cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.cadi.aaf;
  23
  24 import java.util.ArrayList;
  25 import java.util.List;
  26
  27 import org.onap.aaf.cadi.Permission;
  28 import org.onap.aaf.misc.env.util.Split;
  29
  30 /**
  31  * A Class that understands the AAF format of Permission (name/type/action)
  32  *  or String "name|type|action"
  33  *
  34  * @author Jonathan
  35  *
  36  */
  37 public class AAFPermission implements Permission {
  38         private static final List<String> NO_ROLES;
  39         protected String ns,type,instance,action,key;
  40         private List<String> roles;
  41
  42         static {
  43                 NO_ROLES = new ArrayList<>();
  44         }
  45
  46         protected AAFPermission() {roles=NO_ROLES;}
  47
  48         public AAFPermission(String ns, String name, String instance, String action) {
  49                 this.ns = ns;
  50                 type = name;
  51                 this.instance = instance;
  52                 this.action = action;
  53                 key = ns + '|' + type + '|' + instance + '|' + action;
  54                 this.roles = NO_ROLES;
  55
  56         }
  57
  58         public AAFPermission(String ns, String name, String instance, String action, List<String> roles) {
  59                 this.ns = ns;
  60                 type = name;
  61                 this.instance = instance;
  62                 this.action = action;
  63                 key = ns + '|' + type + '|' + instance + '|' + action;
  64                 this.roles = roles==null?NO_ROLES:roles;
  65         }
  66
  67         /**
  68          * Match a Permission
  69          * if Permission is Fielded type "Permission", we use the fields
  70          * otherwise, we split the Permission with '|'
  71          *
  72          * when the type or action starts with REGEX indicator character ( ! ),
  73          * then it is evaluated as a regular expression.
  74          *
  75          * If you want a simple field comparison, it is faster without REGEX
  76          */
  77         public boolean match(Permission p) {
  78                 String aafNS;
  79                 String aafType;
  80                 String aafInstance;
  81                 String aafAction;
  82                 if(p instanceof AAFPermission) {
  83                         AAFPermission ap = (AAFPermission)p;
  84                         // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
  85                         // Current solution is only allow direct match on Type.
  86                         // 8/28/2014 Jonathan - added REGEX ability
  87                         aafNS = ap.getNS();
  88                         aafType = ap.getType();
  89                         aafInstance = ap.getInstance();
  90                         aafAction = ap.getAction();
  91                 } else {
  92                         // Permission is concatenated together: separated by
  93                         String[] aaf = Split.splitTrim('|', p.getKey());
  94                         switch(aaf.length) {
  95                                 case 1:
  96                                         aafNS = aaf[0];
  97                                         aafType="";
  98                                         aafInstance = aafAction = "*";
  99                                         break;
 100                                 case 2:
 101                                         aafNS = aaf[0];
 102                                         aafType = aaf[1];
 103                                         aafInstance = aafAction = "*";
 104                                         break;
 105                                 case 3:
 106                                         aafNS = aaf[0];
 107                                         aafType = aaf[1];
 108                                         aafInstance = aaf[2];
 109                                         aafAction = "*";
 110                                         break;
 111                                 default:
 112                                         aafNS = aaf[0];
 113                                         aafType = aaf[1];
 114                                         aafInstance = aaf[2];
 115                                         aafAction = aaf[3];
 116                                 break;
 117                         }
 118                 }
 119                 boolean typeMatches;
 120                 if(aafNS.length() == ns.length()) {
 121                         typeMatches = aafNS.equals(ns) && aafType.equals(type);
 122                 } else { // Allow for restructuring of NS/Perm structure
 123                         typeMatches = (aafNS+'.'+aafType).equals(ns+'.'+type);
 124                 }
 125                 return (typeMatches &&
 126                                 PermEval.evalInstance(instance, aafInstance) &&
 127                                 PermEval.evalAction(action, aafAction));
 128         }
 129
 130         public String getNS() {
 131                 return ns;
 132         }
 133
 134         public String getType() {
 135                 return type;
 136         }
 137
 138         public String getFullType() {
 139                 return ns + '.' + type;
 140         }
 141
 142         public String getInstance() {
 143                 return instance;
 144         }
 145
 146         public String getAction() {
 147                 return action;
 148         }
 149
 150         public String getKey() {
 151                 return key;
 152         }
 153
 154         /* (non-Javadoc)
 155          * @see org.onap.aaf.cadi.Permission#permType()
 156          */
 157         public String permType() {
 158                 return "AAF";
 159         }
 160
 161         public List<String> roles() {
 162                 return roles;
 163         }
 164         public String toString() {
 165                 return "AAFPermission:" +
 166                                 "\n\tNS: " + ns +
 167                                 "\n\tType: " + type +
 168                                 "\n\tInstance: " + instance +
 169                                 "\n\tAction: " + action +
 170                                 "\n\tKey: " + key;
 171         }
 172 }