Rule.java revision 6636284dd99df27fda992fb77fb6236657269ec9
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: Rule.java,v 1.8 2009/11/13 23:52:20 asyhuang Exp $
*
* Portions Copyrighted 2011-2014 ForgeRock AS.
*/
/**
* The class <code>Rule</code> provides interfaces to manage
* a rule that can be added to a policy.
* A rule constains the rule name, service type,
* a resource and a map containing action names and action values.
*
* @supported.api
* @deprecated since 12.0.0
*/
/** Empty resource name. */
// Name of the rule
// Service type
private String serviceTypeName;
private ServiceType serviceType;
// Resource for which the rule applies.
private String applicationName;
// Actions allowed on the resource
/**
* Contruct a <code>Rule</code>.
*/
protected Rule() {
// do nothing
}
/**
* Constructor to create a rule object with the
* service name, resource name and actions. The actions
* provided as a <code>Map</code> must have the action
* name as key and a <code>Set</code> of <code>String</code>s
* as its value. The action names and action values must
* conform to the schema specified for the service.
* Otherwise, <code>InvalidNameException
* </code> is thrown. The parameters <code>ruleName</code>
* and <code>resourceName</code> can be <code>null</code>.
*
* @param serviceName name of the service type as defined by
* the service schema
* @param resourceName name of the resource for the service type
* @param actions map of action and action values for the resource
*
* @exception NameNotFoundException the service name provided does
* not exist
* @exception InvalidNameException the resource name, action name,
* or values is not valid
* @supported.api
*/
}
/**
* Constructor to create a rule object with the
* service name and actions. This is useful for
* services (and possibly action names) that do not have
* resource names. The actions
* provided as a <code>Map</code> must have the action
* name as it key and a <code>Set</code> of <code>String</code>s
* as its value. The action names and action values must
* conform to the schema specified for the service.
* Otherwise, <code>InvalidNameException
* </code> is thrown. The parameters <code>ruleName</code>
* and <code>resourceName</code> can be <code>null</code>.
*
* @param serviceName name of the service type as defined by
* the service schema
* @param actions map of action and action values for the resource
*
* @exception NameNotFoundException the service name provided does
* not exist
* @exception InvalidNameException the resource name, action name,
* or values is not valid
* @supported.api
*/
}
/**
* Constructor to create a rule object with rule name,
* service name, resource name and actions. The actions
* provided as a <code>Map</code> must have the action
* name as it key and a <code>Set</code> of <code>String</code>s
* as its value. The action names and action values must
* conform to the service schema.
* Otherwise, <code>InvalidNameException
* </code> is thrown. The parameters <code>ruleName</code>
* and <code>resourceName</code> can be <code>null</code>.
*
* @param ruleName name of the rule
* @param serviceName name of the service type as defined by
* the service schema
* @param resourceName name of the resource for the service type
* @param actions map of action and action values for the resource
*
* @exception NameNotFoundException the service name provided does
* not exist
* @exception InvalidNameException the resource name, action name,
* or values is not valid
* @supported.api
*/
// Rule and resource name can be null
this.serviceTypeName = serviceName;
} else {
} else {
// Check the service type name
// Verify the action names
try {
} catch (PolicyException pe) {
}
}
}
} else {
}
}
/**
* Sets application Name.
*
* @param applicationName Application name.
*/
this.applicationName = applicationName;
}
/**
* Returns application name.
*
* @return application name.
*/
public String getApplicationName() {
}
/**
* Constructor to create a <code>Rule</code> object from a XML Node.
