Class DatabasePermission

  • All Implemented Interfaces:
    java.io.Serializable, java.security.Guard

    public final class DatabasePermission
    extends java.security.Permission
    This class represents access to database-scoped privileges. An example of database-scoped privileges is the permission to create a database under a specified directory path.

    A DatabasePermission is defined by two string attributes, similar to a java.io.FilePermission:

    • URL - a location description of or for a Derby database
    • Actions - a list of granted administrative actions
    The database location URL may contain certain wildcard characters. The currently only supported database action is create.
    See Also:
    DatabasePermission(String,String), SystemPermission, FilePermission, Serialized Form
    • Constructor Summary

      Constructors 
      Constructor Description
      DatabasePermission​(java.lang.String url, java.lang.String actions)
      Creates a new DatabasePermission with the specified URL and actions.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean equals​(java.lang.Object obj)
      Checks two DatabasePermission objects for equality.
      java.lang.String getActions()
      Returns the "canonical string representation" of the actions.
      int hashCode()
      Returns the hash code value for this object.
      boolean implies​(java.security.Permission p)
      Checks if this DatabasePermission implies a specified permission.
      protected void initActions​(java.lang.String actions)
      Parses the list of database actions.
      protected void initLocation​(java.lang.String url)
      Parses the database location URL.
      private void readObject​(java.io.ObjectInputStream s)
      Called upon Deserialization for restoring the state of this DatabasePermission from a stream.
      private void writeObject​(java.io.ObjectOutputStream s)
      Called upon Serialization for saving the state of this DatabasePermission to a stream.
      • Methods inherited from class java.security.Permission

        checkGuard, getName, newPermissionCollection, toString
      • Methods inherited from class java.lang.Object

        clone, finalize, getClass, notify, notifyAll, wait, wait, wait
    • Field Detail

      • URL_PROTOCOL_DIRECTORY

        public static final java.lang.String URL_PROTOCOL_DIRECTORY
        The URL protocol scheme specifying a directory location.
        See Also:
        Constant Field Values
      • URL_PATH_INCLUSIVE_STRING

        public static final java.lang.String URL_PATH_INCLUSIVE_STRING
        The location text matching any database anywhere.
        See Also:
        Constant Field Values
      • URL_PATH_INCLUSIVE_CHAR

        public static final char URL_PATH_INCLUSIVE_CHAR
        The path type character matching any database anywhere.
        See Also:
        Constant Field Values
      • URL_PATH_SEPARATOR_CHAR

        public static final char URL_PATH_SEPARATOR_CHAR
        The URL file path separator character.
        See Also:
        Constant Field Values
      • URL_PATH_RELATIVE_CHAR

        public static final char URL_PATH_RELATIVE_CHAR
        The relative path character.
        See Also:
        Constant Field Values
      • URL_PATH_WILDCARD_CHAR

        public static final char URL_PATH_WILDCARD_CHAR
        The wildcard character matching any database in a directory.
        See Also:
        Constant Field Values
      • URL_PATH_RECURSIVE_CHAR

        public static final char URL_PATH_RECURSIVE_CHAR
        The wildcard character matching any database under a directory or its subdirectories.
        See Also:
        Constant Field Values
      • URL_PATH_SEPARATOR_STRING

        public static final java.lang.String URL_PATH_SEPARATOR_STRING
      • URL_PATH_RELATIVE_STRING

        public static final java.lang.String URL_PATH_RELATIVE_STRING
      • URL_PATH_RELATIVE_PREFIX

        public static final java.lang.String URL_PATH_RELATIVE_PREFIX
      • URL_PATH_WILDCARD_STRING

        public static final java.lang.String URL_PATH_WILDCARD_STRING
      • URL_PATH_WILDCARD_SUFFIX

        public static final java.lang.String URL_PATH_WILDCARD_SUFFIX
      • URL_PATH_RECURSIVE_STRING

        public static final java.lang.String URL_PATH_RECURSIVE_STRING
      • URL_PATH_RECURSIVE_SUFFIX

        public static final java.lang.String URL_PATH_RECURSIVE_SUFFIX
      • CREATE

        public static final java.lang.String CREATE
        The create database permission.
        See Also:
        Constant Field Values
      • LEGAL_ACTIONS

        protected static final java.util.List<java.lang.String> LEGAL_ACTIONS
        The legal database permission action names.
      • actions

        private java.lang.String actions
        The actions of this permission, as returned by getActions().
      • path

        private transient java.lang.String path
        This permission's canonical directory path. The path consists of a canonicalized form of the user-specified URL, stripped off the protocol specification and any recursive/wildcard characters, or "<<ALL FILES>>" for the "anywhere" permission. The canonical path is used when testing permissions with implies(), where real directory locations, not just notational differences, ought to be compared. Analog to java.io.FilePermission, the canonical path is also used by equals() and hashCode() to support hashing and mapping of permissions by their real directory locations. Because canonical file paths are platform dependent, this field must not be serialized (hence transient) but be recomputed from the original URL upon deserialization.
      • parentPath

