portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wea...@apache.org
Subject cvs commit: jakarta-jetspeed-2/components/security/src/java/org/apache/jetspeed/security PortletPermission.java PortletPermissionCollection.java
Date Fri, 16 Jul 2004 19:27:19 GMT
weaver      2004/07/16 12:27:19

  Added:       commons/src/java/org/apache/jetspeed/security
                        PortletPermission.java
                        PortletPermissionCollection.java
  Removed:     components/security/src/java/org/apache/jetspeed/security
                        PortletPermission.java
                        PortletPermissionCollection.java
  Log:
  moved to commons
  
  Revision  Changes    Path
  1.1                  jakarta-jetspeed-2/commons/src/java/org/apache/jetspeed/security/PortletPermission.java
  
  Index: PortletPermission.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.security.AccessController;
  import java.security.AccessControlContext;
  import java.security.Permission;
  import java.security.PermissionCollection;
  import java.util.StringTokenizer;
  
  import javax.security.auth.Subject;
  
  /**
   * <p>Portlet permission.</p>
   * <p>This code was partially inspired from articles from:</p>
   * <ul>
   *    <li><a href="http://www-106.ibm.com/developerworks/library/j-jaas/">
   *    Extend JAAS for class instance-level authorization.</a></li>
   * </ul>
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public class PortletPermission extends Permission
  {
  
      /** <p>Portlet view permission.</p> */
      static private int VIEW = 0x01;
  
      /** <p>Portlet edit permission.</p> */
      static private int EDIT = 0x02;
  
      /** <p>Portlet edit permission.</p> */
      static private int DELETE = 0x04;
  
      /** <p>Portlet minimize permission.</p> */
      static private int MINIMIZE = 0x08;
  
      /** <p>Portlet maximize permission.</p> */
      static private int MAXIMIZE = 0x10;
  
      /** <p>Portlet help permission.</p> */
      static private int HELP = 0x20;
  
      /** <p>Portlet view action.</p> */
      static final public String VIEW_ACTION = "view";
  
      /** <p>Portlet edit action.</p> */
      static final public String EDIT_ACTION = "edit";
  
      /** <p>Portlet edit action.</p> */
      static final public String DELETE_ACTION = "delete";
  
      /** <p>Portlet delete action.</p> */
      static final public String MINIMIZE_ACTION = "minimize";
  
      /** <p>Portlet maximize action.</p> */
      static final public String MAXIMIZE_ACTION = "maximize";
  
      /** <p>Portlet help action.</p> */
      static final public String HELP_ACTION = "help";
  
      /** <p>Mask used for determining what action to perform.</p> */
      int mask;
  
      /** <p>The subject the permission is being performed against.</p> */
      Subject subject;
  
      /**
       * <p>Constructor for PortletPermission.</p>
       * @param name The portlet name.
       * @param actions The actions on the portlet.
       */
      public PortletPermission(String name, String actions)
      {
          this(name, actions, null);
      }
  
      /**
       * <p>Constructor for PortletPermission.</p>
       * @param name The portlet name.
       * @param actions The actions on the portlet.
       */
      public PortletPermission(String name, String actions, Subject subject)
      {
          super(name);
          parseActions(actions);
          this.subject = subject;
      }
  
      /**
       * @see java.security.Permission#getActions()
       */
      public String getActions()
      {
          StringBuffer buf = new StringBuffer();
  
          if ((mask & VIEW) == VIEW)
          {
              buf.append(VIEW_ACTION);
          }
          if ((mask & EDIT) == EDIT)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(EDIT_ACTION);
          }
          if ((mask & DELETE) == DELETE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(DELETE_ACTION);
          }
          if ((mask & MINIMIZE) == MINIMIZE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(MINIMIZE_ACTION);
          }
          if ((mask & MAXIMIZE) == MAXIMIZE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(MAXIMIZE_ACTION);
          }
          if ((mask & HELP) == HELP)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(HELP_ACTION);
          }
  
          return buf.toString();
      }
  
      /**
       * @see java.security.Permission#hashCode()
       */
      public int hashCode()
      {
          StringBuffer value = new StringBuffer(getName());
          return value.toString().hashCode() ^ mask;
      }
  
