001    /*
002     *  Licensed to the Apache Software Foundation (ASF) under one
003     *  or more contributor license agreements.  See the NOTICE file
004     *  distributed with this work for additional information
005     *  regarding copyright ownership.  The ASF licenses this file
006     *  to you under the Apache License, Version 2.0 (the
007     *  "License"); you may not use this file except in compliance
008     *  with the License.  You may obtain a copy of the License at
009     *  
010     *    http://www.apache.org/licenses/LICENSE-2.0
011     *  
012     *  Unless required by applicable law or agreed to in writing,
013     *  software distributed under the License is distributed on an
014     *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     *  KIND, either express or implied.  See the License for the
016     *  specific language governing permissions and limitations
017     *  under the License. 
018     *  
019     */
020    package org.apache.directory.shared.ldap.aci;
021    
022    
023    import java.util.ArrayList;
024    import java.util.Collection;
025    import java.util.Collections;
026    import java.util.Set;
027    
028    import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
029    
030    
031    /**
032     * An {@link ACIItem} which specifies {@link UserClass}es first and then
033     * {@link ProtectedItem}s each {@link UserClass} will have. (18.4.2.4. X.501)
034     * 
035     * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
036     * @version $Rev: 664290 $, $Date: 2008-06-07 08:28:06 +0200 (Sat, 07 Jun 2008) $
037     */
038    public class UserFirstACIItem extends ACIItem
039    {
040        private static final long serialVersionUID = 5587483838404246148L;
041    
042        private final Collection<UserClass> userClasses;
043    
044        private final Collection<UserPermission> userPermissions;
045    
046    
047        /**
048         * Creates a new instance.
049         * 
050         * @param identificationTag
051         *            the id string of this item
052         * @param precedence
053         *            the precedence of this item
054         * @param authenticationLevel
055         *            the level of authentication required to this item
056         * @param userClasses
057         *            the collection of {@link UserClass}es this item protects
058         * @param userPermissions
059         *            the collection of {@link UserPermission}s each
060         *            <tt>protectedItems</tt> will have
061         */
062        public UserFirstACIItem(String identificationTag, int precedence, AuthenticationLevel authenticationLevel,
063            Collection<UserClass> userClasses, Collection<UserPermission> userPermissions)
064        {
065            super( identificationTag, precedence, authenticationLevel );
066    
067            this.userClasses = Collections.unmodifiableCollection( new ArrayList<UserClass>( userClasses ) );
068            this.userPermissions = Collections.unmodifiableCollection( new ArrayList<UserPermission>( userPermissions ) );
069        }
070    
071    
072        /**
073         * Returns the set of {@link UserClass}es.
074         */
075        public Collection<UserClass> getUserClasses()
076        {
077            return userClasses;
078        }
079    
080    
081        /**
082         * Returns the set of {@link UserPermission}s.
083         */
084        public Collection<UserPermission> getUserPermission()
085        {
086            return userPermissions;
087        }
088    
089    
090        public String toString()
091        {
092            StringBuilder buf = new StringBuilder();
093            
094            // identificationTag
095            buf.append( "{ identificationTag \"" );
096            buf.append( getIdentificationTag() );
097            buf.append( "\", " );
098            
099            // precedence
100            buf.append( "precedence " );
101            buf.append( getPrecedence() );
102            buf.append( ", " );
103            
104            // authenticationLevel
105            buf.append( "authenticationLevel " );
106            buf.append( getAuthenticationLevel().getName() );
107            buf.append( ", " );
108            
109            // itemOrUserFirst
110            buf.append( "itemOrUserFirst userFirst: { " );
111            
112            // protectedItems
113            buf.append( "userClasses { " );
114    
115            boolean isFirst = true;
116            
117            for ( UserClass userClass:userClasses )
118            {
119                if ( isFirst )
120                {
121                    isFirst = false;
122                }
123                else
124                {
125                    buf.append( ", " );
126                }
127                
128                buf.append( userClass.toString() );
129            }
130    
131            buf.append( " }, " );
132            
133            // itemPermissions
134            buf.append( "userPermissions { " );
135    
136            isFirst = true;
137            
138            for ( UserPermission permission:userPermissions )
139            {
140                if ( isFirst )
141                {
142                    isFirst = false;
143                }
144                else
145                {
146                    buf.append( ", " );
147                }
148                
149                buf.append( permission.toString() );
150            }
151            
152            buf.append( " } } }" );
153    
154            return buf.toString();
155        }
156    
157    
158        public Collection<ACITuple> toTuples()
159        {
160            Collection<ACITuple> tuples = new ArrayList<ACITuple>();
161    
162            for ( UserPermission userPermission:userPermissions )
163            {
164                Set<GrantAndDenial> grants = userPermission.getGrants();
165                Set<GrantAndDenial> denials = userPermission.getDenials();
166                int precedence = userPermission.getPrecedence() >= 0 ? userPermission.getPrecedence() : this
167                    .getPrecedence();
168    
169                if ( grants.size() > 0 )
170                {
171                    tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission
172                        .getProtectedItems(), toMicroOperations( grants ), true, precedence ) );
173                }
174                if ( denials.size() > 0 )
175                {
176                    tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission
177                        .getProtectedItems(), toMicroOperations( denials ), false, precedence ) );
178                }
179            }
180            return tuples;
181        }
182    }