001    /*
002     *  Licensed to the Apache Software Foundation (ASF) under one
003     *  or more contributor license agreements.  See the NOTICE file
004     *  distributed with this work for additional information
005     *  regarding copyright ownership.  The ASF licenses this file
006     *  to you under the Apache License, Version 2.0 (the
007     *  "License"); you may not use this file except in compliance
008     *  with the License.  You may obtain a copy of the License at
009     *  
010     *    http://www.apache.org/licenses/LICENSE-2.0
011     *  
012     *  Unless required by applicable law or agreed to in writing,
013     *  software distributed under the License is distributed on an
014     *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     *  KIND, either express or implied.  See the License for the
016     *  specific language governing permissions and limitations
017     *  under the License. 
018     *  
019     */
020    package org.apache.directory.shared.ldap.aci;
021    
022    
023    import java.util.ArrayList;
024    import java.util.Collection;
025    import java.util.Collections;
026    import java.util.Set;
027    
028    import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
029    
030    
031    /**
032     * An {@link ACIItem} which specifies {@link ProtectedItem}s first and then
033     * {@link UserClass}es each {@link ProtectedItem} will have. (18.4.2.4. X.501)
034     * 
035     * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
036     * @version $Rev: 664290 $, $Date: 2008-06-07 08:28:06 +0200 (Sat, 07 Jun 2008) $
037     */
038    public class ItemFirstACIItem extends ACIItem
039    {
040        private static final long serialVersionUID = -8199453391060356463L;
041    
042        private final Collection<ProtectedItem> protectedItems;
043    
044        private final Collection<ItemPermission> itemPermissions;
045    
046    
047        /**
048         * Creates a new instance.
049         * 
050         * @param identificationTag
051         *            the id string of this item
052         * @param precedence
053         *            the precedence of this item
054         * @param authenticationLevel
055         *            the level of authentication required to this item
056         * @param protectedItems
057         *            the collection of {@link ProtectedItem}s this item protects
058         * @param itemPermissions
059         *            the collection of {@link ItemPermission}s each
060         *            <tt>protectedItems</tt> will have
061         */
062        public ItemFirstACIItem( String identificationTag, int precedence, AuthenticationLevel authenticationLevel,
063            Collection<ProtectedItem> protectedItems, Collection<ItemPermission> itemPermissions )
064        {
065            super( identificationTag, precedence, authenticationLevel );
066    
067            this.protectedItems = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>( protectedItems ) );
068            this.itemPermissions = Collections.unmodifiableCollection( new ArrayList<ItemPermission>( itemPermissions ) );
069        }
070    
071    
072        /**
073         * Returns the collection of {@link ProtectedItem}s.
074         */
075        public Collection<ProtectedItem> getProtectedItems()
076        {
077            return protectedItems;
078        }
079    
080    
081        /**
082         * Returns the collection of {@link ItemPermission}s.
083         */
084        public Collection<ItemPermission> getItemPermissions()
085        {
086            return itemPermissions;
087        }
088    
089    
090        public String toString()
091        {
092            StringBuilder buf = new StringBuilder();
093            
094            // identificationTag
095            buf.append( "{ identificationTag \"" );
096            buf.append( getIdentificationTag() );
097    
098            // precedence
099            buf.append( "\", precedence " );
100            buf.append( getPrecedence() );
101            
102            // authenticationLevel
103            buf.append( ", authenticationLevel " );
104            buf.append( getAuthenticationLevel().getName() );
105            
106            // itemOrUserFirst
107            buf.append( ", itemOrUserFirst itemFirst: { " );
108            
109            // protectedItems
110            buf.append( "protectedItems { " );
111            
112            boolean isFirst = true;
113    
114            for ( ProtectedItem item:protectedItems )
115            {
116                if ( isFirst )
117                {
118                    isFirst = false;
119                }
120                else
121                {
122                    buf.append( ", " );
123                }
124    
125                buf.append( item.toString() );
126            }
127    
128            // itemPermissions
129            buf.append( " }, itemPermissions { " );
130    
131            isFirst = true;
132            
133            for ( ItemPermission permission:itemPermissions )
134            {
135                if ( isFirst )
136                {
137                    isFirst = false;
138                }
139                else
140                {
141                    buf.append( ", " );
142                }
143    
144                buf.append( permission.toString() );
145            }
146    
147            buf.append( " } } }" );
148            
149            return buf.toString();
150        }
151    
152    
153        public Collection<ACITuple> toTuples()
154        {
155            Collection<ACITuple> tuples = new ArrayList<ACITuple>();
156            
157            for ( ItemPermission itemPermission:itemPermissions )
158            {
159                Set<GrantAndDenial> grants = itemPermission.getGrants();
160                Set<GrantAndDenial> denials = itemPermission.getDenials();
161                int precedence = itemPermission.getPrecedence() >= 0 ? itemPermission.getPrecedence() : this
162                    .getPrecedence();
163    
164                if ( grants.size() > 0 )
165                {
166                    tuples.add( new ACITuple( itemPermission.getUserClasses(), getAuthenticationLevel(), protectedItems,
167                        toMicroOperations( grants ), true, precedence ) );
168                }
169                if ( denials.size() > 0 )
170                {
171                    tuples.add( new ACITuple( itemPermission.getUserClasses(), getAuthenticationLevel(), protectedItems,
172                        toMicroOperations( denials ), false, precedence ) );
173                }
174            }
175            
176            return tuples;
177        }
178    }