Coverage Report

Coverage Report - org.apache.shiro.authz.permission.WildcardPermission

Classes in this File

Line Coverage

Branch Coverage

Complexity

WildcardPermission

88%

54/61

79%

27/34

3.273

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.shiro.authz.permission;
 
 import org.apache.shiro.authz.Permission;
 import org.apache.shiro.util.CollectionUtils;
 import org.apache.shiro.util.StringUtils;
 
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Set;
 
 /**
  * A <code>WildcardPermission</code> is a very flexible permission construct supporting multiple levels of
  * permission matching. However, most people will probably follow some standard conventions as explained below.
  * <p/>
  * <h3>Simple Usage</h3>
  * <p/>
  * In the simplest form, <code>WildcardPermission</code> can be used as a simple permission string. You could grant a
  * user an &quot;editNewsletter&quot; permission and then check to see if the user has the editNewsletter
  * permission by calling
  * <p/>
  * <code>subject.isPermitted(&quot;editNewsletter&quot;)</code>
  * <p/>
  * This is (mostly) equivalent to
  * <p/>
  * <code>subject.isPermitted( new WildcardPermission(&quot;editNewsletter&quot;) )</code>
  * <p/>
  * but more on that later.
  * <p/>
  * The simple permission string may work for simple applications, but it requires you to have permissions like
  * <code>&quot;viewNewsletter&quot;</code>, <code>&quot;deleteNewsletter&quot;</code>,
  * <code>&quot;createNewsletter&quot;</code>, etc. You can also grant a user <code>&quot;*&quot;</code> permissions
  * using the wildcard character (giving this class its name), which means they have <em>all</em> permissions. But
  * using this approach there's no way to just say a user has &quot;all newsletter permissions&quot;.
  * <p/>
  * For this reason, <code>WildcardPermission</code> supports multiple <em>levels</em> of permissioning.
  * <p/>
  * <h3>Multiple Levels</h3>
  * <p/>
  * WildcardPermission</code> also supports the concept of multiple <em>levels</em>.  For example, you could
  * restructure the previous simple example by granting a user the permission <code>&quot;newsletter:edit&quot;</code>.
  * The colon in this example is a special character used by the <code>WildcardPermission</code> that delimits the
  * next token in the permission.
  * <p/>
  * In this example, the first token is the <em>domain</em> that is being operated on
  * and the second token is the <em>action</em> being performed. Each level can contain multiple values.  So you
  * could simply grant a user the permission <code>&quot;newsletter:view,edit,create&quot;</code> which gives them
  * access to perform <code>view</code>, <code>edit</code>, and <code>create</code> actions in the <code>newsletter</code>
  * <em>domain</em>. Then you could check to see if the user has the <code>&quot;newsletter:create&quot;</code>
  * permission by calling
  * <p/>
  * <code>subject.isPermitted(&quot;newsletter:create&quot;)</code>
  * <p/>
  * (which would return true).
  * <p/>
  * In addition to granting multiple permissions via a single string, you can grant all permission for a particular
  * level. So if you wanted to grant a user all actions in the <code>newsletter</code> domain, you could simply give
  * them <code>&quot;newsletter:*&quot;</code>. Now, any permission check for <code>&quot;newsletter:XXX&quot;</code>
  * will return <code>true</code>. It is also possible to use the wildcard token at the domain level (or both): so you
  * could grant a user the <code>&quot;view&quot;</code> action across all domains <code>&quot;*:view&quot;</code>.
  * <p/>
  * <h3>Instance-level Access Control</h3>
  * <p/>
  * Another common usage of the <code>WildcardPermission</code> is to model instance-level Access Control Lists.
  * In this scenario you use three tokens - the first is the <em>domain</em>, the second is the <em>action</em>, and
  * the third is the <em>instance</em> you are acting on.
  * <p/>
  * So for example you could grant a user <code>&quot;newsletter:edit:12,13,18&quot;</code>.  In this example, assume
  * that the third token is the system's ID of the newsletter. That would allow the user to edit newsletters
  * <code>12</code>, <code>13</code>, and <code>18</code>. This is an extremely powerful way to express permissions,
  * since you can now say things like <code>&quot;newsletter:*:13&quot;</code> (grant a user all actions for newsletter
  * <code>13</code>), <code>&quot;newsletter:view,create,edit:*&quot;</code> (allow the user to
  * <code>view</code>, <code>create</code>, or <code>edit</code> <em>any</em> newsletter), or
  * <code>&quot;newsletter:*:*</code> (allow the user to perform <em>any</em> action on <em>any</em> newsletter).
  * <p/>
  * To perform checks against these instance-level permissions, the application should include the instance ID in the
  * permission check like so:
  * <p/>
  * <code>subject.isPermitted( &quot;newsletter:edit:13&quot; )</code>
  * <p/>
  * There is no limit to the number of tokens that can be used, so it is up to your imagination in terms of ways that
  * this could be used in your application.  However, the Shiro team likes to standardize some common usages shown
  * above to help people get started and provide consistency in the Shiro community.
  *
  * @since 0.9
  */
 public class WildcardPermission implements Permission, Serializable {
 
