001: /**
002: * Copyright 2002 Sun Microsystems, Inc. All
003: * rights reserved. Use of this product is subject
004: * to license terms. Federal Acquisitions:
005: * Commercial Software -- Government Users
006: * Subject to Standard License Terms and
007: * Conditions.
008: *
009: * Sun, Sun Microsystems, the Sun logo, and Sun ONE
010: * are trademarks or registered trademarks of Sun Microsystems,
011: * Inc. in the United States and other countries.
012: *
013: */package com.sun.portal.wireless.taglibs.cal.socs;
014:
015: import java.util.logging.Logger;
016: import java.util.logging.Level;
017: import java.util.Set;
018: import java.util.ArrayList;
019: import java.util.HashMap;
020: import java.util.Iterator;
021: import java.util.Hashtable;
022: import java.util.Properties;
023: import java.util.StringTokenizer;
024: import com.sun.comclient.calendar.ICalendar;
025:
026: import com.sun.comclient.calendar.CalendarException;
027: import com.sun.comclient.calendar.OperationNotSupportedException;
028:
029: /**
030: * Calendar ACL class encapsulates the ACL for a calendar.
031: * This class obtains the access string as provided in ICalendar object,
032: * parses it into individual ACI's and maintain each ACI per 'who'
033: * in a local table.
034: *
035: */
036:
037: public class CalendarACL {
038:
039: /**
040: * Default Constructor
041: */
042:
043: public CalendarACL() {
044: }
045:
046: /*
047: * Constructor accepting the accessString and the ownersList.<br>
048: * Call this constructor if the CalendarACL need to be used when ICalendar
049: * object is not present though the accessString is
050: *
051: * @param accessString the Calendar ACI string
052: * @param ownserList An array conatining the owners
053: * (including primary owner)
054: */
055:
056: public CalendarACL(String accessString, String[] ownersList,
057: String pOwner) {
058:
059: if (accessString == null)
060: throw new IllegalArgumentException(
061: "Access String is mandatory parameter for this constructor");
062:
063: _ownersList = ownersList;
064: _primaryOwner = pOwner;
065: parseAccessString(accessString);
066:
067: }
068:
069: /*
070: * Constructor accepting the ICalendar object whose ACL needs to be
071: * evaluated/processed.
072: *
073: * @param ical ICalendar object whose ACLs need to be evaluated
074: * @throws CalendarException if retrieval of calendar properties of
075: * ICalendar fails.
076: * @throws OperationNotSupportedException if there is no ACL string
077: * associated with the ICalendar passed as parameter.
078: *
079: */
080:
081: public CalendarACL(ICalendar ical) throws CalendarException,
082: OperationNotSupportedException {
083: /** get the access string from the ical object,
084: * parse the string and obtain the Hashtable of CalenderACI's
085: */
086: _ical = ical;
087: _calProps = ical.getCalProps();
088:
089: if (_calProps == null)
090: throw new OperationNotSupportedException(
091: "Calendar get Properties operation not supported");
092:
093: String accessString = _calProps
094: .getProperty(CAL_ACCESS_CONTROL_ENTRY_PROP);
095: if (accessString != null)
096: parseAccessString(accessString);
097: }
098:
099: private boolean isUserTheOwner(String uid, boolean ignoreCase)
100: throws CalendarException, OperationNotSupportedException {
101: if (uid == null) {
102: return false;
103: }
104:
105: Properties props = _calProps;
106: if (null == props) { // can't retrieve properties
107: throw new CalendarException(
108: "Couldn't read calendar properties");
109: }
110:
111: // Check whether the uid is same as the value of calendar
112: // property PRIMARY-OWNER
113:
114: if (ignoreCase) {
115: if (uid
116: .equalsIgnoreCase(props
117: .getProperty("PRIMARY-OWNER"))) {
118: return true;
119: }
120: } else {
121: if (uid.equals(props.getProperty("PRIMARY-OWNER"))) {
122: return true;
123: }
124: }
125:
126: // OWNERS contain semi colon seperated lists of non-primary-owner-uids
127: // Check whether the uid is defined in calendar property OWNERS
128: String owners = props.getProperty("OWNERS");
129: if (null != owners) {
130: StringTokenizer st = new StringTokenizer(owners, ";");
131: while (st.hasMoreTokens()) {
132: String nextOwner = (String) st.nextElement();
133: if (ignoreCase) {
134: if (uid.equalsIgnoreCase(nextOwner)) {
135: return true;
136: }
137: } else {
138: if (uid.equals(nextOwner)) {
139: return true;
140: }
141: }
142: }
143: }
144:
145: return false;
146: }
147:
148: /**
149: * This method assembles the aci's in the CalendarACL into the
150: * accessstring format i.e. who^what^how^grant:who^what^how^grant....
