geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jboy...@apache.org
Subject svn commit: rev 54183 - geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc
Date Sat, 09 Oct 2004 22:04:30 GMT
Author: jboynes
Date: Sat Oct  9 15:04:29 2004
New Revision: 54183

Removed:
   geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/EJBMethodPermissionCollection.java
   geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermissionCollection.java
   geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermissionCollection.java
Modified:
   geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/EJBMethodPermission.java
   geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/EJBRoleRefPermission.java
   geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/PolicyContext.java
   geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java
   geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebRoleRefPermission.java
   geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java
Log:
fix api signature issues

Modified: geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/EJBMethodPermission.java
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/EJBMethodPermission.java	(original)
+++ geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/EJBMethodPermission.java	Sat
Oct  9 15:04:29 2004
@@ -26,24 +26,32 @@
 import java.io.IOException;
 import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
+import java.io.Serializable;
 import java.lang.reflect.Method;
-import java.security.*;
+import java.security.AccessController;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.PrivilegedAction;
+import java.util.LinkedList;
+import java.util.HashMap;
+import java.util.Enumeration;
+import java.util.Collections;
 
 /**
- *
  * @version $Rev$ $Date$
  */
-public final class EJBMethodPermission extends Permission {
+public final class EJBMethodPermission extends Permission implements Serializable {
 
     private final static String NEW_METHOD_INTERFACES = "org.apache.security.jacc.EJBMethodPermission.methodInterfaces";
     private static String[] methodInterfaces;
+
     static {
-        String newMethodInterfaces = (String)AccessController.doPrivileged(new
-            PrivilegedAction() {
-                public Object run() {
-                    return System.getProperty(NEW_METHOD_INTERFACES);
-                }
-            });
+        String newMethodInterfaces = (String) AccessController.doPrivileged(new
+                PrivilegedAction() {
+                    public Object run() {
+                        return System.getProperty(NEW_METHOD_INTERFACES);
+                    }
+                });
 
         if (newMethodInterfaces != null) {
             newMethodInterfaces = newMethodInterfaces + ",Home,LocalHome,Remote,Local,ServiceEndpoint";
@@ -53,8 +61,9 @@
 
         methodInterfaces = newMethodInterfaces.split(",", -1);
     }
+
     private transient int cachedHashCode;
-    protected transient MethodSpec methodSpec;
+    private transient MethodSpec methodSpec;
 
     public EJBMethodPermission(String name, String spec) {
         super(name);
@@ -79,7 +88,7 @@
     public boolean equals(Object o) {
         if (o == null || !(o instanceof EJBMethodPermission)) return false;
 
-        EJBMethodPermission other = (EJBMethodPermission)o;
+        EJBMethodPermission other = (EJBMethodPermission) o;
         return getName().equals(other.getName()) && methodSpec.equals(other.methodSpec);
     }
 
@@ -97,12 +106,12 @@
     public boolean implies(Permission permission) {
         if (permission == null || !(permission instanceof EJBMethodPermission)) return false;
 
-        EJBMethodPermission other = (EJBMethodPermission)permission;
+        EJBMethodPermission other = (EJBMethodPermission) permission;
         return getName().equals(other.getName()) && methodSpec.implies(other.methodSpec);
     }
 
-     public PermissionCollection newPermissionCollection() {
-    	return new EJBMethodPermissionCollection();
+    public PermissionCollection newPermissionCollection() {
+        return new EJBMethodPermissionCollection();
     }
 
     private synchronized void readObject(ObjectInputStream in) throws IOException {
@@ -113,7 +122,7 @@
         out.writeUTF(methodSpec.getActions());
     }
 
