001: package de.webman.acl;
002:
003: import com.teamkonzept.lib.TKException;
004: import com.teamkonzept.lib.TKVector;
005: import de.webman.acl.db.PolicyDBData;
006:
007: /**
008: * A policy applies a role to a login and an object reference. Thus, it
009: * constitutes a concrete access control right.
010: *
011: * @version 1.0
012: * @since 1.0
013: * @author © 2001 Webman AG
014: */
015: public class Policy extends WMObject {
016:
017: // $Header: /cvsroot/webman-cms/source/webman/de/webman/acl/Policy.java,v 1.1 2001/08/20 08:25:07 mischa Exp $
018:
019: // Constants
020:
021: /**
022: * Type constant.
023: */
024: public static final Integer ROLE_ID = new Integer(0);
025:
026: /**
027: * Type constant.
028: */
029: public static final Integer USER_ID = new Integer(1);
030:
031: /**
032: * Type constant.
033: */
034: public static final Integer POLICY_ID = new Integer(2);
035:
036: /**
037: * Type constant.
038: */
039: public static final Integer ATTRIBUTE_ID = new Integer(3);
040:
041: /**
042: * Type constant.
043: */
044: public static final Integer CLASS_REGISTRY_ID = new Integer(4);
045:
046: /**
047: * Type constant.
048: */
049: public static final Integer CONTENT_TREE_ID = new Integer(5);
050:
051: /**
052: * Type constant.
053: */
054: public static final Integer FORM_ID = new Integer(6);
055:
056: /**
057: * Type constant.
058: */
059: public static final Integer PRESENTATION_ID = new Integer(7);
060:
061: /**
062: * Type constant.
063: */
064: public static final Integer PROPERTY_ID = new Integer(8);
065:
066: /**
067: * Type constant.
068: */
069: public static final Integer PROPERTY_GROUP_ID = new Integer(9);
070:
071: /**
072: * Type constant.
073: */
074: public static final Integer SITE_TREE_ID = new Integer(10);
075:
076: /**
077: * Type constant.
078: */
079: public static final Integer TEMPLATE_ID = new Integer(11);
080:
081: /**
082: * Type constant.
083: */
084: public static final Integer TEXT_ATTRIBUTE_ID = new Integer(12);
085:
086: // Attributes
087:
088: /**
089: * The access mode of the policy.
090: */
091: private boolean access = false;
092:
093: /**
094: * The login asscoiated with this policy.
095: */
096: private Integer login = null;
097:
098: /**
099: * The role asscoiated with this policy.
100: */
101: private Integer role = null;
102:
103: /**
104: * The context asscoiated with this policy.
105: */
106: private Integer context = null;
107:
108: /**
109: * The object reference.
110: */
111: private Integer reference = null;
112:
113: /**
114: * The object type.
115: */
116: private Integer type = null;
117:
118: // Constructors
119:
120: /**
121: * Provide instantion only to package classes or subclasses.
122: *
123: * @param data the initial policy data.
124: */
125: protected Policy(PolicyDBData data) {
126: super (data);
127:
128: this .access = data.isAllowed();
129: this .login = data.getLogin();
130: this .role = data.getRole();
131: this .context = data.getContext();
132: this .reference = data.getObjectReference();
133: this .type = data.getObjectType();
134: }
135:
136: // Method implementations
137:
138: /**
139: * Returns the factory of the object.
140: *
141: * @return the factory of the object.
142: * @exception com.teamkonzept.lib.TKException if an error occured during factory retrieval.
143: */
144: public final ObjectFactory getFactory() throws TKException {
145: return PolicyFactory.getInstance();
146: }
147:
148: /**
149: * Checks wether the login is allowed to perform the role's tasks on the
150: * controlled object.
151: *
152: * @return <CODE>true</CODE> if the login is allowed to perform the role's
153: * tasks on the controlled object, otherwise <CODE>false</CODE>.
154: */
155: public final boolean isAllowed() {
156: return access;
157: }
158:
159: /**
160: * Checks wether the execution of the role's tasks on the controlled object by
161: * the login is denied.
162: *
163: * @return <CODE>true</CODE> the execution of the role's tasks on the
164: * controlled object by the login is denied, otherwise <CODE>false</CODE>.
165: */
166: public final boolean isDenied() {
167: return !access;
168: }
169:
170: /**
171: * Allows the login is allowed to perform the role's tasks on the controlled
172: * object.