151: * If this string needs to be URL encoded, supply true in the paramter
152: *
153: * @param encode if true then the string will be URLEncoded
154: * @return the accesstring
155: **/
156:
157: public String getAccessString(boolean encode) {
158: if (_acitable != null) {
159: ArrayList aciList = new ArrayList();
160: String[] whos = (String[]) _acitable.keySet().toArray(
161: new String[0]);
162: String accessString = new String();
163: for (int index = 0; index < whos.length; index++) {
164: String who = whos[index];
165: CalendarACI aci = (CalendarACI) _acitable.get(who);
166: String[] aciStrings = aci.getAciStringPerWhat();
167:
168: for (int i = 0; i < aciStrings.length; i++)
169: accessString += who + ACCESS_STRING_PARTS_SEPARATOR
170: + aciStrings[i] + ACCESS_STRING_SEPARATOR;
171: }
172:
173: accessString = accessString.substring(0, accessString
174: .length() - 1);
175: return accessString;
176: }
177:
178: return null;
179: }
180:
181: /*
182: * This method will return the true/false based on the parameters passed.
183: * Consumers of this method
184: * shall use constants defined in this class for what and how.
185: *
186: * @param who can be uid, uid@domain, domain or all(CAL_ALL_USERS)
187: * @param what can be 'component', 'properties' or 'both'
188: * @param how can be either of 'r', 'w', 'f', 's', 'd', 'c', 'z', 'e' or 'i'
189: * @return true if the has grant permission else false => denied
190: * @throws CalendarException
191: * @throws OperationNotSupportedException
192: */
193: public boolean checkPermission(String who, String what, String how)
194: throws CalendarException, OperationNotSupportedException {
195: if (who == null || what == null || how == null)
196: throw new IllegalArgumentException(
197: "Null value(s) been passed for mandatory arguments");
198:
199: //** there aren't any aci's (which shouldn't be the case
200: // but lets not take a chance)
201:
202: if (_acitable == null)
203: return false;
204:
205: CalendarACI aci = (CalendarACI) _acitable.get(who);
206:
207: String grantString = CAL_ACCESS_NOT_SPECIFIED; //default to this
208:
209: //=> the user has not been specified so for this let it go through
210: // the fall
211: if (aci != null)
212: grantString = aci.getPermission(what, how);
213:
214: /** if the grant status is "n" => this permission hasn't been specified
215: * for this user. In this case, we can't simply return false, the
216: * logic would go through following fallback mechanism - if the
217: * supplied who parameter is 'user' or 'user@domain' and the returned
218: * grantString is 'n' fallback then check for the values of
219: * grantString for other 'who'in following sequence -
220: *
221: * 1) @@o - owners
222: * 2) @@p - primary owner
223: * 3) @domain - users in domain specified
224: * 4) @ - all users
225: *
226: * If the user is already @ then no need to fallback anymore
227: **/
228:
229: if (who.equals(CAL_ALL_USERS)
230: && grantString.equals(CAL_ACCESS_NOT_SPECIFIED))
231: return false;
232:
233: if (grantString.equals(CAL_ACCESS_NOT_SPECIFIED)) {
234: int fallbackLevel = NORMAL_USER_LEVEL; //for normal users
235: if (who.equals(CAL_OWNERS))
236: fallbackLevel = OWNER_LEVEL;
237: if (who.equals(CAL_PRIMARY_OWNER))
238: fallbackLevel = PRIMARY_OWNER_LEVEL;
