View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.api.ldap.aci;
21  
22  
23  import java.util.ArrayList;
24  import java.util.Collection;
25  import java.util.Collections;
26  import java.util.Set;
27  
28  import org.apache.directory.api.ldap.model.constants.AuthenticationLevel;
29  
30  
31  /**
32   * An {@link ACIItem} which specifies {@link UserClass}es first and then
33   * {@link ProtectedItem}s each {@link UserClass} will have. (18.4.2.4. X.501)
34   * 
35   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
36   */
37  public class UserFirstACIItem extends ACIItem
38  {
39      /** The user classes. */
40      private final Collection<UserClass> userClasses;
41  
42      /** The user permissions. */
43      private final Collection<UserPermission> userPermissions;
44  
45  
46      /**
47       * Creates a new instance.
48       * 
49       * @param identificationTag
50       *            the id string of this item
51       * @param precedence
52       *            the precedence of this item
53       * @param authenticationLevel
54       *            the level of authentication required to this item
55       * @param userClasses
56       *            the collection of {@link UserClass}es this item protects
57       * @param userPermissions
58       *            the collection of {@link UserPermission}s each
59       *            <tt>protectedItems</tt> will have
60       */
61      public UserFirstACIItem( String identificationTag, int precedence, AuthenticationLevel authenticationLevel,
62          Collection<UserClass> userClasses, Collection<UserPermission> userPermissions )
63      {
64          super( identificationTag, precedence, authenticationLevel );
65  
66          this.userClasses = Collections.unmodifiableCollection( new ArrayList<UserClass>( userClasses ) );
67          this.userPermissions = Collections.unmodifiableCollection( new ArrayList<UserPermission>( userPermissions ) );
68      }
69  
70  
71      /**
72       * Gets the collection of {@link UserClass}es.
73       *
74       * @return the collection of {@link UserClass}es
75       */
76      public Collection<UserClass> getUserClasses()
77      {
78          return userClasses;
79      }
80  
81  
82      /**
83       * Gets the collection of {@link UserPermission}s.
84       *
85       * @return the collection of {@link UserPermission}s
86       */
87      public Collection<UserPermission> getUserPermission()
88      {
89          return userPermissions;
90      }
91  
92  
93      /**
94       * {@inheritDoc}
95       */
96      @Override
97      public String toString()
98      {
99          StringBuilder buf = new StringBuilder();
100 
101         // identificationTag
102         buf.append( "{ identificationTag \"" );
103         buf.append( getIdentificationTag() );
104         buf.append( "\", " );
105 
106         // precedence
107         buf.append( "precedence " );
108         buf.append( getPrecedence() );
109         buf.append( ", " );
110 
111         // authenticationLevel
112         buf.append( "authenticationLevel " );
113         buf.append( getAuthenticationLevel().getName() );
114         buf.append( ", " );
115 
116         // itemOrUserFirst
117         buf.append( "itemOrUserFirst userFirst: { " );
118 
119         // protectedItems
120         buf.append( "userClasses { " );
121 
122         boolean isFirst = true;
123 
124         for ( UserClass userClass : userClasses )
125         {
126             if ( isFirst )
127             {
128                 isFirst = false;
129             }
130             else
131             {
132                 buf.append( ", " );
133             }
134 
135             buf.append( userClass.toString() );
136         }
137 
138         buf.append( " }, " );
139 
140         // itemPermissions
141         buf.append( "userPermissions { " );
142 
143         isFirst = true;
144 
145         for ( UserPermission permission : userPermissions )
146         {
147             if ( isFirst )
148             {
149                 isFirst = false;
150             }
151             else
152             {
153                 buf.append( ", " );
154             }
155 
156             buf.append( permission.toString() );
157         }
158 
159         buf.append( " } } }" );
160 
161         return buf.toString();
162     }
163 
164 
165     /**
166      * {@inheritDoc}
167      */
168     @Override
169     public Collection<ACITuple> toTuples()
170     {
171         Collection<ACITuple> tuples = new ArrayList<>();
172 
173         for ( UserPermission userPermission : userPermissions )
174         {
175             Set<GrantAndDenial> grants = userPermission.getGrants();
176             Set<GrantAndDenial> denials = userPermission.getDenials();
177             int precedence = userPermission.getPrecedence() != null
178                 ? userPermission.getPrecedence()
179                 : this.getPrecedence();
180 
181             if ( !grants.isEmpty() )
182             {
183                 tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission
184                     .getProtectedItems(), toMicroOperations( grants ), true, precedence ) );
185             }
186             if ( !denials.isEmpty() )
187             {
188                 tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission
189                     .getProtectedItems(), toMicroOperations( denials ), false, precedence ) );
190             }
191         }
192         return tuples;
193     }
194 }