* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
/**
* A Class that understands the AAF format of Permission (name/type/action)
* or String "name|type|action"
- *
+ *
* @author Jonathan
*
*/
private static final List<String> NO_ROLES;
protected String ns,type,instance,action,key;
private List<String> roles;
-
+
static {
NO_ROLES = new ArrayList<>();
}
type = name;
this.instance = instance;
this.action = action;
- if(ns==null) {
+ if (ns==null) {
key = type + '|' + instance + '|' + action;
} else {
key = ns + '|' + type + '|' + instance + '|' + action;
type = name;
this.instance = instance;
this.action = action;
- if(ns==null) {
+ if (ns==null) {
key = type + '|' + instance + '|' + action;
} else {
key = ns + '|' + type + '|' + instance + '|' + action;
}
this.roles = roles==null?NO_ROLES:roles;
}
-
+
/**
* Match a Permission
* if Permission is Fielded type "Permission", we use the fields
* otherwise, we split the Permission with '|'
- *
+ *
* when the type or action starts with REGEX indicator character ( ! ),
* then it is evaluated as a regular expression.
- *
+ *
* If you want a simple field comparison, it is faster without REGEX
*/
public boolean match(Permission p) {
+ if(p==null) {
+ return false;
+ }
String aafNS;
String aafType;
String aafInstance;
String aafAction;
- if(p instanceof AAFPermission) {
+ if (p instanceof AAFPermission) {
AAFPermission ap = (AAFPermission)p;
// Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
// Current solution is only allow direct match on Type.
aafInstance = ap.getInstance();
aafAction = ap.getAction();
} else {
- // Permission is concatenated together: separated by
+ // Permission is concatenated together: separated by
String[] aaf = Split.splitTrim('|', p.getKey());
switch(aaf.length) {
case 1:
case 3:
aafNS = aaf[0];
aafType = aaf[1];
- aafInstance = aaf[2];
+ aafInstance = aaf[2];
aafAction = "*";
break;
default:
aafNS = aaf[0];
aafType = aaf[1];
- aafInstance = aaf[2];
+ aafInstance = aaf[2];
aafAction = aaf[3];
break;
}
}
boolean typeMatches;
- if(aafNS==null) {
- if(ns==null) {
+ if (aafNS==null) {
+ if (ns==null) {
typeMatches = aafType.equals(type);
} else {
typeMatches = aafType.equals(ns+'.'+type);
}
- } else if(ns==null) {
+ } else if (ns==null) {
typeMatches = type.equals(aafNS+'.'+aafType);
- } else if(aafNS.length() == ns.length()) {
+ } else if (aafNS.length() == ns.length()) {
typeMatches = aafNS.equals(ns) && aafType.equals(type);
} else { // Allow for restructuring of NS/Perm structure
typeMatches = (aafNS+'.'+aafType).equals(ns+'.'+type);
public String getFullType() {
return ns + '.' + type;
}
-
+
public String getInstance() {
return instance;
}
-
+
public String getAction() {
return action;
}
-
+
public String getKey() {
return key;
}
public String toString() {
return "AAFPermission:" +
"\n\tNS: " + ns +
- "\n\tType: " + type +
+ "\n\tType: " + type +
"\n\tInstance: " + instance +
"\n\tAction: " + action +
"\n\tKey: " + key;
Code Review / aaf / authz.git / blobdiff