All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.opencms.security.CmsPermissionSet Maven / Gradle / Ivy

Go to download

OpenCms is an enterprise-ready, easy to use website content management system based on Java and XML technology. Offering a complete set of features, OpenCms helps content managers worldwide to create and maintain beautiful websites fast and efficiently.

The newest version!
/*
 * This library is part of OpenCms -
 * the Open Source Content Management System
 *
 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * For further information about Alkacon Software GmbH & Co. KG, please see the
 * company website: http://www.alkacon.com
 *
 * For further information about OpenCms, please see the
 * project website: http://www.opencms.org
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package org.opencms.security;

import java.io.Serializable;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;

/**
 * An immutable permission set that contains both allowed and denied permissions as bitsets.

* * Currently supported permissions are:

    *
  • {@link CmsPermissionSet#PERMISSION_READ} (r) the right to read the contents of a resource
  • *
  • {@link CmsPermissionSet#PERMISSION_WRITE} (w) the right to write the contents of a resource
  • *
  • {@link CmsPermissionSet#PERMISSION_VIEW} (v) the right to see a resource in listings (workplace)
  • *
  • {@link CmsPermissionSet#PERMISSION_CONTROL} (c) the right to set permissions of a resource
  • *
  • {@link CmsPermissionSet#PERMISSION_DIRECT_PUBLISH} (d) the right direct publish a resource even without publish project permissions

* * @since 6.0.0 */ public class CmsPermissionSet implements Serializable { /** Permission set to check control access. */ public static final CmsPermissionSet ACCESS_CONTROL = new CmsPermissionSet(CmsPermissionSet.PERMISSION_CONTROL); /** Permission set to check direct publish permissions. */ public static final CmsPermissionSet ACCESS_DIRECT_PUBLISH = new CmsPermissionSet( CmsPermissionSet.PERMISSION_DIRECT_PUBLISH); /** Permission set to check read access. */ public static final CmsPermissionSet ACCESS_READ = new CmsPermissionSet(CmsPermissionSet.PERMISSION_READ); /** Permission set to check view access. */ public static final CmsPermissionSet ACCESS_VIEW = new CmsPermissionSet(CmsPermissionSet.PERMISSION_VIEW); /** Permission set to check write access. */ public static final CmsPermissionSet ACCESS_WRITE = new CmsPermissionSet(CmsPermissionSet.PERMISSION_WRITE); /** The permission to control a resource. */ public static final int PERMISSION_CONTROL = 8; /** The permission to direct publish a resource. */ public static final int PERMISSION_DIRECT_PUBLISH = 16; /** No permissions for a resource (used especially for denied permissions). */ public static final int PERMISSION_EMPTY = 0; /** All allowed permissions for a resource. */ public static final int PERMISSION_FULL = CmsPermissionSet.PERMISSION_READ + CmsPermissionSet.PERMISSION_WRITE + CmsPermissionSet.PERMISSION_VIEW + CmsPermissionSet.PERMISSION_CONTROL + CmsPermissionSet.PERMISSION_DIRECT_PUBLISH; /** The permission to read a resource. */ public static final int PERMISSION_READ = 1; /** The permission to view a resource. */ public static final int PERMISSION_VIEW = 4; /** The permission to write a resource. */ public static final int PERMISSION_WRITE = 2; /** HashMap of all available permissions. */ private static Map m_permissions; /** The serial version id. */ private static final long serialVersionUID = -8374511370934922020L; /** The set of allowed permissions. */ protected int m_allowed; /** The set of denied permissions. */ protected int m_denied; /** * Constructor to create a permission set with preset allowed and denied permissions.

* * @param allowedPermissions the set of permissions to allow * @param deniedPermissions the set of permissions to deny */ public CmsPermissionSet(int allowedPermissions, int deniedPermissions) { m_allowed = allowedPermissions; m_denied = deniedPermissions; } /** * Constructor to create an empty permission set.

*/ protected CmsPermissionSet() { // noop } /** * Constructor to create a permission set with preset allowed permissions.

* * @param allowedPermissions bitset of allowed permissions */ protected CmsPermissionSet(int allowedPermissions) { m_allowed = allowedPermissions; m_denied = 0; } /** * Returns the message keys of each permission known in the system.

* * @return Enumeration of message keys */ public static Set getPermissionKeys() { return permissions().keySet(); } /** * Returns the value of a single permission.

* * @param key the key of the permission * @return the value of the given permission */ public static int getPermissionValue(String key) { return (permissions().get(key)).intValue(); } /** * Initializes and returns the linked hash map of all permissions known in the system.

