CmsAccessControlList


1   /*
2    * File   : $Source: /usr/local/cvs/opencms/src/org/opencms/security/CmsAccessControlList.java,v $
3    * Date   : $Date: 2006/03/27 14:52:48 $
4    * Version: $Revision: 1.21 $
5    *
6    * This library is part of OpenCms -
7    * the Open Source Content Mananagement System
8    *
9    * Copyright (c) 2005 Alkacon Software GmbH (http://www.alkacon.com)
10   *
11   * This library is free software; you can redistribute it and/or
12   * modify it under the terms of the GNU Lesser General Public
13   * License as published by the Free Software Foundation; either
14   * version 2.1 of the License, or (at your option) any later version.
15   *
16   * This library is distributed in the hope that it will be useful,
17   * but WITHOUT ANY WARRANTY; without even the implied warranty of
18   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19   * Lesser General Public License for more details.
20   *
21   * For further information about Alkacon Software GmbH, please see the
22   * company website: http://www.alkacon.com
23   *
24   * For further information about OpenCms, please see the
25   * project website: http://www.opencms.org
26   * 
27   * You should have received a copy of the GNU Lesser General Public
28   * License along with this library; if not, write to the Free Software
29   * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
30   */
31  
32  package org.opencms.security;
33  
34  import org.opencms.file.CmsUser;
35  
36  import java.util.HashMap  ;
37  import java.util.Iterator  ;
38  import java.util.List  ;
39  import java.util.RandomAccess  ;
40  import java.util.Set  ;
41  
42  /**
43   * An access control list contains the permission sets of all principals for a distinct resource
44   * that are calculated on the permissions defined by various access control entries.<p>
45   * 
46   * <p>To each single resource, access control entries of type <code>CmsAccessControlEntry</code> can be assigned.
47   * An access control entry defines the permissions (both allowed and explicitly denied) of a user or group for this resource.</p>
48   * 
49   * <p>By calling the method <code>getAccessControlList</code> the list is generated on the resource. It contains the result of 
50   * merging both access control entries defined immediately on the resource and inherited along the folder hierarchie in the 
51   * OpenCms virtual file system (controlled by flags in the entry).</p>
52   * 
53   * <p>To check the permissions of a user on a distinct resource, the method <code>hasPermissions</code> in the driver manager
54   * is called in each operation. This method acts as access guard and matches the required permissions for the operation
55   * against the allowed and denied permissions defined for the user or groups of this user.</p>
56   * 
57   * @author Carsten Weinholz 
58   * 
59   * @version $Revision: 1.21 $ 
60   * 
61   * @since 6.0.0 
62   */
63  public class CmsAccessControlList {
64  
65      /**
66       * Collected permissions of a principal on this resource .
67       */
68      private HashMap   m_permissions;
69  
70      /**
71       * Constructor to create an empty access control list for a given resource.<p>
72       *
73       */
74      public CmsAccessControlList() {
75  
76          m_permissions = new HashMap  ();
77      }
78  
79      /**
80       * Adds an access control entry to the access control list.<p>
81       * 
82       * @param entry the access control entry to add
83       */
84      public void add(CmsAccessControlEntry entry) {
85  
86          CmsPermissionSetCustom p = (CmsPermissionSetCustom)m_permissions.get(entry.getPrincipal());
87          if (p == null) {
88              p = new CmsPermissionSetCustom();
89              m_permissions.put(entry.getPrincipal(), p);
90          }
91          p.addPermissions(entry.getPermissions());
92      }
93  
94      /**
95       * Returns a clone of this Objects instance.<p>
96       * 
97       * @return a clone of this instance
98       */
99      public Object   clone() {
100 
101         CmsAccessControlList acl = new CmsAccessControlList();
102         Iterator   i = m_permissions.keySet().iterator();
103         while (i.hasNext()) {
104             Object   key = i.next();
105             acl.m_permissions.put(key, ((CmsPermissionSetCustom)m_permissions.get(key)).clone());
106         }
107         return acl;
108     }
109 
110     /**
111      * Returns the permission map of this access control list.<p>
112      * 
113      * @return permission map
