Class DatabasePermission
- java.lang.Object
-
- java.security.Permission
-
- org.apache.derby.security.DatabasePermission
-
- All Implemented Interfaces:
java.io.Serializable
,java.security.Guard
public final class DatabasePermission extends java.security.Permission
This class represents access to database-scoped privileges. An example of database-scoped privileges is the permission to create a database under a specified directory path.A DatabasePermission is defined by two string attributes, similar to a java.io.FilePermission:
- URL - a location description of or for a Derby database
- Actions - a list of granted administrative actions
- See Also:
DatabasePermission(String,String)
,SystemPermission
,FilePermission
, Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description private java.lang.String
actions
The actions of this permission, as returned bygetActions()
.static java.lang.String
CREATE
The create database permission.protected static java.util.List<java.lang.String>
LEGAL_ACTIONS
The legal database permission action names.private java.lang.String
parentPath
The parent directory of this permission's canonical directory path, or null if this permission's path does not have a parent directory.private java.lang.String
path
This permission's canonical directory path.private char
pathType
Indicates whether the path denotes an inclusive, recursive, wildcard, or single location.static char
URL_PATH_INCLUSIVE_CHAR
The path type character matching any database anywhere.static java.lang.String
URL_PATH_INCLUSIVE_STRING
The location text matching any database anywhere.static char
URL_PATH_RECURSIVE_CHAR
The wildcard character matching any database under a directory or its subdirectories.static java.lang.String
URL_PATH_RECURSIVE_STRING
static java.lang.String
URL_PATH_RECURSIVE_SUFFIX
static char
URL_PATH_RELATIVE_CHAR
The relative path character.static java.lang.String
URL_PATH_RELATIVE_PREFIX
static java.lang.String
URL_PATH_RELATIVE_STRING
static char
URL_PATH_SEPARATOR_CHAR
The URL file path separator character.static java.lang.String
URL_PATH_SEPARATOR_STRING
static char
URL_PATH_WILDCARD_CHAR
The wildcard character matching any database in a directory.static java.lang.String
URL_PATH_WILDCARD_STRING
static java.lang.String
URL_PATH_WILDCARD_SUFFIX
static java.lang.String
URL_PROTOCOL_DIRECTORY
The URL protocol scheme specifying a directory location.
-
Constructor Summary
Constructors Constructor Description DatabasePermission(java.lang.String url, java.lang.String actions)
Creates a new DatabasePermission with the specified URL and actions.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
equals(java.lang.Object obj)
Checks two DatabasePermission objects for equality.java.lang.String
getActions()
Returns the "canonical string representation" of the actions.int
hashCode()
Returns the hash code value for this object.boolean
implies(java.security.Permission p)
Checks if this DatabasePermission implies a specified permission.protected void
initActions(java.lang.String actions)
Parses the list of database actions.protected void
initLocation(java.lang.String url)
Parses the database location URL.private void
readObject(java.io.ObjectInputStream s)
Called upon Deserialization for restoring the state of this DatabasePermission from a stream.private void
writeObject(java.io.ObjectOutputStream s)
Called upon Serialization for saving the state of this DatabasePermission to a stream.
-
-
-
Field Detail
-
URL_PROTOCOL_DIRECTORY
public static final java.lang.String URL_PROTOCOL_DIRECTORY
The URL protocol scheme specifying a directory location.- See Also:
- Constant Field Values
-
URL_PATH_INCLUSIVE_STRING
public static final java.lang.String URL_PATH_INCLUSIVE_STRING
The location text matching any database anywhere.- See Also:
- Constant Field Values
-
URL_PATH_INCLUSIVE_CHAR
public static final char URL_PATH_INCLUSIVE_CHAR
The path type character matching any database anywhere.- See Also:
- Constant Field Values
-
URL_PATH_SEPARATOR_CHAR
public static final char URL_PATH_SEPARATOR_CHAR
The URL file path separator character.- See Also:
- Constant Field Values
-
URL_PATH_RELATIVE_CHAR
public static final char URL_PATH_RELATIVE_CHAR
The relative path character.- See Also:
- Constant Field Values
-
URL_PATH_WILDCARD_CHAR
public static final char URL_PATH_WILDCARD_CHAR
The wildcard character matching any database in a directory.- See Also:
- Constant Field Values
-
URL_PATH_RECURSIVE_CHAR
public static final char URL_PATH_RECURSIVE_CHAR
The wildcard character matching any database under a directory or its subdirectories.- See Also:
- Constant Field Values
-
URL_PATH_SEPARATOR_STRING
public static final java.lang.String URL_PATH_SEPARATOR_STRING
-
URL_PATH_RELATIVE_STRING
public static final java.lang.String URL_PATH_RELATIVE_STRING
-
URL_PATH_RELATIVE_PREFIX
public static final java.lang.String URL_PATH_RELATIVE_PREFIX
-
URL_PATH_WILDCARD_STRING
public static final java.lang.String URL_PATH_WILDCARD_STRING
-
URL_PATH_WILDCARD_SUFFIX
public static final java.lang.String URL_PATH_WILDCARD_SUFFIX
-
URL_PATH_RECURSIVE_STRING
public static final java.lang.String URL_PATH_RECURSIVE_STRING
-
URL_PATH_RECURSIVE_SUFFIX
public static final java.lang.String URL_PATH_RECURSIVE_SUFFIX
-
CREATE
public static final java.lang.String CREATE
The create database permission.- See Also:
- Constant Field Values
-
LEGAL_ACTIONS
protected static final java.util.List<java.lang.String> LEGAL_ACTIONS
The legal database permission action names.
