Module org.postgresql.pljava.internal

Package org.postgresql.pljava.policy

Class TrialPolicy.Permission

java.lang.Object

java.security.Permission

org.postgresql.pljava.policy.TrialPolicy.Permission

All Implemented Interfaces:

Serializable, Guard

Enclosing class:

TrialPolicy

public static final class TrialPolicy.Permission
extends Permission

A permission like java.security.AllPermission, but without any FilePermission (the real policy's sandboxed/unsandboxed grants should handle those), nor a couple dozen varieties of RuntimePermission, SecurityPermission, and ReflectPermission that would typically not be granted without clear intent.

This permission can be granted in a TrialPolicy while identifying any straggling permissions needed by some existing code, without quite the excitement of granting AllPermission. Any of the permissions excluded from this one can also be granted in the TrialPolicy, of course, if there is reason to believe the code might need them.

The proper spelling in a policy file is org.postgresql.pljava.policy.TrialPolicy$Permission.

This permission will probably only work right in a TrialPolicy. Any permission whose implies method can return true for permissions of other classes than its own may be ineffective in a stock Java policy, where permission collections are kept segregated by the class of the permission to be checked. Java's AllPermission gets special-case treatment in the stock implementation, and this permission likewise has to be treated specially in TrialPolicy. The only kind of custom permission that can genuinely drop in and work is one whose implies method only imposes semantics on the names/actions of different instances of that permission class.

A permission that does not live on the boot classpath is initially read from a policy file as an instance of UnresolvedPermission, and only gets resolved when a permission check is made, checking for an instance of its actual class. That is another complication when implementing a permission that may imply permissions of other classes.

A permission implemented in a different named module must be in a package that is exported to java.base.

See Also:

• Serialized Form

Constructor Summary

Constructors

Constructor	Description
Permission()
Permission(String name, String actions)

Method Summary

Modifier and Type	Method	Description
boolean	equals(Object other)
String	getActions()
int	hashCode()
boolean	implies(Permission p)
PermissionCollection	newPermissionCollection()

Methods inherited from class java.security.Permission

checkGuard, getName, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Details

Permission

public Permission()

Permission

public Permission(String name,
 String actions)

Method Details

equals

public boolean equals(Object other)

Specified by:

equals in class Permission

hashCode

public int hashCode()

Specified by:

hashCode in class Permission

getActions

public String getActions()

Specified by:

getActions in class Permission

newPermissionCollection

public PermissionCollection newPermissionCollection()

Overrides:

newPermissionCollection in class Permission

implies

public boolean implies(Permission p)

Specified by:

implies in class Permission