unit tests coverage

Coverage report

%line %branch

org.apache.jetspeed.security.FolderPermission
0%

0%

1
/*

2
* Licensed to the Apache Software Foundation (ASF) under one or more

3
* contributor license agreements. See the NOTICE file distributed with

4
* this work for additional information regarding copyright ownership.

5
* The ASF licenses this file to You under the Apache License, Version 2.0

6
* (the "License"); you may not use this file except in compliance with

7
* the License. You may obtain a copy of the License at

8
*

9
* http://www.apache.org/licenses/LICENSE-2.0

10
*

11
* Unless required by applicable law or agreed to in writing, software

12
* distributed under the License is distributed on an "AS IS" BASIS,

13
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

14
* See the License for the specific language governing permissions and

15
* limitations under the License.

16
*/

17
package org.apache.jetspeed.security;

18

19
import java.security.Permission;

20

21
/**

22
* Folder permission.

23
* This code was partially inspired from:

24
* <ul>

25
* <li>The article : <a href="http://www-106.ibm.com/developerworks/library/j-jaas/">

26
* Extend JAAS for class instance-level authorization.</a></li>

27
* <li>The FilePermission implementation from the JDK in order to support recursive permissions & wild card</li>

28
* </ul>

29
* 

30
* This class represents access to a portal content/folder or document. A FolderPermission consists

31
* of a pathname and a set of actions valid for that pathname.

32
* 

33
* Pathname is the pathname of the folder or document granted the specified

34
* actions. A pathname that ends in "/*" (where "/" is

35
* the separator character) indicates all the folders and documents contained in that folder.

36
* A pathname that ends with "/-" indicates (recursively) all documents

37
* and subfolders contained in that directory. A pathname consisting of

38
* the special token "<<ALL FILES>>" matches any folder or document.

39
* 

40
*

41
* @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>

42
* @author <a href="mailto:christophe.lombart@sword-technologies.com">Christophe Lombart</a>

43
* @version $Id: FolderPermission.java 516448 2007-03-09 16:25:47Z ate $

44
*/

45
public class FolderPermission extends PortalResourcePermission

46
{

47
public static final char RECURSIVE_CHAR = '-';

48
public static final char WILD_CHAR = '*';

49 0
public static final String WILD_CHAR_STR = new String(class="keyword">new char[]{WILD_CHAR});

50
public static final char FOLDER_SEPARATOR = '/';

51 0
public static final String FOLDER_SEPARATOR_STR = new String(class="keyword">new char[]{FOLDER_SEPARATOR});

52

53
// does path indicate a folder? (wildcard or recursive)

54
private boolean folder;

55

56
// is it a recursive directory specification?

57
private boolean recursive;

58

59
private String cpath;

60

61
/**

62
* Constructor for FolderPermission.

63
*

64
* @param name The portlet name.

65
* @param actions The actions on the portlet.

66
*/

67
public FolderPermission(String name, String actions)

68
{

69 0
super(name, actions);

70 0
parsePath();

71 0
}

72

73
/**

74
* Constructor for FolderPermission.

75
*

76
* @param name The portlet name.

77
* @param mask The mask of actions on the portlet.

78
*/

79
public FolderPermission(String name, int mask)

80
{

81 0
super(name, mask);

82 0
parsePath();

83 0
}

84

85
/**

86
* Parses the path.

87
*/

88
private void parsePath()

89
{

90 0
if ((cpath = getName()) == null)

91 0
throw new NullPointerException("name can't be null");

92

93 0
if (cpath.equals("<<ALL FILES>>"))

94
{

95 0
folder = true;

96 0
recursive = true;

97 0
cpath = "";

98 0
return;

99
}

100 0
int len = cpath.length();

101

102 0
if (len == 0)

103
{

104 0
throw new IllegalArgumentException("invalid folder reference");

105
}

106

107 0
char last = cpath.class="keyword">charAt(len - 1);

108

109 0
if (last == RECURSIVE_CHAR && (len == 1 || cpath.charAt(len - 2) == FOLDER_SEPARATOR))

110
{

111 0
folder = true;

112 0
recursive = true;

113 0
cpath = cpath.substring(0, --len);

114
}

115 0
else if (last == WILD_CHAR && (len == 1 || cpath.charAt(len - 2) == FOLDER_SEPARATOR))

116
{

117 0
folder = true;

118
//recursive = false;

119 0
cpath = cpath.substring(0, --len);

120
}

121 0
}

122

123
/**

124
* Checks if this FolderPermission object "implies" the specified permission.

