001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one
003: * or more contributor license agreements. See the NOTICE file
004: * distributed with this work for additional information
005: * regarding copyright ownership. The ASF licenses this file
006: * to you under the Apache License, Version 2.0 (the
007: * "License"); you may not use this file except in compliance
008: * with the License. You may obtain a copy of the License at
009: *
010: * http://www.apache.org/licenses/LICENSE-2.0
011: *
012: * Unless required by applicable law or agreed to in writing,
013: * software distributed under the License is distributed on an
014: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015: * KIND, either express or implied. See the License for the
016: * specific language governing permissions and limitations
017: * under the License.
018: */
019:
020: package org.apache.geronimo.security.util;
021:
022: import java.util.Set;
023: import java.util.HashSet;
024: import java.util.regex.Pattern;
025:
026: /**
027: * Tracks sets of HTTP actions for use while computing permissions during web deployment.
028: *
029: * @version $Rev: 538086 $ $Date: 2007-05-15 01:11:36 -0700 (Tue, 15 May 2007) $
030: */
031: public class HTTPMethods {
032: private static final Pattern TOKEN_PATTERN = Pattern
033: .compile("[!-~&&[^\\(\\)\\<\\>@,;:\\\\\"/\\[\\]\\?=\\{\\}]]*");
034:
035: private final Set<String> methods = new HashSet<String>();
036: private boolean isExcluded = false;
037:
038: public HTTPMethods() {
039: }
040:
041: public HTTPMethods(HTTPMethods httpMethods, boolean complemented) {
042: isExcluded = httpMethods.isExcluded ^ complemented;
043: methods.addAll(httpMethods.methods);
044: }
045:
046: public void add(String httpMethod) {
047: if (isExcluded) {
048: checkToken(httpMethod);
049: methods.remove(httpMethod);
050: } else if (httpMethod == null || httpMethod.length() == 0) {
051: isExcluded = true;
052: methods.clear();
053: } else {
054: checkToken(httpMethod);
055: methods.add(httpMethod);
056: }
057: }
058:
059: public HTTPMethods add(HTTPMethods httpMethods) {
060: if (isExcluded) {
061: if (httpMethods.isExcluded) {
062: methods.retainAll(httpMethods.methods);
063: } else {
064: methods.removeAll(httpMethods.methods);
065: }
066: } else {
067: if (httpMethods.isExcluded) {
068: isExcluded = true;
069: Set<String> toRemove = new HashSet<String>(methods);
070: methods.clear();
071: methods.addAll(httpMethods.methods);
072: methods.removeAll(toRemove);
073: } else {
074: methods.addAll(httpMethods.methods);
075: }
076: }
077: return this ;
078: }
079:
080: public String getHttpMethods() {
081: return getHttpMethodsBuffer(isExcluded).toString();
082: }
083:
084: public StringBuffer getHttpMethodsBuffer() {
085: return getHttpMethodsBuffer(isExcluded);
086: }
087:
088: public String getComplementedHttpMethods() {
089: return getHttpMethodsBuffer(!isExcluded).toString();
090: }
091:
092: private StringBuffer getHttpMethodsBuffer(boolean excluded) {
093: StringBuffer buffer = new StringBuffer();
094: if (excluded) {
095: buffer.append("!");
096: }
097: boolean afterFirst = false;
098: for (String method : methods) {
099: if (afterFirst) {
100: buffer.append(",");
101: } else {
102: afterFirst = true;
103: }
104: buffer.append(method);
105: }
106: return buffer;
107: }
108:
109: private void checkToken(String method) {
110: if (!TOKEN_PATTERN.matcher(method).matches()) {
111: throw new IllegalArgumentException("Invalid HTTPMethodSpec");
112: }
113: }
114:
115: public boolean isNone() {
116: return !isExcluded && methods.isEmpty();
117: }
118: }
|