From 9866d4239de109d5f33609e01cda51b096b404e9 Mon Sep 17 00:00:00 2001
From: Weijun Wang <weijun@openjdk.org>
Date: Mon, 20 Jul 2015 20:47:54 +0800
Subject: [PATCH] 8131350: policytool can directly reference permission classes

Reviewed-by: xuelei, mullan
---
 .../security/tools/policytool/PolicyTool.java | 327 ++++++++----------
 1 file changed, 152 insertions(+), 175 deletions(-)

diff --git a/jdk/src/jdk.policytool/share/classes/sun/security/tools/policytool/PolicyTool.java b/jdk/src/jdk.policytool/share/classes/sun/security/tools/policytool/PolicyTool.java
index fde04357822..02a82d941f9 100644
--- a/jdk/src/jdk.policytool/share/classes/sun/security/tools/policytool/PolicyTool.java
+++ b/jdk/src/jdk.policytool/share/classes/sun/security/tools/policytool/PolicyTool.java
@@ -633,17 +633,16 @@ public class PolicyTool {
             type.equals(PolicyParser.PrincipalEntry.REPLACE_NAME)) {
             return;
         }
-        Class<?> PRIN = Class.forName("java.security.Principal");
         Class<?> pc = Class.forName(type, true,
                 Thread.currentThread().getContextClassLoader());
-        if (!PRIN.isAssignableFrom(pc)) {
+        if (!Principal.class.isAssignableFrom(pc)) {
             MessageFormat form = new MessageFormat(getMessage
                         ("Illegal.Principal.Type.type"));
             Object[] source = {type};
             throw new InstantiationException(form.format(source));
         }
 
-        if (ToolDialog.X500_PRIN_CLASS.equals(pc.getName())) {
+        if (X500Principal.class.getName().equals(pc.getName())) {
             // PolicyParser checks validity of X500Principal name
             // - PolicyTool needs to as well so that it doesn't store
             //   an invalid name that can't be read in later
@@ -1563,14 +1562,6 @@ class ToolDialog extends JDialog {
     public static final int NEW                 = 2;
     public static final int OPEN                = 3;
 
-    public static final String ALL_PERM_CLASS   =
-                "java.security.AllPermission";
-    public static final String FILE_PERM_CLASS  =
-                "java.io.FilePermission";
-
-    public static final String X500_PRIN_CLASS         =
-                "javax.security.auth.x500.X500Principal";
-
     /* popup menus */
     public static final String PERM             =
         PolicyTool.getMessage
@@ -1752,11 +1743,11 @@ class ToolDialog extends JDialog {
         for (int i = 0; i < PERM_ARRAY.size(); i++) {
             Perm next = PERM_ARRAY.get(i);
             if (fullClassName) {
-                if (next.FULL_CLASS.equals(clazz)) {
+                if (next.getName().equals(clazz)) {
                     return next;
                 }
             } else {
-                if (next.CLASS.equals(clazz)) {
+                if (next.getSimpleName().equals(clazz)) {
                     return next;
                 }
             }
@@ -1772,11 +1763,11 @@ class ToolDialog extends JDialog {
         for (int i = 0; i < PRIN_ARRAY.size(); i++) {
             Prin next = PRIN_ARRAY.get(i);
             if (fullClassName) {
-                if (next.FULL_CLASS.equals(clazz)) {
+                if (next.getName().equals(clazz)) {
                     return next;
                 }
             } else {
-                if (next.CLASS.equals(clazz)) {
+                if (next.getSimpleName().equals(clazz)) {
                     return next;
                 }
             }
@@ -2170,7 +2161,7 @@ class ToolDialog extends JDialog {
         choice.getAccessibleContext().setAccessibleName(PRIN_TYPE);
         for (int i = 0; i < PRIN_ARRAY.size(); i++) {
             Prin next = PRIN_ARRAY.get(i);
-            choice.addItem(next.CLASS);
+            choice.addItem(next.getSimpleName());
         }
 
