Context Navigation

source: java/net/deterlab/abac/Role.java @ 3b38c41

abac0-leakabac0-meicompt_changesgec13mei-idmei-rt0-nmei_rt0mei_rt2mei_rt2_fix_1meiyap-rt1meiyap1rt2tvf-new-xml

Last change on this file since 3b38c41 was 3b38c41, checked in by Ted Faber <faber@…>, 13 years ago
Make prereqs visible and role_name work as specced.
Property mode set to `100644`
File size: 8.0 KB

Rev	Line
[31b67d5]	1	package net.deterlab.abac;
	2
[de63a31]	3	import java.util.*;
	4
[281158a]	5	import org.bouncycastle.asn1.*;
	6
[31b67d5]	7	/**
	8	* Represents a role, which is a vertex in a Credential graph.
[e36ea1d]	9	* @author <a href="http://abac.deterlab.net">ISI ABAC team</a>
	10	* @version 1.3
[31b67d5]	11	*/
[88e139a]	12	public class Role implements Comparable {
[e36ea1d]	13	/** The role represnetation */
[d69593c]	14	protected String m_string;
[e36ea1d]	15	/** The role broken into parts between dots */
[d69593c]	16	protected String[] m_parts;
[e36ea1d]	17	/** The linking role from a linking Role */
[d69593c]	18	protected String m_A_r1;
[e36ea1d]	19	/** The linked role from a linked Role */
[d69593c]	20	protected String m_r2;
[e36ea1d]	21	/** A prefix of the role */
[d69593c]	22	protected String m_prefix;
[e36ea1d]	23	/** Prerequisite roles for an intersection role. */
[d69593c]	24	protected Role[] m_prereqs;
[31b67d5]	25
	26	/**
[cac4c76]	27	* Create a role from a string. A single role must be of the format "A",
[31b67d5]	28	* "A.r1", or "A.r1.r2", where A is a principal and r1 and r2 are role
[cac4c76]	29	* names. This constructor also supports intersection roles: a sequence of
[bcf7370]	30	* two or more roles separated by "&". The whitespace surrounding &
	31	* is arbitrary.
[cac4c76]	32	*
	33	* If the string does not have this format, the constructor throws a
	34	* RuntimeException.
[e36ea1d]	35	*
	36	* @param s a String with the role name
	37	* @throws RuntimeException if the string is badly formatted
[31b67d5]	38	*/
[e36ea1d]	39	public Role(String s) {
[31b67d5]	40	m_string = s;
	41
[bcf7370]	42	// intersection roles have at least two roles separated by "&"
	43	String[] isect_roles = s.split("&");
[cac4c76]	44
	45	// ordinary role
	46	if (isect_roles.length == 1)
	47	single_role();
	48
	49	// intersection role: make a list of prereqs
	50	else {
	51	m_prereqs = new Role[isect_roles.length];
[53f5c27]	52
	53	// trim() handles arbitrary whitespace
[cac4c76]	54	for (int i = 0; i < isect_roles.length; ++i)
[53f5c27]	55	m_prereqs[i] = new Role(isect_roles[i].trim());
[cac4c76]	56
	57	// this make is_principal etc. work properly
	58	m_parts = new String[0];
	59	}
	60	}
	61
[e36ea1d]	62	/**
	63	* Create a role from the given string, converted from mnemonic strings to
	64	* key IDs that are known from the Context. This is a jabac extension.
	65	* @param s the String containing the rile name.
	66	* @param c the Context in which to expand mnemonics
	67	* @throws RuntimeException if the string is badly formatted.
	68	*/
[84f0e7a]	69	public Role(String s, Context c) {
	70	this(c.expandKeyID(s));
[de63a31]	71	}
	72
[e36ea1d]	73	/**
	74	* Copy an existing role.
	75	* @param r the Role to copy
	76	*/
[d69593c]	77	public Role(Role r) {
	78	m_string = r.m_string;
	79	m_A_r1 = r.m_A_r1;
	80	m_r2 = r.m_r2;
	81	m_prefix = r.m_prefix;
	82	m_parts = new String[r.m_parts.length];
	83	for (int i = 0; i < r.m_parts.length; i++)
	84	m_parts[i] = r.m_parts[i];
	85	m_prereqs = new Role[m_prereqs.length];
	86	for (int i = 0; i < r.m_prereqs.length; i++)
	87	m_prereqs[i] = new Role(r.m_prereqs[i]);
	88	}
	89
[cac4c76]	90	/**
[e36ea1d]	91	* Initialize a single non-intersection role. See constructor for details
	92	* of role format. Will throw RuntimeException if the role is invalid.
	93	* @throws RuntimeException if a role is invalid.
[cac4c76]	94	*/
[e36ea1d]	95	private void single_role() {
[cac4c76]	96	m_parts = m_string.split("\\.");
[31b67d5]	97	if (m_parts.length > 3)
	98	throw new RuntimeException("Not a valid role: " + m_string);
	99
	100	// linking role: prefix is A.r1 from A.r1.r2
	101	if (is_linking()) {
	102	m_A_r1 = m_parts[0] + "." + m_parts[1];
	103	m_r2 = m_parts[2];
	104	m_prefix = m_A_r1;
	105	}
	106
	107	// role: prefix is A from A.r1
	108	else if (is_role())
	109	m_prefix = m_parts[0];
	110
	111	// principal: prefix is the whole thing
	112	else
	113	m_prefix = m_string;
	114	}
	115
	116	/**
	117	* Returns true iff the role is a principal.
[a5cfe93]	118	* @return true iff the role is a principal.
[31b67d5]	119	*/
	120	public boolean is_principal() { return m_parts.length == 1; }
	121
	122	/**
	123	* Returns true iff the role is a role (i.e., A.r1).
[a5cfe93]	124	* @return true iff the role is a role (i.e., A.r1).
[31b67d5]	125	*/
