Source Code Cross Referenced for PagePermission.java in  » Wiki-Engine » JSPWiki » com » ecyrd » jspwiki » auth » permissions » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Java Source Code / Java Documentation
1. 6.0 JDK Core
2. 6.0 JDK Modules
3. 6.0 JDK Modules com.sun
4. 6.0 JDK Modules com.sun.java
5. 6.0 JDK Modules sun
6. 6.0 JDK Platform
7. Ajax
8. Apache Harmony Java SE
9. Aspect oriented
10. Authentication Authorization
11. Blogger System
12. Build
13. Byte Code
14. Cache
15. Chart
16. Chat
17. Code Analyzer
18. Collaboration
19. Content Management System
20. Database Client
21. Database DBMS
22. Database JDBC Connection Pool
23. Database ORM
24. Development
25. EJB Server geronimo
26. EJB Server GlassFish
27. EJB Server JBoss 4.2.1
28. EJB Server resin 3.1.5
29. ERP CRM Financial
30. ESB
31. Forum
32. GIS
33. Graphic Library
34. Groupware
35. HTML Parser
36. IDE
37. IDE Eclipse
38. IDE Netbeans
39. Installer
40. Internationalization Localization
41. Inversion of Control
42. Issue Tracking
43. J2EE
44. JBoss
45. JMS
46. JMX
47. Library
48. Mail Clients
49. Net
50. Parser
51. PDF
52. Portal
53. Profiler
54. Project Management
55. Report
56. RSS RDF
57. Rule Engine
58. Science
59. Scripting
60. Search Engine
61. Security
62. Sevlet Container
63. Source Control
64. Swing Library
65. Template Engine
66. Test Coverage
67. Testing
68. UML
69. Web Crawler
70. Web Framework
71. Web Mail
72. Web Server
73. Web Services
74. Web Services apache cxf 2.0.1
75. Web Services AXIS2
76. Wiki Engine
77. Workflow Engines
78. XML
79. XML UI
Java
Java Tutorial
Java Open Source
Jar File Download
Java Articles
Java Products
Java by API
Photoshop Tutorials
Maya Tutorials
Flash Tutorials
3ds-Max Tutorials
Illustrator Tutorials
GIMP Tutorials
C# / C Sharp
C# / CSharp Tutorial
C# / CSharp Open Source
ASP.Net
ASP.NET Tutorial
JavaScript DHTML
JavaScript Tutorial
JavaScript Reference
HTML / CSS
HTML CSS Reference
C / ANSI-C
C Tutorial
C++
C++ Tutorial
Ruby
PHP
Python
Python Tutorial
Python Open Source
SQL Server / T-SQL
SQL Server / T-SQL Tutorial
Oracle PL / SQL
Oracle PL/SQL Tutorial
PostgreSQL
SQL / MySQL
MySQL Tutorial
VB.Net
VB.Net Tutorial
Flash / Flex / ActionScript
VBA / Excel / Access / Word
XML
XML Tutorial
Microsoft Office PowerPoint 2007 Tutorial
Microsoft Office Excel 2007 Tutorial
Microsoft Office Word 2007 Tutorial
Java Source Code / Java Documentation » Wiki Engine » JSPWiki » com.ecyrd.jspwiki.auth.permissions 
Source Cross Referenced  Class Diagram Java Document (Java Doc) 


001:        /*
002:            JSPWiki - a JSP-based WikiWiki clone.
003:
004:            Copyright (C) 2001-2007 JSPWiki development group
005:
006:            This program is free software; you can redistribute it and/or modify
007:            it under the terms of the GNU Lesser General Public License as published by
008:            the Free Software Foundation; either version 2.1 of the License, or
009:            (at your option) any later version.
010:
011:            This program is distributed in the hope that it will be useful,
012:            but WITHOUT ANY WARRANTY; without even the implied warranty of
013:            MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
014:            GNU Lesser General Public License for more details.
