Imposing constraints or restrictions on method bodies in Java

Context (Edit)

Some clarifications are needed, so I will try to summarize the impact

>The goal of the project is to provide programmers with certain functions, most likely in the form of a library (a jar with class files, I guess). > In order to use the function, the programmer must meet the constraints that must (should) be met Otherwise, it will not work properly (like the lock in java.util.concurrent, it must be acquired / released at the appropriate time and place). > This code will not be the entry point for the application that uses it (that is, there is no main). > The number of operations exposed in the API is limited

example:

Think of a small game. Almost everything is implemented and managed by implemented classes The only thing a programmer needs to do is write a method, or some method that describes what the character will do (walk, change direction, stop, check object) I want to make sure their method (may be marked with comments?) Just walk, or change direction, or calculate diff = desiredvalue – x, instead of writing some files or opening a socket connection I want to be a trading manager Managers will be provided by this library, as well as some general transaction attributes (their isolation level, timeout,...) Now, programmers want to trade and use this manager I want to make sure they read only, write, commit or roll back some resources that the manager knows If the manager doesn't control any rocket launch, I don't want them to launch rocket in the middle of the business

problem

I want to impose some invariants / restrictions / constraints on the body of a method (or group of methods), which will be implemented by other programmers in other packages / locations later Said, I give them something:

public abstract class ToBeExtended {
    // some private stuff they should not modify
    // ...
    public abstract SomeReturnType safeMethod();
}

For this project, the important (possibly necessary) method body satisfies some invariants In other words, the command set used in the implementation of this method is limited Examples of these constraints are:

>This method must not perform any I / O. > this method must not instantiate any unknown (potentially dangerous) object. >

Another way:

>This method can call methods of known (specific) classes. > This method can execute some basic instructions (Mathematics, assigning local variables, ifs, loop...)

I've been reading the notes, and there seems to be nothing close to this My choice so far

>Define some annotation @ safeannotation and apply it to the method. Define a contract with the implementer. He will follow the imposed rules, otherwise the system will fail. > Define enumerations with allowed actions Instead of exposing the allowed methods, only one method is exposed, which accepts the list of these enumerated objects (or similar to control flow graph?), And execute it, let me control what I can do

Example:

public enum AllowedOperations { OP1,OP2 }

public class TheOneKNown {
    public void executeMyStuff (List<AllowedOperations> ops) {
        // ...
    }
}

My question

Is there any function in the language, such as annotation, reflection or other ways, that I can check (at compile or run time) if the method is valid (i.e. meets my constraints)? Or is there any way to force it to call only a limited number of other methods?

If not (I don't think so), is this the second option? Suitable for intuitive, well-designed and / or good practices

Update (Progress)

After reading some related questions, I am also considering (as a third option, maybe) the steps given according to the acceptance answer of this question Although this may require some reflection on the architecture

The whole idea of using annotations to impose restrictions seems to require implementing my own annotation processor If this is true, I can also consider a small domain specific language so that programmers will use these limited operations and then convert the code to Java In this way, I can also control the specified content

Solution

I think the direction in this question is good

>Use a specific classloader to load the class Be careful, they are an interesting horse, and it usually happens that the class itself is loaded by the parent loader Maybe you want some type of urlclassloader, and the parent class loader will be set as the root class loader, which is not enough. > Use threads to avoid infinite loops (equivalent to implementing runnable instead of extending threads, like there) – this may not be necessary if you don't worry. > Using securitymanager to avoid Java IO operation

In addition to the above, I recommend two options:

Give the method a controller that will contain the functions it can call

For example:

public void foo(Controller ctrl) {
}

public class Controller {
   public boolean commit();
   public boolean rollback();
}

This gives the user a handle on what operations are allowed

Using intent like command mode

In Android, the components of the system are quite closed They can't communicate with each other directly. They can only initiate an event, "happen", or "I want to do this"

In this way, there is no limit to the set of available commands Generally, if the method only does small business logic, it is enough