From 56e752193bfb90d11cfe73c35a24e576b9b18c87 Mon Sep 17 00:00:00 2001
From: Jean-Noel Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Wed, 03 Jul 2013 11:03:06 +0000
Subject: [PATCH] First stab at having debuggable ACIs.
---
opends/src/server/org/opends/server/authorization/dseecompat/Permission.java | 57 +++++++++++++++++++++++++++++++++++++++++++++++----------
1 files changed, 47 insertions(+), 10 deletions(-)
diff --git a/opends/src/server/org/opends/server/authorization/dseecompat/Permission.java b/opends/src/server/org/opends/server/authorization/dseecompat/Permission.java
index 21c3fed..de1927f 100644
--- a/opends/src/server/org/opends/server/authorization/dseecompat/Permission.java
+++ b/opends/src/server/org/opends/server/authorization/dseecompat/Permission.java
@@ -23,38 +23,41 @@
*
*
* Copyright 2008 Sun Microsystems, Inc.
+ * Portions Copyright 2013 ForgeRock AS
*/
-
package org.opends.server.authorization.dseecompat;
-import org.opends.messages.Message;
-
import static org.opends.messages.AccessControlMessages.*;
import static org.opends.server.authorization.dseecompat.Aci.*;
+
+import java.util.Iterator;
+import java.util.Set;
import java.util.regex.Pattern;
+import org.opends.messages.Message;
+
/**
* A class representing the permissions of an bind rule. The permissions
* of an ACI look like deny(search, write).
*/
public class Permission {
- /*
+ /**
* The access type (allow,deny) corresponding to the ACI permission value.
*/
private EnumAccessType accessType = null;
- /*
+ /**
* The rights (search, add, delete, ...) corresponding to the ACI rights
* value.
*/
private int rights;
- /*
+ /**
* Regular expression token representing the separator.
*/
private static final String separatorToken = ",";
- /*
+ /**
* Regular expression used to match the ACI rights string.
*/
private static final String rightsRegex = ZERO_OR_MORE_WHITESPACE +
@@ -108,9 +111,8 @@
* rule.
* @throws AciException If the accesstype or rights strings are invalid.
*/
- public static
- Permission decode (String accessType, String rights)
- throws AciException {
+ public static Permission decode (String accessType, String rights)
+ throws AciException {
return new Permission(accessType, rights);
}
@@ -132,4 +134,39 @@
public boolean hasRights(int rights) {
return (this.rights & rights) != 0;
}
+
+ /** {@inheritDoc} */
+ @Override
+ public String toString() {
+ final StringBuilder sb = new StringBuilder();
+ toString(sb);
+ return sb.toString();
+ }
+
+ /**
+ * Appends a string representation of this object to the provided buffer.
+ *
+ * @param buffer
+ * The buffer into which a string representation of this object
+ * should be appended.
+ */
+ public final void toString(StringBuilder buffer) {
+ if (this.accessType != null) {
+ buffer.append(accessType.toString().toLowerCase());
+ Set<EnumRight> enumRights = EnumRight.getEnumRight(rights);
+ if (enumRights != null) {
+ buffer.append("(");
+ for (Iterator<EnumRight> iter = enumRights.iterator(); iter
+ .hasNext();) {
+ buffer.append(iter.next().getRight());
+ if (iter.hasNext()) {
+ buffer.append(",");
+ }
+ }
+ buffer.append(")");
+ } else {
+ buffer.append("(all)");
+ }
+ }
+ }
}
--
Gitblit v1.10.0