		char[] a = actions.toCharArray();
		int i = a.length - 1;
		if (i < 0)
			return mask;
		while (i != -1) {
			char c;
			// skip whitespace
			while ((i != -1)
					&& ((c = a[i]) == ' ' || c == '\r' || c == '\n'
							|| c == '\f' || c == '\t'))
				i--;
			// check for the known strings
			int matchlen;
			if (i >= 2 && (a[i - 2] == 'g' || a[i - 2] == 'G')
					&& (a[i - 1] == 'e' || a[i - 1] == 'E')
					&& (a[i] == 't' || a[i] == 'T')) {
				matchlen = 3;
				mask |= ;
			}
			else
				if (i >= 7 && (a[i - 7] == 'r' || a[i - 7] == 'R')
						&& (a[i - 6] == 'e' || a[i - 6] == 'E')
						&& (a[i - 5] == 'g' || a[i - 5] == 'G')
						&& (a[i - 4] == 'i' || a[i - 4] == 'I')
						&& (a[i - 3] == 's' || a[i - 3] == 'S')
						&& (a[i - 2] == 't' || a[i - 2] == 'T')
						&& (a[i - 1] == 'e' || a[i - 1] == 'E')
						&& (a[i] == 'r' || a[i] == 'R')) {
					matchlen = 8;
					mask |= ;
				}
				else {
					// parse error
					throw new IllegalArgumentException("invalid permission: "
actions);
				}
			// make sure we didn't just match the tail of a word
			// like "ackbarfregister". Also, skip to the comma.
			seencomma = false;
			while (i >= matchlen && !seencomma) {
				switch (a[i - matchlen]) {
					case ',' :
						seencomma = true;
					/* FALLTHROUGH */
					case ' ' :
					case '\r' :
					case '\n' :
					case '\f' :
					case '\t' :
						break;
					default :
								"invalid permission: " + actions);
				}
				i--;
			}
			// point i at the location of the comma minus one (or -1).
			i -= matchlen;
		}
		if (seencomma) {
			throw new IllegalArgumentException("invalid permission: " + actions);
		}
		return mask;
	}

Parse filter string into a Filter object.

Parameters:
filterString The filter string to parse.
Returns:
a Filter for this bundle. If the specified filterString is not a filter expression, then null is returned.
Throws:
java.lang.IllegalArgumentException If the filter syntax is invalid.
	private static Filter parseFilter(String filterString) {
		filterString = filterString.trim();
		if (filterString.charAt(0) != '(') {
			return null;
		}
		try {
			return FrameworkUtil.createFilter(filterString);
		}
					"invalid filter");
			iae.initCause(e);
			throw iae;
		}
	}

Determines if a ServicePermission object "implies" the specified permission.

Parameters:
p The target permission to check.
Returns:
true if the specified permission is implied by this object; false otherwise.
	public boolean implies(Permission p) {
		if (!(p instanceof ServicePermission)) {
			return false;
		}
		if ( != null) {
			return false;
		}
		// if requested permission has a filter, then it is an invalid argument
		if (requested.filter != null) {
			return false;
		}
		return implies0(requested);
	}

Internal implies method. Used by the implies and the permission collection implies methods.

Parameters:
requested The requested ServicePermission which has already be validated as a proper argument. The requested ServicePermission must not have a filter expression.
effective The effective actions with which to start.
Returns:
true if the specified permission is implied by this object; false otherwise.
	boolean implies0(ServicePermission requestedint effective) {
		/* check actions first - much faster */
		effective |= ;
		final int desired = requested.action_mask;
		if ((effective & desired) != desired) {
			return false;
		}
		/* we have name of "*" */
		if ( && ( == null)) {
			return true;
		}
		/* if we have a filter */
		Filter f = ;
		if (f != null) {
			return f.matches(requested.getProperties());
		}
		/* if requested permission not created with ServiceReference */
		String[] requestedNames = requested.objectClass;
		if (requestedNames == null) {
			return super.implies(requested);
		}
		/* requested permission created with ServiceReference */
		if () {
			int pl = .length();
			for (int i = 0, l = requestedNames.lengthi < li++) {
				String requestedName = requestedNames[i];
				if ((requestedName.length() > pl)
						&& requestedName.startsWith()) {
					return true;
				}
			}
		}
		else {
			String name = getName();
			for (int i = 0, l = requestedNames.lengthi < li++) {
				if (requestedNames[i].equals(name)) {
					return true;
				}
			}
		}
		return false;
	}

Returns the canonical string representation of the actions. Always returns present actions in the following order: get, register.

Returns:
The canonical string representation of the actions.
	public String getActions() {
		String result = ;
		if (result == null) {
			StringBuffer sb = new StringBuffer();
			boolean comma = false;
			int mask = ;
			if ((mask & ) == ) {
				comma = true;
			}
			if ((mask & ) == ) {
				if (comma)
					sb.append(',');
			}
			 = result = sb.toString();
		}
		return result;
	}

Returns a new PermissionCollection object for storing ServicePermission objects.

