001 /* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020 package org.apache.directory.shared.ldap.aci; 021 022 023 import java.io.Serializable; 024 import java.util.ArrayList; 025 import java.util.Collection; 026 import java.util.Collections; 027 import java.util.HashSet; 028 import java.util.Set; 029 030 import org.apache.directory.shared.i18n.I18n; 031 import org.apache.directory.shared.ldap.constants.AuthenticationLevel; 032 033 034 /** 035 * A flatten entity which is converted from an {@link ACIItem}. The tuples are 036 * accepted by ACDF (Access Control Decision Function, 18.8, X.501) 037 * 038 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 039 * @version $Rev: 912399 $, $Date: 2010-02-21 21:52:31 +0100 (Sun, 21 Feb 2010) $ 040 */ 041 public class ACITuple implements Serializable 042 { 043 private static final long serialVersionUID = 4353150626941232371L; 044 045 private final Collection<UserClass> userClasses; 046 047 private final AuthenticationLevel authenticationLevel; 048 049 private final Collection<ProtectedItem> protectedItems; 050 051 private final Set<MicroOperation> microOperations; 052 053 private final boolean grant; 054 055 private final int precedence; 056 057 058 /** 059 * Creates a new instance. 060 * 061 * @param userClasses 062 * the collection of {@link UserClass}es this tuple relates to 063 * @param authenticationLevel 064 * the level of authentication required 065 * @param protectedItems 066 * the collection of {@link ProtectedItem}s this tuple relates 067 * @param microOperations 068 * the set of {@link MicroOperation}s this tuple relates 069 * @param grant 070 * <tt>true</tt> if and only if this tuple grants an access 071 * @param precedence 072 * the precedence of this tuple (<tt>0</tt>-<tt>255</tt>) 073 */ 074 public ACITuple( 075 Collection<UserClass> userClasses, 076 AuthenticationLevel authenticationLevel, 077 Collection<ProtectedItem> protectedItems, 078 Set<MicroOperation> microOperations, 079 boolean grant, 080 int precedence ) 081 { 082 if ( authenticationLevel == null ) 083 { 084 throw new NullPointerException( I18n.err( I18n.ERR_04003) ); 085 } 086 087 if ( precedence < 0 || precedence > 255 ) 088 { 089 throw new IllegalArgumentException( I18n.err( I18n.ERR_04002, precedence ) ); 090 } 091 092 this.userClasses = Collections.unmodifiableCollection( new ArrayList<UserClass>( userClasses ) ); 093 this.authenticationLevel = authenticationLevel; 094 this.protectedItems = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>( protectedItems ) ); 095 this.microOperations = Collections.unmodifiableSet( new HashSet<MicroOperation>( microOperations ) ); 096 this.grant = grant; 097 this.precedence = precedence; 098 } 099 100 101 /** 102 * Returns the collection of {@link UserClass}es this tuple relates to. 103 */ 104 public Collection<UserClass> getUserClasses() 105 { 106 return userClasses; 107 } 108 109 110 /** 111 * Returns the level of authentication required. 112 */ 113 public AuthenticationLevel getAuthenticationLevel() 114 { 115 return authenticationLevel; 116 } 117 118 119 /** 120 * Returns the collection of {@link ProtectedItem}s this tuple relates. 121 */ 122 public Collection<ProtectedItem> getProtectedItems() 123 { 124 return protectedItems; 125 } 126 127 128 /** 129 * Returns the set of {@link MicroOperation}s this tuple relates. 130 */ 131 public Set<MicroOperation> getMicroOperations() 132 { 133 return microOperations; 134 } 135 136 137 /** 138 * Returns <tt>true</tt> if and only if this tuple grants an access. 139 */ 140 public boolean isGrant() 141 { 142 return grant; 143 } 144 145 146 /** 147 * Returns the precedence of this tuple (<tt>0</tt>-<tt>255</tt>). 148 */ 149 public int getPrecedence() 150 { 151 return precedence; 152 } 153 154 155 public String toString() 156 { 157 return "ACITuple: userClasses=" + userClasses + ", " + "authenticationLevel=" + authenticationLevel + ", " 158 + "protectedItems=" + protectedItems + ", " + ( grant ? "grants=" : "denials=" ) + microOperations + ", " 159 + "precedence=" + precedence; 160 } 161 }