2362N/A * Copyright (c) 1997, 2008, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * The AccessibleObject class is the base class for Field, Method and 0N/A * Constructor objects. It provides the ability to flag a reflected 0N/A * object as suppressing default Java language access control checks 0N/A * when it is used. The access checks--for public, default (package) 0N/A * access, protected, and private members--are performed when Fields, 0N/A * Methods or Constructors are used to set or get fields, to invoke 0N/A * methods, or to create and initialize new instances of classes, 0N/A * <p>Setting the {@code accessible} flag in a reflected object 0N/A * permits sophisticated applications with sufficient privilege, such 0N/A * as Java Object Serialization or other persistence mechanisms, to 0N/A * manipulate objects in a manner that would normally be prohibited. 1749N/A * <p>By default, a reflected object is <em>not</em> accessible. 0N/A * @see ReflectPermission 0N/A * The Permission object that is used to check whether a client 0N/A * has sufficient privilege to defeat Java language access 0N/A * Convenience method to set the {@code accessible} flag for an 0N/A * array of objects with a single security check (for efficiency). 0N/A * <p>First, if there is a security manager, its 0N/A * {@code checkPermission} method is called with a 0N/A * {@code ReflectPermission("suppressAccessChecks")} permission. 0N/A * <p>A {@code SecurityException} is raised if {@code flag} is 0N/A * {@code true} but accessibility of any of the elements of the input 0N/A * {@code array} may not be changed (for example, if the element 0N/A * object is a {@link Constructor} object for the class {@link 0N/A * java.lang.Class}). In the event of such a SecurityException, the 0N/A * accessibility of objects is set to {@code flag} for array elements 0N/A * upto (and excluding) the element for which the exception occurred; the 0N/A * accessibility of elements beyond (and including) the element for which 0N/A * the exception occurred is unchanged. 0N/A * @param array the array of AccessibleObjects 0N/A * @param flag the new value for the {@code accessible} flag 0N/A * @throws SecurityException if the request is denied. 0N/A * @see SecurityManager#checkPermission 0N/A * @see java.lang.RuntimePermission 0N/A * Set the {@code accessible} flag for this object to 0N/A * the indicated boolean value. A value of {@code true} indicates that 0N/A * the reflected object should suppress Java language access 0N/A * checking when it is used. A value of {@code false} indicates 0N/A * that the reflected object should enforce Java language access checks. 0N/A * <p>First, if there is a security manager, its 0N/A * {@code checkPermission} method is called with a 0N/A * {@code ReflectPermission("suppressAccessChecks")} permission. 0N/A * <p>A {@code SecurityException} is raised if {@code flag} is 0N/A * {@code true} but accessibility of this object may not be changed 0N/A * (for example, if this element object is a {@link Constructor} object for 0N/A * the class {@link java.lang.Class}). 0N/A * <p>A {@code SecurityException} is raised if this object is a {@link 0N/A * java.lang.reflect.Constructor} object for the class 0N/A * {@code java.lang.Class}, and {@code flag} is true. 0N/A * @param flag the new value for the {@code accessible} flag 0N/A * @throws SecurityException if the request is denied. 0N/A * @see SecurityManager#checkPermission 0N/A * @see java.lang.RuntimePermission 0N/A /* Check that you aren't exposing java.lang.Class.<init>. */ 0N/A " constructor accessible");
0N/A * Get the value of the {@code accessible} flag for this object. 0N/A * @return the value of the object's {@code accessible} flag 0N/A * Constructor: only used by the Java Virtual Machine. 0N/A // Indicates whether language-level access checks are overridden 0N/A // by this object. Initializes to "false". This field is used by 0N/A // Field, Method, and Constructor. 0N/A // NOTE: for security purposes, this field must not be visible 0N/A // outside this package. 0N/A // Reflection factory used by subclasses for creating field, 0N/A // method, and constructor accessors. Note that this is called 0N/A // very early in the bootstrapping process. 0N/A * @throws NullPointerException {@inheritDoc} 0N/A * @throws NullPointerException {@inheritDoc} 3903N/A // Shared access checking logic. 3903N/A // For non-public members or members in package-private classes, 3903N/A // it is necessary to perform somewhat expensive security checks. 3903N/A // If the security check succeeds for a given class, it will 3903N/A // always succeed (it is not affected by the granting or revoking 3903N/A // of permissions); we speed up the check in the common case by 3903N/A // remembering the last Class for which the check succeeded. 3903N/A // The simple security check for Constructor is to see if 3903N/A // the caller has already been seen, verified, and cached. 3903N/A // (See also Class.newInstance(), which uses a similar method.) 3903N/A // A more complicated security check cache is needed for Method and Field 3903N/A // The cache can be either null (empty cache), a 2-array of {caller,target}, 3903N/A // or a caller (with target implicitly equal to this.clazz). 3903N/A // In the 2-array case, the target is always different from the clazz. 3903N/A // Must match a 2-list of { caller, targetClass }. 3903N/A // (Test cache[1] first since range check for [1] 3903N/A // subsumes range check for [0].) 3903N/A // Non-protected case (or obj.class == this.clazz). 3903N/A // If no return, fall through to the slow path. 3903N/A // Keep all this slow stuff out of line: 3903N/A // Success: Update the cache. 3903N/A // Note: The two cache elements are not volatile, 3903N/A // but they are effectively final. The Java memory model 3903N/A // guarantees that the initializing stores for the cache 3903N/A // elements will occur before the volatile write.