From 14c5f3996a46c1281cb133de439f25492c97530a Mon Sep 17 00:00:00 2001
From: dugan <dugan@localhost>
Date: Wed, 07 Mar 2007 14:56:34 +0000
Subject: [PATCH] These changes are mostly related to restructuring the regular expression patterns to make them more readable by defining constants. 

---
 opends/src/server/org/opends/server/authorization/dseecompat/Aci.java |  187 ++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 185 insertions(+), 2 deletions(-)

diff --git a/opends/src/server/org/opends/server/authorization/dseecompat/Aci.java b/opends/src/server/org/opends/server/authorization/dseecompat/Aci.java
index e881dd8..e29445b 100644
--- a/opends/src/server/org/opends/server/authorization/dseecompat/Aci.java
+++ b/opends/src/server/org/opends/server/authorization/dseecompat/Aci.java
@@ -37,6 +37,7 @@
  * The Aci class represents ACI strings.
  */
 public class Aci  {
+
     /*
      * The body of the ACI is the version, name and permission-bind rule
      * pairs.
@@ -53,6 +54,9 @@
      */
     public static final String supportedVersion="3.0";
 
+    /*
+     * String representation of the ACI used.
+     */
     private String aciString;
 
     /*
@@ -60,13 +64,191 @@
      */
     private DN dn;
 
