001 //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/branches/2.2_testing/src/org/deegree/security/drm/model/RightSet.java $
002 /*---------------- FILE HEADER ------------------------------------------
003
004 This file is part of deegree.
005 Copyright (C) 2001-2008 by:
006 EXSE, Department of Geography, University of Bonn
007 http://www.giub.uni-bonn.de/deegree/
008 lat/lon GmbH
009 http://www.lat-lon.de
010
011 This library is free software; you can redistribute it and/or
012 modify it under the terms of the GNU Lesser General Public
013 License as published by the Free Software Foundation; either
014 version 2.1 of the License, or (at your option) any later version.
015
016 This library is distributed in the hope that it will be useful,
017 but WITHOUT ANY WARRANTY; without even the implied warranty of
018 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019 Lesser General Public License for more details.
020
021 You should have received a copy of the GNU Lesser General Public
022 License along with this library; if not, write to the Free Software
023 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024
025 Contact:
026
027 Andreas Poth
028 lat/lon GmbH
029 Aennchenstr. 19
030 53115 Bonn
031 Germany
032 E-Mail: poth@lat-lon.de
033
034 Prof. Dr. Klaus Greve
035 Department of Geography
036 University of Bonn
037 Meckenheimer Allee 166
038 53115 Bonn
039 Germany
040 E-Mail: greve@giub.uni-bonn.de
041
042 ---------------------------------------------------------------------------*/
043 package org.deegree.security.drm.model;
044
045 import java.util.ArrayList;
046 import java.util.HashMap;
047 import java.util.Iterator;
048 import java.util.Map;
049
050 import org.deegree.model.feature.Feature;
051 import org.deegree.security.GeneralSecurityException;
052
053 /**
054 * A <code>RightSet</code> encapsulates a number of <code>Right</code> objects. This are grouped
055 * by the <code>SecurableObject</code> for which they apply to support an efficient implementation
056 * of the merge()-operation. The merge()-operation results in a <code>RightSet</code> that
057 * contains the logical rights of boths sets, but only one <code>Right</code> object of each
058 * <code>RightType</code> (and <code>SecurableObject</code>). This is accomplished by merging
059 * the constraints of the <code>Rights</code> of the same type (and object).
060 *
061 * @author <a href="mailto:mschneider@lat-lon.de">Markus Schneider </a>
062 * @version $Revision: 9346 $
063 */
064 public class RightSet {
065
066 // keys are SecurableObjects (for which the rights are defined), values
067 // are Maps (keys are RightTypes, values are Rights)
068 private Map<SecurableObject, Map<RightType, Right>> secObjects = new HashMap<SecurableObject, Map<RightType, Right>>();
069
070 RightSet() {
071 }
072
073 public RightSet( Right[] rights ) {
074 for ( int i = 0; i < rights.length; i++ ) {
075 Map<RightType, Right> rightMap = secObjects.get( rights[i].getSecurableObject() );
076 if ( rightMap == null ) {
077 rightMap = new HashMap<RightType, Right>();
078 }
079 rightMap.put( rights[i].getType(), rights[i] );
080 secObjects.put( rights[i].getSecurableObject(), rightMap );
081 }
082 }
083
084 /**
085 * Checks if the <code>RightSet</code> contains the permissions for a
086 * <code>SecurableObject</code> and a concrete situation (the situation is represented by the
087 * given <code>Feature</code>).
088 *
089 * @param object
090 * @param type
091 * @param situation
092 * @throws GeneralSecurityException
093 */
094 public boolean applies( SecurableObject object, RightType type, Feature situation )
095 throws GeneralSecurityException {
096 boolean applies = false;
097 Map rightMap = secObjects.get( object );
098 if ( rightMap != null ) {
099 Right right = (Right) rightMap.get( type );
100 if ( right != null ) {
101 applies = right.applies( object, situation );
102 }
103 }
104 return applies;
105 }
106
107 /**
108 * Checks if the <code>RightSet</code> contains the (unrestricted) permissions for a
109 * <code>SecurableObject</code> and a certain type of right.
110 *
111 * @param object
112 * @param type
113 * @throws GeneralSecurityException
114 */
115 public boolean applies( SecurableObject object, RightType type ) {
116 boolean applies = false;
117 Map rightMap = secObjects.get( object );
118 if ( rightMap != null ) {
119 Right right = (Right) rightMap.get( type );
120 if ( right != null ) {
121 applies = right.applies( object );
122 }
123
124 }
125 return applies;
126 }
127
128 /**
129 * Returns the <code>Right</code> of the specified <code>RightType</code> that this
130 * <code>RightSet</code> defines on the specified <code>SecurableObject</code>.
