[ all classes ]
[ com.acciente.oacc ]
Coverage Summary for Class: DomainPermissions (com.acciente.oacc)
| Class | Method, % | Line, % |
|---|---|---|
| DomainPermissions | 100% (8/ 8) | 89.1% (49/ 55) |
| DomainPermissions$DomainPermissionImpl | 100% (12/ 12) | 85.7% (42/ 49) |
| total | 100% (20/ 20) | 87.5% (91/ 104) |
1 /*
2 * Copyright 2009-2018, Acciente LLC
3 *
4 * Acciente LLC licenses this file to you under the
5 * Apache License, Version 2.0 (the "License"); you
6 * may not use this file except in compliance with the
7 * License. You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in
12 * writing, software distributed under the License is
13 * distributed on an "AS IS" BASIS, WITHOUT WARRANTIES
14 * OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing
16 * permissions and limitations under the License.
17 */
18 package com.acciente.oacc;
19
20 import java.io.Serializable;
21 import java.util.ArrayList;
22 import java.util.Collections;
23 import java.util.HashMap;
24 import java.util.List;
25 import java.util.Map;
26 import java.util.concurrent.ConcurrentHashMap;
27 import java.util.concurrent.ConcurrentMap;
28
29 public class DomainPermissions {
30 // constants for the important system permission names with pre-defined semantics
31 private static final SysPermission SYSPERMISSION_SUPER_USER = new SysPermission(-301, "*SUPER-USER");
32 public static final String SUPER_USER = SYSPERMISSION_SUPER_USER.getPermissionName();
33 private static final SysPermission SYSPERMISSION_CREATE_CHILD_DOMAIN = new SysPermission(-302, "*CREATE-CHILD-DOMAIN");
34 public static final String CREATE_CHILD_DOMAIN = SYSPERMISSION_CREATE_CHILD_DOMAIN.getPermissionName();
35 private static final SysPermission SYSPERMISSION_DELETE = new SysPermission(-303, "*DELETE");
36 public static final String DELETE = SYSPERMISSION_DELETE.getPermissionName();
37
38 private static final Map<String, SysPermission> sysPermissionsByName;
39 private static final Map<Long, String> sysPermissionNamesById;
40 private static final List<String> sysPermissionNames;
41 private static final ConcurrentMap<String, DomainPermission> grantablePermissionsByName;
42 private static final ConcurrentMap<String, DomainPermission> ungrantablePermissionsByName;
43 static {
44 sysPermissionsByName = new HashMap<>();
45 sysPermissionsByName.put(SUPER_USER, SYSPERMISSION_SUPER_USER);
46 sysPermissionsByName.put(CREATE_CHILD_DOMAIN, SYSPERMISSION_CREATE_CHILD_DOMAIN);
47 sysPermissionsByName.put(DELETE, SYSPERMISSION_DELETE);
48
49 sysPermissionNamesById = new HashMap<>(sysPermissionsByName.size());
50 for (SysPermission sysPermission : sysPermissionsByName.values()) {
51 sysPermissionNamesById.put(sysPermission.getSystemPermissionId(), sysPermission.getPermissionName());
52 }
53
54 sysPermissionNames = Collections.unmodifiableList(new ArrayList<>(sysPermissionNamesById.values()));
55
56 grantablePermissionsByName = new ConcurrentHashMap<>(sysPermissionsByName.size());
57 ungrantablePermissionsByName = new ConcurrentHashMap<>(sysPermissionsByName.size());
58 }
59
60 public static List<String> getSysPermissionNames() {
61 return sysPermissionNames;
62 }
63
64 public static String getSysPermissionName(long systemPermissionId) {
65 final String sysPermissionName = sysPermissionNamesById.get(systemPermissionId);
66
67 if (sysPermissionName == null) {
68 throw new IllegalArgumentException("Invalid system permission ID: " + systemPermissionId);
69 }
70
71 return sysPermissionName;
72 }
73
74 /**
75 * Creates a new domain permission of the specified name, without
76 * the option to grant the domain-permission to another resource
77 *
78 * @param sysPermissionName the name of the system domain permission
79 * @return a domain permission
80 */
81 public static DomainPermission getInstance(String sysPermissionName) {
82 sysPermissionName = getCanonicalSysPermissionName(sysPermissionName);
83
84 DomainPermission domainPermission = ungrantablePermissionsByName.get(sysPermissionName);
85
86 if (domainPermission == null) {
87 domainPermission = new DomainPermissionImpl(sysPermissionName, false);
88 final DomainPermission cachedInstance = ungrantablePermissionsByName.putIfAbsent(sysPermissionName, domainPermission);
89 if (cachedInstance != null) {
90 domainPermission = cachedInstance;
91 }
92 }
93
94 return domainPermission;
95 }
96
97 /**
98 * Creates a new domain permission of the specified name, but with
99 * the option to grant the domain-permission to another resource
100 *
101 * @param sysPermissionName the name of the system domain permission
102 * @return a domain permission
103 */
104 public static DomainPermission getInstanceWithGrantOption(String sysPermissionName) {
105 sysPermissionName = getCanonicalSysPermissionName(sysPermissionName);
106
107 DomainPermission domainPermission = grantablePermissionsByName.get(sysPermissionName);
108
109 if (domainPermission == null) {
110 domainPermission = new DomainPermissionImpl(sysPermissionName, true);
