PatternEntry.java

package org.objectweb.jonas_web.deployment.api;

import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebUserDataPermission;


public class PatternEntry {

    private Pattern pattern = null;


    private boolean uncheckedLastEntry = false;

    private MethodsDesc methods = null;

    private boolean irrelevant = false;


    private StringBuffer qualified = null;

    public PatternEntry(String pattern) {
        this.pattern = new Pattern(pattern);
        methods = new MethodsDesc();
        qualified = new StringBuffer(pattern);
    }


    public void addMethods(String[] methods, String transportGuarantee, boolean isExcluded) {
        this.methods.addMethods(methods, transportGuarantee, isExcluded);
    }

    public void addExcludedMethods(String[] methods, String transportGuarantee) {
        addMethods(methods, transportGuarantee, true);
    }

    public void addUncheckedMethods(String[] methods, String transportGuarantee) {
        addMethods(methods, transportGuarantee, false);
    }


    public void addMethodsOnRoles(String[] methods, String[] roles, String transportGuarantee) {
        for (int r = 0; r < roles.length; r++) {
            addMethodsOnRole(methods, roles[r], transportGuarantee);
        }
    }


    public void addMethodsOnRole(String[] methods, String role, String transportGuarantee) {
        this.methods.addMethodsOnRole(methods, role, transportGuarantee);
    }

    public void setUncheckedLastEntry() {
        uncheckedLastEntry = true;
    }

    public boolean isUncheckedLastEntry() {
        return uncheckedLastEntry;
    }




    public void addQualifiedPattern(Pattern otherPattern) {
        /*
         * Any pattern, qualified by a pattern that matches it, is overriden
         * and made irrelevant (in the translation) by the qualifying pattern
         */
        if (otherPattern.isMatching(pattern)) {
            irrelevant = true;
        } else {
            qualified.append(":");
            qualified.append(otherPattern);
        }

    }

    public Map getRolesPermissionsMap() {
        Map roleMapActions = methods.getRoleMapActions();
        String roleName = null;
        String actions = null;
        Map rolesPermissionsMap = new HashMap();

        // Need to build WebResource for each role Actions
        for (Iterator it = roleMapActions.keySet().iterator(); it.hasNext();) {
            roleName = (String) it.next();
            actions = (String) roleMapActions.get(roleName);
            if (actions != null) {
                PermissionCollection pc = new Permissions();
                pc.add(new WebResourcePermission(getQualifiedPattern(), actions));
                rolesPermissionsMap.put(roleName, pc);
            }
        }
        return rolesPermissionsMap;
    }


    public PermissionCollection getExcludedPermissions() {
        // Need to build WebResource and WebuserData on these actions
        PermissionCollection pc = new Permissions();
        String actions = methods.getExcludedActions();
        if (!actions.equals("")) {
            pc.add(new WebResourcePermission(getQualifiedPattern(), actions));
            pc.add(new WebUserDataPermission(getQualifiedPattern(), actions));
        }
        return pc;
    }


    public PermissionCollection getUncheckedPermissions() {
        // First add unchecked permissions and then the WebUserData
        // permissions of no excluding auth-constraint
        String actions = null;
        List permissions = new ArrayList();

        actions = methods.getUncheckedActions();
        if (actions == null || (!actions.equals(""))) {
            permissions.add(new WebResourcePermission(getQualifiedPattern(), actions));
            permissions.add(new WebUserDataPermission(getQualifiedPattern(), actions));
        }

        // WebUserData (no excluding auth-constraint)
        List actionsList = methods.getUncheckedWebUserDataActionsRoleList();
        for (Iterator it = actionsList.iterator(); it.hasNext();) {
            actions = (String) it.next();
            permissions.add(new WebUserDataPermission(getQualifiedPattern(), actions));
        }

        // Try to merge UserDataPermissions with same transport guarantee
        PermissionCollection pc = new Permissions();
        for (Iterator it = permissions.iterator(); it.hasNext();) {
            Permission p = (Permission) it.next();
            if (p instanceof WebUserDataPermission) {
                WebUserDataPermission wdp = (WebUserDataPermission) p;
                // get actions of this permission
                String wdpName = wdp.getName();
                String wdpActions = wdp.getActions();
                if (wdpActions == null) {
                    // If the permissions got all actions (null = all actions)
                    pc.add(p);
                    continue;
                }
                boolean wasMerged = false;
                // Now, search all permissions with same transport guarantee
                for (Iterator itLoop = permissions.iterator(); itLoop.hasNext();) {
                    Permission loopPerm = (Permission) itLoop.next();
                    if (loopPerm instanceof WebUserDataPermission) {
                        WebUserDataPermission loopWdp = (WebUserDataPermission) loopPerm;
                        // if same permission than our, go on
                        if (loopWdp.equals(wdp)) {
                            continue;
                        }
                        String loopWdpName = loopWdp.getName();
                        String loopWdpActions = loopWdp.getActions();
                        if (loopWdpActions == null) {
                            continue;
                        }
                        boolean wNoTransport = (wdpActions.indexOf(":") == -1);
                        boolean loopNoWTransport = (loopWdpActions.indexOf(":") == -1);

                        // Same name and no transport guarantee
                        if (wdpName.equals(loopWdpName) && wNoTransport && loopNoWTransport) {
                            // merge actions
                            String newActions = wdpActions + "," + loopWdpActions;

                            //Add new actions if it doesn't exists
                            Enumeration existingPermissions = pc.elements();
                            boolean exist = false;
                            Permission permissionToAdd = new WebUserDataPermission(wdpName, newActions);
                            while (existingPermissions.hasMoreElements()) {
                                Permission perm = (Permission) existingPermissions.nextElement();
                                if (perm.equals(permissionToAdd)) {
                                    exist = true;
                                }
                            }
                            if (!exist) {
                                wasMerged = true;
                                pc.add(permissionToAdd);
                            }
                        }
                    }
                }
                // There was no merge for this permission, just add it.
                if (!wasMerged) {
                    pc.add(p);
                }

            } else {
                // Do not merge as it is a WebResourcePermission
                pc.add(p);
            }
        }


        return pc;
    }


    public boolean isIrrelevant() {
        return irrelevant;
    }

    public String getQualifiedPattern() {
        return qualified.toString();
    }

    public String toString() {
        StringBuffer sb = new StringBuffer();
        sb.append("PatternEntry[pattern=");
        sb.append(pattern);
        sb.append(";qualified=");
        sb.append(getQualifiedPattern());
        sb.append(";irrelevant=");
        sb.append(irrelevant);
        sb.append("]");
        return sb.toString();
    }
}

---