1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.core.authz.support;
21
22
23 import java.util.Collection;
24 import java.util.Iterator;
25
26 import javax.naming.NamingException;
27
28 import org.apache.directory.server.core.entry.ServerEntry;
29 import org.apache.directory.server.core.interceptor.context.OperationContext;
30 import org.apache.directory.server.schema.registries.Registries;
31 import org.apache.directory.shared.ldap.aci.ACITuple;
32 import org.apache.directory.shared.ldap.aci.MicroOperation;
33 import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
34 import org.apache.directory.shared.ldap.entry.Value;
35 import org.apache.directory.shared.ldap.name.LdapDN;
36
37
38
39
40
41
42
43
44
45
46 public class MicroOperationFilter implements ACITupleFilter
47 {
48 public Collection<ACITuple> filter(
49 Registries registries,
50 Collection<ACITuple> tuples,
51 OperationScope scope,
52 OperationContext opContext,
53 Collection<LdapDN> userGroupNames,
54 LdapDN userName,
55 ServerEntry userEntry,
56 AuthenticationLevel authenticationLevel,
57 LdapDN entryName,
58 String attrId,
59 Value<?> attrValue,
60 ServerEntry entry,
61 Collection<MicroOperation> microOperations,
62 ServerEntry entryView )
63 throws NamingException
64 {
65 if ( tuples.size() == 0 )
66 {
67 return tuples;
68 }
69
70 for ( Iterator<ACITuple> i = tuples.iterator(); i.hasNext(); )
71 {
72 ACITuple tuple = i.next();
73
74
75
76
77
78
79
80 boolean retain = true;
81
82 for ( MicroOperation microOp:microOperations )
83 {
84 if ( !tuple.getMicroOperations().contains( microOp ) )
85 {
86 retain = false;
87 break;
88 }
89 }
90
91 if ( !retain )
92 {
93 i.remove();
94 }
95 }
96
97 return tuples;
98 }
99
100 }