Class SimpleAccessManager

java.lang.Object
de.calamanari.pk.util.SimpleAccessManager

public final class SimpleAccessManager
extends java.lang.Object
Simple Access Manager is a trivial supplementary class simulating a kind of security system.
Important:
You should NEVER EVER implement your own security system, there are APIs for that which have been audited well.
However in the current example there is a central flaw.
Anyone getting a reference to the permissionsMap (via reflection) using setAccessible(true) can do just everything. In a correct scenario security in a JVM cannot be implemented without a SecurityManager, but this is cumbersome :-).
Additionally this manager cannot differentiate between methods with the same name but different parameters (unaware of overloading).
Author:
Karl Eilebrecht
  • Method Summary

    Modifier and Type Method Description
    void allow​(java.lang.Thread thread, java.lang.String operationName)
    Allows the given operation.
    boolean checkPermission()
    Checks whether the current thread has the permission to do the current operation
    void clearPermissions​(java.lang.Thread thread)
    Clears all permissions for the thread.
    void disallow​(java.lang.Thread thread, java.lang.String operationName)
    Disallows the given operation.
    static SimpleAccessManager getInstance()
    Returns the access manager instance

    Methods inherited from class java.lang.Object

    equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Method Details

    • getInstance

      Returns the access manager instance
      Returns:
      access manager
    • checkPermission

      public boolean checkPermission()
      Checks whether the current thread has the permission to do the current operation
      Returns:
      true if allowed otherwise false
    • allow

      public void allow​(java.lang.Thread thread, java.lang.String operationName)
      Allows the given operation.
      Parameters:
      thread - the thread permission shall be granted
      operationName - full class name + dot + method name
    • disallow

      public void disallow​(java.lang.Thread thread, java.lang.String operationName)
      Disallows the given operation.
      Parameters:
      thread - thread permission shall be revoked
      operationName - full class name + dot + method name
    • clearPermissions

      public void clearPermissions​(java.lang.Thread thread)
      Clears all permissions for the thread.
      Parameters:
      thread - the tread to clear assigned permissions