Source code

001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2008 Sun Microsystems, Inc.
015 * Portions Copyright 2014-2015 ForgeRock AS.
016 */
017package org.opends.server.authorization.dseecompat;
018import org.forgerock.i18n.LocalizableMessage;
019
020import static org.opends.messages.AccessControlMessages.*;
021import org.opends.server.types.DirectoryException;
022import org.opends.server.types.Entry;
023import org.opends.server.types.SearchFilter;
024
025/**
026 * This class represents a targetfilter keyword of an aci.
027 */
028public class TargetFilter {
029
030    /** Enumeration representing the targetfilter operation. */
031    private EnumTargetOperator op = EnumTargetOperator.EQUALITY;
032
033    /** Filter parsed from the ACI used to match the resource entry. */
034    private SearchFilter filter;
035
036    /**
037     * Class representing a targetfilter keyword.
038     * @param op The operation of the targetfilter expression (=, !=)
039     * @param filter The filter itself.
040     */
041    private TargetFilter(EnumTargetOperator op, SearchFilter filter) {
042        this.op=op;
043        this.filter=filter;
044    }
045
046    /**
047     * Decode a aci's targetfilter string.
048     * @param op The operation enumeration of the expression.
049     * @param expr A string representing the target filter.
050     * @return A TargetFilter class suitable for using in a match.
051     * @throws AciException If the expression string is invalid.
052     */
053    public static TargetFilter decode(EnumTargetOperator op, String expr)
054    throws AciException {
055        SearchFilter filter;
056        try {
057            filter = SearchFilter.createFilterFromString(expr);
058        } catch (DirectoryException ex) {
059            LocalizableMessage message =
060                WARN_ACI_SYNTAX_INVALID_TARGETFILTERKEYWORD_EXPRESSION.
061                  get(expr);
062            throw new AciException(message);
063        }
064        return new TargetFilter(op, filter);
065    }
066
067    /**
068     * Checks if a targetfilter matches an evaluation context.
069     * @param matchCtx The evaluation context to use in the matching.
070     * @return True if the target filter matched the context.
071     */
072    public boolean isApplicable(AciTargetMatchContext matchCtx) {
073        boolean ret;
074        ret=matchesFilter(matchCtx.getResourceEntry());
075        if(op.equals(EnumTargetOperator.NOT_EQUALITY))
076        {
077          ret = !ret;
078        }
079        return ret;
080    }
081
082    /**
083     * Checks the filter against an entry taken from the match context.
084     * @param e The entry from the evaluation context above.
085     * @return True if the filter matches the entry.
086     */
087    private boolean matchesFilter(Entry e) {
088        boolean ret;
089        try {
090            ret=filter.matchesEntry(e);
091        } catch (DirectoryException ex) {
092            //TODO information message?
093            return false;
094        }
095        return ret;
096    }
097}