2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.lur;
24 import java.security.Principal;
25 import java.util.List;
27 import org.onap.aaf.cadi.CachingLur;
28 import org.onap.aaf.cadi.CadiException;
29 import org.onap.aaf.cadi.CredVal;
30 import org.onap.aaf.cadi.Lur;
31 import org.onap.aaf.cadi.Permission;
36 * Short for "Epic LUR". Be able to run through a series of LURs to obtain the validation needed.
38 * The pun is better for the other pattern... "TAF" (aka EpiTaf), but it's still the larger picture of
39 * LURs that will be accomplished.
41 * FYI, the reason we separate LURs, rather than combine, is that Various User Repository Resources have
42 * different Caching requirements. For instance, the Local User Repo (with stand alone names), never expire, but might be
43 * refreshed with a change in Configuration File, while the Remote Service based LURs will need to expire at prescribed intervals
48 public final class EpiLur implements Lur {
49 private final Lur[] lurs;
54 * Construct the EpiLur from variable TAF parameters
56 * @throws CadiException
58 public EpiLur(Lur ... lurs) throws CadiException{
60 if(lurs.length==0) throw new CadiException("Need at least one Lur implementation in constructor");
63 public boolean fish(Principal bait, Permission ... pond) {
69 for(int i=0;!rv && i<lurs.length;++i) {
70 rv = (lur = lurs[i]).fish(bait, pond);
71 if(!rv && lur.handlesExclusively(pond)) break;
76 public void fishAll(Principal bait, List<Permission> permissions) {
78 lur.fishAll(bait, permissions);
82 public void destroy() {
89 * Return the first Lur (if any) which also implements UserPass
92 public CredVal getUserPassImpl() {
94 if(lur instanceof CredVal) {
101 // Never needed... Only EpiLur uses...
102 public boolean handlesExclusively(Permission ... pond) {
107 * Get Lur for index. Returns null if out of range
111 public Lur get(int idx) {
112 if(idx>=0 && idx<lurs.length) {
118 public boolean handles(Principal p) {
127 public void remove(String id) {
129 if(l instanceof CachingLur) {
130 ((CachingLur<?>)l).remove(id);
135 public Lur subLur(Class<? extends Lur> cls ) {
137 if(l.getClass().isAssignableFrom(cls)) {
145 public Permission createPerm(String p) {
146 return new LocalPermission(p);
150 * @see org.onap.aaf.cadi.Lur#clear(java.security.Principal, java.lang.StringBuilder)
153 public void clear(Principal p, StringBuilder report) {
154 for(Lur lur : lurs) {
155 lur.clear(p, report);
159 public String toString() {
160 StringBuilder sb = new StringBuilder();
161 for(Lur lur : lurs) {
162 sb.append(lur.getClass().getSimpleName());
163 sb.append(": Report\n");
164 sb.append(lur.toString());
167 return sb.toString();
Code Review / aaf / authz.git / blob