     //TODO - JavaDoc methods
 
     /*--------------------------------------------
     |             C O N S T A N T S             |
     ============================================*/
     protected static final String WILDCARD_TOKEN = "*";
     protected static final String PART_DIVIDER_TOKEN = ":";
     protected static final String SUBPART_DIVIDER_TOKEN = ",";
     protected static final boolean DEFAULT_CASE_SENSITIVE = false;
 
     /*--------------------------------------------
     |    I N S T A N C E   V A R I A B L E S    |
     ============================================*/
     private List<Set<String>> parts;
 
     /*--------------------------------------------
     |         C O N S T R U C T O R S           |
     ============================================*/
     /**
      * Default no-arg constructor for subclasses only - end-user developers instantiating Permission instances must
      * provide a wildcard string at a minimum, since Permission instances are immutable once instantiated.
      * <p/>
      * Note that the WildcardPermission class is very robust and typically subclasses are not necessary unless you
      * wish to create type-safe Permission objects that would be used in your application, such as perhaps a
      * {@code UserPermission}, {@code SystemPermission}, {@code PrinterPermission}, etc.  If you want such type-safe
      * permission usage, consider subclassing the {@link DomainPermission DomainPermission} class for your needs.
      */
     protected WildcardPermission() {
     }
 
     public WildcardPermission(String wildcardString) {
         this(wildcardString, DEFAULT_CASE_SENSITIVE);
     }
 
     public WildcardPermission(String wildcardString, boolean caseSensitive) {
         setParts(wildcardString, caseSensitive);
     }
 
     protected void setParts(String wildcardString) {
         setParts(wildcardString, DEFAULT_CASE_SENSITIVE);
     }
 
     protected void setParts(String wildcardString, boolean caseSensitive) {
         wildcardString = StringUtils.clean(wildcardString);
 
         if (wildcardString == null || wildcardString.isEmpty()) {
             throw new IllegalArgumentException("Wildcard string cannot be null or empty. Make sure permission strings are properly formatted.");
         }
 
         List<String> parts = CollectionUtils.asList(wildcardString.split(PART_DIVIDER_TOKEN));
 
         this.parts = new ArrayList<Set<String>>();
         for (String part : parts) {
             Set<String> subparts = CollectionUtils.asSet(part.split(SUBPART_DIVIDER_TOKEN));
             if (!caseSensitive) {
                 subparts = lowercase(subparts);
             }
             if (subparts.isEmpty()) {
                 throw new IllegalArgumentException("Wildcard string cannot contain parts with only dividers. Make sure permission strings are properly formatted.");
             }
             this.parts.add(subparts);
         }
 
         if (this.parts.isEmpty()) {
             throw new IllegalArgumentException("Wildcard string cannot contain only dividers. Make sure permission strings are properly formatted.");
         }
     }
 
     private Set<String> lowercase(Set<String> subparts) {
         Set<String> lowerCasedSubparts = new LinkedHashSet<String>(subparts.size());
         for (String subpart : subparts) {
             lowerCasedSubparts.add(subpart.toLowerCase());
         }
         return lowerCasedSubparts;
     }
 
     /*--------------------------------------------
     |  A C C E S S O R S / M O D I F I E R S    |
     ============================================*/
     protected List<Set<String>> getParts() {
         return this.parts;
     }
 
