org.osgi.framework
Class AdminPermission

java.lang.Object
  java.security.Permission
      java.security.BasicPermission
          org.osgi.framework.AdminPermission

All Implemented Interfaces:

java.security.Guard, java.io.Serializable

public final class AdminPermission

extends java.security.BasicPermission

A bundle's authority to perform specific privileged administrative operations on or to get sensitive information about a bundle. The actions for this permission are:

   Action               Methods
   class                Bundle.loadClass
   execute              Bundle.start
                        Bundle.stop
                        StartLevel.setBundleStartLevel
   extensionLifecycle   BundleContext.installBundle for extension bundles
                        Bundle.update for extension bundles
                        Bundle.uninstall for extension bundles
   lifecycle            BundleContext.installBundle
                        Bundle.update
                        Bundle.uninstall
   listener             BundleContext.addBundleListener for SynchronousBundleListener
                        BundleContext.removeBundleListener for SynchronousBundleListener
   metadata             Bundle.getHeaders
                        Bundle.getLocation
   resolve              PackageAdmin.refreshPackages
                        PackageAdmin.resolveBundles
   resource             Bundle.getResource
                        Bundle.getResources
                        Bundle.getEntry
                        Bundle.getEntryPaths
                        Bundle.findEntries
                        Bundle resource/entry URL creation
   startlevel           StartLevel.setStartLevel
                        StartLevel.setInitialBundleStartLevel 
   context              Bundle.getBundleContext                     
                        
 

The special action "*" will represent all actions.

The name of this permission is a filter expression. The filter gives access to the following parameters:

• signer - A Distinguished Name chain used to sign a bundle. Wildcards in a DN are not matched according to the filter string rules, but according to the rules defined for a DN chain.
• location - The location of a bundle.
• id - The bundle ID of the designated bundle.
• name - The symbolic name of a bundle.

See Also:

Serialized Form

ThreadSafe

Field Summary

static java.lang.String	CLASS The action string class (Value is "class").
static java.lang.String	CONTEXT The action string context (Value is "context").
static java.lang.String	EXECUTE The action string execute (Value is "execute").
static java.lang.String	EXTENSIONLIFECYCLE The action string extensionLifecycle (Value is "extensionLifecycle").
static java.lang.String	LIFECYCLE The action string lifecycle (Value is "lifecycle").
static java.lang.String	LISTENER The action string listener (Value is "listener").
static java.lang.String	METADATA The action string metadata (Value is "metadata").
static java.lang.String	RESOLVE The action string resolve (Value is "resolve").
static java.lang.String	RESOURCE The action string resource (Value is "resource").
static java.lang.String	STARTLEVEL The action string startlevel (Value is "startlevel").

Constructor Summary

AdminPermission()
Creates a new AdminPermission object that matches all bundles and has all actions.

AdminPermission(Bundle bundle, java.lang.String actions)
Creates a new AdminPermission object to be used by the code that must check a Permission object.

AdminPermission(java.lang.String filter, java.lang.String actions)
Create a new AdminPermission.

Method Summary

boolean	equals(java.lang.Object obj) Determines the equality of two AdminPermission objects.
java.lang.String	getActions() Returns the canonical string representation of the AdminPermission actions.
int	hashCode() Returns the hash code value for this object.
boolean	implies(java.security.Permission p) Determines if the specified permission is implied by this object.
java.security.PermissionCollection	newPermissionCollection() Returns a new PermissionCollection object suitable for storing AdminPermissions.

Methods inherited from class java.security.Permission

checkGuard, getName, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

CLASS

public static final java.lang.String CLASS

The action string class (Value is "class").

Since:

1.3

See Also:

Constant Field Values

EXECUTE

public static final java.lang.String EXECUTE

The action string execute (Value is "execute").

Since:

1.3

See Also:

Constant Field Values

EXTENSIONLIFECYCLE

public static final java.lang.String EXTENSIONLIFECYCLE

The action string extensionLifecycle (Value is "extensionLifecycle").