-    protected class MethodSpec {
+    private static class MethodSpec {
         protected String methodName;
         protected String methodInterface;
         protected String methodParams;
@@ -129,34 +138,37 @@
                 String[] tokens = actionString.split(",", 3);
 
                 switch (tokens.length) {
-                    case 1: {
-                        methodName = emptyNullCheck(tokens[0]);
-                        methodInterface = null;
-                        methodParams = null;
-                        break;
-                    }
-                    case 2: {
-                        if (tokens[1].length() == 0) throw new IllegalArgumentException("This
format of actions requires a method interface");
-                        checkMethodInterface(tokens[1]);
-
-                        methodName = emptyNullCheck(tokens[0]);
-                        methodInterface = emptyNullCheck(tokens[1]);
-                        methodParams = null;
-                        break;
-                    }
-                    case 3: {
-                        checkMethodInterface(tokens[1]);
-                        if (tokens[2].indexOf(',') > -1) {
-                            String[] test = tokens[2].split(",", -1);
-                            for (int i=0; i<test.length; i++) {
-                                if (test[i].length() == 0) throw new IllegalArgumentException("Invalid
type name");
-                            }
+                    case 1:
+                        {
+                            methodName = emptyNullCheck(tokens[0]);
+                            methodInterface = null;
+                            methodParams = null;
+                            break;
+                        }
+                    case 2:
+                        {
+                            if (tokens[1].length() == 0) throw new IllegalArgumentException("This
format of actions requires a method interface");
+                            checkMethodInterface(tokens[1]);
+
+                            methodName = emptyNullCheck(tokens[0]);
+                            methodInterface = emptyNullCheck(tokens[1]);
+                            methodParams = null;
+                            break;
                         }
+                    case 3:
+                        {
+                            checkMethodInterface(tokens[1]);
+                            if (tokens[2].indexOf(',') > -1) {
+                                String[] test = tokens[2].split(",", -1);
+                                for (int i = 0; i < test.length; i++) {
+                                    if (test[i].length() == 0) throw new IllegalArgumentException("Invalid
type name");
+                                }
+                            }
 
-                        methodName = emptyNullCheck(tokens[0]);
-                        methodInterface = emptyNullCheck(tokens[1]);
-                        methodParams = tokens[2];
-                    }
+                            methodName = emptyNullCheck(tokens[0]);
+                            methodInterface = emptyNullCheck(tokens[1]);
+                            methodParams = tokens[2];
+                        }
                 }
                 actions = actionString;
             }
@@ -176,7 +188,7 @@
                 if (methodParamsArray[0] == null || methodParamsArray[0].length() == 0) throw
new IllegalArgumentException("Invalid type name");
 
                 StringBuffer buffer = new StringBuffer(methodParamsArray[0]);
-                for (int i=1; i<methodParamsArray.length; i++) {
+                for (int i = 1; i < methodParamsArray.length; i++) {
                     if (methodParamsArray[i] == null || methodParamsArray[i].length() ==
0) throw new IllegalArgumentException("Invalid type name");
 
                     buffer.append(",");
@@ -199,7 +211,7 @@
                 methodParams = "";
             } else {
                 StringBuffer buffer = new StringBuffer(paramTypes[0].getName());
-                for (int i=1; i<paramTypes.length; i++) {
+                for (int i = 1; i < paramTypes.length; i++) {
                     buffer.append(",");
                     buffer.append(paramTypes[i].getName());
                 }
@@ -226,9 +238,12 @@
                 if (methodInterface == null || methodInterface.equals(methodSpec.methodInterface))
{
                     if (methodParams == null || methodParams.equals(methodSpec.methodParams))
{
                         return true;
-                    } else return false;
-                } else return false;
-            } else return false;
+                    } else
+                        return false;
+                } else
+                    return false;
+            } else
+                return false;
         }
 
         private void initActions() {
@@ -237,6 +252,7 @@
                     if (methodName == null) {
                         actions = ",,";
                     } else {
+
                         actions = methodName;
                     }
                 } else {
@@ -266,7 +282,7 @@
         private void checkMethodInterface(String methodInterface) {
             if (methodInterface == null || methodInterface.length() == 0) return;
 
