Source code

001/*
002 *  Licensed to the Apache Software Foundation (ASF) under one
003 *  or more contributor license agreements.  See the NOTICE file
004 *  distributed with this work for additional information
005 *  regarding copyright ownership.  The ASF licenses this file
006 *  to you under the Apache License, Version 2.0 (the
007 *  "License"); you may not use this file except in compliance
008 *  with the License.  You may obtain a copy of the License at
009 *  
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *  
012 *  Unless required by applicable law or agreed to in writing,
013 *  software distributed under the License is distributed on an
014 *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 *  KIND, either express or implied.  See the License for the
016 *  specific language governing permissions and limitations
017 *  under the License. 
018 *  
019 */
020package org.apache.directory.server.core.authz.support;
021
022
023import java.util.Collection;
024import java.util.Iterator;
025
026import org.apache.directory.api.ldap.aci.ACITuple;
027import org.apache.directory.api.ldap.aci.MicroOperation;
028import org.apache.directory.api.ldap.model.entry.Entry;
029import org.apache.directory.api.ldap.model.exception.LdapException;
030
031
032/**
033 * An {@link ACITupleFilter} that discard tuples which doesn't contain any
034 * related {@link MicroOperation}s. (18.8.3.4, X.501) 
035 *
036 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
037 *
038 */
039public class MicroOperationFilter implements ACITupleFilter
040{
041    /**
042     * {@inheritDoc}
043     */
044    @Override
045    public Collection<ACITuple> filter( AciContext aciContext, OperationScope scope, Entry userEntry )
046        throws LdapException
047    {
048        if ( aciContext.getAciTuples().isEmpty() )
049        {
050            return aciContext.getAciTuples();
051        }
052
053        for ( Iterator<ACITuple> i = aciContext.getAciTuples().iterator(); i.hasNext(); )
054        {
055            ACITuple tuple = i.next();
056
057            /*
058             * The ACITuple must contain all the MicroOperations specified within the
059             * microOperations argument.  Just matching a single microOperation is not
060             * enough.  All must be matched to retain the ACITuple.
061             */
062
063            boolean retain = true;
064
065            for ( MicroOperation microOp : aciContext.getMicroOperations() )
066            {
067                if ( !tuple.getMicroOperations().contains( microOp ) )
068                {
069                    retain = false;
070                    break;
071                }
072            }
073
074            if ( !retain )
075            {
076                i.remove();
077            }
078        }
079
080        return aciContext.getAciTuples();
081    }
082
083}