Coverage Summary for Class: DomainPermissions (com.acciente.oacc)

Class	Method, %	Line, %
DomainPermissions	88.9% (8/ 9)	87.5% (49/ 56)
DomainPermissions$DomainPermissionImpl	85.7% (12/ 14)	82.4% (42/ 51)
total	87% (20/ 23)	85% (91/ 107)
1 /*
2  * Copyright 2009-2017, Acciente LLC
3  *
4  * Acciente LLC licenses this file to you under the
5  * Apache License, Version 2.0 (the "License"); you
6  * may not use this file except in compliance with the
7  * License. You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in
12  * writing, software distributed under the License is
13  * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES
14  * OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing
16  * permissions and limitations under the License.
17  */
18 package com.acciente.oacc;
19 
20 import java.io.Serializable;
21 import java.util.ArrayList;
22 import java.util.Collections;
23 import java.util.HashMap;
24 import java.util.List;
25 import java.util.Map;
26 import java.util.concurrent.ConcurrentHashMap;
27 import java.util.concurrent.ConcurrentMap;
28 
29 public class DomainPermissions {
30    // constants for the important system permission names with pre-defined semantics
31    private static final SysPermission SYSPERMISSION_SUPER_USER          = new SysPermission(-301, "*SUPER-USER");
32    public static final  String        SUPER_USER                        = SYSPERMISSION_SUPER_USER.getPermissionName();
33    private static final SysPermission SYSPERMISSION_CREATE_CHILD_DOMAIN = new SysPermission(-302, "*CREATE-CHILD-DOMAIN");
34    public static final  String        CREATE_CHILD_DOMAIN               = SYSPERMISSION_CREATE_CHILD_DOMAIN.getPermissionName();
35    private static final SysPermission SYSPERMISSION_DELETE              = new SysPermission(-303, "*DELETE");
36    public static final  String        DELETE                            = SYSPERMISSION_DELETE.getPermissionName();
37 
38    private static final Map<String, SysPermission>              sysPermissionsByName;
39    private static final Map<Long, String>                       sysPermissionNamesById;
40    private static final List<String>                            sysPermissionNames;
41    private static final ConcurrentMap<String, DomainPermission> grantablePermissionsByName;
42    private static final ConcurrentMap<String, DomainPermission> ungrantablePermissionsByName;
43    static {
44       sysPermissionsByName = new HashMap<>();
45       sysPermissionsByName.put(SUPER_USER, SYSPERMISSION_SUPER_USER);
46       sysPermissionsByName.put(CREATE_CHILD_DOMAIN, SYSPERMISSION_CREATE_CHILD_DOMAIN);
47       sysPermissionsByName.put(DELETE, SYSPERMISSION_DELETE);
48 
49       sysPermissionNamesById = new HashMap<>(sysPermissionsByName.size());
50       for (SysPermission sysPermission : sysPermissionsByName.values()) {
51          sysPermissionNamesById.put(sysPermission.getSystemPermissionId(), sysPermission.getPermissionName());
52       }
53 
54       sysPermissionNames = Collections.unmodifiableList(new ArrayList<>(sysPermissionNamesById.values()));
55 
56       grantablePermissionsByName = new ConcurrentHashMap<>(sysPermissionsByName.size());
57       ungrantablePermissionsByName = new ConcurrentHashMap<>(sysPermissionsByName.size());
58    }
59 
60    public static List<String> getSysPermissionNames() {
61       return sysPermissionNames;
62    }
63 
64    public static String getSysPermissionName(long systemPermissionId) {
65       final String sysPermissionName = sysPermissionNamesById.get(systemPermissionId);
66 
67       if (sysPermissionName == null) {
68          throw new IllegalArgumentException("Invalid system permission ID: " + systemPermissionId);
69       }
70 
71       return sysPermissionName;
72    }
73 
74    /**
75     * Creates a new domain permission of the specified name, without
76     * the option to grant the domain-permission to another resource
77     *
78     * @param sysPermissionName  the name of the system domain permission
79     * @return a domain permission
80     */
81    public static DomainPermission getInstance(String sysPermissionName) {
82       sysPermissionName = getCanonicalSysPermissionName(sysPermissionName);
83 
84       DomainPermission domainPermission = ungrantablePermissionsByName.get(sysPermissionName);
85 
86       if (domainPermission == null) {
87          domainPermission = new DomainPermissionImpl(sysPermissionName, false);
88          final DomainPermission cachedInstance = ungrantablePermissionsByName.putIfAbsent(sysPermissionName, domainPermission);
89          if (cachedInstance != null) {
90             domainPermission = cachedInstance;
91          }
92       }
93 
94       return domainPermission;
95    }
96 
97    /**
98     * Creates a new domain permission of the specified name, but with
99     * the option to grant the domain-permission to another resource
100     *
101     * @param sysPermissionName  the name of the system domain permission
102     * @return a domain permission
103     */
104    public static DomainPermission getInstanceWithGrantOption(String sysPermissionName) {
105       sysPermissionName = getCanonicalSysPermissionName(sysPermissionName);
106 
107       DomainPermission domainPermission = grantablePermissionsByName.get(sysPermissionName);
108 
109       if (domainPermission == null) {
110          domainPermission = new DomainPermissionImpl(sysPermissionName, true);
111          final DomainPermission cachedInstance = grantablePermissionsByName.putIfAbsent(sysPermissionName, domainPermission);
112          if (cachedInstance != null) {
113             domainPermission = cachedInstance;
114          }
115       }
116 
117       return domainPermission;
118    }
119 
120    /**
121     * @deprecated as of v2.0.0-rc.5; use {@link #getInstanceWithGrantOption(String)} or {@link #getInstance(String)} instead.