-            for (int i=0; i<methodInterfaces.length; i++) {
+            for (int i = 0; i < methodInterfaces.length; i++) {
                 if (methodInterfaces[i].equals(methodInterface)) return;
             }
             throw new IllegalArgumentException("Invalid method interface");
@@ -278,8 +294,7 @@
          * function is used to check if we are passed a <CODE>null</CODE>
          * or empty string, which indicates a wildcard.
          *
-         * @param name   The name to be checked.
-         *
+         * @param name The name to be checked.
          * @return <CODE>null</CODE> if we are passed a <CODE>null</CODE>
or empty string else
          *         we return the name.
          */
@@ -289,6 +304,155 @@
             } else {
                 return name;
             }
+        }
+    }
+
+    private static final class EJBMethodPermissionCollection extends PermissionCollection
{
+
+        private LinkedList collection = new LinkedList();
+        private HashMap permissions = new HashMap();
+        private static final String WILDCARD = new String("$WILDCARD");
+
+        /**
+         * Adds a permission object to the current collection of permission objects.
+         *
+         * @param permission the Permission object to add.
+         *
+         * @exception SecurityException -  if this PermissionCollection object
+         *                                 has been marked readonly
+         */
+
+        public void add(Permission permission) {
+
+            if (isReadOnly()) throw new IllegalArgumentException("Read only collection");
+
+            if (!(permission instanceof EJBMethodPermission)) throw new IllegalArgumentException("Wrong
permission type");
+
+            if (collection.contains(permission)) return;
+            else collection.add(permission);
+
+            EJBMethodPermission p = (EJBMethodPermission)permission;
+            EJBMethodPermission.MethodSpec spec = p.methodSpec;
+            Object test =  permissions.get(p.getName());
+
+            if (test instanceof Boolean) return;
+
+            if (spec.methodName == null && spec.methodInterface == null &&
spec.methodParams == null) {
+                permissions.put(p.getName(), new Boolean(true));
+                return;
+            }
+
+            HashMap methods = (HashMap)test;
+            if (methods == null) {
+                methods = new HashMap();
+                permissions.put(p.getName(), methods);
+            }
+
+            Object methodKey = (spec.methodName == null || spec.methodName.length() == 0?
WILDCARD:spec.methodName);
+            HashMap interfaces = (HashMap)methods.get(methodKey);
+            if (interfaces == null) {
+                interfaces = new HashMap();
+                methods.put(methodKey, interfaces);
+            }
+
+            Object interfaceKey = (spec.methodInterface == null || spec.methodInterface.length()
== 0? WILDCARD:spec.methodInterface);
+            HashMap parameters = (HashMap)interfaces.get(interfaceKey);
+            if (parameters == null) {
+                parameters = new HashMap();
+                interfaces.put(interfaceKey, parameters);
+            }
+
+
+
+            // an empty string for a parameter spec indicates a method w/ no parameters
+            Object parametersKey = (spec.methodParams == null? WILDCARD:spec.methodParams);
+            Object parameter = parameters.get(parametersKey);
+            if (parameter == null) {
+                parameter = new Boolean(true);
+                parameters.put(parametersKey, parameter);
+            }
+
+        }
+
+        /**
+         * Checks to see if the specified permission is implied by
+         * the collection of Permission objects held in this PermissionCollection.
+         *
+         * @param permission the Permission object to compare.
+         *
+         * @return true if "permission" is implied by the  permissions in
+         * the collection, false if not.
+         */
+        public boolean implies(Permission permission) {
+
+            if (!(permission instanceof EJBMethodPermission)) return false;
+
+            EJBMethodPermission p = (EJBMethodPermission)permission;
+
+            EJBMethodPermission.MethodSpec spec = p.methodSpec;
+            Object test = permissions.get(p.getName());
+
+            if (test == null) return false;
+            if (test instanceof Boolean) return true;
+
+            HashMap methods = (HashMap)test;
+
+            Object methodKey = (spec.methodName == null || spec.methodName.length() == 0?
WILDCARD:spec.methodName);
+            HashMap interfaces = (HashMap)methods.get(methodKey);
+
+            if (methodImplies(interfaces, spec)) return true;
+            if (methodKey != WILDCARD) {
+                return methodImplies((HashMap)methods.get(WILDCARD), spec);
+            }
+
+            return false;
+        }
+
+
+
+        protected boolean methodImplies(HashMap interfaces, EJBMethodPermission.MethodSpec
spec) {
+
+            if (interfaces == null) return false;
+
+            Object interfaceKey = (spec.methodInterface == null || spec.methodInterface.length()
== 0? WILDCARD:spec.methodInterface);
+            HashMap parameters = (HashMap)interfaces.get(interfaceKey);
+
+            if (interfaceImplies(parameters, spec)) return true;
+            if (interfaceKey != WILDCARD) {
+                return interfaceImplies((HashMap)interfaces.get(WILDCARD), spec);
+            }
+
+            return false;
+        }
+
+
+
+        protected boolean interfaceImplies(HashMap parameters, EJBMethodPermission.MethodSpec
spec) {
+
+            if (parameters == null) return false;
+
+            // An empty string for a parameter spec indicates a method w/ no parameters
+            // so we won't convert an empty string to a wildcard.
+            Object parametersKey = (spec.methodParams == null? WILDCARD:spec.methodParams);
+            Object parameter = parameters.get(parametersKey);
+
+            if (parameter != null) return true;
+            if (parametersKey != WILDCARD) {
+                return parameters.containsKey(WILDCARD);
+            }
+
+            return false;
+        }
+
+
+
+        /**
+         * Returns an enumeration of all the Permission objects in the collection.
+         *
+         * @return an enumeration of all the Permissions.
+         */
+        public Enumeration elements() {
+            return Collections.enumeration(collection);
         }
     }
 }

