Encapsulate objects in Java?

Question

private in Java provides class level encapsulation. Is it possible to encapsulate an object instead? Or is this futile to do so?

For instance if we define a class as,

 public class Person {

      private String ssn;

      private ArrayList<Person> friends = new ArrayList<Person>();

      public void addFriend (Person stranger) {

           friends.add(stranger);

           // but here I have access to her ssn
           System.out.println(stranger.ssn);
      }
}

How would I shield access to ssn of stranger in the method addFriend() above when I require that the stranger's object be passed to it as parameter?

Answer 1

You could get past this by encapsulating your definitions separately, then passing the correct definition to the method:

class Person {
    private HiddenDefinitions hiddenDef;
    private PublicDefinitions publicDef;

    public void addFriend(PublicDefinitions def) {

    }
}

class PublicDefinitions {
    private String name;
    private int id;

    public int getId() {
            return id;
    }

    public String getName() {
            return name;
    }
}

class HiddenDefinitions {
    private String ssn;

    private String getSSN() {
            return ssn;
    }

    public void setSSN(String ssn) {
            this.ssn = ssn;
    }
}

This will ensure you only pass public information when needed. Although it does require extra classes, it prevents breakage possible by other examples

Answer 2

The idea of encapsulation is not the same as the idea of data security.

Encapsulation is used to improve programs. It improves the ability of software to trust a class's contract and get the expected results without bugs, and it improves the ability to abstract implementation, allowing you to think in small units and not have side effects caused by unexpected usages.

For this reason, it is implemented at the class level. If you are a programmer, you are usually supposed to be able to trust yourself or your team members. There are several levels of trust here, but again, we're talking about trusting them to respect the class's contract.

Data security should be handled on a different level altogether. For example, by encrypting a sensitive field only with a secure key that is not stored anywhere except on the authorized person's computer, so that only that person can access it.

Answer 3

There is no mechanism for this built into the language. You can do it yourself, though, by adding an interface with methods that should be accessible to everyone, while keeping the inaccessible members to the type, like this:

public interface Person {
    int getID();
}

public class PersonWithSsn implements Person {
      private int ID;
      private String ssn;

      private ArrayList<Integer> friends = new ArrayList<Integer>();

      public int getID() {
           return ID;
      }
      public void addFriend (Person stranger) {
           friends.add(stranger.getID());
           // You no longer have access to ssn here
           //System.out.println(stranger.ssn);
      }
}

Answer 4

Java doesn't have an "instance" private access modifier, ie. where you can restrict access only to this instance's fields/methods.

And you probably don't need one. You're in your Person class. You're the developer. What do you need to hide from yourself?

Answer 5

private means you have access to that member from that class, not just that instance.

You can only access ssn from inside Person, not from any other type. You can't circumvent this to restrict this to just that instance.