View Javadoc
1   /*
2    * Copyright (c) 1997, 2007, Oracle and/or its affiliates. All rights reserved.
3    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4    *
5    * This code is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU General Public License version 2 only, as
7    * published by the Free Software Foundation.  Oracle designates this
8    * particular file as subject to the "Classpath" exception as provided
9    * by Oracle in the LICENSE file that accompanied this code.
10   *
11   * This code is distributed in the hope that it will be useful, but WITHOUT
12   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13   * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14   * version 2 for more details (a copy is included in the LICENSE file that
15   * accompanied this code).
16   *
17   * You should have received a copy of the GNU General Public License version
18   * 2 along with this work; if not, write to the Free Software Foundation,
19   * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20   *
21   * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22   * or visit www.oracle.com if you need additional information or have any
23   * questions.
24   */
25  
26  
27  package com.sun.jmx.snmp.IPAcl;
28  
29  
30  
31  import java.security.acl.Permission;
32  import java.util.Vector;
33  import java.util.Enumeration;
34  import java.io.Serializable;
35  import java.net.UnknownHostException;
36  
37  import java.security.Principal;
38  import java.security.acl.AclEntry;
39  
40  
41  /**
42   * Represent one entry in the Access Control List (ACL).
43   * This ACL entry object contains a permission associated with a particular principal.
44   * (A principal represents an entity such as an individual machine or a group).
45   *
46   * @see java.security.acl.AclEntry
47   */
48  
49  class AclEntryImpl implements AclEntry, Serializable {
50    private static final long serialVersionUID = -5047185131260073216L;
51  
52    private AclEntryImpl (AclEntryImpl i) throws UnknownHostException {
53          setPrincipal(i.getPrincipal());
54          permList = new Vector<Permission>();
55          commList = new Vector<String>();
56  
57          for (Enumeration<String> en = i.communities(); en.hasMoreElements();){
58            addCommunity(en.nextElement());
59          }
60  
61          for (Enumeration<Permission> en = i.permissions(); en.hasMoreElements();){
62            addPermission(en.nextElement());
63          }
64          if (i.isNegative()) setNegativePermissions();
65    }
66  
67    /**
68     * Contructs an empty ACL entry.
69     */
70    public AclEntryImpl (){
71          princ = null;
72          permList = new Vector<Permission>();
73          commList = new Vector<String>();
74    }
75  
76    /**
77     * Constructs an ACL entry with a specified principal.
78     *
79     * @param p the principal to be set for this entry.
80     */
81    public AclEntryImpl (Principal p) throws UnknownHostException {
82          princ = p;
83          permList = new Vector<Permission>();
84          commList = new Vector<String>();
85    }
86  
87    /**
88     * Clones this ACL entry.
89     *
90     * @return a clone of this ACL entry.
91     */
92    public Object clone() {
93          AclEntryImpl i;
94          try {
95            i = new AclEntryImpl(this);
96          }catch (UnknownHostException e) {
97            i = null;
98          }
99          return (Object) i;
100   }
101 
102   /**
103    * Returns true if this is a negative ACL entry (one denying the associated principal
104    * the set of permissions in the entry), false otherwise.
105    *
106    * @return true if this is a negative ACL entry, false if it's not.
107    */
108   public boolean isNegative(){
109         return neg;
110   }
111 
112   /**
113    * Adds the specified permission to this ACL entry. Note: An entry can
114    * have multiple permissions.
115    *
116    * @param perm the permission to be associated with the principal in this
117    *        entry
118    * @return true if the permission is removed, false if the permission was
119    *         not part of this entry's permission set.
120    *
121    */
122   public boolean addPermission(java.security.acl.Permission perm){
123         if (permList.contains(perm)) return false;
124         permList.addElement(perm);
125         return true;
126   }
127 
128   /**
129    * Removes the specified permission from this ACL entry.
130    *
131    * @param perm the permission to be removed from this entry.
132    * @return true if the permission is removed, false if the permission
133    *         was not part of this entry's permission set.
134    */
135   public boolean removePermission(java.security.acl.Permission perm){
136         if (!permList.contains(perm)) return false;
137         permList.removeElement(perm);
138         return true;
139   }
140 
141   /**
142    * Checks if the specified permission is part of the permission set in
143    * this entry.
144    *
145    * @param perm the permission to be checked for.
146    * @return true if the permission is part of the permission set in this
147    *         entry, false otherwise.
148    */
149 
150   public boolean checkPermission(java.security.acl.Permission perm){
151         return (permList.contains(perm));
152   }
153 
154   /**
155    * Returns an enumeration of the permissions in this ACL entry.
156    *
157    * @return an enumeration of the permissions in this ACL entry.
158    */
159   public Enumeration<Permission> permissions(){
160         return permList.elements();
161   }
162 
163   /**
164    * Sets this ACL entry to be a negative one. That is, the associated principal
165    * (e.g., a user or a group) will be denied the permission set specified in the
166    * entry. Note: ACL entries are by default positive. An entry becomes a negative
167    * entry only if this setNegativePermissions method is called on it.
168    *
169    * Not Implemented.
170    */
171   public void setNegativePermissions(){
172         neg = true;
173   }
174 
175   /**
176    * Returns the principal for which permissions are granted or denied by this ACL
177    * entry. Returns null if there is no principal set for this entry yet.
178    *
179    * @return the principal associated with this entry.
180    */
181   public Principal getPrincipal(){
182         return princ;
183   }
184 
185   /**
186    * Specifies the principal for which permissions are granted or denied by
187    * this ACL entry. If a principal was already set for this ACL entry,
188    * false is returned, otherwise true is returned.
189    *
190    * @param p the principal to be set for this entry.
191    * @return true if the principal is set, false if there was already a
192    *         principal set for this entry.
193    */
194   public boolean setPrincipal(Principal p) {
195         if (princ != null )
196           return false;
197         princ = p;
198         return true;
199   }
200 
201   /**
202    * Returns a string representation of the contents of this ACL entry.
203    *
204    * @return a string representation of the contents.
205    */
206   public String toString(){
207         return "AclEntry:"+princ.toString();
208   }
209 
210   /**
211    * Returns an enumeration of the communities in this ACL entry.
212    *
213    * @return an enumeration of the communities in this ACL entry.
214    */
215   public Enumeration<String> communities(){
216         return commList.elements();
217   }
218 
219   /**
220    * Adds the specified community to this ACL entry. Note: An entry can
221    * have multiple communities.
222    *
223    * @param comm the community to be associated with the principal
224    *        in this entry.
225    * @return true if the community was added, false if the community was
226    *         already part of this entry's community set.
227    */
228   public boolean addCommunity(String comm){
229         if (commList.contains(comm)) return false;
230         commList.addElement(comm);
231         return true;
232   }
233 
234   /**
235    * Removes the specified community from this ACL entry.
236    *
237    * @param comm the community  to be removed from this entry.
238    * @return true if the community is removed, false if the community was
239    *         not part of this entry's community set.
240    */
241   public boolean removeCommunity(String comm){
242         if (!commList.contains(comm)) return false;
243         commList.removeElement(comm);
244         return true;
245   }
246 
247   /**
248    * Checks if the specified community is part of the community set in this
249    * entry.
250    *
251    * @param  comm the community to be checked for.
252    * @return true if the community is part of the community set in this
253    *         entry, false otherwise.
254    */
255   public boolean checkCommunity(String comm){
256         return (commList.contains(comm));
257   }
258 
259   private Principal princ = null;
260   private boolean neg     = false;
261   private Vector<Permission> permList = null;
262   private Vector<String> commList = null;
263 }