001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020package org.apache.directory.shared.ldap.aci; 021 022 023import java.util.ArrayList; 024import java.util.Collection; 025import java.util.Collections; 026import java.util.Set; 027 028import org.apache.directory.shared.ldap.model.constants.AuthenticationLevel; 029 030 031/** 032 * An {@link ACIItem} which specifies {@link ProtectedItem}s first and then 033 * {@link UserClass}es each {@link ProtectedItem} will have. (18.4.2.4. X.501) 034 * 035 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 036 */ 037public class ItemFirstACIItem extends ACIItem 038{ 039 /** The list of protected items ( userClasses or userPermissions ) */ 040 private final Collection<ProtectedItem> protectedItems; 041 042 /** The associated permissions */ 043 private final Collection<ItemPermission> itemPermissions; 044 045 046 /** 047 * Creates a new instance. 048 * 049 * @param identificationTag the id string of this item 050 * @param precedence the precedence of this item 051 * @param authenticationLevel the level of authentication required to this item 052 * @param protectedItems the collection of {@link ProtectedItem}s this item protects 053 * @param itemPermissions the collection of {@link ItemPermission}s each <tt>protectedItems</tt> will have 054 */ 055 public ItemFirstACIItem( String identificationTag, int precedence, AuthenticationLevel authenticationLevel, 056 Collection<ProtectedItem> protectedItems, Collection<ItemPermission> itemPermissions ) 057 { 058 super( identificationTag, precedence, authenticationLevel ); 059 060 this.protectedItems = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>( protectedItems ) ); 061 this.itemPermissions = Collections.unmodifiableCollection( new ArrayList<ItemPermission>( itemPermissions ) ); 062 } 063 064 065 /** 066 * Gets the collection of {@link ProtectedItem}s. 067 * 068 * @return the collection of {@link ProtectedItem}s 069 */ 070 public Collection<ProtectedItem> getProtectedItems() 071 { 072 return protectedItems; 073 } 074 075 076 /** 077 * Gets the collection of {@link ItemPermission}s. 078 * 079 * @return the collection of {@link ItemPermission}s 080 */ 081 public Collection<ItemPermission> getItemPermissions() 082 { 083 return itemPermissions; 084 } 085 086 087 /** 088 * {@inheritDoc} 089 */ 090 @Override 091 public String toString() 092 { 093 StringBuilder buf = new StringBuilder(); 094 095 buf.append( "{" ); 096 buf.append( super.toString() ); 097 098 // itemOrUserFirst 099 buf.append( ", itemOrUserFirst itemFirst: { " ); 100 101 // protectedItems 102 buf.append( "protectedItems { " ); 103 104 boolean isFirst = true; 105 106 for ( ProtectedItem item : protectedItems ) 107 { 108 if ( isFirst ) 109 { 110 isFirst = false; 111 } 112 else 113 { 114 buf.append( ", " ); 115 } 116 117 buf.append( item.toString() ); 118 } 119 120 // itemPermissions 121 buf.append( " }, itemPermissions { " ); 122 123 isFirst = true; 124 125 for ( ItemPermission permission : itemPermissions ) 126 { 127 if ( isFirst ) 128 { 129 isFirst = false; 130 } 131 else 132 { 133 buf.append( ", " ); 134 } 135 136 buf.append( permission.toString() ); 137 } 138 139 buf.append( " } } }" ); 140 141 return buf.toString(); 142 } 143 144 145 /** 146 * Transform this protected Item and permissions to a set of Tuples 147 * 148 * @return The list of created Tuples 149 */ 150 public Collection<ACITuple> toTuples() 151 { 152 Collection<ACITuple> tuples = new ArrayList<ACITuple>(); 153 154 for ( ItemPermission itemPermission : itemPermissions ) 155 { 156 Set<GrantAndDenial> grants = itemPermission.getGrants(); 157 Set<GrantAndDenial> denials = itemPermission.getDenials(); 158 int precedence = itemPermission.getPrecedence() != null 159 ? itemPermission.getPrecedence() 160 : this.getPrecedence(); 161 162 if ( grants.size() > 0 ) 163 { 164 tuples.add( new ACITuple( itemPermission.getUserClasses(), getAuthenticationLevel(), protectedItems, 165 toMicroOperations( grants ), true, precedence ) ); 166 } 167 168 if ( denials.size() > 0 ) 169 { 170 tuples.add( new ACITuple( itemPermission.getUserClasses(), getAuthenticationLevel(), protectedItems, 171 toMicroOperations( denials ), false, precedence ) ); 172 } 173 } 174 175 return tuples; 176 } 177}