001 /* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020 package org.apache.directory.shared.ldap.aci; 021 022 023 import java.io.Serializable; 024 import java.util.ArrayList; 025 import java.util.Collection; 026 import java.util.Collections; 027 import java.util.HashSet; 028 import java.util.Set; 029 030 import org.apache.directory.shared.ldap.name.DN; 031 import org.apache.directory.shared.ldap.subtree.SubtreeSpecification; 032 033 034 /** 035 * Defines a set of zero or more users the permissions apply to. 036 * 037 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 038 * @version $Rev: 923667 $, $Date: 2010-03-16 11:22:36 +0100 (Tue, 16 Mar 2010) $ 039 */ 040 public abstract class UserClass implements Serializable 041 { 042 /** 043 * Every directory user (with possible requirements for 044 * authenticationLevel). 045 */ 046 public static final AllUsers ALL_USERS = new AllUsers(); 047 048 /** 049 * The user with the same distinguished name as the entry being accessed, or 050 * if the entry is a member of a family, then additionally the user with the 051 * distinguished name of the ancestor. 052 */ 053 public static final ThisEntry THIS_ENTRY = new ThisEntry(); 054 055 /** 056 * The user as parent (ancestor) of accessed entry. 057 */ 058 public static final ParentOfEntry PARENT_OF_ENTRY = new ParentOfEntry(); 059 060 061 /** 062 * Creates a new instance. 063 */ 064 protected UserClass() 065 { 066 } 067 068 069 /** 070 * Every directory user (with possible requirements for 071 * authenticationLevel). 072 */ 073 public static class AllUsers extends UserClass 074 { 075 private static final long serialVersionUID = 8967984720792510292L; 076 077 078 private AllUsers() 079 { 080 } 081 082 083 public String toString() 084 { 085 return "allUsers"; 086 } 087 } 088 089 /** 090 * The user with the same distinguished name as the entry being accessed, or 091 * if the entry is a member of a family, then additionally the user with the 092 * distinguished name of the ancestor. 093 */ 094 public static class ThisEntry extends UserClass 095 { 096 private static final long serialVersionUID = -8189325270233754470L; 097 098 099 private ThisEntry() 100 { 101 } 102 103 104 public String toString() 105 { 106 return "thisEntry"; 107 } 108 } 109 110 /** 111 * The user as parent (ancestor) of accessed entry. 112 */ 113 public static class ParentOfEntry extends UserClass 114 { 115 private static final long serialVersionUID = 5247207736068086476L; 116 117 private ParentOfEntry() 118 { 119 } 120 121 public String toString() 122 { 123 return "parentOfEntry"; 124 } 125 126 } 127 128 /** 129 * A base class for all user classes which has a set of DNs. 130 */ 131 private static abstract class NamedUserClass extends UserClass 132 { 133 protected final Set<DN> names; 134 135 136 /** 137 * Creates a new instance. 138 * 139 * @param names a set of names 140 */ 141 protected NamedUserClass( Set<DN> names ) 142 { 143 this.names = Collections.unmodifiableSet( new HashSet<DN>( names ) ); 144 } 145 146 147 /** 148 * Returns the set of all names. 149 */ 150 public Set<DN> getNames() 151 { 152 return names; 153 } 154 155 156 public boolean equals( Object o ) 157 { 158 if ( this == o ) 159 { 160 return true; 161 } 162 163 if ( o == null ) 164 { 165 return false; 166 } 167 168 if ( getClass().isAssignableFrom( o.getClass() ) ) 169 { 170 Name that = ( Name ) o; 171 return this.names.equals( that.names ); 172 } 173 174 return false; 175 } 176 177 178 public String toString() 179 { 180 StringBuilder buffer = new StringBuilder(); 181 182 boolean isFirst = true; 183 buffer.append( "{ " ); 184 185 for ( DN name:names ) 186 { 187 if ( isFirst ) 188 { 189 isFirst = false; 190 } 191 else 192 { 193 buffer.append( ", " ); 194 } 195 196 buffer.append( '"' ); 197 buffer.append( name.toString() ); 198 buffer.append( '"' ); 199 } 200 201 buffer.append( " }" ); 202 203 return buffer.toString(); 204 } 205 } 206 207 /** 208 * The user with the specified distinguished name. 209 */ 210 public static class Name extends NamedUserClass 211 { 212 private static final long serialVersionUID = -4168412030168359882L; 213 214 215 /** 216 * Creates a new instance. 217 * 218 * @param usernames 219 * the set of user DNs. 220 */ 221 public Name( Set<DN> usernames ) 222 { 223 super( usernames ); 224 } 225 226 227 public String toString() 228 { 229 return "name " + super.toString(); 230 } 231 } 232 233 /** 234 * The set of users who are members of the groupOfUniqueNames entry, 235 * identified by the specified distinguished name. Members of a group of 236 * unique names are treated as individual object names, and not as the names 237 * of other groups of unique names. 238 */ 239 public static class UserGroup extends NamedUserClass 240 { 241 private static final long serialVersionUID = 8887107815072965807L; 242 243 244 /** 245 * Creates a new instance. 246 * 247 * @param groupNames 248 * the set of group DNs. 249 */ 250 public UserGroup( Set<DN> groupNames ) 251 { 252 super( groupNames ); 253 } 254 255 256 public String toString() 257 { 258 return "userGroup " + super.toString(); 259 } 260 } 261 262 /** 263 * The set of users whose distinguished names fall within the definition of 264 * the (unrefined) subtree. 265 */ 266 public static class Subtree extends UserClass 267 { 268 private static final long serialVersionUID = 3949337699049701332L; 269 270 protected final Collection<SubtreeSpecification> subtreeSpecifications; 271 272 273 /** 274 * Creates a new instance. 275 * 276 * @param subtreeSpecs 277 * the collection of unrefined {@link SubtreeSpecification}s. 278 */ 279 public Subtree( Collection<SubtreeSpecification> subtreeSpecs ) 280 { 281 this.subtreeSpecifications = Collections.unmodifiableCollection( new ArrayList<SubtreeSpecification>( subtreeSpecs ) ); 282 } 283 284 285 /** 286 * Returns the collection of unrefined {@link SubtreeSpecification}s. 287 */ 288 public Collection<SubtreeSpecification> getSubtreeSpecifications() 289 { 290 return subtreeSpecifications; 291 } 292 293 294 public boolean equals( Object o ) 295 { 296 if ( this == o ) 297 { 298 return true; 299 } 300 301 if ( o instanceof Subtree ) 302 { 303 Subtree that = ( Subtree ) o; 304 return this.subtreeSpecifications.equals( that.subtreeSpecifications ); 305 } 306 307 return false; 308 } 309 310 311 public String toString() 312 { 313 StringBuilder buffer = new StringBuilder(); 314 315 boolean isFirst = true; 316 buffer.append( "subtree { " ); 317 318 for ( SubtreeSpecification ss:subtreeSpecifications ) 319 { 320 if ( isFirst ) 321 { 322 isFirst = false; 323 } 324 else 325 { 326 buffer.append( ", " ); 327 } 328 329 ss.printToBuffer( buffer ); 330 } 331 332 buffer.append( " }" ); 333 334 return buffer.toString(); 335 } 336 } 337 }