111 final DomainPermission cachedInstance = grantablePermissionsByName.putIfAbsent(sysPermissionName, domainPermission);
112 if (cachedInstance != null) {
113 domainPermission = cachedInstance;
114 }
115 }
116
117 return domainPermission;
118 }
119
120 public static DomainPermission getInstance(DomainPermission domainPermission) {
121 if (domainPermission instanceof DomainPermissions.DomainPermissionImpl) {
122 return domainPermission;
123 }
124
125 final DomainPermission verifiedPermission;
126
127 if(domainPermission.isWithGrantOption()) {
128 verifiedPermission = getInstanceWithGrantOption(domainPermission.getPermissionName());
129 }
130 else {
131 verifiedPermission = getInstance(domainPermission.getPermissionName());
132 }
133
134 // validate system permission name and id matched
135 if (verifiedPermission.getSystemPermissionId() != domainPermission.getSystemPermissionId()) {
136 throw new IllegalArgumentException("Invalid system permission id for domain permission: " + domainPermission);
137 }
138
139 return verifiedPermission;
140 }
141
142 private static String getCanonicalSysPermissionName(String permissionName) {
143 if (permissionName == null) {
144 throw new IllegalArgumentException("A system permission name is required");
145 }
146
147 permissionName = permissionName.trim();
148
149 if (permissionName.isEmpty()) {
150 throw new IllegalArgumentException("A system permission name is required");
151 }
152 return permissionName;
153 }
154
155 static class DomainPermissionImpl implements DomainPermission, Serializable {
156 private static final long serialVersionUID = 1L;
157
158 // permission data
159 private final long systemPermissionId;
160 private final String permissionName;
161 private final boolean withGrantOption;
162
163 private DomainPermissionImpl(String sysPermissionName, boolean withGrantOption) {
164 SysPermission sysPermission = getSysPermission(sysPermissionName);
165
166 this.systemPermissionId = sysPermission.getSystemPermissionId();
167 this.permissionName = sysPermission.getPermissionName();
168 this.withGrantOption = withGrantOption;
169 }
170
171 @Override
172 public boolean isSystemPermission() {
173 return systemPermissionId != 0;
174 }
175
176 @Override
177 public String getPermissionName() {
178 return permissionName;
179 }
180
181 @Override
182 public long getSystemPermissionId() {
183 if (!isSystemPermission()) {
184 throw new IllegalArgumentException("No system permission ID may be retrieved for user permission: " + permissionName + ", please check your code");
185 }
186
187 return systemPermissionId;
188 }
189
190 @Override
191 public boolean isWithGrantOption() {
192 return withGrantOption;
193 }
194
195 @Override
196 public boolean isGrantableFrom(DomainPermission other) {
197 if (other == null) {
198 return false;
199 }
200
201 if (!other.isWithGrantOption()) {
202 return false;
203 }
204
205 return permissionName.equals(other.getPermissionName());
206 }
207
208 // equals() and hashCode()
209
210 @Override
211 public boolean equals(Object other) {
212 if (this == other) {
213 return true;
214 }
215 if (other == null || getClass() != other.getClass()) {
216 return false;
217 }
218
219 DomainPermissionImpl otherDomainPermission = (DomainPermissionImpl) other;
220
221 if (withGrantOption != otherDomainPermission.withGrantOption) {
222 return false;
223 }
224 if (!permissionName.equals(otherDomainPermission.permissionName)) {
225 return false;
226 }
227
228 return true;
229 }
230
231 @Override
232 public boolean equalsIgnoreGrantOption(Object other) {
233 if (this == other) {
234 return true;
235 }
236 if (other == null || getClass() != other.getClass()) {
237 return false;
238 }
239
240 DomainPermissionImpl otherDomainPermission = (DomainPermissionImpl) other;
241
242 if (!permissionName.equals(otherDomainPermission.permissionName)) {
243 return false;
244 }
245
246 return true;
247 }
248
249 @Override
250 public int hashCode() {
251 int result = permissionName.hashCode();
252 result = 31 * result + (withGrantOption ? 1 : 0);
253 return result;
254 }
255
256 @Override
257 public String toString() {
258 return withGrantOption ? permissionName + " /G" : permissionName;
259 }
260
261 // private static helper method
262
263 private static SysPermission getSysPermission(String permissionName) {
264 if (permissionName == null) {
265 throw new IllegalArgumentException("A system permission name is required");
266 }
267
268 final String trimmedPermissionName = permissionName.trim();
269
270 if (trimmedPermissionName.isEmpty()) {
271 throw new IllegalArgumentException("A system permission name is required");
272 }
273
274 final SysPermission sysPermission = sysPermissionsByName.get(trimmedPermissionName);
275
276 if (sysPermission == null) {
277 throw new IllegalArgumentException("Invalid system permission name: " + trimmedPermissionName);
278 }
279
280 return sysPermission;
281 }
282 }
283 }