Returns:
A new PermissionCollection object suitable for storing ServicePermission objects.
	}

Determines the equality of two ServicePermission objects. Checks that specified object has the same class name and action as this ServicePermission.

Parameters:
obj The object to test for equality.
Returns:
true if obj is a ServicePermission, and has the same class name and actions as this ServicePermission object; false otherwise.
	public boolean equals(Object obj) {
		if (obj == this) {
			return true;
		}
		if (!(obj instanceof ServicePermission)) {
			return false;
		}
		return ( == sp.action_mask)
				&& (( == sp.service) || (( != null) && (
						.compareTo(sp.service) == 0)));
	}

Returns the hash code value for this object.

Returns:
Hash code value for this object.
	public int hashCode() {
		int h = 31 * 17 + getName().hashCode();
		h = 31 * h + getActions().hashCode();
		if ( != null) {
			h = 31 * h + .hashCode();
		}
		return h;
	}

WriteObject is called to save the state of this permission to a stream. The actions are serialized, and the superclass takes care of the name.
	private synchronized void writeObject(java.io.ObjectOutputStream s)
			throws IOException {
		if ( != null) {
			throw new NotSerializableException("cannot serialize");
		}
		// Write out the actions. The superclass takes care of the name
		// call getActions to make sure actions field is initialized
		if ( == null)
	}

readObject is called to restore the state of this permission from a stream.
	private synchronized void readObject(java.io.ObjectInputStream s)
		// Read in the action, then initialize the rest
	}

Called by <@link ServicePermission#implies(Permission)>. This method is only called on a requested permission which cannot have a filter set.

Returns:
a map of properties for this permission.
	private Map<StringObjectgetProperties() {
		Map<StringObjectresult = ;
		if (result != null) {
			return result;
		}
		if ( == null) {
			result = new HashMap<StringObject>(1);
			result.put(.new String[] {getName()});
			return  = result;
		}
		final Map<StringObjectprops = new HashMap<StringObject>(4);
		final Bundle bundle = .getBundle();
		if (bundle != null) {
			AccessController.doPrivileged(new PrivilegedAction<Object>() {
				public Object run() {
					props.put("id"new Long(bundle.getBundleId()));
					props.put("location"bundle.getLocation());
					String name = bundle.getSymbolicName();
					if (name != null) {
						props.put("name"name);
					}
					SignerProperty signer = new SignerProperty(bundle);
					if (signer.isBundleSigned()) {
						props.put("signer"signer);
					}
					return null;
				}
			});
		}
		return  = new Properties(props);
	}
	static private final class Properties extends AbstractMap<StringObject> {
		private final Map<StringObject>	properties;
		private final ServiceReference< ? >	service;
		private transient volatile Set<Map.Entry<StringObject>>	entries;
		Properties(Map<StringObjectpropertiesServiceReference< ? > service) {
			this. = properties;
			this. = service;
			 = null;
		}
		public Object get(Object k) {
			if (!(k instanceof String)) {
				return null;
			}
			String key = (Stringk;
			if (key.charAt(0) == '@') {
				return .getProperty(key.substring(1));
			}
			Object value = .get(key);
			if (value != null) { // fall back to service properties
				return value;
			}
			return .getProperty(key);
		}
		public Set<Map.Entry<StringObject>> entrySet() {
			if ( != null) {
				return ;
			}
			add: for (String key : .getPropertyKeys()) {
				for (String k : .keySet()) {
					if (key.equalsIgnoreCase(k)) {
						continue add;
					}
				}
				all.add(new Entry(key.getProperty(key)));
			}
			return  = Collections.unmodifiableSet(all);
		}
		static private final class Entry implements Map.Entry<StringObject> {
			private final String	k;
			private final Object	v;
			Entry(String keyObject value) {
				this. = key;
				this. = value;
			}
			public String getKey() {
				return ;
			}
			public Object getValue() {
				return ;
			}
			public Object setValue(Object value) {
			}
			public String toString() {
				return  + "=" + ;
			}
			public int hashCode() {
				return (( == null) ? 0 : .hashCode())
						^ (( == null) ? 0 : .hashCode());
			}
			public boolean equals(Object obj) {
				if (obj == this) {
					return true;
				}
				if (!(obj instanceof Map.Entry)) {
					return false;
				}
				Map.Entry< ? , ? > e = (Map.Entry< ? , ? >) obj;
				final Object key = e.getKey();
				if (( == key) || (( != null) && .equals(key))) {
					final Object value = e.getValue();
					if (( == value) || (( != null) && .equals(value))) {
						return true;
					}
				}
				return false;
			}
		}
	}
Stores a set of ServicePermission permissions.

	static final long	serialVersionUID	= 662615640374640621L;
Table of permissions.

GuardedBy:
this
	private transient Map<StringServicePermission>	permissions;

Boolean saying if "*" is in the collection.

Serial:
GuardedBy:
this
	private boolean		all_allowed;

Table of permissions with filter expressions.

