ProtectionDomain class abstract interface

Represents a security boundary for code execution within a container or framework, defining permissions, metadata, and inheritance rules for reflection-based access.

A ProtectionDomain encapsulates:

A name (identity),
A set of granted DomainPermissions,
A set of properties (context-specific data),
An optional parent domain (for hierarchical permission models).

Usage Example:

var domain = ProtectionDomain.create(
  'dev',
  permissions: {DomainPermission.READ_FIELDS, DomainPermission.INVOKE_METHODS},
);

ProtectionDomain.setCurrent(domain);

domain.runWithDomain(() {
  if (domain.hasPermission(DomainPermission.READ_FIELDS)) {
    print('Can read fields');
  }
});

Protection domains are used internally by reflection frameworks, pod factories, or sandboxed environments like JetLeaf to enforce scoped access control.

Properties

hashCode → int: The hash code for this object.
no setterinherited
name → String: Represents a security boundary for code execution within a container or framework, defining permissions, metadata, and inheritance rules for reflection-based access.
no setter
parent → ProtectionDomain?: Represents a security boundary for code execution within a container or framework, defining permissions, metadata, and inheritance rules for reflection-based access.
no setter
permissions → Set<DomainPermission>: Represents a security boundary for code execution within a container or framework, defining permissions, metadata, and inheritance rules for reflection-based access.
no setter
properties → Map<String, dynamic>: Represents a security boundary for code execution within a container or framework, defining permissions, metadata, and inheritance rules for reflection-based access.
no setter
runtimeType → Type: A representation of the runtime type of the object.
no setterinherited

Methods

checkAccess(String operation, [DomainPermission? permission]) → void: Performs an access check for a specific operation, optionally guarded by a required permission. Throws if the access is not allowed.
getProperty<T>(String key) → T?: Retrieves a typed property T stored in this domain under the given key.
hasAllPermissions(Set<DomainPermission> requiredPermissions) → bool: Returns true if this domain includes all of the requiredPermissions.
hasPermission(DomainPermission permission) → bool: Returns true if this domain grants the specified permission.
noSuchMethod(Invocation invocation) → dynamic: Invoked when a nonexistent method or property is accessed.
inherited
runWithDomain<T>(T fn()) → T: Executes a function fn within the scope of this protection domain.
setProperty(String key, dynamic value) → void: Stores a property under the given key with a value.
toString() → String: A string representation of this object.
inherited

Operators

operator ==(Object other) → bool: The equality operator.
inherited

Static Methods

create(String name, {Set<DomainPermission>? permissions, Map<String, dynamic>? properties, ProtectionDomain? parent}) → ProtectionDomain: Creates a new custom ProtectionDomain with the specified name, optional permissions, properties, and an optional parent.
current() → ProtectionDomain: Returns the domain currently bound to the executing thread or context.
setCurrent(ProtectionDomain domain) → void: Sets the current executing domain to domain.
system() → ProtectionDomain: Returns the root system domain, usually used by the framework itself.