001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 028 package org.opends.server.authorization.dseecompat; 029 import org.opends.messages.Message; 030 031 import static org.opends.messages.AccessControlMessages.*; 032 import org.opends.server.types.DirectoryException; 033 import org.opends.server.types.Entry; 034 import org.opends.server.types.SearchFilter; 035 036 /** 037 * This class represents a targetfilter keyword of an aci. 038 * 039 */ 040 public class TargetFilter { 041 042 /* 043 * Enumeration representing the targetfilter operation. 044 */ 045 private EnumTargetOperator op = EnumTargetOperator.EQUALITY; 046 047 /* 048 * Filter parsed from the ACI used to match the resource entry. 049 */ 050 private SearchFilter filter; 051 052 /* 053 * Class representing a targetfilter keyword. 054 * @param op The operation of the targetfilter expression (=, !=) 055 * @param filter The filter itself. 056 */ 057 private TargetFilter(EnumTargetOperator op, SearchFilter filter) { 058 this.op=op; 059 this.filter=filter; 060 } 061 062 /** 063 * Decode a aci's targetfilter string. 064 * @param op The operation enumeration of the expression. 065 * @param expr A string representing the target filter. 066 * @return A TargetFilter class suitable for using in a match. 067 * @throws AciException If the expression string is invalid. 068 */ 069 public static TargetFilter decode(EnumTargetOperator op, String expr) 070 throws AciException { 071 SearchFilter filter; 072 try { 073 filter = SearchFilter.createFilterFromString(expr); 074 } catch (DirectoryException ex) { 075 Message message = 076 WARN_ACI_SYNTAX_INVALID_TARGETFILTERKEYWORD_EXPRESSION. 077 get(expr); 078 throw new AciException(message); 079 } 080 return new TargetFilter(op, filter); 081 } 082 083 /** 084 * Checks if a targetfilter matches an evaluation context. 085 * @param matchCtx The evaluation context to use in the matching. 086 * @return True if the target filter matched the context. 087 */ 088 public boolean isApplicable(AciTargetMatchContext matchCtx) { 089 boolean ret; 090 ret=matchesFilter(matchCtx.getResourceEntry()); 091 if(op.equals(EnumTargetOperator.NOT_EQUALITY)) 092 ret = !ret; 093 return ret; 094 } 095 096 /** 097 * Checks the filter against an entry taken from the match context. 098 * @param e The entry from the evaluation context above. 099 * @return True if the filter matches the entry. 100 */ 101 private boolean matchesFilter(Entry e) { 102 boolean ret; 103 try { 104 ret=filter.matchesEntry(e); 105 } catch (DirectoryException ex) { 106 //TODO information message? 107 return false; 108 } 109 return ret; 110 } 111 }