001: /* ====================================================================
002: * The Jcorporate Apache Style Software License, Version 1.2 05-07-2002
003: *
004: * Copyright (c) 1995-2002 Jcorporate Ltd. All rights reserved.
005: *
006: * Redistribution and use in source and binary forms, with or without
007: * modification, are permitted provided that the following conditions
008: * are met:
009: *
010: * 1. Redistributions of source code must retain the above copyright
011: * notice, this list of conditions and the following disclaimer.
012: *
013: * 2. Redistributions in binary form must reproduce the above copyright
014: * notice, this list of conditions and the following disclaimer in
015: * the documentation and/or other materials provided with the
016: * distribution.
017: *
018: * 3. The end-user documentation included with the redistribution,
019: * if any, must include the following acknowledgment:
020: * "This product includes software developed by Jcorporate Ltd.
021: * (http://www.jcorporate.com/)."
022: * Alternately, this acknowledgment may appear in the software itself,
023: * if and wherever such third-party acknowledgments normally appear.
024: *
025: * 4. "Jcorporate" and product names such as "Expresso" must
026: * not be used to endorse or promote products derived from this
027: * software without prior written permission. For written permission,
028: * please contact info@jcorporate.com.
029: *
030: * 5. Products derived from this software may not be called "Expresso",
031: * or other Jcorporate product names; nor may "Expresso" or other
032: * Jcorporate product names appear in their name, without prior
033: * written permission of Jcorporate Ltd.
034: *
035: * 6. No product derived from this software may compete in the same
036: * market space, i.e. framework, without prior written permission
037: * of Jcorporate Ltd. For written permission, please contact
038: * partners@jcorporate.com.
039: *
040: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
041: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
042: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
043: * DISCLAIMED. IN NO EVENT SHALL JCORPORATE LTD OR ITS CONTRIBUTORS
044: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
045: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
046: * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
047: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
048: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
049: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
050: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
051: * SUCH DAMAGE.
052: * ====================================================================
053: *
054: * This software consists of voluntary contributions made by many
055: * individuals on behalf of the Jcorporate Ltd. Contributions back
056: * to the project(s) are encouraged when you make modifications.
057: * Please send them to support@jcorporate.com. For more information
058: * on Jcorporate Ltd. and its products, please see
059: * <http://www.jcorporate.com/>.
060: *
061: * Portions of this software are based upon other open source
062: * products and are subject to their respective licenses.
063: */
064:
065: package com.jcorporate.expresso.services.dbobj;
066:
067: import com.jcorporate.expresso.core.db.DBException;
068: import com.jcorporate.expresso.core.dbobj.DBField;
069: import com.jcorporate.expresso.core.dbobj.DBObject;
070:
071: /**
072: * storage for read/write permissions concerning a given row in the database
073: * this table stores user & "other" permissions
074: * <p/>
075: * this object and its table should be manipulated only through RowSecuredDBObject
076: *
077: * @author larry hamel
078: * @see com.jcorporate.expresso.core.dbobj.RowSecuredDBObject
079: * @see com.jcorporate.expresso.services.dbobj.RowGroupPerms
080: */
081: public class RowPermissions extends DBObject /* ironically, we do not subclass SecuredDBObject because everyone must be able to write their own permissions */{
082:
083: public static final String PERMISSIONS_TABLE_NAME = "ROW_PERMISSIONS";
084: public static final String PERMISSIONS_TABLE_DESCRIP = "RowPermissions";
085: /**
086: * field name for name of table
087: */
088: public static final String TABLE_NAME = "TARGET_TABLE";
089:
090: /**
091: * field name for primary key of row
092: */
093: public static final String ROW_KEY = "ROW_KEY";
094:
095: /**
096: * field name for owner
097: */
098: public static final String OWNER_ID = "OWNER_ID";
099:
100: /**
101: * field name for bits that make up permissions; perms stored in this table, ROW_PERMISSIONS, have bits for
102: * group permissions that are unused. Conversely, perms stored in table ROW_GRP_PERMS, have bits for owner and other
103: * which are unused.
104: */
105: public static final String PERMISSIONS = "PERMISSIONS";
106:
107: /**
108: * max length of a primary key of this table, which is
109: * made up of the target table name + target row PK
110: * Most databases have a system limit.
111: * InterBase probably has one of the lowest limits, 200 bytes for the index,
112: * which is a combination of all indexed fields,
113: * documented at http://bdn.borland.com/article/0,1410,25245,00.html
114: * <p/>
115: * increase this length if you need to, and if your database allows a larger
116: * number of bytes in indices.
117: */
118: public static final int MAX_KEY_LENGTH = 150;
119: /**
120: * Maximum length of name of table; all tables must have names that fit.
121: * Most databases have a system limit.
122: */
123: public static final int MAX_TABLE_NAME_LENGTH = 20;
124:
125: protected static int sMaxKeyLen = MAX_KEY_LENGTH; // can be overridden
126: protected static String sKeyType = DBField.VARCHAR_TYPE; // can be overridden
127:
128: /**
129: * bitmasks for permissions, stored as Java int
130: */
131: public static final int OWNER_WRITE_MASK = 256;
132: public static final int OWNER_READ_MASK = 128;
133: public static final int OWNER_PERMISSION_MASK = 64;
134: public static final int GROUP_READ_MASK = 32;
135: public static final int GROUP_WRITE_MASK = 16;
136: public static final int GROUP_PERMISSION_MASK = 8;
137: public static final int OTHERS_READ_MASK = 4;
138: public static final int OTHERS_WRITE_MASK = 2;
139: public static final int OTHERS_PERMISSION_MASK = 1;
140:
141: public static final int OTHERS_READ_AND_GROUP_WRITES_PERMISSIONS = OWNER_READ_MASK
142: + OWNER_WRITE_MASK
143: + OWNER_PERMISSION_MASK
144: + GROUP_READ_MASK
145: + GROUP_WRITE_MASK
146: + GROUP_PERMISSION_MASK + OTHERS_READ_MASK;
147:
148: public static final int DEFAULT_PERMISSIONS = OTHERS_READ_AND_GROUP_WRITES_PERMISSIONS;
149:
150: public static final int WIDE_OPEN_PERMISSIONS = OWNER_READ_MASK
151: + OWNER_WRITE_MASK + OWNER_PERMISSION_MASK
152: + GROUP_READ_MASK + GROUP_WRITE_MASK
153: + GROUP_PERMISSION_MASK + OTHERS_READ_MASK
154: + OTHERS_WRITE_MASK + OTHERS_PERMISSION_MASK;
155:
156: public static final int OWNER_ONLY_PERMISSIONS = OWNER_READ_MASK
157: + OWNER_WRITE_MASK + OWNER_PERMISSION_MASK;
158:
159: public static final int OWNER_AND_GROUP_WRITE_PERMISSIONS = OWNER_READ_MASK
160: + OWNER_WRITE_MASK
161: + OWNER_PERMISSION_MASK
162: + GROUP_READ_MASK
163: + GROUP_WRITE_MASK
164: + GROUP_PERMISSION_MASK;
165:
166: public static final int GROUP_READ_ONLY_PERMISSIONS = OWNER_READ_MASK
167: + OWNER_WRITE_MASK
168: + OWNER_PERMISSION_MASK
169: + GROUP_READ_MASK;
170:
171: /**
172: * group can write, but others cannot even read
173: */
174: public static final int GROUP_ONLY_READWRITE_PERMISSIONS = OWNER_READ_MASK
175: + OWNER_WRITE_MASK
176: + OWNER_PERMISSION_MASK
177: + GROUP_WRITE_MASK + GROUP_READ_MASK;
178:
179: /**
180: * if no group has been named, here's a default name (10 char max)
181: * which is created by UserGroup.populateDefaultValues()
182: */
183: public static final String DEFAULT_PERMISSION_GROUP = UserGroup.ALL_USERS_GROUP;
184:
185: public RowPermissions() throws DBException {
186: }
187:
188: public RowPermissions(String table, String rowKey)
189: throws DBException {
190: if (rowKey == null) {
191: throw new DBException("null row key");
192: }
193: if (table == null) {
194: throw new DBException("null table name");
195: }
196:
197: // test for key length being too large
198: if ((rowKey.length() + table.length()) > getMaxKeyLen()) {
