diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/certsrv/acls')
6 files changed, 98 insertions, 116 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java index 476bd793..5c0c55c6 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java @@ -17,19 +17,22 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; + import java.util.Enumeration; import java.util.Vector; + /** - * A class represents an access control list (ACL). An ACL is associated with an - * protected resources. The policy enforcer can verify the ACLs with the current - * context to see if the corresponding resource is accessible. + * A class represents an access control list (ACL). An ACL + * is associated with an protected resources. The policy + * enforcer can verify the ACLs with the current + * context to see if the corresponding resource is accessible. * <P> - * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, - * in case of multiple <code>ACLEntry</code>, a subject must pass ALL of the - * <code>ACLEntry</code> evaluation for permission to be granted + * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. + * However, in case of multiple <code>ACLEntry</code>, a subject must + * pass ALL of the <code>ACLEntry</code> evaluation for permission + * to be granted * <P> - * * @version $Revision$, $Date$ */ public class ACL implements IACL, java.io.Serializable { @@ -40,8 +43,7 @@ public class ACL implements IACL, java.io.Serializable { private static final long serialVersionUID = -1867465948611161868L; protected Vector mEntries = new Vector(); // ACL entries protected Vector mRights = null; // possible rights entries - protected String mResourceACLs = null; // exact resourceACLs string on ldap - // server + protected String mResourceACLs = null; // exact resourceACLs string on ldap server protected String mName = null; // resource name protected String mDescription = null; // resource description @@ -52,15 +54,17 @@ public class ACL implements IACL, java.io.Serializable { } /** - * Class constructor. Constructs an access control list associated with a - * resource name - * + * Class constructor. + * Constructs an access control list associated + * with a resource name * @param name resource name * @param rights applicable rights defined for this resource * @param resourceACLs the entire ACL specification. For example: - * "certServer.log.configuration:read,modify: allow (read,modify) - * group=\"Administrators\": Allow administrators to read and - * modify log configuration" + * "certServer.log.configuration:read,modify: + * allow (read,modify) + * group=\"Administrators\": + * Allow administrators to read and modify log + * configuration" */ public ACL(String name, Vector rights, String resourceACLs) { setName(name); @@ -74,17 +78,17 @@ public class ACL implements IACL, java.io.Serializable { } /** - * Sets the name of the resource governed by this access control. - * + * Sets the name of the resource governed by this + * access control. * @param name name of the resource */ public void setName(String name) { mName = name; } - + /** - * Retrieves the name of the resource governed by this access control. - * + * Retrieves the name of the resource governed by + * this access control. * @return name of the resource */ public String getName() { @@ -93,7 +97,6 @@ public class ACL implements IACL, java.io.Serializable { /** * Retrieves the exact string of the resourceACLs - * * @return resource's acl */ public String getResourceACLs() { @@ -101,18 +104,17 @@ public class ACL implements IACL, java.io.Serializable { } /** - * Sets the description of the resource governed by this access control. - * + * Sets the description of the resource governed by this + * access control. * @param description Description of the protected resource */ public void setDescription(String description) { mDescription = description; } - + /** - * Retrieves the description of the resource governed by this access - * control. - * + * Retrieves the description of the resource governed by + * this access control. * @return Description of the protected resource */ public String getDescription() { @@ -121,7 +123,6 @@ public class ACL implements IACL, java.io.Serializable { /** * Adds an ACL entry to this list. - * * @param entry the <code>ACLEntry</code> to be added to this resource */ public void addEntry(ACLEntry entry) { @@ -130,7 +131,6 @@ public class ACL implements IACL, java.io.Serializable { /** * Returns ACL entries. - * * @return enumeration for the <code>ACLEntry</code> vector */ public Enumeration entries() { @@ -139,9 +139,9 @@ public class ACL implements IACL, java.io.Serializable { /** * Returns the string reprsentation. - * - * @return the string representation of the ACL entries in the following - * format: <resource name>[<ACLEntry1>,<ACLEntry 2>,...<ACLEntry N>] + * @return the string representation of the ACL entries in the + * following format: + * <resource name>[<ACLEntry1>,<ACLEntry 2>,...<ACLEntry N>] */ public String toString() { String entries = ""; @@ -159,7 +159,6 @@ public class ACL implements IACL, java.io.Serializable { /** * Adds an rights entry to this list. - * * @param right The right to be added for this ACL */ public void addRight(String right) { @@ -168,7 +167,6 @@ public class ACL implements IACL, java.io.Serializable { /** * Tells if the permission is one of the defined "rights" - * * @param permission permission to be checked * @return true if it's one of the "rights"; false otherwise */ @@ -178,7 +176,6 @@ public class ACL implements IACL, java.io.Serializable { /** * Returns rights entries. - * * @return enumeration of rights defined for this ACL */ public Enumeration rights() { diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java b/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java index 31d15eb5..20836128 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/ACLEntry.java @@ -17,14 +17,15 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; + import java.util.Enumeration; import java.util.Hashtable; import java.util.StringTokenizer; + /** * A class represents an ACI entry of an access control list. * <P> - * * @version $Revision$, $Date$ */ public class ACLEntry