125
* 

126
* More specifically, this method returns true if:

127
* <ul>

128
* <li> p is an instanceof FolderPermission,

129
* <li> p's actions are a proper subset of this

130
* object's actions, and 

131
* <li> p's pathname is implied by this object's

132
* pathname. For example, "/tmp/*" implies "/tmp/foo", since

133
* "/tmp/*" encompasses the "/tmp" folder and all subfolders or documents in that

134
* directory, including the one named "foo".

135
* </ul>

136
*

137
* @param p the permission to check against.

138
* @return true if the specified permission is implied by this object,

139
* false if not.

140
*/

141
public boolean implies(Permission p)

142
{

143 0
if (!(p instanceof FolderPermission))

144
{

145 0
return false;

146
}

147

148 0
FolderPermission that = (FolderPermission) p;

149 0
return ((this.mask & that.mask) == that.mask) && impliesIgnoreMask(that);

150
}

151

152
/**

153
* Checks if the Permission's actions are a proper subset of the

154
* this object's actions. Returns the effective mask iff the

155
* this FolderPermission's path also implies that FolderPermission's path.

156
*

157
* @param that the FolderPermission to check against.

158
* @return the effective mask

159
*/

160
boolean impliesIgnoreMask(FolderPermission that)

161
{

162 0
if (this.folder)

163
{

164 0
if (this.recursive)

165
{

166
// make sure that.path is longer then path so

167
// something like /foo/- does not imply /foo

168 0
if (that.folder)

169
{

170 0
return (that.cpath.length() >= this.cpath.length()) && that.cpath.startsWith(class="keyword">this.cpath);

171
}

172
else

173
{

174 0
return ((that.cpath.length() >= this.cpath.length()) && that.cpath.startsWith(class="keyword">this.cpath));

175
}

176
}

177
else

178
{

179 0
if (that.folder)

180
{

181
// if the permission passed in is a folder

182
// specification, make sure that a non-recursive

183
// permission (i.e., this object) can't imply a recursive

184
// permission.

185 0
if (that.recursive)

186 0
return false;

187
else

188 0
return (this.cpath.equals(that.cpath));

189
}

190
else

191
{

192 0
int last = that.cpath.lastIndexOf(FOLDER_SEPARATOR);

193 0
if (last == -1)

194 0
return false;

195
else

196
{

197
// this.cpath.equals(that.cpath.substring(0, last+1));

198
// Use regionMatches to avoid creating new string

199

200 0
return (this.cpath.length() == (last + 1)) && class="keyword">this.cpath.regionMatches(0, that.cpath, 0, last + 1);

201
}

202
}

203
}

204
}

205
else

206
{

207 0
return (this.cpath.equals(that.cpath));

208
}

209
}

210

211
/**

212
* Checks two FolderPermission objects for equality. Checks that obj is

213
* a FolderPermission, and has the same pathname and actions as this object.

214
* 

215
*

216
* @param obj the object we are testing for equality with this object.

217
* @return true if obj is a FolderPermission, and has the same pathname and

218
* actions as this FolderPermission object.

219
*/

220
public boolean equals(Object obj)

221
{

222 0
if (obj == this)

223 0
return true;

224

225 0
if (!(obj instanceof FolderPermission))

226 0
return false;

227

228 0
FolderPermission that = (FolderPermission) obj;

229

230 0
return (this.mask == that.mask) && class="keyword">this.cpath.equals(that.cpath) && (class="keyword">this.folder == that.folder)

231
&& (this.recursive == that.recursive);

232
}

233

234
/**

235
* Returns the hash code value for this object.

236
*

237
* @return a hash code value for this object.

238
*/

239

240
public int hashCode()

241
{

242 0
return this.cpath.hashCode();

243
}

244

245

246
}

This report is generated by jcoverage, Maven and Maven JCoverage Plugin.