         if (edit) {
@@ -2180,7 +2171,7 @@ class ToolDialog extends JDialog {
             } else {
                 Prin inputPrin = getPrin(editMe.getPrincipalClass(), true);
                 if (inputPrin != null) {
-                    choice.setSelectedItem(inputPrin.CLASS);
+                    choice.setSelectedItem(inputPrin.getSimpleName());
                 }
             }
         }
@@ -2286,7 +2277,7 @@ class ToolDialog extends JDialog {
         choice.getAccessibleContext().setAccessibleName(PERM);
         for (int i = 0; i < PERM_ARRAY.size(); i++) {
             Perm next = PERM_ARRAY.get(i);
-            choice.addItem(next.CLASS);
+            choice.addItem(next.getSimpleName());
         }
         tw.addNewComponent(newTD, choice, PD_PERM_CHOICE,
                            0, 1, 1, 1, 0.0, 0.0, GridBagConstraints.BOTH,
@@ -2300,7 +2291,7 @@ class ToolDialog extends JDialog {
         if (edit) {
             Perm inputPerm = getPerm(editMe.permission, true);
             if (inputPerm != null) {
-                choice.setSelectedItem(inputPerm.CLASS);
+                choice.setSelectedItem(inputPerm.getSimpleName());
             }
         }
         tw.addNewComponent(newTD, tf, PD_PERM_TEXTFIELD,
@@ -2417,7 +2408,7 @@ class ToolDialog extends JDialog {
                         "\t'" + pname + "' will be interpreted " +
                                 "as a key store alias.\n" +
                         "\tThe final principal class will be " +
-                                ToolDialog.X500_PRIN_CLASS + ".\n" +
+                                X500Principal.class.getName() + ".\n" +
                         "\tThe final principal name will be " +
                                 "determined by the following:\n" +
                         "\n" +
@@ -2452,7 +2443,7 @@ class ToolDialog extends JDialog {
         if (tf.getText().trim().equals("") == false)
             name = new String(tf.getText().trim());
         if (permission.equals("") ||
-            (!permission.equals(ALL_PERM_CLASS) && name == null)) {
+            (!permission.equals(AllPermission.class.getName()) && name == null)) {
             throw new InvalidParameterException(PolicyTool.getMessage
                 ("Permission.and.Target.Name.must.have.a.value"));
         }
@@ -2467,7 +2458,8 @@ class ToolDialog extends JDialog {
         // \\server\share     0, legal
         // \\\\server\share   2, illegal
 
-        if (permission.equals(FILE_PERM_CLASS) && name.lastIndexOf("\\\\") > 0) {
+        if (permission.equals(FilePermission.class.getName())
+                && name.lastIndexOf("\\\\") > 0) {
             char result = tw.displayYesNoDialog(this,
                     PolicyTool.getMessage("Warning"),
                     PolicyTool.getMessage(
@@ -3645,7 +3637,7 @@ class PrincipalTypeMenuListener implements ItemListener {
             if (prinField.getText() != null &&
                 prinField.getText().length() > 0) {
                 Prin inputPrin = ToolDialog.getPrin(prinField.getText(), true);
-                prin.setSelectedItem(inputPrin.CLASS);
+                prin.setSelectedItem(inputPrin.getSimpleName());
             }
             return;
         }
@@ -3660,7 +3652,7 @@ class PrincipalTypeMenuListener implements ItemListener {
         // set of names and actions
         Prin inputPrin = ToolDialog.getPrin((String)e.getItem(), false);
         if (inputPrin != null) {
-            prinField.setText(inputPrin.FULL_CLASS);
+            prinField.setText(inputPrin.getName());
         }
     }
 }
@@ -3711,7 +3703,7 @@ class PermissionMenuListener implements ItemListener {
 
                 Perm inputPerm = ToolDialog.getPerm(permField.getText(), true);
                 if (inputPerm != null) {
-                    perms.setSelectedItem(inputPerm.CLASS);
+                    perms.setSelectedItem(inputPerm.getSimpleName());
                 }
             }
             return;
@@ -3732,7 +3724,7 @@ class PermissionMenuListener implements ItemListener {
         if (inputPerm == null) {
             permField.setText("");
         } else {
-            permField.setText(inputPerm.FULL_CLASS);
+            permField.setText(inputPerm.getName());
         }
         td.setPermissionNames(inputPerm, names, nameField);
         td.setPermissionActions(inputPerm, actions, actionsField);
@@ -4082,26 +4074,30 @@ class TaggedList extends JList<String> {
  */
 
 class Prin {
-    public final String CLASS;
-    public final String FULL_CLASS;
+    final Class<? extends Principal> CLASS;
 
