001    /* ProtectionDomain.java -- A security domain
002       Copyright (C) 1998, 2003, 2004  Free Software Foundation, Inc.
003    
004    This file is part of GNU Classpath.
005    
006    GNU Classpath is free software; you can redistribute it and/or modify
007    it under the terms of the GNU General Public License as published by
008    the Free Software Foundation; either version 2, or (at your option)
009    any later version.
010    
011    GNU Classpath is distributed in the hope that it will be useful, but
012    WITHOUT ANY WARRANTY; without even the implied warranty of
013    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014    General Public License for more details.
015    
016    You should have received a copy of the GNU General Public License
017    along with GNU Classpath; see the file COPYING.  If not, write to the
018    Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
019    02110-1301 USA.
020    
021    Linking this library statically or dynamically with other modules is
022    making a combined work based on this library.  Thus, the terms and
023    conditions of the GNU General Public License cover the whole
024    combination.
025    
026    As a special exception, the copyright holders of this library give you
027    permission to link this library with independent modules to produce an
028    executable, regardless of the license terms of these independent
029    modules, and to copy and distribute the resulting executable under
030    terms of your choice, provided that you also meet, for each linked
031    independent module, the terms and conditions of the license of that
032    module.  An independent module is a module which is not derived from
033    or based on this library.  If you modify this library, you may extend
034    this exception to your version of the library, but you are not
035    obligated to do so.  If you do not wish to do so, delete this
036    exception statement from your version. */
037    
038    package java.security;
039    
040    import gnu.classpath.SystemProperties;
041    
042    import gnu.java.lang.CPStringBuilder;
043    
044    /**
045     * This class represents a group of classes, along with their granted
046     * permissions. The classes are identified by a {@link CodeSource}. Thus, any
047     * class loaded from the specified {@link CodeSource} is treated as part of
048     * this domain. The set of permissions is represented by an instance of
049     * {@link PermissionCollection}.
050     *
051     * <p>Every class in the system will belong to one and only one
052     * <code>ProtectionDomain</code>.</p>
053     *
054     * @author Aaron M. Renn (arenn@urbanophile.com)
055     * @version 0.0
056     */
057    public class ProtectionDomain
058    {
059      /** This is the <code>CodeSource</code> for this protection domain. */
060      private CodeSource code_source;
061    
062      /** This is the set of permissions granted to this domain. */
063      private PermissionCollection perms;
064    
065      /** The {@link ClassLoader} associated with this domain. */
066      private ClassLoader classloader;
067    
068      /** The array of Principals associated with this domain.. */
069      private Principal[] principals;
070    
071      /** Post 1.4 the policy may be refreshed! use false for pre 1.4. */
072      private boolean staticBinding;
073    
074      /**
075       * Initializes a new instance of <code>ProtectionDomain</code> representing
076       * the specified {@link CodeSource} and set of permissions. No permissions
077       * can be added later to the {@link PermissionCollection} and this contructor
078       * will call the <code>setReadOnly</code> method on the specified set of
079       * permissions.
080       *
081       * @param codesource
082       *          The {@link CodeSource} for this domain.
083       * @param permissions
084       *          The set of permissions for this domain.
085       * @see PermissionCollection#setReadOnly()
086       */
087      public ProtectionDomain(CodeSource codesource, PermissionCollection permissions)
088      {
089        this(codesource, permissions, null, null, true);
090      }
091    
092      /**
093       * This method initializes a new instance of <code>ProtectionDomain</code>
094       * given its {@link CodeSource}, granted permissions, associated
095       * {@link ClassLoader} and {@link Principal}s.
096       *
097       * <p>Similar to the previous constructor, if the designated set of
098       * permissions is not <code>null</code>, the <code>setReadOnly</code> method
099       * is called on that set.</p>
100       *
101       * @param codesource
102       *          The {@link CodeSource} for this domain.
103       * @param permissions
104       *          The permission set for this domain.
105       * @param classloader
106       *          the ClassLoader associated with this domain.
107       * @param principals
108       *          the array of {@link Principal}s associated with this domain.
