| /** |
| * |
| * Copyright (c) 2011, 2016 - Loetz GmbH&Co.KG (69115 Heidelberg, Germany) |
| * |
| * All rights reserved. This program and the accompanying materials |
| * are made available under the terms of the Eclipse Public License v1.0 |
| * which accompanies this distribution, and is available at |
| * http://www.eclipse.org/legal/epl-v10.html |
| * |
| * Contributors: |
| * Christophe Loetz (Loetz GmbH&Co.KG) - initial implementation |
| */ |
| package org.eclipse.osbp.ui.api.useraccess; |
| |
| import java.util.HashMap; |
| import java.util.HashSet; |
| import java.util.Set; |
| |
| // TODO: Auto-generated Javadoc |
| /** |
| * The Class AAuthorization. |
| */ |
| public abstract class AbstractAuthorization { |
| |
| /** The authorization groups. */ |
| private final HashMap<String, AbstractRoleAuthorizationGroup> fAuthorizationGroups; |
| |
| /** |
| * Instantiates a new a authorization. |
| * |
| * @param authorizationGroups |
| * the authorization groups |
| */ |
| protected AbstractAuthorization(AbstractRoleAuthorizationGroup... authorizationGroups) { |
| fAuthorizationGroups = new HashMap<String, AbstractRoleAuthorizationGroup>(); |
| for (AbstractRoleAuthorizationGroup authorizationGroup : authorizationGroups) { |
| fAuthorizationGroups.put(authorizationGroup.getRoleName(), authorizationGroup); |
| } |
| } |
| |
| /** |
| * Gets the authorization group name. |
| * |
| * @return the authorization group name |
| */ |
| final public String getAuthorizationGroupName() { |
| return this.getClass().getSimpleName(); |
| } |
| |
| /** |
| * Adds the role authorization group. |
| * |
| * @param roleName |
| * the role name |
| * @param group |
| * the group |
| */ |
| final public void addRoleAuthorizationGroup(String roleName, AbstractRoleAuthorizationGroup group) { |
| fAuthorizationGroups.put(roleName, group); |
| } |
| |
| /** |
| * Gets the role authorization group. |
| * |
| * @param role |
| * the role |
| * @return the role authorization group |
| */ |
| final public AbstractRoleAuthorizationGroup getRoleAuthorizationGroup(String role) { |
| return fAuthorizationGroups.get(role); |
| } |
| |
| /** |
| * Gets the authorization groups. |
| * |
| * @return the authorization groups |
| */ |
| final public HashMap<String, AbstractRoleAuthorizationGroup> getAuthorizationGroups() { |
| return this.fAuthorizationGroups; |
| } |
| |
| /** |
| * The Class Permission. |
| */ |
| public static class Permission { |
| |
| /** The Constant ANY. */ |
| private final static String ANY = "*"; |
| |
| /** The Constant SEPARATOR. */ |
| private final static String SEPARATOR = ":"; |
| |
| /** The type. */ |
| private final Type fType; |
| |
| /** The group. */ |
| private final Group fGroup; |
| |
| /** The class. */ |
| private final String fClass; |
| |
| /** The attribute. */ |
| private final String fAttribute; |
| |
| /** The action. */ |
| private final Action fAction; |
| |
| /** |
| * For blip process start. |
| * |
| * @param blipProcess |
| * the blip process |
| * @param action |
| * the action |
| * @return the permission |
| */ |
| public static Permission forBlipProcess(String blipProcess, Action action) { |
| return new Permission(Group.blipProcess, blipProcess, action); |
| } |
| |
| /** |
| * For blip user task execute. |
| * |
| * @param blipUserTask |
| * the blip user task |
| * @param action |
| * the action |
| * @return the permission |
| */ |
| public static Permission forBlipUserTask(String blipUserTask, Action action) { |
| return new Permission(Group.blipUserTask, blipUserTask, action); |
| } |
| |
| /** |
| * For entity. |
| * |
| * @param entity |
| * the entity |
| * @param action |
| * the action |
| * @return the permission |
| */ |
| public static Permission forEntity(String entity, Action action) { |
| return new Permission(Group.entity, entity, action); |
| } |
| |
| /** |
| * For entity property. |
| * |
| * @param entity |
| * the entity |
| * @param property |
| * the property |
| * @param action |
| * the action |
| * @return the permission |
| */ |
| public static Permission forEntityProperty(String entity, String property, Action action) { |
| return new Permission(Group.entity, entity, property, action); |
| } |
| |
| /** |
| * For dto. |
| * |
| * @param dto |
| * the dto |
| * @param action |
| * the action |
| * @return the permission |
| */ |
| public static Permission forDto(String dto, Action action) { |
| return new Permission(Group.dto, dto, action); |
