KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sun > jmx > snmp > IPAcl > AclImpl


1 /*
2  * @(#)file AclImpl.java
3  * @(#)author Sun Microsystems, Inc.
4  * @(#)version 4.11
5  * @(#)date 08/02/09
6  *
7  * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
8  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
9  *
10  */
11
12
13 package com.sun.jmx.snmp.IPAcl;
14
15
16
17 import java.security.Principal JavaDoc;
18 import java.security.acl.Acl JavaDoc;
19 import java.security.acl.AclEntry JavaDoc;
20 import java.security.acl.NotOwnerException JavaDoc;
21
22 import java.io.Serializable JavaDoc;
23 import java.util.Vector JavaDoc;
24 import java.util.Enumeration JavaDoc;
25
26
27 /**
28  * Represent an Access Control List (ACL) which is used to guard access to http adaptor.
29  * <P>
30  * It is a data structure with multiple ACL entries. Each ACL entry, of interface type
31  * AclEntry, contains a set of permissions and a set of communities associated with a
32  * particular principal. (A principal represents an entity such as a host or a group of host).
33  * Additionally, each ACL entry is specified as being either positive or negative.
34  * If positive, the permissions are to be granted to the associated principal.
35  * If negative, the permissions are to be denied.
36  *
37  * @see java.security.acl.Acl
38  * @version 4.11 12/19/03
39  * @author Sun Microsystems, Inc
40  */
41
42 class AclImpl extends OwnerImpl implements Acl JavaDoc, Serializable JavaDoc {
43   private Vector JavaDoc entryList = null;
44   private String JavaDoc aclName = null;
45   
46   /**
47    * Constructs the ACL with a specified owner
48    *
49    * @param owner owner of the ACL.
50    * @param name name of this ACL.
51    */
52   public AclImpl (PrincipalImpl owner, String JavaDoc name) {
53     super(owner);
54     entryList = new Vector JavaDoc();
55     aclName = name;
56   }
57   
58   /**
59    * Sets the name of this ACL.
60    *
61    * @param caller the principal invoking this method. It must be an owner
62    * of this ACL.
63    * @param name the name to be given to this ACL.
64    *
65    * @exception NotOwnerException if the caller principal is not an owner
66    * of this ACL.
67    * @see java.security.Principal
68    */
69   public void setName(Principal JavaDoc caller, String JavaDoc name)
70     throws NotOwnerException JavaDoc {
71       if (!isOwner(caller))
72         throw new NotOwnerException JavaDoc();
73       aclName = name;
74   }
75   
76   /**
77    * Returns the name of this ACL.
78    *
79    * @return the name of this ACL.
80    */
81   public String JavaDoc getName(){
82     return aclName;
83   }
84   
85   /**
86    * Adds an ACL entry to this ACL. An entry associates a principal (e.g., an individual or a group)
87    * with a set of permissions. Each principal can have at most one positive ACL entry
88    * (specifying permissions to be granted to the principal) and one negative ACL entry
89    * (specifying permissions to be denied). If there is already an ACL entry
90    * of the same type (negative or positive) already in the ACL, false is returned.
91    *
92    * @param caller the principal invoking this method. It must be an owner
93    * of this ACL.
94    * @param entry the ACL entry to be added to this ACL.
95    * @return true on success, false if an entry of the same type (positive
96    * or negative) for the same principal is already present in this ACL.
97    * @exception NotOwnerException if the caller principal is not an owner of
98    * this ACL.
99    * @see java.security.Principal
100    */
101   public boolean addEntry(Principal JavaDoc caller, AclEntry JavaDoc entry)
102     throws NotOwnerException JavaDoc {
103       if (!isOwner(caller))
104         throw new NotOwnerException JavaDoc();
105     
106       if (entryList.contains(entry))
107         return false;
108       /*
109          for (Enumeration e = entryList.elements();e.hasMoreElements();){
110          AclEntry ent = (AclEntry) e.nextElement();
111          if (ent.getPrincipal().equals(entry.getPrincipal()))
112          return false;
113          }
114          */
115       
116       entryList.addElement(entry);
117       return true;
118   }
119   
120   /**
121    * Removes an ACL entry from this ACL.
122    *
123    * @param caller the principal invoking this method. It must be an owner
124    * of this ACL.
125    * @param entry the ACL entry to be removed from this ACL.
126    * @return true on success, false if the entry is not part of this ACL.
127    * @exception NotOwnerException if the caller principal is not an owner
128    * of this Acl.
129    * @see java.security.Principal
130    * @see java.security.acl.AclEntry
131    */
132   public boolean removeEntry(Principal JavaDoc caller, AclEntry JavaDoc entry)
133     throws NotOwnerException JavaDoc {
134       if (!isOwner(caller))
135         throw new NotOwnerException JavaDoc();
136       
137       return (entryList.removeElement(entry));
138   }
139   
140   /**
141    * Removes all ACL entries from this ACL.
