[jboss-cvs] jboss-seam/src/main/org/jboss/seam/security/acl ...

Shane Bryzak Shane_Bryzak at symantec.com
Wed Oct 18 01:16:33 EDT 2006


  User: sbryzak2
  Date: 06/10/18 01:16:33

  Added:       src/main/org/jboss/seam/security/acl   AclImpl.java
                        AclProvider.java
  Log:
  Acl implementation
  
  Revision  Changes    Path
  1.1      date: 2006/10/18 05:16:33;  author: sbryzak2;  state: Exp;jboss-seam/src/main/org/jboss/seam/security/acl/AclImpl.java
  
  Index: AclImpl.java
  ===================================================================
  package org.jboss.seam.security.acl;
  
  import java.security.Principal;
  import java.security.acl.Acl;
  import java.security.acl.AclEntry;
  import java.security.acl.LastOwnerException;
  import java.security.acl.NotOwnerException;
  import java.security.acl.Permission;
  import java.util.ArrayList;
  import java.util.Enumeration;
  import java.util.HashMap;
  import java.util.HashSet;
  import java.util.Iterator;
  import java.util.List;
  import java.util.Map;
  import java.util.NoSuchElementException;
  import java.util.Set;
  
  /**
   * Default Acl implementation.
   *
   * @author Shane Bryzak
   */
  public class AclImpl implements Acl
  {
    /** @todo Investigate whether we should support Groups in the future */
  
    private class AclPair
    {
      private AclEntry negative;
      private AclEntry positive;
  
      public boolean hasNegative()
      {
        return negative != null;
      }
  
      public boolean hasPositive()
      {
        return positive != null;
      }
  
      public AclEntry getNegative()
      {
        return negative;
      }
  
      public void setNegative(AclEntry value)
      {
        negative = value;
        checkDuplicates();
      }
  
      public AclEntry getPositive()
      {
        return positive;
      }
  
      public void setPositive(AclEntry value)
      {
        positive = value;
        checkDuplicates();
      }
  
      /**
       * Duplicates are removed as per Acl.getPermissions() spec.
       */
      private void checkDuplicates()
      {
        if (negative != null && positive != null)
        {
          Set<Permission> dupes = new HashSet<Permission>();
  
          Enumeration<Permission> e = negative.permissions();
          while (e.hasMoreElements())
          {
            Permission neg = e.nextElement();
  
            Enumeration<Permission> e2 = positive.permissions();
            while (e2.hasMoreElements())
            {
              Permission pos = e2.nextElement();
              if (neg.equals(pos))
              {
                dupes.add(pos);
                break;
              }
            }
          }
  
          for (Permission dupe : dupes)
          {
            negative.removePermission(dupe);
            positive.removePermission(dupe);
          }
        }
      }
    }
  
    /**
     * The Owners of this Acl
     */
    private Set<Principal> owners = new HashSet<Principal>();
  
    /**
     * The name of this Acl
     */
    private String name;
  
    /**
     *
     */
    private Map<Principal,AclPair> entries = new HashMap<Principal,AclPair>();
  
    /**
     * Construct a new Acl owned by the specified Principal.
     *
     * @param owner Principal
     */
    public AclImpl(Principal owner)
    {
      owners.add(owner);
    }
  
    public boolean addEntry(Principal caller, AclEntry entry)
        throws NotOwnerException
    {
      if (!isOwner(caller))
        throw new NotOwnerException();
  
      if (!entries.containsKey(caller))
      {
        synchronized(entries)
        {
          if (!entries.containsKey(caller))
            entries.put(caller, new AclPair());
        }
      }
  
      AclPair pair = entries.get(caller);
  
      if (entry.isNegative())
      {
        if (pair.hasNegative())
          return false;
        else
          pair.setNegative(entry);
      }
      else
      {
        if (pair.hasPositive())
          return false;
        else
          pair.setPositive(entry);
      }
  
      return true;
    }
  
    public boolean checkPermission(Principal principal, Permission permission)
    {
      AclPair pair = entries.get(principal);
      if (pair == null || !pair.hasPositive())
        return false;
  
      return pair.getPositive().checkPermission(permission);
    }
  
    public Enumeration<AclEntry> entries()
    {
      List<AclEntry> allEntries = new ArrayList();
      for (Principal p : entries.keySet())
      {
        AclPair pair = entries.get(p);
        if (pair.hasPositive())
          allEntries.add(pair.getPositive());
        if (pair.hasNegative())
          allEntries.add(pair.getNegative());
      }
  
      final Iterator<AclEntry> iter = allEntries.iterator();
  
      return new Enumeration() {
        public boolean hasMoreElements() {
          return iter.hasNext();
        }
        public Object nextElement() {
          return iter.next();
        }
      };
    }
  
    public Enumeration getPermissions(Principal user)
    {
      if (!entries.containsKey(user))
      {
        return new Enumeration() {
          public boolean hasMoreElements() { return false; }
          public Object nextElement() { throw new NoSuchElementException(); }
        };
      }
      else
        return entries.get(user).getPositive().permissions();
    }
  
    public boolean removeEntry(Principal caller, AclEntry entry)
        throws NotOwnerException
    {
      if (!isOwner(caller))
        throw new NotOwnerException();
  
      if (!entries.containsKey(caller))
        return false;
  
      AclPair pair = entries.get(caller);
  
      if (entry.isNegative() && pair.getNegative().equals(entry))
      {
        pair.setNegative(null);
        return true;
      }
      else if (!entry.isNegative() && pair.getPositive().equals(entry))
      {
        pair.setPositive(null);
        return true;
      }
  
      return false;
    }
  
    public void setName(Principal caller, String name)
        throws NotOwnerException
    {
      if (!isOwner(caller))
        throw new NotOwnerException();
  
      this.name = name;
    }
  
    public String getName()
    {
      return name;
    }
  
    public boolean addOwner(Principal caller, Principal owner)
        throws NotOwnerException
    {
      if (!isOwner(caller))
        throw new NotOwnerException();
  
      return owners.add(owner);
    }
  
    public boolean deleteOwner(Principal caller, Principal owner)
        throws NotOwnerException, LastOwnerException
    {
      if (!isOwner(caller))
        throw new NotOwnerException();
  
      if (owners.contains(owner) && owners.size() == 1)
        throw new LastOwnerException();
  
      return owners.remove(owner);
    }
  
    public boolean isOwner(Principal owner)
    {
      return owners.contains(owner);
    }
  }
  
  
  
  1.1      date: 2006/10/18 05:16:33;  author: sbryzak2;  state: Exp;jboss-seam/src/main/org/jboss/seam/security/acl/AclProvider.java
  
  Index: AclProvider.java
  ===================================================================
  package org.jboss.seam.security.acl;
  
  import java.security.acl.Acl;
  
  import org.jboss.seam.security.Authentication;
  
  /**
   * Provides a list of Acls for an object.
   *
   * @author Shane Bryzak
   */
  public interface AclProvider
  {
    /**
     * Return all Acls for the specified object.
     *
     * @param value Object
     * @return Permissions
     */
    Acl getAcls(Object value);
  
    /**
     * Return all Acls for the specified object that apply to the specified Authentication.
     *
     * @param value Object
     * @param auth Authentication
     * @return Permissions
     */
    Acl getAcls(Object value, Authentication auth);
  }
  
  
  



More information about the jboss-cvs-commits mailing list