Modified: geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/EJBRoleRefPermission.java
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/EJBRoleRefPermission.java
(original)
+++ geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/EJBRoleRefPermission.java
Sat Oct  9 15:04:29 2004
@@ -23,6 +23,7 @@
 
 package javax.security.jacc;
 
+import java.io.Serializable;
 import java.security.Permission;
 
 /**
@@ -38,7 +39,7 @@
  * determine if the subject is a member of the role identified by the reference.
  * @version $Rev$ $Date$
  */
-public final class EJBRoleRefPermission extends Permission {
+public final class EJBRoleRefPermission extends Permission implements Serializable {
 
     private transient int cachedHashCode = 0;
     private String actions;

Modified: geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/PolicyContext.java
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/PolicyContext.java	(original)
+++ geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/PolicyContext.java	Sat Oct
 9 15:04:29 2004
@@ -39,6 +39,9 @@
     private static Hashtable handlers = new Hashtable();
     private final static SecurityPermission SET_POLICY = new SecurityPermission("setPolicy");
 
+    private PolicyContext() {
+    }
+
     public static void setContextID(String contextID) {
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) sm.checkPermission(SET_POLICY);
@@ -57,7 +60,7 @@
         handlerData.set(data);
     }
 
-    public static void registerHandler(String key, PolicyContextHandler handler, boolean
replace) {
+    public static void registerHandler(String key, PolicyContextHandler handler, boolean
replace) throws PolicyContextException {
         if (key == null) throw new IllegalArgumentException("Key must not be null");
         if (handler == null) throw new IllegalArgumentException("Handler must not be null");
         if (!replace && handlers.containsKey(key)) throw new IllegalArgumentException("A
handler has already been registered under '" + key + "' and replace is false.");

Modified: geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java
(original)
+++ geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebResourcePermission.java
Sat Oct  9 15:04:29 2004
@@ -26,15 +26,17 @@
 import java.io.IOException;
 import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
+import java.io.Serializable;
 import java.security.Permission;
 import java.security.PermissionCollection;
+import java.util.Hashtable;
+import java.util.Enumeration;
 import javax.servlet.http.HttpServletRequest;
 
 /**
- *
  * @version $Rev$ $Date$
  */
-public final class WebResourcePermission extends Permission {
+public final class WebResourcePermission extends Permission implements Serializable {
     private transient int cachedHashCode = 0;
     private transient URLPatternSpec urlPatternSpec;
     private transient HTTPMethodSpec httpMethodSpec;
@@ -63,7 +65,7 @@
     public boolean equals(Object o) {
         if (o == null || !(o instanceof WebResourcePermission)) return false;
 
-        WebResourcePermission other = (WebResourcePermission)o;
+        WebResourcePermission other = (WebResourcePermission) o;
         return urlPatternSpec.equals(other.urlPatternSpec) && httpMethodSpec.equals(other.httpMethodSpec);
     }
 
@@ -81,12 +83,12 @@
     public boolean implies(Permission permission) {
         if (permission == null || !(permission instanceof WebResourcePermission)) return
false;
 
