Path: blob/master/src/java.base/share/classes/sun/security/util/LazyCodeSourcePermissionCollection.java
41159 views
/*1* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.util;2627import java.io.File;28import java.io.FilePermission;29import java.io.IOException;30import java.net.URL;31import java.security.CodeSource;32import java.security.Permission;33import java.security.PermissionCollection;34import java.util.Enumeration;3536/**37* This {@code PermissionCollection} implementation delegates to another38* {@code PermissionCollection}, taking care to lazily add the permission needed39* to read from the given {@code CodeSource} at first use, i.e., when either of40* {@link #elements}, {@link #implies} or {@link #toString} is called, or when41* the collection is serialized.42*/43public final class LazyCodeSourcePermissionCollection44extends PermissionCollection45{46@java.io.Serial47private static final long serialVersionUID = -6727011328946861783L;48private final PermissionCollection perms;49private final CodeSource cs;50private volatile boolean permissionAdded;5152public LazyCodeSourcePermissionCollection(PermissionCollection perms,53CodeSource cs) {54this.perms = perms;55this.cs = cs;56}5758private void ensureAdded() {59if (!permissionAdded) {60synchronized(perms) {61if (permissionAdded)62return;6364// open connection to determine the permission needed65URL location = cs.getLocation();66if (location != null) {67try {68Permission p = location.openConnection().getPermission();69if (p != null) {70// for directories then need recursive access71if (p instanceof FilePermission) {72String path = p.getName();73if (path.endsWith(File.separator)) {74path += "-";75p = new FilePermission(path,76SecurityConstants.FILE_READ_ACTION);77}78}79perms.add(p);80}81} catch (IOException ioe) {82}83}84if (isReadOnly()) {85perms.setReadOnly();86}87permissionAdded = true;88}89}90}9192@Override93public void add(Permission permission) {94if (isReadOnly())95throw new SecurityException(96"attempt to add a Permission to a readonly PermissionCollection");97perms.add(permission);98}99100@Override101public boolean implies(Permission permission) {102ensureAdded();103return perms.implies(permission);104}105106@Override107public Enumeration<Permission> elements() {108ensureAdded();109return perms.elements();110}111112@Override113public String toString() {114ensureAdded();115return perms.toString();116}117118/**119* On serialization, initialize and replace with the underlying120* permissions. This removes the laziness on deserialization.121*/122@java.io.Serial123private Object writeReplace() {124ensureAdded();125return perms;126}127}128129130