-
actions
private java.lang.String actions
The actions of this permission, as returned bygetActions()
.
-
path
private transient java.lang.String path
This permission's canonical directory path. The path consists of a canonicalized form of the user-specified URL, stripped off the protocol specification and any recursive/wildcard characters, or"<<ALL FILES>>"
for the "anywhere" permission. The canonical path is used when testing permissions with implies(), where real directory locations, not just notational differences, ought to be compared. Analog to java.io.FilePermission, the canonical path is also used by equals() and hashCode() to support hashing and mapping of permissions by their real directory locations. Because canonical file paths are platform dependent, this field must not be serialized (hence transient) but be recomputed from the original URL upon deserialization.
-
parentPath
private transient java.lang.String parentPath
The parent directory of this permission's canonical directory path, or null if this permission's path does not have a parent directory. Because canonical file paths are platform dependent, this field must not be serialized (hence transient) but be recomputed from the original URL upon deserialization.
-
pathType
private transient char pathType
Indicates whether the path denotes an inclusive, recursive, wildcard, or single location. If the path denotes an inclusive, recursive or wildcard location, this field's value is URL_PATH_INCLUSIVE_CHAR, URL_PATH_RECURSIVE_CHAR, or URL_PATH_WILDCARD_CHAR, respectively; otherwise, it's URL_PATH_SEPARATOR_CHAR denoting a single location. This field gets recomputed upon deserialization.
-
-
Constructor Detail
-
DatabasePermission
public DatabasePermission(java.lang.String url, java.lang.String actions) throws java.io.IOException
Creates a new DatabasePermission with the specified URL and actions.actions contains a comma-separated list of the desired actions granted on a database. Currently, the only supported action is
create
.URL denotes a database location URL, which, at this time, must start with
directory:
followed by a directory pathname. Note that in a URL, the separator character is always "/" rather than the file separator of the operating-system. The directory path may be absolute or relative, in which case it is prefixed with the current user directory. In addition, similar to java.io.FilePermission, the directory pathname may end with a wildcard character to allow for arbitrarily named databases under a path:- "directory:location" - refers to a database called location,
- "directory:location/*" - matches any database in the directory location,
- "directory:location/-" - matches any database under location or its subdirectories.
- "directory:*" - matches any database in the user's current working directory.
- "directory:-" - matches any database under the user's current working directory or its subdirectories.
-
"directory:<<ALL FILES>>"
matches any database anywhere.
- Parameters:
url
- the database URLactions
- the action string- Throws:
java.lang.NullPointerException
- if an argument is nulljava.lang.IllegalArgumentException
- if an argument is not legaljava.io.IOException
- if the location URL cannot be canonicalized- See Also:
Permission(String)
,FilePermission(String,String)
-
-
Method Detail
-
initActions
protected void initActions(java.lang.String actions)
Parses the list of database actions.- Parameters:
actions
- the comma-separated action list- Throws:
java.lang.NullPointerException
- if actions is nulljava.lang.IllegalArgumentException
- if not a list of legal actions
-
initLocation
protected void initLocation(java.lang.String url) throws java.io.IOException
Parses the database location URL.- Parameters:
url
- the database URL- Throws:
java.lang.NullPointerException
- if the URL is nulljava.lang.IllegalArgumentException
- if the URL is not well-formedjava.io.IOException
- if the location URL cannot be canonicalized
-
implies
public boolean implies(java.security.Permission p)
Checks if this DatabasePermission implies a specified permission.This method returns true if:
- p is an instanceof DatabasePermission and
- p's directory pathname is implied by this object's pathname. For example, "/tmp/*" implies "/tmp/foo", since "/tmp/*" encompasses the "/tmp" directory and all files in that directory, including the one named "foo".
- Specified by:
implies
in classjava.security.Permission
- Parameters:
p
- the permission to check against- Returns:
- true if the specified permission is implied by this object, false if not
- See Also:
Permission.implies(Permission)
- p is an instanceof DatabasePermission and
-
equals
public boolean equals(java.lang.Object obj)
Checks two DatabasePermission objects for equality.Checks that obj is a DatabasePermission and has the same canonizalized URL and actions as this object.
- Specified by:
equals
in classjava.security.Permission
- Parameters:
obj
- the object we are testing for equality with this object- Returns:
- true if obj is a DatabasePermission, and has the same URL and actions as this DatabasePermission object, false if not
- See Also:
Permission.equals(Object)
-
hashCode
public int hashCode()
Returns the hash code value for this object.- Specified by:
hashCode
in classjava.security.Permission
- Returns:
- a hash code value for this object
- See Also:
Permission.hashCode()
-
getActions
public java.lang.String getActions()
Returns the "canonical string representation" of the actions.- Specified by:
getActions
in classjava.security.Permission
- Returns:
- the canonical string representation of the actions
- See Also:
Permission.getActions()
-
writeObject
private void writeObject(java.io.ObjectOutputStream s) throws java.io.IOException
Called upon Serialization for saving the state of this DatabasePermission to a stream.- Throws:
java.io.IOException
-
readObject
private void readObject(java.io.ObjectInputStream s) throws java.io.IOException, java.lang.ClassNotFoundException
Called upon Deserialization for restoring the state of this DatabasePermission from a stream.- Throws:
java.io.IOException
java.lang.ClassNotFoundException
-
-