portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject cvs commit: jakarta-jetspeed-2/commons/src/java/org/apache/jetspeed/security PortalResourcePermissionCollection.java PagePermission.java PortalResourcePermission.java FolderPermission.java PortletPermission.java PortletPermissionCollection.java
Date Fri, 03 Sep 2004 18:22:26 GMT
taylor      2004/09/03 11:22:26

  Modified:    commons/src/java/org/apache/jetspeed/security
                        PortletPermission.java
  Added:       commons/src/java/org/apache/jetspeed/security
                        PortalResourcePermissionCollection.java
                        PagePermission.java PortalResourcePermission.java
                        FolderPermission.java
  Removed:     commons/src/java/org/apache/jetspeed/security
                        PortletPermissionCollection.java
  Log:
  added 2 new permissions for file and folder resources
  refactored the permissions into a common abstract base class
  
  http://nagoya.apache.org/jira/browse/JS2-111
  
  CVS: ----------------------------------------------------------------------
  CVS: PR:
  CVS:   If this change addresses a PR in the problem report tracking
  CVS:   database, then enter the PR number(s) here.
  CVS: Obtained from:
  CVS:   If this change has been taken from another system, such as NCSA,
  CVS:   then name the system in this line, otherwise delete it.
  CVS: Submitted by:
  CVS:   If this code has been contributed to Apache by someone else; i.e.,
  CVS:   they sent us a patch or a new module, then include their name/email
  CVS:   address here. If this is your work then delete this line.
  CVS: Reviewed by:
  CVS:   If we are doing pre-commit code reviews and someone else has
  CVS:   reviewed your changes, include their name(s) here.
  CVS:   If you have not had it reviewed then delete this line.
  
  Revision  Changes    Path
  1.2       +3 -155    jakarta-jetspeed-2/commons/src/java/org/apache/jetspeed/security/PortletPermission.java
  
  Index: PortletPermission.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed-2/commons/src/java/org/apache/jetspeed/security/PortletPermission.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- PortletPermission.java	16 Jul 2004 19:27:19 -0000	1.1
  +++ PortletPermission.java	3 Sep 2004 18:22:26 -0000	1.2
  @@ -18,7 +18,6 @@
   import java.security.AccessControlContext;
   import java.security.Permission;
   import java.security.PermissionCollection;
  -import java.util.StringTokenizer;
   
   import javax.security.auth.Subject;
   
  @@ -31,51 +30,9 @@
    * </ul>
    * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
    */
  -public class PortletPermission extends Permission
  +public class PortletPermission extends PortalResourcePermission
   {
   
