c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * CDDL HEADER START
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * The contents of this file are subject to the terms of the
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * Common Development and Distribution License, Version 1.0 only
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * (the "License"). You may not use this file except in compliance
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * with the License.
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac * or http://forgerock.org/license/CDDLv1.0.html.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * See the License for the specific language governing permissions
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * and limitations under the License.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * When distributing Covered Code, include this CDDL HEADER in each
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac * file and include the License file at legal-notices/CDDLv1_0.txt.
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac * If applicable, add the following below this CDDL HEADER, with the
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac * fields enclosed by brackets "[]" replaced with your own identifying
8cf870d281dc8c242f083d14dfef05f24aa5fceeJnRouvignac * information:
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * Portions Copyright [yyyy] [name of copyright owner]
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * CDDL HEADER END
65e99be301d5a19db33f25841f671756e8dbb9b5ludovicp * Copyright 2008 Sun Microsystems, Inc.
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac * Portions Copyright 2013 ForgeRock AS
53247d28ba99538f841a13ea2cde01c3faa3ef36kenneth_suterimport static org.opends.messages.AccessControlMessages.*;
31ef6298b4179ddca52d4b1d0aad873af9d17155duganimport static org.opends.server.authorization.dseecompat.Aci.*;
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * A class representing the permissions of an bind rule. The permissions
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * of an ACI look like deny(search, write).
c9d44c649b67bea43e7549e2bf52870db9e770d0duganpublic class Permission {
31ef6298b4179ddca52d4b1d0aad873af9d17155dugan * The access type (allow,deny) corresponding to the ACI permission value.
31ef6298b4179ddca52d4b1d0aad873af9d17155dugan * The rights (search, add, delete, ...) corresponding to the ACI rights
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan private int rights;
31ef6298b4179ddca52d4b1d0aad873af9d17155dugan * Regular expression token representing the separator.
31ef6298b4179ddca52d4b1d0aad873af9d17155dugan * Regular expression used to match the ACI rights string.
31ef6298b4179ddca52d4b1d0aad873af9d17155dugan private static final String rightsRegex = ZERO_OR_MORE_WHITESPACE +
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * Constructor creating a class representing a permission part of an bind
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @param accessType A string representing access type.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @param rights A string representing the rights.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @throws AciException If the access type string or rights string
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * is invalid.
53247d28ba99538f841a13ea2cde01c3faa3ef36kenneth_suter WARN_ACI_SYNTAX_INVALID_ACCESS_TYPE_VERSION.get(accessType);
53247d28ba99538f841a13ea2cde01c3faa3ef36kenneth_suter Message message = WARN_ACI_SYNTAX_INVALID_RIGHTS_SYNTAX.get(rights);
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan Pattern separatorPattern = Pattern.compile(separatorToken);
53247d28ba99538f841a13ea2cde01c3faa3ef36kenneth_suter WARN_ACI_SYNTAX_INVALID_RIGHTS_KEYWORD.get(rights);
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * Decode an string representation of bind rule permission into a Permission
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @param accessType A string representing the access type.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @param rights A string representing the rights.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @return A Permission class representing the permissions of the bind
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @throws AciException If the accesstype or rights strings are invalid.
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac public static Permission decode (String accessType, String rights)
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * Checks if a given access type enumeration is equal to this classes
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * access type.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @param accessType An enumeration representing an access type.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @return True if the access types are equal.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan public boolean hasAccessType(EnumAccessType accessType) {
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * Checks if the permission's rights has the specified rights.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @param rights The rights to check for.
c9d44c649b67bea43e7549e2bf52870db9e770d0dugan * @return True if the permission's rights has the specified rights.
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac /** {@inheritDoc} */
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac * Appends a string representation of this object to the provided buffer.
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac * @param buffer
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac * The buffer into which a string representation of this object
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac * should be appended.
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac public final void toString(StringBuilder buffer) {
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac buffer.append(accessType.toString().toLowerCase());
0253a7dc97ec1ab462376979562c69636573904aJnRouvignac Set<EnumRight> enumRights = EnumRight.getEnumRight(rights);