	126	public boolean is_role() { return m_parts.length == 2; }
	127
	128	/**
	129	* Returns true iff the role is a linking role (i.e., A.r1.r2).
[a5cfe93]	130	* @return true iff the role is a linking role (i.e., A.r1.r2).
[31b67d5]	131	*/
	132	public boolean is_linking() { return m_parts.length == 3; }
	133
[cac4c76]	134	/**
	135	* Returns true iff the role represents an intersection role.
[a5cfe93]	136	* @return true iff the role represents an intersection role.
[cac4c76]	137	*/
	138	public boolean is_intersection() { return m_prereqs != null; }
	139
[31b67d5]	140	/**
	141	* Returns the first two elements of a linking role's name. This typically
	142	* refers to another role in the graph. This will throw a runtime
	143	* exception if the node is not a linking role.
[a5cfe93]	144	* @return the first two elements of a linking role's name.
[e36ea1d]	145	* @throws RuntimeException if the role is not linking
[31b67d5]	146	*/
[5129e3e]	147	String A_r1() throws RuntimeException {
[31b67d5]	148	if (!is_linking())
	149	throw new RuntimeException("Not a linking role");
	150	return m_A_r1;
	151	}
	152
	153	/**
	154	* Return the last element of a linking role's name. This will throw a
	155	* runtime exception if the node is not a linking role.
[e36ea1d]	156	* @return the last element of a linking role's name.
	157	* @throws RuntimeException if the node is not a linking role.
[31b67d5]	158	*/
[5129e3e]	159	String r2() throws RuntimeException {
[31b67d5]	160	if (!is_linking())
	161	throw new RuntimeException("Not a linking role");
	162	return m_r2;
	163	}
	164
	165	/**
	166	* Returns the principal part of a role or principal. This is everything
[e36ea1d]	167	* except the last element of the name. Used by Query.
[a5cfe93]	168	* @return the principal part of a role or principal.
[31b67d5]	169	*/
[e36ea1d]	170	String principal_part() {
[31b67d5]	171	return m_prefix;
	172	}
	173
[e36ea1d]	174	/**
	175	* Return the principal
	176	* @return the principal
	177	*/
[d69593c]	178	public String principal() { return m_parts.length > 0 ? m_parts[0] : null; }
[e36ea1d]	179	/**
[3b38c41]	180	* Return the role name after the last dot
[e36ea1d]	181	* @return the role name
	182	*/
[3b38c41]	183	public String role_name() { return m_parts[m_parts.length-1]; }
[e36ea1d]	184	/**
	185	* Return the linked role (first two parts of a linking role)
	186	* @return the linked role
	187	*/
[d69593c]	188	public String linked_role() { return A_r1(); }
[281158a]	189
[cac4c76]	190	/**
	191	* Get the roles that form the prerequisites to this intersection. Throws
	192	* a runtime exception if this is not an intersection role.
[e36ea1d]	193	* @return a Role[] of prerequisites
	194	* @throws RuntimeException if this is not an intersection role
[cac4c76]	195	*/
[3b38c41]	196	public Role[] prereqs() throws RuntimeException {
[cac4c76]	197	if (!is_intersection())
	198	throw new RuntimeException("Not an intersection role.");
	199
	200	return m_prereqs;
	201	}
	202
[a5cfe93]	203	/**
	204	* Returns a string representation of the Role.
	205	* @return a string representation of the Role.
	206	*/
[31b67d5]	207	public String toString() {
	208	return m_string;
	209	}
	210
[a5cfe93]	211	/**
	212	* Returns a string representation of the Role with mnemonic names from the
	213	* given Context. A jabac extension.
	214	* @param c A Context used to look up mnemonic names.
	215	* @return a string representation of the Role with mnemonic names from the
	216	* given Context.
	217	*/
[84f0e7a]	218	public String simpleString(Context c) {
	219	return c.expandNickname(m_string);
[de63a31]	220	}
	221
[a5cfe93]	222	/**
	223	* Equality test. Two Roles are the same if their string representations
	224	* are equal.
	225	* @param v2 an Object to compare
	226	* @return a boolean, true if the two Roles are equal.
	227	*/
[31b67d5]	228	public boolean equals(Object v2) {
	229	if (v2 instanceof Role)
	230	return m_string.equals(((Role)v2).m_string);
	231	return false;
	232	}
	233
[a5cfe93]	234	/**
	235	* Partial order test. Return a lexical comparison of the two Roles
	236	* @param o an Object to compare against
	237	* @return -1 if this Role is before, 0 if they are the same, and 1
	238	* if this Role is after the given object.
	239	*/
[88e139a]	240	public int compareTo(Object o) {
	241	if (o instanceof Role)
	242	return m_string.compareTo(((Role)o).m_string);
	243	else return 1;
	244	}
	245
[a5cfe93]	246	/**
	247	* Returns a hash code value for the object. It is the hash of the string
	248	* representation.
	249	* @return a hash code value for the object.
	250	*/
[31b67d5]	251	public int hashCode() {
	252	return m_string.hashCode();
	253	}
[de63a31]	254
[31b67d5]	255	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: