001/* 
002    Licensed to the Apache Software Foundation (ASF) under one
003    or more contributor license agreements.  See the NOTICE file
004    distributed with this work for additional information
005    regarding copyright ownership.  The ASF licenses this file
006    to you under the Apache License, Version 2.0 (the
007    "License"); you may not use this file except in compliance
008    with the License.  You may obtain a copy of the License at
009
010       http://www.apache.org/licenses/LICENSE-2.0
011
012    Unless required by applicable law or agreed to in writing,
013    software distributed under the License is distributed on an
014    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015    KIND, either express or implied.  See the License for the
016    specific language governing permissions and limitations
017    under the License.  
018 */
019package org.apache.wiki.auth.acl;
020
021import org.apache.wiki.auth.permissions.PagePermission;
022
023import java.io.Serializable;
024import java.security.Permission;
025import java.security.Principal;
026import java.util.Enumeration;
027import java.util.Vector;
028
029
030/**
031 * Implementation of a JSPWiki AclEntry.
032 *
033 * @since 2.3
034 */
035public class AclEntryImpl implements AclEntry, Serializable {
036
037    private static final long serialVersionUID = 1L;
038    private Vector< Permission > m_permissions = new Vector<>();
039    private Principal m_principal;
040
041    /**
042     * Constructs a new AclEntryImpl instance.
043     */
044    public AclEntryImpl() {
045    }
046
047    /**
048     * Adds the specified permission to this ACL entry. The permission <em>must</em> be of type
049     * {@link org.apache.wiki.auth.permissions.PagePermission}. Note: An entry can have multiple permissions.
050     *
051     * @param permission the permission to be associated with the principal in this entry
052     * @return <code>true</code> if the permission was added, <code>false</code> if the permission was
053     * already part of this entry's permission set, and <code>false</code> if the permission is not of type PagePermission
054     */
055    public synchronized boolean addPermission( final Permission permission ) {
056        if( permission instanceof PagePermission && findPermission( permission ) == null ) {
057            m_permissions.add( permission );
058            return true;
059        }
060
061        return false;
062    }
063
064    /**
065     * Checks if the specified permission is part of the permission set in this entry.
066     *
067     * @param permission the permission to be checked for.
068     * @return true if the permission is part of the permission set in this entry, false otherwise.
069     */
070    public boolean checkPermission( final Permission permission ) {
071        return findPermission( permission ) != null;
072    }
073
074    /**
075     * Returns the principal for which permissions are granted by this ACL entry. Returns null if there is no principal set for this
076     * entry yet.
077     *
078     * @return the principal associated with this entry.
079     */
080    public synchronized Principal getPrincipal() {
081        return m_principal;
082    }
083
084    /**
085     * Returns an enumeration of the permissions in this ACL entry.
086     *
087     * @return an enumeration of the permissions
088     */
089    public Enumeration< Permission > permissions() {
090        return m_permissions.elements();
091    }
092
093    /**
094     * Removes the specified permission from this ACL entry.
095     *
096     * @param permission the permission to be removed from this entry.
097     * @return true if the permission is removed, false if the permission was not part of this entry's permission set.
098     */
099    public synchronized boolean removePermission( final Permission permission ) {
100        final Permission p = findPermission( permission );
101        if( p != null ) {
102            m_permissions.remove( p );
103            return true;
104        }
105
106        return false;
107    }
108
109    /**
110     * Specifies the principal for which permissions are granted or denied by this ACL entry. If a principal was already set for this ACL
111     * entry, false is returned, otherwise true is returned.
112     *
113     * @param user the principal to be set for this entry
114     * @return true if the principal is set, false if there was already a
115     * principal set for this entry
116     */
117    public synchronized boolean setPrincipal( final Principal user ) {
118        if( m_principal != null || user == null ) {
119            return false;
120        }
121        m_principal = user;
122        return true;
123    }
124
125    /**
126     * Returns a string representation of the contents of this ACL entry.
127     *
128     * @return a string representation of the contents.
129     */
130    public String toString() {
131        final Principal p = getPrincipal();
132        final StringBuilder sb = new StringBuilder();
133        sb.append( "[AclEntry ALLOW " )
134          .append( p != null ? p.getName() : "null" )
135          .append( " " );
136
137        for( final Permission pp : m_permissions ) {
138            sb.append( pp.toString() );
139            sb.append( "," );
140        }
141
142        sb.append( "]" );
143
144        return sb.toString();
145    }
146
147    /**
148     * Looks through the permission list and finds a permission that matches the
149     * permission.
150     */
151    private Permission findPermission( final Permission p ) {
152        for( final Permission pp : m_permissions ) {
153            if( pp.implies( p ) ) {
154                return pp;
155            }
156        }
157        return null;
158    }
159
160}
161