DefaultPolicy


1   /*
2    * Copyright  1999-2004 The Apache Software Foundation
3    *
4    *  Licensed under the Apache License, Version 2.0 (the "License");
5    *  you may not use this file except in compliance with the License.
6    *  You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   *  Unless required by applicable law or agreed to in writing, software
11   *  distributed under the License is distributed on an "AS IS" BASIS,
12   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *  See the License for the specific language governing permissions and
14   *  limitations under the License.
15   *
16   */
17  
18  /* $Id: DefaultPolicy.java 160351 2005-04-07 00:28:28Z gregor $  */
19  
20  package org.apache.lenya.ac.impl;
21  
22  import java.util.Arrays  ;
23  import java.util.Collection  ;
24  import java.util.HashMap  ;
25  import java.util.HashSet  ;
26  import java.util.Map  ;
27  import java.util.Set  ;
28  
29  import org.apache.lenya.ac.AccessControlException;
30  import org.apache.lenya.ac.Accreditable;
31  import org.apache.lenya.ac.Identity;
32  import org.apache.lenya.ac.Policy;
33  import org.apache.lenya.ac.Role;
34  
35  /**
36   * A DefaultPolicy is the own policy of a certain URL (not merged).
37   */
38  public class DefaultPolicy implements Policy {
39  
40      private Map   accreditableToCredential = new HashMap  ();
41  
42      /**
43       * Adds a credential to this policy.
44       * 
45       * @param credential A credential.
46       */
47      public void addCredential(Credential credential) {
48          assert credential != null;
49          assert !accreditableToCredential.containsKey(credential.getAccreditable());
50          accreditableToCredential.put(credential.getAccreditable(), credential);
51      }
52  
53      /**
54       * Adds a role to this policy for a certain accreditable and a certain role. If a credenital
55       * exists for the accreditable, the role is added to this credential. Otherwise, a new
56       * credential is created.
57       * 
58       * @param accreditable An accreditable.
59       * @param role A role.
60       */
61      public void addRole(Accreditable accreditable, Role role) {
62          assert accreditable != null;
63          assert role != null;
64  
65          Credential credential = getCredential(accreditable);
66          if (credential == null) {
67              credential = new Credential(accreditable);
68              addCredential(credential);
69          }
70          if (!credential.contains(role)) {
71              credential.addRole(role);
72          }
73      }
74  
75      /**
76       * Removes a role from this policy for a certain accreditable and a certain role.
77       * 
78       * @param accreditable An accreditable.
79       * @param role A role.
80       * @throws AccessControlException if the accreditable-role pair is not contained.
81       */
82      public void removeRole(Accreditable accreditable, Role role) throws AccessControlException {
83          assert accreditable != null;
84          assert role != null;
85          Credential credential = getCredential(accreditable);
86          if (credential == null) {
87              throw new AccessControlException(
88                  "No credential for accreditable ["
89                      + accreditable
90                      + "] ["
91                      + accreditableToCredential.keySet().size()
92                      + "]");
93          }
94          if (!credential.contains(role)) {
95              throw new AccessControlException(
96                  "Credential for accreditable ["
97                      + accreditable
98                      + "] does not contain role ["
99                      + role
100                     + "]");
101         }
102         credential.removeRole(role);
103 
104         if (credential.isEmpty()) {
105             removeCredential(credential);
106         }
107     }
108 
109     /**
110      * Returns the credentials of this policy.
111      * 
112      * @return An array of credentials.
113      */
114     public Credential[] getCredentials() {
115         Collection   values = accreditableToCredential.values();
116         return (Credential[]) values.toArray(new Credential[values.size()]);
117     }
118 
119     /**
120      * @see org.apache.lenya.ac.Policy#getRoles(org.apache.lenya.ac.Identity)
121      */
122     public Role[] getRoles(Identity identity) {
123         Accreditable[] accreditables = identity.getAccreditables();
124         Credential[] credentials = getCredentials();
125 
126         Set   roles = new HashSet  ();
127 
128         for (int credIndex = 0; credIndex < credentials.length; credIndex++) {
129             for (int accrIndex = 0; accrIndex < accreditables.length; accrIndex++) {
130                 Credential credential = credentials[credIndex];
131                 Accreditable accreditable = accreditables[accrIndex];
132 
133                 if (credential.getAccreditable().equals(accreditable)) {
134                     roles.addAll(Arrays.asList(credential.getRoles()));
135                 }
136             }
137         }
138 
139         return (Role[]) roles.toArray(new Role[roles.size()]);
140     }
141 
142     /**
143      * Returns the credential for a certain accreditable.
144      * 
145      * @param accreditable An accreditable.
146      * @return A credential.
147      */
148     public Credential getCredential(Accreditable accreditable) {
149         return (Credential) accreditableToCredential.get(accreditable);
150     }
151 
152     private boolean isSSL;
153 
154     /**
155      * @see org.apache.lenya.ac.Policy#isSSLProtected()
156      */
157     public boolean isSSLProtected() throws AccessControlException {
158         return isSSL;
159     }
160 
161     /**
162      * Sets if this policy requires SSL protection.
163      * 
164      * @param ssl A boolean value.
165      */
166     public void setSSL(boolean ssl) {
167         this.isSSL = ssl;
168     }
169 
170     /**
171      * @see org.apache.lenya.ac.Policy#isEmpty()
172      */
173     public boolean isEmpty() throws AccessControlException {
174         return getCredentials().length == 0;
175     }
176 
177     /**
178      * Removes a credential.
179      * 
180      * @param credential The credential to remove.
181      * @throws AccessControlException If the credential does not exist.
182      */
183     protected void removeCredential(Credential credential) throws AccessControlException {
184         if (!accreditableToCredential.containsValue(credential)) {
185             throw new AccessControlException("Credential [" + credential + "] does not exist!");
186         }
187         accreditableToCredential.remove(credential.getAccreditable());
188     }
189 
190     /**
191      * Removes all roles for a certain accreditable.
192      * 
193      * @param accreditable The accreditable to remove all roles for.
194      * @throws AccessControlException If no credential exists for this accreditable.
195      */
196     public void removeRoles(Accreditable accreditable) throws AccessControlException {
197         if (accreditableToCredential.containsKey(accreditable)) {
198             Credential credential = getCredential(accreditable);
199             removeCredential(credential);
200         }
201     }
202 
203 }
204
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags