[ViewVC] Diff of: i-scream/experimental/server/ACL/ACL.java

Comparing experimental/server/ACL/ACL.java (file contents):
Revision 1.1 by tdb, Wed Dec 19 23:43:27 2001 UTC vs.
Revision 1.5 by tdb, Sun Dec 23 01:05:35 2001 UTC

#	Line 3 \| Line 3
3
4		//---IMPORTS---
5		import uk.org.iscream.cms.server.util.*;
6	<	import java.util.LinkedList;
7	<	import java.util.Iterator;
6	>	import java.util.ArrayList;
7		import java.net.InetAddress;
8	+	import java.io.Serializable;
9
10		/**
11	<	* Access Control List
11	>	* Access Control List for use primarily
12	>	* with the ACLServerSocket. It could, however
13	>	* have other uses as it has a fairly generic
14	>	* behaviour. Rules are added using the add
15	>	* method, and then checks can be made using
16	>	* the relevant check method.
17		*
18		* @author $Author$
19		* @version $Id$
20		*/
21	<	public class ACL {
21	>	public class ACL implements Serializable {
22
23		//---FINAL ATTRIBUTES---
24
#	Line 21 \| Line 26 \| public class ACL {
26		* The current CVS revision of this class
27		*/
28		public static final String REVISION = "$Revision$";
29	<
29	>
30	>	/**
31	>	* static to be used when adding an ALLOW rule to the ACL.
32	>	*/
33		public static final boolean ALLOW = true;
34	+
35	+	/**
36	+	* static to be used when adding a DENY rule to the ACL.
37	+	*/
38		public static final boolean DENY = false;
39
40		//---STATIC METHODS---
41
42		//---CONSTRUCTORS---
43
44	+	/**
45	+	* Construct a new Access Control List. The default
46	+	* mode is to ALLOW anything that isn't explicitly
47	+	* blocked by a rule.
48	+	*/
49		public ACL() {
50		// default to ACL.ALLOW
51		this(ACL.ALLOW);
52		}
53
54	+	/**
55	+	* Construct a new Access Control List with a given
56	+	* default mode. This mode specifies what should
57	+	* happen if a check does not match any rules.
58	+	*
59	+	* @param defaultMode the default mode for non-matched checks
60	+	*/
61		public ACL(boolean defaultMode) {
62		_defaultMode = defaultMode;
63		}
64
65		//---PUBLIC METHODS---
66
67	+	/**
68	+	* Add a new rule to the ACL immediately after the
69	+	* previous rule. The rule can either be an ACL.ALLOW
70	+	* rule, or an ACL.DENY rule. The expression can
71	+	* contain a wildcard (a * only). Rules can only be
72	+	* added to the end of the list.
73	+	*
74	+	* param allow whether this is an ALLOW or DENY rule
75	+	* param expression what this rule matches using wildcards
76	+	*/
77		public void add(boolean allow, String expression) {
78	<	_acl.add(new ACLItem(allow, expression));
78	>	_acl.add(new ACLRule(allow, expression));
79		}
80
81	+	/**
82	+	* Check to see if a string is permitted by the
83	+	* ACL. Useful for testing, and non-Socket uses
84	+	* of this class.
85	+	*
86	+	* @param address the string to check
87	+	* @return whether the address was permitted by the ACL
88	+	*/
89		public boolean check(String address) {
90	<	Iterator i = _acl.iterator();
91	<	while(i.hasNext()) {
92	<	ACLItem item = (ACLItem) i.next();
93	<	if(StringUtils.wildcardCheck(address, item._expression)) {
52	<	return item._allow;
90	>	for(int i=0; i < _acl.size(); i++) {
91	>	ACLRule rule = (ACLRule) _acl.get(i);
92	>	if(StringUtils.wildcardCheck(address, rule._expression)) {
93	>	return rule._allow;
94		}
95		}
55	–	// what to do here?
56	–	// -- basically a default of deny/allow is needed
96		return _defaultMode;
97		}
98
99	+	/**
100	+	* Check to see if an InetAddress is permitted
101	+	* by the ACL. Perfect for Socket uses of this
102	+	* class. It should be made clear that this will
103	+	* check both the hostname AND IP address against
104	+	* each rule in turn. The hostname will always be
105	+	* checked BEFORE the IP address.
106	+	*
107	+	* @param address the InetAddress to check
108	+	* @return whether the InetAddress was permitted by the ACL
109	+	*/
110		public boolean check(InetAddress address) {
111	<	Iterator i = _acl.iterator();
112	<	while(i.hasNext()) {
113	<	ACLItem item = (ACLItem) i.next();
114	<	if(StringUtils.wildcardCheck(address.getHostName(), item._expression)) {
65	<	return item._allow;
111	>	for(int i=0; i < _acl.size(); i++) {
112	>	ACLRule rule = (ACLRule) _acl.get(i);
113	>	if(StringUtils.wildcardCheck(address.getHostName(), rule._expression)) {
114	>	return rule._allow;
115		}
116	<	if(StringUtils.wildcardCheck(address.getHostAddress(), item._expression)) {
117	<	return item._allow;
116	>	if(StringUtils.wildcardCheck(address.getHostAddress(), rule._expression)) {
117	>	return rule._allow;
118		}
119		}
71	–	// what to do here?
72	–	// -- basically a default of deny/allow is needed
120		return _defaultMode;
121		}
122
123	<	public String getACL() {
124	<	String acl = "";
125	<	Iterator i = _acl.iterator();
126	<	while(i.hasNext()) {
127	<	ACLItem item = (ACLItem) i.next();
128	<	if(item._allow) {
129	<	acl += "ALLOW:" + item._expression + " ";
123	>	/**
124	>	* Gives a String representation of this ACL.
125	>	*
126	>	* @return A String representation of this ACL.
127	>	*/
128	>	public String toString() {
129	>	StringBuffer acl = new StringBuffer();
130	>	acl.append("{");
131	>	for(int i=0; i < _acl.size(); i++) {
132	>	ACLRule rule = (ACLRule) _acl.get(i);
133	>	if(rule._allow) {
134	>	acl.append(rule._expression + "=ALLOW");
135		}
136		else {
137	<	acl += "DENY:" + item._expression + " ";
137	>	acl.append(rule._expression + "=DENY");
138		}
139	+	acl.append(",");
140		}
141	<	return acl.substring(0, acl.length()-1);
141	>	if(_defaultMode) {
142	>	acl.append("DEFAULT=ALLOW");
143	>	}
144	>	else {
145	>	acl.append("DEFAULT=DENY");
146	>	}
147	>	acl.append("}");
148	>	return acl.toString();
149		}
90	–
91	–	/**
92	–	* Overrides the {@link java.lang.Object#toString() Object.toString()}
93	–	* method to provide clean logging (every class should have this).
94	–	*
95	–	* This uses the uk.org.iscream.cms.server.util.FormatName class
96	–	* to format the toString()
97	–	*
98	–	* @return the name of this class and its CVS revision
99	–	*/
100	–	public String toString() {
101	–	return FormatName.getName(
102	–	_name,
103	–	getClass().getName(),
104	–	REVISION);
105	–	}
150
151		//---PRIVATE METHODS---
152
#	Line 120 \| Line 164 \| public class ACL {
164		* be changed to null for utility classes.
165		*/
166		private String _name = null;
167	<
168	<	private LinkedList _acl = new LinkedList();
167	>
168	>	/**
169	>	* The ACL is stored in this ArrayList.
170	>	*/
171	>	private ArrayList _acl = new ArrayList();
172	>
173	>	/**
174	>	* The default mode of this ACL.
175	>	*/
176		private boolean _defaultMode;
177
178		//---STATIC ATTRIBUTES---
179
180		//---INNER CLASSES---
181
182	<	private class ACLItem {
182	>	/**
183	>	* Wrapper class for an ACL rule.
184	>	*/
185	>	private class ACLRule implements Serializable {
186
187	<	private ACLItem(boolean allow, String expression) {
187	>	/**
188	>	* Construct an ACL rule.
189	>	*
190	>	* @param allow whether this is an ALLOW or DENY rule
191	>	* @param expression what this rule matches
192	>	*/
193	>	private ACLRule(boolean allow, String expression) {
194		_allow = allow;
195		_expression = expression;
196		}
197
198	+	/**
199	+	* Whether this is an ALLOW or DENY rule.
200	+	*/
201		private boolean _allow;
202	+
203	+	/**
204	+	* What this rule matches.
205	+	*/
206		private String _expression;
207
208		}

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines
->
+Changed lines

Comparing experimental/server/ACL/ACL.java (file contents): Revision 1.1 by tdb, Wed Dec 19 23:43:27 2001 UTC vs. Revision 1.5 by tdb, Sun Dec 23 01:05:35 2001 UTC

Diff Legend

Comparing experimental/server/ACL/ACL.java (file contents):
Revision 1.1 by tdb, Wed Dec 19 23:43:27 2001 UTC vs.
Revision 1.5 by tdb, Sun Dec 23 01:05:35 2001 UTC