173: */
174: public final void allow() {
175: super .modifyAttribute(this .access ? Boolean.TRUE
176: : Boolean.FALSE, Boolean.TRUE);
177: this .access = true;
178: }
179:
180: /**
181: * Denies the execution of the role's tasks on the controlled object by the
182: * login.
183: */
184: public final void deny() {
185: super .modifyAttribute(this .access ? Boolean.TRUE
186: : Boolean.FALSE, Boolean.FALSE);
187: this .access = false;
188: }
189:
190: /**
191: * Returns the ID of the login of the policy.
192: *
193: * @return the ID of the login of the policy.
194: */
195: public final Integer getLoginID() {
196: return login;
197: }
198:
199: /**
200: * Returns the login of the policy.
201: *
202: * @return the login of the policy.
203: * @exception com.teamkonzept.lib.TKException if an error occured during login retrieval.
204: */
205: public final Login getLogin() throws TKException {
206: return login != null ? (Login) LoginFactory.getInstance()
207: .getObject(login) : null;
208: }
209:
210: /**
211: * Assigns the login of the policy.
212: *
213: * @param login the login of the policy.
214: */
215: public final void setLogin(Login login) {
216: Integer id = login != null ? login.getID() : null;
217:
218: super .modifyAttribute(this .login, id);
219: this .login = id;
220: }
221:
222: /**
223: * Returns the ID of the role of the policy.
224: *
225: * @return the ID of the role of the policy.
226: */
227: public final Integer getRoleID() {
228: return role;
229: }
230:
231: /**
232: * Returns the role of the policy.
233: *
234: * @return the role of the policy.
235: * @exception com.teamkonzept.lib.TKException if an error occured during role retrieval.
236: */
237: public final Role getRole() throws TKException {
238: return role != null ? (Role) RoleFactory.getInstance()
239: .getObject(role) : null;
240: }
241:
242: /**
243: * Assigns the role of the policy.
244: *
245: * @param role the role of the policy.
246: */
247: public final void setRole(Role role) {
248: Integer id = role != null ? role.getID() : null;
249:
250: super .modifyAttribute(this .role, id);
251: this .role = id;
252: }
253:
254: /**
255: * Returns the ID of the context of the policy.
256: *
257: * @return the ID of the context of the policy.
258: */
259: public final Integer getContextID() {
260: return context;
261: }
262:
263: /**
264: * Returns the context of the policy.
265: *
266: * @return the context of the policy.
267: * @exception com.teamkonzept.lib.TKException if an error occured during context retrieval.
268: */
269: public final Context getContext() throws TKException {
270: return context != null ? (Context) ContextFactory.getInstance()
271: .getObject(context) : null;
272: }
273:
274: /**
275: * Assigns the context of the policy.
276: *
277: * @param context the context of the policy.
278: */
279: public final void setContext(Context context) {
280: Integer id = context != null ? context.getID() : null;
281:
282: super .modifyAttribute(this .context, id);
283: this .context = id;
284: }
285:
286: /**
287: * Returns the object reference of the policy.
288: *
289: * @return the object reference of the policy.
290: */
291: public final Integer getObjectReference() {
292: return this .reference;
293: }
294:
295: /**
296: * Returns the object type of the policy.
297: *
298: * @return the object type of the policy.
299: */
300: public final Integer getObjectType() {
301: return this .type;
302: }
303:
304: /**
305: * Returns all events referencing the policy.
306: *
307: * @return all events referencing the policy.
308: * @exception com.teamkonzept.lib.TKException if an error occured during event retrieval.
309: */
310: public final TKVector getEvents() throws TKException {
311: return EventFactory.getInstance().getObjects(
312: EventFactory.getInstance()
313: .getEventProxies(this .getID()));
314: }
315:
316: // Convenience methods
317:
318: /**
319: * Claims control for the whole context.
320: */
321: public final void setWholeContextControl() {
322: setObjectControl(null, null);
323: }
324:
325: /**
326: * Assigns the reference of the controlled attribute.
327: *
328: * @param reference the reference of the controlled attribute.
329: */
330: public final void setAttributeControl(Integer reference) {
331: setObjectControl(reference, ATTRIBUTE_ID);
332: }
333:
334: /**
335: * Assigns the reference of the controlled class registry.
336: *
337: * @param reference the reference of the controlled class registry.