     /*--------------------------------------------
     |               M E T H O D S               |
     ============================================*/
 
     public boolean implies(Permission p) {
         // By default only supports comparisons with other WildcardPermissions
         if (!(p instanceof WildcardPermission)) {
             return false;
         }
 
         WildcardPermission wp = (WildcardPermission) p;
 
         List<Set<String>> otherParts = wp.getParts();
 
         int i = 0;
         for (Set<String> otherPart : otherParts) {
             // If this permission has less parts than the other permission, everything after the number of parts contained
             // in this permission is automatically implied, so return true
             if (getParts().size() - 1 < i) {
                 return true;
             } else {
                 Set<String> part = getParts().get(i);
                 if (!part.contains(WILDCARD_TOKEN) && !part.containsAll(otherPart)) {
                     return false;
                 }
                 i++;
             }
         }
 
         // If this permission has more parts than the other parts, only imply it if all of the other parts are wildcards
         for (; i < getParts().size(); i++) {
             Set<String> part = getParts().get(i);
             if (!part.contains(WILDCARD_TOKEN)) {
                 return false;
             }
         }
 
         return true;
     }
 
     public String toString() {
         StringBuilder buffer = new StringBuilder();
         for (Set<String> part : parts) {
             if (buffer.length() > 0) {
                 buffer.append(":");
             }
             buffer.append(part);
         }
         return buffer.toString();
     }
 
     public boolean equals(Object o) {
         if (o instanceof WildcardPermission) {
             WildcardPermission wp = (WildcardPermission) o;
             return parts.equals(wp.parts);
         }
         return false;
     }
 