  -    /** <p>Portlet view permission.</p> */
  -    static private int VIEW = 0x01;
  -
  -    /** <p>Portlet edit permission.</p> */
  -    static private int EDIT = 0x02;
  -
  -    /** <p>Portlet edit permission.</p> */
  -    static private int DELETE = 0x04;
  -
  -    /** <p>Portlet minimize permission.</p> */
  -    static private int MINIMIZE = 0x08;
  -
  -    /** <p>Portlet maximize permission.</p> */
  -    static private int MAXIMIZE = 0x10;
  -
  -    /** <p>Portlet help permission.</p> */
  -    static private int HELP = 0x20;
  -
  -    /** <p>Portlet view action.</p> */
  -    static final public String VIEW_ACTION = "view";
  -
  -    /** <p>Portlet edit action.</p> */
  -    static final public String EDIT_ACTION = "edit";
  -
  -    /** <p>Portlet edit action.</p> */
  -    static final public String DELETE_ACTION = "delete";
  -
  -    /** <p>Portlet delete action.</p> */
  -    static final public String MINIMIZE_ACTION = "minimize";
  -
  -    /** <p>Portlet maximize action.</p> */
  -    static final public String MAXIMIZE_ACTION = "maximize";
  -
  -    /** <p>Portlet help action.</p> */
  -    static final public String HELP_ACTION = "help";
  -
  -    /** <p>Mask used for determining what action to perform.</p> */
  -    int mask;
  -
  -    /** <p>The subject the permission is being performed against.</p> */
  -    Subject subject;
  -
       /**
        * <p>Constructor for PortletPermission.</p>
        * @param name The portlet name.
  @@ -93,77 +50,9 @@
        */
       public PortletPermission(String name, String actions, Subject subject)
       {
  -        super(name);
  -        parseActions(actions);
  -        this.subject = subject;
  -    }
  -
  -    /**
  -     * @see java.security.Permission#getActions()
  -     */
  -    public String getActions()
  -    {
  -        StringBuffer buf = new StringBuffer();
  -
  -        if ((mask & VIEW) == VIEW)
  -        {
  -            buf.append(VIEW_ACTION);
  -        }
  -        if ((mask & EDIT) == EDIT)
  -        {
  -            if (buf.length() > 0)
  -                buf.append(", ");
  -            buf.append(EDIT_ACTION);
  -        }
  -        if ((mask & DELETE) == DELETE)
  -        {
  -            if (buf.length() > 0)
  -                buf.append(", ");
  -            buf.append(DELETE_ACTION);
  -        }
  -        if ((mask & MINIMIZE) == MINIMIZE)
  -        {
  -            if (buf.length() > 0)
  -                buf.append(", ");
  -            buf.append(MINIMIZE_ACTION);
  -        }
  -        if ((mask & MAXIMIZE) == MAXIMIZE)
  -        {
  -            if (buf.length() > 0)
  -                buf.append(", ");
  -            buf.append(MAXIMIZE_ACTION);
  -        }
  -        if ((mask & HELP) == HELP)
  -        {
  -            if (buf.length() > 0)
  -                buf.append(", ");
  -            buf.append(HELP_ACTION);
  -        }
  -
  -        return buf.toString();
  -    }
  -
  -    /**
  -     * @see java.security.Permission#hashCode()
  -     */
  -    public int hashCode()
  -    {
  -        StringBuffer value = new StringBuffer(getName());
  -        return value.toString().hashCode() ^ mask;
  +        super(name, actions, subject);
       }
   
  -    /**
  -     * @see java.security.Permission#equals(Object)
  -     */
  -    public boolean equals(Object object)
  -    {
  -        if (!(object instanceof PortletPermission))
  -            return false;
  -
  -        PortletPermission p = (PortletPermission) object;
  -        boolean isEqual = ((p.getName().equals(getName())) && (p.mask == mask));
  -        return isEqual;
  -    }
   
       public boolean implies(Permission permission)
       {
  @@ -213,48 +102,7 @@
        */
       public PermissionCollection newPermissionCollection()
       {
  -        return new PortletPermissionCollection();
  -    }
  -
  -    /**
  -     * <p>Gets the subject.</p>
  -     * @return Returns a Subject
  -     */
  -    public Subject getSubject()
  -    {
  -        return subject;
  -    }
  -
  -    /**
  -     * <p>Parses the actions string.</p>
  -     * <p>Actions are separated by commas or white space.</p>
  -     * @param actions The actions
  -     */
  -    private void parseActions(String actions)
  -    {
  -        mask = 0;
  -        if (actions != null)
  -        {
  -            StringTokenizer tokenizer = new StringTokenizer(actions, ",\t ");
  -            while (tokenizer.hasMoreTokens())
  -            {
  -                String token = tokenizer.nextToken();
  -                if (token.equals(VIEW_ACTION))
  -                    mask |= VIEW;
  -                else if (token.equals(EDIT_ACTION))
  -                    mask |= EDIT;
  -                else if (token.equals(DELETE_ACTION))
  -                    mask |= DELETE;
  -                else if (token.equals(MINIMIZE_ACTION))
  -                    mask |= MINIMIZE;
  -                else if (token.equals(MAXIMIZE_ACTION))
  -                    mask |= MAXIMIZE;
  -                else if (token.equals(HELP_ACTION))
  -                    mask |= HELP;
  -                else
  -                    throw new IllegalArgumentException("Unknown action: " + token);
  -            }
  -        }
  +        return new PortalResourcePermissionCollection();
       }
   
