001    /*
002     *  Licensed to the Apache Software Foundation (ASF) under one
003     *  or more contributor license agreements.  See the NOTICE file
004     *  distributed with this work for additional information
005     *  regarding copyright ownership.  The ASF licenses this file
006     *  to you under the Apache License, Version 2.0 (the
007     *  "License"); you may not use this file except in compliance
008     *  with the License.  You may obtain a copy of the License at
009     *  
010     *    http://www.apache.org/licenses/LICENSE-2.0
011     *  
012     *  Unless required by applicable law or agreed to in writing,
013     *  software distributed under the License is distributed on an
014     *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     *  KIND, either express or implied.  See the License for the
016     *  specific language governing permissions and limitations
017     *  under the License. 
018     *  
019     */
020    package org.apache.directory.shared.ldap.aci;
021    
022    
023    import java.io.Serializable;
024    import java.util.ArrayList;
025    import java.util.Collection;
026    import java.util.Collections;
027    import java.util.HashSet;
028    import java.util.Set;
029    
030    import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
031    
032    
033    /**
034     * A flatten entity which is converted from an {@link ACIItem}. The tuples are
035     * accepted by ACDF (Access Control Decision Function, 18.8, X.501)
036     * 
037     * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
038     * @version $Rev: 586528 $, $Date: 2007-10-19 18:47:06 +0200 (Ven, 19 oct 2007) $
039     */
040    public class ACITuple implements Serializable
041    {
042        private static final long serialVersionUID = 4353150626941232371L;
043    
044        private final Collection<UserClass> userClasses;
045    
046        private final AuthenticationLevel authenticationLevel;
047    
048        private final Collection<ProtectedItem> protectedItems;
049    
050        private final Set<MicroOperation> microOperations;
051    
052        private final boolean grant;
053    
054        private final int precedence;
055    
056    
057        /**
058         * Creates a new instance.
059         * 
060         * @param userClasses
061         *            the collection of {@link UserClass}es this tuple relates to
062         * @param authenticationLevel
063         *            the level of authentication required
064         * @param protectedItems
065         *            the collection of {@link ProtectedItem}s this tuple relates
066         * @param microOperations
067         *            the set of {@link MicroOperation}s this tuple relates
068         * @param grant
069         *            <tt>true</tt> if and only if this tuple grants an access
070         * @param precedence
071         *            the precedence of this tuple (<tt>0</tt>-<tt>255</tt>)
072         */
073        public ACITuple( 
074                Collection<UserClass> userClasses, 
075                AuthenticationLevel authenticationLevel, 
076                Collection<ProtectedItem> protectedItems,
077                Set<MicroOperation> microOperations, 
078                boolean grant, 
079                int precedence )
080        {
081            if ( authenticationLevel == null )
082            {
083                throw new NullPointerException( "authenticationLevel" );
084            }
085    
086            if ( precedence < 0 || precedence > 255 )
087            {
088                throw new IllegalArgumentException( "precedence: " + precedence );
089            }
090    
091            this.userClasses = Collections.unmodifiableCollection( new ArrayList<UserClass>( userClasses ) );
092            this.authenticationLevel = authenticationLevel;
093            this.protectedItems = Collections.unmodifiableCollection( new ArrayList<ProtectedItem>( protectedItems ) );
094            this.microOperations = Collections.unmodifiableSet( new HashSet<MicroOperation>( microOperations ) );
095            this.grant = grant;
096            this.precedence = precedence;
097        }
098    
099    
100        /**
101         * Returns the collection of {@link UserClass}es this tuple relates to.
102         */
103        public Collection<UserClass> getUserClasses()
104        {
105            return userClasses;
106        }
107    
108    
109        /**
110         * Returns the level of authentication required.
111         */
112        public AuthenticationLevel getAuthenticationLevel()
113        {
114            return authenticationLevel;
115        }
116    
117    
118        /**
119         * Returns the collection of {@link ProtectedItem}s this tuple relates.
120         */
121        public Collection<ProtectedItem> getProtectedItems()
122        {
123            return protectedItems;
124        }
125    
126    
127        /**
128         * Returns the set of {@link MicroOperation}s this tuple relates.
129         */
130        public Set<MicroOperation> getMicroOperations()
131        {
132            return microOperations;
133        }
134    
135    
136        /**
137         * Returns <tt>true</tt> if and only if this tuple grants an access.
138         */
139        public boolean isGrant()
140        {
141            return grant;
142        }
143    
144    
145        /**
146         * Returns the precedence of this tuple (<tt>0</tt>-<tt>255</tt>).
147         */
148        public int getPrecedence()
149        {
150            return precedence;
151        }
152    
153    
154        public String toString()
155        {
156            return "ACITuple: userClasses=" + userClasses + ", " + "authenticationLevel=" + authenticationLevel + ", "
157                + "protectedItems=" + protectedItems + ", " + ( grant ? "grants=" : "denials=" ) + microOperations + ", "
158                + "precedence=" + precedence;
159        }
160    }