| } |
| |
| /** |
| * For dto property. |
| * |
| * @param dto |
| * the dto |
| * @param property |
| * the property |
| * @param action |
| * the action |
| * @return the permission |
| */ |
| public static Permission forDtoProperty(String dto, String property, Action action) { |
| return new Permission(Group.dto, dto, property, action); |
| } |
| |
| /** |
| * Instantiates a new permission. |
| * |
| * @param group |
| * the group |
| * @param clas |
| * the clas |
| * @param action |
| * the action |
| */ |
| public Permission(Group group, String clas, Action action) { |
| this(Type.GRANT, group, clas, null, action); |
| } |
| |
| /** |
| * Instantiates a new permission. |
| * |
| * @param group |
| * the group |
| * @param clas |
| * the clas |
| * @param attribute |
| * the attribute |
| * @param action |
| * the action |
| */ |
| public Permission(Group group, String clas, String attribute, Action action) { |
| this(Type.GRANT, group, clas, attribute, action); |
| } |
| |
| /** |
| * Instantiates a new permission. |
| * |
| * @param type |
| * the type |
| * @param group |
| * the group |
| * @param clas |
| * the clas |
| * @param attribute |
| * the attribute |
| * @param action |
| * the action |
| */ |
| public Permission(Type type, Group group, String clas, String attribute, Action action) { |
| fGroup = group; |
| fClass = clas; |
| fAttribute = attribute; |
| fAction = action; |
| fType = type; |
| } |
| |
| /* |
| * (non-Javadoc) |
| * |
| * @see java.lang.Object#toString() |
| */ |
| public String toString() { |
| return fGroup.toString() + SEPARATOR + fClass + SEPARATOR + fAttribute + SEPARATOR + fAction.toString(); |
| } |
| |
| /** |
| * Checks if is permitted. |
| * |
| * @return true, if is permitted |
| */ |
| public boolean isPermitted() { |
| return fType.isPermitted(); |
| } |
| |
| /** |
| * Checks for veto. |
| * |
| * @return true, if successful |
| */ |
| public boolean hasVeto() { |
| return !fType.isPermitted(); |
| } |
| |
| /** |
| * Checks if permission is for an attribute. Negative logic! |
| * |
| * @return true, if is attribute |
| */ |
| public boolean isAttribute() { |
| return fAttribute != null; |
| } |
| } |
| |
| /** |
| * The Enum Type. |
| */ |
| public static enum Type { |
| |
| /** The grant. */ |
| GRANT(true), |
| /** The deny. */ |
| DENY(false); |
| |
| /** The permitted. */ |
| private final boolean fPermitted; |
| |
| /** |
| * Instantiates a new type. |
| * |
| * @param permitted |
| * the permitted |
| */ |
| private Type(boolean permitted) { |
| fPermitted = permitted; |
| } |
| |
| /** |
| * Checks if is permitted. |
| * |
| * @return true, if is permitted |
| */ |
| public boolean isPermitted() { |
| return fPermitted; |
| } |
| } |
| |
| /** |
| * The Enum Group. |
| */ |
| public static enum Group { |
| |
| /** The blip process start. */ |
| blipProcess(Action.startable), |
| |
| /** The blip user task execute. */ |
| blipUserTask(Action.executable), |
| |
| /** The entity. */ |
| entity(Action.readable, Action.creatable, Action.updatable, Action.deletable), |
| |
| /** The bean. */ |
| bean(Action.readable, Action.creatable, Action.updatable, Action.deletable), |
| |
| /** The dto. */ |
| dto(Action.readable, Action.creatable, Action.updatable, Action.deletable); |
| |
| /** The default action. */ |
| private final Action fDefaultAction; |
| |
| /** The any actions. */ |
| private final Action[] fAnyActions; |
| |
| /** |
| * Instantiates a new group. |
| * |
| * @param defaultAction |
| * the default action |
| * @param anyActions |
| * the any actions |
| */ |
| private Group(Action defaultAction, Action... anyActions) { |
| fDefaultAction = defaultAction; |
| fAnyActions = anyActions; |
| } |
| |
| /** |
| * By name. |
| * |
| * @param value |
| * the value |
| * @return the group |
| */ |
| public static Group byName(String value) { |
| for (Group item : values()) { |
| if (value.equalsIgnoreCase(item.toString())) { |
| return item; |
| } |
| } |
| return null; |
| } |
| |
| /** |
| * Checks for default action. |
| * |
| * @return true, if successful |
| */ |
| public boolean hasDefaultAction() { |
| return (fDefaultAction != null); |
| } |
| |
| /** |
| * Gets the default action. |
| * |
| * @return the default action |
| */ |
| public Action getDefaultAction() { |
| return fDefaultAction; |
| } |
| |
| /** |
| * Gets the any actions. |
| * |
| * @return the any actions |
| */ |