109       * @since 1.4
110       * @see PermissionCollection#setReadOnly()
111       */
112      public ProtectionDomain(CodeSource codesource,
113                              PermissionCollection permissions,
114                              ClassLoader classloader, Principal[] principals)
115      {
116        this(codesource, permissions, classloader, principals, false);
117      }
118    
119      private ProtectionDomain(CodeSource codesource,
120                               PermissionCollection permissions,
121                               ClassLoader classloader, Principal[] principals,
122                               boolean staticBinding)
123      {
124        super();
125    
126        code_source = codesource;
127        if (permissions != null)
128          {
129            perms = permissions;
130            perms.setReadOnly();
131          }
132    
133        this.classloader = classloader;
134        this.principals =
135            (principals != null ? (Principal[]) principals.clone() : new Principal[0]);
136        this.staticBinding = staticBinding;
137      }
138    
139      /**
140       * Returns the {@link CodeSource} of this domain.
141       *
142       * @return the {@link CodeSource} of this domain.
143       * @since 1.2
144       */
145      public final CodeSource getCodeSource()
146      {
147        return code_source;
148      }
149    
150      /**
151       * Returns the {@link ClassLoader} of this domain.
152       *
153       * @return the {@link ClassLoader} of this domain.
154       * @since 1.4
155       */
156      public final ClassLoader getClassLoader()
157      {
158        return this.classloader;
159      }
160    
161      /**
162       * Returns a clone of the {@link Principal}s of this domain.
163       *
164       * @return a clone of the {@link Principal}s of this domain.
165       * @since 1.4
166       */
167      public final Principal[] getPrincipals()
168      {
169        return (Principal[]) principals.clone();
170      }
171    
172      /**
173       * Returns the {@link PermissionCollection} of this domain.
174       *
175       * @return The {@link PermissionCollection} of this domain.
176       */
177      public final PermissionCollection getPermissions()
178      {
179        return perms;
180      }
181    
182      /**
183       * Tests whether or not the specified {@link Permission} is implied by the
184       * set of permissions granted to this domain.
185       *
186       * @param permission
187       *          the {@link Permission} to test.
188       * @return <code>true</code> if the specified {@link Permission} is implied
189       *         for this domain, <code>false</code> otherwise.
190       */
191      public boolean implies(Permission permission)
192      {
193        if (staticBinding)
194          return (perms == null ? false : perms.implies(permission));
195        // Else dynamically bound.  Do we have it?
196        // NOTE: this will force loading of Policy.currentPolicy
197        return Policy.getCurrentPolicy().implies(this, permission);
198      }
199    
200      /**
201       * Returns a string representation of this object. It will include the
202       * {@link CodeSource} and set of permissions associated with this domain.
203       *
204       * @return A string representation of this object.
205       */
206      public String toString()
207      {
208        String linesep = SystemProperties.getProperty("line.separator");
209        CPStringBuilder sb = new CPStringBuilder("ProtectionDomain (").append(linesep);
210    
211        if (code_source == null)
212          sb.append("CodeSource:null");
213        else
214          sb.append(code_source);
215    
216        sb.append(linesep);
217        if (classloader == null)
218          sb.append("ClassLoader:null");
219        else
220          sb.append(classloader);
221    
222        sb.append(linesep);
223        sb.append("Principals:");
224        if (principals != null && principals.length > 0)
225          {
226            sb.append("[");
227            Principal pal;
228            for (int i = 0; i < principals.length; i++)
229              {
230                pal = principals[i];
231                sb.append("'").append(pal.getName())
232                    .append("' of type ").append(pal.getClass().getName());
233                if (i < principals.length-1)
234                  sb.append(", ");
235              }
236            sb.append("]");
237          }
238        else
239          sb.append("none");
240    
241        sb.append(linesep);
242        if (!staticBinding) // include all but dont force loading Policy.currentPolicy
243          if (Policy.isLoaded())
244            sb.append(Policy.getCurrentPolicy().getPermissions(this));
245          else // fallback on this one's permissions
246            sb.append(perms);
247        else
248          sb.append(perms);
249    
250        return sb.append(linesep).append(")").append(linesep).toString();
251      }
252    }