private bool defaultImplies(ProtectionDomain domain, Permission permission) { if (domain == null && permission == null) { throw new java.lang.NullPointerException(); } bool implies = false; if (domain != null) { PermissionCollection total = getPermissions(domain); PermissionCollection inherent = domain.getPermissions(); if (inherent != null) { java.util.Enumeration <Permission> en = inherent.elements(); while (en.hasMoreElements()) { total.add(en.nextElement()); } } try { implies = total.implies(permission); } catch (java.lang.NullPointerException) { // return false instead of throwing the NullPointerException implies = false; } } return(implies); }
/** * Returns a {@code PermissionCollection} describing what permissions are * allowed for the specified {@code ProtectionDomain} (more specifically, * its {@code CodeSource}) based on the current security policy. * <p /> * Note that this method is not called for classes which are in the * system domain (i.e. system classes). System classes are always * given full permissions (i.e. AllPermission). This can not be changed by * installing a new policy. * * @param domain * the {@code ProtectionDomain} to compute the permissions for. * @return the permissions that are granted to the specified {@code * CodeSource}. */ public PermissionCollection getPermissions(ProtectionDomain domain) { Permissions permissions = new Permissions(); if (domain != null) { try { PermissionCollection cds = getPermissions(domain .getCodeSource()); if (cds != Policy.UNSUPPORTED_EMPTY_COLLECTION) { java.util.Enumeration <Permission> elements = cds.elements(); while (elements.hasMoreElements()) { permissions.add(elements.nextElement()); } } } catch (java.lang.NullPointerException) { // ignore the exception, just add nothing to the result set } PermissionCollection pds = domain.getPermissions(); if (pds != null) { java.util.Enumeration <Permission> pdElements = pds.elements(); while (pdElements.hasMoreElements()) { permissions.add(pdElements.nextElement()); } } } return(permissions); }
/* * Answers if the policy has granted a Permission to a * ProtectionDomain. * * @param domain - * the domain to check. * @param permission - * check whether this permission is granted to the specified * domain. * @return - true if the permission is granted to the domain. * */ protected internal abstract bool engineImplies(ProtectionDomain domain, Permission permission);
/* * Answers a PermissionCollection object containing the set of permissions * granted to the specified ProtectionDomain. * * The default implementation of this method returns * Policy.UNSUPPORTED_EMPTY_COLLECTION object. This method can be overridden * if the policy implementation can return a set of permissions granted to a * ProtectionDomain. * * @param domain - * the ProtectionDomain to which the returned * PermissionCollection has been granted. * @return a set of permissions granted to the specified ProtectionDomain. * If this operation is supported, the returned set of permissions * must be a new mutable instance and it must support heterogeneous * Permission types. If this operation is not supported, * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. */ protected internal PermissionCollection engineGetPermissions(ProtectionDomain domain) { return(Policy.UNSUPPORTED_EMPTY_COLLECTION); }
/** * Indicates whether the specified {@code Permission} is implied by the * {@code PermissionCollection} of the specified {@code ProtectionDomain}. * * @param domain * the {@code ProtectionDomain} for which the permission should * be granted. * @param permission * the {@code Permission} for which authorization is to be * verified. * @return {@code true} if the {@code Permission} is implied by the {@code * ProtectionDomain}, {@code false} otherwise. */ public bool implies(ProtectionDomain domain, Permission permission) { return(spiImpl == null?defaultImplies(domain, permission) : spiImpl .engineImplies(domain, permission)); }
/** * Answers a PermissionCollection object containing the set of permissions * granted to the specified ProtectionDomain. * * The default implementation of this method returns * Policy.UNSUPPORTED_EMPTY_COLLECTION object. This method can be overridden * if the policy implementation can return a set of permissions granted to a * ProtectionDomain. * * @param domain - * the ProtectionDomain to which the returned * PermissionCollection has been granted. * @return a set of permissions granted to the specified ProtectionDomain. * If this operation is supported, the returned set of permissions * must be a new mutable instance and it must support heterogeneous * Permission types. If this operation is not supported, * Policy.UNSUPPORTED_EMPTY_COLLECTION is returned. */ protected internal PermissionCollection engineGetPermissions(ProtectionDomain domain) { return Policy.UNSUPPORTED_EMPTY_COLLECTION; }
/** * Answers if the policy has granted a Permission to a * ProtectionDomain. * * @param domain - * the domain to check. * @param permission - * check whether this permission is granted to the specified * domain. * @return - true if the permission is granted to the domain. * */ protected internal abstract bool engineImplies(ProtectionDomain domain, Permission permission);