CSC/ECE 517 Fall 2011/ch1 2b rv

From Expertiza_Wiki
Jump to navigation Jump to search

Access Control in O-O Languages

Introduction to Access control

In object oriented programming, access control refers to the control of visibility of data and methods. The main idea behind access control is to restrict access to certain parts of the code to external entities. Access control implements encapsulation by providing varying levels of access to code. The use of access control becomes necessary in any practical environment where selective access is a key criterion.

For example, only the instructor can be allowed to modify grades of students but all students should be given access to retrieve and view their respective grades.

Access control in different object oriented languages and the underlying details will be covered in this topic.

Overview of Access Control Mechanisms

Each O-O language has a specific implementation of access control mechanisms. However, a plethora of the most widely used o-o languages share similar features while implementing access control. Access control mechanisms are applicable to class members like variables and functions. Some level of access control can be applied at the class level. The 3 basic types of access control implementation which is common to some static and dynamic O-O languages [like C++, C#, Java and Ruby] are

Public : Methods or attributes that are declared to be public can be accessed from any class. This is the least restrictive access control method. For example, we may want everyone in a company to know the names of people working along with them. Thus public access is given to employee's name.

Private : This mechanism makes the data or method to be visible only in the class in which it is declared. The support is not extended to sub classes. This is the most restrictive access control method. In any application, methods which implement the core functionality or require administrator access are declared to be private thereby enforcing limited access. For example, only a manager can be given the authority to review an employee’s performance and award bonus and promotions.

Protected : The use of protected access allows access of data and methods to be modified by members belonging to the same family. This means that this support is extended to subclasses. Protected access control can be used to support the single interface, multiple implementation concept i.e, inheritance. For example, a super class may have a protected method called ComputeArea(). We can have many subclasses like Triangle, Rectangle etc inherit the super class and override the method ComputeArea() to provide their own specific implementation. In a more practical scenario, a person might be allowed to view the medical history of immediate family members. However, people outside the family will not be allowed access to view this medical history.

Implementing Access Control

Programming languages implement access control in different ways. We present a few of the languages that use access control and show their implementation.

Java

In Java, access control is achieved using the modifiers public, private and protected. If a class is not declared with any modifier, then the default access becomes package-private i.e, any object within the package should be able to access this class.

Public Keyword – Other classes can modify public fields unless its declared as final. The syntax for declaring a variable/method public is as follows 

public int x;
public void print_Hello()

In the example shown below, the variable studentName is public and hence can be accessed in another class Student2. Similarly, public methods like getName() etc become accessible by other classes.

Private Keyword – This keyword makes the class members private. Private members can only be accessed from within the class. They are not visible even in subclasses. However, visibility and access of private members is extended to nested classes. The syntax for declaring a variable/method private is as follows

private String EmpID; 
private void getEmpDetails()

In the example code below, the method setID is declared to be private. Hence, it cannot be accessed in the subclass of the class Student.

Protected Keyword – This keyword when used before a class member makes that member visible to the elements residing in that class and its subclasses. However if the subclass is in a different package, then the protected member is visible only through inheritance. It cannot be accessed by the object of the parent class as the definition is in another package. The syntax for declaring a variable/method protected is as follows

protected int sides; 
protected void setArea(int sides)

In the example code below, the method setName is declared as protected. Hence, it can be accessed in the subclass NewStudent.

Default access level/Package – When no specific access control keyword is given, then the method or variable becomes accessible to all classes under a particular package. In the following example, the integer “packageVar” becomes accessible to all classes included in the package ‘TestPackage1’. Hence, it can be modified in the class Student2.


