001 /*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements. See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership. The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License. You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied. See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 *
019 */
020 package org.apache.directory.shared.ldap.aci;
021
022
023 import java.util.ArrayList;
024 import java.util.Collection;
025 import java.util.Collections;
026 import java.util.Set;
027
028 import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
029
030
031 /**
032 * An {@link ACIItem} which specifies {@link UserClass}es first and then
033 * {@link ProtectedItem}s each {@link UserClass} will have. (18.4.2.4. X.501)
034 *
035 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
036 * @version $Rev: 664290 $, $Date: 2008-06-07 08:28:06 +0200 (Sam, 07 jui 2008) $
037 */
038 public class UserFirstACIItem extends ACIItem
039 {
040 private static final long serialVersionUID = 5587483838404246148L;
041
042 private final Collection<UserClass> userClasses;
043
044 private final Collection<UserPermission> userPermissions;
045
046
047 /**
048 * Creates a new instance.
049 *
050 * @param identificationTag
051 * the id string of this item
052 * @param precedence
053 * the precedence of this item
054 * @param authenticationLevel
055 * the level of authentication required to this item
056 * @param userClasses
057 * the collection of {@link UserClass}es this item protects
058 * @param userPermissions
059 * the collection of {@link UserPermission}s each
060 * <tt>protectedItems</tt> will have
061 */
062 public UserFirstACIItem(String identificationTag, int precedence, AuthenticationLevel authenticationLevel,
063 Collection<UserClass> userClasses, Collection<UserPermission> userPermissions)
064 {
065 super( identificationTag, precedence, authenticationLevel );
066
067 this.userClasses = Collections.unmodifiableCollection( new ArrayList<UserClass>( userClasses ) );
068 this.userPermissions = Collections.unmodifiableCollection( new ArrayList<UserPermission>( userPermissions ) );
069 }
070
071
072 /**
073 * Returns the set of {@link UserClass}es.
074 */
075 public Collection<UserClass> getUserClasses()
076 {
077 return userClasses;
078 }
079
080
081 /**
082 * Returns the set of {@link UserPermission}s.
083 */
084 public Collection<UserPermission> getUserPermission()
085 {
086 return userPermissions;
087 }
088
089
090 public String toString()
091 {
092 StringBuilder buf = new StringBuilder();
093
094 // identificationTag
095 buf.append( "{ identificationTag \"" );
096 buf.append( getIdentificationTag() );
097 buf.append( "\", " );
098
099 // precedence
100 buf.append( "precedence " );
101 buf.append( getPrecedence() );
102 buf.append( ", " );
103
104 // authenticationLevel
105 buf.append( "authenticationLevel " );
106 buf.append( getAuthenticationLevel().getName() );
107 buf.append( ", " );
108
109 // itemOrUserFirst
110 buf.append( "itemOrUserFirst userFirst: { " );
111
112 // protectedItems
113 buf.append( "userClasses { " );
114
115 boolean isFirst = true;
116
117 for ( UserClass userClass:userClasses )
118 {
119 if ( isFirst )
120 {
121 isFirst = false;
122 }
123 else
124 {
125 buf.append( ", " );
126 }
127
128 buf.append( userClass.toString() );
129 }
130
131 buf.append( " }, " );
132
133 // itemPermissions
134 buf.append( "userPermissions { " );
135
136 isFirst = true;
137
138 for ( UserPermission permission:userPermissions )
139 {
140 if ( isFirst )
141 {
142 isFirst = false;
143 }
144 else
145 {
146 buf.append( ", " );
147 }
148
149 buf.append( permission.toString() );
150 }
151
152 buf.append( " } } }" );
153
154 return buf.toString();
155 }
156
157
158 public Collection<ACITuple> toTuples()
159 {
160 Collection<ACITuple> tuples = new ArrayList<ACITuple>();
161
162 for ( UserPermission userPermission:userPermissions )
163 {
164 Set<GrantAndDenial> grants = userPermission.getGrants();
165 Set<GrantAndDenial> denials = userPermission.getDenials();
166 int precedence = userPermission.getPrecedence() >= 0 ? userPermission.getPrecedence() : this
167 .getPrecedence();
168
169 if ( grants.size() > 0 )
170 {
171 tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission
172 .getProtectedItems(), toMicroOperations( grants ), true, precedence ) );
173 }
174 if ( denials.size() > 0 )
175 {
176 tuples.add( new ACITuple( getUserClasses(), getAuthenticationLevel(), userPermission
177 .getProtectedItems(), toMicroOperations( denials ), false, precedence ) );
178 }
179 }
180 return tuples;
181 }
182 }