001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software GmbH & Co. KG, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.security;
029
030import java.util.StringTokenizer;
031
032/**
033 * A custom permission set that can be modified during runtime and contains both allowed and denied permissions as bitsets.<p>
034 *
035 * @since 6.0.0
036 */
037public class CmsPermissionSetCustom extends CmsPermissionSet {
038
039    /** The serial version id. */
040    private static final long serialVersionUID = -8537313517987611085L;
041
042    /**
043     * Constructor to create an empty permission set.<p>
044     */
045    public CmsPermissionSetCustom() {
046
047        super();
048    }
049
050    /**
051     * Constructor to create a permission set with preset allowed and denied permissions from another permission set.<p>
052     *
053     * The permissions are read from a string representation of permissions
054     * in the format <code>{{+|-}{r|w|v|c|d}}*</code>.<p>
055     *
056     * @param permissions the set of allowed and denied permissions
057     */
058    public CmsPermissionSetCustom(CmsPermissionSet permissions) {
059
060        m_allowed = permissions.m_allowed;
061        m_denied = permissions.m_denied;
062    }
063
064    /**
065     * Constructor to create a permission set with preset allowed permissions.<p>
066     *
067     * @param allowedPermissions bitset of allowed permissions
068     */
069    public CmsPermissionSetCustom(int allowedPermissions) {
070
071        super(allowedPermissions);
072
073    }
074
075    /**
076     * Constructor to create a permission set with preset allowed and denied permissions.<p>
077     *
078     * @param allowedPermissions the set of permissions to allow
079     * @param deniedPermissions the set of permissions to deny
080     */
081    public CmsPermissionSetCustom(int allowedPermissions, int deniedPermissions) {
082
083        super(allowedPermissions, deniedPermissions);
084    }
085
086    /**
087     * Constructor to create a permission set with preset allowed and denied permissions from a String.<p>
088     *
089     * The permissions are read from a string representation of permissions
090     * in the format <code>{{+|-}{r|w|v|c|d}}*</code>.<p>
091     *
092     * @param permissionString the string representation of allowed and denied permissions
093     */
094    public CmsPermissionSetCustom(String permissionString) {
095
096        StringTokenizer tok = new StringTokenizer(permissionString, "+-", true);
097        m_allowed = 0;
098        m_denied = 0;
099
100        while (tok.hasMoreElements()) {
101            String prefix = tok.nextToken();
102            String suffix = tok.nextToken();
103            switch (suffix.charAt(0)) {
104                case 'R':
105                case 'r':
106                    if (prefix.charAt(0) == '+') {
107                        m_allowed |= CmsPermissionSet.PERMISSION_READ;
108                    }
109                    if (prefix.charAt(0) == '-') {
110                        m_denied |= CmsPermissionSet.PERMISSION_READ;
111                    }
112                    break;
113                case 'W':
114                case 'w':
115                    if (prefix.charAt(0) == '+') {
116                        m_allowed |= CmsPermissionSet.PERMISSION_WRITE;
117                    }
118                    if (prefix.charAt(0) == '-') {
119                        m_denied |= CmsPermissionSet.PERMISSION_WRITE;
120                    }
121                    break;
122                case 'V':
123                case 'v':
124                    if (prefix.charAt(0) == '+') {
125                        m_allowed |= CmsPermissionSet.PERMISSION_VIEW;
126                    }
127                    if (prefix.charAt(0) == '-') {
128                        m_denied |= CmsPermissionSet.PERMISSION_VIEW;
129                    }
130                    break;
131                case 'C':
132                case 'c':
133                    if (prefix.charAt(0) == '+') {
134                        m_allowed |= CmsPermissionSet.PERMISSION_CONTROL;
135                    }
136                    if (prefix.charAt(0) == '-') {
137                        m_denied |= CmsPermissionSet.PERMISSION_CONTROL;
138                    }
139                    break;
140                case 'D':
141                case 'd':
142                    if (prefix.charAt(0) == '+') {
143                        m_allowed |= CmsPermissionSet.PERMISSION_DIRECT_PUBLISH;
144                    }
145                    if (prefix.charAt(0) == '-') {
146                        m_denied |= CmsPermissionSet.PERMISSION_DIRECT_PUBLISH;
147                    }
148                    break;
149                default:
150                    // ignore
151                    break;
152            }
153        }
154    }
155
156    /**
157     * Sets permissions from another permission set additionally both as allowed and denied permissions.<p>
158     *
159     * @param permissionSet the set of permissions to set additionally.
160     */
161    public void addPermissions(CmsPermissionSet permissionSet) {
162
163        m_allowed |= permissionSet.m_allowed;
164        m_denied |= permissionSet.m_denied;
165    }
166
167    /**
168     * Returns a clone of this Objects instance.<p>
169     *
170     * @return a clone of this instance
171     */
172    @Override
173    public Object clone() {
174
175        return new CmsPermissionSetCustom(m_allowed, m_denied);
176    }
177
178    /**
179     * Sets permissions additionally as denied permissions.<p>
180     *
181     * @param permissions bitset of permissions to deny
182     */
183    public void denyPermissions(int permissions) {
184
185        m_denied |= permissions;
186    }
187
188    /**
189     * Sets permissions additionally as allowed permissions.<p>
190     *
191     * @param permissions bitset of permissions to allow
192     */
193    public void grantPermissions(int permissions) {
194
195        m_allowed |= permissions;
196    }
197
198    /**
199     * Set permissions from another permission set both as allowed and denied permissions.<p>
200     * Permissions formerly set are overwritten.
201     *
202     * @param permissionSet the set of permissions
203     */
204    public void setPermissions(CmsPermissionSet permissionSet) {
205
206        m_allowed = permissionSet.m_allowed;
207        m_denied = permissionSet.m_denied;
208    }
209
210    /**
211     * Sets permissions as allowed and denied permissions in the permission set.<p>
212     * Permissions formerly set are overwritten.
213     *
214     * @param allowedPermissions bitset of permissions to allow
215     * @param deniedPermissions  bitset of permissions to deny
216     */
217    public void setPermissions(int allowedPermissions, int deniedPermissions) {
218
219        m_allowed = allowedPermissions;
220        m_denied = deniedPermissions;
221    }
222
223}