001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020package org.apache.directory.shared.ldap.aci; 021 022 023import java.util.ArrayList; 024import java.util.Collection; 025import java.util.Collections; 026import java.util.Set; 027 028import org.apache.directory.shared.ldap.model.constants.AuthenticationLevel; 029 030 031/** 032 * An {@link ACIItem} which specifies {@link UserClass}es first and then 033 * {@link ProtectedItem}s each {@link UserClass} will have. (18.4.2.4. X.501) 034 * 035 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 036 */ 037public class UserFirstACIItem extends ACIItem 038{ 039 /** The serialVersionUID. */ 040 private static final long serialVersionUID = 5587483838404246148L; 041 042 /** The user classes. */ 043 private final Collection<UserClass> userClasses; 044 045 /** The user permissions. */ 046 private final Collection<UserPermission> userPermissions; 047 048 049 /** 050 * Creates a new instance. 051 * 052 * @param identificationTag 053 * the id string of this item 054 * @param precedence 055 * the precedence of this item 056 * @param authenticationLevel 057 * the level of authentication required to this item 058 * @param userClasses 059 * the collection of {@link UserClass}es this item protects 060 * @param userPermissions 061 * the collection of {@link UserPermission}s each 062 * <tt>protectedItems</tt> will have 063 */ 064 public UserFirstACIItem( String identificationTag, int precedence, AuthenticationLevel authenticationLevel, 065 Collection<UserClass> userClasses, Collection<UserPermission> userPermissions ) 066 { 067 super( identificationTag, precedence, authenticationLevel ); 068 069 this.userClasses = Collections.unmodifiableCollection( new ArrayList<UserClass>( userClasses ) ); 070 this.userPermissions = Collections.unmodifiableCollection( new ArrayList<UserPermission>( userPermissions ) ); 071 } 072 073 074 /** 075 * Gets the collection of {@link UserClass}es. 076 * 077 * @return the collection of {@link UserClass}es 078 */ 079 public Collection<UserClass> getUserClasses() 080 { 081 return userClasses; 082 } 083 084 085 /** 086 * Gets the collection of {@link UserPermission}s. 087 * 088 * @return the collection of {@link UserPermission}s 089 */ 090 public Collection<UserPermission> getUserPermission() 091 { 092 return userPermissions; 093 } 094 095 096 /** 097 * {@inheritDoc} 098 */ 099 @Override 100 public String toString() 101 { 102 StringBuilder buf = new StringBuilder(); 103 104 // identificationTag 105 buf.append( "{ identificationTag \"" ); 106 buf.append( getIdentificationTag() ); 107 buf.append( "\", " ); 108 109 // precedence 110 buf.append( "precedence " ); 111 buf.append( getPrecedence() ); 112 buf.append( ", " ); 113 114 // authenticationLevel 115 buf.append( "authenticationLevel " ); 116 buf.append( getAuthenticationLevel().getName() ); 117 buf.append( ", " ); 118 119 // itemOrUserFirst 120 buf.append( "itemOrUserFirst userFirst: { " ); 121 122 // protectedItems 123 buf.append( "userClasses { " ); 124 125 boolean isFirst = true; 126 127 for ( UserClass userClass : userClasses ) 128 { 129 if ( isFirst ) 130 { 131 isFirst = false; 132 } 133 else 134 { 135 buf.append( ", " ); 136 } 137 138 buf.append( userClass.toString() ); 139 } 140 141 buf.append( " }, " ); 142 143 // itemPermissions 144 buf.append( "userPermissions { " ); 145 146 isFirst = true; 147 148 for ( UserPermission permission : userPermissions ) 149 { 150 if ( isFirst ) 151 { 152 isFirst = false; 153 } 154 else 155 { 156 buf.append( ", " ); 157 } 158 159 buf.append( permission.toString() ); 160 } 161 162 buf.append( " } } }" ); 163 164 return buf.toString(); 165 } 166 167 168 /** 169 * {@inheritDoc} 170 */ 171 public Collection<ACITuple> toTuples() 172 { 173 Collection<ACITuple> tuples = new ArrayList<ACITuple>(); 174 175 for ( UserPermission userPermission : userPermissions ) 176 { 177 Set<GrantAndDenial> grants = userPermission.getGrants(); 178 Set<GrantAndDenial> denials = userPermission.getDenials(); 179 int precedence = userPermission.getPrecedence() != null 180 ? userPermission.getPrecedence() 181 : this.getPrecedence(); 182 183 if ( grants.size() > 0 ) 184 { 185 tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission 186 .getProtectedItems(), toMicroOperations( grants ), true, precedence ) ); 187 } 188 if ( denials.size() > 0 ) 189 { 190 tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission 191 .getProtectedItems(), toMicroOperations( denials ), false, precedence ) ); 192 } 193 } 194 return tuples; 195 } 196}