015:
016:            You should have received a copy of the GNU Lesser General Public License
017:            along with this program; if not, write to the Free Software
018:            Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
019:         */
020:        package com.ecyrd.jspwiki.auth.permissions;
021:
022:        import java.security.Permission;
023:        import java.security.PermissionCollection;
024:        import java.util.Arrays;
025:
026:        import org.apache.commons.lang.StringUtils;
027:
028:        import com.ecyrd.jspwiki.WikiPage;
029:
030:        /**
031:         * <p>
032:         * Permission to perform an operation on a single page or collection of pages in
033:         * a given wiki. Permission actions include: <code>view</code>,&nbsp;
034:         * <code>edit</code> (edit the text of a wiki page),&nbsp;<code>comment</code>,&nbsp;
035:         * <code>upload</code>,&nbsp;<code>modify</code>&nbsp;(edit text and upload
036:         * attachments),&nbsp;<code>delete</code>&nbsp;
037:         * and&nbsp;<code>rename</code>.
038:         * </p>
039:         * <p>
040:         * The target of a permission is a single page or collection in a given wiki.
041:         * The syntax for the target is the wiki name, followed by a colon (:) and the
042:         * name of the page. "All wikis" can be specified using a wildcard (*). Page
043:         * collections may also be specified using a wildcard. For pages, the wildcard
044:         * may be a prefix, suffix, or all by itself. Examples of targets include:
045:         * </p>
046:         * <blockquote><code>*:*<br/>
047:         * *:JanneJalkanen<br/>
048:         * *:Jalkanen<br/>
049:         * *:Janne*<br/>
050:         * mywiki:JanneJalkanen<br/>
051:         * mywiki:*Jalkanen<br/>
052:         * mywiki:Janne*</code>
053:         * </blockquote>
054:         * <p>
055:         * For a given target, certain permissions imply others:
056:         * </p>
057:         * <ul>
058:         * <li><code>delete</code>&nbsp;and&nbsp;<code>rename</code>&nbsp;imply&nbsp;<code>edit</code></li>
059:         * <li><code>modify</code>&nbsp;implies&nbsp;<code>edit</code>&nbsp;and&nbsp;<code>upload</code></li>
060:         * <li><code>edit</code>&nbsp;implies&nbsp;<code>comment</code>&nbsp;and&nbsp;<code>view</code></li>
061:         * <li><code>comment</code>&nbsp;and&nbsp;<code>upload</code>&nbsp;imply&nbsp;<code>view</code></li>
062:         * Targets that do not include a wiki prefix <i>never </i> imply others.
063:         * </ul>
064:         * @author Andrew Jaquith
065:         * @since 2.3
066:         */
067:        public final class PagePermission extends Permission {
068:            private static final long serialVersionUID = 2L;
069:
070:            public static final String COMMENT_ACTION = "comment";
071:
072:            public static final String DELETE_ACTION = "delete";
073:
074:            public static final String EDIT_ACTION = "edit";
075:
076:            public static final String MODIFY_ACTION = "modify";
077:
078:            public static final String RENAME_ACTION = "rename";
079:
080:            public static final String UPLOAD_ACTION = "upload";
081:
082:            public static final String VIEW_ACTION = "view";
083:
084:            protected static final int COMMENT_MASK = 0x4;
085:
086:            protected static final int DELETE_MASK = 0x10;
087:
088:            protected static final int EDIT_MASK = 0x2;
089:
090:            protected static final int MODIFY_MASK = 0x40;
091:
092:            protected static final int RENAME_MASK = 0x20;
093:
094:            protected static final int UPLOAD_MASK = 0x8;
095:
096:            protected static final int VIEW_MASK = 0x1;
097:
098:            public static final PagePermission COMMENT = new PagePermission(
099:                    COMMENT_ACTION);
100:
101:            public static final PagePermission DELETE = new PagePermission(
102:                    DELETE_ACTION);
103:
104:            public static final PagePermission EDIT = new PagePermission(
105:                    EDIT_ACTION);
106:
107:            public static final PagePermission RENAME = new PagePermission(
108:                    RENAME_ACTION);
109:
110:            public static final PagePermission MODIFY = new PagePermission(
111:                    MODIFY_ACTION);
112:
113:            public static final PagePermission UPLOAD = new PagePermission(
114:                    UPLOAD_ACTION);
115:
116:            public static final PagePermission VIEW = new PagePermission(
117:                    VIEW_ACTION);
118:
119:            private static final String ACTION_SEPARATOR = ",";
120:
121:            private static final String WILDCARD = "*";
122:
123:            private static final String WIKI_SEPARATOR = ":";
124:
125:            private static final String ATTACHMENT_SEPARATOR = "/";
126:
127:            private final String m_actionString;
128:
129:            private final int m_mask;
130:
131:            private final String m_page;
132:
133:            private final String m_wiki;
134:
135:            /**
136:             * Private convenience constructor that creates a new PagePermission for all wikis and pages
137:             * (*:*) and set of actions.
