org.systinet.security.perm
Class ACLPermission

java.lang.Object
  java.security.Permission
      org.systinet.security.perm.ACLPermission

All Implemented Interfaces:

java.security.Guard, java.io.Serializable

public final class ACLPermission

extends java.security.Permission

This class is intended for access control list management permissions.

The name is required, possible values are:

perm

permission is intended for permission management

role

permission is intended for role management

all

permission is intended for the both permission and role management

The actions to be granted are passed to the constructor in a string containing a list of zero or more comma-separated keywords. The possible keywords are "get", "modify". The action string is optional, if it is not present, all actions are granted. Their meaning is defined as follows:

get

allows to get data

modify

allows to modify (delete,insert,update) data

The actions string is converted to lowercase before processing.

Since:

4.0

See Also:

Serialized Form

Component:

Security-Specific

Field Summary

static int	ALL All actions (get, modify).
static int	GET Enable action.
static int	MODIFY Disable action.

Constructor Summary

ACLPermission(java.lang.String name, int actionMask)
Creates a new ACLPermission object with the specified name.

ACLPermission(java.lang.String name, java.lang.String actions)
Creates a new ACLPermission object with the specified name.

Method Summary

boolean	equals(java.lang.Object obj) Checks two ACLPermission objects for equality.
java.lang.String	getActions() Returns the "canonical string representation" of the actions.
int	hashCode() Returns the hash code value for this object.
boolean	implies(java.security.Permission p) Checks if this ACLPermission object "implies" the specified permission.
java.security.PermissionCollection	newPermissionCollection() Returns a new PermissionCollection object for storing ACLPermission objects.
java.lang.String	toString() Overriden to return complete description of this permission.

Methods inherited from class java.security.Permission

checkGuard, getName

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

GET

public static final int GET

Enable action.

See Also:

Constant Field Values

MODIFY

public static final int MODIFY

Disable action.

See Also:

Constant Field Values

ALL

public static final int ALL

All actions (get, modify).

See Also:

Constant Field Values

Constructor Detail

ACLPermission

public ACLPermission(java.lang.String name,
                     java.lang.String actions)

Creates a new ACLPermission object with the specified name. The name is the one of policy part (or "all"), and actions contains a comma-separated list of the desired actions granted on the policy management. Possible actions are "get","modify".

Parameters:

name - the name of the ACLPermission (name of the service), cannot be null.

actions - the actions string, can be null or empty string , then it means "all actions possible".

ACLPermission

public ACLPermission(java.lang.String name,
                     int actionMask)

Creates a new ACLPermission object with the specified name. The name is the name of the service, and actionsNask is a or-ed flag of public static final int values present herein.

Parameters:

name - the name of the ACLPermission (name of the service), cannot be null.

actionMask - composed out of

• ACLPermission.GET
• ACLPermission.MODIFY
• ACLPermission.ALL

Method Detail

toString

public java.lang.String toString()

Overriden to return complete description of this permission.

Returns:

description of this

implies

public boolean implies(java.security.Permission p)

Checks if this ACLPermission object "implies" the specified permission.

More specifically, this method returns true if:

• p is an instanceof ACLPermission,

• p's actions are a proper subset of this object's actions, and

• p's name is implied by this object's name. I.e. "*" implies to all names or names are equal.

Parameters:

p - the permission to check against.

Returns:

true if the specified permission is implied by this object, false if not.

equals

public boolean equals(java.lang.Object obj)

Checks two ACLPermission objects for equality. Checks that obj is a ACLPermission, and has the same name and actions as this object.

Parameters:

obj - the object we are testing for equality with this object.

Returns:

true if obj is a ACLPermission, and has the same name and actions as this ACLPermission object.

hashCode

public int hashCode()

Returns the hash code value for this object. The hash code used is the hash code of this permissions name, that is, getName().hashCode(), where getName is from the Permission superclass.

Returns:

a hash code value for this object.

getActions

public java.lang.String getActions()

Returns the "canonical string representation" of the actions. That is, this method always returns present actions in the following order: get, set. For example, if this ACLPermission object allows both set and get actions, a call to getActions will return the string "get,set".

Returns:

the canonical string representation of the actions.

newPermissionCollection

public java.security.PermissionCollection newPermissionCollection()

Returns a new PermissionCollection object for storing ACLPermission objects.

Returns:

a new PermissionCollection object suitable for storing ACLPermissions.