114      */
115     public HashMap   getPermissionMap() {
116 
117         return m_permissions;
118     }
119 
120     /**
121      * Calculates the permissions of the given user and his groups from the access control list.<p>
122      *  
123      * @param user the user
124      * @param groups the groups of this user
125      * 
126      * @return the summarized permission set of the user
127      */
128     public CmsPermissionSetCustom getPermissions(CmsUser user, List   groups) {
129 
130         CmsPermissionSetCustom sum = new CmsPermissionSetCustom();
131         CmsPermissionSet p = (CmsPermissionSet)m_permissions.get(user.getId());
132         if (p != null) {
133             sum.addPermissions(p);
134         }
135         if (groups != null) {
136             I_CmsPrincipal principal;
137             if (groups instanceof RandomAccess  ) {
138                 int size = groups.size();
139                 for (int i = 0; i < size; i++) {
140                     principal = (I_CmsPrincipal)groups.get(i);
141                     p = (CmsPermissionSet)m_permissions.get(principal.getId());
142                     if (p != null) {
143                         sum.addPermissions(p);
144                     }
145                 }
146             } else {
147                 Iterator   it = groups.iterator();
148                 while (it.hasNext()) {
149                     principal = (I_CmsPrincipal)it.next();
150                     p = (CmsPermissionSet)m_permissions.get(principal.getId());
151                     if (p != null) {
152                         sum.addPermissions(p);
153                     }
154                 }
155             }
156         }
157         return sum;
158     }
159 
160     /**
161      * Returns the permission set of a principal as stored in the access control list.<p>
162      * 
163      * @param principal the principal (group or user)
164      * 
165      * @return the current permissions of this single principal
166      */
167     public CmsPermissionSetCustom getPermissions(I_CmsPrincipal principal) {
168 
169         return (CmsPermissionSetCustom)m_permissions.get(principal.getId());
170     }
171 
172     /**
173      * Calculates the permissions of the given user and his groups from the access control list.<p>
174      * The permissions are returned as permission string in the format {{+|-}{r|w|v|c|i}}*.
175      * 
176      * @param user the user
177      * @param groups the groups oft this user
178      * 
179      * @return a string that displays the permissions
180      */
181     public String   getPermissionString(CmsUser user, List   groups) {
182 
183         return getPermissions(user, groups).getPermissionString();
184     }
185 
186     /**
187      * Returns the principals with specific permissions stored in this access control list.<p>
188      * 
189      * @return enumeration of principals (each group or user)
190      */
191     public Set   getPrincipals() {
192 
193         return m_permissions.keySet();
194     }
195 
196     /**
197      * Sets the allowed permissions of a given access control entry as allowed permissions in the access control list.<p>
198      * The denied permissions are left unchanged.
199      * 
200      * @param entry the access control entry
201      */
202     public void setAllowedPermissions(CmsAccessControlEntry entry) {
203 
204         CmsPermissionSetCustom p = (CmsPermissionSetCustom)m_permissions.get(entry.getPrincipal());
205         if (p == null) {
206             p = new CmsPermissionSetCustom();
207             m_permissions.put(entry.getPrincipal(), p);
208         }
209         p.setPermissions(entry.getAllowedPermissions(), p.getDeniedPermissions());
210     }
211 
212     /**
213      * Sets the denied permissions of a given access control entry as denied permissions in the access control list.<p>
214      * The allowed permissions are left unchanged.
215      * 
216      * @param entry the access control entry
217      */
218     public void setDeniedPermissions(CmsAccessControlEntry entry) {
219 
220         CmsPermissionSetCustom p = (CmsPermissionSetCustom)m_permissions.get(entry.getPrincipal());
221         if (p == null) {
222             p = new CmsPermissionSetCustom();
223             m_permissions.put(entry.getPrincipal(), p);
224         }
225         p.setPermissions(p.getAllowedPermissions(), entry.getDeniedPermissions());
226     }
227 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Free Books Free Magazines
Popular Tags