001: /*
002: jGuard is a security framework based on top of jaas (java authentication and authorization security).
003: it is written for web applications, to resolve simply, access control problems.
004: version $Name$
005: http://sourceforge.net/projects/jguard/
006:
007: Copyright (C) 2004 Charles GAY
008:
009: This library is free software; you can redistribute it and/or
010: modify it under the terms of the GNU Lesser General Public
011: License as published by the Free Software Foundation; either
012: version 2.1 of the License, or (at your option) any later version.
013:
014: This library is distributed in the hope that it will be useful,
015: but WITHOUT ANY WARRANTY; without even the implied warranty of
016: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
017: Lesser General Public License for more details.
018:
019: You should have received a copy of the GNU Lesser General Public
020: License along with this library; if not, write to the Free Software
021: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
022:
023:
024: jGuard project home page:
025: http://sourceforge.net/projects/jguard/
026:
027: */
028: package net.sf.jguard.core.authorization.permissions;
029:
030: import java.io.Serializable;
031: import java.net.URI;
032: import java.util.Arrays;
033: import java.util.HashSet;
034: import java.util.Iterator;
035: import java.util.List;
036: import java.util.Set;
037: import java.util.regex.Pattern;
038:
039: import org.apache.commons.lang.StringEscapeUtils;
040:
041: /**
042: * represents an url key and her associated value.
043: * @author <a href="mailto:diabolo512@users.sourceforge.net ">Charles Gay</a>
044: * @author <a href="mailto:vberetti@users.sourceforge.net">Vincent Beretti</a>
045: */
046: public class URLParameter implements Serializable, Cloneable {
047:
048: /**
049: * serial version id.
050: */
051: private static final long serialVersionUID = 3835156176932384821L;
052: private String key = null;
053:
054: /**
055: * the HttpservlerRequest.getParameterValues() return a values Array.
056: * when the URL contains copies of a parameter name,
057: * this method return an array of all the values for the same parameter name.
058: */
059: private String[] value = null;
060: private String permissionName = null;
061:
062: /**
063: * constructor.
064: */
065: protected URLParameter() {
066:
067: }
068:
069: /**
070: * override the java.lang.Object 's <i>clone</i> method.
071: * @return new URLParameter.
072: */
073: public Object clone() throws CloneNotSupportedException {
074: URLParameter param = new URLParameter();
075: param.setKey(new String(this .key));
076: param.setValue(this .value);
077: param.setPermissionName(new String(this .permissionName));
078: return param;
079: }
080:
081: /**
082: * @return
083: */
084: protected String getKey() {
085: return key;
086: }
087:
088: /**
089: * @return
090: */
091: protected String[] getValue() {
092: return value;
093: }
094:
095: /**
096: * concat the array String in a single string with a ";" separator.
097: * @return concat String
098: */
099: protected String getValuesAsString() {
100: String[] valuesArray = this .value;
101: StringBuffer concatValues = new StringBuffer();
102: for (int i = 0; i < valuesArray.length; i++) {
103: if (i != 0) {
104: concatValues.append(";");
105: }
106: concatValues.append(valuesArray[i]);
107: }
108: return concatValues.toString();
109: }
110:
111: /**
112: * @param string
113: */
114: protected void setKey(String string) {
115: key = string;
116: }
117:
118: /**
119: * @param string
120: */
121: protected void setValue(String[] string) {
122: value = string;
123: }
124:
125: /**
126: * override java.lang.Object's <i>hashCode</i> method.
127: * @return int to compare quickly to URLParameters.
128: */
129: public int hashCode() {
130: StringBuffer sb = new StringBuffer(this .key);
131: sb.append(this .getValuesAsString());
132: return sb.toString().hashCode();
133: }
134:
135: /**
136: * override Object equals method.
137: */
138: public boolean equals(Object obj) {
139: if (!(obj instanceof URLParameter)) {
140: return false;
141: }
142: URLParameter urlp = (URLParameter) obj;
143:
144: if (urlp.getKey().equals(this .key) == false) {
145: return false;
146: }
147:
148: String[] targetArray = urlp.getValue();
149: String[] myArray = this .value;
150:
151: if (myArray.length != targetArray.length) {
152: return false;
153: }
154: //we sort these String arrays before comparing them
155: Arrays.sort(targetArray);
156: Arrays.sort(myArray);
157: for (int i = 0; i < myArray.length; i++) {
158: if (!(myArray[i]).equals(targetArray[i])) {
159: return false;
160: }
161: }
162:
163: return true;
164: }
165:
166: /**
167: * @return
168: */
169: protected String getPermissionName() {
170: return permissionName;
171: }
172:
173: /**
174: * @param string
175: */
176: protected void setPermissionName(String string) {
177: permissionName = string;
178: }
179:
180: /**
181: * from an URI and a Permission associated
182: * @param uri
183: * @return
184: */
185: protected static Set getURLParameters(URI uri) {
186:
187: Set parameters = new HashSet();
188: String query = uri.getQuery();
189: query = StringEscapeUtils.unescapeHtml(query);
190: if (query != null && query != "") {
191: List tokens = Arrays.asList(query.split("&"));
192: Iterator itTokens = tokens.iterator();
193: while (itTokens.hasNext()) {
194: String token = (String) itTokens.next();
195: String[] parts = token.split("=");
196: if (parts.length == 2) {
197: URLParameter param = new URLParameter();
198: param.setKey(parts[0]);
199: String[] values = parts[1].split(";");
200: param.setValue(values);
201: parameters.add(param);
202: }
203: }
204:
205: }
206: return parameters;
207: }
208:
209: public boolean impliesKey(String key) {
210: String regexpKey = this .key.replaceAll("\\*", "\\.\\*");
211: if (!key.equals(this .key) && !Pattern.matches(regexpKey, key)) {
212: return false;
213: }
214: return true;
215: }
216:
217: public boolean impliesValues(String[] value) {
218: if (value.length != this .value.length) {
219: return false;
220: }
221: //we sort these String arrays before comparing them
222: Arrays.sort(value);
223: Arrays.sort(this .value);
224: for (int i = 0; i < value.length; i++) {
225: String regexpValue = this .value[i].replaceAll("\\*",
226: "\\.\\*");
227: if (!(value[i]).equals(this .value[i])
228: && !Pattern.matches(regexpValue, value[i])) {
229: return false;
230: }
231: }
232: return true;
233: }
234: }
|