001 /* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at 010 * trunk/opends/resource/legal-notices/OpenDS.LICENSE 011 * or https://OpenDS.dev.java.net/OpenDS.LICENSE. 012 * See the License for the specific language governing permissions 013 * and limitations under the License. 014 * 015 * When distributing Covered Code, include this CDDL HEADER in each 016 * file and include the License file at 017 * trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable, 018 * add the following below this CDDL HEADER, with the fields enclosed 019 * by brackets "[]" replaced with your own identifying information: 020 * Portions Copyright [yyyy] [name of copyright owner] 021 * 022 * CDDL HEADER END 023 * 024 * 025 * Copyright 2008 Sun Microsystems, Inc. 026 */ 027 028 029 package org.opends.server.authorization.dseecompat; 030 031 import static org.opends.messages.AccessControlMessages.*; 032 import java.util.HashSet; 033 034 /** 035 * This class represents an ACI's targetcontrol keyword. 036 */ 037 038 public class TargetControl { 039 040 /* 041 * HashSet of OID strings parsed from the decode. 042 */ 043 private HashSet<String> controlOIDS = new HashSet<String>(); 044 045 /* 046 * Enumeration representing the targetcontrol operator. 047 */ 048 049 private EnumTargetOperator op = EnumTargetOperator.EQUALITY; 050 051 /** 052 * Creates a class that can be used to evaluate a targetcontrol. 053 * 054 * @param op The operator of the targetcontrol expression (=, !=). 055 * @param controlOIDS Set of control OIDS to use in the evaluation (may 056 * contain wild-card '*'). 057 */ 058 private TargetControl(EnumTargetOperator op, HashSet<String> controlOIDS) { 059 this.controlOIDS=controlOIDS; 060 this.op=op; 061 } 062 063 /** 064 * Decode an targetcontrol expression string. 065 * 066 * @param operator An enumeration representing the operator type. 067 * @param expr A string representing the targetcontrol expression. 068 * @return A class representing the targetcontrol expression that can be 069 * used to evaluate an ACI. 070 * 071 * @throws AciException If the specified expression string is invalid. 072 */ 073 public static TargetControl decode(EnumTargetOperator operator, String expr) 074 throws AciException { 075 HashSet<String> controlOIDs = 076 Aci.decodeOID(expr, 077 WARN_ACI_SYNTAX_INVALID_TARGETCONTROL_EXPRESSION.get(expr)); 078 return new TargetControl(operator, controlOIDs); 079 } 080 081 /** 082 * Check if a targetcontrol is applicable based on the provided target match 083 * context. 084 * 085 * @param matchCtx The target match context to use in the check. 086 * @return True if the targetcontrol is applicable based on the context. 087 */ 088 public boolean isApplicable(AciTargetMatchContext matchCtx) { 089 if(matchCtx.getControlOID() == null) 090 return false; 091 boolean ret = false; 092 for(String oid : controlOIDS) 093 if(oid.equals("*") || matchCtx.getControlOID().equals(oid)) { 094 ret=true; 095 break; 096 } 097 if(op.equals(EnumTargetOperator.NOT_EQUALITY)) 098 ret = !ret; 099 return ret; 100 } 101 } 102