Example:

package TestPackage1  
public class Student {  

	public String studentName;
	public int studentID;
	int packageVar;

	public String getName() {
		return studentName;
	}
	public int getID() {
		return studentID;
	}
	protected void setName(String s) {
		studentName = s;
	}
	private void setID(int y) {
		studentID = y;
	}
	public static void main(String[] args) {
		Student Stu1 = new Student();
		Stu1.setName("ABCD");
		Stu1.setID(1230013);
		System.out.println(Stu1.getName() + Stu1.getID());
	}
}
public class NewStudent extends Student {	
	public static void main(String[] args) {
		NewStudent NewStu1 = new NewStudent();
		NewStu1.setName("EFGH"); 		//Can be accessed 
		NewStu1.setID(350);		// Cannot be accessed as setID is private
		System.out.println(NewStu1.getName());
	}
}
public class Student2 {
        public static void main(String[] args) {
                Student Stu2 = new Student();
                Stu2.studentName = "Mickey";     //Public variable of another class can be accessed
                Stu2.packageVar = 5;             //Default access level
        }
}

C++

In C++, we have the three modifiers presented in the overview along with a special type of access control called friend. The behavior of public, private and protected modifiers is similar to its Java counterparts.

Friend - A function or class can access the private and protected members of a class if it is declared as a friend of that class. 

class Number
{	int a,b;
	friend int canAccess(Number numb); // Declaring canAccess() to be a friend
public:
	int add(int,int);
protected:
	int diff(int,int);
private:
	int prod(int,int);


	int add(int a,int b)
	{
		return a+b;
	}
	int diff(int a,int b)
	{
		if (a>b)
		 return a-b;
		else
		 return b-a;
	}
	int prod(int a,int b)
	{
		return a*b;
	}	
};
public static void main()
{
  	Number num;
	int a=10, b=20;	
	cout << "Sum =" << num.add(a,b);
	cout << "Difference =" << num.diff(a,b);
	//cout << "Product = " << num.prod(a,b); // this will throw an error if the comments are removed
}

// Friend function
int canAccess(Number numb)
{
 cout<< "Product for a friend = " << numb.prod(10,20)  
}


More about friend functions

If a class is declared as a friend in another class, the friend class can access all the private members of the class. This can also be limited in such a way that only few private members of the class can be accessed. By using friend functions or classes, we can provide a flexibility of letting a friend class access restricted members of a class and still keeping the restricted members closed for access by any other class. This will be useful in a few cases.

Ruby

Ruby provides the three levels of access controls, private, public and protected with the default being public access. The behavior of public and protected access control is similar to other languages like C++ and Java.

However, private methods can be called only within the context of the current object. Other object’s private method cannot be invoked. Private methods can be overridden by the sub-classes.In most cases, private methods are used to provide internal functionality to the class. So we need to use a cautious approach in using private methods. If they are overridden by the subclass, we tend to get unexpected behavior in the program.

Note: Private methods cannot be called outside of the class. Private methods can be called only using the “send” method. 

class Number
  def initialize(a,b)
    @number1 = a
    @number2 = b
  end
  def num1
  @number1
  end
  def num2
  @number2
  end  
  def add(a)
   puts a.num1+a.num2
  end    
  def diff(a)
    puts a.num1-a.num2
end
public:add
public:diff
protected:num1
#private:num2  
end
Num1=Number.new(50,60)
Num1.add(Num1)
Num1.diff(Num1)

This program runs successfully and prints the output as long as the private method is not accessed. Here, the private method is num2 and should not be invoked in the current context of the object.

in `add': private method `num2' called for #<Number:0x436e18 @number1=50, @number2=60> (NoMethodError)

However, the private method num2 can be accessed using the send method. The syntax for accessing the method is a.send(:num2)

C#

It has 5 specific levels of access control at the class member level.

1. Public : Public access is the least restrictive access level and class members can be accessed anywhere.

2. Private : Private is the most restrictive access level where members are accessed only in the body of the class in which they are declared. This support is also extended to nested classes.

3. Protected : The protected keyword is a member access modifier i.e, it cannot be applied at a class level. A protected member is accessible from within the class in which it is declared, and from within any class derived from the class that declared this member.


class Number 
{
	public int x =5;
        public int y =10; 
	public int add() {
      		return x+y;
   	}
	protected int diff(){
		return y-x;
	}
	private int prod(){
		return x*y;
	}
}

class Number1
{
	public static void Main()
	{
		Number num = new Number();
		num.add();	//access to add
		num.diff();	// can't as diff is declared protected
		num.prod();	// can't access as prod is private
	}
}

class Number2 : Number
{
	public static void Main()
	{
		Number2 num2 = new Number2();
		num2.diff(); 	// access to protected member
	}
}

4. Internal : It is an access modifier for types and type members. Internal members are accessible only within files in the same assembly.