1		/*
2		* Licensed to the Apache Software Foundation (ASF) under one or more
3		* contributor license agreements. See the NOTICE file distributed with
4		* this work for additional information regarding copyright ownership.
5		* The ASF licenses this file to You under the Apache License, Version 2.0
6		* (the "License"); you may not use this file except in compliance with
7		* the License. You may obtain a copy of the License at
8		*
9		* http://www.apache.org/licenses/LICENSE-2.0
10		*
11		* Unless required by applicable law or agreed to in writing, software
12		* distributed under the License is distributed on an "AS IS" BASIS,
13		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14		* See the License for the specific language governing permissions and
15		* limitations under the License.
16		*/
17		package org.apache.jetspeed.security;
18
19		import java.security.Permission;
20
21		/**
22		* <p>Folder permission.</p>
23		* <p>This code was partially inspired from:</p>
24		* <ul>
25		* <li>The article : <a href="http://www-106.ibm.com/developerworks/library/j-jaas/">
26		* Extend JAAS for class instance-level authorization.</a></li>
27		* <li>The FilePermission implementation from the JDK in order to support recursive permissions & wild card</li>
28		* </ul>
29		* <p/>
30		* This class represents access to a portal content/folder or document. A FolderPermission consists
31		* of a pathname and a set of actions valid for that pathname.
32		* <p/>
33		* Pathname is the pathname of the folder or document granted the specified
34		* actions. A pathname that ends in "/*" (where "/" is
35		* the separator character) indicates all the folders and documents contained in that folder.
36		* A pathname that ends with "/-" indicates (recursively) all documents
37		* and subfolders contained in that directory. A pathname consisting of
38		* the special token "<<ALL FILES>>" matches <b>any</b> folder or document.
39		* <p/>
40		*
41		* @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
42		* @author <a href="mailto:christophe.lombart@sword-technologies.com">Christophe Lombart</a>
43		* @version $Id: FolderPermission.java 516448 2007-03-09 16:25:47Z ate $
44		*/
45		public class FolderPermission extends PortalResourcePermission
46		{
47		public static final char RECURSIVE_CHAR = '-';
48		public static final char WILD_CHAR = '*';
49	0	public static final String WILD_CHAR_STR = new String(class="keyword">new char[]{WILD_CHAR});
50		public static final char FOLDER_SEPARATOR = '/';
51	0	public static final String FOLDER_SEPARATOR_STR = new String(class="keyword">new char[]{FOLDER_SEPARATOR});
52
53		// does path indicate a folder? (wildcard or recursive)
54		private boolean folder;
55
56		// is it a recursive directory specification?
57		private boolean recursive;
58
59		private String cpath;
60
61		/**
62		* <p>Constructor for FolderPermission.</p>
63		*
64		* @param name The portlet name.
65		* @param actions The actions on the portlet.
66		*/
67		public FolderPermission(String name, String actions)
68		{
69	0	super(name, actions);
70	0	parsePath();
71	0	}
72
73		/**
74		* <p>Constructor for FolderPermission.</p>
75		*
76		* @param name The portlet name.
77		* @param mask The mask of actions on the portlet.
78		*/
79		public FolderPermission(String name, int mask)
80		{
81	0	super(name, mask);
82	0	parsePath();
83	0	}
84
85		/**
86		* <p>Parses the path.</p>
87		*/
88		private void parsePath()
89		{
90	0	if ((cpath = getName()) == null)
91	0	throw new NullPointerException("name can't be null");
92
93	0	if (cpath.equals("<<ALL FILES>>"))
94		{
95	0	folder = true;
96	0	recursive = true;
97	0	cpath = "";
98	0	return;
99		}
100	0	int len = cpath.length();
101
102	0	if (len == 0)
103		{
104	0	throw new IllegalArgumentException("invalid folder reference");
105		}
106
107	0	char last = cpath.class="keyword">charAt(len - 1);
108
109	0	if (last == RECURSIVE_CHAR && (len == 1 \|\| cpath.charAt(len - 2) == FOLDER_SEPARATOR))
110		{
111	0	folder = true;
