1 |
+ |
/* |
2 |
+ |
* i-scream central monitoring system |
3 |
+ |
* Copyright (C) 2000-2002 i-scream |
4 |
+ |
* |
5 |
+ |
* This program is free software; you can redistribute it and/or |
6 |
+ |
* modify it under the terms of the GNU General Public License |
7 |
+ |
* as published by the Free Software Foundation; either version 2 |
8 |
+ |
* of the License, or (at your option) any later version. |
9 |
+ |
* |
10 |
+ |
* This program is distributed in the hope that it will be useful, |
11 |
+ |
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 |
+ |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13 |
+ |
* GNU General Public License for more details. |
14 |
+ |
* |
15 |
+ |
* You should have received a copy of the GNU General Public License |
16 |
+ |
* along with this program; if not, write to the Free Software |
17 |
+ |
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
18 |
+ |
*/ |
19 |
+ |
|
20 |
|
//---PACKAGE DECLARATION--- |
21 |
|
package uk.org.iscream.cms.server.util; |
22 |
|
|
55 |
|
* static to be used when adding a DENY rule to the ACL. |
56 |
|
*/ |
57 |
|
public static final boolean DENY = false; |
58 |
+ |
|
59 |
+ |
/** |
60 |
+ |
* default setting for the default mode for a new ACL. |
61 |
+ |
*/ |
62 |
+ |
public static final boolean DEFMODE = ACL.ALLOW; |
63 |
|
|
64 |
|
//---STATIC METHODS--- |
65 |
|
|
71 |
|
* blocked by a rule. |
72 |
|
*/ |
73 |
|
public ACL() { |
74 |
< |
// default to ACL.ALLOW |
75 |
< |
this(ACL.ALLOW); |
74 |
> |
// default to DEFMODE |
75 |
> |
this(DEFMODE); |
76 |
|
} |
77 |
|
|
78 |
|
/** |
83 |
|
* @param defaultMode the default mode for non-matched checks |
84 |
|
*/ |
85 |
|
public ACL(boolean defaultMode) { |
86 |
< |
_defaultMode = defaultMode; |
86 |
> |
setDefaultMode(defaultMode); |
87 |
|
} |
88 |
|
|
89 |
+ |
/** |
90 |
+ |
* Construct a new Access Control List with a given |
91 |
+ |
* String representation of the ACL rules. The String |
92 |
+ |
* should be of the format: |
93 |
+ |
* expression:rule;expression:rule;expression:rule... |
94 |
+ |
* Where expression is a wildcard to match against, and |
95 |
+ |
* rule is either 'ALLOW' or 'DENY'. There is a special |
96 |
+ |
* expression of 'DEFAULT' which represents the default |
97 |
+ |
* rule (what should happen if no expression is matched |
98 |
+ |
* when performing a check). |
99 |
+ |
* The default mode is set to ALLOW if one is not |
100 |
+ |
* specified in the String. |
101 |
+ |
* |
102 |
+ |
* @param acl a String representation of the ACL. |
103 |
+ |
*/ |
104 |
+ |
public ACL(String acl) { |
105 |
+ |
setDefaultMode(DEFMODE); |
106 |
+ |
add(acl); |
107 |
+ |
} |
108 |
+ |
|
109 |
|
//---PUBLIC METHODS--- |
110 |
|
|
111 |
|
/** |
132 |
|
} |
133 |
|
|
134 |
|
/** |
135 |
+ |
* Add some new rules to the Access Control List in |
136 |
+ |
* the form of a String. The String should be of the |
137 |
+ |
* following format: |
138 |
+ |
* expression:rule;expression:rule;expression:rule... |
139 |
+ |
* Where expression is a wildcard to match against, and |
140 |
+ |
* rule is either 'ALLOW' or 'DENY'. There is a special |
141 |
+ |
* expression of 'DEFAULT' which represents the default |
142 |
