KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jmanage > core > auth > ACL


1 /**
2  * Copyright 2004-2005 jManage.org
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package org.jmanage.core.auth;
17
18 import java.util.List JavaDoc;
19 import java.util.LinkedList JavaDoc;
20 import java.util.Iterator JavaDoc;
21
22 /**
23  *
24  * Date: Apr 8, 2005
25  * @author Rakesh Kalra
26  */
27 public class ACL {
28
29     private final String JavaDoc name;
30     /* the no context authorized list (if specified) */
31     private List JavaDoc authorizedList;
32     private List JavaDoc contextList = new LinkedList JavaDoc();
33
34     public ACL(String JavaDoc name){
35         this.name = name;
36     }
37
38     public String JavaDoc getName(){
39         return this.name;
40     }
41
42     public void setAuthorizedList(List JavaDoc authorizedList){
43         assert authorizedList != null;
44         assert this.authorizedList == null:"authorized list is already specified";
45         this.authorizedList = authorizedList;
46     }
47
48     public List JavaDoc getAuthorizedList(){
49         return authorizedList;
50     }
51
52     public List JavaDoc getAuthorizedList(ACLContext context){
53
54         if(context != null){
55             for(Iterator JavaDoc it=contextList.iterator(); it.hasNext(); ){
56                 ACLContextWrapper wrapper = (ACLContextWrapper)it.next();
57                 if(wrapper.context.equals(context)){
58                     return wrapper.authorizedList;
59                 }
60             }
61         }
62
63         return getAuthorizedList();
64     }
65
66     public void add(ACLContext context, List JavaDoc authorizedList){
67         assert context != null;
68         assert authorizedList != null;
69         contextList.add(new ACLContextWrapper(context, authorizedList));
70     }
71
72     /**
73      * TODO: there is an issue with this implementation:
74      * if a user has the same name as a role name, user will get access
75      * even though user is not in that role.
76      *
77      * @param context
78      * @param user
79      * @return
80      */
81     public boolean isAuthorized(ACLContext context, User user) {
82         List JavaDoc authorizedList = getAuthorizedList(context);
83         for(Iterator JavaDoc it=authorizedList.iterator(); it.hasNext(); ){
84             String JavaDoc authorized = (String JavaDoc)it.next();
85             if(user.getName().equals(authorized) || user.hasRole(authorized)){
86                 return true;
87             }
88         }
89         return false;
90     }
91
92     private class ACLContextWrapper {
93         ACLContext context;
94         List JavaDoc authorizedList;
95
96         ACLContextWrapper(ACLContext context, List JavaDoc authorizedList){
97             this.context = context;
98             this.authorizedList = authorizedList;
99         }
100     }
101 }
102
Popular Tags