RE: A way to opt out of access restrictions on non-exported members.

Tue, 17 Nov 2015 02:05:25 -0800 


> -----Original Message-----
> From: jigsaw-dev [mailto:jigsaw-dev-boun...@openjdk.java.net] On Behalf Of 
> Alan Bateman
> Subject: Re: A way to opt out of access restrictions on non-exported members.
> 
> On 16/11/2015 17:48, Neil Bartlett wrote:
> > Alan,
> >
> > In your consideration does the following declaration break encapsulation of 
> > a module, assuming that package “org.example.impl” is
> not exported?
> >
> >     module foo {
> >             provides org.example.api.ServiceInterface with 
> > org.example.impl.ServiceImpl;
> >     }
> >
> > This appears to allow the ServiceLoader to punch through encapsulation and 
> > obtain instances of a non-exported type.
> Sure, but this just part of the support for services. In this example then 
> the service provider is fully encapsulated. The consumer of the
> service can't access ServiceImpl, it instead accesses it via ServiceInterface 
> (assuming of course that the consumer reads the module
> with ServiceInterface and org.example.api is exported to the consumer).
> 
> >   How does this differ from a declaration that one might see in a 
> > Dependency Injection framework such as Spring? I.e. something like:
> >
> >     <bean class=“org.example.impl.ServiceImpl”> …
> >
> There isn't way to give Spring super powers so this needs foo to export 
> org.example.impl to Spring.

I think exporting org.example.impl and then Spring reading is reasonable and 
enough for supporting DI framework, but is it ok to give super power to 
java.base?

I am not sure if it punches only for supporting ServiceLoader in 
AccessibleObject.java:
void checkCanSetAccessible(Class<?> caller, Class<?> declaringClass) {
        Module callerModule = caller.getModule();
        Module declaringModule = declaringClass.getModule();

        if (callerModule != declaringModule
                && callerModule != Object.class.getModule()) {

            // check reads
            if (!callerModule.canRead(declaringModule)) {
                String msg = "Unable to make member of "
                        + declaringClass + " accessible:  "
                        + callerModule + " does not read " + declaringModule;
                Reflection.throwInaccessibleObjectException(msg);
            }
          ....

Why we don't make special handling for use and provide in our code? that should 
also achieve Service loading.
At least, javadoc of AccessibleObject.setAccessible doesn't state java.base has 
special permission, we need to update if we keep this impl.

Frank

> 
> -Alan.

Reply via email to