wt.access
Class AclEntrySet

java.lang.Object
  wt.access.AclEntrySet

All Implemented Interfaces:

Cloneable, Evolvable, Externalizable, Serializable

public class AclEntrySet

extends Object

implements Evolvable, Cloneable, Externalizable

AclEntrySet represents a collection of access control entries mapping principals to permissions. The access control list entry set is used for evaluating access rights.

Supported API: false

Extendable: false

See Also:

Serialized Form

Field Summary

private static Long	ALL_ID
private Object	cachedEntries
private long[][]	cachedMasks
private int	cachedMasksIndex
private static int	cachedMasksSize
private static String	CLASSNAME
private static String	DELETED
static long	EXTERNALIZATION_VERSION_UID
private static String	GROUP_TARGET_KEY
private static String	GROUP_TARGET_TYPE
private boolean	inflated
private HashMap	negativeEntries
private static byte[]	OBJECT_STREAM_MAGIC
protected static long	OLD_FORMAT_VERSION_UID
private static Long	OWNER_ID
private Hashtable	pendingPositiveEntries
private HashMap	positiveEntries
private static String	PROXYGROUP_TARGET_KEY
private static String	PROXYUSER_TARGET_KEY
private int	readerCount
private static String	REF_TARGET_TYPE
private static String	RESOURCE
private static String	ROLE_TARGET_KEY
(package private) Hashtable	rolePermissions
(package private) static long	serialVersionUID
private boolean	stale
protected static short	STREAM_VERSION
private static String	USER_TARGET_KEY
private static String	USER_TARGET_TYPE
private static boolean	VERBOSE
protected static long	VERSION_PRE_70_UID
private int	writerCount
private static String	WTPRINCIPALREF_CLASSNAME

Constructor Summary

	AclEntrySet() Constructs an empty AclEntrySet object.
protected	AclEntrySet(Object cachedEntries)

Method Summary

private boolean	acquireReadLock()
private boolean	acquireWriteLock()
protected boolean	checkOwnerPermission(AccessPermission permission) Given a permission, computes whether the permission is granted to the owner user (WTPrincipalReference.OWNER).
protected boolean	checkPermission(WTPrincipal principal, AccessPermission permission) Given a principal and a permission, computes whether the permission is granted to the principal.
Object	clone() Creates and returns a copy of this object.
private void	deflate()
protected AclEntrySet	duplicate() Create a deep copy of this AclEntrySet.
protected EnumeratorVector	getEntries() Returns entries representing the cached entry set Supported API: false
protected long	getNegativeMask(String classname, Long id) Returns the negative permission mask corresponding to the specified principal reference.
protected long	getOwnerPermissionMask() Gets the permission mask for the owner user (WTPrincipalReference.OWNER).
protected EnumeratorVector	getPendingEntries() Returns entries representing the pending entries.
protected long	getPendingMask(WTPrincipalReference principal_ref, String owner) Returns the permission mask for the pending entry with the specified principal and owner.
protected Hashtable	getPendingPositiveEntries() Gets the value of the attribute: pendingPositiveEntries.
protected long	getPermissionMask(WTPrincipal principal) Returns the mask representing the set of permissions associated with the principal.
protected long	getPositiveMask(String classname, Long id) Returns the positive permission mask corresponding to the specified principal reference.
private WTPrincipalReference	getPrincipalReference(String class_name, Long id)
protected Hashtable	getRolePermissions()
protected boolean	hasPositiveMask(WTPrincipalReference principal_reference) Returns true if positive entries exist explicitly for the specified principal.
protected void	inflate()
private void	inflateOldVersion()
private void	invalidateCache()
protected boolean	isEmpty() Tells if there is any entry in the set.
private void	mapEntries(HashMap cache, EnumeratorVector entries, boolean negative)
protected void	mergeEntry(WTAclEntry entry, boolean persisted) Merges an entry into the set.
protected void	oldInflate(byte[] stream)
private void	parseOldEntry(String entry_str)
private void	parseValue(String value)
void	readExternal(ObjectInput input) Reads the non-transient fields of this class from an external source.
private boolean	readOldVersion(ObjectInput input, long readSerialVersionUID, boolean passThrough, boolean superDone) Reads the non-transient fields of this class from an external source, which is not the current version.
protected boolean	readVersion(AclEntrySet thisObject, ObjectInput input, long readSerialVersionUID, boolean passThrough, boolean superDone) Reads the non-transient fields of this class from an external source.
private void	releaseReadLock()
private void	releaseWriteLock()
protected void	removeEntry(WTAclEntry entry, boolean persisted) Removes an entry from the set.
protected void	removeNegativeEntry(WTPrincipalReference principal_ref) Removes the entry for the specified principal from the negative entries cache.
protected void	removePendingEntries(String owner) Removes permissions and updates the cached entries for each pending entry with a matching owner key.
protected void	removePendingEntry(WTAclEntry entry) Removes the pending entry and removes the entry for the principal from the positive entries cache.
protected void	removePendingPermissions(String owner, long removeMask) For each pending entry with matching owner key, set permissions to current permissionMask & ~removeMask and update cachedEntries.
protected void	removePositiveEntry(WTPrincipalReference principal_ref) Removes the entry for the specified principal from the positive entries cache.
protected void	setEntry(WTAclEntry entry, boolean persisted) Sets an entry in the set.
protected void	setNegativeEntry(WTPrincipalReference principal_ref, long permission_mask) Sets the permission mask for the specified principal in the negative entries cache.
protected void	setPendingEntry(WTAclEntry entry) Sets a pending entry and sets the permission mask for the principal in the positive entries cache.
protected void	setPendingPositiveEntries(Hashtable a_PendingPositiveEntries) Sets the value of the attribute: pendingPositiveEntries.
protected void	setPositiveEntry(WTPrincipalReference principal_ref, long permission_mask) Sets the permission mask for the specified principal in the positive entries cache.
private void	showEntries(HashMap entries, StringBuffer buf, boolean negative)
String	toString() Produces a String representation of the entry set.
protected void	updateAdHocEntrySet() Rebuilds postitiveEntries from pendingPositiveEntries for a non-persistent AdHocControlled object.
protected void	validate() Validates that the entry set of a non-persistent AdHocControlled object has been properly initialized.
void	writeExternal(ObjectOutput output) Writes the non-transient fields of this class to an external source.

