001    /*
002     * CDDL HEADER START
003     *
004     * The contents of this file are subject to the terms of the
005     * Common Development and Distribution License, Version 1.0 only
006     * (the "License").  You may not use this file except in compliance
007     * with the License.
008     *
009     * You can obtain a copy of the license at
010     * trunk/opends/resource/legal-notices/OpenDS.LICENSE
011     * or https://OpenDS.dev.java.net/OpenDS.LICENSE.
012     * See the License for the specific language governing permissions
013     * and limitations under the License.
014     *
015     * When distributing Covered Code, include this CDDL HEADER in each
016     * file and include the License file at
017     * trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
018     * add the following below this CDDL HEADER, with the fields enclosed
019     * by brackets "[]" replaced with your own identifying information:
020     *      Portions Copyright [yyyy] [name of copyright owner]
021     *
022     * CDDL HEADER END
023     *
024     *
025     *      Copyright 2008 Sun Microsystems, Inc.
026     */
027    
028    
029    package org.opends.server.authorization.dseecompat;
030    
031    import static org.opends.messages.AccessControlMessages.*;
032    import java.util.HashSet;
033    
034    /**
035     * This class represents an ACI's targetcontrol keyword.
036     */
037    
038    public class TargetControl {
039    
040      /*
041       * HashSet of OID strings parsed from the decode.
042       */
043      private HashSet<String> controlOIDS = new HashSet<String>();
044    
045     /*
046      * Enumeration representing the targetcontrol operator.
047      */
048    
049      private EnumTargetOperator op = EnumTargetOperator.EQUALITY;
050    
051      /**
052       * Creates a class that can be used to evaluate a targetcontrol.
053       *
054       * @param op The operator of the targetcontrol expression (=, !=).
055       * @param controlOIDS  Set of control OIDS to use in the evaluation (may
056       *                     contain wild-card '*').
057       */
058      private TargetControl(EnumTargetOperator op, HashSet<String> controlOIDS) {
059        this.controlOIDS=controlOIDS;
060        this.op=op;
061      }
062    
063      /**
064       *  Decode an targetcontrol expression string.
065       *
066       * @param operator  An enumeration representing the operator type.
067       * @param expr A string representing the targetcontrol expression.
068       * @return  A class representing the targetcontrol expression that can be
069       *          used to evaluate an ACI.
070       *
071       * @throws AciException If the specified expression string is invalid.
072       */
073      public static TargetControl decode(EnumTargetOperator operator, String expr)
074              throws AciException {
075        HashSet<String> controlOIDs =
076              Aci.decodeOID(expr,
077                      WARN_ACI_SYNTAX_INVALID_TARGETCONTROL_EXPRESSION.get(expr));
078        return new TargetControl(operator, controlOIDs);
079      }
080    
081      /**
082       * Check if a targetcontrol is applicable based on the provided target match
083       * context.
084       *
085       * @param matchCtx The target match context to use in the check.
086       * @return True if the targetcontrol is applicable based on the context.
087       */
088      public boolean isApplicable(AciTargetMatchContext matchCtx) {
089        if(matchCtx.getControlOID() == null)
090          return false;
091        boolean ret = false;
092        for(String oid : controlOIDS)
093          if(oid.equals("*") || matchCtx.getControlOID().equals(oid)) {
094            ret=true;
095            break;
096          }
097       if(op.equals(EnumTargetOperator.NOT_EQUALITY))
098              ret = !ret;
099        return ret;
100      }
101    }
102