+    /**
+     * Regular expression matching a word group.
+     */
+    public static final String WORD_GROUP="(\\w+)";
+
+    /**
+     * Regular expression matching a word group at the start of a
+     * pattern.
+     */
+    public static final String WORD_GROUP_START_PATTERN = "^" + WORD_GROUP;
+
+    /**
+     * Regular expression matching a white space.
+     */
+    public static final String ZERO_OR_MORE_WHITESPACE="\\s*";
+
+    /**
+     * Regular expression matching a white space at the start of a pattern.
+     */
+    public static final String ZERO_OR_MORE_WHITESPACE_START_PATTERN =
+                                             "^" + ZERO_OR_MORE_WHITESPACE ;
+
+    /**
+     * Regular expression matching a white space at the end of a pattern.
+     */
+    public static final String ZERO_OR_MORE_WHITESPACE_END_PATTERN =
+                                             ZERO_OR_MORE_WHITESPACE  + "$";
+
+    /**
+     * Regular expression matching a ACL statement separator.
+     */
+    public static final String ACI_STATEMENT_SEPARATOR =
+                ZERO_OR_MORE_WHITESPACE + ";" + ZERO_OR_MORE_WHITESPACE;
+
     /*
      * This regular expression is used to do a quick syntax check
      * when an ACI is being decoded.
      */
     private static final String aciRegex =
-            "^\\s*" + AciTargets.targetsRegex + "\\s*"+
-             AciBody.bodyRegx + "\\s*$";
+           ZERO_OR_MORE_WHITESPACE_START_PATTERN + AciTargets.targetsRegex +
+           ZERO_OR_MORE_WHITESPACE + AciBody.bodyRegx +
+           ZERO_OR_MORE_WHITESPACE_END_PATTERN;
+
+    /**
+     * Regular expression that graciously matches an attribute type name. Must
+     * begin with an ASCII letter or digit, and contain only ASCII letters,
+     * digit characters, hyphens, semi-colons and underscores.
+     * They are case insensitive.
+     */
+    public  static final String ATTR_NAME =
+              "((?i)[a-z\\d]{1}[[a-z]\\d-_.;]*(?-i))";
+
+    /**
+      * Regular expression matching a LDAP URL.
+      */
+     public  static final String LDAP_URL = ZERO_OR_MORE_WHITESPACE  +
+                                                 "(ldap:///[^\\|]+)";
+
+    /**
+     * Regular expression used to match token that joins expressions (||).
+     */
+    public static final String LOGICAL_OR = "\\|\\|";
+
+    /**
+     * Regular expression used to match an open parenthesis.
+     */
+    public static final String OPEN_PAREN = "\\(";
+
+    /**
+     * Regular expression used to match a closed parenthesis.
+     */
+    public static final String CLOSED_PAREN = "\\)";
+
+    /**
+     * Regular expression used to match a single equal sign.
+     */
+    public static final String EQUAL_SIGN = "={1}";
+
+    /**
+     * Regular expression the matches "*".
+     */
+    public static final String ALL_ATTRS_WILD_CARD = ZERO_OR_MORE_WHITESPACE +
+                                           "\\*" + ZERO_OR_MORE_WHITESPACE;
+
+    /**
+     * ACI_ADD is used to set the container rights for a LDAP add operation.
+     */
+    public static final int ACI_ADD = 0x0001;
+
+    /**
+     * ACI_DELETE is used to set the container rights for a LDAP
+     * delete operation.
+     */
+    public static final int ACI_DELETE = 0x0002;
+
+    /**
+     * ACI_READ is used to set the container rights for a LDAP
+     * search operation.
+     */
+    public static final int ACI_READ = 0x0004;
+
+    /**
+     * ACI_WRITE is used to set the container rights for a LDAP
+     * modify operation.
+     */
+    public static final int ACI_WRITE = 0x0008;
+
+    /**
+     * ACI_COMPARE is used to set the container rights for a LDAP
+     * compare operation.
+     */
+    public static final int ACI_COMPARE = 0x0010;
+
+    /**
+     * ACI_SEARCH is used to set the container rights a LDAP search operation.
+     */
+    public static final int ACI_SEARCH = 0x0020;
+
+    /**
+     * ACI_SELF is used for the SELFWRITE right. Currently not implemented.
+     */
+    public static final int ACI_SELF = 0x0040;
+
+    /**
+     * ACI_ALL is used to as a mask for all of the above. These
+     * six below are not masked by the ACI_ALL.
+     */
+    public static final int ACI_ALL = 0x007F;
+
+    /**
+     * ACI_PROXY is used for the PROXY right. Currently not used.
+     */
+    public static final int ACI_PROXY = 0x0080;
+
+    /**
+     * ACI_IMPORT is used to set the container rights for a LDAP
+     * modify dn operation. Currently not used.
+     */
+    public static final int ACI_IMPORT = 0x0100;
+
+    /**
+     * ACI_EXPORT is used to set the container rights for a LDAP
+     * modify dn operation. Currently not used.
+     */
+    public static final int ACI_EXPORT = 0x0200;
+
+    /**
+     * ACI_WRITE_ADD is used by the LDAP modify operation.
+     */
+    public static final int ACI_WRITE_ADD = 0x800;
+
+    /**
+     * ACI_WRITE_DELETE is used by the LDAP modify operation.
+     */
+    public static final int ACI_WRITE_DELETE = 0x400;
+
+    /**
+     * TARGATTRFILTER_ADD is used to specify that a
+     * targattrfilters ADD operation was seen in the ACI. For example,
+     * given an ACI with:
+     *
+     * (targattrfilters="add=mail:(mail=*@example.com)")
+     *
+     * The TARGATTRFILTERS_ADD flag would be set during ACI parsing in the
+     * TargAttrFilters class.
+     */
+    public static final int TARGATTRFILTERS_ADD = 0x1000;
+
+    /**
+     * TARGATTRFILTER_DELETE is used to specify that a
+     * targattrfilters DELETE operation was seen in the ACI. For example,
+     * given an ACI with:
+     *
+     * (targattrfilters="del=mail:(mail=*@example.com)")
+     *
+     * The TARGATTRFILTERS_DELETE flag would be set during ACI parsing in the
+     * TargAttrFilters class.
+     */
+    public static final int TARGATTRFILTERS_DELETE = 0x2000;
+
+    /**
+     * ACI_NULL is used to set the container rights to all zeros. Used
+     * by LDAP modify.
+     */
+    public static final int ACI_NULL = 0x0000;
 
     /**
      * Construct a new Aci from the provided arguments.
@@ -158,6 +340,7 @@
     isApplicable(Aci aci, AciTargetMatchContext matchCtx) {
         return AciTargets.isTargetApplicable(aci, matchCtx) &&
                 AciTargets.isTargetFilterApplicable(aci, matchCtx) &&
+                AciTargets.isTargAttrFiltersApplicable(aci, matchCtx) &&
                 AciTargets.isTargetAttrApplicable(aci, matchCtx);
     }
 

--
Gitblit v1.10.0