// --- BEGIN COPYRIGHT BLOCK --- // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation; version 2 of the License. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License along // with this program; if not, write to the Free Software Foundation, Inc., // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. // // (C) 2007 Red Hat, Inc. // All rights reserved. // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.acls; import java.util.Enumeration; import java.util.Vector; /** * A class represents an access control list (ACL). An ACL * is associated with an protected resources. The policy * enforcer can verify the ACLs with the current * context to see if the corresponding resource is accessible. *
* An ACL
may contain one or more ACLEntry
.
* However, in case of multiple ACLEntry
, a subject must
* pass ALL of the ACLEntry
evaluation for permission
* to be granted
*
* @version $Revision$, $Date$
*/
public class ACL implements IACL, java.io.Serializable {
protected Vector mEntries = new Vector(); // ACL entries
protected Vector mRights = null; // possible rights entries
protected String mResourceACLs = null; // exact resourceACLs string on ldap server
protected String mName = null; // resource name
protected String mDescription = null; // resource description
/**
* Class constructor.
*/
public ACL() {
}
/**
* Class constructor.
* Constructs an access control list associated
* with a resource name
* @param name resource name
* @param rights applicable rights defined for this resource
* @param resourceACLs the entire ACL specification. For example:
* "certServer.log.configuration:read,modify:
* allow (read,modify)
* group=\"Administrators\":
* Allow administrators to read and modify log
* configuration"
*/
public ACL(String name, Vector rights, String resourceACLs) {
setName(name);
if (rights != null) {
mRights = rights;
} else {
mRights = new Vector();
}
mResourceACLs = resourceACLs;
}
/**
* Sets the name of the resource governed by this
* access control.
* @param name name of the resource
*/
public void setName(String name) {
mName = name;
}
/**
* Retrieves the name of the resource governed by
* this access control.
* @return name of the resource
*/
public String getName() {
return mName;
}
/**
* Retrieves the exact string of the resourceACLs
* @return resource's acl
*/
public String getResourceACLs() {
return mResourceACLs;
}
/**
* Sets the description of the resource governed by this
* access control.
* @param description Description of the protected resource
*/
public void setDescription(String description) {
mDescription = description;
}
/**
* Retrieves the description of the resource governed by
* this access control.
* @return Description of the protected resource
*/
public String getDescription() {
return mDescription;
}
/**
* Adds an ACL entry to this list.
* @param entry the ACLEntry
to be added to this resource
*/
public void addEntry(ACLEntry entry) {
mEntries.addElement(entry);
}
/**
* Returns ACL entries.
* @return enumeration for the ACLEntry
vector
*/
public Enumeration entries() {
return mEntries.elements();
}
/**
* Returns the string reprsentation.
* @return the string representation of the ACL entries in the
* following format:
*