   }
  
  
  
  1.1                  jakarta-jetspeed-2/commons/src/java/org/apache/jetspeed/security/PortalResourcePermissionCollection.java
  
  Index: PortalResourcePermissionCollection.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *     http://www.apache.org/licenses/LICENSE-2.0
   *
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
   */
  package org.apache.jetspeed.security;
  
  import java.util.Collections;
  
  import java.security.Permission;
  import java.security.PermissionCollection;
  import java.util.Enumeration;
  import java.util.ArrayList;
  import java.util.Iterator;
  
  /**
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   */
  public class PortalResourcePermissionCollection extends PermissionCollection
  {
  
      ArrayList perms = new ArrayList();
  
      /**
       * 
       */
      public PortalResourcePermissionCollection()
      {
          super(); 
      }
  
      /**
       * @see java.security.PermissionCollection#add(java.security.Permission)
       */
      public void add(Permission permission)
      {
          perms.add(permission);
      }
  
      /**
       * @see java.security.PermissionCollection#implies(java.security.Permission)
       */
      public boolean implies(Permission permission)
      {
          for (Iterator i = perms.iterator(); i.hasNext(); ) 
          {
              if (((Permission)i.next()).implies(permission)) 
              {
                  return true;
              }
          }
          return false;
      }
  
      /**
       * @see java.security.PermissionCollection#elements()
       */
      public Enumeration elements()
      {
          return Collections.enumeration(perms);
      }
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/commons/src/java/org/apache/jetspeed/security/PagePermission.java
  
  Index: PagePermission.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
  package org.apache.jetspeed.security;
  
  import java.security.AccessControlContext;
  import java.security.AccessController;
  import java.security.Permission;
  import java.security.PermissionCollection;
  
  import javax.security.auth.Subject;
  
  /**
   * <p>Folder permission.</p>
   * <p>This code was partially inspired from articles from:</p>
   * <ul>
   *    <li><a href="http://www-106.ibm.com/developerworks/library/j-jaas/">
   *    Extend JAAS for class instance-level authorization.</a></li>
   * </ul>
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
   */
  public class PagePermission extends PortalResourcePermission
  {    
      /**
       * <p>Constructor for PagePermission.</p>
       * @param name The portlet name.
       * @param actions The actions on the portlet.
       */
      public PagePermission(String name, String actions)
      {
          this(name, actions, null);
      }
  
      /**
       * <p>Constructor for PagePermission.</p>
       * @param name The portlet name.
       * @param actions The actions on the portlet.
       */
      public PagePermission(String name, String actions, Subject subject)
      {
          super(name, actions, subject);
      }
  
      public boolean implies(Permission permission)
      {
          // The permission must be an instance 
          // of the PortletPermission.
          if (!(permission instanceof PagePermission))
          {
              return false;
          }
  
          // The portlet name must be the same.
          if (!(permission.getName().equals(getName())))
          {
              return false;
          }
  
          PagePermission pagePerm = (PagePermission) permission;
  
          // Get the subject.
          // It was either provide in the constructor.
          Subject user = pagePerm.getSubject();
          // Or we get it from the AccessControlContext.
          if (null == user)
          {
              AccessControlContext context = AccessController.getContext();
              user = Subject.getSubject(context);
          }
          // No user was passed.  The permission must be denied.
          if (null == user)
          {
              return false;
          }
  
          // The action bits in PagePerm (permission) 
          // must be set in the current mask permission.
          if ((mask & pagePerm.mask) != pagePerm.mask)
          {
              return false;
          }
  
          return true;
      }
  
      /**
       * <p>Overrides <code>Permission.newPermissionCollection()</code>.</p>
       * @see java.security.Permission#newPermissionCollection()
       */
      public PermissionCollection newPermissionCollection()
      {
          return new PortalResourcePermissionCollection();
      }
  
