- public AAFPermission(String ns, String name, String instance, String action, List<String> roles) {
- this.ns = ns;
- type = name;
- this.instance = instance;
- this.action = action;
- if(ns==null) {
- key = type + '|' + instance + '|' + action;
- } else {
- key = ns + '|' + type + '|' + instance + '|' + action;
- }
- this.roles = roles==null?NO_ROLES:roles;
- }
-
- /**
- * Match a Permission
- * if Permission is Fielded type "Permission", we use the fields
- * otherwise, we split the Permission with '|'
- *
- * when the type or action starts with REGEX indicator character ( ! ),
- * then it is evaluated as a regular expression.
- *
- * If you want a simple field comparison, it is faster without REGEX
- */
- public boolean match(Permission p) {
- String aafNS;
- String aafType;
- String aafInstance;
- String aafAction;
- if(p instanceof AAFPermission) {
- AAFPermission ap = (AAFPermission)p;
- // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
- // Current solution is only allow direct match on Type.
- // 8/28/2014 Jonathan - added REGEX ability
- aafNS = ap.getNS();
- aafType = ap.getType();
- aafInstance = ap.getInstance();
- aafAction = ap.getAction();
- } else {
- // Permission is concatenated together: separated by
- String[] aaf = Split.splitTrim('|', p.getKey());
- switch(aaf.length) {
- case 1:
- aafNS = aaf[0];
- aafType="";
- aafInstance = aafAction = "*";
- break;
- case 2:
- aafNS = aaf[0];
- aafType = aaf[1];
- aafInstance = aafAction = "*";
- break;
- case 3:
- aafNS = aaf[0];
- aafType = aaf[1];
- aafInstance = aaf[2];
- aafAction = "*";
- break;
- default:
- aafNS = aaf[0];
- aafType = aaf[1];
- aafInstance = aaf[2];
- aafAction = aaf[3];
- break;
- }
- }
- boolean typeMatches;
- if(aafNS==null) {
- if(ns==null) {
- typeMatches = aafType.equals(type);
- } else {
- typeMatches = aafType.equals(ns+'.'+type);
- }
- } else if(ns==null) {
- typeMatches = type.equals(aafNS+'.'+aafType);
- } else if(aafNS.length() == ns.length()) {
- typeMatches = aafNS.equals(ns) && aafType.equals(type);
- } else { // Allow for restructuring of NS/Perm structure
- typeMatches = (aafNS+'.'+aafType).equals(ns+'.'+type);
- }
- return (typeMatches &&
- PermEval.evalInstance(instance, aafInstance) &&
- PermEval.evalAction(action, aafAction));
- }
+ public AAFPermission(String ns, String name, String instance, String action, List<String> roles) {
+ this.ns = ns;
+ type = name;
+ this.instance = instance;
+ this.action = action;
+ if (ns==null) {
+ key = type + '|' + instance + '|' + action;
+ } else {
+ key = ns + '|' + type + '|' + instance + '|' + action;
+ }
+ this.roles = roles==null?NO_ROLES:roles;
+ }
+
+ /**
+ * Match a Permission
+ * if Permission is Fielded type "Permission", we use the fields
+ * otherwise, we split the Permission with '|'
+ *
+ * when the type or action starts with REGEX indicator character ( ! ),
+ * then it is evaluated as a regular expression.
+ *
+ * If you want a simple field comparison, it is faster without REGEX
+ */
+ public boolean match(Permission p) {
+ if(p==null) {
+ return false;
+ }
+ String aafNS;
+ String aafType;
+ String aafInstance;
+ String aafAction;
+ if (p instanceof AAFPermission) {
+ AAFPermission ap = (AAFPermission)p;
+ // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
+ // Current solution is only allow direct match on Type.
+ // 8/28/2014 Jonathan - added REGEX ability
+ aafNS = ap.getNS();
+ aafType = ap.getType();
+ aafInstance = ap.getInstance();
+ aafAction = ap.getAction();
+ } else {
+ // Permission is concatenated together: separated by
+ String[] aaf = Split.splitTrim('|', p.getKey());
+ switch(aaf.length) {
+ case 1:
+ aafNS = aaf[0];
+ aafType="";
+ aafInstance = aafAction = "*";
+ break;
+ case 2:
+ aafNS = aaf[0];
+ aafType = aaf[1];
+ aafInstance = aafAction = "*";
+ break;
+ case 3:
+ aafNS = aaf[0];
+ aafType = aaf[1];
+ aafInstance = aaf[2];
+ aafAction = "*";
+ break;
+ default:
+ aafNS = aaf[0];
+ aafType = aaf[1];
+ aafInstance = aaf[2];
+ aafAction = aaf[3];
+ break;
+ }
+ }
+ boolean typeMatches;
+ if (aafNS==null) {
+ if (ns==null) {
+ typeMatches = aafType.equals(type);
+ } else {
+ typeMatches = aafType.equals(ns+'.'+type);
+ }
+ } else if (ns==null) {
+ typeMatches = type.equals(aafNS+'.'+aafType);
+ } else if (aafNS.length() == ns.length()) {
+ typeMatches = aafNS.equals(ns) && aafType.equals(type);
+ } else { // Allow for restructuring of NS/Perm structure
+ typeMatches = (aafNS+'.'+aafType).equals(ns+'.'+type);
+ }
+ return (typeMatches &&
+ PermEval.evalInstance(instance, aafInstance) &&
+ PermEval.evalAction(action, aafAction));
+ }