138:             * @param actions
139:             */
140:            private PagePermission(String actions) {
141:                this (WILDCARD + WIKI_SEPARATOR + WILDCARD, actions);
142:            }
143:
144:            /**
145:             * Creates a new PagePermission for a specified page name and set of
146:             * actions. Page should include a prepended wiki name followed by a colon (:).
147:             * If the wiki name is not supplied or starts with a colon, the page
148:             * refers to no wiki in particular, and will never imply any other
149:             * PagePermission.
150:             * @param page the wiki page
151:             * @param actions the allowed actions for this page
152:             */
153:            public PagePermission(String page, String actions) {
154:                super (page);
155:
156:                // Parse wiki and page (which may include wiki name and page)
157:                // Strip out attachment separator; it is irrelevant.
158:
159:                // FIXME3.0: Assumes attachment separator is "/".
160:                String[] pathParams = StringUtils.split(page, WIKI_SEPARATOR);
161:                String pageName;
162:                if (pathParams.length >= 2) {
163:                    m_wiki = pathParams[0].length() > 0 ? pathParams[0] : null;
164:                    pageName = pathParams[1];
165:                } else {
166:                    m_wiki = null;
167:                    pageName = pathParams[0];
168:                }
169:                int pos = pageName.indexOf(ATTACHMENT_SEPARATOR);
170:                m_page = (pos == -1) ? pageName : pageName.substring(0, pos);
171:
172:                // Parse actions
173:                String[] pageActions = StringUtils.split(actions.toLowerCase(),
174:                        ACTION_SEPARATOR);
175:                Arrays.sort(pageActions, String.CASE_INSENSITIVE_ORDER);
176:                m_mask = createMask(actions);
177:                StringBuffer buffer = new StringBuffer();
178:                for (int i = 0; i < pageActions.length; i++) {
179:                    buffer.append(pageActions[i]);
180:                    if (i < (pageActions.length - 1)) {
181:                        buffer.append(ACTION_SEPARATOR);
182:                    }
183:                }
184:                m_actionString = buffer.toString();
185:            }
186:
187:            /**
188:             * Creates a new PagePermission for a specified page and set of actions.
189:             * @param page The wikipage.
190:             * @param actions A set of actions; a comma-separated list of actions.
191:             */
192:            public PagePermission(WikiPage page, String actions) {
193:                this (page.getWiki() + WIKI_SEPARATOR + page.getName(), actions);
194:            }
195:
196:            /**
197:             * Two PagePermission objects are considered equal if their actions (after
198:             * normalization), wiki and target are equal.
199:             * @see java.lang.Object#equals(java.lang.Object)
200:             */
201:            public final boolean equals(Object obj) {
202:                if (!(obj instanceof  PagePermission)) {
203:                    return false;
204:                }
205:                PagePermission p = (PagePermission) obj;
206:                return p.m_mask == m_mask && p.m_page.equals(m_page)
207:                        && p.m_wiki != null && p.m_wiki.equals(m_wiki);
208:            }
209:
210:            /**
211:             * Returns the actions for this permission: "view", "edit", "comment",
212:             * "modify", "upload" or "delete". The actions will always be sorted in alphabetic
213:             * order, and will always appear in lower case.