-    public Prin(String clazz, String fullClass) {
+    Prin(Class<? extends Principal> clazz) {
         this.CLASS = clazz;
-        this.FULL_CLASS = fullClass;
+    }
+
+    String getName() {
+        return CLASS.getName();
+    }
+
+    String getSimpleName() {
+        return CLASS.getSimpleName();
     }
 }
 
 class KrbPrin extends Prin {
-    public KrbPrin() {
-        super("KerberosPrincipal",
-                "javax.security.auth.kerberos.KerberosPrincipal");
+    KrbPrin() {
+        super(javax.security.auth.kerberos.KerberosPrincipal.class);
     }
 }
 
 class X500Prin extends Prin {
-    public X500Prin() {
-        super("X500Principal",
-                "javax.security.auth.x500.X500Principal");
+    X500Prin() {
+        super(javax.security.auth.x500.X500Principal.class);
     }
 }
 
@@ -4110,44 +4106,48 @@ class X500Prin extends Prin {
  */
 
 class Perm {
-    public final String CLASS;
-    public final String FULL_CLASS;
-    public final String[] TARGETS;
-    public final String[] ACTIONS;
+    final Class<? extends Permission> CLASS;
+    final String[] TARGETS;
+    final String[] ACTIONS;
 
-    public Perm(String clazz, String fullClass,
+    Perm(Class<? extends Permission> clazz,
                 String[] targets, String[] actions) {
 
         this.CLASS = clazz;
-        this.FULL_CLASS = fullClass;
         this.TARGETS = targets;
         this.ACTIONS = actions;
     }
+
+    String getName() {
+        return CLASS.getName();
+    }
+
+    String getSimpleName() {
+        return CLASS.getSimpleName();
+    }
 }
 
 class AllPerm extends Perm {
-    public AllPerm() {
-        super("AllPermission", "java.security.AllPermission", null, null);
+    AllPerm() {
+        super(java.security.AllPermission.class, null, null);
     }
 }
 
 class AudioPerm extends Perm {
-    public AudioPerm() {
-        super("AudioPermission",
-        "javax.sound.sampled.AudioPermission",
-        new String[]    {
+    AudioPerm() {
+        super(javax.sound.sampled.AudioPermission.class,
+            new String[]    {
                 "play",
                 "record"
                 },
-        null);
+            null);
     }
 }
 
 class AuthPerm extends Perm {
-    public AuthPerm() {
-    super("AuthPermission",
-        "javax.security.auth.AuthPermission",
-        new String[]    {
+    AuthPerm() {
+        super(javax.security.auth.AuthPermission.class,
+            new String[]    {
                 "doAs",
                 "doAsPrivileged",
                 "getSubject",
@@ -4165,15 +4165,14 @@ class AuthPerm extends Perm {
                         PolicyTool.getMessage("configuration.type") + ">",
                 "refreshLoginConfiguration"
                 },
-        null);
+            null);
     }
 }
 
 class AWTPerm extends Perm {
-    public AWTPerm() {
-    super("AWTPermission",
-        "java.awt.AWTPermission",
-        new String[]    {
+    AWTPerm() {
+        super(java.awt.AWTPermission.class,
+            new String[]    {
                 "accessClipboard",
                 "accessEventQueue",
                 "accessSystemTray",
@@ -4187,30 +4186,28 @@ class AWTPerm extends Perm {
                 "showWindowWithoutWarningBanner",
                 "toolkitModality",
                 "watchMousePointer"
-        },
-        null);
+                },
+            null);
     }
 }
 
 class DelegationPerm extends Perm {
-    public DelegationPerm() {
-    super("DelegationPermission",
-        "javax.security.auth.kerberos.DelegationPermission",
-        new String[]    {
+    DelegationPerm() {
+        super(javax.security.auth.kerberos.DelegationPermission.class,
+            new String[]    {
                 // allow user input
                 },
-        null);
+            null);
     }
 }
 
 class FilePerm extends Perm {
-    public FilePerm() {
-    super("FilePermission",
-        "java.io.FilePermission",
-        new String[]    {
+    FilePerm() {
+        super(java.io.FilePermission.class,
+            new String[]    {
                 "<<ALL FILES>>"
                 },
-        new String[]    {
+            new String[]    {
                 "read",
                 "write",
                 "delete",
@@ -4220,64 +4217,59 @@ class FilePerm extends Perm {
 }
 
 class URLPerm extends Perm {
-    public URLPerm() {
-        super("URLPermission",
-                "java.net.URLPermission",
-                new String[]    {
-                    "<"+ PolicyTool.getMessage("url") + ">",
-                },
-                new String[]    {
-                    "<" + PolicyTool.getMessage("method.list") + ">:<"
-                        + PolicyTool.getMessage("request.headers.list") + ">",
-                });
+    URLPerm() {
+        super(java.net.URLPermission.class,
+            new String[]    {
+                "<"+ PolicyTool.getMessage("url") + ">",
+            },
+            new String[]    {
+                "<" + PolicyTool.getMessage("method.list") + ">:<"
+                    + PolicyTool.getMessage("request.headers.list") + ">",
+            });
     }
 }
 
