View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.api.ldap.aci;
21  
22  
23  import java.util.ArrayList;
24  import java.util.Collection;
25  import java.util.Collections;
26  import java.util.Set;
27  
28  import org.apache.directory.api.ldap.model.constants.AuthenticationLevel;
29  
30  
31  /**
32   * An {@link ACIItem} which specifies {@link ProtectedItem}s first and then
33   * {@link UserClass}es each {@link ProtectedItem} will have. (18.4.2.4. X.501)
34   * 
35   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
36   */
37  public class ItemFirstACIItem extends ACIItem
38  {
39      /** The list of protected items ( userClasses or userPermissions ) */
40      private final Collection<ProtectedItem> protectedItems;
41  
42      /** The associated permissions */
43      private final Collection<ItemPermission> itemPermissions;
44  
45  
46      /**
47       * Creates a new instance.
48       * 
49       * @param identificationTag the id string of this item
50       * @param precedence the precedence of this item
51       * @param authenticationLevel the level of authentication required to this item
52       * @param protectedItems the collection of {@link ProtectedItem}s this item protects
53       * @param itemPermissions the collection of {@link ItemPermission}s each <tt>protectedItems</tt> will have
54       */
55      public ItemFirstACIItem( String identificationTag, int precedence, AuthenticationLevel authenticationLevel,
56          Collection<ProtectedItem> protectedItems, Collection<ItemPermission> itemPermissions )
57      {
58          super( identificationTag, precedence, authenticationLevel );
59  
60          this.protectedItems = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>( protectedItems ) );
61          this.itemPermissions = Collections.unmodifiableCollection( new ArrayList<ItemPermission>( itemPermissions ) );
62      }
63  
64  
65      /**
66       * Gets the collection of {@link ProtectedItem}s.
67       *
68       * @return the collection of {@link ProtectedItem}s
69       */
70      public Collection<ProtectedItem> getProtectedItems()
71      {
72          return protectedItems;
73      }
74  
75  
76      /**
77       * Gets the collection of {@link ItemPermission}s.
78       *
79       * @return the collection of {@link ItemPermission}s
80       */
81      public Collection<ItemPermission> getItemPermissions()
82      {
83          return itemPermissions;
84      }
85  
86  
87      /**
88       * {@inheritDoc}
89       */
90      @Override
91      public String toString()
92      {
93          StringBuilder buf = new StringBuilder();
94  
95          buf.append( "{" );
96          buf.append( super.toString() );
97  
98          // itemOrUserFirst
99          buf.append( ", itemOrUserFirst itemFirst: { " );
100 
101         // protectedItems
102         buf.append( "protectedItems { " );
103 
104         boolean isFirst = true;
105 
106         for ( ProtectedItem item : protectedItems )
107         {
108             if ( isFirst )
109             {
110                 isFirst = false;
111             }
112             else
113             {
114                 buf.append( ", " );
115             }
116 
117             buf.append( item.toString() );
118         }
119 
120         // itemPermissions
121         buf.append( " }, itemPermissions { " );
122 
123         isFirst = true;
124 
125         for ( ItemPermission permission : itemPermissions )
126         {
127             if ( isFirst )
128             {
129                 isFirst = false;
130             }
131             else
132             {
133                 buf.append( ", " );
134             }
135 
136             buf.append( permission.toString() );
137         }
138 
139         buf.append( " } } }" );
140 
141         return buf.toString();
142     }
143 
144 
145     /**
146      * Transform this protected Item and permissions to a set of Tuples
147      * 
148      * @return The list of created Tuples
149      */
150     public Collection<ACITuple> toTuples()
151     {
152         Collection<ACITuple> tuples = new ArrayList<ACITuple>();
153 
154         for ( ItemPermission itemPermission : itemPermissions )
155         {
156             Set<GrantAndDenial> grants = itemPermission.getGrants();
157             Set<GrantAndDenial> denials = itemPermission.getDenials();
158             int precedence = itemPermission.getPrecedence() != null
159                 ? itemPermission.getPrecedence()
160                 : this.getPrecedence();
161 
162             if ( grants.size() > 0 )
163             {
164                 tuples.add( new ACITuple( itemPermission.getUserClasses(), getAuthenticationLevel(), protectedItems,
165                     toMicroOperations( grants ), true, precedence ) );
166             }
167 
168             if ( denials.size() > 0 )
169             {
170                 tuples.add( new ACITuple( itemPermission.getUserClasses(), getAuthenticationLevel(), protectedItems,
171                     toMicroOperations( denials ), false, precedence ) );
172             }
173         }
174 
175         return tuples;
176     }
177 }