214:             * @see java.security.Permission#getActions()
215:             */
216:            public final String getActions() {
217:                return m_actionString;
218:            }
219:
220:            /**
221:             * Returns the name of the wiki page represented by this permission.
222:             * @return the page name
223:             */
224:            public final String getPage() {
225:                return m_page;
226:            }
227:
228:            /**
229:             * Returns the name of the wiki containing the page represented by
230:             * this permission; may return the wildcard string.
231:             * @return the wiki
232:             */
233:            public final String getWiki() {
234:                return m_wiki;
235:            }
236:
237:            /**
238:             * Returns the hash code for this PagePermission.
239:             * @see java.lang.Object#hashCode()
240:             */
241:            public final int hashCode() {
242:                //  If the wiki has not been set, uses a dummy value for the hashcode
243:                //  calculation.  This may occur if the page given does not refer
244:                //  to any particular wiki
245:                String wiki = m_wiki != null ? m_wiki : "dummy_value";
246:                return m_mask
247:                        + ((13 * m_actionString.hashCode()) * 23 * wiki
248:                                .hashCode());
249:            }
250:
251:            /**
252:             * <p>
253:             * PagePermission can only imply other PagePermissions; no other permission
254:             * types are implied. One PagePermission implies another if its actions if
255:             * three conditions are met:
256:             * </p>
257:             * <ol>
258:             * <li>The other PagePermission's wiki is equal to, or a subset of, that of
259:             * this permission. This permission's wiki is considered a superset of the
260:             * other if it contains a matching prefix plus a wildcard, or a wildcard
261:             * followed by a matching suffix.</li>
262:             * <li>The other PagePermission's target is equal to, or a subset of, the
263:             * target specified by this permission. This permission's target is
264:             * considered a superset of the other if it contains a matching prefix plus
265:             * a wildcard, or a wildcard followed by a matching suffix.</li>
266:             * <li>All of other PagePermission's actions are equal to, or a subset of,
267:             * those of this permission</li>
268:             * </ol>
269:             * @see java.security.Permission#implies(java.security.Permission)
270:             */
271:            public final boolean implies(Permission permission) {
272:                // Permission must be a PagePermission
273:                if (!(permission instanceof  PagePermission)) {
274:                    return false;
275:                }
276:
277:                // Build up an "implied mask"
278:                PagePermission p = (PagePermission) permission;
279:                int impliedMask = impliedMask(m_mask);
280:
281:                // If actions aren't a proper subset, return false
282:                if ((impliedMask & p.m_mask) != p.m_mask) {
283:                    return false;
284:                }
285:
286:                // See if the tested permission's wiki is implied
287:                boolean impliedWiki = isSubset(m_wiki, p.m_wiki);
288:
289:                // If this page is "*", the tested permission's
290:                // page is implied
291:                boolean impliedPage = isSubset(m_page, p.m_page);
292:
293:                return impliedWiki && impliedPage;
294:            }
295:
296:            /**
297:             * Returns a new {@link AllPermissionCollection}.
298:             * @see java.security.Permission#newPermissionCollection()
299:             */
300:            public PermissionCollection newPermissionCollection() {
301:                return new AllPermissionCollection();
302:            }
303:
304:            /**
305:             * Prints a human-readable representation of this permission.
306:             * @see java.lang.Object#toString()
307:             */
308:            public final String toString() {
309:                String wiki = (m_wiki == null) ? "" : m_wiki;
310:                return "(\"" + this .getClass().getName() + "\",\"" + wiki
311:                        + WIKI_SEPARATOR + m_page + "\",\"" + getActions()
312:                        + "\")";
313:            }
314:
315:            /**
316:             * Creates an "implied mask" based on the actions originally assigned: for
317:             * example, delete implies modify, comment, upload and view.