* * @return a linked hash map with permission keys and values */ private static Map permissions() { if (m_permissions == null) { LinkedHashMap permissions = new LinkedHashMap(); permissions.put("GUI_PERMISSION_TYPE_READ_0", Integer.valueOf(CmsPermissionSet.PERMISSION_READ)); permissions.put("GUI_PERMISSION_TYPE_WRITE_0", Integer.valueOf(CmsPermissionSet.PERMISSION_WRITE)); permissions.put("GUI_PERMISSION_TYPE_VIEW_0", Integer.valueOf(CmsPermissionSet.PERMISSION_VIEW)); permissions.put("GUI_PERMISSION_TYPE_CONTROL_0", Integer.valueOf(CmsPermissionSet.PERMISSION_CONTROL)); permissions.put( "GUI_PERMISSION_TYPE_DIRECT_PUBLISH_0", Integer.valueOf(CmsPermissionSet.PERMISSION_DIRECT_PUBLISH)); m_permissions = Collections.unmodifiableMap(permissions); } return m_permissions; } /** * @see java.lang.Object#equals(java.lang.Object) */ @Override public boolean equals(Object obj) { if (obj == this) { return true; } if (obj instanceof CmsPermissionSet) { CmsPermissionSet other = (CmsPermissionSet)obj; return (other.m_allowed == m_allowed) && (other.m_denied == m_denied); } return false; } /** * Returns the currently allowed permissions of ths permission set.

* * @return the allowed permissions as bitset */ public int getAllowedPermissions() { return m_allowed; } /** * Returns the currently denied permissions of this permission set.

* * @return the denied permissions as bitset. */ public int getDeniedPermissions() { return m_denied; } /** * Returns the permissions calculated from this permission set.

* These are all permissions allowed but not denied. * * @return the resulting permission set */ public int getPermissions() { return m_allowed & ~m_denied; } /** * Returns the string representation of the current permissions in this permission set.

* * @return string of the format {{+|-}{r|w|v|c|d}}* */ public String getPermissionString() { StringBuffer p = new StringBuffer(""); if ((m_denied & CmsPermissionSet.PERMISSION_READ) > 0) { p.append("-r"); } else if (requiresReadPermission()) { p.append("+r"); } if ((m_denied & CmsPermissionSet.PERMISSION_WRITE) > 0) { p.append("-w"); } else if (requiresWritePermission()) { p.append("+w"); } if ((m_denied & CmsPermissionSet.PERMISSION_VIEW) > 0) { p.append("-v"); } else if (requiresViewPermission()) { p.append("+v"); } if ((m_denied & CmsPermissionSet.PERMISSION_CONTROL) > 0) { p.append("-c"); } else if (requiresControlPermission()) { p.append("+c"); } if ((m_denied & CmsPermissionSet.PERMISSION_DIRECT_PUBLISH) > 0) { p.append("-d"); } else if (requiresDirectPublishPermission()) { p.append("+d"); } return p.toString(); } /** * @see java.lang.Object#hashCode() */ @Override public int hashCode() { return m_allowed * m_denied; } /** * Returns true if control permissions (+c) are required by this permission set.

* * @return true if control permissions (+c) are required by this permission set */ public boolean requiresControlPermission() { return 0 < (m_allowed & CmsPermissionSet.PERMISSION_CONTROL); } /** * Returns true if direct publish permissions (+d) are required by this permission set.

* * @return true if direct publish permissions (+d) are required by this permission set */ public boolean requiresDirectPublishPermission() { return 0 < (m_allowed & CmsPermissionSet.PERMISSION_DIRECT_PUBLISH); } /** * Returns true if read permissions (+r) are required by this permission set.

* * @return true if read permissions (+r) are required by this permission set */ public boolean requiresReadPermission() { return 0 < (m_allowed & CmsPermissionSet.PERMISSION_READ); } /** * Returns true if view permissions (+v) are required by this permission set.

* * @return true if view permissions (+v) are required by this permission set */ public boolean requiresViewPermission() { return 0 < (m_allowed & CmsPermissionSet.PERMISSION_VIEW); } /** * Returns true if write permissions (+w) are required by this permission set.

* * @return true if write permissions (+w) are required by this permission set */ public boolean requiresWritePermission() { return 0 < (m_allowed & CmsPermissionSet.PERMISSION_WRITE); } /** * Returns the String representation of this permission set object.

* * @see java.lang.Object#toString() */ @Override public String toString() { return "[PermissionSet:] " + getPermissionString(); } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy