From 621d9e5c413e561293d7484b93882d985b3fe15f Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Sat, 24 Mar 2012 02:27:47 -0500 Subject: Removed unnecessary pki folder. Previously the source code was located inside a pki folder. This folder was created during svn migration and is no longer needed. This folder has now been removed and the contents have been moved up one level. Ticket #131 --- .../common/src/com/netscape/cmscore/realm/ACL.java | 193 +++++++++++++++++++++ 1 file changed, 193 insertions(+) create mode 100644 base/common/src/com/netscape/cmscore/realm/ACL.java (limited to 'base/common/src/com/netscape/cmscore/realm/ACL.java') diff --git a/base/common/src/com/netscape/cmscore/realm/ACL.java b/base/common/src/com/netscape/cmscore/realm/ACL.java new file mode 100644 index 000000000..4d7303f9d --- /dev/null +++ b/base/common/src/com/netscape/cmscore/realm/ACL.java @@ -0,0 +1,193 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cmscore.realm; + +import java.util.Enumeration; +import java.util.Vector; + +/** + * A class represents an access control list (ACL). An ACL + * is associated with an protected resources. The policy + * enforcer can verify the ACLs with the current + * context to see if the corresponding resource is accessible. + *

+ * An ACL may contain one or more ACLEntry. However, in case of multiple ACLEntry + * , a subject must pass ALL of the ACLEntry evaluation for permission to be granted + *

+ * + * @version $Revision$, $Date$ + */ +public class ACL { + + /** + * + */ + + protected Vector entries = new Vector(); // ACL entries + protected Vector rights = null; // possible rights entries + protected String resourceACLs = null; // exact resourceACLs string on ldap server + protected String name = null; // resource name + protected String description = null; // resource description + + /** + * Class constructor. + */ + public ACL() { + } + + /** + * Class constructor. + * Constructs an access control list associated + * with a resource name + * + * @param name resource name + * @param rights applicable rights defined for this resource + * @param resourceACLs the entire ACL specification. For example: + * "certServer.log.configuration:read,modify: + * allow (read,modify) + * group=\"Administrators\": + * Allow administrators to read and modify log + * configuration" + */ + public ACL(String name, Vector rights, String resourceACLs) { + setName(name); + if (rights != null) { + this.rights = rights; + } else { + this.rights = new Vector(); + } + this.resourceACLs = resourceACLs; + + } + + /** + * Sets the name of the resource governed by this + * access control. + * + * @param name name of the resource + */ + public void setName(String name) { + this.name = name; + } + + /** + * Retrieves the name of the resource governed by + * this access control. + * + * @return name of the resource + */ + public String getName() { + return name; + } + + /** + * Retrieves the exact string of the resourceACLs + * + * @return resource's acl + */ + public String getResourceACLs() { + return resourceACLs; + } + + /** + * Sets the description of the resource governed by this + * access control. + * + * @param description Description of the protected resource + */ + public void setDescription(String description) { + this.description = description; + } + + /** + * Retrieves the description of the resource governed by + * this access control. + * + * @return Description of the protected resource + */ + public String getDescription() { + return description; + } + + /** + * Adds an ACL entry to this list. + * + * @param entry the ACLEntry to be added to this resource + */ + public void addEntry(ACLEntry entry) { + entries.addElement(entry); + } + + /** + * Returns ACL entries. + * + * @return enumeration for the ACLEntry vector + */ + public Enumeration entries() { + return entries.elements(); + } + + /** + * Returns the string reprsentation. + * + * @return the string representation of the ACL entries in the + * following format: + * [,,...] + */ + public String toString() { + String entries = ""; + Enumeration e = entries(); + + for (; e.hasMoreElements();) { + ACLEntry entry = (ACLEntry) e.nextElement(); + + entries += entry.toString(); + if (e.hasMoreElements()) + entries += ","; + } + return getName() + "[" + entries + "]"; + } + + /** + * Adds an rights entry to this list. + * + * @param right The right to be added for this ACL + */ + public void addRight(String right) { + rights.addElement(right); + } + + /** + * Tells if the permission is one of the defined "rights" + * + * @param permission permission to be checked + * @return true if it's one of the "rights"; false otherwise + */ + public boolean checkRight(String permission) { + return (rights.contains((Object) permission)); + } + + /** + * Returns rights entries. + * + * @return enumeration of rights defined for this ACL + */ + public Enumeration rights() { + return rights.elements(); + } +} -- cgit