     public int hashCode() {
         return parts.hashCode();
     }
 
 }

1		/*
2		* Licensed to the Apache Software Foundation (ASF) under one
3		* or more contributor license agreements. See the NOTICE file
4		* distributed with this work for additional information
5		* regarding copyright ownership. The ASF licenses this file
6		* to you under the Apache License, Version 2.0 (the
7		* "License"); you may not use this file except in compliance
8		* with the License. You may obtain a copy of the License at
9		*
10		* http://www.apache.org/licenses/LICENSE-2.0
11		*
12		* Unless required by applicable law or agreed to in writing,
13		* software distributed under the License is distributed on an
14		* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15		* KIND, either express or implied. See the License for the
16		* specific language governing permissions and limitations
17		* under the License.
18		*/
19		package org.apache.shiro.authz.permission;
20
21		import org.apache.shiro.authz.Permission;
22		import org.apache.shiro.util.CollectionUtils;
23		import org.apache.shiro.util.StringUtils;
24
25		import java.io.Serializable;
26		import java.util.ArrayList;
27		import java.util.LinkedHashSet;
28		import java.util.List;
29		import java.util.Set;
30
31		/**
32		* A <code>WildcardPermission</code> is a very flexible permission construct supporting multiple levels of
33		* permission matching. However, most people will probably follow some standard conventions as explained below.
34		* <p/>
35		* <h3>Simple Usage</h3>
36		* <p/>
37		* In the simplest form, <code>WildcardPermission</code> can be used as a simple permission string. You could grant a
38		* user an "editNewsletter" permission and then check to see if the user has the editNewsletter
39		* permission by calling
40		* <p/>
41		* <code>subject.isPermitted("editNewsletter")</code>
42		* <p/>
43		* This is (mostly) equivalent to
44		* <p/>
45		* <code>subject.isPermitted( new WildcardPermission("editNewsletter") )</code>
46		* <p/>
47		* but more on that later.
48		* <p/>
49		* The simple permission string may work for simple applications, but it requires you to have permissions like
50		* <code>"viewNewsletter"</code>, <code>"deleteNewsletter"</code>,
51		* <code>"createNewsletter"</code>, etc. You can also grant a user <code>"*"</code> permissions
52		* using the wildcard character (giving this class its name), which means they have <em>all</em> permissions. But
53		* using this approach there's no way to just say a user has "all newsletter permissions".
54		* <p/>
55		* For this reason, <code>WildcardPermission</code> supports multiple <em>levels</em> of permissioning.
56		* <p/>
57		* <h3>Multiple Levels</h3>
58		* <p/>
59		* WildcardPermission</code> also supports the concept of multiple <em>levels</em>. For example, you could
60		* restructure the previous simple example by granting a user the permission <code>"newsletter:edit"</code>.
61		* The colon in this example is a special character used by the <code>WildcardPermission</code> that delimits the
62		* next token in the permission.
63		* <p/>
64		* In this example, the first token is the <em>domain</em> that is being operated on
65		* and the second token is the <em>action</em> being performed. Each level can contain multiple values. So you
66		* could simply grant a user the permission <code>"newsletter:view,edit,create"</code> which gives them
67		* access to perform <code>view</code>, <code>edit</code>, and <code>create</code> actions in the <code>newsletter</code>
68		* <em>domain</em>. Then you could check to see if the user has the <code>"newsletter:create"</code>
69		* permission by calling
70		* <p/>
71		* <code>subject.isPermitted("newsletter:create")</code>
72		* <p/>
73		* (which would return true).
74		* <p/>
75		* In addition to granting multiple permissions via a single string, you can grant all permission for a particular
76		* level. So if you wanted to grant a user all actions in the <code>newsletter</code> domain, you could simply give
77		* them <code>"newsletter:*"</code>. Now, any permission check for <code>"newsletter:XXX"</code>
78		* will return <code>true</code>. It is also possible to use the wildcard token at the domain level (or both): so you
79		* could grant a user the <code>"view"</code> action across all domains <code>"*:view"</code>.
80		* <p/>
81		* <h3>Instance-level Access Control</h3>
82		* <p/>
83		* Another common usage of the <code>WildcardPermission</code> is to model instance-level Access Control Lists.
84		* In this scenario you use three tokens - the first is the <em>domain</em>, the second is the <em>action</em>, and
85		* the third is the <em>instance</em> you are acting on.
86		* <p/>
87		* So for example you could grant a user <code>"newsletter:edit:12,13,18"</code>. In this example, assume
88		* that the third token is the system's ID of the newsletter. That would allow the user to edit newsletters
89		* <code>12</code>, <code>13</code>, and <code>18</code>. This is an extremely powerful way to express permissions,
90		* since you can now say things like <code>"newsletter:*:13"</code> (grant a user all actions for newsletter
91		* <code>13</code>), <code>"newsletter:view,create,edit:*"</code> (allow the user to
92		* <code>view</code>, <code>create</code>, or <code>edit</code> <em>any</em> newsletter), or
93		* <code>"newsletter::</code> (allow the user to perform <em>any</em> action on <em>any</em> newsletter).
94		* <p/>
95		* To perform checks against these instance-level permissions, the application should include the instance ID in the
96		* permission check like so:
97		* <p/>
98		* <code>subject.isPermitted( "newsletter:edit:13" )</code>
99		* <p/>
100		* There is no limit to the number of tokens that can be used, so it is up to your imagination in terms of ways that
