author | ohair |
Wed, 06 Apr 2011 22:06:11 -0700 | |
changeset 9035 | 1255eb81cc2f |
parent 7970 | af1579474d16 |
child 24969 | afa6934dd8e8 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
9035
1255eb81cc2f
7033660: Update copyright year to 2011 on any files changed in 2011
ohair
parents:
7970
diff
changeset
|
2 |
* Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
package sun.security.acl; |
|
27 |
||
28 |
import java.io.*; |
|
29 |
import java.util.*; |
|
30 |
import java.security.Principal; |
|
31 |
import java.security.acl.*; |
|
32 |
||
33 |
/** |
|
34 |
* An Access Control List (ACL) is encapsulated by this class. |
|
35 |
* @author Satish Dharmaraj |
|
36 |
*/ |
|
37 |
public class AclImpl extends OwnerImpl implements Acl { |
|
38 |
// |
|
39 |
// Maintain four tables. one each for positive and negative |
|
40 |
// ACLs. One each depending on whether the entity is a group |
|
41 |
// or principal. |
|
42 |
// |
|
43 |
private Hashtable<Principal, AclEntry> allowedUsersTable = |
|
7970
af1579474d16
7008728: diamond conversion of basic security, permissions, authentication
smarks
parents:
5506
diff
changeset
|
44 |
new Hashtable<>(23); |
2 | 45 |
private Hashtable<Principal, AclEntry> allowedGroupsTable = |
7970
af1579474d16
7008728: diamond conversion of basic security, permissions, authentication
smarks
parents:
5506
diff
changeset
|
46 |
new Hashtable<>(23); |
2 | 47 |
private Hashtable<Principal, AclEntry> deniedUsersTable = |
7970
af1579474d16
7008728: diamond conversion of basic security, permissions, authentication
smarks
parents:
5506
diff
changeset
|
48 |
new Hashtable<>(23); |
2 | 49 |
private Hashtable<Principal, AclEntry> deniedGroupsTable = |
7970
af1579474d16
7008728: diamond conversion of basic security, permissions, authentication
smarks
parents:
5506
diff
changeset
|
50 |
new Hashtable<>(23); |
2 | 51 |
private String aclName = null; |
7970
af1579474d16
7008728: diamond conversion of basic security, permissions, authentication
smarks
parents:
5506
diff
changeset
|
52 |
private Vector<Permission> zeroSet = new Vector<>(1,1); |
2 | 53 |
|
54 |
||
55 |
/** |
|
56 |
* Constructor for creating an empty ACL. |
|
57 |
*/ |
|
58 |
public AclImpl(Principal owner, String name) { |
|
59 |
super(owner); |
|
60 |
try { |
|
61 |
setName(owner, name); |
|
62 |
} catch (Exception e) {} |
|
63 |
} |
|
64 |
||
65 |
/** |
|
66 |
* Sets the name of the ACL. |
|
67 |
* @param caller the principal who is invoking this method. |
|
68 |
* @param name the name of the ACL. |
|
69 |
* @exception NotOwnerException if the caller principal is |
|
70 |
* not on the owners list of the Acl. |
|
71 |
*/ |
|
72 |
public void setName(Principal caller, String name) |
|
73 |
throws NotOwnerException |
|
74 |
{ |
|
75 |
if (!isOwner(caller)) |
|
76 |
throw new NotOwnerException(); |
|
77 |
||
78 |
aclName = name; |
|
79 |
} |
|
80 |
||
81 |
/** |
|
82 |
* Returns the name of the ACL. |
|
83 |
* @return the name of the ACL. |
|
84 |
*/ |
|
85 |
public String getName() { |
|
86 |
return aclName; |
|
87 |
} |
|
88 |
||
89 |
/** |
|
90 |
* Adds an ACL entry to this ACL. An entry associates a |
|
91 |
* group or a principal with a set of permissions. Each |
|
92 |
* user or group can have one positive ACL entry and one |
|
93 |
* negative ACL entry. If there is one of the type (negative |
|
94 |
* or positive) already in the table, a false value is returned. |
|
95 |
* The caller principal must be a part of the owners list of |
|
96 |
* the ACL in order to invoke this method. |
|
97 |
* @param caller the principal who is invoking this method. |
|
98 |
* @param entry the ACL entry that must be added to the ACL. |
|
99 |
* @return true on success, false if the entry is already present. |
|
100 |
* @exception NotOwnerException if the caller principal |
|
101 |
* is not on the owners list of the Acl. |
|
102 |
*/ |
|
103 |
public synchronized boolean addEntry(Principal caller, AclEntry entry) |
|
104 |
throws NotOwnerException |