Since:

1.3

See Also:

Constant Field Values

LIFECYCLE

public static final java.lang.String LIFECYCLE

The action string lifecycle (Value is "lifecycle").

Since:

1.3

See Also:

Constant Field Values

LISTENER

public static final java.lang.String LISTENER

The action string listener (Value is "listener").

Since:

1.3

See Also:

Constant Field Values

METADATA

public static final java.lang.String METADATA

The action string metadata (Value is "metadata").

Since:

1.3

See Also:

Constant Field Values

RESOLVE

public static final java.lang.String RESOLVE

The action string resolve (Value is "resolve").

Since:

1.3

See Also:

Constant Field Values

RESOURCE

public static final java.lang.String RESOURCE

The action string resource (Value is "resource").

Since:

1.3

See Also:

Constant Field Values

STARTLEVEL

public static final java.lang.String STARTLEVEL

The action string startlevel (Value is "startlevel").

Since:

1.3

See Also:

Constant Field Values

CONTEXT

public static final java.lang.String CONTEXT

The action string context (Value is "context").

Since:

1.4

See Also:

Constant Field Values

Constructor Detail

AdminPermission

public AdminPermission()

Creates a new AdminPermission object that matches all bundles and has all actions. Equivalent to AdminPermission("*","*");

AdminPermission

public AdminPermission(java.lang.String filter,
                       java.lang.String actions)

Create a new AdminPermission. This constructor must only be used to create a permission that is going to be checked.

Examples:

 (signer=\*,o=ACME,c=US)   
 (&(signer=\*,o=ACME,c=US)(name=com.acme.*)(location=http://www.acme.com/bundles/*))
 (id>=1)
 

When a signer key is used within the filter expression the signer value must escape the special filter chars ('*', '(', ')').

Null arguments are equivalent to "*".

Parameters:

filter - A filter expression that can use signer, location, id, and name keys. A value of "*" or null matches all bundle.

actions - class, execute, extensionLifecycle, lifecycle, listener, metadata, resolve, resource, startlevel or context. A value of "*" or null indicates all actions

AdminPermission

public AdminPermission(Bundle bundle,
                       java.lang.String actions)

Creates a new AdminPermission object to be used by the code that must check a Permission object.

Parameters:

bundle - A bundle

actions - class, execute, extensionLifecycle, lifecycle, listener, metadata, resolve, resource, startlevel, context.

Since:

1.3

Method Detail

equals

public boolean equals(java.lang.Object obj)

Determines the equality of two AdminPermission objects.

Parameters:

obj - The object being compared for equality with this object.

Returns:

true if obj is equivalent to this AdminPermission; false otherwise.

hashCode

public int hashCode()

Returns the hash code value for this object.

Returns:

Hash code value for this object.

getActions

public java.lang.String getActions()

Returns the canonical string representation of the AdminPermission actions.

Always returns present AdminPermission actions in the following order: class, execute, extensionLifecycle, lifecycle, listener, metadata, resolve, resource, startlevel, context.

Returns:

Canonical string representation of the AdminPermission actions.

implies

public boolean implies(java.security.Permission p)

Determines if the specified permission is implied by this object. This method throws an exception if the specified permission was not constructed with a bundle.

This method returns true if the specified permission is an AdminPermission AND

• this object's filter matches the specified permission's bundle ID, bundle symbolic name, bundle location and bundle signer distinguished name chain OR
• this object's filter is "*"

AND this object's actions include all of the specified permission's actions.

Special case: if the specified permission was constructed with "*" filter, then this method returns true if this object's filter is "*" and this object's actions include all of the specified permission's actions

Parameters:

p - The permission to interrogate.

Returns:

true if the specified permission is implied by this object; false otherwise.

Throws:

java.lang.RuntimeException - if specified permission was not constructed with a bundle or "*"

newPermissionCollection

public java.security.PermissionCollection newPermissionCollection()

Returns a new PermissionCollection object suitable for storing AdminPermissions.

Returns:

A new PermissionCollection object.