001: /******************************************************************************
002: * JBoss, a division of Red Hat *
003: * Copyright 2006, Red Hat Middleware, LLC, and individual *
004: * contributors as indicated by the @authors tag. See the *
005: * copyright.txt in the distribution for a full listing of *
006: * individual contributors. *
007: * *
008: * This is free software; you can redistribute it and/or modify it *
009: * under the terms of the GNU Lesser General Public License as *
010: * published by the Free Software Foundation; either version 2.1 of *
011: * the License, or (at your option) any later version. *
012: * *
013: * This software is distributed in the hope that it will be useful, *
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of *
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
016: * Lesser General Public License for more details. *
017: * *
018: * You should have received a copy of the GNU Lesser General Public *
019: * License along with this software; if not, write to the Free *
020: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
021: * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
022: ******************************************************************************/package org.jboss.portal.portlet.security;
023:
024: import org.jboss.portal.security.PortalPermission;
025: import org.jboss.portal.security.PortalPermissionCollection;
026: import org.jboss.portal.security.PortalSecurityException;
027: import org.jboss.portal.security.spi.provider.PermissionRepository;
028:
029: import javax.security.auth.Subject;
030: import java.security.Permission;
031: import java.util.Collection;
032: import java.util.Iterator;
033: import java.util.StringTokenizer;
034:
035: /**
036: * The permission for instance.
037: *
038: * @author <a href="mailto:anil.saldhana@jboss.org">Anil Saldhana</a>
039: * @version $Revision: 8784 $
040: */
041: public final class PortletPermission extends PortalPermission {
042:
043: /** The serialVersionUID */
044: private static final long serialVersionUID = 8445291296726152562L;
045:
046: /** The view action name. */
047: public static final String VIEW_ACTION = "view";
048:
049: /** The view action name. */
050: // public static final String INSTANTIATE_ACTION = "instantiate";
051: /** The view action name. */
052: // public static final String PERSONALIZE_ACTION = "personalize";
053: /** . */
054: public static final int VIEW_MASK = 0x01;
055:
056: /** . */
057: // public static final int INSTANTIATE_MASK = 0x02;
058: /** . */
059: // public static final int PERSONALIZE_MASK = 0x04;
060: /** The imply mask. */
061: private int mask;
062:
063: /** The actions string. */
064: private String actions;
065:
066: /** . */
067: public static final String PERMISSION_TYPE = "portlet";
068:
069: /** The action names. */
070: private static final String[] ACTION_NAMES = { VIEW_ACTION };
071:
072: public PortletPermission(PortalPermissionCollection collection) {
073: super ("portletpermission", collection);
074: }
075:
076: public PortletPermission(String uri, int mask) {
077: super ("portletpermission", uri);
078: this .mask = mask;
079: }
080:
081: public PortletPermission(String uri, Collection actions) {
082: super ("portletpermission", uri);
083: if (actions == null) {
084: throw new IllegalArgumentException(
085: "Actions agurment cannot be null");
086: }
087:
088: //
089: for (Iterator i = actions.iterator(); i.hasNext();) {
090: String action = (String) i.next();
091: addAction(action);
092: }
093: }
094:
095: public PortletPermission(String uri, String actions) {
096: super ("portletpermission", uri);
097: if (actions == null) {
098: throw new IllegalArgumentException(
099: "Actions agurment cannot be null");
100: }
101:
102: // Parse the actions into the mask
103: StringTokenizer tokenizer = new StringTokenizer(actions, ",");
104: while (tokenizer.hasMoreTokens()) {
105: String action = tokenizer.nextToken();
106: addAction(action);
107: }
108: }
109:
110: private void addAction(String action)
111: throws IllegalArgumentException {
112: if (VIEW_ACTION.equals(action)) {
113: mask |= VIEW_MASK;
114: }
115: // else if (INSTANTIATE_ACTION.equals(action))
116: // {
117: // mask |= INSTANTIATE_MASK;
118: // }
119: // else if (PERSONALIZE_ACTION.equals(action))
120: // {
121: // mask |= PERSONALIZE_MASK;
122: // }
123: else {
124: throw new IllegalArgumentException("Illegal action "
125: + action);
126: }
127: }
128:
129: public boolean implies(PermissionRepository repository,
130: Subject caller, String roleName, PortalPermission permission)
131: throws PortalSecurityException {
132: if (permission instanceof PortletPermission) {
133: PortletPermission pp = (PortletPermission) permission;
134:
135: // If no uri then the permission is a container
136: if (pp.isContainer()) {
137: return false;
138: } else {
139: String uri = pp.getURI();
140: PortalPermission loaded = repository.getPermission(
141: roleName, uri);
142: if (loaded != null && loaded.implies(pp)) {
143: return true;
144: }
145: }
146: }
147: return false;
148: }
149:
150: public boolean implies(Permission permission) {
151: if (permission instanceof PortletPermission
152: && isContainer() == false) {
153: PortletPermission that = (PortletPermission) permission;
154:
155: //
156: if (that.isContainer() == false
157: && that.uri.equals(this .uri)) {
158: return (this .mask & that.mask) == that.mask;
159: }
160: }
161: return false;
162: }
163:
164: public boolean equals(Object obj) {
165: if (obj == this ) {
166: return true;
167: }
168: if (obj instanceof PortletPermission) {
169: PortletPermission that = (PortletPermission) obj;
170: if (this .isContainer()) {
171: return that.isContainer();
172: }
173: return this .mask == that.mask && this .uri.equals(that.uri);
174: }
175: return false;
176: }
177:
178: public int hashCode() {
179: if (isContainer()) {
180: return 0;
181: } else {
182: return uri.hashCode() * 43 + mask;
183: }
184: }
185:
186: public String getActions() {
187: if (actions == null) {
188: StringBuffer tmp = new StringBuffer();
189:
190: //
191: for (int i = 0; i < ACTION_NAMES.length; i++) {
192: int mask = 2 >> i;
193: if ((this .mask & mask) == mask) {
194: tmp.append(ACTION_NAMES[i]).append(',');
195: }
196: }
197:
198: //
199: int length = tmp.length();
200: if (length > 0) {
201: tmp.setLength(length - 1);
202: }
203: actions = tmp.toString();
204: }
205: return actions;
206: }
207:
208: public String getType() {
209: return PERMISSION_TYPE;
210: }
211: }
|