+ public void fishAll(Principal bait, List<Permission> perms) {
+ if (preemptiveLur!=null && preemptiveLur.handles(bait)) {
+ preemptiveLur.fishAll(bait, perms);
+ } else {
+ if (isDebug(bait)) {
+ StringBuilder sb = new StringBuilder("Log for ");
+ sb.append(bait);
+ if (handles(bait)) {
+ User<PERM> user = getUser(bait);
+ if (user==null) {
+ sb.append("\n\tUser is not in Cache");
+ } else {
+ if (user.noPerms()) {
+ sb.append("\n\tUser has no Perms");
+ }
+ if (user.permExpired()) {
+ sb.append("\n\tUser's perm expired [");
+ sb.append(new Date(user.permExpires()));
+ sb.append(']');
+ } else {
+ sb.append("\n\tUser's perm expires [");
+ sb.append(new Date(user.permExpires()));
+ sb.append(']');
+ }
+ }
+ if (user==null || user.permsUnloaded() || user.permExpired()) {
+ user = loadUser(bait);
+ sb.append("\n\tloadUser called");
+ }
+ if (user==null) {
+ sb.append("\n\tUser was not Loaded");
+ } else {
+ sb.append("\n\tCopying Perms ");
+ user.copyPermsTo(perms);
+ for (Permission p : perms) {
+ sb.append("\n\t\t");
+ sb.append(p.getKey());
+ }
+ }
+ } else {
+ sb.append("AAF Lur does not support [");
+ sb.append(bait);
+ sb.append("]");
+ }
+ aaf.access.log(Level.INFO, sb);
+ } else {
+ if (handles(bait)) {
+ User<PERM> user = getUser(bait);
+ if (user==null || user.permsUnloaded() || user.permExpired()) {
+ user = loadUser(bait);
+ }
+ if (user!=null) {
+ user.copyPermsTo(perms);
+ }
+ }
+ }
+ }
+ }
+
+ @Override
+ public void remove(String user) {
+ super.remove(user);
+ }
+
+ private boolean isDebug(Principal p) {
+ if (debug!=null) {
+ if (debug.length==1 && "all".equals(debug[0])) {
+ return true;
+ }
+ String name = p.getName();
+ for (String s : debug) {
+ if (s.equals(name)) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+ /**
+ * This special case minimizes loops, avoids multiple Set hits, and calls all the appropriate Actions found.
+ *
+ * @param bait
+ * @param obj
+ * @param type
+ * @param instance
+ * @param actions
+ */
+ public<A> void fishOneOf(Principal princ, A obj, String type, String instance, List<Action<A>> actions) {
+ User<PERM> user = getUser(princ);
+ if (user==null || user.permsUnloaded() || user.permExpired()) {
+ user = loadUser(princ);
+ }
+ if (user!=null) {
+ ReuseAAFPermission perm = new ReuseAAFPermission(type,instance);
+ for (Action<A> action : actions) {
+ perm.setAction(action.getName());
+ if (user.contains(perm)) {
+ if (action.exec(obj))return;
+ }
+ }
+ }
+ }
+
+ public static interface Action<A> {
+ public String getName();
+ /**
+ * Return false to continue, True to end now
+ * @return
+ */
+ public boolean exec(A a);
+ }
+
+ private class ReuseAAFPermission extends AAFPermission {
+ public ReuseAAFPermission(String type, String instance) {
+ super(type,instance,null,null);
+ }
+
+ public void setAction(String s) {
+ action = s;
+ }
+
+ /**
+ * This function understands that AAF Keys are hierarchical, :A:B:C,
+ * Cassandra follows a similar method, so we'll short circuit and do it more efficiently when there isn't a first hit
+ * @return
+ */
+ }