source: java/net/deterlab/abac/Role.java @ 31b67d5

abac0-leakabac0-meicompt_changesgec13mei-idmei-rt0-nmei_rt0mei_rt2mei_rt2_fix_1meiyap-rt1meiyap1rt2tvf-new-xml
Last change on this file since 31b67d5 was 31b67d5, checked in by Mike Ryan <mikeryan@…>, 13 years ago

initial basic implementation of native java ABAC library
credentials must be loaded from text, there is no crypto
no support for intersections
this code was lifted from crudge, the credential visualizer

  • Property mode set to 100644
File size: 2.9 KB
Line 
1package net.deterlab.abac;
2
3/**
4 * Represents a role, which is a vertex in a Credential graph.
5 */
6public class Role {
7    private String m_string;
8    private String[] m_parts;
9    private String m_A_r1, m_r2;
10    private String m_prefix;
11
12    /**
13     * Create a role from a string. The string must be of the format "A",
14     * "A.r1", or "A.r1.r2", where A is a principal and r1 and r2 are role
15     * names. If the string does not have this format, the constructor throws
16     * a RuntimeException.
17     */
18    public Role(String s) throws RuntimeException {
19        m_string = s;
20
21        m_parts = s.split("\\.");
22        if (m_parts.length > 3)
23            throw new RuntimeException("Not a valid role: " + m_string);
24
25        // linking role: prefix is A.r1 from A.r1.r2
26        if (is_linking()) {
27            m_A_r1 = m_parts[0] + "." + m_parts[1];
28            m_r2 = m_parts[2];
29            m_prefix = m_A_r1;
30        }
31
32        // role: prefix is A from A.r1
33        else if (is_role())
34            m_prefix = m_parts[0];
35
36        // principal: prefix is the whole thing
37        else
38            m_prefix = m_string;
39    }
40
41    /**
42     * Returns true iff the role is a principal.
43     */
44    public boolean is_principal() { return m_parts.length == 1; }
45
46    /**
47     * Returns true iff the role is a role (i.e., A.r1).
48     */
49    public boolean is_role() { return m_parts.length == 2; }
50
51    /**
52     * Returns true iff the role is a linking role (i.e., A.r1.r2).
53     */
54    public boolean is_linking() { return m_parts.length == 3; }
55
56    /**
57     * Returns the first two elements of a linking role's name. This typically
58     * refers to another role in the graph. This will throw a runtime
59     * exception if the node is not a linking role.
60     */
61    public String A_r1() throws RuntimeException {
62        if (!is_linking())
63            throw new RuntimeException("Not a linking role");
64        return m_A_r1;
65    }
66
67    /**
68     * Return the last element of a linking role's name. This will throw a
69     * runtime exception if the node is not a linking role.
70     */
71    public String r2() throws RuntimeException {
72        if (!is_linking())
73            throw new RuntimeException("Not a linking role");
74        return m_r2;
75    }
76
77    /**
78     * Returns the principal part of a role or principal. This is everything
79     * except the last element of the name.
80     */
81    public String principal_part() {
82        return m_prefix;
83    }
84
85    /**
86     * Returns true if the principal part of the name matches a prefix. This
87     * is used when filtering graphs.
88     */
89    public boolean matches(String prefix) {
90        return prefix.length() == 0 || m_prefix.equals(prefix);
91    }
92
93    public String toString() {
94        return m_string;
95    }
96
97    public boolean equals(Object v2) {
98        if (v2 instanceof Role)
99            return m_string.equals(((Role)v2).m_string);
100        return false;
101    }
102
103    public int hashCode() {
104        return m_string.hashCode();
105    }
106}
Note: See TracBrowser for help on using the repository browser.