public final class SecurityAdmin extends Object implements PermissionAdmin, ConditionalPermissionAdmin
Constructor and Description |
---|
SecurityAdmin(EquinoxSecurityManager supportedSecurityManager,
Framework framework,
PermissionStorage permissionStorage) |
Modifier and Type | Method and Description |
---|---|
ConditionalPermissionInfo |
addConditionalPermissionInfo(ConditionInfo[] conds,
PermissionInfo[] perms)
Deprecated.
|
void |
clearCaches() |
BundleProtectionDomain |
createProtectionDomain(Bundle bundle) |
AccessControlContext |
getAccessControlContext(String[] signers)
Returns the Access Control Context that corresponds to the specified
signers.
|
ConditionalPermissionInfo |
getConditionalPermissionInfo(String name)
Deprecated.
|
Enumeration<ConditionalPermissionInfo> |
getConditionalPermissionInfos()
Deprecated.
|
PermissionInfo[] |
getDefaultPermissions()
Gets the default permissions.
|
String[] |
getLocations()
Returns the bundle locations that have permissions assigned to them, that
is, bundle locations for which an entry exists in the permission table.
|
PermissionInfo[] |
getPermissions(String location)
Gets the permissions assigned to the bundle with the specified location.
|
ConditionalPermissionInfo |
newConditionalPermissionInfo(String encoded)
Creates a new
ConditionalPermissionInfo from the specified
encoded ConditionalPermissionInfo string suitable for insertion
into a ConditionalPermissionUpdate . |
ConditionalPermissionInfo |
newConditionalPermissionInfo(String name,
ConditionInfo[] conditions,
PermissionInfo[] permissions,
String decision)
Creates a new ConditionalPermissionInfo with the specified fields
suitable for insertion into a
ConditionalPermissionUpdate . |
ConditionalPermissionUpdate |
newConditionalPermissionUpdate()
Creates a new update for the Conditional Permission Table.
|
ConditionalPermissionInfo |
setConditionalPermissionInfo(String name,
ConditionInfo[] conds,
PermissionInfo[] perms)
Deprecated.
|
void |
setDefaultPermissions(PermissionInfo[] permissions)
Sets the default permissions.
|
void |
setPermissions(String location,
PermissionInfo[] permissions)
Assigns the specified permissions to the bundle with the specified
location.
|
public SecurityAdmin(EquinoxSecurityManager supportedSecurityManager, Framework framework, PermissionStorage permissionStorage) throws IOException
IOException
public PermissionInfo[] getDefaultPermissions()
PermissionAdmin
These are the permissions granted to any bundle that does not have permissions assigned to its location.
getDefaultPermissions
in interface PermissionAdmin
null
if no default
permissions are set.public String[] getLocations()
PermissionAdmin
getLocations
in interface PermissionAdmin
null
if the permission table is empty.public PermissionInfo[] getPermissions(String location)
PermissionAdmin
getPermissions
in interface PermissionAdmin
location
- The location of the bundle whose permissions are to be
returned.null
if that bundle has not been assigned
any permissions.public void setDefaultPermissions(PermissionInfo[] permissions)
PermissionAdmin
These are the permissions granted to any bundle that does not have permissions assigned to its location.
setDefaultPermissions
in interface PermissionAdmin
permissions
- The default permissions, or null
if the
default permissions are to be removed from the permission table.public void setPermissions(String location, PermissionInfo[] permissions)
PermissionAdmin
setPermissions
in interface PermissionAdmin
location
- The location of the bundle that will be assigned the
permissions.permissions
- The permissions to be assigned, or null
if the
specified location is to be removed from the permission table.public ConditionalPermissionInfo addConditionalPermissionInfo(ConditionInfo[] conds, PermissionInfo[] perms)
ConditionalPermissionAdmin
The Conditional Permission Info will be given a unique, never reused
name. This entry will be added at the beginning of the Conditional
Permission Table with an access decision of
ALLOW
.
