001/* ProtectionDomain.java -- A security domain
002   Copyright (C) 1998, 2003, 2004  Free Software Foundation, Inc.
003
004This file is part of GNU Classpath.
005
006GNU Classpath is free software; you can redistribute it and/or modify
007it under the terms of the GNU General Public License as published by
008the Free Software Foundation; either version 2, or (at your option)
009any later version.
010
011GNU Classpath is distributed in the hope that it will be useful, but
012WITHOUT ANY WARRANTY; without even the implied warranty of
013MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014General Public License for more details.
015
016You should have received a copy of the GNU General Public License
017along with GNU Classpath; see the file COPYING.  If not, write to the
018Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
01902110-1301 USA.
020
021Linking this library statically or dynamically with other modules is
022making a combined work based on this library.  Thus, the terms and
023conditions of the GNU General Public License cover the whole
024combination.
025
026As a special exception, the copyright holders of this library give you
027permission to link this library with independent modules to produce an
028executable, regardless of the license terms of these independent
029modules, and to copy and distribute the resulting executable under
030terms of your choice, provided that you also meet, for each linked
031independent module, the terms and conditions of the license of that
032module.  An independent module is a module which is not derived from
033or based on this library.  If you modify this library, you may extend
034this exception to your version of the library, but you are not
035obligated to do so.  If you do not wish to do so, delete this
036exception statement from your version. */
037
038package java.security;
039
040import gnu.classpath.SystemProperties;
041
042import gnu.java.lang.CPStringBuilder;
043
044/**
045 * This class represents a group of classes, along with their granted
046 * permissions. The classes are identified by a {@link CodeSource}. Thus, any
047 * class loaded from the specified {@link CodeSource} is treated as part of
048 * this domain. The set of permissions is represented by an instance of
049 * {@link PermissionCollection}.
050 * 
051 * <p>Every class in the system will belong to one and only one
052 * <code>ProtectionDomain</code>.</p>
053 *
054 * @author Aaron M. Renn (arenn@urbanophile.com)
055 * @version 0.0
056 */
057public class ProtectionDomain
058{
059  /** This is the <code>CodeSource</code> for this protection domain. */
060  private CodeSource code_source;
061
062  /** This is the set of permissions granted to this domain. */
063  private PermissionCollection perms;
064
065  /** The {@link ClassLoader} associated with this domain. */
066  private ClassLoader classloader;
067
068  /** The array of Principals associated with this domain.. */
069  private Principal[] principals;
070
071  /** Post 1.4 the policy may be refreshed! use false for pre 1.4. */
072  private boolean staticBinding;
073
074  /**
075   * Initializes a new instance of <code>ProtectionDomain</code> representing
076   * the specified {@link CodeSource} and set of permissions. No permissions
077   * can be added later to the {@link PermissionCollection} and this contructor
078   * will call the <code>setReadOnly</code> method on the specified set of
079   * permissions.
080   * 
081   * @param codesource
082   *          The {@link CodeSource} for this domain.
083   * @param permissions
084   *          The set of permissions for this domain.
085   * @see PermissionCollection#setReadOnly()
086   */
087  public ProtectionDomain(CodeSource codesource, PermissionCollection permissions)
088  {
089    this(codesource, permissions, null, null, true);
090  }
091
092  /**
093   * This method initializes a new instance of <code>ProtectionDomain</code>
094   * given its {@link CodeSource}, granted permissions, associated
095   * {@link ClassLoader} and {@link Principal}s.
096   * 
097   * <p>Similar to the previous constructor, if the designated set of
098   * permissions is not <code>null</code>, the <code>setReadOnly</code> method
099   * is called on that set.</p>
100   * 
101   * @param codesource
102   *          The {@link CodeSource} for this domain.
103   * @param permissions
104   *          The permission set for this domain.
105   * @param classloader
106   *          the ClassLoader associated with this domain.
107   * @param principals
108   *          the array of {@link Principal}s associated with this domain.