implements IACLEntry, java.io.Serializable { @@ -46,9 +47,8 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Checks if this ACL entry is set to negative. - * - * @return true if this ACL entry expression is for "deny"; false if this - * ACL entry expression is for "allow" + * @return true if this ACL entry expression is for "deny"; + * false if this ACL entry expression is for "allow" */ public boolean isNegative() { return mNegative; @@ -63,10 +63,8 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Sets the ACL entry string - * * @param s string in the following format: - * - * <PRE> + * <PRE> * allow|deny (right[,right...]) attribute_expression * </PRE> */ @@ -74,12 +72,10 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { mACLEntryString = s; } - /** + /** * Gets the ACL Entry String - * * @return ACL Entry string in the following format: - * - * <PRE> + * <PRE> * allow|deny (right[,right...]) attribute_expression * </PRE> */ @@ -88,12 +84,11 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { } /** - * Adds permission to this entry. Permission must be one of the "rights" - * defined for each protected resource in its ACL - * + * Adds permission to this entry. Permission must be one of the + * "rights" defined for each protected resource in its ACL * @param acl the acl instance that this aclEntry is associated with - * @param permission one of the "rights" defined for each protected resource - * in its ACL + * @param permission one of the "rights" defined for each + * protected resource in its ACL */ public void addPermission(IACL acl, String permission) { if (acl.checkRight(permission) == true) { @@ -104,8 +99,8 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { } /** - * Returns a list of permissions associated with this entry. - * + * Returns a list of permissions associated with + * this entry. * @return a list of permissions for this ACL entry */ public Enumeration permissions() { @@ -114,9 +109,8 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Sets the expression associated with this entry. - * * @param expressions the evaluator expressions. For example, - * group="Administrators" + * group="Administrators" */ public void setAttributeExpressions(String expressions) { mExpressions = expressions; @@ -124,21 +118,20 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Retrieves the expression associated with this entry. - * - * @return the evaluator expressions. For example, group="Administrators" + * @return the evaluator expressions. For example, + * group="Administrators" */ public String getAttributeExpressions() { return mExpressions; } /** - * Checks to see if this <code>ACLEntry</code> contains a particular - * permission - * - * @param permission one of the "rights" defined for each protected resource - * in its ACL - * @return true if permission contained in the permission list for this - * <code>ACLEntry</code>; false otherwise. + * Checks to see if this <code>ACLEntry</code> contains a + * particular permission + * @param permission one of the "rights" defined for each + * protected resource in its ACL + * @return true if permission contained in the permission list + * for this <code>ACLEntry</code>; false otherwise. */ public boolean containPermission(String permission) { return (mPerms.get(permission) != null); @@ -146,16 +139,15 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Checks if this entry has the given permission. - * - * @param permission one of the "rights" defined for each protected resource - * in its ACL - * @return true if the permission is allowed; false if the permission is - * denied. If a permission is not recognized by this ACL, it is - * considered denied + * @param permission one of the "rights" defined for each + * protected resource in its ACL + * @return true if the permission is allowed; false if the + * permission is denied. If a permission is not + * recognized by this ACL, it is considered denied */ public boolean checkPermission(String permission) { // default - if we dont know about the requested permission, - // don't grant permission + // don't grant permission if (mPerms.get(permission) == null) return false; if (isNegative()) { @@ -167,13 +159,10 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Parse string in the following format: - * * <PRE> * allow|deny (right[,right...]) attribute_expression * </PRE> - * * into an instance of the <code>ACLEntry</code> class - * * @param acl the acl instance associated with this aclentry * @param aclEntryString aclEntryString in the specified format * @return an instance of the <code>ACLEntry</code> class @@ -186,7 +175,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { String te = aclEntryString.trim(); // locate first space - int i = te.indexOf(' '); + int i = te.indexOf(' '); // prefix should be "allowed" or "deny" String prefix = te.substring(0, i); String suffix = te.substring(i + 1).trim(); @@ -200,7 +189,7 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { return null; } // locate the second space - i = suffix.indexOf(' '); + i = suffix.indexOf(' '); // this prefix should be rights list, delimited by "," prefix = suffix.substring(1, i - 1); // the suffix is the rest, which is the "expressions" @@ -217,7 +206,6 @@ public class ACLEntry implements IACLEntry, java.io.Serializable { /** * Returns the string representation of this ACLEntry - * * @return string representation of this ACLEntry */ public String toString() { diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java b/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java index 9dc6d4ee..878fe163 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/ACLsResources.java @@ -20,9 +20,10 @@ package com.netscape.certsrv.acls; import java.util.ListResourceBundle; /** - * A class represents a resource bundle for the entire ACL component. system. + * A class represents a resource bundle for the entire ACL component. + * system. * <P> - * + * * @deprecated * @version $Revision$, $Date$ */ @@ -30,14 +31,13 @@ public class ACLsResources extends ListResourceBundle { /** * Returns the content of this resource. - * * @return the content of this resource. */ public Object[][] getContents() { return