* @param ruleNode XML node representation of <code>Rule</code>
* @throws InvalidFormatException on invalid xml
* @throws InvalidNameException thrown by called routines
* @throws NameNotFoundException thrown by called routines
*/
// Make sure the node name is rule
"invalid rule xml blob given to constructor");
}
}
// Get rule name, can be null
}
// Get the service type name, cannot be null
"invalid service name in rule xml blob in constructor");
}
"invalid_xml_rule_service_name", objs,
}
if (applicationNameNode != null) {
}
// Get the actions and action values, cannot be null
if (actionNodes != null) {
// Get action name & values
throw (new InvalidFormatException(
"invalid_xml_rule_action_name", objs,
}
}
// Validate the action values
//serviceType.validateActionValues(actions);
}
}
boolean isMigratedToEntitlementService
) throws InvalidNameException {
if (resourceName != null) {
if (!PolicyManager.isMigratedToEntitlementService()) {
try {
} catch (PolicyException pe) {
}
}
}
}
}
return container;
}
/**
* Sets the service type name of this object.
* @param serviceTypeName service type name for this object
* @exception NameNotFoundException the service type name provided does
* not exist
*/
throws NameNotFoundException {
// Check the service type name
try {
} catch (SSOException ssoe) {
throw (new NameNotFoundException(ssoe,
} catch (NameNotFoundException e) {
if (!PolicyManager.isMigratedToEntitlementService()) {
throw e;
}
}
}
/**
* Returns the name assigned to the rule. It could be <code>null</code>
* if it was not constructed with a name.
*
* @return rule name
* @supported.api
*/
return (ruleName);
}
/**
* Sets the name for the rule. If a name has already been
* assigned, it will be replaced with the given name.
*
* @param ruleName rule name.
* @throws InvalidNameException if rule name is invalid.
* @supported.api
*/
} else {
}
}
/**
* Returns the service name for which the rule has been created.
* The service name of the rule cannot be changed once the rule is
* created.
*
* @return service name
* @supported.api
*/
public String getServiceTypeName() {
return (serviceTypeName);
}
/**
* Returns the resource name for which the rule has been created.
* If the service does not support resource names, the method
* will return <code>null</code>. The resource name of
* the rule cannot be changed once the rule is created.
*
* @return resource name
* @supported.api
*/
public String getResourceName() {
}
/**
* Returns the resource names for which the rule has been created.
* If the service does not support resource names, the method
* will return <code>null</code>. The resource name of
* the rule cannot be changed once the rule is created.
*
* @return resource name
* @supported.api
*/
return resourceNames;
}
/**
* Sets the resource names for which the rule has been created.
* If the service does not support resource names, the method
* will return <code>null</code>. The resource name of
* the rule cannot be changed once the rule is created.
*
* @param resourceNames resource name
* @supported.api
*/
if (resourceNames != null) {
}
}
/**
* Returns the action names that have been set for the rule.
* The action names returned could be the same as the service's
* action names or a subset of it.
*
* @return action names defined in this rule for the service
* @supported.api
*/
public Set getActionNames() {
}
/**
* Returns a set of action values that have been set for the
* specified action name.
*
* @param actionName action name for which to compute values.
* @return action names defined in this rule for the service
* @throws NameNotFoundException if actions name is not
* found in the rule
* @supported.api
*/
throws NameNotFoundException {
return clone;
}
return (answer);
}
/**
* Returns a <code>Map</code> of all action names and their
* corresponding action values that have been set in the rule.
* The "key" of the <code>Map</code> will be the action name
* as a string, and its "value" will be a <code>Set</code>
* which contains the action values as strings.
*
* @return all action names and corresponding action values
* @supported.api
*/
public Map getActionValues() {
}
/**
* Sets the action names and their corresponding actions values
* (or permissions) for the resource or the service.
*
* @param actionValues action names and their corresponding values
* @throws InvalidNameException if action name is invalid.
* @supported.api
*/
throws InvalidNameException {
}
/**
* Checks if two rule objects are identical. Two rules are
* identical only if the service name, resource name,
* action name and values match.
*
* @param obj object against which this rule object
* will be checked for equality
*
* @return <code>true</code> if the service type, resource, actions
* and action values match, <code>false</code> otherwise.