| public Action[] getAnyActions() { |
| return fAnyActions; |
| } |
| } |
| |
| /** |
| * The Enum Action. |
| */ |
| public static enum Action { |
| |
| /** can a new entity instance be CREATED. */ |
| creatable, |
| |
| /** can an entity instance be READ. */ |
| readable, |
| |
| /** can an entity instance be UPDATED. */ |
| updatable, |
| |
| /** can an entity instance be DELETED. */ |
| deletable, |
| |
| /** can an entity instance be CREATED, READ, UPDATED and DELETED. */ |
| any, |
| /** is the entity.property INVISIBLE, otherwise at least visible */ |
| invisible, |
| /** is entity.property DISABLED, otherwise at least enabled */ |
| disabled(invisible), |
| /** is entity.property NONEDITABLE, otherwise at least editable */ |
| noneditable(disabled), |
| |
| /** is the blip process startable. */ |
| startable, |
| |
| /** is the blip user task event executable. */ |
| executable; |
| |
| /** The depends on action. */ |
| private final Action fDependsOnAction; |
| |
| /** The auto granted actions. */ |
| private Set<Action> fAutoGrantedActions; |
| |
| /** The auto denied actions. */ |
| private Set<Action> fAutoDeniedActions; |
| |
| /** |
| * Instantiates a new action. |
| */ |
| private Action() { |
| this(null); |
| } |
| |
| /** |
| * Instantiates a new action. |
| * |
| * @param dependsOnAction |
| * the depends on action |
| */ |
| private Action(Action dependsOnAction) { |
| fDependsOnAction = dependsOnAction; |
| } |
| |
| /** |
| * By name. |
| * |
| * @param value |
| * the value |
| * @return the action |
| */ |
| public static Action byName(String value) { |
| if (value != null) { |
| for (Action item : values()) { |
| if (value.equalsIgnoreCase(item.toString())) { |
| return item; |
| } |
| } |
| } |
| return null; |
| } |
| |
| /** |
| * Check auto granted actions. |
| */ |
| private void checkAutoGrantedActions() { |
| if (fAutoGrantedActions == null) { |
| fAutoGrantedActions = new HashSet<Action>(); |
| if (fDependsOnAction != null) { |
| fAutoGrantedActions.add(fDependsOnAction); |
| fAutoGrantedActions.addAll(fDependsOnAction.getAutoGrantedActions()); |
| } |
| } |
| } |
| |
| /** |
| * Check auto denied actions. |
| */ |
| private void checkAutoDeniedActions() { |
| if (fAutoDeniedActions == null) { |
| fAutoDeniedActions = new HashSet<Action>(); |
| for (Action checkAction : values()) { |
| if (this.equals(checkAction.fDependsOnAction)) { |
| fAutoDeniedActions.add(checkAction); |
| fAutoDeniedActions.addAll(checkAction.getAutoDeniedActions()); |
| } |
| } |
| } |
| } |
| |
| /** |
| * Checks for auto granted actions. |
| * |
| * @return true, if successful |
| */ |
| public boolean hasAutoGrantedActions() { |
| checkAutoGrantedActions(); |
| return !fAutoGrantedActions.isEmpty(); |
| } |
| |
| /** |
| * Gets the auto granted actions. |
| * |
| * @return the auto granted actions |
| */ |
| public Set<Action> getAutoGrantedActions() { |
| checkAutoGrantedActions(); |
| return fAutoGrantedActions; |
| } |
| |
| /** |
| * Checks for auto denied actions. |
| * |
| * @return true, if successful |
| */ |
| public boolean hasAutoDeniedActions() { |
| checkAutoDeniedActions(); |
| return !fAutoDeniedActions.isEmpty(); |
| } |
| |
| /** |
| * Gets the auto denied actions. |
| * |
| * @return the auto denied actions |
| */ |
| public Set<Action> getAutoDeniedActions() { |
| checkAutoDeniedActions(); |
| return fAutoDeniedActions; |
| } |
| } |
| |
| /** |
| * The Enum PermissionResult. |
| */ |
| public static enum PermissionResult { |
| |
| /** The explicit granted. */ |
| EXPLICIT_GRANTED(true, true), |
| |
| /** The explicit denied. */ |
| EXPLICIT_DENIED(true, false), |
| |
| /** The implicit denied. */ |
| IMPLICIT_DENIED(false, false); |
| |
| /** The permitted. */ |
| private final boolean fPermitted; |
| |
| /** The explicit. */ |
| private final boolean fExplicit; |
| |
| /** |
| * Instantiates a new permission result. |
| * |
| * @param explicit |
| * the explicit |
| * @param permitted |
| * the permitted |
| */ |
| private PermissionResult(boolean explicit, boolean permitted) { |
| fExplicit = explicit; |
| fPermitted = permitted; |
| } |
| |
| /** |
| * Checks if is explicit. |
| * |
| * @return true, if is explicit |
| */ |
| public boolean isExplicit() { |
| return fExplicit; |
| } |
| |
| /** |
| * Checks if is permitted. |
| * |
| * @return true, if is permitted |
| */ |
| public boolean isPermitted() { |
| return fPermitted; |
| } |
| } |
| } |