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

RESOURCE

private static final String RESOURCE

See Also:

Constant Field Values

CLASSNAME

private static final String CLASSNAME

cachedEntries

private Object cachedEntries

pendingPositiveEntries

private Hashtable pendingPositiveEntries

serialVersionUID

static final long serialVersionUID

See Also:

Constant Field Values

EXTERNALIZATION_VERSION_UID

public static final long EXTERNALIZATION_VERSION_UID

See Also:

Constant Field Values

OLD_FORMAT_VERSION_UID

protected static final long OLD_FORMAT_VERSION_UID

See Also:

Constant Field Values

ALL_ID

private static final Long ALL_ID

OWNER_ID

private static final Long OWNER_ID

WTPRINCIPALREF_CLASSNAME

private static final String WTPRINCIPALREF_CLASSNAME

inflated

private volatile boolean inflated

negativeEntries

private HashMap negativeEntries

positiveEntries

private HashMap positiveEntries

stale

private boolean stale

cachedMasksSize

private static final int cachedMasksSize

See Also:

Constant Field Values

cachedMasksIndex

private int cachedMasksIndex

cachedMasks

private volatile long[][] cachedMasks

VERBOSE

private static final boolean VERBOSE

VERSION_PRE_70_UID

protected static final long VERSION_PRE_70_UID

See Also:

Constant Field Values

STREAM_VERSION

protected static final short STREAM_VERSION

See Also:

Constant Field Values

OBJECT_STREAM_MAGIC

private static final byte[] OBJECT_STREAM_MAGIC

GROUP_TARGET_KEY

private static final String GROUP_TARGET_KEY

See Also:

Constant Field Values

PROXYGROUP_TARGET_KEY

private static final String PROXYGROUP_TARGET_KEY

See Also:

Constant Field Values

PROXYUSER_TARGET_KEY

private static final String PROXYUSER_TARGET_KEY

See Also:

Constant Field Values

ROLE_TARGET_KEY

private static final String ROLE_TARGET_KEY

See Also:

Constant Field Values

USER_TARGET_KEY

private static final String USER_TARGET_KEY

See Also:

Constant Field Values

GROUP_TARGET_TYPE

private static final String GROUP_TARGET_TYPE

See Also:

Constant Field Values

REF_TARGET_TYPE

private static final String REF_TARGET_TYPE

See Also:

Constant Field Values

USER_TARGET_TYPE

private static final String USER_TARGET_TYPE

See Also:

Constant Field Values

DELETED

private static final String DELETED

See Also:

Constant Field Values

rolePermissions

Hashtable rolePermissions

readerCount

private transient int readerCount

writerCount

private transient int writerCount

Constructor Detail

AclEntrySet

public AclEntrySet()

Constructs an empty AclEntrySet object.