318:             * @param mask binary mask for actions
319:             * @return binary mask for implied actions
320:             */
321:            protected static final int impliedMask(int mask) {
322:                if ((mask & DELETE_MASK) > 0) {
323:                    mask |= MODIFY_MASK;
324:                }
325:                if ((mask & RENAME_MASK) > 0) {
326:                    mask |= EDIT_MASK;
327:                }
328:                if ((mask & MODIFY_MASK) > 0) {
329:                    mask |= EDIT_MASK | UPLOAD_MASK;
330:                }
331:                if ((mask & EDIT_MASK) > 0) {
332:                    mask |= COMMENT_MASK;
333:                }
334:                if ((mask & COMMENT_MASK) > 0) {
335:                    mask |= VIEW_MASK;
336:                }
337:                if ((mask & UPLOAD_MASK) > 0) {
338:                    mask |= VIEW_MASK;
339:                }
340:                return mask;
341:            }
342:
343:            /**
344:             * Determines whether one target string is a logical subset of the other.
345:             * @param superSet the prospective superset
346:             * @param subSet the prospective subset
347:             * @return the results of the test, where <code>true</code> indicates that
348:             *         <code>subSet</code> is a subset of <code>superSet</code>
349:             */
350:            protected static final boolean isSubset(String super Set,
351:                    String subSet) {
352:                // If either is null, return false
353:                if (super Set == null || subSet == null) {
354:                    return false;
355:                }
356:
357:                // If targets are identical, it's a subset
358:                if (super Set.equals(subSet)) {
359:                    return true;
360:                }
361:
362:                // If super is "*", it's a subset
363:                if (super Set.equals(WILDCARD)) {
364:                    return true;
365:                }
366:
367:                // If super starts with "*", sub must end with everything after the *
368:                if (super Set.startsWith(WILDCARD)) {
369:                    String suffix = super Set.substring(1);
370:                    return subSet.endsWith(suffix);
371:                }
372:
373:                // If super ends with "*", sub must start with everything before *
374:                if (super Set.endsWith(WILDCARD)) {
375:                    String prefix = super Set
376:                            .substring(0, super Set.length() - 1);
377:                    return subSet.startsWith(prefix);
378:                }
379:
380:                return false;
381:            }
382:
383:            /**
384:             * Private method that creates a binary mask based on the actions specified.
385:             * This is used by {@link #implies(Permission)}.
386:             * @param actions the actions for this permission, separated by commas
387:             * @return the binary actions mask
388:             */
389:            protected static final int createMask(String actions) {
390:                if (actions == null || actions.length() == 0) {
391:                    throw new IllegalArgumentException(
392:                            "Actions cannot be blank or null");
393:                }
394:                int mask = 0;
395:                String[] actionList = StringUtils.split(actions,
396:                        ACTION_SEPARATOR);
397:                for (int i = 0; i < actionList.length; i++) {
398:                    String action = actionList[i];
399:                    if (action.equalsIgnoreCase(VIEW_ACTION)) {
400:                        mask |= VIEW_MASK;
401:                    } else if (action.equalsIgnoreCase(EDIT_ACTION)) {
402:                        mask |= EDIT_MASK;
403:                    } else if (action.equalsIgnoreCase(COMMENT_ACTION)) {
404:                        mask |= COMMENT_MASK;
405:                    } else if (action.equalsIgnoreCase(MODIFY_ACTION)) {
406:                        mask |= MODIFY_MASK;
407:                    } else if (action.equalsIgnoreCase(UPLOAD_ACTION)) {
408:                        mask |= UPLOAD_MASK;
409:                    } else if (action.equalsIgnoreCase(DELETE_ACTION)) {
410:                        mask |= DELETE_MASK;
411:                    } else if (action.equalsIgnoreCase(RENAME_ACTION)) {
412:                        mask |= RENAME_MASK;
413:                    } else {
414:                        throw new IllegalArgumentException(
415:                                "Unrecognized action: " + action);
416:                    }
417:                }
418:                return mask;
419:            }
420:        }
www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.