KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > opencms > security > CmsAccessControlList


1 /*
2  * File : $Source: /usr/local/cvs/opencms/src/org/opencms/security/CmsAccessControlList.java,v $
3  * Date : $Date: 2006/03/27 14:52:48 $
4  * Version: $Revision: 1.21 $
5  *
6  * This library is part of OpenCms -
7  * the Open Source Content Mananagement System
8  *
9  * Copyright (c) 2005 Alkacon Software GmbH (http://www.alkacon.com)
10  *
11  * This library is free software; you can redistribute it and/or
12  * modify it under the terms of the GNU Lesser General Public
13  * License as published by the Free Software Foundation; either
14  * version 2.1 of the License, or (at your option) any later version.
15  *
16  * This library is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19  * Lesser General Public License for more details.
20  *
21  * For further information about Alkacon Software GmbH, please see the
22  * company website: http://www.alkacon.com
23  *
24  * For further information about OpenCms, please see the
25  * project website: http://www.opencms.org
26  *
27  * You should have received a copy of the GNU Lesser General Public
28  * License along with this library; if not, write to the Free Software
29  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30  */

31
32 package org.opencms.security;
33
34 import org.opencms.file.CmsUser;
35
36 import java.util.HashMap JavaDoc;
37 import java.util.Iterator JavaDoc;
38 import java.util.List JavaDoc;
39 import java.util.RandomAccess JavaDoc;
40 import java.util.Set JavaDoc;
41
42 /**
43  * An access control list contains the permission sets of all principals for a distinct resource
44  * that are calculated on the permissions defined by various access control entries.<p>
45  *
46  * <p>To each single resource, access control entries of type <code>CmsAccessControlEntry</code> can be assigned.
47  * An access control entry defines the permissions (both allowed and explicitly denied) of a user or group for this resource.</p>
48  *
49  * <p>By calling the method <code>getAccessControlList</code> the list is generated on the resource. It contains the result of
50  * merging both access control entries defined immediately on the resource and inherited along the folder hierarchie in the
51  * OpenCms virtual file system (controlled by flags in the entry).</p>
52  *
53  * <p>To check the permissions of a user on a distinct resource, the method <code>hasPermissions</code> in the driver manager
54  * is called in each operation. This method acts as access guard and matches the required permissions for the operation
55  * against the allowed and denied permissions defined for the user or groups of this user.</p>
56  *
57  * @author Carsten Weinholz
58  *
59  * @version $Revision: 1.21 $
60  *
61  * @since 6.0.0
62  */

63 public class CmsAccessControlList {
64
65     /**
66      * Collected permissions of a principal on this resource .
67      */

68     private HashMap JavaDoc m_permissions;
69
70     /**
71      * Constructor to create an empty access control list for a given resource.<p>
72      *
73      */

74     public CmsAccessControlList() {
75
76         m_permissions = new HashMap JavaDoc();
77     }
78
79     /**
80      * Adds an access control entry to the access control list.<p>
81      *
82      * @param entry the access control entry to add
83      */

84     public void add(CmsAccessControlEntry entry) {
85
86         CmsPermissionSetCustom p = (CmsPermissionSetCustom)m_permissions.get(entry.getPrincipal());
87         if (p == null) {
88             p = new CmsPermissionSetCustom();
89             m_permissions.put(entry.getPrincipal(), p);
90         }
91         p.addPermissions(entry.getPermissions());
92     }
93
94     /**
95      * Returns a clone of this Objects instance.<p>
96      *
97      * @return a clone of this instance
98      */

99     public Object JavaDoc clone() {
100
101         CmsAccessControlList acl = new CmsAccessControlList();
102         Iterator JavaDoc i = m_permissions.keySet().iterator();
103         while (i.hasNext()) {
104             Object JavaDoc key = i.next();
105             acl.m_permissions.put(key, ((CmsPermissionSetCustom)m_permissions.get(key)).clone());
106         }
107         return acl;
108     }
109
110     /**
111      * Returns the permission map of this access control list.<p>
112      *
113      * @return permission map
114      */