Supported API: false

AclEntrySet

protected AclEntrySet(Object cachedEntries)

Method Detail

writeExternal

public void writeExternal(ObjectOutput output)
                   throws IOException

Writes the non-transient fields of this class to an external source.

Supported API: false

Specified by:

writeExternal in interface Externalizable

Parameters:

output -

Throws:

IOException

readExternal

public void readExternal(ObjectInput input)
                  throws IOException,
                         ClassNotFoundException

Reads the non-transient fields of this class from an external source.

Supported API: false

Specified by:

readExternal in interface Externalizable

Parameters:

input -

Throws:

IOException

ClassNotFoundException

readVersion

protected boolean readVersion(AclEntrySet thisObject,
                              ObjectInput input,
                              long readSerialVersionUID,
                              boolean passThrough,
                              boolean superDone)
                       throws IOException,
                              ClassNotFoundException

Reads the non-transient fields of this class from an external source.

Supported API: false

Parameters:

thisObject -

input -

readSerialVersionUID -

passThrough -

superDone -

Returns:

boolean

Throws:

IOException

ClassNotFoundException

readOldVersion

private boolean readOldVersion(ObjectInput input,
                               long readSerialVersionUID,
                               boolean passThrough,
                               boolean superDone)
                        throws IOException,
                               ClassNotFoundException

Reads the non-transient fields of this class from an external source, which is not the current version.

Parameters:

input -

readSerialVersionUID -

passThrough -

superDone -

Returns:

boolean

Throws:

IOException

ClassNotFoundException

getPendingPositiveEntries

protected Hashtable getPendingPositiveEntries()

Gets the value of the attribute: pendingPositiveEntries.

Supported API: false

Returns:

Hashtable

setPendingPositiveEntries

protected void setPendingPositiveEntries(Hashtable a_PendingPositiveEntries)

Sets the value of the attribute: pendingPositiveEntries.

Supported API: false

Parameters:

a_PendingPositiveEntries -

clone

public Object clone()

Creates and returns a copy of this object.

Supported API: false

Returns:

Object

toString

public String toString()

Produces a String representation of the entry set.

Supported API: false

Returns:

String

checkOwnerPermission

protected boolean checkOwnerPermission(AccessPermission permission)
                                throws WTException

Given a permission, computes whether the permission is granted to the owner user (WTPrincipalReference.OWNER). If the permission is granted it returns true, otherwise it returns false.

Supported API: false

Parameters:

permission -

Returns:

boolean

Throws:

WTException

checkPermission

protected boolean checkPermission(WTPrincipal principal,
                                  AccessPermission permission)
                           throws WTException

Given a principal and a permission, computes whether the permission is granted to the principal. If the permission is granted it returns true, otherwise it returns false.

Supported API: false

Parameters:

principal -

permission -

Returns:

boolean

Throws:

WTException

duplicate

protected AclEntrySet duplicate()
                         throws WTException

Create a deep copy of this AclEntrySet.

Supported API: false

Returns:

AclEntrySet

Throws:

WTException

getEntries

protected EnumeratorVector getEntries()
                               throws WTException

Returns entries representing the cached entry set

Supported API: false

Returns:

EnumeratorVector

Throws:

WTException

getNegativeMask

protected long getNegativeMask(String classname,
                               Long id)

Returns the negative permission mask corresponding to the specified principal reference. Set must already be inflated.

Supported API: false

Parameters:

classname -

id -

Returns:

long

getOwnerPermissionMask

protected long getOwnerPermissionMask()
                               throws WTException

Gets the permission mask for the owner user (WTPrincipalReference.OWNER).

Supported API: false

Returns:

long

Throws:

WTException

getPendingEntries

protected EnumeratorVector getPendingEntries()
                                      throws WTException

Returns entries representing the pending entries.

Supported API: false

Returns:

EnumeratorVector

Throws:

WTException

getPendingMask

protected long getPendingMask(WTPrincipalReference principal_ref,
                              String owner)

Returns the permission mask for the pending entry with the specified principal and owner.

Supported API: false

Parameters:

principal_ref -

owner -

Returns:

long

getPermissionMask

protected long getPermissionMask(WTPrincipal principal)
                          throws WTException

Returns the mask representing the set of permissions associated with the principal. The mask is computed by considering all positive and negative entries explicitly for the principal and those that refer to a group the principal is a member of.

Supported API: false

Parameters:

principal -

Returns:

long

Throws:

WTException

getPositiveMask

protected long getPositiveMask(String classname,
                               Long id)

Returns the positive permission mask corresponding to the specified principal reference. Set must already be inflated.

