com.metamatrix.platform.security.api
Class BasicAuthorizationPermission

java.lang.Object
  com.metamatrix.platform.security.api.AuthorizationPermission
      com.metamatrix.platform.security.api.BasicAuthorizationPermission

All Implemented Interfaces:

java.io.Serializable, java.lang.Cloneable, java.lang.Comparable

public class BasicAuthorizationPermission
extends AuthorizationPermission
implements java.lang.Cloneable

A BasicAuthorizationPermission defines access permissions for Metadata resources (i.e., MetadataID instances). This class extends the AuthorizationPermission abstract class and provides specialized implies, equals, and compareTo method implementations.

See Also:

Serialized Form

Field Summary

static java.lang.String	RECURSIVE
static java.lang.String	SEPARATOR_WITH_RECURSIVE

Fields inherited from class com.metamatrix.platform.security.api.AuthorizationPermission

DEFAULT_ACTIONS, hashCode, PRIME, resource

Method Summary

protected java.lang.Object	clone() Make a deep copy of this object.
int	compareTo(java.lang.Object o) Compares this AuthorizationPermission to another Object.
boolean	equals(java.lang.Object obj) Returns true if the specified object is semantically equal to this instance.
boolean	implies(AuthorizationPermission request) Determine whether this official AuthorizationPermission instance implies the access requested by the request AuthorizationPermission instance.
static boolean	isRecursiveResource(java.lang.String resourceName) Does this resource have the recursive attribute.
static java.lang.String	removeRecursion(java.lang.String resourceName) Remove recursive attribute.

Methods inherited from class com.metamatrix.platform.security.api.AuthorizationPermission

compare, getActions, getContentModifier, getFactoryClassName, getRealm, getRealmName, getResource, getResourceName, hasContentModifier, hashCode, resourceIsRecursive, toString

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

RECURSIVE

public static final java.lang.String RECURSIVE

See Also:

Constant Field Values

SEPARATOR_WITH_RECURSIVE

public static final java.lang.String SEPARATOR_WITH_RECURSIVE

See Also:

Constant Field Values

Method Detail

clone

protected java.lang.Object clone()
                          throws java.lang.CloneNotSupportedException

Make a deep copy of this object.

Specified by:

clone in class AuthorizationPermission

Returns:

The newly copied object.

Throws:

java.lang.CloneNotSupportedException

implies

public boolean implies(AuthorizationPermission request)

Determine whether this official AuthorizationPermission instance implies the access requested by the request AuthorizationPermission instance. This official permission is stored by the Authorization subsystem and is owned by a given Principal. The request permission has been created by a software component on behalf of the given Principal wishing access to a resource controlled by the component.

The requested permission is implied by the official permission if all of the following conditions are satisfied:

The request permission must be of the same type (evaluated using instanceof);

The AuthorizationRealm of each permission instance must be equivalent;

All of the actions of the requested permission must be included in the actions of the official permission. See AuthorizationActions.implies(com.metamatrix.platform.security.api.AuthorizationActions);

if there is a recursive parameter in both resource names, and the requested resource name is more restrictive than the official resource name;

if there is a recursive parameter in the official resource but not the requested resource or neither resource contains a recursive parameter, and the requested resource is contained in its entirety within the official resource name (starting at the beginning of the official resource).

Note: the content modifier of the permissions is not used in this algorithm.

Specified by:

implies in class AuthorizationPermission

Parameters:

request - The permission that is being requested or attempted, and which is in question by the caller

Returns:

true if the official permission does imply access to the resource(s) specified by the request

equals

public boolean equals(java.lang.Object obj)

Description copied from class: AuthorizationPermission

Returns true if the specified object is semantically equal to this instance. Note: this method is consistent with compareTo().

Overrides:

equals in class AuthorizationPermission

Parameters:

obj - the object that this instance is to be compared to.

Returns:

whether the object is equal to this object.

compareTo

public int compareTo(java.lang.Object o)
              throws java.lang.ClassCastException

Description copied from class: AuthorizationPermission

Compares this AuthorizationPermission to another Object. If the Object is an AuthorizationPermission, this function compares the name. Otherwise, it throws a ClassCastException (as policyID instances are comparable only to other AuthorizationPermission instances). Note: this method is consistent with equals().

Specified by:

compareTo in interface java.lang.Comparable

Overrides:

compareTo in class AuthorizationPermission

Parameters:

o - the object that this instance is to be compared to.

Returns:

a negative integer, zero, or a positive integer as this object is less than, equal to, or greater than the specified object, respectively.

Throws:

java.lang.ClassCastException - if the specified object's type prevents it from being compared to this AuthorizationPermission.

removeRecursion

public static java.lang.String removeRecursion(java.lang.String resourceName)

Remove recursive attribute.

Parameters:

resourceName - The resource name from which to remove recursion.

Returns:

The non recursive resource name.

isRecursiveResource

public static boolean isRecursiveResource(java.lang.String resourceName)

Does this resource have the recursive attribute.

Parameters:

resourceName - The resource name to check for recursion.

Returns:

true if the resource is recursive.