122     */
123    @Deprecated
124    public static DomainPermission getInstance(String sysPermissionName, boolean withGrant) {
125       return new DomainPermissionImpl(sysPermissionName, withGrant);
126    }
127 
128    public static DomainPermission getInstance(DomainPermission domainPermission) {
129       if (domainPermission instanceof DomainPermissions.DomainPermissionImpl) {
130          return domainPermission;
131       }
132 
133       final DomainPermission verifiedPermission;
134 
135       if(domainPermission.isWithGrantOption()) {
136          verifiedPermission = getInstanceWithGrantOption(domainPermission.getPermissionName());
137       }
138       else {
139          verifiedPermission = getInstance(domainPermission.getPermissionName());
140       }
141 
142       // validate system permission name and id matched
143       if (verifiedPermission.getSystemPermissionId() != domainPermission.getSystemPermissionId()) {
144          throw new IllegalArgumentException("Invalid system permission id for domain permission: " + domainPermission);
145       }
146 
147       return verifiedPermission;
148    }
149 
150    private static String getCanonicalSysPermissionName(String permissionName) {
151       if (permissionName == null) {
152          throw new IllegalArgumentException("A system permission name is required");
153       }
154 
155       permissionName = permissionName.trim();
156 
157       if (permissionName.isEmpty()) {
158          throw new IllegalArgumentException("A system permission name is required");
159       }
160       return permissionName;
161    }
162 
163    static class DomainPermissionImpl implements DomainPermission, Serializable {
164       private static final long serialVersionUID = 1L;
165 
166       // permission data
167       private final long    systemPermissionId;
168       private final String  permissionName;
169       private final boolean withGrantOption;
170 
171       private DomainPermissionImpl(String sysPermissionName, boolean withGrantOption) {
172          SysPermission sysPermission = getSysPermission(sysPermissionName);
173 
174          this.systemPermissionId = sysPermission.getSystemPermissionId();
175          this.permissionName = sysPermission.getPermissionName();
176          this.withGrantOption = withGrantOption;
177       }
178 
179       @Override
180       public boolean isSystemPermission() {
181          return systemPermissionId != 0;
182       }
183 
184       @Override
185       public String getPermissionName() {
186          return permissionName;
187       }
188 
189       @Override
190       public long getSystemPermissionId() {
191          if (!isSystemPermission()) {
192             throw new IllegalArgumentException("No system permission ID may be retrieved for user permission: " + permissionName + ", please check your code");
193          }
194 
195          return systemPermissionId;
196       }
197 
198       @Override
199       public boolean isWithGrantOption() {
200          return withGrantOption;
201       }
202 
203       @Override
204       @Deprecated
205       public boolean isWithGrant() {
206          return isWithGrantOption();
207       }
208 
209       @Override
210       public boolean isGrantableFrom(DomainPermission other) {
211          if (other == null) {
212             return false;
213          }
214 
215          if (!other.isWithGrantOption()) {
216             return false;
217          }
218 
219          return permissionName.equals(other.getPermissionName());
220       }
221 
222       // equals() and hashCode()
223 
224       @Override
225       public boolean equals(Object other) {
226          if (this == other) {
227             return true;
228          }
229          if (other == null || getClass() != other.getClass()) {
230             return false;
231          }
232 
233          DomainPermissionImpl otherDomainPermission = (DomainPermissionImpl) other;
234 
235          if (withGrantOption != otherDomainPermission.withGrantOption) {
236             return false;
237          }
238          if (!permissionName.equals(otherDomainPermission.permissionName)) {
239             return false;
240          }
241 
242          return true;
243       }
244 
245       @Override
246       public boolean equalsIgnoreGrantOption(Object other) {
247          if (this == other) {
248             return true;
249          }
250          if (other == null || getClass() != other.getClass()) {
251             return false;
252          }
253 
254          DomainPermissionImpl otherDomainPermission = (DomainPermissionImpl) other;
255 
256          if (!permissionName.equals(otherDomainPermission.permissionName)) {
257             return false;
258          }
259 
260          return true;
261       }
262 
263       @Override
264       @Deprecated
265       public boolean equalsIgnoreGrant(Object other) {
266          return equalsIgnoreGrantOption(other);
267       }
268 
269       @Override
270       public int hashCode() {
271          int result = permissionName.hashCode();
272          result = 31 * result + (withGrantOption ? 1 : 0);
273          return result;
274       }
275 
276       @Override
277       public String toString() {
278          return withGrantOption ? permissionName + " /G" : permissionName;
279       }
280 
281       // private static helper method
282 
283       private static SysPermission getSysPermission(String permissionName) {
284          if (permissionName == null) {
285             throw new IllegalArgumentException("A system permission name is required");
286          }
287 
288          final String trimmedPermissionName = permissionName.trim();
289 
290          if (trimmedPermissionName.isEmpty()) {
291             throw new IllegalArgumentException("A system permission name is required");
292          }
293 
294          final SysPermission sysPermission = sysPermissionsByName.get(trimmedPermissionName);
295 
296          if (sysPermission == null) {
297             throw new IllegalArgumentException("Invalid system permission name: " + trimmedPermissionName);
298          }
299 
300          return sysPermission;
301       }
302    }
303 }