239: if (!who.equals(CAL_ALL_USERS) && !who.equals(CAL_OWNERS)
240: && !who.equals(CAL_PRIMARY_OWNER)
241: && who.startsWith(DOMAIN_CHAR))
242: fallbackLevel = DOMAIN_LEVEL;
243:
244: /**
245: * levels are to ensure that we don't check more unnecessarily i.e
246: * check only above precedence level e.g. if the who is @domain
247: * then we need not bother about checking for @@p and @@o
248: **/
249:
250: if (fallbackLevel >= NORMAL_USER_LEVEL
251: && fallbackLevel < PRIMARY_OWNER_LEVEL
252: && _ownersList != null) {
253: if (isStringContainedInStringArray(who, _ownersList) > -1) {
254: // Now the who could be either a co-owner or the primary
255: // owner itself so lets check for both one by one
256:
257: if ((aci = (CalendarACI) _acitable.get(CAL_OWNERS)) != null) {
258: grantString = aci.getPermission(what, how);
259:
260: if (grantString
261: .equals(CAL_ACCESS_NOT_SPECIFIED)
262: && _primaryOwner != null
263: && _primaryOwner.equalsIgnoreCase(who)) {
264: if ((aci = (CalendarACI) _acitable
265: .get(CAL_PRIMARY_OWNER)) != null)
266: grantString = aci.getPermission(what,
267: how);
268: }
269:
270: if (!grantString
271: .equals(CAL_ACCESS_NOT_SPECIFIED))
272: return isGrantedPermission(grantString);
273: }
274: }
275: } else {
276: if (fallbackLevel == NORMAL_USER_LEVEL) {
277: //** check for owners
278: if (isUserTheOwner(who, true)) {
279: if ((aci = (CalendarACI) _acitable
280: .get(CAL_OWNERS)) != null) {
281: grantString = aci.getPermission(what, how);
282: if (!grantString
283: .equals(CAL_ACCESS_NOT_SPECIFIED))
284: return isGrantedPermission(grantString);
285: }
286: }
287: }
288:
289: if (fallbackLevel >= NORMAL_USER_LEVEL
290: && fallbackLevel < PRIMARY_OWNER_LEVEL) {
291: //** check for primary owner
292:
293: String pOwner = _calProps
294: .getProperty(CAL_PRIMARY_OWNER);
295:
296: if (pOwner != null && pOwner.equals(who)) {
297: if ((aci = (CalendarACI) _acitable
298: .get(CAL_PRIMARY_OWNER)) != null) {
299: grantString = aci.getPermission(what, how);
300:
301: if (!grantString
302: .equals(CAL_ACCESS_NOT_SPECIFIED))
303: return isGrantedPermission(grantString);
304: }
305: }
306: }
307: }
308:
309: if (fallbackLevel >= NORMAL_USER_LEVEL
310: && fallbackLevel < DOMAIN_LEVEL) {
311: //** now check for @domain
312: //** check only if the user is been passed as user@domain else
313: // it would be difficult to check ACL for this
314: //** yet to include some code here for determining correct
315: //** domain of the user
316:
317: // if( (aci = (CalendarACI)_acitable.get(UWCUserHelper.getDomain(null))) != null )
318: if ((aci = (CalendarACI) _acitable.get(getDomain())) != null) {
319: grantString = aci.getPermission(what, how);
320: if (!grantString.equals(CAL_ACCESS_NOT_SPECIFIED))
321: return isGrantedPermission(grantString);
322: }
323: }
324:
325: if (fallbackLevel >= NORMAL_USER_LEVEL
326: && fallbackLevel < ALL_USERS_LEVEL) {
327: //** check for @ first
328:
329: if ((aci = (CalendarACI) _acitable.get(CAL_ALL_USERS)) != null) {
330: grantString = aci.getPermission(what, how);
331: if (!grantString.equals(CAL_ACCESS_NOT_SPECIFIED))
332: return isGrantedPermission(grantString);
333: }
334: }
335: }
336:
337: return isGrantedPermission(grantString);
338: }
339:
340: /**
341: * This checks the user permission only. Being used from Edit Calendar view.