  }
  
  
  
  1.1                  jakarta-jetspeed-2/commons/src/java/org/apache/jetspeed/security/PortalResourcePermission.java
  
  Index: PortalResourcePermission.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
  package org.apache.jetspeed.security;
  
  import java.security.Permission;
  import java.util.StringTokenizer;
  
  import javax.security.auth.Subject;
  
  import org.apache.jetspeed.JetspeedActions;
  
  
  /**
   * <p>Generalized Portlet Resoure permission.</p>
   * <p>This code was partially inspired from articles from:</p>
   * <ul>
   *    <li><a href="http://www-106.ibm.com/developerworks/library/j-jaas/">
   *    Extend JAAS for class instance-level authorization.</a></li>
   * </ul>
   * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
   */
  public abstract class PortalResourcePermission extends Permission
  {
      /** <p>Mask used for determining what action to perform.</p> */
      protected int mask;
  
      /** <p>The subject the permission is being performed against.</p> */
      protected Subject subject;
      
      /**
       * <p>Constructor for PortletPermission.</p>
       * @param name The portlet name.
       * @param actions The actions on the portlet.
       */
      public PortalResourcePermission(String name, String actions, Subject subject)
      {
          super(name);
          parseActions(actions);
          this.subject = subject;
      }
  
      /**
       * @see java.security.Permission#hashCode()
       */
      public int hashCode()
      {
          StringBuffer value = new StringBuffer(getName());
          return value.toString().hashCode() ^ mask;
      }
  
      /**
       * @see java.security.Permission#equals(Object)
       */
      public boolean equals(Object object)
      {
          if (!(object instanceof PortletPermission))
              return false;
  
          PortletPermission p = (PortletPermission) object;
          boolean isEqual = ((p.getName().equals(getName())) && (p.mask == mask));
          return isEqual;
      }
      
      /**
       * @see java.security.Permission#getActions()
       */
      public String getActions()
      {
          StringBuffer buf = new StringBuffer();
  
          if ((mask & JetspeedActions.MASK_VIEW) == JetspeedActions.MASK_VIEW)
          {
              buf.append(JetspeedActions.VIEW);
          }
          if ((mask & JetspeedActions.MASK_EDIT) == JetspeedActions.MASK_EDIT)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(JetspeedActions.EDIT);
          }
          if ((mask & JetspeedActions.MASK_RESTORE) == JetspeedActions.MASK_RESTORE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(JetspeedActions.RESTORE);
          }
          if ((mask & JetspeedActions.MASK_MINIMIZE) == JetspeedActions.MASK_MINIMIZE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(JetspeedActions.MINIMIZE);
          }
          if ((mask & JetspeedActions.MASK_MAXIMIZE) == JetspeedActions.MASK_MAXIMIZE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(JetspeedActions.MAXIMIZE);
          }
          if ((mask & JetspeedActions.MASK_HELP) == JetspeedActions.MASK_HELP)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(JetspeedActions.HELP);
          }
          if ((mask & JetspeedActions.MASK_SECURE) == JetspeedActions.MASK_SECURE)
          {
              if (buf.length() > 0)
                  buf.append(", ");
              buf.append(JetspeedActions.SECURE);
          }
  
          return buf.toString();
      }
  
      /* (non-Javadoc)
       * @see java.security.Permission#implies(java.security.Permission)
       */
      public boolean implies(Permission permission)
      {
          // TODO Auto-generated method stub
          return false;
      }
  
