001    /*
002     *  Licensed to the Apache Software Foundation (ASF) under one
003     *  or more contributor license agreements.  See the NOTICE file
004     *  distributed with this work for additional information
005     *  regarding copyright ownership.  The ASF licenses this file
006     *  to you under the Apache License, Version 2.0 (the
007     *  "License"); you may not use this file except in compliance
008     *  with the License.  You may obtain a copy of the License at
009     *  
010     *    http://www.apache.org/licenses/LICENSE-2.0
011     *  
012     *  Unless required by applicable law or agreed to in writing,
013     *  software distributed under the License is distributed on an
014     *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     *  KIND, either express or implied.  See the License for the
016     *  specific language governing permissions and limitations
017     *  under the License. 
018     *  
019     */
020    package org.apache.directory.shared.ldap.aci;
021    
022    
023    import java.io.Serializable;
024    import java.util.ArrayList;
025    import java.util.Collection;
026    import java.util.Collections;
027    import java.util.HashSet;
028    import java.util.Set;
029    
030    import org.apache.directory.shared.i18n.I18n;
031    import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
032    
033    
034    /**
035     * A flatten entity which is converted from an {@link ACIItem}. The tuples are
036     * accepted by ACDF (Access Control Decision Function, 18.8, X.501)
037     * 
038     * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
039     * @version $Rev: 912399 $, $Date: 2010-02-21 21:52:31 +0100 (Sun, 21 Feb 2010) $
040     */
041    public class ACITuple implements Serializable
042    {
043        private static final long serialVersionUID = 4353150626941232371L;
044    
045        private final Collection<UserClass> userClasses;
046    
047        private final AuthenticationLevel authenticationLevel;
048    
049        private final Collection<ProtectedItem> protectedItems;
050    
051        private final Set<MicroOperation> microOperations;
052    
053        private final boolean grant;
054    
055        private final int precedence;
056    
057    
058        /**
059         * Creates a new instance.
060         * 
061         * @param userClasses
062         *            the collection of {@link UserClass}es this tuple relates to
063         * @param authenticationLevel
064         *            the level of authentication required
065         * @param protectedItems
066         *            the collection of {@link ProtectedItem}s this tuple relates
067         * @param microOperations
068         *            the set of {@link MicroOperation}s this tuple relates
069         * @param grant
070         *            <tt>true</tt> if and only if this tuple grants an access
071         * @param precedence
072         *            the precedence of this tuple (<tt>0</tt>-<tt>255</tt>)
073         */
074        public ACITuple( 
075                Collection<UserClass> userClasses, 
076                AuthenticationLevel authenticationLevel, 
077                Collection<ProtectedItem> protectedItems,
078                Set<MicroOperation> microOperations, 
079                boolean grant, 
080                int precedence )
081        {
082            if ( authenticationLevel == null )
083            {
084                throw new NullPointerException( I18n.err( I18n.ERR_04003) );
085            }
086    
087            if ( precedence < 0 || precedence > 255 )
088            {
089                throw new IllegalArgumentException( I18n.err( I18n.ERR_04002, precedence ) );
090            }
091    
092            this.userClasses = Collections.unmodifiableCollection( new ArrayList<UserClass>( userClasses ) );
093            this.authenticationLevel = authenticationLevel;
094            this.protectedItems = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>( protectedItems ) );
095            this.microOperations = Collections.unmodifiableSet( new HashSet<MicroOperation>( microOperations ) );
096            this.grant = grant;
097            this.precedence = precedence;
098        }
099    
100    
101        /**
102         * Returns the collection of {@link UserClass}es this tuple relates to.
103         */
104        public Collection<UserClass> getUserClasses()
105        {
106            return userClasses;
107        }
108    
109    
110        /**
111         * Returns the level of authentication required.
112         */
113        public AuthenticationLevel getAuthenticationLevel()
114        {
115            return authenticationLevel;
116        }
117    
118    
119        /**
120         * Returns the collection of {@link ProtectedItem}s this tuple relates.
121         */
122        public Collection<ProtectedItem> getProtectedItems()
123        {
124            return protectedItems;
125        }
126    
127    
128        /**
129         * Returns the set of {@link MicroOperation}s this tuple relates.
130         */
131        public Set<MicroOperation> getMicroOperations()
132        {
133            return microOperations;
134        }
135    
136    
137        /**
138         * Returns <tt>true</tt> if and only if this tuple grants an access.
139         */
140        public boolean isGrant()
141        {
142            return grant;
143        }
144    
145    
146        /**
147         * Returns the precedence of this tuple (<tt>0</tt>-<tt>255</tt>).
148         */
149        public int getPrecedence()
150        {
151            return precedence;
152        }
153    
154    
155        public String toString()
156        {
157            return "ACITuple: userClasses=" + userClasses + ", " + "authenticationLevel=" + authenticationLevel + ", "
158                + "protectedItems=" + protectedItems + ", " + ( grant ? "grants=" : "denials=" ) + microOperations + ", "
159                + "precedence=" + precedence;
160        }
161    }