--- projects/cms/source/util/uk/org/iscream/cms/util/ACL.java 2002/03/19 12:18:22 1.3 +++ projects/cms/source/util/uk/org/iscream/cms/util/ACL.java 2002/03/20 17:03:35 1.4 @@ -16,7 +16,7 @@ import java.io.Serializable; * the relevant check method. * * @author $Author: tdb $ - * @version $Id: ACL.java,v 1.3 2002/03/19 12:18:22 tdb Exp $ + * @version $Id: ACL.java,v 1.4 2002/03/20 17:03:35 tdb Exp $ */ public class ACL implements Serializable { @@ -25,7 +25,7 @@ public class ACL implements Serializable { /** * The current CVS revision of this class */ - public static final String REVISION = "$Revision: 1.3 $"; + public static final String REVISION = "$Revision: 1.4 $"; /** * static to be used when adding an ALLOW rule to the ACL. @@ -36,6 +36,11 @@ public class ACL implements Serializable { * static to be used when adding a DENY rule to the ACL. */ public static final boolean DENY = false; + + /** + * default setting for the default mode for a new ACL. + */ + public static final boolean DEFMODE = ACL.ALLOW; //---STATIC METHODS--- @@ -47,8 +52,8 @@ public class ACL implements Serializable { * blocked by a rule. */ public ACL() { - // default to ACL.ALLOW - this(ACL.ALLOW); + // default to DEFMODE + this(DEFMODE); } /** @@ -59,7 +64,7 @@ public class ACL implements Serializable { * @param defaultMode the default mode for non-matched checks */ public ACL(boolean defaultMode) { - _defaultMode = defaultMode; + setDefaultMode(defaultMode); } /** @@ -73,13 +78,54 @@ public class ACL implements Serializable { * rule (what should happen if no expression is matched * when performing a check). * The default mode is set to ALLOW if one is not - * specified. + * specified in the String. * * @param acl a String representation of the ACL. */ public ACL(String acl) { - // default to ALLOW - _defaultMode = ACL.ALLOW; + setDefaultMode(DEFMODE); + add(acl); + } + +//---PUBLIC METHODS--- + + /** + * Add a new rule to the ACL immediately after the + * previous rule. The rule can either be an ACL.ALLOW + * rule, or an ACL.DENY rule. The expression can + * contain a wildcard (a * only). Rules can only be + * added to the end of the list. + * + * param allow whether this is an ALLOW or DENY rule + * param expression what this rule matches using wildcards + */ + public void add(boolean allow, String expression) { + // try and convert the expression into an IP address + short[] ipaddr = ipStringToShort(expression); + // a result of null means it's not an IP address + // add either a name rule or an IP rule + if(ipaddr != null) { + _acl.add(new ACLRule(allow, expression, ipaddr, true)); + } + else { + _acl.add(new ACLRule(allow, expression, ipaddr, false)); + } + } + + /** + * Add some new rules to the Access Control List in + * the form of a String. The String should be of the + * following format: + * expression:rule;expression:rule;expression:rule... + * Where expression is a wildcard to match against, and + * rule is either 'ALLOW' or 'DENY'. There is a special + * expression of 'DEFAULT' which represents the default + * rule (what should happen if no expression is matched + * when performing a check). + * + * @param acl a String representation of the ACL. + */ + public void add(String acl) { if(acl != null) { // split the String into expression:rule parts StringTokenizer st1 = new StringTokenizer(acl, ";"); @@ -109,7 +155,7 @@ public class ACL implements Serializable { if(rule.equals("ALLOW")) { // case for special 'DEFAULT' expression if(expression.equals("DEFAULT")) { - _defaultMode = ACL.ALLOW; + setDefaultMode(ACL.ALLOW); } else { add(ACL.ALLOW, expression); @@ -118,7 +164,7 @@ public class ACL implements Serializable { else if(rule.equals("DENY")) { // case for special 'DEFAULT' expression if(expression.equals("DEFAULT")) { - _defaultMode = ACL.DENY; + setDefaultMode(ACL.DENY); } else { add(ACL.DENY, expression); @@ -130,31 +176,6 @@ public class ACL implements Serializable { } } } - -//---PUBLIC METHODS--- - - /** - * Add a new rule to the ACL immediately after the - * previous rule. The rule can either be an ACL.ALLOW - * rule, or an ACL.DENY rule. The expression can - * contain a wildcard (a * only). Rules can only be - * added to the end of the list. - * - * param allow whether this is an ALLOW or DENY rule - * param expression what this rule matches using wildcards - */ - public void add(boolean allow, String expression) { - // try and convert the expression into an IP address - short[] ipaddr = ipStringToShort(expression); - // a result of null means it's not an IP address - // add either a name rule or an IP rule - if(ipaddr != null) { - _acl.add(new ACLRule(allow, expression, ipaddr, true)); - } - else { - _acl.add(new ACLRule(allow, expression, ipaddr, false)); - } - } /** * Check to see if a string is permitted by the @@ -213,6 +234,28 @@ public class ACL implements Serializable { } /** + * Clears the ACL and resets the default mode. + */ + public void clear() { + // just clear out our underlying ArrayList + // containing our ACL objects + _acl.clear(); + // and reset the default mode to the default + setDefaultMode(DEFMODE); + } + + /** + * Changes the default mode of the ACL. This is what + * the check will return if it does not find an explict + * rule to match against. + * + * @param defaultMode the new default mode + */ + public void setDefaultMode(boolean defaultMode) { + _defaultMode = defaultMode; + } + + /** * Gives a String representation of this ACL. * * @return A String representation of this ACL. @@ -350,7 +393,7 @@ public class ACL implements Serializable { /** * The default mode of this ACL. */ - private boolean _defaultMode; + private boolean _defaultMode = DEFMODE; //---STATIC ATTRIBUTES---