Supported API: false

Parameters:

classname -

id -

Returns:

long

hasPositiveMask

protected boolean hasPositiveMask(WTPrincipalReference principal_reference)
                           throws WTException

Returns true if positive entries exist explicitly for the specified principal.

Supported API: false

Returns:

boolean

Throws:

WTException

isEmpty

protected boolean isEmpty()

Tells if there is any entry in the set. Returns true if there is none; false otherwise.

Supported API: false

Returns:

boolean

mergeEntry

protected void mergeEntry(WTAclEntry entry,
                          boolean persisted)

Merges an entry into the set. If there is no entry in the set with the same sign and principal reference, the entry is added to the set. If there already is an entry with the same sign and principal reference, the permissions are added to the existing entry.

Supported API: false

Parameters:

entry - entry to merge into the entry set

persisted - true if the entry is for a persisted object

removeEntry

protected void removeEntry(WTAclEntry entry,
                           boolean persisted)

Removes an entry from the set.

Supported API: false

Parameters:

entry - entry to remove from the entry set

persisted - true if the entry is for a persisted object

removeNegativeEntry

protected void removeNegativeEntry(WTPrincipalReference principal_ref)

Removes the entry for the specified principal from the negative entries cache.

Supported API: false

Parameters:

principal_ref - principal reference for the entry

removePendingEntries

protected void removePendingEntries(String owner)

Removes permissions and updates the cached entries for each pending entry with a matching owner key.

Supported API: false

Parameters:

owner -

removePendingEntry

protected void removePendingEntry(WTAclEntry entry)

Removes the pending entry and removes the entry for the principal from the positive entries cache.

Supported API: false

Parameters:

entry - pending entry

removePendingPermissions

protected void removePendingPermissions(String owner,
                                        long removeMask)

For each pending entry with matching owner key, set permissions to current permissionMask & ~removeMask and update cachedEntries.

Supported API: false

Parameters:

owner -

removeMask -

removePositiveEntry

protected void removePositiveEntry(WTPrincipalReference principal_ref)

Removes the entry for the specified principal from the positive entries cache.

Supported API: false

Parameters:

principal_ref - principal reference for the entry

setEntry

protected void setEntry(WTAclEntry entry,
                        boolean persisted)

Sets an entry in the set.

Supported API: false

Parameters:

entry - entry to add to the entry set

persisted - true if the entry is for a persisted object

setNegativeEntry

protected void setNegativeEntry(WTPrincipalReference principal_ref,
                                long permission_mask)

Sets the permission mask for the specified principal in the negative entries cache.

Supported API: false

Parameters:

principal_ref - principal reference for the entry

permission_mask - permission mask for the entry

setPendingEntry

protected void setPendingEntry(WTAclEntry entry)

Sets a pending entry and sets the permission mask for the principal in the positive entries cache.

Supported API: false

Parameters:

entry - pending entry

setPositiveEntry

protected void setPositiveEntry(WTPrincipalReference principal_ref,
                                long permission_mask)

Sets the permission mask for the specified principal in the positive entries cache.

Supported API: false

Parameters:

principal_ref - principal reference for the entry

permission_mask - permission mask for the entry

updateAdHocEntrySet

protected void updateAdHocEntrySet()

Rebuilds postitiveEntries from pendingPositiveEntries for a non-persistent AdHocControlled object.

Supported API: false

validate

protected void validate()

Validates that the entry set of a non-persistent AdHocControlled object has been properly initialized. This is to ensure that when an object is duplicated, the entry set on the original object is not used to determine permissions for the new object.

Supported API: false

deflate

private void deflate()
              throws IOException

Throws:

IOException

getPrincipalReference

private WTPrincipalReference getPrincipalReference(String class_name,
                                                   Long id)
                                            throws WTException

Throws:

WTException

inflate

protected void inflate()

oldInflate

protected void oldInflate(byte[] stream)

mapEntries

private void mapEntries(HashMap cache,
                        EnumeratorVector entries,
                        boolean negative)
                 throws WTException

Throws:

WTException

showEntries

private void showEntries(HashMap entries,
                         StringBuffer buf,
                         boolean negative)

inflateOldVersion

private void inflateOldVersion()

parseValue

private void parseValue(String value)

parseOldEntry

private void parseOldEntry(String entry_str)

getRolePermissions

protected Hashtable getRolePermissions()

acquireReadLock

private boolean acquireReadLock()

releaseReadLock

private void releaseReadLock()

acquireWriteLock

private boolean acquireWriteLock()

releaseWriteLock

private void releaseWriteLock()

invalidateCache

private void invalidateCache()