Since this method changes the Conditional Permission Table any
ConditionalPermissionUpdate
s that were created prior to calling
this method can no longer be committed.
addConditionalPermissionInfo
in interface ConditionalPermissionAdmin
conds
- The conditions that need to be satisfied to enable the
specified permissions. This argument can be null
or an
empty array indicating the specified permissions are not guarded
by any conditions.perms
- The permissions that are enabled when the specified
conditions, if any, are satisfied. This argument must not be
null
and must specify at least one permission.public ConditionalPermissionInfo newConditionalPermissionInfo(String name, ConditionInfo[] conditions, PermissionInfo[] permissions, String decision)
ConditionalPermissionAdmin
ConditionalPermissionUpdate
. The
delete
method on ConditionalPermissionInfo
objects
created with this method must throw UnsupportedOperationException.newConditionalPermissionInfo
in interface ConditionalPermissionAdmin
name
- The name of the created ConditionalPermissionInfo
or
null
to have a unique name generated when the returned
ConditionalPermissionInfo
is committed in an update to the
Conditional Permission Table.conditions
- The conditions that need to be satisfied to enable the
specified permissions. This argument can be null
or an
empty array indicating the specified permissions are not guarded
by any conditions.permissions
- The permissions that are enabled when the specified
conditions, if any, are satisfied. This argument must not be
null
and must specify at least one permission.decision
- Access decision. Must be one of the following values:
The specified access decision value must be evaluated case
insensitively.ConditionalPermissionInfo
object suitable for insertion
into a ConditionalPermissionUpdate
.public ConditionalPermissionInfo newConditionalPermissionInfo(String encoded)
ConditionalPermissionAdmin
ConditionalPermissionInfo
from the specified
encoded ConditionalPermissionInfo
string suitable for insertion
into a ConditionalPermissionUpdate
. The delete
method on
ConditionalPermissionInfo
objects created with this method must
throw UnsupportedOperationException.newConditionalPermissionInfo
in interface ConditionalPermissionAdmin
encoded
- The encoded
ConditionalPermissionInfo
. White space in the encoded
ConditionalPermissionInfo
is ignored. The access decision
value in the encoded ConditionalPermissionInfo
must be
evaluated case insensitively. If the encoded
ConditionalPermissionInfo
does not contain the optional
name, null
must be used for the name and a unique name
will be generated when the returned
ConditionalPermissionInfo
is committed in an update to the
Conditional Permission Table.ConditionalPermissionInfo
object suitable for insertion
into a ConditionalPermissionUpdate
.ConditionalPermissionInfo.getEncoded()
public ConditionalPermissionUpdate newConditionalPermissionUpdate()
ConditionalPermissionAdmin
newConditionalPermissionUpdate
in interface ConditionalPermissionAdmin
public AccessControlContext getAccessControlContext(String[] signers)
ConditionalPermissionAdmin
IllegalStateException
because the
state is UNINSTALLEDnull
getAccessControlContext
in interface ConditionalPermissionAdmin
signers
- The signers for which to return an Access Control Context.AccessControlContext
that has the Permissions
associated with the signer.public ConditionalPermissionInfo getConditionalPermissionInfo(String name)
ConditionalPermissionAdmin
getConditionalPermissionInfo
in interface ConditionalPermissionAdmin
name
- The name of the Conditional Permission Info to be returned.null
if no Conditional Permission Info with the specified
name exists in the Conditional Permission Table.public Enumeration<ConditionalPermissionInfo> getConditionalPermissionInfos()
ConditionalPermissionAdmin
The returned Enumeration will return elements in the order they are kept in the Conditional Permission Table.
The Enumeration returned is based on a copy of the Conditional Permission Table and therefore will not throw exceptions if the Conditional Permission Table is changed during the course of reading elements from the Enumeration.
getConditionalPermissionInfos
in interface ConditionalPermissionAdmin
public ConditionalPermissionInfo setConditionalPermissionInfo(String name, ConditionInfo[] conds, PermissionInfo[] perms)
ConditionalPermissionAdmin
If the specified name is null
, a new Conditional Permission Info
must be created and will be given a unique, never reused name. If there
is currently no Conditional Permission Info with the specified name, a
new Conditional Permission Info must be created with the specified name.
Otherwise, the Conditional Permission Info with the specified name must
be updated with the specified Conditions and Permissions. If a new entry
was created in the Conditional Permission Table it will be added at the
beginning of the table with an access decision of
ALLOW
.
Since this method changes the underlying permission table any
ConditionalPermissionUpdate
s that were created prior to calling
this method can no longer be committed.
setConditionalPermissionInfo
in interface ConditionalPermissionAdmin
name
- The name of the Conditional Permission Info, or null
.conds
- The conditions that need to be satisfied to enable the
specified permissions. This argument can be null
or an
empty array indicating the specified permissions are not guarded
by any conditions.perms
- The permissions that are enabled when the specified
conditions, if any, are satisfied. This argument must not be
null
and must specify at least one permission.public BundleProtectionDomain createProtectionDomain(Bundle bundle)
public void clearCaches()
Copyright © 2007–2018 The Apache Software Foundation. All rights reserved.