/** Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.* ORACLE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.*********************/package java.lang.reflect;import java.security.AccessController;import sun.reflect.Reflection;import sun.reflect.ReflectionFactory;import java.lang.annotation.Annotation;/*** The AccessibleObject class is the base class for Field, Method and* Constructor objects. It provides the ability to flag a reflected* object as suppressing default Java language access control checks* when it is used. The access checks--for public, default (package)* access, protected, and private members--are performed when Fields,* Methods or Constructors are used to set or get fields, to invoke* methods, or to create and initialize new instances of classes,* respectively.** <p>Setting the {@code accessible} flag in a reflected object* permits sophisticated applications with sufficient privilege, such* as Java Object Serialization or other persistence mechanisms, to* manipulate objects in a manner that would normally be prohibited.** <p>By default, a reflected object is <em>not</em> accessible.** @see Field* @see Method* @see Constructor* @see ReflectPermission** @since 1.2*/@SuppressWarnings("ALL")public class AccessibleObject implements AnnotatedElement {/*** The Permission object that is used to check whether a client* has sufficient privilege to defeat Java language access* control checks.*/static final private java.security.Permission ACCESS_PERMISSION =new ReflectPermission("suppressAccessChecks");/*** Convenience method to set the {@code accessible} flag for an* array of objects with a single security check (for efficiency).** <p>First, if there is a security manager, its* {@code checkPermission} method is called with a* {@code ReflectPermission("suppressAccessChecks")} permission.** <p>A {@code SecurityException} is raised if {@code flag} is* {@code true} but accessibility of any of the elements of the input* {@code array} may not be changed (for example, if the element* object is a {@link Constructor} object for the class {@link* java.lang.Class}). In the event of such a SecurityException, the* accessibility of objects is set to {@code flag} for array elements* upto (and excluding) the element for which the exception occurred; the* accessibility of elements beyond (and including) the element for which* the exception occurred is unchanged.** @param array the array of AccessibleObjects* @param flag the new value for the {@code accessible} flag* in each object* @throws SecurityException if the request is denied.* @see SecurityManager#checkPermission* @see java.lang.RuntimePermission*/// setAccessible(boolean flag)的批量操作方法public static void setAccessible(AccessibleObject[] array, boolean flag)throws SecurityException {SecurityManager sm = System.getSecurityManager();if (sm != null) sm.checkPermission(ACCESS_PERMISSION);for (int i = 0; i < array.length; i++) {setAccessible0(array[i], flag);}}/*** Set the {@code accessible} flag for this object to* the indicated boolean value. A value of {@code true} indicates that* the reflected object should suppress Java language access* checking when it is used. A value of {@code false} indicates* that the reflected object should enforce Java language access checks.** <p>First, if there is a security manager, its* {@code checkPermission} method is called with a* {@code ReflectPermission("suppressAccessChecks")} permission.** <p>A {@code SecurityException} is raised if {@code flag} is* {@code true} but accessibility of this object may not be changed* (for example, if this element object is a {@link Constructor} object for* the class {@link java.lang.Class}).** <p>A {@code SecurityException} is raised if this object is a {@link* java.lang.reflect.Constructor} object for the class* {@code java.lang.Class}, and {@code flag} is true.** @param flag the new value for the {@code accessible} flag* @throws SecurityException if the request is denied.* @see SecurityManager#checkPermission* @see java.lang.RuntimePermission*/// 设置实例是否可以访问,如果设置为true,可以抑制修饰符,直接进行访问public void setAccessible(boolean flag) throws SecurityException {SecurityManager sm = System.getSecurityManager();if (sm != null) sm.checkPermission(ACCESS_PERMISSION);setAccessible0(this, flag);}/* Check that you aren't exposing java.lang.Class.<init> or sensitivefields in java.lang.Class. */private static void setAccessible0(AccessibleObject obj, boolean flag)throws SecurityException{if (obj instanceof Constructor && flag == true) {Constructor<?> c = (Constructor<?>)obj;if (c.getDeclaringClass() == Class.class) {throw new SecurityException("Cannot make a java.lang.Class" +" constructor accessible");}}obj.override = flag;}/*** Get the value of the {@code accessible} flag for this object.** @return the value of the object's {@code accessible} flag*/// 返回实例是否可以访问,实际上这个值并不准确,它只有在setAccessible被调用的时候才会更新public boolean isAccessible() {return override;}/*** Constructor: only used by the Java Virtual Machine.*/protected AccessibleObject() {}// Indicates whether language-level access checks are overridden// by this object. Initializes to "false". This field is used by// Field, Method, and Constructor.//// NOTE: for security purposes, this field must not be visible// outside this package.boolean override;// Reflection factory used by subclasses for creating field,// method, and constructor accessors. Note that this is called// very early in the bootstrapping process.static final ReflectionFactory reflectionFactory =AccessController.doPrivileged(new sun.reflect.ReflectionFactory.GetReflectionFactoryAction());/*** @throws NullPointerException {@inheritDoc}* @since 1.5*/public <T extends Annotation> T getAnnotation(Class<T> annotationClass) {throw new AssertionError("All subclasses should override this method");}/*** {@inheritDoc}* @throws NullPointerException {@inheritDoc}* @since 1.5*/@Overridepublic boolean isAnnotationPresent(Class<? extends Annotation> annotationClass) {return AnnotatedElement.super.isAnnotationPresent(annotationClass);}/*** @throws NullPointerException {@inheritDoc}* @since 1.8*/@Overridepublic <T extends Annotation> T[] getAnnotationsByType(Class<T> annotationClass) {throw new AssertionError("All subclasses should override this method");}/*** @since 1.5*/public Annotation[] getAnnotations() {return getDeclaredAnnotations();}/*** @throws NullPointerException {@inheritDoc}* @since 1.8*/@Overridepublic <T extends Annotation> T getDeclaredAnnotation(Class<T> annotationClass) {// Only annotations on classes are inherited, for all other// objects getDeclaredAnnotation is the same as// getAnnotation.return getAnnotation(annotationClass);}/*** @throws NullPointerException {@inheritDoc}* @since 1.8*/@Overridepublic <T extends Annotation> T[] getDeclaredAnnotationsByType(Class<T> annotationClass) {// Only annotations on classes are inherited, for all other// objects getDeclaredAnnotationsByType is the same as// getAnnotationsByType.return getAnnotationsByType(annotationClass);}/*** @since 1.5*/public Annotation[] getDeclaredAnnotations() {throw new AssertionError("All subclasses should override this method");}// Shared access checking logic.// For non-public members or members in package-private classes,// it is necessary to perform somewhat expensive security checks.// If the security check succeeds for a given class, it will// always succeed (it is not affected by the granting or revoking// of permissions); we speed up the check in the common case by// remembering the last Class for which the check succeeded.//// The simple security check for Constructor is to see if// the caller has already been seen, verified, and cached.// (See also Class.newInstance(), which uses a similar method.)//// A more complicated security check cache is needed for Method and Field// The cache can be either null (empty cache), a 2-array of {caller,target},// or a caller (with target implicitly equal to this.clazz).// In the 2-array case, the target is always different from the clazz.volatile Object securityCheckCache;void checkAccess(Class<?> caller, Class<?> clazz, Object obj, int modifiers)throws IllegalAccessException{if (caller == clazz) { // quick checkreturn; // ACCESS IS OK}Object cache = securityCheckCache; // read volatileClass<?> targetClass = clazz;if (obj != null&& Modifier.isProtected(modifiers)&& ((targetClass = obj.getClass()) != clazz)) {// Must match a 2-list of { caller, targetClass }.if (cache instanceof Class[]) {Class<?>[] cache2 = (Class<?>[]) cache;if (cache2[1] == targetClass &&cache2[0] == caller) {return; // ACCESS IS OK}// (Test cache[1] first since range check for [1]// subsumes range check for [0].)}} else if (cache == caller) {// Non-protected case (or obj.class == this.clazz).return; // ACCESS IS OK}// If no return, fall through to the slow path.slowCheckMemberAccess(caller, clazz, obj, modifiers, targetClass);}// Keep all this slow stuff out of line:void slowCheckMemberAccess(Class<?> caller, Class<?> clazz, Object obj, int modifiers,Class<?> targetClass)throws IllegalAccessException{Reflection.ensureMemberAccess(caller, clazz, obj, modifiers);// Success: Update the cache.Object cache = ((targetClass == clazz)? caller: new Class<?>[] { caller, targetClass });// Note: The two cache elements are not volatile,// but they are effectively final. The Java memory model// guarantees that the initializing stores for the cache// elements will occur before the volatile write.securityCheckCache = cache; // write volatile}}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。