contents; } - /** + /** * A set of constants for localized error messages. */ static final Object[][] contents = {}; diff --git a/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java b/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java index 96a9b7b9..e79bd724 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/EACLsException.java @@ -17,18 +17,21 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; + import java.util.Locale; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.MessageFormatter; + /** - * A class represents an acls exception. Note that this is an Runtime exception - * so that methods used AccessManager do not have to explicity declare this - * exception. This allows AccessManager to be easily integrated into any + * A class represents an acls exception. Note that this is + * an Runtime exception so that methods used AccessManager + * do not have to explicity declare this exception. This + * allows AccessManager to be easily integrated into any * existing code. * <P> - * + * * @version $Revision$, $Date$ */ public class EACLsException extends EBaseException { @@ -41,11 +44,10 @@ public class EACLsException extends EBaseException { * resource class name */ private static final String ACL_RESOURCES = ACLsResources.class.getName(); - + /** * Constructs an acls exception. * <P> - * * @param msgFormat exception details */ public EACLsException(String msgFormat) { @@ -55,12 +57,11 @@ public class EACLsException extends EBaseException { /** * Constructs a base exception with a parameter. For example, - * * <PRE> - * new EACLsException("failed to load {0}", fileName); + * new EACLsException("failed to load {0}", fileName); * </PRE> * <P> - * + * * @param msgFormat exception details in message string format * @param param message string parameter */ @@ -71,9 +72,9 @@ public class EACLsException extends EBaseException { } /** - * Constructs a base exception. It can be used to carry a system exception - * that may contain information about the context. For example, - * + * Constructs a base exception. It can be used to carry + * a system exception that may contain information about + * the context. For example, * <PRE> * try { * ... @@ -82,7 +83,7 @@ public class EACLsException extends EBaseException { * } * </PRE> * <P> - * + * * @param msgFormat exception details in message string format * @param param system exception */ @@ -93,10 +94,10 @@ public class EACLsException extends EBaseException { } /** - * Constructs a base exception with a list of parameters that will be - * substituted into the message format. + * Constructs a base exception with a list of parameters + * that will be substituted into the message format. * <P> - * + * * @param msgFormat exception details in message string format * @param params list of message format parameters */ @@ -108,7 +109,7 @@ public class EACLsException extends EBaseException { /** * Returns a list of parameters. * <P> - * + * * @return list of message format parameters */ public Object[] getParameters() { @@ -117,7 +118,6 @@ public class EACLsException extends EBaseException { /** * String representation for the corresponding exception. - * * @return String representation for the corresponding exception. */ public String toString() { @@ -126,7 +126,6 @@ public class EACLsException extends EBaseException { /** * Returns string representation for the corresponding exception. - * * @param locale client specified locale for string representation. * @return String representation for the corresponding exception. */ @@ -137,7 +136,6 @@ public class EACLsException extends EBaseException { /** * Return the class name of the resource bundle. - * * @return class name of the resource bundle. */ protected String getBundleName() { diff --git a/pki/base/common/src/com/netscape/certsrv/acls/IACL.java b/pki/base/common/src/com/netscape/certsrv/acls/IACL.java index b136f621..892bd490 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/IACL.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/IACL.java @@ -17,52 +17,49 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; + import java.util.Enumeration; + /** - * A class represents an access control list (ACL). An ACL is associated with a - * protected resource. The policy enforcer can verify the ACLs with the current - * context to see if the corresponding resource is accessible. + * A class represents an access control list (ACL). An ACL + * is associated with a protected resource. The policy + * enforcer can verify the ACLs with the current + * context to see if the corresponding resource is accessible. * <P> * * @version $Revision$, $Date$ */ -public interface IACL { +public interface IACL { /** * Returns the name of the current ACL. - * * @return the name of the current ACL. */ public String getName(); /** * Returns the description of the current ACL. - * * @return the description of the current ACL. */ - public String getDescription(); + public String getDescription(); /** * Returns a list of access rights of the current ACL. - * * @return a list of access rights */ - public Enumeration rights(); + public Enumeration rights(); /** * Returns a list of entries of the current ACL. - * * @return a list of entries */ public Enumeration entries(); /** * Verifies if permission is granted. - * * @param permission one of the applicable rights - * @return true if the given permission is one of the applicable rights; - * false otherwise. + * @return true if the given permission is one of the applicable rights; false otherwise. */ public boolean checkRight(String permission); } diff --git a/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java b/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java index ff806f15..f91ef38b 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/IACLEntry.java @@ -17,17 +17,19 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; + + + /** * A class represents an entry of access control list. * <P> * * @version $Revision$, $Date$ */ -public interface IACLEntry { +public interface IACLEntry { /** * Returns the ACL entry string of the entry. - * * @return the ACL entry string of the entry. */ public String getACLEntryString(); |