1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
|
// --- BEGIN COPYRIGHT BLOCK ---
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; version 2 of the License.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License along
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
//
// (C) 2007 Red Hat, Inc.
// All rights reserved.
// --- END COPYRIGHT BLOCK ---
package netscape.security.acl;
import java.util.*;
import java.io.*;
import java.security.Principal;
import java.security.acl.*;
/**
* This is a class that describes one entry that associates users
* or groups with permissions in the ACL.
* The entry may be used as a way of granting or denying permissions.
* @author Satish Dharmaraj
*/
public class AclEntryImpl implements AclEntry {
private Principal user = null;
private Vector permissionSet = new Vector(10, 10);
private boolean negative = false;
/**
* Construct an ACL entry that associates a user with permissions
* in the ACL.
* @param user The user that is associated with this entry.
*/
public AclEntryImpl(Principal user) {
this.user = user;
}
/**
* Construct a null ACL entry
*/
public AclEntryImpl() {
}
/**
* Sets the principal in the entity. If a group or a
* principal had already been set, a false value is
* returned, otherwise a true value is returned.
* @param user The user that is associated with this entry.
* @return true if the principal is set, false if there is
* one already.
*/
public boolean setPrincipal(Principal user) {
if (this.user != null)
return false;
this.user = user;
return true;
}
/**
* This method sets the ACL to have negative permissions.
* That is the user or group is denied the permission set
* specified in the entry.
*/
public void setNegativePermissions() {
negative = true;
}
/**
* Returns true if this is a negative ACL.
*/
public boolean isNegative() {
return negative;
}
/**
* A principal or a group can be associated with multiple
* permissions. This method adds a permission to the ACL entry.
* @param permission The permission to be associated with
* the principal or the group in the entry.
* @return true if the permission was added, false if the
* permission was already part of the permission set.
*/
public boolean addPermission(Permission permission) {
if (permissionSet.contains(permission))
return false;
permissionSet.addElement(permission);
return true;
}
/**
* The method disassociates the permission from the Principal
* or the Group in this ACL entry.
* @param permission The permission to be disassociated with
* the principal or the group in the entry.
* @return true if the permission is removed, false if the
* permission is not part of the permission set.
*/
public boolean removePermission(Permission permission) {
return permissionSet.removeElement(permission);
}
/**
* Checks if the passed permission is part of the allowed
* permission set in this entry.
* @param permission The permission that has to be part of
* the permission set in the entry.
* @return true if the permission passed is part of the
* permission set in the entry, false otherwise.
*/
public boolean checkPermission(Permission permission) {
return permissionSet.contains(permission);
}
/**
* return an enumeration of the permissions in this ACL entry.
*/
public Enumeration permissions() {
return permissionSet.elements();
}
/**
* Return a string representation of the contents of the ACL entry.
*/
public String toString() {
StringBuffer s = new StringBuffer();
if (negative)
s.append("-");
else
s.append("+");
if (user instanceof Group)
s.append("Group.");
else
s.append("User.");
s.append(user + "=");
Enumeration e = permissions();
while(e.hasMoreElements()) {
Permission p = (Permission) e.nextElement();
s.append(p);
if (e.hasMoreElements())
s.append(",");
}
return new String(s);
}
/**
* Clones an AclEntry.
*/
public synchronized Object clone() {
AclEntryImpl cloned;
cloned = new AclEntryImpl(user);
cloned.permissionSet = (Vector) permissionSet.clone();
cloned.negative = negative;
return cloned;
}
/**
* Return the Principal associated in this ACL entry.
* The method returns null if the entry uses a group
* instead of a principal.
*/
public Principal getPrincipal() {
return user;
}
}
|