 class InqSecContextPerm extends Perm {
-    public InqSecContextPerm() {
-    super("InquireSecContextPermission",
-        "com.sun.security.jgss.InquireSecContextPermission",
-        new String[]    {
+    InqSecContextPerm() {
+        super(com.sun.security.jgss.InquireSecContextPermission.class,
+            new String[]    {
                 "KRB5_GET_SESSION_KEY",
                 "KRB5_GET_TKT_FLAGS",
                 "KRB5_GET_AUTHZ_DATA",
                 "KRB5_GET_AUTHTIME"
                 },
-        null);
+            null);
     }
 }
 
 class LogPerm extends Perm {
-    public LogPerm() {
-    super("LoggingPermission",
-        "java.util.logging.LoggingPermission",
-        new String[]    {
+    LogPerm() {
+        super(java.util.logging.LoggingPermission.class,
+            new String[]    {
                 "control"
                 },
-        null);
+            null);
     }
 }
 
 class MgmtPerm extends Perm {
-    public MgmtPerm() {
-    super("ManagementPermission",
-        "java.lang.management.ManagementPermission",
-        new String[]    {
+    MgmtPerm() {
+        super(java.lang.management.ManagementPermission.class,
+            new String[]    {
                 "control",
                 "monitor"
                 },
-        null);
+            null);
     }
 }
 
 class MBeanPerm extends Perm {
-    public MBeanPerm() {
-    super("MBeanPermission",
-        "javax.management.MBeanPermission",
-        new String[]    {
+    MBeanPerm() {
+        super(javax.management.MBeanPermission.class,
+            new String[]    {
                 // allow user input
                 },
-        new String[]    {
+            new String[]    {
                 "addNotificationListener",
                 "getAttribute",
                 "getClassLoader",
@@ -4300,35 +4292,32 @@ class MBeanPerm extends Perm {
 }
 
 class MBeanSvrPerm extends Perm {
-    public MBeanSvrPerm() {
-    super("MBeanServerPermission",
-        "javax.management.MBeanServerPermission",
-        new String[]    {
+    MBeanSvrPerm() {
+        super(javax.management.MBeanServerPermission.class,
+            new String[]    {
                 "createMBeanServer",
                 "findMBeanServer",
                 "newMBeanServer",
                 "releaseMBeanServer"
                 },
-        null);
+            null);
     }
 }
 
 class MBeanTrustPerm extends Perm {
-    public MBeanTrustPerm() {
-    super("MBeanTrustPermission",
-        "javax.management.MBeanTrustPermission",
-        new String[]    {
+    MBeanTrustPerm() {
+        super(javax.management.MBeanTrustPermission.class,
+            new String[]    {
                 "register"
                 },
-        null);
+            null);
     }
 }
 
 class NetPerm extends Perm {
-    public NetPerm() {
-    super("NetPermission",
-        "java.net.NetPermission",
-        new String[]    {
+    NetPerm() {
+        super(java.net.NetPermission.class,
+            new String[]    {
                 "allowHttpTrace",
                 "setDefaultAuthenticator",
                 "requestPasswordAuthentication",
@@ -4341,43 +4330,40 @@ class NetPerm extends Perm {
                 "setResponseCache",
                 "getResponseCache"
                 },
-        null);
+            null);
     }
 }
 
 class NetworkPerm extends Perm {
-    public NetworkPerm() {
-    super("NetworkPermission",
-        "jdk.net.NetworkPermission",
-        new String[]    {
+    NetworkPerm() {
+        super(jdk.net.NetworkPermission.class,
+            new String[]    {
                 "setOption.SO_FLOW_SLA",
                 "getOption.SO_FLOW_SLA"
                 },
-        null);
+            null);
     }
 }
 
 class PrivCredPerm extends Perm {
-    public PrivCredPerm() {
-    super("PrivateCredentialPermission",
-        "javax.security.auth.PrivateCredentialPermission",
-        new String[]    {
+    PrivCredPerm() {
+        super(javax.security.auth.PrivateCredentialPermission.class,
+            new String[]    {
                 // allow user input
                 },
-        new String[]    {
+            new String[]    {
                 "read"
                 });
     }
 }
 
