|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.opends.server.authorization.dseecompat.Aci
public class Aci
The Aci class represents ACI strings.
Field Summary | |
---|---|
static int |
ACI_ADD
ACI_ADD is used to set the container rights for a LDAP add operation. |
static int |
ACI_ALL
ACI_ALL is used to as a mask for all of the above. |
static int |
ACI_COMPARE
ACI_COMPARE is used to set the container rights for a LDAP compare operation. |
static int |
ACI_CONTROL
Used by the control evaluation access check. |
static int |
ACI_DELETE
ACI_DELETE is used to set the container rights for a LDAP delete operation. |
static int |
ACI_EXPORT
ACI_EXPORT is used to set the container rights for a LDAP modify dn operation. |
static int |
ACI_EXT_OP
Used by the extended operation access check. |
static int |
ACI_FOUND_OP_ATTR_RULE
ACI_FOUND_OP_ATTR_RULE is the flag set when the evaluation reason of a AciHandler.maysend ACI_READ access evaluation was the result of an ACI targetattr specific operational attribute expression (targetattr="some operational attribute type") target match. |
static int |
ACI_FOUND_USER_ATTR_RULE
ACI_FOUND_USER_ATTR_RULE is the flag set when the evaluation reason of a AciHandler.maysend ACI_READ access evaluation was the result of an ACI targetattr specific user attribute expression (targetattr="some user attribute type") target match. |
static int |
ACI_IMPORT
ACI_IMPORT is used to set the container rights for a LDAP modify dn operation. |
static int |
ACI_NULL
ACI_NULL is used to set the container rights to all zeros. |
static int |
ACI_OP_ATTR_PLUS_MATCHED
ACI_OP_ATTR_PLUS_MATCHED is the flag set when the evaluation reason of a AciHandler.maysend ACI_READ access evaluation was the result of an ACI targetattr all operational attributes expression (targetattr="+") target match. |
static int |
ACI_PROXY
ACI_PROXY is used for the PROXY right. |
static int |
ACI_READ
ACI_READ is used to set the container rights for a LDAP search operation. |
static int |
ACI_SEARCH
ACI_SEARCH is used to set the container rights a LDAP search operation. |
static int |
ACI_SELF
ACI_SELF is used for the SELFWRITE right. |
static int |
ACI_SKIP_PROXY_CHECK
ACI_SKIP_PROXY_CHECK is used to bypass the proxy access check. |
static java.lang.String |
ACI_STATEMENT_SEPARATOR
Regular expression matching a ACL statement separator. |
static int |
ACI_USER_ATTR_STAR_MATCHED
ACI_ATTR_STAR_MATCHED is the flag set when the evaluation reason of a AciHandler.maysend ACI_READ access evaluation was the result of an ACI targetattr all attributes expression (targetattr="*") target match. |
static int |
ACI_WRITE
ACI_WRITE is used to set the container rights for a LDAP modify operation. |
static int |
ACI_WRITE_ADD
ACI_WRITE_ADD is used by the LDAP modify operation. |
static int |
ACI_WRITE_DELETE
ACI_WRITE_DELETE is used by the LDAP modify operation. |
static java.lang.String |
ALL_OP_ATTRS_WILD_CARD
Regular expression the matches "+". |
static java.lang.String |
ALL_USER_ATTRS_WILD_CARD
Regular expression the matches "*". |
static java.lang.String |
ATTR_NAME
Regular expression that graciously matches an attribute type name. |
static java.lang.String |
CLOSED_PAREN
Regular expression used to match a closed parenthesis. |
static java.lang.String |
EQUAL_SIGN
Regular expression used to match a single equal sign. |
static java.lang.String |
LDAP_URL
Regular expression matching a LDAP URL. |
static java.lang.String |
LOGICAL_OR
Regular expression used to match token that joins expressions (||). |
static java.lang.String |
NULL_LDAP_URL
String used to check for NULL ldap URL. |
static java.lang.String |
OPEN_PAREN
Regular expression used to match an open parenthesis. |
static java.lang.String |
supportedVersion
Version that we support. |
static int |
TARGATTRFILTERS_ADD
TARGATTRFILTER_ADD is used to specify that a targattrfilters ADD operation was seen in the ACI. |
static int |
TARGATTRFILTERS_DELETE
TARGATTRFILTER_DELETE is used to specify that a targattrfilters DELETE operation was seen in the ACI. |
static java.lang.String |
WORD_GROUP
Regular expression matching a word group. |
static java.lang.String |
WORD_GROUP_START_PATTERN
