diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/certsrv/acls')
6 files changed, 116 insertions, 98 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java index 5c0c55c61..476bd793c 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java @@ -17,22 +17,19 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; - import java.util.Enumeration; import java.util.Vector; - /** - * A class represents an access control list (ACL). An ACL - * is associated with an protected resources. The policy - * enforcer can verify the ACLs with the current - * context to see if the corresponding resource is accessible. + * A class represents an access control list (ACL). An ACL is associated with an + * protected resources. The policy enforcer can verify the ACLs with the current + * context to see if the corresponding resource is accessible. * <P> - * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. - * However, in case of multiple <code>ACLEntry</code>, a subject must - * pass ALL of the <code>ACLEntry</code> evaluation for permission - * to be granted + * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, + * in case of multiple <code>ACLEntry</code>, a subject must pass ALL of the + * <code>ACLEntry</code> evaluation for permission to be granted * <P> + * * @version $Revision$, $Date$ */ public class ACL implements IACL, java.io.Serializable { @@ -43,7 +40,8 @@ public class ACL implements IACL, java.io.Serializable { private static final long serialVersionUID = -1867465948611161868L; protected Vector mEntries = new Vector(); // ACL entries protected Vector mRights = null; // possible rights entries - protected String mResourceACLs = null; // exact resourceACLs string on ldap server + protected String mResourceACLs = null; // exact resourceACLs string on ldap + // server protected String mName = null; // resource name protected String mDescription = null; // resource description @@ -54,17 +52,15 @@ public class ACL implements IACL, java.io.Serializable { } /** - * Class constructor. - * Constructs an access control list associated - * with a resource name + * Class constructor. Constructs an access control list associated with a + * resource name + * * @param name resource name * @param rights applicable rights defined for this resource * @param resourceACLs the entire ACL specification. For example: - * "certServer.log.configuration:read,modify: - * allow (read,modify) - * group=\"Administrators\": - * Allow administrators to read and modify log - * configuration" + * "certServer.log.configuration:read,modify: allow (read,modify) + * group=\"Administrators\": Allow administrators to read and + * modify log configuration" */ public ACL(String name, Vector rights, String resourceACLs) { setName(name); @@ -78,17 +74,17 @@ public class ACL implements IACL, java.io.Serializable { } /** - * Sets the name of the resource governed by this - * access control. + * Sets the name of the resource governed by this access control. + * * @param name name of the resource */ public void setName(String name) { mName = name; } - + /** - * Retrieves the name of the resource governed by - * this access control. + * Retrieves the name of the resource governed by this access control. + * * @return name of the resource */ public String getName() { @@ -97,6 +93,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Retrieves the exact string of the resourceACLs + * * @return resource's acl */ public String getResourceACLs() { @@ -104,17 +101,18 @@ public class ACL implements IACL, java.io.Serializable { } /** - * Sets the description of the resource governed by this - * access control. + * Sets the description of the resource governed by this access control. + * * @param description Description of the protected resource */ public void setDescription(String description) { mDescription = description; } - + /** - * Retrieves the description of the resource governed by - * this access control. + * Retrieves the description of the resource governed by this access + * control. + * * @return Description of the protected resource */ public String getDescription() { @@ -123,6 +121,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Adds an ACL entry to this list. + * * @param entry the <code>ACLEntry</code> to be added to this resource */ public void addEntry(ACLEntry entry) { @@ -131,6 +130,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Returns ACL entries. + * * @return enumeration for the <code>ACLEntry</code> vector */ public Enumeration entries() { @@ -139,9 +139,9 @@ public class ACL implements IACL, java.io.Serializable { /** * Returns the string reprsentation. - * @return the string representation of the ACL entries in the - * following format: - * <resource name>[<ACLEntry1>,<ACLEntry 2>,...<ACLEntry N>] + * + * @return the string representation of the ACL entries in the following + * format: <resource name>[<ACLEntry1>,<ACLEntry 2>,...<ACLEntry N>] */ public String toString() { String entries = ""; @@ -159,6 +159,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Adds an rights entry to this list. + * * @param right The right to be added for this ACL */ public void addRight(String right) { @@ -167,6 +168,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Tells if the permission is one of the defined "rights" + * * @param permission permission to be checked * @return true if it's one of the "rights"; false otherwise */ @@ -176,6 +178,7 @@ public class ACL implements IACL, java.io.Serializable { /** * Returns rights entries. + * * @return enumeration of rights defined for this ACL */ public Enumeration rights() { diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java b/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java index 208361286..31d15eb54 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java @@ -17,15 +17,14 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; - import java.util.Enumeration; import java.util.Hashtable; import java.util.StringTokenizer; - /** * A class represents an ACI entry of an access control list. * <P> + * * @version $Revision$, $Date$ */ public class ACLEntry implements IACLEntry, java.io.Serializable { @@ -47,8 +46,9 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Checks if this ACL entry is set to negative. - * @return true if this ACL entry expression is for "deny"; - * false if this ACL entry expression is for "allow" + * + * @return true if this ACL entry expression is for "deny"; false if this + * ACL entry expression is for "allow" */ public boolean isNegative() { return mNegative; @@ -63,8 +63,10 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Sets the ACL entry string + * * @param s string in the following format: - * <PRE> + * + * <PRE> * allow|deny (right[,right...]) attribute_expression * </PRE> */ @@ -72,10 +74,12 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { mACLEntryString = s; } - /** + /** * Gets the ACL Entry String + * * @return ACL Entry string in the following format: - * <PRE> + * + * <PRE> * allow|deny (right[,right...]) attribute_expression * </PRE> */ @@ -84,11 +88,12 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { } /** - * Adds permission to this entry. Permission must be one of the - * "rights" defined for each protected resource in its ACL + * Adds permission to this entry. Permission must be one of the "rights" + * defined for each protected resource in its ACL + * * @param acl the acl instance that this aclEntry is associated with - * @param permission one of the "rights" defined for each - * protected resource in its ACL + * @param permission one of the "rights" defined for each protected resource + * in its ACL */ public void addPermission(IACL acl, String permission) { if (acl.checkRight(permission) == true) { @@ -99,8 +104,8 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { } /** - * Returns a list of permissions associated with - * this entry. + * Returns a list of permissions associated with this entry. + * * @return a list of permissions for this ACL entry */ public Enumeration permissions() { @@ -109,8 +114,9 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Sets the expression associated with this entry. + * * @param expressions the evaluator expressions. For example, - * group="Administrators" + * group="Administrators" */ public void setAttributeExpressions(String expressions) { mExpressions = expressions; @@ -118,20 +124,21 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Retrieves the expression associated with this entry. - * @return the evaluator expressions. For example, - * group="Administrators" + * + * @return the evaluator expressions. For example, group="Administrators" */ public String getAttributeExpressions() { return mExpressions; } /** - * Checks to see if this <code>ACLEntry</code> contains a - * particular permission - * @param permission one of the "rights" defined for each - * protected resource in its ACL - * @return true if permission contained in the permission list - * for this <code>ACLEntry</code>; false otherwise. + * Checks to see if this <code>ACLEntry</code> contains a particular + * permission + * + * @param permission one of the "rights" defined for each protected resource + * in its ACL + * @return true if permission contained in the permission list for this + * <code>ACLEntry</code>; false otherwise. */ public boolean containPermission(String permission) { return (mPerms.get(permission) != null); @@ -139,15 +146,16 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Checks if this entry has the given permission. - * @param permission one of the "rights" defined for each - * protected resource in its ACL - * @return true if the permission is allowed; false if the - * permission is denied. If a permission is not - * recognized by this ACL, it is considered denied + * + * @param permission one of the "rights" defined for each protected resource + * in its ACL + * @return true if the permission is allowed; false if the permission is + * denied. If a permission is not recognized by this ACL, it is + * considered denied */ public boolean checkPermission(String permission) { // default - if we dont know about the requested permission, - // don't grant permission + // don't grant permission if (mPerms.get(permission) == null) return false; if (isNegative()) { @@ -159,10 +167,13 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Parse string in the following format: + * * <PRE> * allow|deny (right[,right...]) attribute_expression * </PRE> + * * into an instance of the <code>ACLEntry</code> class + * * @param acl the acl instance associated with this aclentry * @param aclEntryString aclEntryString in the specified format * @return an instance of the <code>ACLEntry</code> class @@ -175,7 +186,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { String te = aclEntryString.trim(); // locate first space - int i = te.indexOf(' '); + int i = te.indexOf(' '); // prefix should be "allowed" or "deny" String prefix = te.substring(0, i); String suffix = te.substring(i + 1).trim(); @@ -189,7 +200,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { return null; } // locate the second space - i = suffix.indexOf(' '); + i = suffix.indexOf(' '); // this prefix should be rights list, delimited by "," prefix = suffix.substring(1, i - 1); // the suffix is the rest, which is the "expressions" @@ -206,6 +217,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Returns the string representation of this ACLEntry + * * @return string representation of this ACLEntry */ public String toString() { diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java b/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java index 878fe1639..9dc6d4ee4 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java @@ -20,10 +20,9 @@ package com.netscape.certsrv.acls; import java.util.ListResourceBundle; /** - * A class represents a resource bundle for the entire ACL component. - * system. + * A class represents a resource bundle for the entire ACL component. system. * <P> - * + * * @deprecated * @version $Revision$, $Date$ */ @@ -31,13 +30,14 @@ public class ACLsResources extends ListResourceBundle { /** * Returns the content of this resource. + * * @return the content of this resource. */ public Object[][] getContents() { return