342: * @param who can be uid, uid@domain, domain or all(CAL_ALL_USERS)
343: * @param what can be 'component', 'properties' or 'both'
344: * @param how can be either 'r', 'w', 'f', 's', 'd', 'c', 'z', 'e' or 'i'
345: * @return true if the has grant permission else false => denied
346: */
347:
348: public boolean checkUserPermission(String who, String what,
349: String how) {
350:
351: if ((who == null) || (what == null) || (how == null)) {
352: throw new IllegalArgumentException(
353: "Null value(s) been passed for mandatory arguments");
354: }
355:
356: if (null == _acitable) {
357: return false;
358: }
359:
360: CalendarACI aci = (CalendarACI) _acitable.get(who);
361: String grantString = CAL_ACCESS_NOT_SPECIFIED;
362:
363: if (null != aci) {
364: grantString = aci.getPermission(what, how);
365: }
366:
367: return isGrantedPermission(grantString);
368: }
369:
370: /*
371: * Call this method to set a permission. If the permission exists, it will
372: * overwrite else add a new one.
373: *
374: * @param who can be uid, uid@domain, domain or all(CAL_ALL_USERS)
375: * @param what can be 'component', 'properties' or 'both'
376: * @param how can be either of 'r', 'w', 'f', 's', 'd', 'c', 'z', 'e' or 'i'
377: * @param grant can be either 'r', 'w', 'f', 's', 'd', 'c', 'z', 'e' or 'i'
378: */
379:
380: public void setPermission(String who, String what, String how,
381: String grant) {
382:
383: if (who == null || what == null || how == null || grant == null)
384: throw new IllegalArgumentException(
385: "Null value(s) been passed for mandatory arguments");
386:
387: boolean addToTable = false;
388: if (_acitable == null) {//** there aren't any aci's at all
389: addToTable = true;
390: _acitable = new HashMap();
391: }
392:
393: CalendarACI aci = null;
394: if (_acitable != null) {
395: aci = (CalendarACI) _acitable.get(who);
396: if (aci == null) //** aci entry for this user doesn't exist yet
397: addToTable = true;
398: }
399:
400: if (addToTable)
401: aci = new CalendarACI(what, how.toLowerCase(), grant);
402: else
403: aci.setPermission(what, how.toLowerCase(), grant);
404:
405: _acitable.put(who, aci);
406: }
407:
408: /**
409: * Call this method to remove a permission. If a user entry from the ACL
410: * is to be removed then pass null for what and how parameters
411: *
412: * @param who can be uid, uid@domain, domain or all(CAL_ALL_USERS)
413: * @param what can be 'component', 'properties' or 'both'
414: * @param how can be either of 'r', 'w', 'f', 's', 'd', 'c', 'z', 'e' or 'i'
415: */
416: public void removePermission(String who, String what, String how) {
417:
418: if (what == null && how == null) {
419: _acitable.remove(who);
420: } else {
421: CalendarACI aci = (CalendarACI) _acitable.get(who);
422:
423: // if aci is null => user doesn't even exist - ignore nothing
424: // to remove
425:
426: if (aci != null)
427: aci.removePermission(what, how);
428: }
429: }
430:
431: private boolean isGrantedPermission(String grantString) {
432:
433: if (grantString != null
434: && grantString.equals(CAL_PERMISSION_GRANT))
435: return true;
436:
437: return false;
438: }
439:
440: /**
441: * An access string is of the form
442: * <who1>^<what1>^<how1>^<grant1>;<who2>^<what2>^<how2>^<grant2>;.....
443: * where each ACI is separated by ';' and each part of the ACI by '^'.
444: **/
445:
446: private void parseAccessString(String accessString) {
447:
448: StringTokenizer aciTokens = new StringTokenizer(accessString,
449: ACCESS_STRING_SEPARATOR);
450: if (aciTokens.hasMoreTokens())
451: _acitable = new HashMap();
452:
453: //** loop through all the aci sets
454:
455: while (aciTokens.hasMoreTokens()) {
456: String aciString = aciTokens.nextToken();
457: StringTokenizer aciPartTokens = new StringTokenizer(
458: aciString, ACCESS_STRING_PARTS_SEPARATOR);
459: int tCounts = aciPartTokens.countTokens();
460: if (aciPartTokens.hasMoreTokens()) {
461: String who = aciPartTokens.nextToken();
462: String what = aciPartTokens.nextToken();
463: String how = null;
464:
465: //** has to do this bcos @times the acistring may come as
466: // who^what^^grant
467: //** i.e. empty how => all the rights and stringtokenizer
468: // doesn't consider as a token
469:
470: if (tCounts < 4)
471: how = "";//CAL_ACCESS_STRING_ALL_RIGHTS;
472: else
473: how = aciPartTokens.nextToken();
474:
475: //** @times the rights come in caps and other times in lower
476: // case, we should keep it consistent hence making them lower
477:
478: how = how.toLowerCase();
479: String grant = aciPartTokens.nextToken();
480:
481: //** check for which another string for the same user with
482: // perhaps different what coming
483: //** in which case add to the existing aci object.