+ |
* rule (what should happen if no expression is matched |
143 |
+ |
* when performing a check). |
144 |
+ |
* |
145 |
+ |
* @param acl a String representation of the ACL. |
146 |
+ |
*/ |
147 |
+ |
public void add(String acl) { |
148 |
+ |
if(acl != null) { |
149 |
+ |
// split the String into expression:rule parts |
150 |
+ |
StringTokenizer st1 = new StringTokenizer(acl, ";"); |
151 |
+ |
while(st1.hasMoreTokens()) { |
152 |
+ |
String token1 = st1.nextToken(); |
153 |
+ |
// if it doesn't have a :, it's not the correct format |
154 |
+ |
if(token1.indexOf(":") != -1) { |
155 |
+ |
// split into expression and rule part |
156 |
+ |
StringTokenizer st2 = new StringTokenizer(token1, ":"); |
157 |
+ |
String expression = ""; |
158 |
+ |
String rule = ""; |
159 |
+ |
if(st2.hasMoreTokens()) { |
160 |
+ |
expression = st2.nextToken(); |
161 |
+ |
} |
162 |
+ |
else { |
163 |
+ |
// mall-formed? |
164 |
+ |
continue; |
165 |
+ |
} |
166 |
+ |
if(st2.hasMoreTokens()) { |
167 |
+ |
rule = st2.nextToken(); |
168 |
+ |
} |
169 |
+ |
else { |
170 |
+ |
// mall-formed? |
171 |
+ |
continue; |
172 |
+ |
} |
173 |
+ |
// check to see what sort of rule |
174 |
+ |
if(rule.equals("ALLOW")) { |
175 |
+ |
// case for special 'DEFAULT' expression |
176 |
+ |
if(expression.equals("DEFAULT")) { |
177 |
+ |
setDefaultMode(ACL.ALLOW); |
178 |
+ |
} |
179 |
+ |
else { |
180 |
+ |
add(ACL.ALLOW, expression); |
181 |
+ |
} |
182 |
+ |
} |
183 |
+ |
else if(rule.equals("DENY")) { |
184 |
+ |
// case for special 'DEFAULT' expression |
185 |
+ |
if(expression.equals("DEFAULT")) { |
186 |
+ |
setDefaultMode(ACL.DENY); |
187 |
+ |
} |
188 |
+ |
else { |
189 |
+ |
add(ACL.DENY, expression); |
190 |
+ |
} |
191 |
+ |
} |
192 |
+ |
// if it's not ALLOW or DENY, it's not a |
193 |
+ |
// proper rule, so we'll ignore it |
194 |
+ |
} |
195 |
+ |
} |
196 |
+ |
} |
197 |
+ |
} |
198 |
+ |
|
199 |
+ |
/** |
200 |
|
* Check to see if a string is permitted by the |
201 |
|
* ACL. Useful for testing, and non-Socket uses |
202 |
|
* of this class. |
253 |
|
} |
254 |
|
|
255 |
|
/** |
256 |
+ |
* Clears the ACL and resets the default mode. |
257 |
+ |
*/ |
258 |
+ |
public void clear() { |
259 |
+ |
// just clear out our underlying ArrayList |
260 |
+ |
// containing our ACL objects |
261 |
+ |
_acl.clear(); |
262 |
+ |
// and reset the default mode to the default |
263 |
+ |
setDefaultMode(DEFMODE); |
264 |
+ |
} |
265 |
+ |
|
266 |
+ |
/** |
267 |
+ |
* Changes the default mode of the ACL. This is what |
268 |
+ |
* the check will return if it does not find an explict |
269 |
+ |
* rule to match against. |
270 |
+ |
* |
271 |
+ |
* @param defaultMode the new default mode |
272 |
+ |
*/ |
273 |
+ |
public void setDefaultMode(boolean defaultMode) { |
274 |
+ |
_defaultMode = defaultMode; |
275 |
+ |
} |
276 |
+ |
|
277 |
+ |
/** |
278 |
|
* Gives a String representation of this ACL. |
279 |
|
* |
280 |
|
* @return A String representation of this ACL. |
412 |
|
/** |
413 |
|
* The default mode of this ACL. |
414 |
|
*/ |
415 |
< |
private boolean _defaultMode; |
415 |
> |
private boolean _defaultMode = DEFMODE; |
416 |
|
|
417 |
|
//---STATIC ATTRIBUTES--- |
418 |
|
|