--- projects/cms/source/util/uk/org/iscream/cms/util/ACL.java 2002/01/08 14:24:28 1.1 +++ projects/cms/source/util/uk/org/iscream/cms/util/ACL.java 2002/03/20 17:03:35 1.4 @@ -16,7 +16,7 @@ import java.io.Serializable; * the relevant check method. * * @author $Author: tdb $ - * @version $Id: ACL.java,v 1.1 2002/01/08 14:24:28 tdb Exp $ + * @version $Id: ACL.java,v 1.4 2002/03/20 17:03:35 tdb Exp $ */ public class ACL implements Serializable { @@ -25,7 +25,7 @@ public class ACL implements Serializable { /** * The current CVS revision of this class */ - public static final String REVISION = "$Revision: 1.1 $"; + public static final String REVISION = "$Revision: 1.4 $"; /** * static to be used when adding an ALLOW rule to the ACL. @@ -36,6 +36,11 @@ public class ACL implements Serializable { * static to be used when adding a DENY rule to the ACL. */ public static final boolean DENY = false; + + /** + * default setting for the default mode for a new ACL. + */ + public static final boolean DEFMODE = ACL.ALLOW; //---STATIC METHODS--- @@ -47,8 +52,8 @@ public class ACL implements Serializable { * blocked by a rule. */ public ACL() { - // default to ACL.ALLOW - this(ACL.ALLOW); + // default to DEFMODE + this(DEFMODE); } /** @@ -59,9 +64,29 @@ public class ACL implements Serializable { * @param defaultMode the default mode for non-matched checks */ public ACL(boolean defaultMode) { - _defaultMode = defaultMode; + setDefaultMode(defaultMode); } + /** + * Construct a new Access Control List with a given + * String representation of the ACL rules. The String + * should be of the format: + * expression:rule;expression:rule;expression:rule... + * Where expression is a wildcard to match against, and + * rule is either 'ALLOW' or 'DENY'. There is a special + * expression of 'DEFAULT' which represents the default + * rule (what should happen if no expression is matched + * when performing a check). + * The default mode is set to ALLOW if one is not + * specified in the String. + * + * @param acl a String representation of the ACL. + */ + public ACL(String acl) { + setDefaultMode(DEFMODE); + add(acl); + } + //---PUBLIC METHODS--- /** @@ -88,6 +113,71 @@ public class ACL implements Serializable { } /** + * Add some new rules to the Access Control List in + * the form of a String. The String should be of the + * following format: + * expression:rule;expression:rule;expression:rule... + * Where expression is a wildcard to match against, and + * rule is either 'ALLOW' or 'DENY'. There is a special + * expression of 'DEFAULT' which represents the default + * rule (what should happen if no expression is matched + * when performing a check). + * + * @param acl a String representation of the ACL. + */ + public void add(String acl) { + if(acl != null) { + // split the String into expression:rule parts + StringTokenizer st1 = new StringTokenizer(acl, ";"); + while(st1.hasMoreTokens()) { + String token1 = st1.nextToken(); + // if it doesn't have a :, it's not the correct format + if(token1.indexOf(":") != -1) { + // split into expression and rule part + StringTokenizer st2 = new StringTokenizer(token1, ":"); + String expression = ""; + String rule = ""; + if(st2.hasMoreTokens()) { + expression = st2.nextToken(); + } + else { + // mall-formed? + continue; + } + if(st2.hasMoreTokens()) { + rule = st2.nextToken(); + } + else { + // mall-formed? + continue; + } + // check to see what sort of rule + if(rule.equals("ALLOW")) { + // case for special 'DEFAULT' expression + if(expression.equals("DEFAULT")) { + setDefaultMode(ACL.ALLOW); + } + else { + add(ACL.ALLOW, expression); + } + } + else if(rule.equals("DENY")) { + // case for special 'DEFAULT' expression + if(expression.equals("DEFAULT")) { + setDefaultMode(ACL.DENY); + } + else { + add(ACL.DENY, expression); + } + } + // if it's not ALLOW or DENY, it's not a + // proper rule, so we'll ignore it + } + } + } + } + + /** * Check to see if a string is permitted by the * ACL. Useful for testing, and non-Socket uses * of this class. @@ -144,6 +234,28 @@ public class ACL implements Serializable { } /** + * Clears the ACL and resets the default mode. + */ + public void clear() { + // just clear out our underlying ArrayList + // containing our ACL objects + _acl.clear(); + // and reset the default mode to the default + setDefaultMode(DEFMODE); + } + + /** + * Changes the default mode of the ACL. This is what + * the check will return if it does not find an explict + * rule to match against. + * + * @param defaultMode the new default mode + */ + public void setDefaultMode(boolean defaultMode) { + _defaultMode = defaultMode; + } + + /** * Gives a String representation of this ACL. * * @return A String representation of this ACL. @@ -241,7 +353,7 @@ public class ACL implements Serializable { * * @param first The first array to compare (with -1 wildcard if required) * @param second The second array to compare - * @result the result of the comparison + * @return the result of the comparison */ private boolean compareShorts(short[] first, short[] second) { if(first.length != second.length) { @@ -281,7 +393,7 @@ public class ACL implements Serializable { /** * The default mode of this ACL. */ - private boolean _defaultMode; + private boolean _defaultMode = DEFMODE; //---STATIC ATTRIBUTES---