131 */
132 public Right getRight( SecurableObject secObject, RightType type ) {
133 Right right = null;
134 if ( secObjects.get( secObject ) != null ) {
135 right = (Right) ( (Map) secObjects.get( secObject ) ).get( type );
136 }
137 return right;
138 }
139
140 /**
141 * Returns the encapulated <code>Rights</code> (for one <code>SecurableObject</code>) as an
142 * one-dimensional array.
143 */
144 public Right[] toArray( SecurableObject secObject ) {
145 Right[] rights = new Right[0];
146 Map<RightType, Right> rightMap = secObjects.get( secObject );
147 if ( rightMap != null ) {
148 rights = rightMap.values().toArray( new Right[rightMap.size()] );
149 }
150 return rights;
151 }
152
153 /**
154 * Returns the encapulated <code>Rights</code> as a two-dimensional array:
155 * <ul>
156 * <li>first index: runs the different <code>SecurableObjects</code>
157 * <li>second index: runs the different <code>Rights</code>
158 * </ul>
159 */
160 public Right[][] toArray2() {
161 ArrayList<Right[]> secObjectList = new ArrayList<Right[]>();
162 Iterator<Map<RightType, Right>> it = secObjects.values().iterator();
163 while ( it.hasNext() ) {
164 Map<RightType, Right> rightMap = it.next();
165 Right[] rights = rightMap.values().toArray( new Right[rightMap.size()] );
166 secObjectList.add( rights );
167 }
168 return secObjectList.toArray( new Right[secObjectList.size()][] );
169 }
170
171 /**
172 * Produces the logical disjunction of two <code>RightSets</code>.
173 *
174 * @param that
175 * @return
176 */
177 public RightSet merge( RightSet that ) {
178
179 ArrayList<Right> mergedRights = new ArrayList<Right>( 20 );
180 Iterator secObjectsIt = this.secObjects.keySet().iterator();
181
182 // add all rights from 'this' (and merge them with corresponding right
183 // from 'that')
184 while ( secObjectsIt.hasNext() ) {
185 SecurableObject secObject = (SecurableObject) secObjectsIt.next();
186 Map thisRightMap = this.secObjects.get( secObject );
187 Map thatRightMap = that.secObjects.get( secObject );
188 Iterator rightIt = ( thisRightMap ).keySet().iterator();
189 while ( rightIt.hasNext() ) {
190 RightType type = (RightType) rightIt.next();
191 Right mergedRight = (Right) thisRightMap.get( type );
192
193 // find corresponding Right (if any) in the other RightSet
194 if ( thatRightMap != null && thatRightMap.get( type ) != null ) {
195 try {
196 mergedRight = mergedRight.merge( (Right) thatRightMap.get( type ) );
197 } catch ( GeneralSecurityException e ) {
198 e.printStackTrace();
199 }
200 }
201 mergedRights.add( mergedRight );
202 }
203 }
204
205 // add role rights from 'that'
206 secObjectsIt = that.secObjects.keySet().iterator();
207 while ( secObjectsIt.hasNext() ) {
208 SecurableObject secObject = (SecurableObject) secObjectsIt.next();
209 Map<RightType, Right> thisRightMap = this.secObjects.get( secObject );
210 Map<RightType, Right> thatRightMap = that.secObjects.get( secObject );
211
212 Iterator it = thatRightMap.keySet().iterator();
213 while ( it.hasNext() ) {
214 Object o = it.next();
215 RightType type = (RightType) o;
216 // find corresponding Right (if none, add)
217 if ( thisRightMap == null || thisRightMap.get( type ) == null ) {
218 mergedRights.add( thatRightMap.get( type ) );
219 }
220 }
221 }
222 return new RightSet( mergedRights.toArray( new Right[mergedRights.size()] ) );
223 }
224
225 public String toString() {
226 StringBuffer sb = new StringBuffer( "RightSet:" );
227 Iterator it = secObjects.keySet().iterator();
228 while ( it.hasNext() ) {
229 SecurableObject secObject = (SecurableObject) it.next();
230 sb.append( "on SecurableObject " ).append( secObject ).append( "\n" );
231 Map rightMap = secObjects.get( secObject );
232 Iterator rights = rightMap.keySet().iterator();
233 while ( rights.hasNext() ) {
234 RightType rightType = (RightType) rights.next();
235 sb.append( "- Right " ).append( rightMap.get( rightType ) ).append( "\n" );
236 }
237 }
238 return sb.toString();
239 }
240
241 }