contents; } - /** + /** * A set of constants for localized error messages. */ static final Object[][] contents = {}; diff --git a/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java b/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java index e79bd7242..96a9b7b97 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java @@ -17,21 +17,18 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; - import java.util.Locale; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.MessageFormatter; - /** - * A class represents an acls exception. Note that this is - * an Runtime exception so that methods used AccessManager - * do not have to explicity declare this exception. This - * allows AccessManager to be easily integrated into any + * A class represents an acls exception. Note that this is an Runtime exception + * so that methods used AccessManager do not have to explicity declare this + * exception. This allows AccessManager to be easily integrated into any * existing code. * <P> - * + * * @version $Revision$, $Date$ */ public class EACLsException extends EBaseException { @@ -44,10 +41,11 @@ public class EACLsException extends EBaseException { * resource class name */ private static final String ACL_RESOURCES = ACLsResources.class.getName(); - + /** * Constructs an acls exception. * <P> + * * @param msgFormat exception details */ public EACLsException(String msgFormat) { @@ -57,11 +55,12 @@ public class EACLsException extends EBaseException { /** * Constructs a base exception with a parameter. For example, + * * <PRE> - * new EACLsException("failed to load {0}", fileName); + * new EACLsException("failed to load {0}", fileName); * </PRE> * <P> - * + * * @param msgFormat exception details in message string format * @param param message string parameter */ @@ -72,9 +71,9 @@ public class EACLsException extends EBaseException { } /** - * Constructs a base exception. It can be used to carry - * a system exception that may contain information about - * the context. For example, + * Constructs a base exception. It can be used to carry a system exception + * that may contain information about the context. For example, + * * <PRE> * try { * ... @@ -83,7 +82,7 @@ public class EACLsException extends EBaseException { * } * </PRE> * <P> - * + * * @param msgFormat exception details in message string format * @param param system exception */ @@ -94,10 +93,10 @@ public class EACLsException extends EBaseException { } /** - * Constructs a base exception with a list of parameters - * that will be substituted into the message format. + * Constructs a base exception with a list of parameters that will be + * substituted into the message format. * <P> - * + * * @param msgFormat exception details in message string format * @param params list of message format parameters */ @@ -109,7 +108,7 @@ public class EACLsException extends EBaseException { /** * Returns a list of parameters. * <P> - * + * * @return list of message format parameters */ public Object[] getParameters() { @@ -118,6 +117,7 @@ public class EACLsException extends EBaseException { /** * String representation for the corresponding exception. + * * @return String representation for the corresponding exception. */ public String toString() { @@ -126,6 +126,7 @@ public class EACLsException extends EBaseException { /** * Returns string representation for the corresponding exception. + * * @param locale client specified locale for string representation. * @return String representation for the corresponding exception. */ @@ -136,6 +137,7 @@ public class EACLsException extends EBaseException { /** * Return the class name of the resource bundle. + * * @return class name of the resource bundle. */ protected String getBundleName() { diff --git a/pki/base/common/src/com/netscape/certsrv/acls/IACL.java b/pki/base/common/src/com/netscape/certsrv/acls/IACL.java index 892bd490a..b136f621b 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/IACL.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/IACL.java @@ -17,49 +17,52 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; - import java.util.Enumeration; - /** - * A class represents an access control list (ACL). An ACL - * is associated with a protected resource. The policy - * enforcer can verify the ACLs with the current - * context to see if the corresponding resource is accessible. + * A class represents an access control list (ACL). An ACL is associated with a + * protected resource. The policy enforcer can verify the ACLs with the current + * context to see if the corresponding resource is accessible. * <P> * * @version $Revision$, $Date$ */ -public interface IACL { +public interface IACL { /** * Returns the name of the current ACL. + * * @return the name of the current ACL. */ public String getName(); /** * Returns the description of the current ACL. + * * @return the description of the current ACL. */ - public String getDescription(); + public String getDescription(); /** * Returns a list of access rights of the current ACL. + * * @return a list of access rights */ - public Enumeration rights(); + public Enumeration rights(); /** * Returns a list of entries of the current ACL. + * * @return a list of entries */ public Enumeration entries(); /** * Verifies if permission is granted. + * * @param permission one of the applicable rights - * @return true if the given permission is one of the applicable rights; false otherwise. + * @return true if the given permission is one of the applicable rights; + * false otherwise. */ public boolean checkRight(String permission); } diff --git a/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java b/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java index f91ef38bb..ff806f155 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java @@ -17,19 +17,17 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; - - - /** * A class represents an entry of access control list. * <P> * * @version $Revision$, $Date$ */ -public interface IACLEntry { +public interface IACLEntry { /** * Returns the ACL entry string of the entry. + * * @return the ACL entry string of the entry. */ public String getACLEntryString(); |