5. Protected Internal: This access control restricts access of members to the class, subclass within the assembly. The difference between protected internal and internal is that, a subclass of the class derived in another assembly can also access the protected internal method.

File1.cs:
class Number3 
{
   internal int x =0;
   protected internal int y = 0;	
}
File2.cs
class Number4 : Number3
{
  public static void Main() 
  {
      Number4 num4 = new Number4();   
      num4.x = 4 // error, as x is declared as internal
      num4.y = 5 // Allowed. As y is protected internal.
  }
}

Python

Python implements access control in a different way from most other languages in that they don’t have specific access control modifiers. By default all members are public and we precede the member name with ‘__’ (a double underscore) to indicate if the member is private. This feature of python is called as Name Mangling.

There is no feature in python to implement the protected access control. 

class Number:
  def __init(self,a,b): // this is a private method
    self.a = a
    self.b = b
  
  def add():
   print self.a + self.b
      	
  def diff():
   print self.b - self.a

Num1=Number(50,60)
Num1.add()
Num1.diff()

Note that in python the __init method is made to be private as default while programming.

More on Name Mangling in Python

Name mangling is a feature of python using which we indicate whether a member is private by just adding underscores, instead of using key words. When we program or debug, it is easier to note that the member is private and thus refrain from accessing it.

Eiffel

Eiffel has a different approach to access control compared to the previous object oriented languages like C++ and Java. It uses selective export, which means that different methods and attributes can have different access levels. Also, we can individually specify the access level for each method or attribute. 

class Number
feature{NONE} -- indicates nothing can access this code from outside of the class (private)
	a: INTEGER
	b: INTEGER
initialize is 
	do
		a := 10 
		b := 20
	end
end
feature{ANY} -- indicates this method can be accessed from anywhere outside of the class(public)
add: INTEGER is
	do
		Result := a+b
	end
end
feature{Number} -- indicates that this method can be accessed only by members of the class Number
diff: INTEGER is
	do
		Result := b-a
	end
end

More on feature:

Using feature, we can provide varying levels of access to a code in the class. And also we can provide the names of classes that are only allowed to access that part of the code. In the above example, the different access levels that features provide are explained in the comments.

Comparison among different O-O languages

Java C++ C# Ruby Python Eiffel
Public Can be accessed outside of class Can be accessed outside of class Can be accessed outside of class Can be accessed outside of class Can be accessed outside of class Can be accessed outside of class
Protected Access within the class and sub-classes Access within the class and subclasses Access within the class and subclasses Access within the class and subclasses No protected access Access can be given to only a few of the classes.
Private Cannot be directly accessed from outside the class. Can be accessed by nested classes. Cannot be directly accessed from outside the class Cannot be directly accessed from outside the class Cannot be directly accessed from outside the class Cannot be directly accessed from outside the class Cannot be directly accessed from outside the class
Special feature Default access is package. Any class in a package can access if no modifier is given friend functions(access of private to a specific friend class or method) internal and protected internal send method is used to access private members Name Mangling(use of underscores to indicate access level) Selective export using "feature"

A short note on the usage of Access Control

As a good programming practice, the following guidelines can be used to implement access control mechanisms.

1. Use public access only if an interface for a class so that the data can be sent or modified based on external requirements.

2. Use of private is advisable whenever we program the internal structure of the program, like the constructors. Some languages, like Ruby make their variables private by default so that modifications from external entities are avoided.

Access control provides powerful mechanism to implement encapsulation and it can find its use in several applications. However, if not used with caution, access control can lead to unexpected behavior in the program. It is always important to use the right access control to avoid ambiguity and ease the maintainability of code.

References

Retrieved from "https://wiki.expertiza.ncsu.edu/index.php?title=CSC/ECE_517_Fall_2011/ch1_2b_rv&oldid=51630"