/* |
|
* Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. |
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
* |
|
* This code is free software; you can redistribute it and/or modify it |
|
* under the terms of the GNU General Public License version 2 only, as |
|
* published by the Free Software Foundation. Oracle designates this |
|
* particular file as subject to the "Classpath" exception as provided |
|
* by Oracle in the LICENSE file that accompanied this code. |
|
* |
|
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
* version 2 for more details (a copy is included in the LICENSE file that |
|
* accompanied this code). |
|
* |
|
* You should have received a copy of the GNU General Public License version |
|
* 2 along with this work; if not, write to the Free Software Foundation, |
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
* |
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
* or visit www.oracle.com if you need additional information or have any |
|
* questions. |
|
*/ |
|
package sun.security.acl; |
|
import java.util.*; |
|
import java.security.Principal; |
|
import java.security.acl.*; |
|
/** |
|
* This is a class that describes one entry that associates users |
|
* or groups with permissions in the ACL. |
|
* The entry may be used as a way of granting or denying permissions. |
|
* @author Satish Dharmaraj |
|
*/ |
|
public class AclEntryImpl implements AclEntry { |
|
private Principal user = null; |
|
private Vector<Permission> permissionSet = new Vector<>(10, 10); |
|
private boolean negative = false; |
|
/** |
|
* Construct an ACL entry that associates a user with permissions |
|
* in the ACL. |
|
* @param user The user that is associated with this entry. |
|
*/ |
|
public AclEntryImpl(Principal user) { |
|
this.user = user; |
|
} |
|
/** |
|
* Construct a null ACL entry |
|
*/ |
|
public AclEntryImpl() { |
|
} |
|
/** |
|
* Sets the principal in the entity. If a group or a |
|
* principal had already been set, a false value is |
|
* returned, otherwise a true value is returned. |
|
* @param user The user that is associated with this entry. |
|
* @return true if the principal is set, false if there is |
|
* one already. |
|
*/ |
|
public boolean setPrincipal(Principal user) { |
|
if (this.user != null) |
|
return false; |
|
this.user = user; |
|
return true; |
|
} |
|
/** |
|
* This method sets the ACL to have negative permissions. |
|
* That is the user or group is denied the permission set |
|
* specified in the entry. |
|
*/ |
|
public void setNegativePermissions() { |
|
negative = true; |
|
} |
|
/** |
|
* Returns true if this is a negative ACL. |
|
*/ |
|
public boolean isNegative() { |
|
return negative; |
|
} |
|
/** |
|
* A principal or a group can be associated with multiple |
|
* permissions. This method adds a permission to the ACL entry. |
|
* @param permission The permission to be associated with |
|
* the principal or the group in the entry. |
|
* @return true if the permission was added, false if the |
|
* permission was already part of the permission set. |
|
*/ |
|
public boolean addPermission(Permission permission) { |
|
if (permissionSet.contains(permission)) |
|
return false; |
|
permissionSet.addElement(permission); |
|
return true; |
|
} |
|
/** |
|
* The method disassociates the permission from the Principal |
|
* or the Group in this ACL entry. |
|
* @param permission The permission to be disassociated with |
|
* the principal or the group in the entry. |
|
* @return true if the permission is removed, false if the |
|
* permission is not part of the permission set. |
|
*/ |
|
public boolean removePermission(Permission permission) { |
|
return permissionSet.removeElement(permission); |
|
} |
|
/** |
|
* Checks if the passed permission is part of the allowed |
|
* permission set in this entry. |
|
* @param permission The permission that has to be part of |
|
* the permission set in the entry. |
|
* @return true if the permission passed is part of the |
|
* permission set in the entry, false otherwise. |
|
*/ |
|
public boolean checkPermission(Permission permission) { |
|
return permissionSet.contains(permission); |
|
} |
|
/** |
|
* return an enumeration of the permissions in this ACL entry. |
|
*/ |
|
public Enumeration<Permission> permissions() { |
|
return permissionSet.elements(); |
|
} |
|
/** |
|
* Return a string representation of the contents of the ACL entry. |
|
*/ |
|
public String toString() { |
|
StringBuffer s = new StringBuffer(); |
|
if (negative) |
|
s.append("-"); |
|
else |
|
s.append("+"); |
|
if (user instanceof Group) |
|
s.append("Group."); |
|
else |
|
s.append("User."); |
|
s.append(user + "="); |
|
Enumeration<Permission> e = permissions(); |
|
while(e.hasMoreElements()) { |
|
Permission p = e.nextElement(); |
|
s.append(p); |
|
if (e.hasMoreElements()) |
|
s.append(","); |
|
} |
|
return new String(s); |
|
} |
|
/** |
|
* Clones an AclEntry. |
|
*/ |
|
@SuppressWarnings("unchecked") // Safe casts assuming clone() works correctly |
|
public synchronized Object clone() { |
|
AclEntryImpl cloned; |
|
cloned = new AclEntryImpl(user); |
|
cloned.permissionSet = (Vector<Permission>) permissionSet.clone(); |
|
cloned.negative = negative; |
|
return cloned; |
|
} |
|
/** |
|
* Return the Principal associated in this ACL entry. |
|
* The method returns null if the entry uses a group |
|
* instead of a principal. |
|
*/ |
|
public Principal getPrincipal() { |
|
return user; |
|
} |
|
} |