101		* this could be used in your application. However, the Shiro team likes to standardize some common usages shown
102		* above to help people get started and provide consistency in the Shiro community.
103		*
104		* @since 0.9
105		*/
106		public class WildcardPermission implements Permission, Serializable {
107
108		//TODO - JavaDoc methods
109
110		/*--------------------------------------------
111		\| C O N S T A N T S \|
112		============================================*/
113		protected static final String WILDCARD_TOKEN = "*";
114		protected static final String PART_DIVIDER_TOKEN = ":";
115		protected static final String SUBPART_DIVIDER_TOKEN = ",";
116		protected static final boolean DEFAULT_CASE_SENSITIVE = false;
117
118		/*--------------------------------------------
119		\| I N S T A N C E V A R I A B L E S \|
120		============================================*/
121		private List<Set<String>> parts;
122
123		/*--------------------------------------------
124		\| C O N S T R U C T O R S \|
125		============================================*/
126		/**
127		* Default no-arg constructor for subclasses only - end-user developers instantiating Permission instances must
128		* provide a wildcard string at a minimum, since Permission instances are immutable once instantiated.
129		* <p/>
130		* Note that the WildcardPermission class is very robust and typically subclasses are not necessary unless you
131		* wish to create type-safe Permission objects that would be used in your application, such as perhaps a
132		* {@code UserPermission}, {@code SystemPermission}, {@code PrinterPermission}, etc. If you want such type-safe
133		* permission usage, consider subclassing the {@link DomainPermission DomainPermission} class for your needs.
134		*/
135	10	protected WildcardPermission() {
136	10	}
137
138		public WildcardPermission(String wildcardString) {
139	208	this(wildcardString, DEFAULT_CASE_SENSITIVE);
140	200	}
141
142	220	public WildcardPermission(String wildcardString, boolean caseSensitive) {
143	220	setParts(wildcardString, caseSensitive);
144	212	}
145
146		protected void setParts(String wildcardString) {
147	10	setParts(wildcardString, DEFAULT_CASE_SENSITIVE);
148	10	}
149
150		protected void setParts(String wildcardString, boolean caseSensitive) {
151	230	wildcardString = StringUtils.clean(wildcardString);
152
153	230	if (wildcardString == null \|\| wildcardString.isEmpty()) {
154	6	throw new IllegalArgumentException("Wildcard string cannot be null or empty. Make sure permission strings are properly formatted.");
155		}
156
157	224	List<String> parts = CollectionUtils.asList(wildcardString.split(PART_DIVIDER_TOKEN));
158
159	224	this.parts = new ArrayList<Set<String>>();
160	224	for (String part : parts) {
161	396	Set<String> subparts = CollectionUtils.asSet(part.split(SUBPART_DIVIDER_TOKEN));
162	396	if (!caseSensitive) {
163	396	subparts = lowercase(subparts);
164		}
165	396	if (subparts.isEmpty()) {
166	2	throw new IllegalArgumentException("Wildcard string cannot contain parts with only dividers. Make sure permission strings are properly formatted.");
167		}
168	394	this.parts.add(subparts);
169	394	}
170
171	222	if (this.parts.isEmpty()) {
172	0	throw new IllegalArgumentException("Wildcard string cannot contain only dividers. Make sure permission strings are properly formatted.");
173		}
174	222	}
175
176		private Set<String> lowercase(Set<String> subparts) {
177	396	Set<String> lowerCasedSubparts = new LinkedHashSet<String>(subparts.size());
178	396	for (String subpart : subparts) {
179	462	lowerCasedSubparts.add(subpart.toLowerCase());
180	462	}
181	396	return lowerCasedSubparts;
182		}
183
184		/*--------------------------------------------
185		\| A C C E S S O R S / M O D I F I E R S \|
186		============================================*/
187		protected List<Set<String>> getParts() {
188	920	return this.parts;
189		}
190
191		/*--------------------------------------------
192		\| M E T H O D S \|
193		============================================*/
194
195		public boolean implies(Permission p) {
196		// By default only supports comparisons with other WildcardPermissions
197	162	if (!(p instanceof WildcardPermission)) {
198	0	return false;
199		}
200
201	162	WildcardPermission wp = (WildcardPermission) p;
202
203	162	List<Set<String>> otherParts = wp.getParts();
204
205	162	int i = 0;
206	162	for (Set<String> otherPart : otherParts) {
207		// If this permission has less parts than the other permission, everything after the number of parts contained
208		// in this permission is automatically implied, so return true
209	304	if (getParts().size() - 1 < i) {
210	22	return true;
211		} else {
212	282	Set<String> part = getParts().get(i);
213	282	if (!part.contains(WILDCARD_TOKEN) && !part.containsAll(otherPart)) {
214	42	return false;
215		}
216	240	i++;
217		}
218	240	}
219
220		// If this permission has more parts than the other parts, only imply it if all of the other parts are wildcards
221	154	for (; i < getParts().size(); i++) {
222	36	Set<String> part = getParts().get(i);
223	36	if (!part.contains(WILDCARD_TOKEN)) {
224	8	return false;
225		}
226		}
227
228	90	return true;
229		}
230
231		public String toString() {
232	8	StringBuilder buffer = new StringBuilder();
233	8	for (Set<String> part : parts) {
234	8	if (buffer.length() > 0) {
235	0	buffer.append(":");
236		}
237	8	buffer.append(part);
238	8	}
239	8	return buffer.toString();
240		}
241
242		public boolean equals(Object o) {
243	0	if (o instanceof WildcardPermission) {
244	0	WildcardPermission wp = (WildcardPermission) o;
245	0	return parts.equals(wp.parts);
246		}
247	0	return false;
248		}
249
250		public int hashCode() {
251	230	return parts.hashCode();
252		}
253
254		}