source: java/net/deterlab/abac/Role.java @ f25a7ff

abac0-leakabac0-meicompt_changesgec13mei-idmei-rt0-nmei_rt0mei_rt2mei_rt2_fix_1meiyap-rt1meiyap1rt2tvf-new-xml
Last change on this file since f25a7ff was 53f5c27, checked in by Ted Faber <faber@…>, 13 years ago

checkpoint
  • Property mode set to 100644
File size: 4.9 KB
Line 
1package net.deterlab.abac;
2
3import java.util.*;
4
5import org.bouncycastle.asn1.*;
6
7/**
8 * Represents a role, which is a vertex in a Credential graph.
9 */
10public class Role implements Comparable {
11    private String m_string;
12    private String[] m_parts;
13    private String m_A_r1, m_r2;
14    private String m_prefix;
15    private Role[] m_prereqs;
16
17    /**
18     * Create a role from a string. A single role must be of the format "A",
19     * "A.r1", or "A.r1.r2", where A is a principal and r1 and r2 are role
20     * names. This constructor also supports intersection roles: a sequence of
21     * two or more roles separated by "&amp;". The whitespace surrounding &amp;
22     * is arbitrary.
23     *
24     * If the string does not have this format, the constructor throws a
25     * RuntimeException.
26     */
27    public Role(String s) throws RuntimeException {
28        m_string = s;
29
30        // intersection roles have at least two roles separated by "&"
31        String[] isect_roles = s.split("&");
32
33        // ordinary role
34        if (isect_roles.length == 1)
35            single_role();
36
37        // intersection role: make a list of prereqs
38        else {
39            m_prereqs = new Role[isect_roles.length];
40
41            // trim() handles arbitrary whitespace
42            for (int i = 0; i < isect_roles.length; ++i)
43                m_prereqs[i] = new Role(isect_roles[i].trim());
44
45            // this make is_principal etc. work properly
46            m_parts = new String[0];
47        }
48    }
49
50    public Role(String s, Context c) {
51        this(c.expandKeyID(s));
52    }
53
54    /**
55     * Initialize a single non-intersection role. See constructor for details of
56     * role format. Will throw RuntimeException if the role is invalid.
57     */
58    private void single_role() throws RuntimeException {
59        m_parts = m_string.split("\\.");
60        if (m_parts.length > 3)
61            throw new RuntimeException("Not a valid role: " + m_string);
62
63        // linking role: prefix is A.r1 from A.r1.r2
64        if (is_linking()) {
65            m_A_r1 = m_parts[0] + "." + m_parts[1];
66            m_r2 = m_parts[2];
67            m_prefix = m_A_r1;
68        }
69
70        // role: prefix is A from A.r1
71        else if (is_role())
72            m_prefix = m_parts[0];
73
74        // principal: prefix is the whole thing
75        else
76            m_prefix = m_string;
77    }
78
79    /**
80     * Returns true iff the role is a principal.
81     */
82    public boolean is_principal() { return m_parts.length == 1; }
83
84    /**
85     * Returns true iff the role is a role (i.e., A.r1).
86     */
87    public boolean is_role() { return m_parts.length == 2; }
88
89    /**
90     * Returns true iff the role is a linking role (i.e., A.r1.r2).
91     */
92    public boolean is_linking() { return m_parts.length == 3; }
93
94    /**
95     * Returns true iff the role represents an intersection role.
96     */
97    public boolean is_intersection() { return m_prereqs != null; }
98
99    /**
100     * Returns the first two elements of a linking role's name. This typically
101     * refers to another role in the graph. This will throw a runtime
102     * exception if the node is not a linking role.
103     */
104    public String A_r1() throws RuntimeException {
105        if (!is_linking())
106            throw new RuntimeException("Not a linking role");
107        return m_A_r1;
108    }
109
110    /**
111     * Return the last element of a linking role's name. This will throw a
112     * runtime exception if the node is not a linking role.
113     */
114    public String r2() throws RuntimeException {
115        if (!is_linking())
116            throw new RuntimeException("Not a linking role");
117        return m_r2;
118    }
119
120    /**
121     * Returns the principal part of a role or principal. This is everything
122     * except the last element of the name.
123     */
124    public String principal_part() {
125        return m_prefix;
126    }
127
128    /**
129     * Returns an issuer, only the first element.
130     */
131    public String issuer_part() { return m_parts[0]; }
132
133    /**
134     * Returns true if the principal part of the name matches a prefix. This
135     * is used when filtering graphs.
136     */
137    public boolean matches(String prefix) {
138        return prefix.length() == 0 || m_prefix.equals(prefix);
139    }
140
141    /**
142     * Get the roles that form the prerequisites to this intersection. Throws
143     * a runtime exception if this is not an intersection role.
144     */
145    public Role[] prereqs() throws RuntimeException {
146        if (!is_intersection())
147            throw new RuntimeException("Not an intersection role.");
148
149        return m_prereqs;
150    }
151
152    public String toString() {
153        return m_string;
154    }
155
156    public String simpleString(Context c) {
157        return c.expandNickname(m_string);
158    }
159
160    public boolean equals(Object v2) {
161        if (v2 instanceof Role)
162            return m_string.equals(((Role)v2).m_string);
163        return false;
164    }
165
166    public int compareTo(Object o) {
167        if (o instanceof Role) 
168            return m_string.compareTo(((Role)o).m_string);
169        else return 1;
170    }
171
172    public int hashCode() {
173        return m_string.hashCode();
174    }
175
176}
Note: See TracBrowser for help on using the repository browser.