 class PropPerm extends Perm {
-    public PropPerm() {
-    super("PropertyPermission",
-        "java.util.PropertyPermission",
-        new String[]    {
+    PropPerm() {
+        super(java.util.PropertyPermission.class,
+            new String[]    {
                 // allow user input
                 },
-        new String[]    {
+            new String[]    {
                 "read",
                 "write"
                 });
@@ -4385,21 +4371,19 @@ class PropPerm extends Perm {
 }
 
 class ReflectPerm extends Perm {
-    public ReflectPerm() {
-    super("ReflectPermission",
-        "java.lang.reflect.ReflectPermission",
-        new String[]    {
+    ReflectPerm() {
+        super(java.lang.reflect.ReflectPermission.class,
+            new String[]    {
                 "suppressAccessChecks"
                 },
-        null);
+            null);
     }
 }
 
 class RuntimePerm extends Perm {
-    public RuntimePerm() {
-    super("RuntimePermission",
-        "java.lang.RuntimePermission",
-        new String[]    {
+    RuntimePerm() {
+        super(java.lang.RuntimePermission.class,
+            new String[]    {
                 "createClassLoader",
                 "getClassLoader",
                 "setContextClassLoader",
@@ -4432,15 +4416,14 @@ class RuntimePerm extends Perm {
                 "usePolicy",
                 // "inheritedChannel"
                 },
-        null);
+            null);
     }
 }
 
 class SecurityPerm extends Perm {
-    public SecurityPerm() {
-    super("SecurityPermission",
-        "java.security.SecurityPermission",
-        new String[]    {
+    SecurityPerm() {
+        super(java.security.SecurityPermission.class,
+            new String[]    {
                 "createAccessControlContext",
                 "getDomainCombiner",
                 "getPolicy",
@@ -4470,30 +4453,28 @@ class SecurityPerm extends Perm {
                 //"getSignerPrivateKey",
                 //"setSignerKeyPair"
                 },
-        null);
+            null);
     }
 }
 
 class SerialPerm extends Perm {
-    public SerialPerm() {
-    super("SerializablePermission",
-        "java.io.SerializablePermission",
-        new String[]    {
+    SerialPerm() {
+        super(java.io.SerializablePermission.class,
+            new String[]    {
                 "enableSubclassImplementation",
                 "enableSubstitution"
                 },
-        null);
+            null);
     }
 }
 
 class ServicePerm extends Perm {
-    public ServicePerm() {
-    super("ServicePermission",
-        "javax.security.auth.kerberos.ServicePermission",
-        new String[]    {
+    ServicePerm() {
+        super(javax.security.auth.kerberos.ServicePermission.class,
+            new String[]    {
                 // allow user input
                 },
-        new String[]    {
+            new String[]    {
                 "initiate",
                 "accept"
                 });
@@ -4501,13 +4482,12 @@ class ServicePerm extends Perm {
 }
 
 class SocketPerm extends Perm {
-    public SocketPerm() {
-    super("SocketPermission",
-        "java.net.SocketPermission",
-        new String[]    {
+    SocketPerm() {
+        super(java.net.SocketPermission.class,
+            new String[]    {
                 // allow user input
                 },
-        new String[]    {
+            new String[]    {
                 "accept",
                 "connect",
                 "listen",
@@ -4517,38 +4497,35 @@ class SocketPerm extends Perm {
 }
 
 class SQLPerm extends Perm {
-    public SQLPerm() {
-    super("SQLPermission",
-        "java.sql.SQLPermission",
-        new String[]    {
+    SQLPerm() {
+        super(java.sql.SQLPermission.class,
+            new String[]    {
                 "setLog",
                 "callAbort",
                 "setSyncFactory",
                 "setNetworkTimeout",
                 },
-        null);
+            null);
     }
 }
 
 class SSLPerm extends Perm {
-    public SSLPerm() {
-    super("SSLPermission",
-        "javax.net.ssl.SSLPermission",
-        new String[]    {
+    SSLPerm() {
+        super(javax.net.ssl.SSLPermission.class,
+            new String[]    {
                 "setHostnameVerifier",
                 "getSSLSessionContext"
                 },
-        null);
+            null);
     }
 }
 
 class SubjDelegPerm extends Perm {
-    public SubjDelegPerm() {
-    super("SubjectDelegationPermission",
-        "javax.management.remote.SubjectDelegationPermission",
-        new String[]    {
+    SubjDelegPerm() {
+        super(javax.management.remote.SubjectDelegationPermission.class,
+            new String[]    {
                 // allow user input
                 },
-        null);
+            null);
     }
 }