|
105 |
{ |
|
106 |
if (!isOwner(caller)) |
|
107 |
throw new NotOwnerException(); |
|
108 |
||
109 |
Hashtable<Principal, AclEntry> aclTable = findTable(entry); |
|
110 |
Principal key = entry.getPrincipal(); |
|
111 |
||
112 |
if (aclTable.get(key) != null) |
|
113 |
return false; |
|
114 |
||
115 |
aclTable.put(key, entry); |
|
116 |
return true; |
|
117 |
} |
|
118 |
||
119 |
/** |
|
120 |
* Removes an ACL entry from this ACL. |
|
121 |
* The caller principal must be a part of the owners list of the ACL |
|
122 |
* in order to invoke this method. |
|
123 |
* @param caller the principal who is invoking this method. |
|
124 |
* @param entry the ACL entry that must be removed from the ACL. |
|
125 |
* @return true on success, false if the entry is not part of the ACL. |
|
126 |
* @exception NotOwnerException if the caller principal is not |
|
127 |
* the owners list of the Acl. |
|
128 |
*/ |
|
129 |
public synchronized boolean removeEntry(Principal caller, AclEntry entry) |
|
130 |
throws NotOwnerException |
|
131 |
{ |
|
132 |
if (!isOwner(caller)) |
|
133 |
throw new NotOwnerException(); |
|
134 |
||
135 |
Hashtable<Principal, AclEntry> aclTable = findTable(entry); |
|
136 |
Principal key = entry.getPrincipal(); |
|
137 |
||
138 |
AclEntry o = aclTable.remove(key); |
|
139 |
return (o != null); |
|
140 |
} |
|
141 |
||
142 |
/** |
|
143 |
* This method returns the set of allowed permissions for the |
|
144 |
* specified principal. This set of allowed permissions is calculated |
|
145 |
* as follows: |
|
146 |
* |
|
147 |
* If there is no entry for a group or a principal an empty permission |
|
148 |
* set is assumed. |
|
149 |
* |
|
150 |
* The group positive permission set is the union of all |
|
151 |
* the positive permissions of each group that the individual belongs to. |
|
152 |
* The group negative permission set is the union of all |
|
153 |
* the negative permissions of each group that the individual belongs to. |
|
154 |
* If there is a specific permission that occurs in both |
|
155 |
* the postive permission set and the negative permission set, |
|
156 |
* it is removed from both. The group positive and negatoive permission |
|
157 |
* sets are calculated. |
|
158 |
* |
|
159 |
* The individial positive permission set and the individual negative |
|
160 |
* permission set is then calculated. Again abscence of an entry means |
|
161 |
* the empty set. |
|
162 |
* |
|
163 |
* The set of permissions granted to the principal is then calculated using |
|
164 |
* the simple rule: Individual permissions always override the Group permissions. |
|
165 |
* Specifically, individual negative permission set (specific |
|
166 |
* denial of permissions) overrides the group positive permission set. |
|
167 |
* And the individual positive permission set override the group negative |
|
168 |
* permission set. |
|
169 |
* |
|
170 |
* @param user the principal for which the ACL entry is returned. |
|
171 |
* @return The resulting permission set that the principal is allowed. |
|
172 |
*/ |
|
173 |
public synchronized Enumeration<Permission> getPermissions(Principal user) { |
|
174 |
||
175 |
Enumeration<Permission> individualPositive; |
|
176 |
Enumeration<Permission> individualNegative; |
|
177 |
Enumeration<Permission> groupPositive; |
|
178 |
Enumeration<Permission> groupNegative; |
|
179 |
||
180 |
// |
|
181 |
// canonicalize the sets. That is remove common permissions from |
|
182 |
// positive and negative sets. |
|
183 |
// |
|
184 |
groupPositive = |
|
185 |
subtract(getGroupPositive(user), getGroupNegative(user)); |
|
186 |
groupNegative = |
|
187 |
subtract(getGroupNegative(user), getGroupPositive(user)); |
|
188 |
individualPositive = |
|
189 |
subtract(getIndividualPositive(user), getIndividualNegative(user)); |
|
190 |
individualNegative = |
|
191 |
subtract(getIndividualNegative(user), getIndividualPositive(user)); |
|
192 |
||
193 |
// |
|
194 |
// net positive permissions is individual positive permissions |
|
195 |
// plus (group positive - individual negative). |
|
196 |
// |
|
197 |
Enumeration<Permission> temp1 = |
|
198 |
subtract(groupPositive, individualNegative); |
|
199 |
Enumeration<Permission> netPositive = |
|
200 |
union(individualPositive, temp1); |
|
201 |
||
202 |
// recalculate the enumeration since we lost it in performing the |
|
203 |
// subtraction |
|
204 |
// |
|
205 |
individualPositive = |
|
206 |
subtract(getIndividualPositive(user), getIndividualNegative(user)); |
|
207 |
individualNegative = |
|
208 |
subtract(getIndividualNegative(user), getIndividualPositive(user)); |
|
209 |
||
210 |
// |
|
211 |
// net negative permissions is individual negative permissions |
|
212 |
// plus (group negative - individual positive). |
|
213 |
// |
|
214 |
temp1 = subtract(groupNegative, individualPositive); |
|
215 |
Enumeration<Permission> netNegative = union(individualNegative, temp1); |
|
216 |
||
217 |
return subtract(netPositive, netNegative); |
|
218 |
} |
|
219 |
||
220 |
/** |
|
221 |
* This method checks whether or not the specified principal |
|
222 |
* has the required permission. If permission is denied |
|
223 |
* permission false is returned, a true value is returned otherwise. |
|
224 |
* This method does not authenticate the principal. It presumes that |
|
225 |
* the principal is a valid authenticated principal. |
|
226 |
* @param principal the name of the authenticated principal |
|
227 |
* @param permission the permission that the principal must have. |
|
228 |
* @return true of the principal has the permission desired, false |
|
229 |
* otherwise. |
|
230 |
*/ |
|
231 |
public boolean checkPermission(Principal principal, Permission permission) |
|
232 |
{ |
|
233 |
Enumeration<Permission> permSet = getPermissions(principal); |
|
234 |
while (permSet.hasMoreElements()) { |
|
235 |
Permission p = permSet.nextElement(); |
|
236 |
if (p.equals(permission)) |
|
237 |
return true; |
|
238 |
} |
|
239 |
return false; |
|
240 |
} |
|
241 |
||
242 |
/** |
|
243 |
* returns an enumeration of the entries in this ACL. |
|
244 |
*/ |
|
245 |
public synchronized Enumeration<AclEntry> entries() { |
|
246 |
return new AclEnumerator(this, |
|
247 |
allowedUsersTable, allowedGroupsTable, |
|
248 |
deniedUsersTable, deniedGroupsTable); |
|
249 |
} |
|
250 |
||
251 |
/** |
|
252 |
* return a stringified version of the |
|
253 |
* ACL. |
|
254 |
*/ |
|
255 |
public String toString() { |
|
256 |
StringBuffer sb = new StringBuffer(); |
|
257 |
Enumeration<AclEntry> entries = entries(); |
|
258 |
while (entries.hasMoreElements()) { |
|
259 |
AclEntry entry = entries.nextElement(); |
|
260 |
sb.append(entry.toString().trim()); |
|
261 |
sb.append("\n"); |
|
262 |
} |
|
263 |
||
264 |
return sb.toString(); |
|
265 |
} |
|
266 |
||
267 |
// |
|
268 |
// Find the table that this entry belongs to. There are 4 |
|
269 |
// tables that are maintained. One each for postive and |
|
270 |
// negative ACLs and one each for groups and users. |
|
271 |
// This method figures out which |
|
272 |
// table is the one that this AclEntry belongs to. |
|
273 |
// |
|
274 |
private Hashtable<Principal, AclEntry> findTable(AclEntry entry) { |
|
275 |
Hashtable<Principal, AclEntry> aclTable = null; |
|
276 |
||
277 |
Principal p = entry.getPrincipal(); |
|
278 |
if (p instanceof Group) { |
|
279 |
if (entry.isNegative()) |
|
280 |
aclTable = deniedGroupsTable; |
|
281 |
else |
|
282 |
aclTable = allowedGroupsTable; |
|
283 |
} else { |
|
284 |
if (entry.isNegative()) |
|
285 |
aclTable = deniedUsersTable; |
|
286 |
else |
|
287 |
aclTable = allowedUsersTable; |
|
288 |
} |
|
289 |
return aclTable; |
|
290 |
} |
|
291 |
||
292 |
// |
|
293 |
// returns the set e1 U e2. |
|
294 |
// |
|
295 |
private static Enumeration<Permission> union(Enumeration<Permission> e1, |
|
296 |
Enumeration<Permission> e2) { |
|
7970
af1579474d16
7008728: diamond conversion of basic security, permissions, authentication
smarks
parents:
5506