484:
485: CalendarACI aci = (CalendarACI) _acitable.get(who);
486: if (aci == null) {
487: //** rest of the tokens are what, how and grant
488:
489: aci = new CalendarACI(what, how, grant);
490:
491: //** now associate the who with the aci object
492: //_acitable.put(who, aci);
493:
494: } else {
495: aci.setPermission(what, how, grant);
496: }
497: _acitable.put(who, aci);
498: }
499: }
500:
501: }
502:
503: /**
504: * The method returns the user associated the calendar i.e users who are
505: * given some sort of permission for the operartion of the calendar.
506: * @return Array of Strings of users who have some permission on calendar
507: */
508:
509: public String[] getACIUsers() {
510: if (null == _acitable) {
511: return null;
512: }
513: return (String[]) _acitable.keySet().toArray(new String[0]);
514: }
515:
516: /**
517: * A utility for finding if a string is contained in an array of strings.
518: * <p>
519: * Same as <b><code>isStringContainedInStringArray(value, inarrray, false)</
520: * code></b>
521: */
522:
523: private int isStringContainedInStringArray(String value,
524: String[] inarrray) {
525: return isStringContainedInStringArray(value, inarrray, false);
526: }
527:
528: /**
529: * A utility for finding if a string is contained in an array of strings.
530: * <p>
531: * @param value is the string whose presence is to be found.
532: * @param inarray is the string array to search in.
533: * @param ignoreCase if 'true' ignores the case while searching, if 'false'
534: * it checks for case-exact match
535: * <p>
536: * @return position where it occurs. returns -1 if it does not occur.
537: * return s -1 if 'value' or 'inarray' arguments are null.
538: * <p>
539: */
540:
541: private int isStringContainedInStringArray(String value,
542: String[] inarrray, boolean ignoreCase) {
543: if ((null == value) || (null == inarrray)) {
544: return -1;
545: }
546:
547: for (int i = 0; i < inarrray.length; i++) {
548: if (ignoreCase) {
549: if (inarrray[i].equalsIgnoreCase(value))
550: return i;
551: } else {
552: if (inarrray[i].equals(value))
553: return i;
554: }
555: }
556:
557: // If we are here it means that the value is not in there.
558:
559: return -1;
560: }
561:
562: private String[] initializeStringArray(String[] arrayToInit,
563: String initValue) {
564: for (int i = 0; i < arrayToInit.length; i++)
565: arrayToInit[i] = initValue;
566:
567: return arrayToInit;
568: }
569:
570: /**
571: * Currently it is method that returns null. This needs to be implemented
572: * for taking care of mulit homed scenario of SUNONE calendar server
573: */
574:
575: private String getDomain() {
576: /*
577: requestContext = RequestManager.getRequestContext();
578: HttpSession session = requestContext.getRequest().getSession(false);
579: String s = (String)session.getAttribute(SessionConstants.DOMAIN_NAME);
580: return s;
581: */
582: return null;
583: }
584:
585: public static final String CAL_USER = "cal.user";
586: public static final String CAL_ACCESS_CONTROL_ENTRY_PROP = "ACCESS-CONTROL-ENTRY";
587: public static final String CAL_ACCESS_NOT_SPECIFIED = "n";
588: public static final String CAL_ALL_USERS = "@";
589: public static final String CAL_OWNERS = "@@o";
590: public static final String CAL_PRIMARY_OWNER = "@@p";
591: public static final String CAL_PERMISSION_GRANT = "g";
592: public static final String CAL_COMPONENTS = "c";
593: public static final String CAL_PROPERTIES = "p";
594: public static final String CAL_BOTH_COMPS_PROPS = "a";
595:
596: public static final String CAL_SCHEDULE_PERMISSION = "s";
597:
598: public static final String CAL_SELF_ADMIN_PERMISSION = "z";
