2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.aaf;
24 import java.util.ArrayList;
25 import java.util.List;
27 import org.onap.aaf.cadi.Permission;
30 * A Class that understands the AAF format of Permission (name/type/action)
31 * or String "name|type|action"
36 public class AAFPermission implements Permission {
37 private static final List<String> NO_ROLES;
38 protected String type,instance,action,key;
39 private List<String> roles;
42 NO_ROLES = new ArrayList<String>();
45 protected AAFPermission() {roles=NO_ROLES;}
47 public AAFPermission(String type, String instance, String action) {
49 this.instance = instance;
51 key = type + '|' + instance + '|' + action;
52 this.roles = NO_ROLES;
55 public AAFPermission(String type, String instance, String action, List<String> roles) {
57 this.instance = instance;
59 key = type + '|' + instance + '|' + action;
60 this.roles = roles==null?NO_ROLES:roles;
65 * if Permission is Fielded type "Permission", we use the fields
66 * otherwise, we split the Permission with '|'
68 * when the type or action starts with REGEX indicator character ( ! ),
69 * then it is evaluated as a regular expression.
71 * If you want a simple field comparison, it is faster without REGEX
73 public boolean match(Permission p) {
74 if(p instanceof AAFPermission) {
75 AAFPermission ap = (AAFPermission)p;
76 // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
77 // Current solution is only allow direct match on Type.
78 // 8/28/2014 Jonathan - added REGEX ability
79 if(type.equals(ap.getName()))
80 if(PermEval.evalInstance(instance,ap.getInstance()))
81 if(PermEval.evalAction(action,ap.getAction()))
84 // Permission is concatenated together: separated by |
85 String[] aaf = p.getKey().split("[\\s]*\\|[\\s]*",3);
86 if(aaf.length>0 && type.equals(aaf[0]))
87 if(PermEval.evalInstance(instance,aaf.length>1?aaf[1]:"*"))
88 if(PermEval.evalAction(action,aaf.length>2?aaf[2]:"*"))
94 public String getName() {
98 public String getInstance() {
102 public String getAction() {
106 public String getKey() {
111 * @see org.onap.aaf.cadi.Permission#permType()
113 public String permType() {
117 public List<String> roles() {
120 public String toString() {
121 return "AAFPermission:\n\tType: " + type +
122 "\n\tInstance: " + instance +
123 "\n\tAction: " + action +