199: throw new DBException(
200: "Cannot create row permissions for table: "
201: + this .getJDBCMetaData().getTargetTable()
202: + " row: "
203: + rowKey
204: + " because table name + row's ID (PK) exceeds maximum of "
205: + getMaxKeyLen());
206: }
207:
208: setField(TABLE_NAME, table);
209: setField(ROW_KEY, rowKey);
210: }
211:
212: /**
213: * always returns true
214: *
215: * @return true if the own can administrate the row
216: * @throws DBException upon error
217: */
218: public boolean canOwnerAdministrate() throws DBException {
219: return true;
220: }
221:
222: public boolean canOwnerRead() throws DBException {
223: return (OWNER_READ_MASK & this .permissions()) == OWNER_READ_MASK;
224: }
225:
226: public boolean canOwnerWrite() throws DBException {
227: return (OWNER_WRITE_MASK & permissions()) == OWNER_WRITE_MASK;
228: }
229:
230: public boolean canOthersAdministrate() throws DBException {
231: return (OTHERS_PERMISSION_MASK & permissions()) == OTHERS_PERMISSION_MASK;
232: }
233:
234: public boolean canOthersRead() throws DBException {
235: return (OTHERS_READ_MASK & permissions()) == OTHERS_READ_MASK;
236: }
237:
238: public boolean canOthersWrite() throws DBException {
239: return (OTHERS_WRITE_MASK & permissions()) == OTHERS_WRITE_MASK;
240: }
241:
242: /**
243: * override in subclesses, and be sure to call this as first line of override
244: *
245: * @throws DBException upon error
246: */
247: protected synchronized void setupFields() throws DBException {
248: setTargetTable(PERMISSIONS_TABLE_NAME);
249: setDescription(PERMISSIONS_TABLE_DESCRIP);
250: addField(TABLE_NAME, DBField.VARCHAR_TYPE,
251: MAX_TABLE_NAME_LENGTH, false, "Targettablename");
252: /**
253: * @todo should ROW_KEY be longvarchar? is that indexable on all databases?
254: * [Answer: LongVarChar is NOT indexable on several databases -MR]
255: */
256: addField(ROW_KEY, sKeyType, getMaxKeyLen(), false, "Rowkey");
257: addField(OWNER_ID, DBField.INT_TYPE, 0, true, "Owner");
258: addField(PERMISSIONS, DBField.INT_TYPE, 0, true,
259: "Permissionbits");
260: addKey(TABLE_NAME);
261: addKey(ROW_KEY);
262: }
263:
264: public int owner() throws DBException {
265: return this .getFieldInt(OWNER_ID);
266: }
267:
268: public void owner(int theOwner) throws DBException {
269: setField(OWNER_ID, theOwner);
270: }
271:
272: /**
273: * set permissions
274: *
275: * @param perm the permissions to set
276: * @throws DBException upon DataObject error
277: */
278: public void permissions(int perm) throws DBException {
279: setField(PERMISSIONS, perm);
280: }
281:
282: /**
283: * get permissions, a bit-field of privilege bits; see constants in this class
284: * for mask definitions
285: *
286: * @return the permission code
287: * @throws DBException upon DataObject error
288: */
289: public int permissions() throws DBException {
290: // protect against empty perm.
291: if (getField(PERMISSIONS).length() == 0) {
292: return 0;
293: }
294: return getFieldInt(PERMISSIONS);
295: }
296:
297: /**
298: * indicates that this object is new--no permissions have been set
299: *
300: * @return true if the field is Fresh.
301: * @throws DBException upon DataObject error
302: */
303: public boolean isFresh() throws DBException {
304: return getField(PERMISSIONS).length() == 0;
305: }
306:
307: /**
308: * @return the maximum length permitted for a primary key, if the table is to be acommodated by RowPermissions
309: */
310: public static int getMaxKeyLen() {
311: return sMaxKeyLen;
312: }
313:
314: }
|