112	0	recursive = true;
113	0	cpath = cpath.substring(0, --len);
114		}
115	0	else if (last == WILD_CHAR && (len == 1 \|\| cpath.charAt(len - 2) == FOLDER_SEPARATOR))
116		{
117	0	folder = true;
118		//recursive = false;
119	0	cpath = cpath.substring(0, --len);
120		}
121	0	}
122
123		/**
124		* Checks if this FolderPermission object "implies" the specified permission.
125		* <p/>
126		* More specifically, this method returns true if:<p>
127		* <ul>
128		* <li> <i>p</i> is an instanceof FolderPermission,<p>
129		* <li> <i>p</i>'s actions are a proper subset of this
130		* object's actions, and <p>
131		* <li> <i>p</i>'s pathname is implied by this object's
132		* pathname. For example, "/tmp/*" implies "/tmp/foo", since
133		* "/tmp/*" encompasses the "/tmp" folder and all subfolders or documents in that
134		* directory, including the one named "foo".
135		* </ul>
136		*
137		* @param p the permission to check against.
138		* @return true if the specified permission is implied by this object,
139		* false if not.
140		*/
141		public boolean implies(Permission p)
142		{
143	0	if (!(p instanceof FolderPermission))
144		{
145	0	return false;
146		}
147
148	0	FolderPermission that = (FolderPermission) p;
149	0	return ((this.mask & that.mask) == that.mask) && impliesIgnoreMask(that);
150		}
151
152		/**
153		* Checks if the Permission's actions are a proper subset of the
154		* this object's actions. Returns the effective mask iff the
155		* this FolderPermission's path also implies that FolderPermission's path.
156		*
157		* @param that the FolderPermission to check against.
158		* @return the effective mask
159		*/
160		boolean impliesIgnoreMask(FolderPermission that)
161		{
162	0	if (this.folder)
163		{
164	0	if (this.recursive)
165		{
166		// make sure that.path is longer then path so
167		// something like /foo/- does not imply /foo
168	0	if (that.folder)
169		{
170	0	return (that.cpath.length() >= this.cpath.length()) && that.cpath.startsWith(class="keyword">this.cpath);
171		}
172		else
173		{
174	0	return ((that.cpath.length() >= this.cpath.length()) && that.cpath.startsWith(class="keyword">this.cpath));
175		}
176		}
177		else
178		{
179	0	if (that.folder)
180		{
181		// if the permission passed in is a folder
182		// specification, make sure that a non-recursive
183		// permission (i.e., this object) can't imply a recursive
184		// permission.
185	0	if (that.recursive)
186	0	return false;
187		else
188	0	return (this.cpath.equals(that.cpath));
189		}
190		else
191		{
192	0	int last = that.cpath.lastIndexOf(FOLDER_SEPARATOR);
193	0	if (last == -1)
194	0	return false;
195		else
196		{
197		// this.cpath.equals(that.cpath.substring(0, last+1));
198		// Use regionMatches to avoid creating new string
199
200	0	return (this.cpath.length() == (last + 1)) && class="keyword">this.cpath.regionMatches(0, that.cpath, 0, last + 1);
201		}
202		}
203		}
204		}
205		else
206		{
207	0	return (this.cpath.equals(that.cpath));
208		}
209		}
210
211		/**
212		* Checks two FolderPermission objects for equality. Checks that <i>obj</i> is
213		* a FolderPermission, and has the same pathname and actions as this object.
214		* <p/>
215		*
216		* @param obj the object we are testing for equality with this object.
217		* @return true if obj is a FolderPermission, and has the same pathname and
218		* actions as this FolderPermission object.
219		*/
220		public boolean equals(Object obj)
221		{
222	0	if (obj == this)
223	0	return true;
224
225	0	if (!(obj instanceof FolderPermission))
226	0	return false;
227
228	0	FolderPermission that = (FolderPermission) obj;
229
230	0	return (this.mask == that.mask) && class="keyword">this.cpath.equals(that.cpath) && (class="keyword">this.folder == that.folder)
231		&& (this.recursive == that.recursive);
232		}
233
234		/**
235		* Returns the hash code value for this object.
236		*
237		* @return a hash code value for this object.
238		*/
239
240		public int hashCode()
241		{
242	0	return this.cpath.hashCode();
243		}
244
245
246		}