        private transient java.lang.String parentPath
        The parent directory of this permission's canonical directory path, or null if this permission's path does not have a parent directory. Because canonical file paths are platform dependent, this field must not be serialized (hence transient) but be recomputed from the original URL upon deserialization.
      • pathType

        private transient char pathType
        Indicates whether the path denotes an inclusive, recursive, wildcard, or single location. If the path denotes an inclusive, recursive or wildcard location, this field's value is URL_PATH_INCLUSIVE_CHAR, URL_PATH_RECURSIVE_CHAR, or URL_PATH_WILDCARD_CHAR, respectively; otherwise, it's URL_PATH_SEPARATOR_CHAR denoting a single location. This field gets recomputed upon deserialization.
    • Constructor Detail

      • DatabasePermission

        public DatabasePermission​(java.lang.String url,
                                  java.lang.String actions)
                           throws java.io.IOException
        Creates a new DatabasePermission with the specified URL and actions.

        actions contains a comma-separated list of the desired actions granted on a database. Currently, the only supported action is create.

        URL denotes a database location URL, which, at this time, must start with directory: followed by a directory pathname. Note that in a URL, the separator character is always "/" rather than the file separator of the operating-system. The directory path may be absolute or relative, in which case it is prefixed with the current user directory. In addition, similar to java.io.FilePermission, the directory pathname may end with a wildcard character to allow for arbitrarily named databases under a path:

        • "directory:location" - refers to a database called location,
        • "directory:location/*" - matches any database in the directory location,
        • "directory:location/-" - matches any database under location or its subdirectories.
        • "directory:*" - matches any database in the user's current working directory.
        • "directory:-" - matches any database under the user's current working directory or its subdirectories.
        • "directory:<<ALL FILES>>" matches any database anywhere.
        Parameters:
        url - the database URL
        actions - the action string
        Throws:
        java.lang.NullPointerException - if an argument is null
        java.lang.IllegalArgumentException - if an argument is not legal
        java.io.IOException - if the location URL cannot be canonicalized
        See Also:
        Permission(String), FilePermission(String,String)
    • Method Detail

      • initActions

        protected void initActions​(java.lang.String actions)
        Parses the list of database actions.
        Parameters:
        actions - the comma-separated action list
        Throws:
        java.lang.NullPointerException - if actions is null
        java.lang.IllegalArgumentException - if not a list of legal actions
      • initLocation

        protected void initLocation​(java.lang.String url)
                             throws java.io.IOException
        Parses the database location URL.
        Parameters:
        url - the database URL
        Throws:
        java.lang.NullPointerException - if the URL is null
        java.lang.IllegalArgumentException - if the URL is not well-formed
        java.io.IOException - if the location URL cannot be canonicalized
      • implies

        public boolean implies​(java.security.Permission p)
        Checks if this DatabasePermission implies a specified permission.

        This method returns true if:

        • p is an instanceof DatabasePermission and

        • p's directory pathname is implied by this object's pathname. For example, "/tmp/*" implies "/tmp/foo", since "/tmp/*" encompasses the "/tmp" directory and all files in that directory, including the one named "foo".
        Specified by:
        implies in class java.security.Permission
        Parameters:
        p - the permission to check against
        Returns:
        true if the specified permission is implied by this object, false if not
        See Also:
        Permission.implies(Permission)
      • equals

        public boolean equals​(java.lang.Object obj)
        Checks two DatabasePermission objects for equality.

        Checks that obj is a DatabasePermission and has the same canonizalized URL and actions as this object.

        Specified by:
        equals in class java.security.Permission
        Parameters:
        obj - the object we are testing for equality with this object
        Returns:
        true if obj is a DatabasePermission, and has the same URL and actions as this DatabasePermission object, false if not
        See Also:
        Permission.equals(Object)
      • hashCode

        public int hashCode()
        Returns the hash code value for this object.
        Specified by:
        hashCode in class java.security.Permission
        Returns:
        a hash code value for this object
        See Also:
        Permission.hashCode()
      • getActions

        public java.lang.String getActions()
        Returns the "canonical string representation" of the actions.
        Specified by:
        getActions in class java.security.Permission
        Returns:
        the canonical string representation of the actions
        See Also:
        Permission.getActions()
      • writeObject

        private void writeObject​(java.io.ObjectOutputStream s)
                          throws java.io.IOException
        Called upon Serialization for saving the state of this DatabasePermission to a stream.
        Throws:
        java.io.IOException
      • readObject

        private void readObject​(java.io.ObjectInputStream s)
                         throws java.io.IOException,
                                java.lang.ClassNotFoundException
        Called upon Deserialization for restoring the state of this DatabasePermission from a stream.
        Throws:
        java.io.IOException
        java.lang.ClassNotFoundException