2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.aaf;
24 import java.util.ArrayList;
25 import java.util.List;
27 import org.onap.aaf.cadi.Permission;
28 import org.onap.aaf.misc.env.util.Split;
31 * A Class that understands the AAF format of Permission (name/type/action)
32 * or String "name|type|action"
37 public class AAFPermission implements Permission {
38 private static final List<String> NO_ROLES;
39 protected String ns,type,instance,action,key;
40 private List<String> roles;
43 NO_ROLES = new ArrayList<>();
46 protected AAFPermission() {roles=NO_ROLES;}
48 public AAFPermission(String ns, String name, String instance, String action) {
51 this.instance = instance;
54 key = type + '|' + instance + '|' + action;
56 key = ns + '|' + type + '|' + instance + '|' + action;
58 this.roles = NO_ROLES;
62 public AAFPermission(String ns, String name, String instance, String action, List<String> roles) {
65 this.instance = instance;
68 key = type + '|' + instance + '|' + action;
70 key = ns + '|' + type + '|' + instance + '|' + action;
72 this.roles = roles==null?NO_ROLES:roles;
77 * if Permission is Fielded type "Permission", we use the fields
78 * otherwise, we split the Permission with '|'
80 * when the type or action starts with REGEX indicator character ( ! ),
81 * then it is evaluated as a regular expression.
83 * If you want a simple field comparison, it is faster without REGEX
85 public boolean match(Permission p) {
93 if (p instanceof AAFPermission) {
94 AAFPermission ap = (AAFPermission)p;
95 // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
96 // Current solution is only allow direct match on Type.
97 // 8/28/2014 Jonathan - added REGEX ability
99 aafType = ap.getType();
100 aafInstance = ap.getInstance();
101 aafAction = ap.getAction();
103 // Permission is concatenated together: separated by
104 String[] aaf = Split.splitTrim('|', p.getKey());
109 aafInstance = aafAction = "*";
114 aafInstance = aafAction = "*";
119 aafInstance = aaf[2];
125 aafInstance = aaf[2];
133 typeMatches = aafType.equals(type);
135 typeMatches = aafType.equals(ns+'.'+type);
137 } else if (ns==null) {
138 typeMatches = type.equals(aafNS+'.'+aafType);
139 } else if (aafNS.length() == ns.length()) {
140 typeMatches = aafNS.equals(ns) && aafType.equals(type);
141 } else { // Allow for restructuring of NS/Perm structure
142 typeMatches = (aafNS+'.'+aafType).equals(ns+'.'+type);
144 return (typeMatches &&
145 PermEval.evalInstance(instance, aafInstance) &&
146 PermEval.evalAction(action, aafAction));
149 public String getNS() {
153 public String getType() {
157 public String getFullType() {
158 return ns + '.' + type;
161 public String getInstance() {
165 public String getAction() {
169 public String getKey() {
174 * @see org.onap.aaf.cadi.Permission#permType()
176 public String permType() {
180 public List<String> roles() {
183 public String toString() {
184 return "AAFPermission:" +
186 "\n\tType: " + type +
187 "\n\tInstance: " + instance +
188 "\n\tAction: " + action +