599: public static final String CAL_FREE_BUSY_PERMISSION = "f";
600: public static final String CAL_REPLY_PERMISSION = "e";
601: public static final String CAL_READ_PERMISSION = "r";
602: public static final String CAL_WRITE_PERMISSION = "w";
603: public static final String CAL_DELETE_PERMISSION = "d";
604: public static final String CAL_INVITE_PERMISSION = "i";
605: public static final String CAL_CANCEL_PERMISSION = "c";
606:
607: public static final String CAL_PERMISSION_DENY = "d";
608:
609: public static final String LOGGER = "uwc";
610: public static final String CALCLIENT_LOGGER = LOGGER + ".calclient";
611:
612: private static final String ACCESS_STRING_SEPARATOR = ";";
613: private static final String ACCESS_STRING_PARTS_SEPARATOR = "^";
614: private static final String DOMAIN_CHAR = "@";
615: private static final int NORMAL_USER_LEVEL = 0;
616: private static final int OWNER_LEVEL = NORMAL_USER_LEVEL + 1;
617: private static final int PRIMARY_OWNER_LEVEL = NORMAL_USER_LEVEL + 2;
618: private static final int DOMAIN_LEVEL = NORMAL_USER_LEVEL + 3;
619: private static final int ALL_USERS_LEVEL = NORMAL_USER_LEVEL + 4;
620: private HashMap _acitable;
621: private ICalendar _ical;
622: private Properties _calProps;
623: private String[] _ownersList = null;
624: private String _primaryOwner = null;
625:
626: /**
627: * This class represents a single ACI consisting of information about the
628: * four parts * i.e. what, how and grant.
629: */
630:
631: private class CalendarACI {
632:
633: public CalendarACI(String what, String rights, String grant) {
634:
635: String[] rightsGrantState = new String[_rightsMap.size()];
636: initializeStringArray(rightsGrantState,
637: CAL_ACCESS_NOT_SPECIFIED);
638: parseRights(rightsGrantState, rights, grant);
639: _calObjToPermissionMap = new Hashtable();
640: _calObjToPermissionMap.put(what, rightsGrantState);
641: }
642:
643: private void parseRights(String[] rightsGrantState,
644: String rights, String grant) {
645: for (int i = 0; i < rights.length(); i++) {
646: Integer index = (Integer) _rightsMap.get(String
647: .valueOf(rights.charAt(i)));
648: if (index != null) {
649: rightsGrantState[index.intValue()] = grant;
650: }
651: }
652: }
653:
654: /**
655: * This method returns the access right state of whether the user in
656: * this ACI has the supplied permission
657: *
658: * @param what can be 'component', 'properties' or 'both' cannot be null
659: * @param perm can be 'r', 'w', 'f', 's', 'd', 'c', 'z', 'e' or 'i'
660: * @return "g" for grant and "d" or denied else "n" => none to reflect
661: * the right access hasn't been specified
662: */
663:
664: public String getPermission(String what, String right) {
665: if (what == null) //** should we assume 'a' => both
666: what = CAL_BOTH_COMPS_PROPS;
667:
668: if (!_calObjToPermissionMap.containsKey(what)) {
669:
670: /* no permission defined for the supplied caldb object name
671: * => user do not have the rights for this cal object,
672: * return false
673: */
674:
675: return CAL_ACCESS_NOT_SPECIFIED;
676: }
677:
678: /* since the rights with their respective grant states are in the
679: * fixed index, simply get the index from _rightsMap e.g. index
680: * corresponding to "r" is 0 in the map and use that to get
681: * corresponding accessright state in the _calObjToPermissionMap
682: */
683: String[] rightsGrantState = (String[]) _calObjToPermissionMap
684: .get(what);
685: int index = ((Integer) _rightsMap.get(right)).intValue();
686: return rightsGrantState[index];
687: }
688:
689: /*
690: * Call this method to set a permission.
691: *
692: * @param what can be 'component', 'properties' or 'both'
693: * @param rights can be 'r', 'w', 'f', 's', 'd', 'c', 'z', 'e' or 'i'
694: * or combination
695: * @param grant can be 'g' or 'd'
696: */
697:
698: public void setPermission(String what, String rights,
699: String grant) {
700: String[] rightsGrantState = (String[]) _calObjToPermissionMap
701: .get(what);
702: if (rightsGrantState == null) {
703: rightsGrantState = new String[_rightsMap.size()];
704: initializeStringArray(rightsGrantState,
705: CAL_ACCESS_NOT_SPECIFIED);
706: }
707:
708: parseRights(rightsGrantState, rights, grant);
709: _calObjToPermissionMap.put(what, rightsGrantState);
710: }
711:
712: /*
713: * Call this method to remove a permission. If all the permissions in an
714: * ACI is marked as "n" => not specified
715: *
716: * @param what can be 'component', 'properties' or 'both'
717: * @param rights can be 'r', 'w', 'f', 's', 'd', 'c', 'z', 'e' or 'i'
718: */
719:
720: public void removePermission(String what, String rights) {
721: setPermission(what, rights, CAL_ACCESS_NOT_SPECIFIED);
722: }
723:
724: public String[] getAciStringPerWhat() {
725: ArrayList aciList = new ArrayList();
726: Set keys = _calObjToPermissionMap.keySet();
727: for (Iterator itor = keys.iterator(); itor.hasNext();) {
728: String what = (String) itor.next();
729: String[] rightsGrantState = (String[]) _calObjToPermissionMap
730: .get(what);
731: String grantString, denyString;
732: grantString = denyString = new String();
733: Set rightsKeys = _rightsMap.keySet();
734: for (Iterator rItor = rightsKeys.iterator(); rItor
735: .hasNext();) {
736: String rKeyName = (String) rItor.next();
737: int rKeyValue = ((Integer) _rightsMap.get(rKeyName))
738: .intValue();
739: if (!rightsGrantState[rKeyValue]
740: .equals(CAL_ACCESS_NOT_SPECIFIED)
741: && rightsGrantState[rKeyValue]
742: .equals(CAL_PERMISSION_GRANT))
743: grantString += rKeyName;
744:
745: if (!rightsGrantState[rKeyValue]
746: .equals(CAL_ACCESS_NOT_SPECIFIED)
747: && rightsGrantState[rKeyValue]
748: .equals(CAL_PERMISSION_DENY))
749: denyString += rKeyName;
750: }
751:
752: aciList.add(what + ACCESS_STRING_PARTS_SEPARATOR
753: + grantString + ACCESS_STRING_PARTS_SEPARATOR
754: + CAL_PERMISSION_GRANT);
755: if (denyString.length() > 0)
756: aciList.add(what + ACCESS_STRING_PARTS_SEPARATOR
757: + denyString
758: + ACCESS_STRING_PARTS_SEPARATOR
759: + CAL_PERMISSION_DENY);
760: }
761:
762: return (String[]) aciList.toArray(new String[0]);
763: }
764:
765: private Hashtable _calObjToPermissionMap;
766: }
767:
768: /* Following are the variables to be used primarily for the inner
769: * CalendarACI class indexes for rights array */
770:
771: private static final int READ = 0;
772: private static final int WRITE = READ + 1;
773: private static final int DELETE = READ + 2;
774: private static final int INVITE = READ + 3;
775: private static final int CANCEL = READ + 4;
776: private static final int REPLY = READ + 5;
777: private static final int FREE_BUSY = READ + 6;
778: private static final int SELF_ADMIN = READ + 7;
779: private static final int SCHEDULE = READ + 8;
780:
781: /* a map of the permission to it's index to be used basing the indexes
782: * will be fixed for defined type of the rights
783: */
784: private static HashMap _rightsMap;
785:
786: static {
787: _rightsMap = new HashMap();
788: _rightsMap.put(CAL_READ_PERMISSION, new Integer(READ));
789: _rightsMap.put(CAL_WRITE_PERMISSION, new Integer(WRITE));
790: _rightsMap.put(CAL_DELETE_PERMISSION, new Integer(DELETE));
791: _rightsMap.put(CAL_INVITE_PERMISSION, new Integer(INVITE));
792: _rightsMap.put(CAL_CANCEL_PERMISSION, new Integer(CANCEL));
793: _rightsMap.put(CAL_REPLY_PERMISSION, new Integer(REPLY));
794: _rightsMap
795: .put(CAL_FREE_BUSY_PERMISSION, new Integer(FREE_BUSY));
796: _rightsMap.put(CAL_SELF_ADMIN_PERMISSION, new Integer(
797: SELF_ADMIN));
798: _rightsMap.put(CAL_SCHEDULE_PERMISSION, new Integer(SCHEDULE));
799: }
800: }
|