org.opends.server.authorization.dseecompat
Class AciTargets

java.lang.Object
  extended by org.opends.server.authorization.dseecompat.AciTargets

public class AciTargets
extends java.lang.Object

This class represents target part of an ACI's syntax. This is the part of an ACI before the ACI body and specifies the entry, attributes, or set of entries and attributes which the ACI controls access. The supported ACI target keywords are: target, targetattr, targetscope, targetfilter, targattrfilters, targetcontrol and extop.


Field Summary
static java.lang.String targetsRegex
          Regular expression used to match one or more target rules.
 
Method Summary
static AciTargets decode(java.lang.String input, DN dn)
          Decode an ACI's target part of the syntax from the string provided.
 ExtOp getExtOp()
          Return the class representing the ACI extop keyword.
 TargAttrFilters getTargAttrFilters()
          Return the class representing the ACI targattrfilters keyword.
 TargetAttr getTargetAttr()
          Return class representing the ACI targetattr keyword.
 TargetControl getTargetControl()
          Return the class representing the ACI targetcontrol keyword.
 TargetFilter getTargetFilter()
          Return class representing the ACI targetfilter keyword.
 SearchScope getTargetScope()
          Return the ACI targetscope keyword.
static boolean isExtOpApplicable(Aci aci, AciTargetMatchContext matchCtx)
          Check an ACI's extop rule against a target match context.
static boolean isTargAttrFiltersApplicable(Aci aci, AciTargetMatchContext matchCtx)
          Check an ACI's targattrfilters rule against a target match context.
static boolean isTargetApplicable(Aci aci, AciTargetMatchContext matchCtx)
          Wrapper class that passes an ACI, an ACI's targets and the specified target match context's resource entry DN to the main isTargetApplicable method.
static boolean isTargetApplicable(Aci aci, AciTargets targets, DN entryDN)
          Main target isApplicable method.
static boolean isTargetAttrApplicable(Aci aci, AciTargetMatchContext targetMatchCtx)
          Checks an provided ACI's targetattr rule against a target match context.
static boolean isTargetControlApplicable(Aci aci, AciTargetMatchContext matchCtx)
          Check an ACI's targetcontrol rule against a target match context.
static boolean isTargetFilterApplicable(Aci aci, AciTargetMatchContext matchCtx)
          Checks an ACI's targetfilter rule information against a target match context.
static boolean skipRightsHasRights(int rights)
          Try and match a one or more of the specified rights in the skiprights mask.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

targetsRegex

public static final java.lang.String targetsRegex
Regular expression used to match one or more target rules. The patern is part of a general ACI verification.

See Also:
Constant Field Values
Method Detail

getTargetAttr

public TargetAttr getTargetAttr()
Return class representing the ACI targetattr keyword. May be null. The default is to not match any attribute types in an entry.

Returns:
The ACI targetattr class.

getTargetScope

public SearchScope getTargetScope()
Return the ACI targetscope keyword. Default is WHOLE_SUBTREE.

Returns:
The ACI targetscope information.

getTargetFilter

public TargetFilter getTargetFilter()
Return class representing the ACI targetfilter keyword. May be null.

Returns:
The targetscope information.

getTargAttrFilters

public TargAttrFilters getTargAttrFilters()
Return the class representing the ACI targattrfilters keyword. May be null.

Returns:
The targattrfilters information.

getTargetControl

public TargetControl getTargetControl()
Return the class representing the ACI targetcontrol keyword. May be null.

Returns:
The targetcontrol information.

getExtOp

public ExtOp getExtOp()
Return the class representing the ACI extop keyword. May be null.

Returns:
The extop information.

decode

public static AciTargets decode(java.lang.String input,
                                DN dn)
                         throws AciException
Decode an ACI's target part of the syntax from the string provided.

Parameters:
input - String representing an ACI target part of syntax.
dn - The DN of the entry containing the ACI.
Returns:
An AciTargets class representing the decoded ACI target string.
Throws:
AciException - If the provided string contains errors.

isTargetFilterApplicable

public static boolean isTargetFilterApplicable(Aci aci,
                                               AciTargetMatchContext matchCtx)
Checks an ACI's targetfilter rule information against a target match context.

Parameters:
aci - The ACI to try an match the targetfilter of.
matchCtx - The target match context containing information needed to perform a target match.
Returns:
True if the targetfilter rule matched the target context.

isTargetControlApplicable

public static boolean isTargetControlApplicable(Aci aci,
                                                AciTargetMatchContext matchCtx)
Check an ACI's targetcontrol rule against a target match context.

Parameters:
aci - The ACI to match the targetcontrol against.
matchCtx - The target match context containing the information needed to perform the target match.
Returns:
True if the targetcontrol rule matched the target context.

isExtOpApplicable

public static boolean isExtOpApplicable(Aci aci,
                                        AciTargetMatchContext matchCtx)
Check an ACI's extop rule against a target match context.

Parameters:
aci - The ACI to match the extop rule against.
matchCtx - The target match context containing the information needed to perform the target match.
Returns:
True if the extop rule matched the target context.

isTargAttrFiltersApplicable

public static boolean isTargAttrFiltersApplicable(Aci aci,
                                                  AciTargetMatchContext matchCtx)
Check an ACI's targattrfilters rule against a target match context.

Parameters:
aci - The ACI to match the targattrfilters against.
matchCtx - The target match context containing the information needed to perform the target match.
Returns:
True if the targattrfilters rule matched the target context.

isTargetAttrApplicable

public static boolean isTargetAttrApplicable(Aci aci,
                                             AciTargetMatchContext targetMatchCtx)
Checks an provided ACI's targetattr rule against a target match context.

Parameters:
aci - The ACI to evaluate.
targetMatchCtx - The target match context to check the ACI against.
Returns:
True if the targetattr matched the target context.

skipRightsHasRights

public static boolean skipRightsHasRights(int rights)
Try and match a one or more of the specified rights in the skiprights mask.

Parameters:
rights - The rights to check for.
Returns:
True if the one or more of the specified rights are in the skiprights rights mask.

isTargetApplicable

public static boolean isTargetApplicable(Aci aci,
                                         AciTargetMatchContext matchCtx)
Wrapper class that passes an ACI, an ACI's targets and the specified target match context's resource entry DN to the main isTargetApplicable method.

Parameters:
aci - The ACI currently be matched.
matchCtx - The target match context to match against.
Returns:
True if the target matched the ACI.

isTargetApplicable

public static boolean isTargetApplicable(Aci aci,
                                         AciTargets targets,
                                         DN entryDN)
Main target isApplicable method. This method performs the target keyword match functionality, which allows for directory entry "targeting" using the specifed ACI, ACI targets class and DN.

Parameters:
aci - The ACI to match the target against.
targets - The targets to use in this evaluation.
entryDN - The DN to use in this evaluation.
Returns:
True if the ACI matched the target and DN.