001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 * Portions Copyright 2013-2015 ForgeRock AS. 016 */ 017package org.opends.server.authorization.dseecompat; 018 019import static org.opends.server.authorization.dseecompat.Aci.*; 020 021import java.util.EnumSet; 022import java.util.Set; 023 024/** 025 * This class provides an enumeration of the allowed rights. 026 */ 027public enum EnumRight { 028 029 /** 030 * This enumeration is returned when the result of the right is "read". 031 * 032 * @see Aci#ACI_READ 033 */ 034 READ ("read"), 035 /** 036 * This enumeration is returned when the result of the right is "write". 037 * 038 * @see Aci#ACI_WRITE 039 */ 040 WRITE ("write"), 041 /** 042 * This enumeration is returned when the result of the right is "add". 043 * 044 * @see Aci#ACI_ADD 045 */ 046 ADD ("add"), 047 /** 048 * This enumeration is returned when the result of the right is "delete". 049 * 050 * @see Aci#ACI_DELETE 051 */ 052 DELETE ("delete"), 053 /** 054 * This enumeration is returned when the result of the right is "search". 055 * 056 * @see Aci#ACI_SEARCH 057 */ 058 SEARCH ("search"), 059 /** 060 * This enumeration is returned when the result of the right is "compare". 061 * 062 * @see Aci#ACI_COMPARE 063 */ 064 COMPARE ("compare"), 065 /** 066 * This enumeration is returned when the result of the right is 067 * "selfwrite". 068 * 069 * @see Aci#ACI_SELF 070 */ 071 SELFWRITE ("selfwrite"), 072 /** 073 * This enumeration is returned when the result of the right is "proxy". 074 * 075 * @see Aci#ACI_PROXY 076 */ 077 PROXY ("proxy"), 078 /** 079 * This enumeration is returned when the result of the right is "import". 080 * 081 * @see Aci#ACI_IMPORT 082 */ 083 IMPORT ("import"), 084 /** 085 * This enumeration is returned when the result of the right is "export". 086 * 087 * @see Aci#ACI_EXPORT 088 */ 089 EXPORT ("export"), 090 /** 091 * This enumeration is returned when the result of the right is "all". 092 * 093 * @see Aci#ACI_ALL 094 */ 095 ALL ("all"); 096 097 /** 098 * The name of the right. 099 */ 100 private final String right; 101 102 /** 103 * Creates an enumeration of the right name. 104 * @param right The name of the right. 105 */ 106 EnumRight (String right) { 107 this.right = right ; 108 } 109 110 /** 111 * Returns the string representation of the right. 112 * 113 * @return the string representation of the right 114 */ 115 public String getRight() { 116 return right; 117 } 118 119 /** 120 * Checks if the enumeration is equal to the right name. 121 * @param right The name of the right to check. 122 * @return True if the right is equal to the enumeration's. 123 */ 124 public boolean isRight(String right){ 125 return right.equalsIgnoreCase(this.right); 126 } 127 128 /** 129 * Creates an enumeration of the right name. 130 * @param right The name of the right. 131 * @return An enumeration of the right or null if the name is invalid. 132 */ 133 public static EnumRight decode(String right){ 134 if (right != null){ 135 for (EnumRight t : EnumRight.values()){ 136 if (t.isRight(right)){ 137 return t; 138 } 139 } 140 } 141 return null; 142 } 143 144 /** 145 * Returns bit mask associated with the specified right. 146 * @param right The right enumeration to return the mask for. 147 * @return The bit mask associated with the right. 148 */ 149 public static int getMask(EnumRight right) { 150 int mask=ACI_NULL; 151 switch(right) { 152 case READ: 153 mask=ACI_READ; 154 break; 155 case WRITE: 156 mask=ACI_WRITE; 157 break; 158 case ADD: 159 mask=ACI_ADD; 160 break; 161 case DELETE: 162 mask=ACI_DELETE; 163 break; 164 case SEARCH: 165 mask=ACI_SEARCH; 166 break; 167 case COMPARE: 168 mask=ACI_COMPARE; 169 break; 170 case ALL: 171 mask=ACI_ALL; 172 break; 173 case EXPORT: 174 mask=ACI_EXPORT; 175 break; 176 case IMPORT: 177 mask=ACI_IMPORT; 178 break; 179 case PROXY: 180 mask=ACI_PROXY; 181 break; 182 case SELFWRITE: 183 mask=ACI_SELF; 184 break; 185 } 186 return mask; 187 } 188 189 /** 190 * Return the EnumRight corresponding to the provided rightsMask. 191 * 192 * @param rightsMask 193 * the rights mask for which to return the corresponding EnumRight 194 * @return EnumRight corresponding to the provided rightsMask. 195 */ 196 public static Set<EnumRight> getEnumRight(int rightsMask) { 197 final EnumSet<EnumRight> results = EnumSet.noneOf(EnumRight.class); 198 // Next 3 rights are not included in ALL for historical reasons. 199 // ALL already existed when they got added. For compatibility reasons 200 // with existing deployments, they were not included in ALL. 201 if (hasRights(rightsMask, ACI_EXPORT)) 202 { 203 results.add(EXPORT); 204 } 205 if (hasRights(rightsMask, ACI_IMPORT)) 206 { 207 results.add(IMPORT); 208 } 209 if (hasRights(rightsMask, ACI_PROXY)) 210 { 211 results.add(PROXY); 212 } 213 214 if (hasRights(rightsMask, ACI_ALL)) { 215 results.add(ALL); 216 return results; 217 } 218 // the remaining rights are already included in ALL 219 if (hasRights(rightsMask, ACI_READ)) 220 { 221 results.add(READ); 222 } 223 if (hasRights(rightsMask, ACI_WRITE)) 224 { 225 results.add(WRITE); 226 } 227 if (hasRights(rightsMask, ACI_ADD)) 228 { 229 results.add(ADD); 230 } 231 if (hasRights(rightsMask, ACI_DELETE)) 232 { 233 results.add(DELETE); 234 } 235 if (hasRights(rightsMask, ACI_SEARCH)) 236 { 237 results.add(SEARCH); 238 } 239 if (hasRights(rightsMask, ACI_COMPARE)) 240 { 241 results.add(COMPARE); 242 } 243 if (hasRights(rightsMask, ACI_SELF)) 244 { 245 results.add(SELFWRITE); 246 } 247 return results; 248 } 249 250 /** 251 * Checks if the provided rights mask has the specified rights. 252 * 253 * @param rightsMask 254 * The rights mask to look into. 255 * @param rights 256 * The rights to check for. 257 * @return true if the rights mask has the specified rights, false 258 * otherwise. 259 */ 260 public static boolean hasRights(int rightsMask, int rights) { 261 return (rightsMask & rights) == rights; 262 } 263}