-        WebResourcePermission other = (WebResourcePermission)permission;
+        WebResourcePermission other = (WebResourcePermission) permission;
         return urlPatternSpec.implies(other.urlPatternSpec) && httpMethodSpec.implies(other.httpMethodSpec);
     }
 
     public PermissionCollection newPermissionCollection() {
-    	return new WebResourcePermissionCollection();
+        return new WebResourcePermissionCollection();
     }
 
     private synchronized void readObject(ObjectInputStream in) throws IOException {
@@ -97,6 +99,59 @@
     private synchronized void writeObject(ObjectOutputStream out) throws IOException {
         out.writeUTF(urlPatternSpec.getPatternSpec());
         out.writeUTF(httpMethodSpec.getActions());
+    }
+
+    private static final class WebResourcePermissionCollection extends PermissionCollection
{
+        private Hashtable permissions = new Hashtable();
+
+        /**
+         * Adds a permission object to the current collection of permission objects.
+         *
+         * @param permission the Permission object to add.
+         *
+         * @exception SecurityException -  if this PermissionCollection object
+         *                                 has been marked readonly
+         */
+        public void add(Permission permission) {
+            if (isReadOnly()) throw new IllegalArgumentException("Read only collection");
+
+            if (!(permission instanceof WebResourcePermission)) throw new IllegalArgumentException("Wrong
permission type");
+
+            WebResourcePermission p  = (WebResourcePermission)permission;
+
+            permissions.put(p, p);
+        }
+
+        /**
+         * Checks to see if the specified permission is implied by
+         * the collection of Permission objects held in this PermissionCollection.
+         *
+         * @param permission the Permission object to compare.
+         *
+         * @return true if "permission" is implied by the  permissions in
+         * the collection, false if not.
+         */
+        public boolean implies(Permission permission) {
+            if (!(permission instanceof WebResourcePermission)) return false;
+
+            WebResourcePermission p  = (WebResourcePermission)permission;
+            Enumeration enum = permissions.elements();
+
+            while (enum.hasMoreElements()) {
+                if (((WebResourcePermission)enum.nextElement()).implies(p)) return true;
+            }
+
+            return false;
+        }
+
+        /**
+         * Returns an enumeration of all the Permission objects in the collection.
+         *
+         * @return an enumeration of all the Permissions.
+         */
+        public Enumeration elements() {
+            return permissions.elements();
+        }
     }
 }
 

Modified: geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebRoleRefPermission.java
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebRoleRefPermission.java
(original)
+++ geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebRoleRefPermission.java
Sat Oct  9 15:04:29 2004
@@ -23,13 +23,14 @@
 
 package javax.security.jacc;
 
+import java.io.Serializable;
 import java.security.Permission;
 
 /**
  *
  * @version $Rev$ $Date$
  */
-public final class WebRoleRefPermission extends Permission {
+public final class WebRoleRefPermission extends Permission implements Serializable {
     private transient int cachedHashCode = 0;
     private String actions;
 

Modified: geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java
==============================================================================
--- geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java
(original)
+++ geronimo/trunk/specs/j2ee-jacc/src/java/javax/security/jacc/WebUserDataPermission.java
Sat Oct  9 15:04:29 2004
@@ -24,29 +24,27 @@
 package javax.security.jacc;
 
 import java.io.IOException;
-
 import java.io.ObjectInputStream;
-
 import java.io.ObjectOutputStream;
-
+import java.io.Serializable;
 import java.security.Permission;
-
 import java.security.PermissionCollection;
-
+import java.util.Hashtable;
+import java.util.Enumeration;
 import javax.servlet.http.HttpServletRequest;
 
 
 /**
  * Class for Servlet Web user data permissions. A WebUserDataPermission is a
  * named permission and has actions.<p>
- *
+ * <p/>
  * The name of a WebUserDataPermission (also referred to as the target name)
  * identifies a Web resource by its context path relative URL pattern.
  *
  * @version $Rev$ $Date$
  * @see java.security.Permission
  */
-public final class WebUserDataPermission extends Permission {
+public final class WebUserDataPermission extends Permission implements Serializable {
 
     private transient int cachedHashCode = 0;
     private transient URLPatternSpec urlPatternSpec;
@@ -54,16 +52,16 @@
 
