| /******************************************************************************* |
| * Copyright (c) 2001, 2008 IBM Corporation and others. |
| * All rights reserved. This program and the accompanying materials |
| * are made available under the terms of the Eclipse Public License v1.0 |
| * which accompanies this distribution, and is available at |
| * http://www.eclipse.org/legal/epl-v10.html |
| * |
| * Contributors: |
| * IBM Corporation - initial API and implementation |
| *******************************************************************************/ |
| package org.eclipse.equinox.internal.useradmin; |
| |
| import java.util.Dictionary; |
| import java.util.Vector; |
| import org.osgi.service.useradmin.UserAdminEvent; |
| import org.osgi.service.useradmin.UserAdminPermission; |
| |
| /** |
| * A User managed by a {@link UserAdmin} service. |
| * <p> |
| * In this context, the term "user" is not limited to just |
| * human beings. |
| * Instead, it refers to any entity that may have any number of |
| * credentials associated with it that it may use to authenticate itself. |
| * <p> |
| * In general, User objects are associated with a specific {@link UserAdmin} |
| * service (namely the one that created them), and cannot be used with other |
| * UserAdmin services. |
| * <p> |
| * A User may have credentials (and properties, inherited from {@link Role}) |
| * associated with it. Specific {@link UserAdminPermission}s are required to |
| * read or change a User's credentials. |
| * <p> |
| * Credentials are Dictionary objects and have semantics that are similar |
| * to the properties in Role. |
| */ |
| |
| public class User extends Role implements org.osgi.service.useradmin.User { |
| |
| protected UserAdminHashtable credentials; |
| |
| protected User(String name, UserAdmin useradmin) { |
| super(name, useradmin); |
| this.useradmin = useradmin; |
| credentials = new UserAdminHashtable(this, useradmin, UserAdminHashtable.CREDENTIALS); |
| } |
| |
| /** |
| * Returns a Dictionary of the credentials of this User. Any changes |
| * to the returned Dictionary will change the credentials of this User. |
| * This will cause a UserAdminEvent of type |
| * {@link UserAdminEvent#ROLE_CHANGED} to be broadcast to any |
| * UserAdminListeners. |
| * <p> |
| * Only objects of type String may be used as credential keys, and only |
| * objects of type <code>String</code> or of type <code>byte[]</code> |
| * may be used as credential values. Any other types will cause an exception |
| * of type <code>IllegalArgumentException</code> to be raised. |
| * <p> |
| * In order to retrieve a credential from the returned Dictionary, |
| * a {@link UserAdminPermission} named after the credential name (or |
| * a prefix of it) with action <code>getCredential</code> is required. |
| * <p> |
| * In order to add or remove a credential from the returned Dictionary, |
| * a {@link UserAdminPermission} named after the credential name (or |
| * a prefix of it) with action <code>changeCredential</code> is required. |
| * |
| * @return Dictionary containing the credentials of this User. |
| */ |
| |
| public Dictionary getCredentials() { |
| useradmin.checkAlive(); |
| return (credentials); |
| } |
| |
| /** |
| * Checks to see if this User has a credential with the specified key |
| * set to the specified value. |
| * <p> |
| * If the specified credential value is not of type <tt>String</tt> or |
| * <tt>byte[]</tt>, it is ignored, that is, <tt>false</tt> is returned |
| * (as opposed to an <tt>IllegalArgumentException</tt> being raised). |
| * |
| * @param key The credential key. |
| * @param value The credential value. |
| * |
| * @return <code>true</code> if this user has the specified credential; |
| * <code>false</code> otherwise. |
| * |
| * @throws SecurityException If a security manager exists and the caller |
| * does not have the <tt>UserAdminPermission</tt> named after the credential |
| * key (or a prefix of it) with action <code>getCredential</code>. |
| */ |
| public boolean hasCredential(String key, Object value) { |
| useradmin.checkAlive(); |
| Object checkValue = credentials.get(key); |
| if (checkValue != null) { |
| if (value instanceof String) { |
| if (checkValue.equals(value)) { |
| return (true); |
| } |
| } else if (value instanceof byte[]) { |
| if (!(checkValue instanceof byte[])) |
| return (false); |
| byte[] valueArray = (byte[]) value; |
| byte[] checkValueArray = (byte[]) checkValue; |
| int length = valueArray.length; |
| if (length != checkValueArray.length) { |
| return (false); |
| } |
| for (int i = 0; i < length; i++) { |
| if (valueArray[i] != checkValueArray[i]) { |
| return (false); |
| } |
| } |
| return (true); |
| } |
| } |
| return (false); //if checkValue is null |
| } |
| |
| /** |
| * Returns the type of this role. |
| * |
| * @return The role's type. |
| */ |
| public int getType() { |
| useradmin.checkAlive(); |
| return org.osgi.service.useradmin.Role.USER; |
| } |
| |
| //A user always implies itself |
| protected boolean isImpliedBy(Role role, Vector checkLoop) { |
| if (checkLoop.contains(name)) { |
| //we have a circular dependency |
| return (false); |
| } |
| checkLoop.addElement(name); |
| return ((role.getName()).equals(name)); |
| } |
| |
| } |