boolean checkPermission(Permission permission, BundlePermissions bundlePermissions) { // check permissions by location PermissionInfoCollection locationCollection; SecurityTable curCondAdminTable; PermissionInfoCollection curPermAdminDefaults; // save off the current state of the world while holding the lock synchronized (lock) { // get location the hard way to avoid permission check Bundle bundle = bundlePermissions.getBundle(); locationCollection = bundle instanceof AbstractBundle ? permAdminTable.getCollection( ((AbstractBundle) bundle).getBundleData().getLocation()) : null; curCondAdminTable = condAdminTable; curPermAdminDefaults = permAdminDefaults; } if (locationCollection != null) return locationCollection.implies(permission); // if conditional admin table is empty the fall back to defaults if (curCondAdminTable.isEmpty()) return curPermAdminDefaults != null ? curPermAdminDefaults.implies(permission) : DEFAULT_DEFAULT.implies(permission); // check the condition table int result = curCondAdminTable.evaluate(bundlePermissions, permission); if ((result & SecurityTable.GRANTED) != 0) return true; if ((result & SecurityTable.DENIED) != 0) return false; if ((result & SecurityTable.POSTPONED) != 0) return true; return false; }
static { AllPermission allPerm = new AllPermission(); DEFAULT_DEFAULT = allPerm.newPermissionCollection(); if (DEFAULT_DEFAULT != null) DEFAULT_DEFAULT.add(allPerm); }