338: */
339: public final void setClassRegistryControl(Integer reference) {
340: setObjectControl(reference, CLASS_REGISTRY_ID);
341: }
342:
343: /**
344: * Assigns the reference of the controlled content tree.
345: *
346: * @param reference the reference of the controlled content tree.
347: */
348: public final void setContentTreeControl(Integer reference) {
349: setObjectControl(reference, CONTENT_TREE_ID);
350: }
351:
352: /**
353: * Assigns the reference of the controlled form.
354: *
355: * @param reference the reference of the controlled form.
356: */
357: public final void setFormControl(Integer reference) {
358: setObjectControl(reference, FORM_ID);
359: }
360:
361: /**
362: * Assigns the reference of the controlled policy.
363: *
364: * @param reference the reference of the controlled policy.
365: */
366: public final void setPolicyControl(Integer reference) {
367: setObjectControl(reference, POLICY_ID);
368: }
369:
370: /**
371: * Assigns the reference of the controlled presentation.
372: *
373: * @param reference the reference of the controlled presentation.
374: */
375: public final void setPresentationControl(Integer reference) {
376: setObjectControl(reference, PRESENTATION_ID);
377: }
378:
379: /**
380: * Assigns the reference of the controlled property.
381: *
382: * @param reference the reference of the controlled property.
383: */
384: public final void setPropertyControl(Integer reference) {
385: setObjectControl(reference, PROPERTY_ID);
386: }
387:
388: /**
389: * Assigns the reference of the controlled property group.
390: *
391: * @param reference the reference of the controlled property group.
392: */
393: public final void setPropertyGroupControl(Integer reference) {
394: setObjectControl(reference, PROPERTY_GROUP_ID);
395: }
396:
397: /**
398: * Assigns the reference of the controlled role.
399: *
400: * @param reference the reference of the controlled role.
401: */
402: public final void setRoleControl(Integer reference) {
403: setObjectControl(reference, ROLE_ID);
404: }
405:
406: /**
407: * Assigns the reference of the controlled site tree.
408: *
409: * @param reference the reference of the controlled site tree.
410: */
411: public final void setSiteTreeControl(Integer reference) {
412: setObjectControl(reference, SITE_TREE_ID);
413: }
414:
415: /**
416: * Assigns the reference of the controlled template.
417: *
418: * @param reference the reference of the controlled template.
419: */
420: public final void setTemplateControl(Integer reference) {
421: setObjectControl(reference, TEMPLATE_ID);
422: }
423:
424: /**
425: * Assigns the reference of the controlled text attribute.
426: *
427: * @param reference the reference of the controlled text attribute.
428: */
429: public final void setTextAttributeControl(Integer reference) {
430: setObjectControl(reference, TEXT_ATTRIBUTE_ID);
431: }
432:
433: /**
434: * Assigns the reference of the controlled user.
435: *
436: * @param reference the reference of the controlled user.
437: */
438: public final void setUserControl(Integer reference) {
439: setObjectControl(reference, USER_ID);
440: }
441:
442: /**
443: * Assigns the reference and the type of the controlled object.
444: *
445: * @param reference the reference of the controlled object.
446: * @param type the type of the controlled object.
447: */
448: private final void setObjectControl(Integer reference, Integer type) {
449: super .modifyAttribute(this .reference, reference);
450: this .reference = reference;
451:
452: super .modifyAttribute(this .type, type);
453: this .type = type;
454: }
455:
456: /**
457: * Checks wether the given type represents atomic access rights.
458: * <P>
459: * A type represents atomic access rights, if it does not represent
460: * generic access rights.
461: *
462: * @return <CODE>true</CODE> if the given type does not represent
463: * generic access rights, otherwise <CODE>false</CODE>.
464: */
465: public static final boolean isAtomic(Integer type) {
466: return !Policy.isGeneric(type);
467: }
468:
469: /**
470: * Checks wether the given type represents generic access rights.
471: * <P>
472: * A type represents generic access rights, if it is set to content
473: * tree or site tree.
474: *
475: * @return <CODE>true</CODE> if the given type represents
476: * generic access rights, otherwise <CODE>false</CODE>.
477: */
478: public static final boolean isGeneric(Integer type) {
479: return Policy.CONTENT_TREE_ID.equals(type)
480: || Policy.SITE_TREE_ID.equals(type);
481: }
482:
483: }
|