1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.security;
18
19 import java.security.Permission;
20
21 /***
22 * <p>Fragment permission.</p>
23 * <p>This code was partially inspired from articles from:</p>
24 * <ul>
25 * <li><a href="http://www-106.ibm.com/developerworks/library/j-jaas/">
26 * Extend JAAS for class instance-level authorization.</a></li>
27 * <li>The FilePermission implementation from the JDK in order to support recursive permissions & wild card</li>
28 * </ul>
29 * <p/>
30 * This class represents access to a fragment within a
31 * content document. A FragmentPermission consists
32 * of a path, fragment name, or a simple fragment name
33 * pattern and a set of actions valid for that pathname.
34 * <p/>
35 * Here are some examples of valid fragment permissions names:
36 * <li>"/folder/page.psml/app::portlet" matches fragments
37 * within a page for a specified portlet contained in a app<li>
38 * <li>"security::*" matches fragments for portlets from the security app<li>
39 * <li>"<<ALL FRAGMENTS>>" matches <b>any</b> fragment<li>
40 * <p/>
41 *
42 * @author <a href="mailto:rwatler@apache.org">Randy Watler</a>
43 */
44 public class FragmentPermission extends PortalResourcePermission
45 {
46 /***
47 * <p>Constructor for FragmentPermission.</p>
48 *
49 * @param name The fragment name.
50 * @param actions The actions on the fragment.
51 */
52 public FragmentPermission(String name, String actions)
53 {
54 super(name, actions);
55 }
56
57 /***
58 * <p>Constructor for FragmentPermission.</p>
59 *
60 * @param name The fragment name.
61 * @param mask The mask of actions on the fragment.
62 */
63 public FragmentPermission(String name, int mask)
64 {
65 super(name, mask);
66 }
67
68 public boolean implies(Permission permission)
69 {
70
71
72 if (!(permission instanceof FragmentPermission))
73 {
74 return false;
75 }
76 FragmentPermission fragmentPerm = (FragmentPermission) permission;
77
78
79 String ruleName = getName();
80 if (!ruleName.equals("<<ALL FRAGMENTS>>"))
81 {
82 String testName = fragmentPerm.getName();
83
84
85 int testNamesSeparator = testName.lastIndexOf("::");
86 if (ruleName.endsWith("::" + FolderPermission.WILD_CHAR_STR) && (testNamesSeparator > 0))
87 {
88 ruleName = ruleName.substring(0, ruleName.length() - 3);
89 testName = testName.substring(0, testNamesSeparator);
90 }
91
92
93
94 if (!ruleName.startsWith(FolderPermission.FOLDER_SEPARATOR_STR) &&
95 testName.startsWith(FolderPermission.FOLDER_SEPARATOR_STR))
96 {
97 int testPathIndex = testName.lastIndexOf(FolderPermission.FOLDER_SEPARATOR);
98 testName = testName.substring(testPathIndex + 1);
99 }
100
101
102 if (!ruleName.equals(testName))
103 {
104 return false;
105 }
106 }
107
108
109
110 return (mask & fragmentPerm.mask) == fragmentPerm.mask;
111
112 }
113
114 /***
115 * @see java.security.Permission#equals(Object)
116 */
117 public boolean equals(Object object)
118 {
119 if (!(object instanceof FragmentPermission))
120 return false;
121
122 FragmentPermission p = (FragmentPermission) object;
123 return ((p.mask == mask) && (p.getName().equals(getName())));
124 }
125
126 }