*/
boolean matched = true;
return false;
}
if (applicationName == null) {
return false;
}
return false;
}
if (resourceNames == null) {
return false;
}
} else {
return false;
}
}
return false;
}
return matched;
}
/**
* This added by when CheckStyle noticed there was an implementation of
* equals without an implementation of hashCode - usually a recipe for
* disaster.
*
* @return the hashCode for this object
*/
public int hashCode() {
if (applicationName != null) {
}
if (resourceNames != null) {
}
}
return result;
}
/**
* Compares the given service and resource names with the
* service and resource name specified in this rule.
* The method returns a <code>ResourceMatch</code> object which
* specifies if the resources match exactly, do not match, or one
* of them is a subordinate resource of the other. If the
* service name does not match, the method returns <code>
* NO_MATCH</code>.
*
* @param serviceName name of the service
* @param resourceName name of the resource
*
* @return returns <code>ResourceMatch</code> that
* specifies if the service name and resource name are exact match, or
* otherwise.
*/
public ResourceMatch isResourceMatch(
} else {
//rm = serviceType.compare(this.resourceName, resourceName);
}
return rm;
}
/**
* Returns an XML string representing the rule.
*
* @return an XML string representing the rule.
* @supported.api
*/
} else {
}
if (applicationName != null) {
.append(" name=\"")
.append("\" />");
}
if (resourceNames != null) {
}
}
while (actionNamesIter.hasNext()) {
}
}
}
}
/**
* Returns service type of this rules.
* @return service type of this rule
*/
protected ServiceType getServiceType() {
return (serviceType);
}
/**
* Returns an XML respresentation of the rule with policy name to
* use in resource index tree.
* @param policyName policy name to use while creating xml representation
* @return an XML respresentation of the rule with policy name to
* use in resource index tree
*/
// "<PolicyCrossReferences name=\"" + serviceTypeName +
// "\" type=\"Resources\">"
.append(" ")
.append("=\"")
.append("\" ")
.append("=\"")
.append("\">");
} else {
}
// "<Reference name=\"" + resources[n-1]) +
// "\"><PolicyName name=\"" + policyName +
// "\"/></Reference>"
.append(" ")
.append("=\"")
.append("\"><")
.append(" ")
.append("=\"")
.append("\"/></")
.append(">");
for (int i = n - 2; i >= 0; i--) {
//tmp = "<Reference name=\"" + resources[i] +"\">" +
// tmp + "</Reference>";
tmp = "<"
+ " "
+ "=\""
+ resources[i]
+ "\">"
+ tmp
+ "</"
+ ">";
}
return (beginning
+ tmp
+ "</"
+ ">");
}
/**
* Returns xml string representation of the rule.
*
* @return xml string representation of the rule
*/
return (toXML());
}
/**
* Creates and returns a copy of this object. The returned
* <code>Rule</code> object will have the same rule
* name, resource, service name, and actions
* such that <code>x.clone().equals(x)</code> will be
* <code>true</code>. However <code>x.clone()</code>
* will not be the same as <code>x</code>, i.e.,
* <code>x.clone() != x</code>.
*
* @return a copy of this object
*/
try {
} catch (CloneNotSupportedException se) {
}
if (resourceNames != null) {
}
// Copy the actions
}
return (answer);
}
/**
* Returns action values given resource type, resource name and a set of
* action names by matching the arguments to those of the rule object.
*
* @param resourceType resource type
* @param resourceName resource name
* @param actionNames a set of action names for which to compute values.
* Each element of the set should be a <code>String</code>
* valued action name
* @return a map of action values for actions
* Each key of the map is a String valued action name
* Each value of the map is a set of String values
* @throws NameNotFoundException if any name in <code>actionNames</code> is
* not found in the rule.
*/
//if (ResourceMatch.EXACT_MATCH.equals(rm) ) {
actionValues = new HashMap();
while (actionIter.hasNext()) {
}
}
}
}
return (actionValues);
}
}