1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package javax.jdo.spi;
18
19 /***
20 * The <code>JDOPermission</code> class is for operations that are reserved for JDO
21 * implementations and should not be called by other code. A
22 * <code>JDOPermission</code> is a <em>named permission</em> and has no
23 * actions. There are two names currently defined. Each named permission
24 * has a corresponding public static final field which contains an instance
25 * of the named permission.
26 * <P>
27 * The following table
28 * provides a summary description of what each named permission allows,
29 * and discusses the risks of granting code the permission.
30 * <P>
31 *
32 * <table border=1 cellpadding=5>
33 * <tr>
34 * <th>Permission Target Name</th>
35 * <th>What the Permission Allows</th>
36 * <th>Risks of Allowing this Permission</th>
37 * </tr>
38 *
39 * <tr>
40 * <td><code>setStateManager</code></td>
41 * <td>This allows setting the <code>StateManager</code> for an instance of <code>PersistenceCapable</code>.
42 * The <code>StateManager</code>
43 * has unlimited access to get and set persistent and transactional fields of
44 * the <code>PersistenceCapable</code> instance.</td>
45 * <td>This is dangerous in that information (possibly confidential)
46 * normally unavailable would be accessible to malicious code.</td>
47 * </tr>
48 *
49 * <tr>
50 * <td><code>getMetadata</code></td>
51 * <td>This allows getting metadata for any <code>PersistenceCapable</code> class that has
52 * registered with <code>JDOImplHelper</code>.</td>
53 * <td>This is dangerous in that metadata information (possibly confidential)
54 * normally unavailable would be accessible to malicious code.</td>
55 * </tr>
56 *
57 * <tr>
58 * <td><code>manageMetadata</code></td>
59 * <td>This allows managing metadata for any <code>PersistenceCapable</code> class that has
60 * registered with <code>JDOImplHelper</code>.</td>
61 * <td>This is dangerous in that metadata information (possibly confidential)
62 * normally unavailable would be manageable (modifiable) by malicious code.</td>
63 * </tr>
64 *
65 * <tr>
66 * <td><code>closePersistenceManagerFactory</code></td>
67 * <td>This allows closing a <code>PersistenceManagerFactory</code>,
68 * thereby releasing resources.</td>
69 * <td>This is dangerous in that resources bound to the
70 * <code>PersistenceManagerFactory</code> would be releaseable by
71 * malicious code.</td>
72 * </tr>
73 *
74 * </table>
75 *
76 * @see java.security.Permission
77 * @see java.security.BasicPermission
78 * @see javax.jdo.spi.JDOImplHelper
79 * @see javax.jdo.spi.PersistenceCapable
80 * @version 1.0.2
81 */
82 public final
83 class JDOPermission extends java.security.BasicPermission {
84
85 /***
86 * Constructs a <code>JDOPermission</code> with the specified name.
87 *
88 * @param name the name of the <code>JDOPermission</code>
89 */
90 public JDOPermission(String name) {
91 super(name);
92 }
93
94 /***
95 * Constructs a <code>JDOPermission</code> with the specified name and actions.
96 * The actions should be <code>null</code>; they are ignored. This
97 * constructor exists for use by the <code>Policy</code> object
98 * to instantiate new <code>Permission</code> objects.
99 *
100 * @param name the name of the <code>JDOPermission</code>
101 * @param actions should be <code>null</code>.
102 */
103 public JDOPermission(String name, String actions) {
104 super(name, actions);
105 }
106
107 /*** An instance of <code>JDOPermission</code> to be used for
108 * <code>getMetadata</code> permission checking.
109 */
110 public final static JDOPermission GET_METADATA =
111 new JDOPermission("getMetadata");
112
113 /*** An instance of <code>JDOPermission</code> to be used for
114 * <code>manageMetadata</code> permission checking.
115 * @since 1.0.2
116 */
117 public final static JDOPermission MANAGE_METADATA =
118 new JDOPermission("manageMetadata");
119
120 /*** An instance of <code>JDOPermission</code> to be used for
121 * <code>setStateManager</code> permission checking.
122 */
123 public final static JDOPermission SET_STATE_MANAGER =
124 new JDOPermission("setStateManager");
125
126 /*** An instance of <code>JDOPermission</code> to be used for
127 * <code>closePersistenceManagerFactory</code> permission checking.
128 * @since 1.0.1
129 */
130 public final static JDOPermission CLOSE_PERSISTENCE_MANAGER_FACTORY =
131 new JDOPermission("closePersistenceManagerFactory");
132
133 }