ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/experimental/server/ACL/ACL.java
Revision: 1.5
Committed: Sun Dec 23 01:05:35 2001 UTC (23 years ago) by tdb
Branch: MAIN
Changes since 1.4: +11 -24 lines
Log Message:
The getACLString() method has been changed to a toString() method, and the
i-scream style toString() has been dropped. The functionality of toString() now
more closely resembles the Java Map's in layout.

File Contents

# User Rev Content
1 tdb 1.1 //---PACKAGE DECLARATION---
2     //package uk.org.iscream.cms.server.util;
3    
4     //---IMPORTS---
5     import uk.org.iscream.cms.server.util.*;
6 tdb 1.3 import java.util.ArrayList;
7 tdb 1.1 import java.net.InetAddress;
8 tdb 1.4 import java.io.Serializable;
9 tdb 1.1
10     /**
11 tdb 1.2 * Access Control List for use primarily
12     * with the ACLServerSocket. It could, however
13     * have other uses as it has a fairly generic
14     * behaviour. Rules are added using the add
15     * method, and then checks can be made using
16     * the relevant check method.
17 tdb 1.1 *
18     * @author $Author$
19     * @version $Id$
20     */
21 tdb 1.4 public class ACL implements Serializable {
22 tdb 1.1
23     //---FINAL ATTRIBUTES---
24    
25     /**
26     * The current CVS revision of this class
27     */
28     public static final String REVISION = "$Revision$";
29 tdb 1.2
30     /**
31     * static to be used when adding an ALLOW rule to the ACL.
32     */
33 tdb 1.1 public static final boolean ALLOW = true;
34 tdb 1.2
35     /**
36     * static to be used when adding a DENY rule to the ACL.
37     */
38 tdb 1.1 public static final boolean DENY = false;
39    
40     //---STATIC METHODS---
41    
42     //---CONSTRUCTORS---
43    
44 tdb 1.2 /**
45     * Construct a new Access Control List. The default
46     * mode is to ALLOW anything that isn't explicitly
47     * blocked by a rule.
48     */
49 tdb 1.1 public ACL() {
50     // default to ACL.ALLOW
51     this(ACL.ALLOW);
52     }
53    
54 tdb 1.2 /**
55     * Construct a new Access Control List with a given
56     * default mode. This mode specifies what should
57     * happen if a check does not match any rules.
58     *
59     * @param defaultMode the default mode for non-matched checks
60     */
61 tdb 1.1 public ACL(boolean defaultMode) {
62     _defaultMode = defaultMode;
63     }
64    
65     //---PUBLIC METHODS---
66    
67 tdb 1.2 /**
68     * Add a new rule to the ACL immediately after the
69     * previous rule. The rule can either be an ACL.ALLOW
70     * rule, or an ACL.DENY rule. The expression can
71     * contain a wildcard (a * only). Rules can only be
72     * added to the end of the list.
73     *
74     * param allow whether this is an ALLOW or DENY rule
75     * param expression what this rule matches using wildcards
76     */
77 tdb 1.1 public void add(boolean allow, String expression) {
78 tdb 1.2 _acl.add(new ACLRule(allow, expression));
79 tdb 1.1 }
80    
81 tdb 1.2 /**
82     * Check to see if a string is permitted by the
83     * ACL. Useful for testing, and non-Socket uses
84     * of this class.
85     *
86     * @param address the string to check
87     * @return whether the address was permitted by the ACL
88     */
89 tdb 1.1 public boolean check(String address) {
90 tdb 1.3 for(int i=0; i < _acl.size(); i++) {
91     ACLRule rule = (ACLRule) _acl.get(i);
92     if(StringUtils.wildcardCheck(address, rule._expression)) {
93     return rule._allow;
94 tdb 1.1 }
95     }
96     return _defaultMode;
97     }
98    
99 tdb 1.2 /**
100     * Check to see if an InetAddress is permitted
101     * by the ACL. Perfect for Socket uses of this
102     * class. It should be made clear that this will
103     * check both the hostname AND IP address against
104     * each rule in turn. The hostname will always be
105     * checked BEFORE the IP address.
106     *
107     * @param address the InetAddress to check
108     * @return whether the InetAddress was permitted by the ACL
109     */
110 tdb 1.1 public boolean check(InetAddress address) {
111 tdb 1.3 for(int i=0; i < _acl.size(); i++) {
112     ACLRule rule = (ACLRule) _acl.get(i);
113     if(StringUtils.wildcardCheck(address.getHostName(), rule._expression)) {
114     return rule._allow;
115 tdb 1.1 }
116 tdb 1.3 if(StringUtils.wildcardCheck(address.getHostAddress(), rule._expression)) {
117     return rule._allow;
118 tdb 1.1 }
119     }
120     return _defaultMode;
121     }
122    
123 tdb 1.2 /**
124 tdb 1.5 * Gives a String representation of this ACL.
125 tdb 1.2 *
126     * @return A String representation of this ACL.
127     */
128 tdb 1.5 public String toString() {
129     StringBuffer acl = new StringBuffer();
130     acl.append("{");
131 tdb 1.3 for(int i=0; i < _acl.size(); i++) {
132     ACLRule rule = (ACLRule) _acl.get(i);
133     if(rule._allow) {
134 tdb 1.5 acl.append(rule._expression + "=ALLOW");
135 tdb 1.1 }
136     else {
137 tdb 1.5 acl.append(rule._expression + "=DENY");
138 tdb 1.1 }
139 tdb 1.5 acl.append(",");
140 tdb 1.1 }
141 tdb 1.3 if(_defaultMode) {
142 tdb 1.5 acl.append("DEFAULT=ALLOW");
143 tdb 1.3 }
144     else {
145 tdb 1.5 acl.append("DEFAULT=DENY");
146 tdb 1.3 }
147 tdb 1.5 acl.append("}");
148     return acl.toString();
149 tdb 1.1 }
150    
151     //---PRIVATE METHODS---
152    
153     //---ACCESSOR/MUTATOR METHODS---
154    
155     //---ATTRIBUTES---
156    
157     /**
158     * This is the friendly identifier of the
159     * component this class is running in.
160     * eg, a Filter may be called "filter1",
161     * If this class does not have an owning
162     * component, a name from the configuration
163     * can be placed here. This name could also
164     * be changed to null for utility classes.
165     */
166     private String _name = null;
167 tdb 1.2
168     /**
169 tdb 1.3 * The ACL is stored in this ArrayList.
170 tdb 1.2 */
171 tdb 1.3 private ArrayList _acl = new ArrayList();
172 tdb 1.2
173     /**
174     * The default mode of this ACL.
175     */
176 tdb 1.1 private boolean _defaultMode;
177    
178     //---STATIC ATTRIBUTES---
179    
180     //---INNER CLASSES---
181    
182 tdb 1.2 /**
183     * Wrapper class for an ACL rule.
184     */
185 tdb 1.4 private class ACLRule implements Serializable {
186 tdb 1.1
187 tdb 1.2 /**
188     * Construct an ACL rule.
189     *
190     * @param allow whether this is an ALLOW or DENY rule
191     * @param expression what this rule matches
192     */
193     private ACLRule(boolean allow, String expression) {
194 tdb 1.1 _allow = allow;
195     _expression = expression;
196     }
197    
198 tdb 1.2 /**
199     * Whether this is an ALLOW or DENY rule.
200     */
201 tdb 1.1 private boolean _allow;
202 tdb 1.2
203     /**
204     * What this rule matches.
205     */
206 tdb 1.1 private String _expression;
207    
208     }
209    
210     }