1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.om.page;
18
19 import java.util.Collection;
20 import java.util.Iterator;
21 import java.util.List;
22 import java.util.StringTokenizer;
23
24 import org.apache.jetspeed.om.common.SecurityConstraint;
25 import org.apache.jetspeed.page.impl.DatabasePageManagerUtils;
26
27
28 /***
29 * <p>
30 * SecurityConstraintImpl
31 * </p>
32 * <p>
33 *
34 * </p>
35 * @author <a href="mailto:rwatler@finali.com">Randy Watler</a>
36 * @version $Id: SecurityConstraintImpl.java 516448 2007-03-09 16:25:47Z ate $
37 *
38 */
39 public class SecurityConstraintImpl implements SecurityConstraint
40 {
41 private int id;
42 private int applyOrder;
43 private List usersList;
44 private List rolesList;
45 private List groupsList;
46 private List permissionsList;
47
48 private String users;
49 private String roles;
50 private String groups;
51 private String permissions;
52
53 /***
54 * getApplyOrder
55 *
56 * @return apply order for constraints
57 */
58 public int getApplyOrder()
59 {
60 return applyOrder;
61 }
62
63 /***
64 * setApplyOrder
65 *
66 * @param order apply order for constraints
67 */
68 public void setApplyOrder(int order)
69 {
70 applyOrder = order;
71 }
72
73 /***
74 * getUsersAsString
75 *
76 * @return users CSV list
77 */
78 public String getUsersAsString()
79 {
80
81 if ((users == null) && (usersList != null) && !usersList.isEmpty())
82 {
83 users = formatCSVList(usersList);
84 }
85 return users;
86 }
87
88 /***
89 * setUsersAsString
90 *
91 * @param users users CSV list
92 */
93 public void setUsersAsString(String users)
94 {
95
96 this.users = users;
97 usersList = parseCSVList(users);
98 }
99
100 /***
101 * getRolesAsString
102 *
103 * @return roles CSV list
104 */
105 public String getRolesAsString()
106 {
107
108 if ((roles == null) && (rolesList != null) && !rolesList.isEmpty())
109 {
110 roles = formatCSVList(rolesList);
111 }
112 return roles;
113 }
114
115 /***
116 * setRolesAsString
117 *
118 * @param roles roles CSV list
119 */
120 public void setRolesAsString(String roles)
121 {
122
123 this.roles = roles;
124 rolesList = parseCSVList(roles);
125 }
126
127 /***
128 * getGroupsAsString
129 *
130 * @return groups CSV list
131 */
132 public String getGroupsAsString()
133 {
134
135 if ((groups == null) && (groupsList != null) && !groupsList.isEmpty())
136 {
137 groups = formatCSVList(groupsList);
138 }
139 return groups;
140 }
141
142 /***
143 * setGroupsAsString
144 *
145 * @param groups groups CSV list
146 */
147 public void setGroupsAsString(String groups)
148 {
149
150 this.groups = groups;
151 groupsList = parseCSVList(groups);
152 }
153
154 /***
155 * getPermissionsAsString
156 *
157 * @return permissions CSV list
158 */
159 public String getPermissionsAsString()
160 {
161
162 if ((permissions == null) && (permissionsList != null) && !permissionsList.isEmpty())
163 {
164 permissions = formatCSVList(permissionsList);
165 }
166 return permissions;
167 }
168
169 /***
170 * setPermissionsAsString
171 *
172 * @param permissions permissions CSV list
173 */
174 public void setPermissionsAsString(String permissions)
175 {
176
177 this.permissions = permissions;
178 permissionsList = parseCSVList(permissions);
179 }
180
181 /***
182 * <p>
183 * getUsers
184 * </p>
185 *
186 * @see org.apache.jetspeed.om.common.SecurityConstraint#getUsers()
187 * @return users list
188 */
189 public List getUsers()
190 {
191 return usersList;
192 }
193
194 /***
195 * <p>
196 * setUsers
197 * </p>
198 *
199 * @see org.apache.jetspeed.om.common.SecurityConstraint#setUsers(java.util.List)
200 * @param users users list
201 */
202 public void setUsers(List users)
203 {
204
205 usersList = users;
206 this.users = null;
207 }
208
209 /***
210 * <p>
211 * getRoles
212 * </p>
213 *
214 * @see org.apache.jetspeed.om.common.SecurityConstraint#getRoles()
215 * @return roles list
216 */
217 public List getRoles()
218 {
219 return rolesList;
220 }
221
222 /***
223 * <p>
224 * setRoles
225 * </p>
226 *
227 * @see org.apache.jetspeed.om.common.SecurityConstraint#setRoles(java.util.List)
228 * @param roles roles list
229 */
230 public void setRoles(List roles)
231 {
232
233 rolesList = roles;
234 this.roles = null;
235 }
236
237 /***
238 * <p>
239 * getGroups
240 * </p>
241 *
242 * @see org.apache.jetspeed.om.common.SecurityConstraint#getGroups()
243 * @return groups list
244 */
245 public List getGroups()
246 {
247 return groupsList;
248 }
249
250 /***
251 * <p>
252 * setGroups
253 * </p>
254 *
255 * @see org.apache.jetspeed.om.common.SecurityConstraint#setGroups(java.util.List)
256 * @param groups groups list
257 */
258 public void setGroups(List groups)
259 {
260
261 groupsList = groups;
262 this.groups = null;
263 }
264
265 /***
266 * <p>
267 * getPermissions
268 * </p>
269 *
270 * @see org.apache.jetspeed.om.common.SecurityConstraint#getPermissions()
271 * @return permissions list
272 */
273 public List getPermissions()
274 {
275 return permissionsList;
276 }
277
278 /***
279 * <p>
280 * setPermissions
281 * </p>
282 *
283 * @see org.apache.jetspeed.om.common.SecurityConstraint#setPermissions(java.util.List)
284 * @param permissions permissions list
285 */
286 public void setPermissions(List permissions)
287 {
288
289 permissionsList = permissions;
290 this.permissions = null;
291 }
292
293 /***
294 * <p>
295 * principalsMatch
296 * </p>
297 * <p>
298 * Test user/role/group names against principal names.
