diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-24 02:27:47 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-26 11:43:54 -0500 |
commit | 621d9e5c413e561293d7484b93882d985b3fe15f (patch) | |
tree | 638f3d75761c121d9a8fb50b52a12a6686c5ac5c /base/util/src/netscape/security/acl/AclEntryImpl.java | |
parent | 40d3643b8d91886bf210aa27f711731c81a11e49 (diff) | |
download | pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.gz pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.xz pki-621d9e5c413e561293d7484b93882d985b3fe15f.zip |
Removed unnecessary pki folder.
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
Diffstat (limited to 'base/util/src/netscape/security/acl/AclEntryImpl.java')
-rw-r--r-- | base/util/src/netscape/security/acl/AclEntryImpl.java | 182 |
1 files changed, 182 insertions, 0 deletions
diff --git a/base/util/src/netscape/security/acl/AclEntryImpl.java b/base/util/src/netscape/security/acl/AclEntryImpl.java new file mode 100644 index 000000000..46365f5d8 --- /dev/null +++ b/base/util/src/netscape/security/acl/AclEntryImpl.java @@ -0,0 +1,182 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package netscape.security.acl; + +import java.security.Principal; +import java.security.acl.AclEntry; +import java.security.acl.Group; +import java.security.acl.Permission; +import java.util.Enumeration; +import java.util.Vector; + +/** + * This is a class that describes one entry that associates users + * or groups with permissions in the ACL. + * The entry may be used as a way of granting or denying permissions. + * + * @author Satish Dharmaraj + */ +public class AclEntryImpl implements AclEntry { + private Principal user = null; + private Vector<Permission> permissionSet = new Vector<Permission>(10, 10); + private boolean negative = false; + + /** + * Construct an ACL entry that associates a user with permissions + * in the ACL. + * + * @param user The user that is associated with this entry. + */ + public AclEntryImpl(Principal user) { + this.user = user; + } + + /** + * Construct a null ACL entry + */ + public AclEntryImpl() { + } + + /** + * Sets the principal in the entity. If a group or a + * principal had already been set, a false value is + * returned, otherwise a true value is returned. + * + * @param user The user that is associated with this entry. + * @return true if the principal is set, false if there is + * one already. + */ + public boolean setPrincipal(Principal user) { + if (this.user != null) + return false; + this.user = user; + return true; + } + + /** + * This method sets the ACL to have negative permissions. + * That is the user or group is denied the permission set + * specified in the entry. + */ + public void setNegativePermissions() { + negative = true; + } + + /** + * Returns true if this is a negative ACL. + */ + public boolean isNegative() { + return negative; + } + + /** + * A principal or a group can be associated with multiple + * permissions. This method adds a permission to the ACL entry. + * + * @param permission The permission to be associated with + * the principal or the group in the entry. + * @return true if the permission was added, false if the + * permission was already part of the permission set. + */ + public boolean addPermission(Permission permission) { + + if (permissionSet.contains(permission)) + return false; + + permissionSet.addElement(permission); + + return true; + } + + /** + * The method disassociates the permission from the Principal + * or the Group in this ACL entry. + * + * @param permission The permission to be disassociated with + * the principal or the group in the entry. + * @return true if the permission is removed, false if the + * permission is not part of the permission set. + */ + public boolean removePermission(Permission permission) { + return permissionSet.removeElement(permission); + } + + /** + * Checks if the passed permission is part of the allowed + * permission set in this entry. + * + * @param permission The permission that has to be part of + * the permission set in the entry. + * @return true if the permission passed is part of the + * permission set in the entry, false otherwise. + */ + public boolean checkPermission(Permission permission) { + return permissionSet.contains(permission); + } + + /** + * return an enumeration of the permissions in this ACL entry. + */ + public Enumeration<Permission> permissions() { + return permissionSet.elements(); + } + + /** + * Return a string representation of the contents of the ACL entry. + */ + public String toString() { + StringBuffer s = new StringBuffer(); + if (negative) + s.append("-"); + else + s.append("+"); + if (user instanceof Group) + s.append("Group."); + else + s.append("User."); + s.append(user + "="); + Enumeration<Permission> e = permissions(); + while (e.hasMoreElements()) { + Permission p = (Permission) e.nextElement(); + s.append(p); + if (e.hasMoreElements()) + s.append(","); + } + return new String(s); + } + + /** + * Clones an AclEntry. + */ + public synchronized Object clone() { + AclEntryImpl cloned; + cloned = new AclEntryImpl(user); + cloned.permissionSet = new Vector<Permission>(permissionSet); + cloned.negative = negative; + return cloned; + } + + /** + * Return the Principal associated in this ACL entry. + * The method returns null if the entry uses a group + * instead of a principal. + */ + public Principal getPrincipal() { + return user; + } +} |