Google Git
Sign in
apache / geronimo-specs / refs/heads/1_0 / . / geronimo-spec-j2ee-jacc / src / java / javax / security / jacc / WebUserDataPermission.java
blob: a1e353c882a50974c115933283d93a8bc1b9074c [file] [log] [blame]
/**
*
* Copyright 2003-2004 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
//
// This source code implements specifications defined by the Java
// Community Process. In order to remain compliant with the specification
// DO NOT add / change / or delete method signatures!
//
package javax.security.jacc;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.security.Permission;
import java.security.PermissionCollection;
import java.util.Hashtable;
import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
/**
* Class for Servlet Web user data permissions. A WebUserDataPermission is a
* named permission and has actions.<p>
* <p/>
* The name of a WebUserDataPermission (also referred to as the target name)
* identifies a Web resource by its context path relative URL pattern.
*
* @version $Rev$ $Date$
* @see java.security.Permission
*/
public final class WebUserDataPermission extends Permission implements Serializable {
private transient int cachedHashCode = 0;
private transient URLPatternSpec urlPatternSpec;
private transient HTTPMethodSpec httpMethodSpec;
/**
* Creates a new WebUserDataPermission from the HttpServletRequest object.
*
* @param request the HttpServletRequest object corresponding to the
* Servlet operation to which the permission pertains. The permission
* name is the substring of the requestURI (HttpServletRequest.getRequestURI())
* that begins after the contextPath (HttpServletRequest.getContextPath()).
* When the substring operation yields the string �/�, the permission is
* constructed with the empty string as its name. The HTTP method component
* of the permission�s actions is as obtained from HttpServletRequest.getMethod().
* The TransportType component of the permission�s actions is determined
* by calling HttpServletRequest.isSecure().
*/
public WebUserDataPermission(HttpServletRequest request) {
super(request.getServletPath());
urlPatternSpec = new URLPatternSpec(request.getServletPath());
httpMethodSpec = new HTTPMethodSpec(request.getMethod(), request.isSecure()? HTTPMethodSpec.CONFIDENTIAL: HTTPMethodSpec.NONE);
}
public WebUserDataPermission(String name, String actions) {
super(name);
urlPatternSpec = new URLPatternSpec(name);
httpMethodSpec = new HTTPMethodSpec(actions, true);
}
public WebUserDataPermission(String urlPattern, String[] HTTPMethods, String transportType) {
super(urlPattern);
urlPatternSpec = new URLPatternSpec(urlPattern);
httpMethodSpec = new HTTPMethodSpec(HTTPMethods, transportType == null? "NONE": transportType);
}
public boolean equals(Object o) {
if (o == null || !(o instanceof WebUserDataPermission)) return false;
WebUserDataPermission other = (WebUserDataPermission) o;
return urlPatternSpec.equals(other.urlPatternSpec) && httpMethodSpec.equals(other.httpMethodSpec);
}
public String getActions() {
return httpMethodSpec.getActions();
}
public int hashCode() {
if (cachedHashCode == 0) {
cachedHashCode = urlPatternSpec.hashCode() ^ httpMethodSpec.hashCode();
}
return cachedHashCode;
}
public boolean implies(Permission permission) {
if (permission == null || !(permission instanceof WebUserDataPermission)) return false;
WebUserDataPermission other = (WebUserDataPermission) permission;
return urlPatternSpec.implies(other.urlPatternSpec) && httpMethodSpec.implies(other.httpMethodSpec);
}
public PermissionCollection newPermissionCollection() {
return new WebUserDataPermissionCollection();
}
private synchronized void readObject(ObjectInputStream in) throws IOException {
urlPatternSpec = new URLPatternSpec(in.readUTF());
httpMethodSpec = new HTTPMethodSpec(in.readUTF(), true);
}
private synchronized void writeObject(ObjectOutputStream out) throws IOException {
out.writeUTF(urlPatternSpec.getPatternSpec());
out.writeUTF(httpMethodSpec.getActions());
}
private static final class WebUserDataPermissionCollection extends PermissionCollection {
private Hashtable permissions = new Hashtable();
/**
* Adds a permission object to the current collection of permission objects.
*
* @param permission the Permission object to add.
*
* @exception SecurityException - if this PermissionCollection object
* has been marked readonly
*/
public void add(Permission permission) {
if (isReadOnly()) throw new IllegalArgumentException("Read only collection");
if (!(permission instanceof WebUserDataPermission)) throw new IllegalArgumentException("Wrong permission type");
WebUserDataPermission p = (WebUserDataPermission)permission;
permissions.put(p, p);
}
/**
* Checks to see if the specified permission is implied by
* the collection of Permission objects held in this PermissionCollection.
*
* @param permission the Permission object to compare.
*
* @return true if "permission" is implied by the permissions in
* the collection, false if not.
*/
public boolean implies(Permission permission) {
if (!(permission instanceof WebUserDataPermission)) return false;
WebUserDataPermission p = (WebUserDataPermission)permission;
Enumeration e = permissions.elements();
while (e.hasMoreElements()) {
if (((WebUserDataPermission)e.nextElement()).implies(p)) return true;
}
return false;
}
/**
* Returns an enumeration of all the Permission objects in the collection.
*
* @return an enumeration of all the Permissions.
*/
public Enumeration elements() {
return permissions.elements();
}
}
}