001/* 002 * This library is part of OpenCms - 003 * the Open Source Content Management System 004 * 005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com) 006 * 007 * This library is free software; you can redistribute it and/or 008 * modify it under the terms of the GNU Lesser General Public 009 * License as published by the Free Software Foundation; either 010 * version 2.1 of the License, or (at your option) any later version. 011 * 012 * This library is distributed in the hope that it will be useful, 013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 015 * Lesser General Public License for more details. 016 * 017 * For further information about Alkacon Software GmbH & Co. KG, please see the 018 * company website: http://www.alkacon.com 019 * 020 * For further information about OpenCms, please see the 021 * project website: http://www.opencms.org 022 * 023 * You should have received a copy of the GNU Lesser General Public 024 * License along with this library; if not, write to the Free Software 025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 026 */ 027 028package org.opencms.security; 029 030import java.util.StringTokenizer; 031 032/** 033 * A custom permission set that can be modified during runtime and contains both allowed and denied permissions as bitsets.<p> 034 * 035 * @since 6.0.0 036 */ 037public class CmsPermissionSetCustom extends CmsPermissionSet { 038 039 /** The serial version id. */ 040 private static final long serialVersionUID = -8537313517987611085L; 041 042 /** True if the permissions should be cacheable. */ 043 private boolean m_cacheable = true; 044 045 /** 046 * Constructor to create an empty permission set.<p> 047 */ 048 public CmsPermissionSetCustom() { 049 050 super(); 051 } 052 053 /** 054 * Constructor to create a permission set with preset allowed and denied permissions from another permission set.<p> 055 * 056 * The permissions are read from a string representation of permissions 057 * in the format <code>{{+|-}{r|w|v|c|d}}*</code>.<p> 058 * 059 * @param permissions the set of allowed and denied permissions 060 */ 061 public CmsPermissionSetCustom(CmsPermissionSet permissions) { 062 063 m_allowed = permissions.m_allowed; 064 m_denied = permissions.m_denied; 065 } 066 067 /** 068 * Constructor to create a permission set with preset allowed permissions.<p> 069 * 070 * @param allowedPermissions bitset of allowed permissions 071 */ 072 public CmsPermissionSetCustom(int allowedPermissions) { 073 074 super(allowedPermissions); 075 076 } 077 078 /** 079 * Constructor to create a permission set with preset allowed and denied permissions.<p> 080 * 081 * @param allowedPermissions the set of permissions to allow 082 * @param deniedPermissions the set of permissions to deny 083 */ 084 public CmsPermissionSetCustom(int allowedPermissions, int deniedPermissions) { 085 086 super(allowedPermissions, deniedPermissions); 087 } 088 089 /** 090 * Constructor to create a permission set with preset allowed and denied permissions from a String.<p> 091 * 092 * The permissions are read from a string representation of permissions 093 * in the format <code>{{+|-}{r|w|v|c|d}}*</code>.<p> 094 * 095 * @param permissionString the string representation of allowed and denied permissions 096 */ 097 public CmsPermissionSetCustom(String permissionString) { 098 099 StringTokenizer tok = new StringTokenizer(permissionString, "+-", true); 100 m_allowed = 0; 101 m_denied = 0; 102 103 while (tok.hasMoreElements()) { 104 String prefix = tok.nextToken(); 105 String suffix = tok.nextToken(); 106 switch (suffix.charAt(0)) { 107 case 'R': 108 case 'r': 109 if (prefix.charAt(0) == '+') { 110 m_allowed |= CmsPermissionSet.PERMISSION_READ; 111 } 112 if (prefix.charAt(0) == '-') { 113 m_denied |= CmsPermissionSet.PERMISSION_READ; 114 } 115 break; 116 case 'W': 117 case 'w': 118 if (prefix.charAt(0) == '+') { 119 m_allowed |= CmsPermissionSet.PERMISSION_WRITE; 120 } 121 if (prefix.charAt(0) == '-') { 122 m_denied |= CmsPermissionSet.PERMISSION_WRITE; 123 } 124 break; 125 case 'V': 126 case 'v': 127 if (prefix.charAt(0) == '+') { 128 m_allowed |= CmsPermissionSet.PERMISSION_VIEW; 129 } 130 if (prefix.charAt(0) == '-') { 131 m_denied |= CmsPermissionSet.PERMISSION_VIEW; 132 } 133 break; 134 case 'C': 135 case 'c': 136 if (prefix.charAt(0) == '+') { 137 m_allowed |= CmsPermissionSet.PERMISSION_CONTROL; 138 } 139 if (prefix.charAt(0) == '-') { 140 m_denied |= CmsPermissionSet.PERMISSION_CONTROL; 141 } 142 break; 143 case 'D': 144 case 'd': 145 if (prefix.charAt(0) == '+') { 146 m_allowed |= CmsPermissionSet.PERMISSION_DIRECT_PUBLISH; 147 } 148 if (prefix.charAt(0) == '-') { 149 m_denied |= CmsPermissionSet.PERMISSION_DIRECT_PUBLISH; 150 } 151 break; 152 default: 153 // ignore 154 break; 155 } 156 } 157 } 158 159 /** 160 * Sets permissions from another permission set additionally both as allowed and denied permissions.<p> 161 * 162 * @param permissionSet the set of permissions to set additionally. 163 */ 164 public void addPermissions(CmsPermissionSet permissionSet) { 165 166 m_allowed |= permissionSet.m_allowed; 167 m_denied |= permissionSet.m_denied; 168 } 169 170 /** 171 * Returns a clone of this Objects instance.<p> 172 * 173 * @return a clone of this instance 174 */ 175 @Override 176 public Object clone() { 177 178 return new CmsPermissionSetCustom(m_allowed, m_denied); 179 } 180 181 /** 182 * Sets permissions additionally as denied permissions.<p> 183 * 184 * @param permissions bitset of permissions to deny 185 */ 186 public void denyPermissions(int permissions) { 187 188 m_denied |= permissions; 189 } 190 191 /** 192 * Sets permissions additionally as allowed permissions.<p> 193 * 194 * @param permissions bitset of permissions to allow 195 */ 196 public void grantPermissions(int permissions) { 197 198 m_allowed |= permissions; 199 } 200 201 /** 202 * Returns true if the permissions should be cacheable. 203 * 204 * @return true if the permissions should be cacheable 205 */ 206 public boolean isCacheable() { 207 208 return m_cacheable; 209 } 210 211 /** 212 * Sets the 'cacheable' field. 213 * 214 * @param cacheable true if the permissions should be cacheable 215 */ 216 public void setCacheable(boolean cacheable) { 217 218 m_cacheable = cacheable; 219 } 220 221 /** 222 * Set permissions from another permission set both as allowed and denied permissions.<p> 223 * Permissions formerly set are overwritten. 224 * 225 * @param permissionSet the set of permissions 226 */ 227 public void setPermissions(CmsPermissionSet permissionSet) { 228 229 m_allowed = permissionSet.m_allowed; 230 m_denied = permissionSet.m_denied; 231 } 232 233 /** 234 * Sets permissions as allowed and denied permissions in the permission set.<p> 235 * Permissions formerly set are overwritten. 236 * 237 * @param allowedPermissions bitset of permissions to allow 238 * @param deniedPermissions bitset of permissions to deny 239 */ 240 public void setPermissions(int allowedPermissions, int deniedPermissions) { 241 242 m_allowed = allowedPermissions; 243 m_denied = deniedPermissions; 244 } 245 246}