diff
changeset
|
297 |
Vector<Permission> v = new Vector<>(20, 20); |
2 | 298 |
|
299 |
while (e1.hasMoreElements()) |
|
300 |
v.addElement(e1.nextElement()); |
|
301 |
||
302 |
while (e2.hasMoreElements()) { |
|
303 |
Permission o = e2.nextElement(); |
|
304 |
if (!v.contains(o)) |
|
305 |
v.addElement(o); |
|
306 |
} |
|
307 |
||
308 |
return v.elements(); |
|
309 |
} |
|
310 |
||
311 |
// |
|
312 |
// returns the set e1 - e2. |
|
313 |
// |
|
314 |
private Enumeration<Permission> subtract(Enumeration<Permission> e1, |
|
315 |
Enumeration<Permission> e2) { |
|
7970
af1579474d16
7008728: diamond conversion of basic security, permissions, authentication
smarks
parents:
5506
diff
changeset
|
316 |
Vector<Permission> v = new Vector<>(20, 20); |
2 | 317 |
|
318 |
while (e1.hasMoreElements()) |
|
319 |
v.addElement(e1.nextElement()); |
|
320 |
||
321 |
while (e2.hasMoreElements()) { |
|
322 |
Permission o = e2.nextElement(); |
|
323 |
if (v.contains(o)) |
|
324 |
v.removeElement(o); |
|
325 |
} |
|
326 |
||
327 |
return v.elements(); |
|
328 |
} |
|
329 |
||
330 |
private Enumeration<Permission> getGroupPositive(Principal user) { |
|
331 |
Enumeration<Permission> groupPositive = zeroSet.elements(); |
|
332 |
Enumeration<Principal> e = allowedGroupsTable.keys(); |
|
333 |
while (e.hasMoreElements()) { |
|
334 |
Group g = (Group)e.nextElement(); |
|
335 |
if (g.isMember(user)) { |
|
336 |
AclEntry ae = allowedGroupsTable.get(g); |
|
337 |
groupPositive = union(ae.permissions(), groupPositive); |
|
338 |
} |
|
339 |
} |
|
340 |
return groupPositive; |
|
341 |
} |
|
342 |
||
343 |
private Enumeration<Permission> getGroupNegative(Principal user) { |
|
344 |
Enumeration<Permission> groupNegative = zeroSet.elements(); |
|
345 |
Enumeration<Principal> e = deniedGroupsTable.keys(); |
|
346 |
while (e.hasMoreElements()) { |
|
347 |
Group g = (Group)e.nextElement(); |
|
348 |
if (g.isMember(user)) { |
|
349 |
AclEntry ae = deniedGroupsTable.get(g); |
|
350 |
groupNegative = union(ae.permissions(), groupNegative); |
|
351 |
} |
|
352 |
} |
|
353 |
return groupNegative; |
|
354 |
} |
|
355 |
||
356 |
private Enumeration<Permission> getIndividualPositive(Principal user) { |
|
357 |
Enumeration<Permission> individualPositive = zeroSet.elements(); |
|
358 |
AclEntry ae = allowedUsersTable.get(user); |
|
359 |
if (ae != null) |
|
360 |
individualPositive = ae.permissions(); |
|
361 |
return individualPositive; |
|
362 |
} |
|
363 |
||
364 |
private Enumeration<Permission> getIndividualNegative(Principal user) { |
|
365 |
Enumeration<Permission> individualNegative = zeroSet.elements(); |
|
366 |
AclEntry ae = deniedUsersTable.get(user); |
|
367 |
if (ae != null) |
|
368 |
individualNegative = ae.permissions(); |
|
369 |
return individualNegative; |
|
370 |
} |
|
371 |
} |
|
372 |
||
373 |
final class AclEnumerator implements Enumeration<AclEntry> { |
|
374 |
Acl acl; |
|
375 |
Enumeration<AclEntry> u1, u2, g1, g2; |
|
376 |
||
377 |
AclEnumerator(Acl acl, Hashtable<?,AclEntry> u1, Hashtable<?,AclEntry> g1, |
|
378 |
Hashtable<?,AclEntry> u2, Hashtable<?,AclEntry> g2) { |
|
379 |
this.acl = acl; |
|
380 |
this.u1 = u1.elements(); |
|
381 |
this.u2 = u2.elements(); |
|
382 |
this.g1 = g1.elements(); |
|
383 |
this.g2 = g2.elements(); |
|
384 |
} |
|
385 |
||
386 |
public boolean hasMoreElements() { |
|
387 |
return (u1.hasMoreElements() || |
|
388 |
u2.hasMoreElements() || |
|
389 |
g1.hasMoreElements() || |
|
390 |
g2.hasMoreElements()); |
|
391 |
} |
|
392 |
||
393 |
public AclEntry nextElement() |
|
394 |
{ |
|
395 |
AclEntry o; |
|
396 |
synchronized (acl) { |
|
397 |
if (u1.hasMoreElements()) |
|
398 |
return u1.nextElement(); |
|
399 |
if (u2.hasMoreElements()) |
|
400 |
return u2.nextElement(); |
|
401 |
if (g1.hasMoreElements()) |
|
402 |
return g1.nextElement(); |
|
403 |
if (g2.hasMoreElements()) |
|
404 |
return g2.nextElement(); |
|
405 |
} |
|
406 |
throw new NoSuchElementException("Acl Enumerator"); |
|
407 |
} |
|
408 |
} |