Serial:
GuardedBy:
this
Creates an empty ServicePermissions object.
		 = false;
	}

Adds a permission to this permission collection.

Parameters:
permission The Permission object to add.
Throws:
java.lang.IllegalArgumentException If the specified permission is not a ServicePermission object.
java.lang.SecurityException If this ServicePermissionCollection object has been marked read-only.
	public void add(final Permission permission) {
		if (!(permission instanceof ServicePermission)) {
			throw new IllegalArgumentException("invalid permission: "
permission);
		}
		if (isReadOnly()) {
			throw new SecurityException("attempt to add a Permission to a "
"readonly PermissionCollection");
		}
		final ServicePermission sp = (ServicePermissionpermission;
		if (sp.service != null) {
			throw new IllegalArgumentException("cannot add to collection: "
sp);
		}
		final String name = sp.getName();
		final Filter f = sp.filter;
		synchronized (this) {
			/* select the bucket for the permission */
			if (f != null) {
				if (pc == null) {
				}
			}
			else {
			}
			final ServicePermission existing = pc.get(name);
			if (existing != null) {
				final int oldMask = existing.action_mask;
				final int newMask = sp.action_mask;
				if (oldMask != newMask) {
					pc
							.put(namenew ServicePermission(nameoldMask
newMask));
				}
			}
			else {
				pc.put(namesp);
			}
			if (!) {
				if (name.equals("*")) {
					 = true;
				}
			}
		}
	}

Determines if a set of permissions implies the permissions expressed in permission.

Parameters:
permission The Permission object to compare.
Returns:
true if permission is a proper subset of a permission in the set; false otherwise.
	public boolean implies(final Permission permission) {
		if (!(permission instanceof ServicePermission)) {
			return false;
		}
		final ServicePermission requested = (ServicePermissionpermission;
		/* if requested permission has a filter, then it is an invalid argument */
		if (requested.filter != null) {
			return false;
		}
		int effective = .;
		synchronized (this) {
			final int desired = requested.action_mask;
			/* short circuit if the "*" Permission was added */
			if () {
				if (sp != null) {
					effective |= sp.action_mask;
					if ((effective & desired) == desired) {
						return true;
					}
				}
			}
			String[] requestedNames = requested.objectClass;
			/* if requested permission not created with ServiceReference */
			if (requestedNames == null) {
				effective |= effective(requested.getName(), desiredeffective);
				if ((effective & desired) == desired) {
					return true;
				}
			}
			/* requested permission created with ServiceReference */
			else {
				for (int i = 0, l = requestedNames.lengthi < li++) {
					if ((effective(requestedNames[i], desiredeffective) & desired) == desired) {
						return true;
					}
				}
			}
			if (pc == null) {
				return false;
			}
			perms = pc.values();
		}
		/* iterate one by one over filteredPermissions */
		for (ServicePermission perm : perms) {
			if (perm.implies0(requestedeffective)) {
				return true;
			}
		}
		return false;
	}

Consult permissions map to compute the effective permission for the requested permission name.

Parameters:
requestedName The requested service name.
desired The desired actions.
effective The effective actions.
Returns:
The new effective actions.
	private int effective(String requestedNamefinal int desired,
			int effective) {
		ServicePermission sp = pc.get(requestedName);
		// strategy:
		// Check for full match first. Then work our way up the
		// name looking for matches on a.b.*
		if (sp != null) {
			// we have a direct hit!
			effective |= sp.action_mask;
			if ((effective & desired) == desired) {
				return effective;
			}
		}
		// work our way up the tree...
		int last;
		int offset = requestedName.length() - 1;
		while ((last = requestedName.lastIndexOf("."offset)) != -1) {
			requestedName = requestedName.substring(0, last + 1) + "*";
			sp = pc.get(requestedName);
			if (sp != null) {
				effective |= sp.action_mask;
				if ((effective & desired) == desired) {
					return effective;
				}
			}
			offset = last - 1;
		}
		/*
		 * we don't have to check for "*" as it was already checked before we
		 * were called.
		 */
		return effective;
	}

Returns an enumeration of all the ServicePermission objects in the container.

Returns:
Enumeration of all the ServicePermission objects.
	public synchronized Enumeration<Permissionelements() {
		if (pc != null) {
			all.addAll(pc.values());
		}
		return Collections.enumeration(all);
	}
	/* serialization logic */
	private static final ObjectStreamField[]	serialPersistentFields	= {
			new ObjectStreamField("permissions"Hashtable.class),
			new ObjectStreamField("all_allowed".),
			new ObjectStreamField("filterPermissions"HashMap.class)	};
	private synchronized void writeObject(ObjectOutputStream out)
			throws IOException {
		pfields.put("permissions"hashtable);
		pfields.put("all_allowed");
		pfields.put("filterPermissions");
	}
	private synchronized void readObject(java.io.ObjectInputStream in)
				.get("permissions"null);
		 = gfields.get("all_allowed"false);
				.get("filterPermissions"null);
	}
New to GrepCode? Check out our FAQ X