142    *
143    * @param caller the principal invoking this method. It must be an owner
144    * of this ACL.
145    * @exception NotOwnerException if the caller principal is not an owner of
146    * this Acl.
147    * @see java.security.Principal
148    */
149   public void removeAll(Principal JavaDoc caller)
150     throws NotOwnerException JavaDoc {
151       if (!isOwner(caller))
152         throw new NotOwnerException JavaDoc();
153     entryList.removeAllElements();
154   }
155   
156   /**
157    * Returns an enumeration for the set of allowed permissions for
158    * the specified principal
159    * (representing an entity such as an individual or a group).
160    * This set of allowed permissions is calculated as follows:
161    * <UL>
162    * <LI>If there is no entry in this Access Control List for the specified
163    * principal, an empty permission set is returned.</LI>
164    * <LI>Otherwise, the principal's group permission sets are determined.
165    * (A principal can belong to one or more groups, where a group is a group
166    * of principals, represented by the Group interface.)</LI>
167    * </UL>
168    * @param user the principal whose permission set is to be returned.
169    * @return the permission set specifying the permissions the principal
170    * is allowed.
171    * @see java.security.Principal
172    */
173   public Enumeration JavaDoc getPermissions(Principal JavaDoc user){
174     Vector JavaDoc empty = new Vector JavaDoc();
175     for (Enumeration JavaDoc e = entryList.elements();e.hasMoreElements();){
176       AclEntry JavaDoc ent = (AclEntry JavaDoc) e.nextElement();
177       if (ent.getPrincipal().equals(user))
178         return ent.permissions();
179     }
180     return empty.elements();
181   }
182   
183   /**
184    * Returns an enumeration of the entries in this ACL. Each element in the
185    * enumeration is of type AclEntry.
186    *
187    * @return an enumeration of the entries in this ACL.
188    */
189   public Enumeration JavaDoc entries(){
190     return entryList.elements();
191   }
192   
193   /**
194    * Checks whether or not the specified principal has the specified
195    * permission.
196    * If it does, true is returned, otherwise false is returned.
197    * More specifically, this method checks whether the passed permission
198    * is a member of the allowed permission set of the specified principal.
199    * The allowed permission set is determined by the same algorithm as is
200    * used by the getPermissions method.
201    *
202    * @param user the principal, assumed to be a valid authenticated Principal.
203    * @param perm the permission to be checked for.
204    * @return true if the principal has the specified permission,
205    * false otherwise.
206    * @see java.security.Principal
207    * @see java.security.Permission
208    */
209   public boolean checkPermission(Principal JavaDoc user,
210                  java.security.acl.Permission JavaDoc perm) {
211     for (Enumeration JavaDoc e = entryList.elements();e.hasMoreElements();){
212       AclEntry JavaDoc ent = (AclEntry JavaDoc) e.nextElement();
213       if (ent.getPrincipal().equals(user))
214         if (ent.checkPermission(perm)) return true;
215     }
216     return false;
217   }
218   
219   /**
220    * Checks whether or not the specified principal has the specified
221    * permission.
222    * If it does, true is returned, otherwise false is returned.
223    * More specifically, this method checks whether the passed permission
224    * is a member of the allowed permission set of the specified principal.
225    * The allowed permission set is determined by the same algorithm as is
226    * used by the getPermissions method.
227    *
228    * @param user the principal, assumed to be a valid authenticated Principal.
229    * @param community the community name associated with the principal.
230    * @param perm the permission to be checked for.
231    * @return true if the principal has the specified permission, false
232    * otherwise.
233    * @see java.security.Principal
234    * @see java.security.Permission
235    */
236   public boolean checkPermission(Principal JavaDoc user, String JavaDoc community,
237                  java.security.acl.Permission JavaDoc perm) {
238     for (Enumeration JavaDoc e = entryList.elements();e.hasMoreElements();){
239       AclEntryImpl ent = (AclEntryImpl) e.nextElement();
240       if (ent.getPrincipal().equals(user))
241         if (ent.checkPermission(perm) && ent.checkCommunity(community)) return true;
242     }
243     return false;
244   }
245   
246   /**
247    * Checks whether or not the specified community string is defined.
248    *
249    * @param community the community name associated with the principal.
250    *
251    * @return true if the specified community string is defined, false
252    * otherwise.
253    * @see java.security.Principal
254    * @see java.security.Permission
255    */
256   public boolean checkCommunity(String JavaDoc community) {
257     for (Enumeration JavaDoc e = entryList.elements();e.hasMoreElements();){
258       AclEntryImpl ent = (AclEntryImpl) e.nextElement();
259       if (ent.checkCommunity(community)) return true;
260     }
261     return false;
262   }
263   
264   /**
265    * Returns a string representation of the ACL contents.
266    *
267    * @return a string representation of the ACL contents.
268    */
269   public String JavaDoc toString(){
270     return ("AclImpl: "+ getName());
271   }
272 }
273
274
275
276
277
278
279
Popular Tags