115     public HashMap JavaDoc getPermissionMap() {
116
117         return m_permissions;
118     }
119
120     /**
121      * Calculates the permissions of the given user and his groups from the access control list.<p>
122      *
123      * @param user the user
124      * @param groups the groups of this user
125      *
126      * @return the summarized permission set of the user
127      */

128     public CmsPermissionSetCustom getPermissions(CmsUser user, List JavaDoc groups) {
129
130         CmsPermissionSetCustom sum = new CmsPermissionSetCustom();
131         CmsPermissionSet p = (CmsPermissionSet)m_permissions.get(user.getId());
132         if (p != null) {
133             sum.addPermissions(p);
134         }
135         if (groups != null) {
136             I_CmsPrincipal principal;
137             if (groups instanceof RandomAccess JavaDoc) {
138                 int size = groups.size();
139                 for (int i = 0; i < size; i++) {
140                     principal = (I_CmsPrincipal)groups.get(i);
141                     p = (CmsPermissionSet)m_permissions.get(principal.getId());
142                     if (p != null) {
143                         sum.addPermissions(p);
144                     }
145                 }
146             } else {
147                 Iterator JavaDoc it = groups.iterator();
148                 while (it.hasNext()) {
149                     principal = (I_CmsPrincipal)it.next();
150                     p = (CmsPermissionSet)m_permissions.get(principal.getId());
151                     if (p != null) {
152                         sum.addPermissions(p);
153                     }
154                 }
155             }
156         }
157         return sum;
158     }
159
160     /**
161      * Returns the permission set of a principal as stored in the access control list.<p>
162      *
163      * @param principal the principal (group or user)
164      *
165      * @return the current permissions of this single principal
166      */

167     public CmsPermissionSetCustom getPermissions(I_CmsPrincipal principal) {
168
169         return (CmsPermissionSetCustom)m_permissions.get(principal.getId());
170     }
171
172     /**
173      * Calculates the permissions of the given user and his groups from the access control list.<p>
174      * The permissions are returned as permission string in the format {{+|-}{r|w|v|c|i}}*.
175      *
176      * @param user the user
177      * @param groups the groups oft this user
178      *
179      * @return a string that displays the permissions
180      */

181     public String JavaDoc getPermissionString(CmsUser user, List JavaDoc groups) {
182
183         return getPermissions(user, groups).getPermissionString();
184     }
185
186     /**
187      * Returns the principals with specific permissions stored in this access control list.<p>
188      *
189      * @return enumeration of principals (each group or user)
190      */

191     public Set JavaDoc getPrincipals() {
192
193         return m_permissions.keySet();
194     }
195
196     /**
197      * Sets the allowed permissions of a given access control entry as allowed permissions in the access control list.<p>
198      * The denied permissions are left unchanged.
199      *
200      * @param entry the access control entry
201      */

202     public void setAllowedPermissions(CmsAccessControlEntry entry) {
203
204         CmsPermissionSetCustom p = (CmsPermissionSetCustom)m_permissions.get(entry.getPrincipal());
205         if (p == null) {
206             p = new CmsPermissionSetCustom();
207             m_permissions.put(entry.getPrincipal(), p);
208         }
209         p.setPermissions(entry.getAllowedPermissions(), p.getDeniedPermissions());
210     }
211
212     /**
213      * Sets the denied permissions of a given access control entry as denied permissions in the access control list.<p>
214      * The allowed permissions are left unchanged.
215      *
216      * @param entry the access control entry
217      */

218     public void setDeniedPermissions(CmsAccessControlEntry entry) {
219
220         CmsPermissionSetCustom p = (CmsPermissionSetCustom)m_permissions.get(entry.getPrincipal());
221         if (p == null) {
222             p = new CmsPermissionSetCustom();
223             m_permissions.put(entry.getPrincipal(), p);
224         }
225         p.setPermissions(p.getAllowedPermissions(), entry.getDeniedPermissions());
226     }
227 }
Popular Tags