EntitlementCombiner.java revision 98889d65f3da34634133fce0bccd5138397bccf6
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2009 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: EntitlementCombiner.java,v 1.4 2009/12/07 19:46:45 veiming Exp $
*
* Portions copyright 2010-2013 ForgeRock AS.
*/
/**
* This is the base class for entitlement combiner. >code>DenyOverride</code>
* extends this class.
*
* <code>init</code> needs to be called after it is created.
*/
public abstract class EntitlementCombiner {
private boolean isDone;
private boolean isRecursive;
private ResourceName resourceComparator;
/**
* root entitlement is the root entitlement when we are doing sub tree
* evaluation (recursive = true); and is the entitlement decision for
* single node evaluation (recursive = false).
*/
private Entitlement rootE;
/**
* Initializes the combiner.
*
* @param realm Realm name.
* @param applicationName Application Name.
* @param resourceName Resource name to be evaluated.
* @param actions Action names to be evaluated.
* @param isRecursive <code>true<</code> for subtree evaluation.
*/
boolean isRecursive) throws EntitlementException {
}
/**
* Initializes the combiner.
*
* @param resourceName Resource name to be evaluated.
* @param actions Action names to be evaluated.
* @param isRecursive <code>true<</code> for subtree evaluation.
* @param application The defining application.
*/
this.isRecursive = isRecursive;
if (!isRecursive) { // single level
} else {
}
} else {
}
}
/**
* Adds a set of entitlements to the overall entitlement decision. These
* entitlements will be combined with existing decision.
*
* @param entitlements Set of entitlements.
*/
if (!isRecursive) {
for (Entitlement e : entitlements) {
mergeActionValues(rootE, e);
mergeAdvices(rootE, e);
mergeAttributes(rootE, e);
}
} else {
boolean isRegExComparator = (resourceComparator instanceof
for (Entitlement e : entitlements) {
boolean toAdd = true;
mergeAdvices(existing, e);
mergeAttributes(existing, e);
toAdd = false;
mergeAdvices(existing, e);
mergeAttributes(existing, e);
mergeAdvices(e, existing);
mergeAttributes(e, existing);
} else if (!isRegExComparator &&
mergeAdvices(e, existing);
mergeAttributes(e, existing);
}
}
if (toAdd) {
e.getResourceName(), e.getActionValues());
}
}
}
}
/**
* Merges action values. The action values of the second entitlement
* is merged to first entitlement.
*
* @param e1 Entitlement.
* @param e2 Entitlement.
*/
}
}
for (String n : actionNames) {
} else {
}
}
} else {
// Advice is present and therefore more data is needed before any actions can be taken.
}
isDone = isCompleted();
}
/**
* Merges advices. The advices of the second entitlement
* is merged to first entitlement.
*
* @param e1 Entitlement
* @param e2 Entitlement
*/
}
}
if (r == null) {
}
}
}
}
}
/**
* Merges attributes. The attributes of the second entitlement
* is merged to first entitlement.
*
* @param e1 Entitlement
* @param e2 Entitlement
*/
}
}
if (r == null) {
}
}
}
}
}
/**
* Merges time to live values. The lowest of the TTL values is set as the
* TTL.
*
* @param e1 Entitlement
* @param e2 Entitlement
*/
}
}
/**
* Returns action names.
*
* @return action names.
*/
return actions;
}
/**
* Returns <code>trie</code> if this entitlement combiner is working
* on sub tree evaluation.
*
* @return <code>trie</code> if this entitlement combiner is working
* on sub tree evaluation.
*/
protected boolean isRecursive() {
return isRecursive;
}
/**
* Returns root entitltlement.
*
* @return root entitltlement.
*/
protected Entitlement getRootE() {
return rootE;
}
/**
* Returns the resource comparator.
*
* @return resource comparator.
*/
protected ResourceName getResourceComparator() {
return resourceComparator;
}
/**
* Returns <code>true</code> if policy decision can also be determined.
*
* @return <code>true</code> if policy decision can also be determined.
*/
public boolean isDone() {
return isDone;
}
/**
* Returns entitlements which is the result of combining a set of
* entitlement.
*
* @return entitlement results.
*/
return results;
}
/**
* Returns the result of combining two entitlement decisions.
*
* @param b1 entitlement decision.
* @param b2 entitlement decision.
* @return result of combining two entitlement decisions.
*/
/**
* Returns <code>true</code> if policy decision can also be determined.
* This method is called by dervived classed. #isDone method shall be
* set if this returns true.
*
* @return <code>true</code> if policy decision can also be determined.
*/
protected abstract boolean isCompleted();
}