src/main/java/org/apache/directory/fortress/core/util/time/Discriminant.java - directory-fortress-core - Git at Google

 /*
  *   Licensed to the Apache Software Foundation (ASF) under one
  *   or more contributor license agreements.  See the NOTICE file
  *   distributed with this work for additional information
  *   regarding copyright ownership.  The ASF licenses this file
  *   to you under the Apache License, Version 2.0 (the
  *   "License"); you may not use this file except in compliance
  *   with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  *   Unless required by applicable law or agreed to in writing,
  *   software distributed under the License is distributed on an
  *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *   KIND, either express or implied.  See the License for the
  *   specific language governing permissions and limitations
  *   under the License.
  *
  */
 package org.apache.directory.fortress.core.util.time;

 import org.apache.commons.lang.StringUtils;
 import org.apache.directory.fortress.core.GlobalErrIds;
 import org.apache.directory.fortress.core.model.Constraint;
 import org.apache.directory.fortress.core.model.Session;
 import org.apache.directory.fortress.core.util.Config;
 import org.apache.directory.fortress.core.util.VUtil;

 import java.util.HashSet;
 import java.util.Set;
 import java.util.StringTokenizer;
 import java.util.TreeSet;

 /**
  * Do not use, is deprecated for {@link org.apache.directory.fortress.core.util.time.UserRoleConstraint}.
  * This class performs dynamic constraint validation on role per FC-235.
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  */
 @Deprecated
 public class Discriminant
     implements Validator
 {
     /**
      * This method is called during entity activation, {@link org.apache.directory.fortress.core.util.VUtil#validateConstraints} and ensures role has a
      * matching constraint value.
      *
      * @param session Contains the name and value of discriminator, passed by the caller, along with its corresponding values, stored on the user's properties.
      * @param role only the name is used on this argument.
      * @param time contains the current time stamp, and required by the interface, but not needed here.
      * @param type used on this validator to prevent it from ever being applied to a user's constraint.
      * @return '0' if validation succeeds else {@link org.apache.directory.fortress.core.GlobalErrIds#ACTV_FAILED_DISCRIMINANT} if failed.
      */
     @Override
     public int validate(Session session, Constraint role, Time time, VUtil.ConstraintType type )
     {
         int rc = 0;

         // Doesn't make sense to apply this constraint on a user:
         if ( type != VUtil.ConstraintType.USER )
         {
             // This constraint type requires a global config parameter keyed by the role name:
             String constraintType = Config.getInstance().getProperty( role.getName() );
             // Is there a runtime constraint placed on this role activation?
             if ( StringUtils.isNotEmpty( constraintType ))
             {
                 // Get the constraint value for this user set as property on the user entity keyed with the role's name:
                 String userProp = session.getUser().getProperty( role.getName() );
                 // Does the user have one set?
                 if ( StringUtils.isNotEmpty( userProp ) )
                 {
                     Set<String> values = getValues( userProp );
                     // This value must be placed here by the caller:
                     String constraintValue = session.getUser().getProperty( constraintType );
                     if( StringUtils.isEmpty( constraintValue ) || !values.contains( constraintValue ) )
                     {
                         rc = GlobalErrIds.ACTV_FAILED_DISCRIMINANT;
                     }
                 }
                 else
                 {
                     // This user does not have a corresponding property applied to a role that has a runtime constraint set.
                     rc = GlobalErrIds.ACTV_FAILED_DISCRIMINANT;
                 }
             }
         }
         return rc;
     }

     public Set getValues( String members )
     {
         Set<String> values = new HashSet<>(  );
         if ( members != null )
         {
             StringTokenizer tkn = new StringTokenizer( members, "," );
             if ( tkn.countTokens() > 0 )
             {
                 while ( tkn.hasMoreTokens() )
                 {
                     values.add( tkn.nextToken() );
                 }
             }
         }
         return values;
     }

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*
	*/
	package org.apache.directory.fortress.core.util.time;

	import org.apache.commons.lang.StringUtils;
	import org.apache.directory.fortress.core.GlobalErrIds;
	import org.apache.directory.fortress.core.model.Constraint;
	import org.apache.directory.fortress.core.model.Session;
	import org.apache.directory.fortress.core.util.Config;
	import org.apache.directory.fortress.core.util.VUtil;

	import java.util.HashSet;
	import java.util.Set;
	import java.util.StringTokenizer;
	import java.util.TreeSet;

	/**
	* Do not use, is deprecated for {@link org.apache.directory.fortress.core.util.time.UserRoleConstraint}.
	* This class performs dynamic constraint validation on role per FC-235.
	*
	* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
	*/
	@Deprecated
	public class Discriminant
	implements Validator
	{
	/**
	* This method is called during entity activation, {@link org.apache.directory.fortress.core.util.VUtil#validateConstraints} and ensures role has a
	* matching constraint value.
	*
	* @param session Contains the name and value of discriminator, passed by the caller, along with its corresponding values, stored on the user's properties.
	* @param role only the name is used on this argument.
	* @param time contains the current time stamp, and required by the interface, but not needed here.
	* @param type used on this validator to prevent it from ever being applied to a user's constraint.
	* @return '0' if validation succeeds else {@link org.apache.directory.fortress.core.GlobalErrIds#ACTV_FAILED_DISCRIMINANT} if failed.
	*/
	@Override
	public int validate(Session session, Constraint role, Time time, VUtil.ConstraintType type )
	{
	int rc = 0;

	// Doesn't make sense to apply this constraint on a user:
	if ( type != VUtil.ConstraintType.USER )
	{
	// This constraint type requires a global config parameter keyed by the role name:
	String constraintType = Config.getInstance().getProperty( role.getName() );
	// Is there a runtime constraint placed on this role activation?
	if ( StringUtils.isNotEmpty( constraintType ))
	{
	// Get the constraint value for this user set as property on the user entity keyed with the role's name:
	String userProp = session.getUser().getProperty( role.getName() );
	// Does the user have one set?
	if ( StringUtils.isNotEmpty( userProp ) )
	{
	Set<String> values = getValues( userProp );
	// This value must be placed here by the caller:
	String constraintValue = session.getUser().getProperty( constraintType );
	if( StringUtils.isEmpty( constraintValue ) \|\| !values.contains( constraintValue ) )
	{
	rc = GlobalErrIds.ACTV_FAILED_DISCRIMINANT;
	}
	}
	else
	{
	// This user does not have a corresponding property applied to a role that has a runtime constraint set.
	rc = GlobalErrIds.ACTV_FAILED_DISCRIMINANT;
	}
	}
	}
	return rc;
	}

	public Set getValues( String members )
	{
	Set<String> values = new HashSet<>( );
	if ( members != null )
	{
	StringTokenizer tkn = new StringTokenizer( members, "," );
	if ( tkn.countTokens() > 0 )
	{
	while ( tkn.hasMoreTokens() )
	{
	values.add( tkn.nextToken() );
	}
	}
	}
	return values;
	}

	}