299 * </p>
300 *
301 * @param userPrincipals
302 * @param rolePrincipals
303 * @param groupPrincipals
304 * @param allowDefault
305 * @return match result
306 */
307 public boolean principalsMatch(List userPrincipals, List rolePrincipals, List groupPrincipals, boolean allowDefault)
308 {
309
310
311 return ((allowDefault && (usersList == null) && (rolesList == null) && (groupsList == null)) ||
312 ((usersList != null) && (userPrincipals != null) &&
313 (containsAny(usersList, userPrincipals) || usersList.contains(WILD_CHAR))) ||
314 ((rolesList != null) && (rolePrincipals != null) &&
315 (containsAny(rolesList, rolePrincipals) || rolesList.contains(WILD_CHAR))) ||
316 ((groupsList != null) && (groupPrincipals != null) &&
317 (containsAny(groupsList, groupPrincipals) || groupsList.contains(WILD_CHAR))));
318 }
319
320 /***
321 * <p>
322 * actionMatch
323 * </p>
324 * <p>
325 * Test permission names against action name.
326 * </p>
327 *
328 * @param action
329 * @return match result
330 */
331 public boolean actionMatch(String action)
332 {
333
334
335 return ((permissionsList != null) &&
336 (permissionsList.contains(action) || permissionsList.contains(WILD_CHAR)));
337 }
338
339 /***
340 * <p>
341 * parseCSVList
342 * </p>
343 * <p>
344 * Utility to parse CSV string values into Lists.
345 * </p>
346 *
347 * @param csv
348 * @return parsed values list.
349 */
350 public static List parseCSVList(String csv)
351 {
352 if (csv != null)
353 {
354 List csvList = DatabasePageManagerUtils.createList();
355 if (csv.indexOf(',') != -1)
356 {
357 StringTokenizer csvTokens = new StringTokenizer(csv, ",");
358 while (csvTokens.hasMoreTokens())
359 {
360 csvList.add(csvTokens.nextToken().trim());
361 }
362 }
363 else
364 {
365 csvList.add(csv);
366 }
367 return csvList;
368 }
369 return null;
370 }
371
372 /***
373 * <p>
374 * formatCSVList
375 * </p>
376 * <p>
377 * Utility to format CSV List values into strings.
378 * </p>
379 *
380 * @param list
381 * @return formatted string value.
382 */
383 public static String formatCSVList(List list)
384 {
385 if ((list != null) && !list.isEmpty())
386 {
387 StringBuffer csv = new StringBuffer();
388 Iterator listIter = list.iterator();
389 while (listIter.hasNext())
390 {
391 if (csv.length() > 0)
392 {
393 csv.append(",");
394 }
395 csv.append((String)listIter.next());
396 }
397 return csv.toString();
398 }
399 return null;
400 }
401
402 /***
403 * <p>
404 * containsAny
405 * </p>
406 * <p>
407 * Utility implementation for contains any test against two collections.
408 * </p>
409 *
410 * @param collection0
411 * @param collection1
412 * @return contains any result.
413 */
414 public static boolean containsAny(Collection collection0, Collection collection1)
415 {
416 if ((collection0 != null) && (collection1 != null))
417 {
418 Iterator containsIter = collection1.iterator();
419 while (containsIter.hasNext())
420 {
421 if (collection0.contains(containsIter.next()))
422 {
423 return true;
424 }
425 }
426 }
427 return false;
428 }
429 }