2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.aaf;
24 import java.util.ArrayList;
25 import java.util.List;
27 import org.onap.aaf.cadi.Permission;
28 import org.onap.aaf.misc.env.util.Split;
31 * A Class that understands the AAF format of Permission (name/type/action)
32 * or String "name|type|action"
37 public class AAFPermission implements Permission {
38 private static final List<String> NO_ROLES;
39 protected String ns,type,instance,action,key;
40 private List<String> roles;
43 NO_ROLES = new ArrayList<>();
46 protected AAFPermission() {roles=NO_ROLES;}
48 public AAFPermission(String ns, String name, String instance, String action) {
51 this.instance = instance;
53 key = ns + '|' + type + '|' + instance + '|' + action;
54 this.roles = NO_ROLES;
58 public AAFPermission(String ns, String name, String instance, String action, List<String> roles) {
61 this.instance = instance;
63 key = ns + '|' + type + '|' + instance + '|' + action;
64 this.roles = roles==null?NO_ROLES:roles;
69 * if Permission is Fielded type "Permission", we use the fields
70 * otherwise, we split the Permission with '|'
72 * when the type or action starts with REGEX indicator character ( ! ),
73 * then it is evaluated as a regular expression.
75 * If you want a simple field comparison, it is faster without REGEX
77 public boolean match(Permission p) {
82 if(p instanceof AAFPermission) {
83 AAFPermission ap = (AAFPermission)p;
84 // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
85 // Current solution is only allow direct match on Type.
86 // 8/28/2014 Jonathan - added REGEX ability
88 aafType = ap.getType();
89 aafInstance = ap.getInstance();
90 aafAction = ap.getAction();
92 // Permission is concatenated together: separated by
93 String[] aaf = Split.splitTrim('|', p.getKey());
98 aafInstance = aafAction = "*";
103 aafInstance = aafAction = "*";
108 aafInstance = aaf[2];
114 aafInstance = aaf[2];
120 if(aafNS.length() == ns.length()) {
121 typeMatches = aafNS.equals(ns) && aafType.equals(type);
122 } else { // Allow for restructuring of NS/Perm structure
123 typeMatches = (aafNS+'.'+aafType).equals(ns+'.'+type);
125 return (typeMatches &&
126 PermEval.evalInstance(instance, aafInstance) &&
127 PermEval.evalAction(action, aafAction));
130 public String getNS() {
134 public String getType() {
138 public String getFullType() {
139 return ns + '.' + type;
142 public String getInstance() {
146 public String getAction() {
150 public String getKey() {
155 * @see org.onap.aaf.cadi.Permission#permType()
157 public String permType() {
161 public List<String> roles() {
164 public String toString() {
165 return "AAFPermission:" +
167 "\n\tType: " + type +
168 "\n\tInstance: " + instance +
169 "\n\tAction: " + action +