1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.core.authz.support;
21
22
23 import java.util.Collection;
24 import java.util.Iterator;
25
26 import javax.naming.NamingException;
27
28 import org.apache.directory.server.core.entry.ServerEntry;
29 import org.apache.directory.server.core.interceptor.context.OperationContext;
30 import org.apache.directory.server.schema.registries.Registries;
31 import org.apache.directory.shared.ldap.aci.ACITuple;
32 import org.apache.directory.shared.ldap.aci.MicroOperation;
33 import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
34 import org.apache.directory.shared.ldap.entry.Value;
35 import org.apache.directory.shared.ldap.name.LdapDN;
36
37
38
39
40
41
42
43
44
45 public class HighestPrecedenceFilter implements ACITupleFilter
46 {
47 public Collection<ACITuple> filter(
48 Registries registries,
49 Collection<ACITuple> tuples,
50 OperationScope scope,
51 OperationContext opContext,
52 Collection<LdapDN> userGroupNames,
53 LdapDN userName,
54 ServerEntry userEntry,
55 AuthenticationLevel authenticationLevel,
56 LdapDN entryName,
57 String attrId,
58 Value<?> attrValue,
59 ServerEntry entry,
60 Collection<MicroOperation> microOperations,
61 ServerEntry entryView )
62 throws NamingException
63 {
64 if ( tuples.size() <= 1 )
65 {
66 return tuples;
67 }
68
69 int maxPrecedence = -1;
70
71
72 for ( ACITuple tuple:tuples )
73 {
74 if ( tuple.getPrecedence() > maxPrecedence )
75 {
76 maxPrecedence = tuple.getPrecedence();
77 }
78 }
79
80
81 for ( Iterator<ACITuple> i = tuples.iterator(); i.hasNext(); )
82 {
83 ACITuple tuple = i.next();
84
85 if ( tuple.getPrecedence() != maxPrecedence )
86 {
87 i.remove();
88 }
89 }
90
91 return tuples;
92 }
93 }