Regular expression matching a word group at the start of a pattern. |
static java.lang.String |
ZERO_OR_MORE_WHITESPACE
Regular expression matching a white space. |
static java.lang.String |
ZERO_OR_MORE_WHITESPACE_START_PATTERN
Regular expression matching a white space at the start of a pattern. |
Method Summary | |
---|---|
static Aci |
decode(ByteString byteString,
DN dn)
Decode an ACI byte string. |
static java.util.HashSet<java.lang.String> |
decodeOID(java.lang.String expr,
Message msg)
Decode an OIDs expression string. |
static EnumEvalResult |
evaluate(AciEvalContext evalCtx,
Aci aci)
Static class used to evaluate an ACI and evaluation context. |
DN |
getDN()
Return the DN of the entry containing the ACI. |
java.lang.String |
getName()
Returns the name string of this ACI. |
AciTargets |
getTargets()
Returns the targets of the ACI. |
boolean |
hasAccessType(EnumAccessType accessType)
Re-direct has access type to the body's hasAccessType method. |
boolean |
hasRights(int rights)
Check if the body of the ACI matches the rights specified. |
static boolean |
isApplicable(Aci aci,
AciTargetMatchContext matchCtx)
Test if the given ACI is applicable using the target match information provided. |
java.lang.String |
toString()
Return the string representation of the ACI. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String supportedVersion
public static final java.lang.String WORD_GROUP
public static final java.lang.String WORD_GROUP_START_PATTERN
public static final java.lang.String ZERO_OR_MORE_WHITESPACE
public static final java.lang.String ZERO_OR_MORE_WHITESPACE_START_PATTERN
public static final java.lang.String ACI_STATEMENT_SEPARATOR
public static final java.lang.String ATTR_NAME
public static final java.lang.String LDAP_URL
public static final java.lang.String NULL_LDAP_URL
public static final java.lang.String LOGICAL_OR
public static final java.lang.String OPEN_PAREN
public static final java.lang.String CLOSED_PAREN
public static final java.lang.String EQUAL_SIGN
public static final java.lang.String ALL_USER_ATTRS_WILD_CARD
public static final java.lang.String ALL_OP_ATTRS_WILD_CARD
public static final int ACI_ADD
public static final int ACI_DELETE
public static final int ACI_READ
public static final int ACI_WRITE
public static final int ACI_COMPARE
public static final int ACI_SEARCH
public static final int ACI_SELF
public static final int ACI_ALL
public static final int ACI_PROXY
public static final int ACI_IMPORT
public static final int ACI_EXPORT
public static final int ACI_WRITE_ADD
public static final int ACI_WRITE_DELETE
public static final int ACI_SKIP_PROXY_CHECK
public static final int TARGATTRFILTERS_ADD
public static final int TARGATTRFILTERS_DELETE
public static final int ACI_CONTROL
public static final int ACI_EXT_OP
public static final int ACI_USER_ATTR_STAR_MATCHED
public static final int ACI_FOUND_USER_ATTR_RULE
public static final int ACI_OP_ATTR_PLUS_MATCHED
public static final int ACI_FOUND_OP_ATTR_RULE
public static final int ACI_NULL
Method Detail |
---|
public static Aci decode(ByteString byteString, DN dn) throws AciException
byteString
- The ByteString containing the ACI string.dn
- DN of the ACI entry.
AciException
- If the parsing of the ACI string fails.public java.lang.String toString()
toString
in class java.lang.Object
public AciTargets getTargets()
public DN getDN()
public static boolean isApplicable(Aci aci, AciTargetMatchContext matchCtx)
aci
- The ACI to test.matchCtx
- The target matching context containing all the info
needed to match ACI targets.
public boolean hasRights(int rights)
rights
- Bit mask representing the rights to match.
public boolean hasAccessType(EnumAccessType accessType)
accessType
- The access type to match.
public static EnumEvalResult evaluate(AciEvalContext evalCtx, Aci aci)
evalCtx
- The context to evaluate with.aci
- The ACI to evaluate.
public java.lang.String getName()
public static java.util.HashSet<java.lang.String> decodeOID(java.lang.String expr, Message msg) throws AciException
expr
- A string representing the OID expression.msg
- A message to be used if there is an exception.
AciException
- If the specified expression string is invalid.
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |