001 /* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020 package org.apache.directory.shared.ldap.aci; 021 022 023 import java.util.ArrayList; 024 import java.util.Collection; 025 import java.util.Collections; 026 import java.util.Set; 027 028 import org.apache.directory.shared.ldap.constants.AuthenticationLevel; 029 030 031 /** 032 * An {@link ACIItem} which specifies {@link UserClass}es first and then 033 * {@link ProtectedItem}s each {@link UserClass} will have. (18.4.2.4. X.501) 034 * 035 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 036 * @version $Rev: 664290 $, $Date: 2008-06-07 08:28:06 +0200 (Sat, 07 Jun 2008) $ 037 */ 038 public class UserFirstACIItem extends ACIItem 039 { 040 private static final long serialVersionUID = 5587483838404246148L; 041 042 private final Collection<UserClass> userClasses; 043 044 private final Collection<UserPermission> userPermissions; 045 046 047 /** 048 * Creates a new instance. 049 * 050 * @param identificationTag 051 * the id string of this item 052 * @param precedence 053 * the precedence of this item 054 * @param authenticationLevel 055 * the level of authentication required to this item 056 * @param userClasses 057 * the collection of {@link UserClass}es this item protects 058 * @param userPermissions 059 * the collection of {@link UserPermission}s each 060 * <tt>protectedItems</tt> will have 061 */ 062 public UserFirstACIItem(String identificationTag, int precedence, AuthenticationLevel authenticationLevel, 063 Collection<UserClass> userClasses, Collection<UserPermission> userPermissions) 064 { 065 super( identificationTag, precedence, authenticationLevel ); 066 067 this.userClasses = Collections.unmodifiableCollection( new ArrayList<UserClass>( userClasses ) ); 068 this.userPermissions = Collections.unmodifiableCollection( new ArrayList<UserPermission>( userPermissions ) ); 069 } 070 071 072 /** 073 * Returns the set of {@link UserClass}es. 074 */ 075 public Collection<UserClass> getUserClasses() 076 { 077 return userClasses; 078 } 079 080 081 /** 082 * Returns the set of {@link UserPermission}s. 083 */ 084 public Collection<UserPermission> getUserPermission() 085 { 086 return userPermissions; 087 } 088 089 090 public String toString() 091 { 092 StringBuilder buf = new StringBuilder(); 093 094 // identificationTag 095 buf.append( "{ identificationTag \"" ); 096 buf.append( getIdentificationTag() ); 097 buf.append( "\", " ); 098 099 // precedence 100 buf.append( "precedence " ); 101 buf.append( getPrecedence() ); 102 buf.append( ", " ); 103 104 // authenticationLevel 105 buf.append( "authenticationLevel " ); 106 buf.append( getAuthenticationLevel().getName() ); 107 buf.append( ", " ); 108 109 // itemOrUserFirst 110 buf.append( "itemOrUserFirst userFirst: { " ); 111 112 // protectedItems 113 buf.append( "userClasses { " ); 114 115 boolean isFirst = true; 116 117 for ( UserClass userClass:userClasses ) 118 { 119 if ( isFirst ) 120 { 121 isFirst = false; 122 } 123 else 124 { 125 buf.append( ", " ); 126 } 127 128 buf.append( userClass.toString() ); 129 } 130 131 buf.append( " }, " ); 132 133 // itemPermissions 134 buf.append( "userPermissions { " ); 135 136 isFirst = true; 137 138 for ( UserPermission permission:userPermissions ) 139 { 140 if ( isFirst ) 141 { 142 isFirst = false; 143 } 144 else 145 { 146 buf.append( ", " ); 147 } 148 149 buf.append( permission.toString() ); 150 } 151 152 buf.append( " } } }" ); 153 154 return buf.toString(); 155 } 156 157 158 public Collection<ACITuple> toTuples() 159 { 160 Collection<ACITuple> tuples = new ArrayList<ACITuple>(); 161 162 for ( UserPermission userPermission:userPermissions ) 163 { 164 Set<GrantAndDenial> grants = userPermission.getGrants(); 165 Set<GrantAndDenial> denials = userPermission.getDenials(); 166 int precedence = userPermission.getPrecedence() >= 0 ? userPermission.getPrecedence() : this 167 .getPrecedence(); 168 169 if ( grants.size() > 0 ) 170 { 171 tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission 172 .getProtectedItems(), toMicroOperations( grants ), true, precedence ) ); 173 } 174 if ( denials.size() > 0 ) 175 { 176 tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission 177 .getProtectedItems(), toMicroOperations( denials ), false, precedence ) ); 178 } 179 } 180 return tuples; 181 } 182 }