     /**
      * Creates a new WebUserDataPermission from the HttpServletRequest object.
-     * 
+     *
      * @param request the HttpServletRequest object corresponding to the
-     * Servlet operation to which the permission pertains. The permission
-     * name is the substring of the requestURI (HttpServletRequest.getRequestURI())
-     * that begins after the contextPath (HttpServletRequest.getContextPath()).
-     * When the substring operation yields the string “/”, the permission is
-     * constructed with the empty string as its name. The HTTP method component
-     * of the permission’s actions is as obtained from HttpServletRequest.getMethod().
-     * The TransportType component of the permission’s actions is determined
-     * by calling HttpServletRequest.isSecure().
+     *                Servlet operation to which the permission pertains. The permission
+     *                name is the substring of the requestURI (HttpServletRequest.getRequestURI())
+     *                that begins after the contextPath (HttpServletRequest.getContextPath()).
+     *                When the substring operation yields the string “/”, the permission
is
+     *                constructed with the empty string as its name. The HTTP method component
+     *                of the permission’s actions is as obtained from HttpServletRequest.getMethod().
+     *                The TransportType component of the permission’s actions is determined
+     *                by calling HttpServletRequest.isSecure().
      */
     public WebUserDataPermission(HttpServletRequest request) {
         super(request.getServletPath());
@@ -89,7 +87,7 @@
     public boolean equals(Object o) {
         if (o == null || !(o instanceof WebUserDataPermission)) return false;
 
-        WebUserDataPermission other = (WebUserDataPermission)o;
+        WebUserDataPermission other = (WebUserDataPermission) o;
         return urlPatternSpec.equals(other.urlPatternSpec) && httpMethodSpec.equals(other.httpMethodSpec);
     }
 
@@ -107,12 +105,12 @@
     public boolean implies(Permission permission) {
         if (permission == null || !(permission instanceof WebUserDataPermission)) return
false;
 
-        WebUserDataPermission other = (WebUserDataPermission)permission;
+        WebUserDataPermission other = (WebUserDataPermission) permission;
         return urlPatternSpec.implies(other.urlPatternSpec) && httpMethodSpec.implies(other.httpMethodSpec);
     }
 
     public PermissionCollection newPermissionCollection() {
-    	return new WebUserDataPermissionCollection();
+        return new WebUserDataPermissionCollection();
     }
 
     private synchronized void readObject(ObjectInputStream in) throws IOException {
@@ -123,6 +121,60 @@
     private synchronized void writeObject(ObjectOutputStream out) throws IOException {
         out.writeUTF(urlPatternSpec.getPatternSpec());
         out.writeUTF(httpMethodSpec.getActions());
+    }
+
+    private static final class WebUserDataPermissionCollection extends PermissionCollection
{
+        private Hashtable permissions = new Hashtable();
+
+        /**
+         * Adds a permission object to the current collection of permission objects.
+         *
+         * @param permission the Permission object to add.
+         *
+         * @exception SecurityException -  if this PermissionCollection object
+         *                                 has been marked readonly
+         */
+        public void add(Permission permission) {
+            if (isReadOnly()) throw new IllegalArgumentException("Read only collection");
+
+            if (!(permission instanceof WebUserDataPermission)) throw new IllegalArgumentException("Wrong
permission type");
+
+            WebUserDataPermission p  = (WebUserDataPermission)permission;
+
+            permissions.put(p, p);
+        }
+
+        /**
+         * Checks to see if the specified permission is implied by
+         * the collection of Permission objects held in this PermissionCollection.
+         *
+         * @param permission the Permission object to compare.
+         *
+         * @return true if "permission" is implied by the  permissions in
+         * the collection, false if not.
+         */
+        public boolean implies(Permission permission) {
+            if (!(permission instanceof WebUserDataPermission)) return false;
+
+            WebUserDataPermission p  = (WebUserDataPermission)permission;
+            Enumeration enum = permissions.elements();
+
+            while (enum.hasMoreElements()) {
+                if (((WebUserDataPermission)enum.nextElement()).implies(p)) return true;
+            }
+
+            return false;
+
+        }
+
+        /**
+         * Returns an enumeration of all the Permission objects in the collection.
+         *
+         * @return an enumeration of all the Permissions.
+         */
+        public Enumeration elements() {
+            return permissions.elements();
+        }
     }
 }
 

Mime
View raw message