%line | %branch | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
org.apache.jetspeed.security.FragmentPermission |
|
|
1 | /* |
|
2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
3 | * contributor license agreements. See the NOTICE file distributed with |
|
4 | * this work for additional information regarding copyright ownership. |
|
5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
6 | * (the "License"); you may not use this file except in compliance with |
|
7 | * the License. You may obtain a copy of the License at |
|
8 | * |
|
9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
10 | * |
|
11 | * Unless required by applicable law or agreed to in writing, software |
|
12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
14 | * See the License for the specific language governing permissions and |
|
15 | * limitations under the License. |
|
16 | */ |
|
17 | package org.apache.jetspeed.security; |
|
18 | ||
19 | import java.security.Permission; |
|
20 | ||
21 | /** |
|
22 | * <p>Fragment permission.</p> |
|
23 | * <p>This code was partially inspired from articles from:</p> |
|
24 | * <ul> |
|
25 | * <li><a href="http://www-106.ibm.com/developerworks/library/j-jaas/"> |
|
26 | * Extend JAAS for class instance-level authorization.</a></li> |
|
27 | * <li>The FilePermission implementation from the JDK in order to support recursive permissions & wild card</li> |
|
28 | * </ul> |
|
29 | * <p/> |
|
30 | * This class represents access to a fragment within a |
|
31 | * content document. A FragmentPermission consists |
|
32 | * of a path, fragment name, or a simple fragment name |
|
33 | * pattern and a set of actions valid for that pathname. |
|
34 | * <p/> |
|
35 | * Here are some examples of valid fragment permissions names: |
|
36 | * <li>"/folder/page.psml/app::portlet" matches fragments |
|
37 | * within a page for a specified portlet contained in a app<li> |
|
38 | * <li>"security::*" matches fragments for portlets from the security app<li> |
|
39 | * <li>"<<ALL FRAGMENTS>>" matches <b>any</b> fragment<li> |
|
40 | * <p/> |
|
41 | * |
|
42 | * @author <a href="mailto:rwatler@apache.org">Randy Watler</a> |
|
43 | */ |
|
44 | public class FragmentPermission extends PortalResourcePermission |
|
45 | { |
|
46 | /** |
|
47 | * <p>Constructor for FragmentPermission.</p> |
|
48 | * |
|
49 | * @param name The fragment name. |
|
50 | * @param actions The actions on the fragment. |
|
51 | */ |
|
52 | public FragmentPermission(String name, String actions) |
|
53 | { |
|
54 | 0 | super(name, actions); |
55 | 0 | } |
56 | ||
57 | /** |
|
58 | * <p>Constructor for FragmentPermission.</p> |
|
59 | * |
|
60 | * @param name The fragment name. |
|
61 | * @param mask The mask of actions on the fragment. |
|
62 | */ |
|
63 | public FragmentPermission(String name, int mask) |
|
64 | { |
|
65 | 0 | super(name, mask); |
66 | 0 | } |
67 | ||
68 | public boolean implies(Permission permission) |
|
69 | { |
|
70 | // The permission must be an instance |
|
71 | // of the FragmentPermission. |
|
72 | 0 | if (!(permission instanceof FragmentPermission)) |
73 | { |
|
74 | 0 | return false; |
75 | } |
|
76 | 0 | FragmentPermission fragmentPerm = (FragmentPermission) permission; |
77 | ||
78 | // Test fragment permission name matches |
|
79 | 0 | String ruleName = getName(); |
80 | 0 | if (!ruleName.equals("<<ALL FRAGMENTS>>")) |
81 | { |
|
82 | 0 | String testName = fragmentPerm.getName(); |
83 | ||
84 | // match wildcarded portlet names |
|
85 | 0 | int testNamesSeparator = testName.lastIndexOf("::"); |
86 | 0 | if (ruleName.endsWith("::" + FolderPermission.WILD_CHAR_STR) && (testNamesSeparator > 0)) |
87 | { |
|
88 | 0 | ruleName = ruleName.substring(0, ruleName.length() - 3); |
89 | 0 | testName = testName.substring(0, testNamesSeparator); |
90 | } |
|
91 | ||
92 | // trim path components from test name if rule |
|
93 | // is not prefixed with the path |
|
94 | 0 | if (!ruleName.startsWith(FolderPermission.FOLDER_SEPARATOR_STR) && |
95 | testName.startsWith(FolderPermission.FOLDER_SEPARATOR_STR)) |
|
96 | { |
|
97 | 0 | int testPathIndex = testName.lastIndexOf(FolderPermission.FOLDER_SEPARATOR); |
98 | 0 | testName = testName.substring(testPathIndex + 1); |
99 | } |
|
100 | ||
101 | // remaining name parts must match |
|
102 | 0 | if (!ruleName.equals(testName)) |
103 | { |
|
104 | 0 | return false; |
105 | } |
|
106 | } |
|
107 | ||
108 | // The action bits in FragmentPerm (permission) |
|
109 | // must be set in the current mask permission. |
|
110 | 0 | return (mask & fragmentPerm.mask) == fragmentPerm.mask; |
111 | ||
112 | } |
|
113 | ||
114 | /** |
|
115 | * @see java.security.Permission#equals(Object) |
|
116 | */ |
|
117 | public boolean equals(Object object) |
|
118 | { |
|
119 | 0 | if (!(object instanceof FragmentPermission)) |
120 | 0 | return false; |
121 | ||
122 | 0 | FragmentPermission p = (FragmentPermission) object; |
123 | 0 | return ((p.mask == mask) && (p.getName().equals(getName()))); |
124 | } |
|
125 | ||
126 | } |
This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |