ViewVC Help
View File | Revision Log | Show Annotations | Revision Graph | Root Listing
root/i-scream/experimental/server/ACL/ACL.java
Revision: 1.5
Committed: Sun Dec 23 01:05:35 2001 UTC (22 years, 11 months ago) by tdb
Branch: MAIN
Changes since 1.4: +11 -24 lines
Log Message:
The getACLString() method has been changed to a toString() method, and the
i-scream style toString() has been dropped. The functionality of toString() now
more closely resembles the Java Map's in layout.

File Contents

# Content
1 //---PACKAGE DECLARATION---
2 //package uk.org.iscream.cms.server.util;
3
4 //---IMPORTS---
5 import uk.org.iscream.cms.server.util.*;
6 import java.util.ArrayList;
7 import java.net.InetAddress;
8 import java.io.Serializable;
9
10 /**
11 * Access Control List for use primarily
12 * with the ACLServerSocket. It could, however
13 * have other uses as it has a fairly generic
14 * behaviour. Rules are added using the add
15 * method, and then checks can be made using
16 * the relevant check method.
17 *
18 * @author $Author$
19 * @version $Id$
20 */
21 public class ACL implements Serializable {
22
23 //---FINAL ATTRIBUTES---
24
25 /**
26 * The current CVS revision of this class
27 */
28 public static final String REVISION = "$Revision$";
29
30 /**
31 * static to be used when adding an ALLOW rule to the ACL.
32 */
33 public static final boolean ALLOW = true;
34
35 /**
36 * static to be used when adding a DENY rule to the ACL.
37 */
38 public static final boolean DENY = false;
39
40 //---STATIC METHODS---
41
42 //---CONSTRUCTORS---
43
44 /**
45 * Construct a new Access Control List. The default
46 * mode is to ALLOW anything that isn't explicitly
47 * blocked by a rule.
48 */
49 public ACL() {
50 // default to ACL.ALLOW
51 this(ACL.ALLOW);
52 }
53
54 /**
55 * Construct a new Access Control List with a given
56 * default mode. This mode specifies what should
57 * happen if a check does not match any rules.
58 *
59 * @param defaultMode the default mode for non-matched checks
60 */
61 public ACL(boolean defaultMode) {
62 _defaultMode = defaultMode;
63 }
64
65 //---PUBLIC METHODS---
66
67 /**
68 * Add a new rule to the ACL immediately after the
69 * previous rule. The rule can either be an ACL.ALLOW
70 * rule, or an ACL.DENY rule. The expression can
71 * contain a wildcard (a * only). Rules can only be
72 * added to the end of the list.
73 *
74 * param allow whether this is an ALLOW or DENY rule
75 * param expression what this rule matches using wildcards
76 */
77 public void add(boolean allow, String expression) {
78 _acl.add(new ACLRule(allow, expression));
79 }
80
81 /**
82 * Check to see if a string is permitted by the
83 * ACL. Useful for testing, and non-Socket uses
84 * of this class.
85 *
86 * @param address the string to check
87 * @return whether the address was permitted by the ACL
88 */
89 public boolean check(String address) {
90 for(int i=0; i < _acl.size(); i++) {
91 ACLRule rule = (ACLRule) _acl.get(i);
92 if(StringUtils.wildcardCheck(address, rule._expression)) {
93 return rule._allow;
94 }
95 }
96 return _defaultMode;
97 }
98
99 /**
100 * Check to see if an InetAddress is permitted
101 * by the ACL. Perfect for Socket uses of this
102 * class. It should be made clear that this will
103 * check both the hostname AND IP address against
104 * each rule in turn. The hostname will always be
105 * checked BEFORE the IP address.
106 *
107 * @param address the InetAddress to check
108 * @return whether the InetAddress was permitted by the ACL
109 */
110 public boolean check(InetAddress address) {
111 for(int i=0; i < _acl.size(); i++) {
112 ACLRule rule = (ACLRule) _acl.get(i);
113 if(StringUtils.wildcardCheck(address.getHostName(), rule._expression)) {
114 return rule._allow;
115 }
116 if(StringUtils.wildcardCheck(address.getHostAddress(), rule._expression)) {
117 return rule._allow;
118 }
119 }
120 return _defaultMode;
121 }
122
123 /**
124 * Gives a String representation of this ACL.
125 *
126 * @return A String representation of this ACL.
127 */
128 public String toString() {
129 StringBuffer acl = new StringBuffer();
130 acl.append("{");
131 for(int i=0; i < _acl.size(); i++) {
132 ACLRule rule = (ACLRule) _acl.get(i);
133 if(rule._allow) {
134 acl.append(rule._expression + "=ALLOW");
135 }
136 else {
137 acl.append(rule._expression + "=DENY");
138 }
139 acl.append(",");
140 }
141 if(_defaultMode) {
142 acl.append("DEFAULT=ALLOW");
143 }
144 else {
145 acl.append("DEFAULT=DENY");
146 }
147 acl.append("}");
148 return acl.toString();
149 }
150
151 //---PRIVATE METHODS---
152
153 //---ACCESSOR/MUTATOR METHODS---
154
155 //---ATTRIBUTES---
156
157 /**
158 * This is the friendly identifier of the
159 * component this class is running in.
160 * eg, a Filter may be called "filter1",
161 * If this class does not have an owning
162 * component, a name from the configuration
163 * can be placed here. This name could also
164 * be changed to null for utility classes.
165 */
166 private String _name = null;
167
168 /**
169 * The ACL is stored in this ArrayList.
170 */
171 private ArrayList _acl = new ArrayList();
172
173 /**
174 * The default mode of this ACL.
175 */
176 private boolean _defaultMode;
177
178 //---STATIC ATTRIBUTES---
179
180 //---INNER CLASSES---
181
182 /**
183 * Wrapper class for an ACL rule.
184 */
185 private class ACLRule implements Serializable {
186
187 /**
188 * Construct an ACL rule.
189 *
190 * @param allow whether this is an ALLOW or DENY rule
191 * @param expression what this rule matches
192 */
193 private ACLRule(boolean allow, String expression) {
194 _allow = allow;
195 _expression = expression;
196 }
197
198 /**
199 * Whether this is an ALLOW or DENY rule.
200 */
201 private boolean _allow;
202
203 /**
204 * What this rule matches.
205 */
206 private String _expression;
207
208 }
209
210 }