      /**
       * @see java.security.Permission#equals(Object)
       */
      public boolean equals(Object object)
      {
          if (!(object instanceof PortletPermission))
              return false;
  
          PortletPermission p = (PortletPermission) object;
          boolean isEqual = ((p.getName().equals(getName())) && (p.mask == mask));
          return isEqual;
      }
  
      public boolean implies(Permission permission)
      {
          // The permission must be an instance 
          // of the PortletPermission.
          if (!(permission instanceof PortletPermission))
          {
              return false;
          }
  
          // The portlet name must be the same.
          if (!(permission.getName().equals(getName())))
          {
              return false;
          }
  
          PortletPermission portletPerm = (PortletPermission) permission;
  
          // Get the subject.
          // It was either provide in the constructor.
          Subject user = portletPerm.getSubject();
          // Or we get it from the AccessControlContext.
          if (null == user)
          {
              AccessControlContext context = AccessController.getContext();
              user = Subject.getSubject(context);
          }
          // No user was passed.  The permission must be denied.
          if (null == user)
          {
              return false;
          }
  
          // The action bits in portletPerm (permission) 
          // must be set in the current mask permission.
          if ((mask & portletPerm.mask) != portletPerm.mask)
          {
              return false;
          }
  
          return true;
      }
  
      /**
       * <p>Overrides <code>Permission.newPermissionCollection()</code>.</p>
       * @see java.security.Permission#newPermissionCollection()
       */
      public PermissionCollection newPermissionCollection()
      {
          return new PortletPermissionCollection();
      }
  
      /**
       * <p>Gets the subject.</p>
       * @return Returns a Subject
       */
      public Subject getSubject()
      {
          return subject;
      }
  
      /**
       * <p>Parses the actions string.</p>
       * <p>Actions are separated by commas or white space.</p>
       * @param actions The actions
       */
      private void parseActions(String actions)
      {
          mask = 0;
          if (actions != null)
          {
              StringTokenizer tokenizer = new StringTokenizer(actions, ",\t ");
              while (tokenizer.hasMoreTokens())
              {
                  String token = tokenizer.nextToken();
                  if (token.equals(VIEW_ACTION))
                      mask |= VIEW;
                  else if (token.equals(EDIT_ACTION))
                      mask |= EDIT;
                  else if (token.equals(DELETE_ACTION))
                      mask |= DELETE;
                  else if (token.equals(MINIMIZE_ACTION))
                      mask |= MINIMIZE;
                  else if (token.equals(MAXIMIZE_ACTION))
                      mask |= MAXIMIZE;
                  else if (token.equals(HELP_ACTION))
                      mask |= HELP;
                  else
                      throw new IllegalArgumentException("Unknown action: " + token);
              }
          }
      }
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/commons/src/java/org/apache/jetspeed/security/PortletPermissionCollection.java
  
  Index: PortletPermissionCollection.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.util.Collections;
  
  import java.security.Permission;
  import java.security.PermissionCollection;
  import java.util.Enumeration;
  import java.util.ArrayList;
  import java.util.Iterator;
  
  /**
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public class PortletPermissionCollection extends PermissionCollection
  {
  
      ArrayList perms = new ArrayList();
  
      /**
       * 
       */
      public PortletPermissionCollection()
      {
          super(); 
      }
  
      /**
       * @see java.security.PermissionCollection#add(java.security.Permission)
       */
      public void add(Permission permission)
      {
          perms.add(permission);
      }
  
      /**
       * @see java.security.PermissionCollection#implies(java.security.Permission)
       */
      public boolean implies(Permission permission)
      {
          for (Iterator i = perms.iterator(); i.hasNext(); ) 
          {
              if (((Permission)i.next()).implies(permission)) 
              {
                  return true;
              }
          }
          return false;
      }
  
      /**
       * @see java.security.PermissionCollection#elements()
       */
      public Enumeration elements()
      {
          return Collections.enumeration(perms);
      }
  
  }
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message