109   * @since 1.4
110   * @see PermissionCollection#setReadOnly()
111   */
112  public ProtectionDomain(CodeSource codesource,
113                          PermissionCollection permissions,
114                          ClassLoader classloader, Principal[] principals)
115  {
116    this(codesource, permissions, classloader, principals, false);
117  }
118
119  private ProtectionDomain(CodeSource codesource,
120                           PermissionCollection permissions,
121                           ClassLoader classloader, Principal[] principals,
122                           boolean staticBinding)
123  {
124    super();
125
126    code_source = codesource;
127    if (permissions != null)
128      {
129        perms = permissions;
130        perms.setReadOnly();
131      }
132
133    this.classloader = classloader;
134    this.principals =
135        (principals != null ? (Principal[]) principals.clone() : new Principal[0]);
136    this.staticBinding = staticBinding;
137  }
138
139  /**
140   * Returns the {@link CodeSource} of this domain.
141   * 
142   * @return the {@link CodeSource} of this domain.
143   * @since 1.2
144   */
145  public final CodeSource getCodeSource()
146  {
147    return code_source;
148  }
149
150  /**
151   * Returns the {@link ClassLoader} of this domain.
152   * 
153   * @return the {@link ClassLoader} of this domain.
154   * @since 1.4
155   */
156  public final ClassLoader getClassLoader()
157  {
158    return this.classloader;
159  }
160
161  /**
162   * Returns a clone of the {@link Principal}s of this domain.
163   * 
164   * @return a clone of the {@link Principal}s of this domain.
165   * @since 1.4
166   */
167  public final Principal[] getPrincipals()
168  {
169    return (Principal[]) principals.clone();
170  }
171
172  /**
173   * Returns the {@link PermissionCollection} of this domain.
174   * 
175   * @return The {@link PermissionCollection} of this domain.
176   */
177  public final PermissionCollection getPermissions()
178  {
179    return perms;
180  }
181
182  /**
183   * Tests whether or not the specified {@link Permission} is implied by the
184   * set of permissions granted to this domain.
185   * 
186   * @param permission
187   *          the {@link Permission} to test.
188   * @return <code>true</code> if the specified {@link Permission} is implied
189   *         for this domain, <code>false</code> otherwise.
190   */
191  public boolean implies(Permission permission)
192  {
193    if (staticBinding)
194      return (perms == null ? false : perms.implies(permission));
195    // Else dynamically bound.  Do we have it?
196    // NOTE: this will force loading of Policy.currentPolicy
197    return Policy.getCurrentPolicy().implies(this, permission);
198  }
199
200  /**
201   * Returns a string representation of this object. It will include the
202   * {@link CodeSource} and set of permissions associated with this domain.
203   * 
204   * @return A string representation of this object.
205   */
206  public String toString()
207  {
208    String linesep = SystemProperties.getProperty("line.separator");
209    CPStringBuilder sb = new CPStringBuilder("ProtectionDomain (").append(linesep);
210
211    if (code_source == null)
212      sb.append("CodeSource:null");
213    else
214      sb.append(code_source);
215
216    sb.append(linesep);
217    if (classloader == null)
218      sb.append("ClassLoader:null");
219    else
220      sb.append(classloader);
221
222    sb.append(linesep);
223    sb.append("Principals:");
224    if (principals != null && principals.length > 0)
225      {
226        sb.append("[");
227        Principal pal;
228        for (int i = 0; i < principals.length; i++)
229          {
230            pal = principals[i];
231            sb.append("'").append(pal.getName())
232                .append("' of type ").append(pal.getClass().getName());
233            if (i < principals.length-1)
234              sb.append(", ");
235          }
236        sb.append("]");
237      }
238    else
239      sb.append("none");
240
241    sb.append(linesep);
242    if (!staticBinding) // include all but dont force loading Policy.currentPolicy
243      if (Policy.isLoaded())
244        sb.append(Policy.getCurrentPolicy().getPermissions(this));
245      else // fallback on this one's permissions
246        sb.append(perms);
247    else
248      sb.append(perms);
249
250    return sb.append(linesep).append(")").append(linesep).toString();
251  }
252}