      /**
       * <p>Parses the actions string.</p>
       * <p>Actions are separated by commas or white space.</p>
       * @param actions The actions
       */
      private void parseActions(String actions)
      {
          mask = 0;
          if (actions != null)
          {
              StringTokenizer tokenizer = new StringTokenizer(actions, ",\t ");
              while (tokenizer.hasMoreTokens())
              {
                  String token = tokenizer.nextToken();
                  if (token.equals(JetspeedActions.VIEW))
                      mask |= JetspeedActions.MASK_VIEW;
                  else if (token.equals(JetspeedActions.VIEW) || token.equals(JetspeedActions.RESTORE))
                      mask |= JetspeedActions.MASK_VIEW;
                  else if (token.equals(JetspeedActions.EDIT))
                      mask |= JetspeedActions.MASK_EDIT;
                  else if (token.equals(JetspeedActions.MINIMIZE))
                      mask |= JetspeedActions.MASK_MINIMIZE;
                  else if (token.equals(JetspeedActions.MAXIMIZE))
                      mask |= JetspeedActions.MASK_MAXIMIZE;
                  else if (token.equals(JetspeedActions.HELP))
                      mask |= JetspeedActions.MASK_HELP;
                  else if (token.equals(JetspeedActions.SECURE))
                      mask |= JetspeedActions.MASK_SECURE;                
                  else
                      throw new IllegalArgumentException("Unknown action: " + token);
              }
          }
      }
      
      /**
       * <p>Gets the subject.</p>
       * @return Returns a Subject
       */
      public Subject getSubject()
      {
          return subject;
      }
      
  }
  
  
  
  1.1                  jakarta-jetspeed-2/commons/src/java/org/apache/jetspeed/security/FolderPermission.java
  
  Index: FolderPermission.java
  ===================================================================
  /* Copyright 2004 Apache Software Foundation
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
  package org.apache.jetspeed.security;
  
  import java.security.AccessControlContext;
  import java.security.AccessController;
  import java.security.Permission;
  import java.security.PermissionCollection;
  
  import javax.security.auth.Subject;
  
  /**
   * <p>Folder permission.</p>
   * <p>This code was partially inspired from articles from:</p>
   * <ul>
   *    <li><a href="http://www-106.ibm.com/developerworks/library/j-jaas/">
   *    Extend JAAS for class instance-level authorization.</a></li>
   * </ul>
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
   */
  public class FolderPermission extends PortalResourcePermission
  {    
      /**
       * <p>Constructor for FolderPermission.</p>
       * @param name The portlet name.
       * @param actions The actions on the portlet.
       */
      public FolderPermission(String name, String actions)
      {
          this(name, actions, null);
      }
  
      /**
       * <p>Constructor for FolderPermission.</p>
       * @param name The portlet name.
       * @param actions The actions on the portlet.
       */
      public FolderPermission(String name, String actions, Subject subject)
      {
          super(name, actions, subject);
      }
  
      public boolean implies(Permission permission)
      {
          // The permission must be an instance 
          // of the PortletPermission.
          if (!(permission instanceof FolderPermission))
          {
              return false;
          }
  
          // The portlet name must be the same.
          if (!(permission.getName().equals(getName())))
          {
              return false;
          }
  
          FolderPermission folderPerm = (FolderPermission) permission;
  
          // Get the subject.
          // It was either provide in the constructor.
          Subject user = folderPerm.getSubject();
          // Or we get it from the AccessControlContext.
          if (null == user)
          {
              AccessControlContext context = AccessController.getContext();
              user = Subject.getSubject(context);
          }
          // No user was passed.  The permission must be denied.
          if (null == user)
          {
              return false;
          }
  
          // The action bits in FolderPerm (permission) 
          // must be set in the current mask permission.
          if ((mask & folderPerm.mask) != folderPerm.mask)
          {
              return false;
          }
  
          return true;
      }
  
      /**
       * <p>Overrides <code>Permission.newPermissionCollection()</code>.</p>
       * @see java.security.Permission#newPermissionCollection()
       */
      public PermissionCollection newPermissionCollection()
      {
          return new PortalResourcePermissionCollection();
      }
  
  }
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message