001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2008 Sun Microsystems, Inc. 015 * Portions Copyright 2013-2015 ForgeRock AS. 016 */ 017package org.opends.server.authorization.dseecompat; 018 019import org.forgerock.i18n.LocalizableMessage; 020import static org.opends.messages.AccessControlMessages.*; 021 022/** 023 * The class represents the ssf keyword in a bind rule.SSF stands for 024 * security strength factor. 025 */ 026public class SSF implements KeywordBindRule { 027 028 /** Enumeration representing the bind rule operation type. */ 029 private EnumBindRuleType type; 030 031 private static final int MAX_KEY_BITS=1024; 032 private int ssf; 033 034 private SSF(int ssf, EnumBindRuleType type) { 035 this.ssf = ssf; 036 this.type = type; 037 } 038 039 /** 040 * Create SSF instance using the specified expression string and bind rule 041 * type enumeration. 042 * @param expr The expression string. 043 * @param type The bind rule type enumeration. 044 * @return A SSF instance. 045 * @throws AciException If the SSF instance cannot be created. 046 */ 047 static SSF decode(String expr, EnumBindRuleType type) throws AciException { 048 int valueAsInt = 0; 049 try { 050 valueAsInt = Integer.parseInt(expr); 051 } catch (NumberFormatException nfe) { 052 LocalizableMessage message = 053 WARN_ACI_SYNTAX_INVALID_SSF_FORMAT.get(expr, nfe.getMessage()); 054 throw new AciException(message); 055 } 056 if (valueAsInt <= 0 || valueAsInt > MAX_KEY_BITS) { 057 LocalizableMessage message = WARN_ACI_SYNTAX_INVALID_SSF_RANGE.get(expr); 058 throw new AciException(message); 059 } 060 return new SSF(valueAsInt, type); 061 } 062 063 /** 064 * Evaluate the specified evaluation context. 065 * @param evalCtx The evaluation context to evaluate. 066 * 067 * @return An evaluation result enumeration containing the result of the 068 * context evaluation. 069 */ 070 public EnumEvalResult evaluate(AciEvalContext evalCtx) { 071 int currentSSF = evalCtx.getCurrentSSF(); 072 EnumEvalResult matched = getMatched(currentSSF); 073 return matched.getRet(type, false); 074 } 075 076 private EnumEvalResult getMatched(int currentSSF) { 077 switch (type) { 078 case EQUAL_BINDRULE_TYPE: 079 case NOT_EQUAL_BINDRULE_TYPE: 080 if (currentSSF == ssf) { 081 return EnumEvalResult.TRUE; 082 } 083 break; 084 085 case LESS_OR_EQUAL_BINDRULE_TYPE: 086 if (currentSSF <= ssf) { 087 return EnumEvalResult.TRUE; 088 } 089 break; 090 091 case LESS_BINDRULE_TYPE: 092 if (currentSSF < ssf) { 093 return EnumEvalResult.TRUE; 094 } 095 break; 096 097 case GREATER_OR_EQUAL_BINDRULE_TYPE: 098 if (currentSSF >= ssf) { 099 return EnumEvalResult.TRUE; 100 } 101 break; 102 103 case GREATER_BINDRULE_TYPE: 104 if (currentSSF > ssf) { 105 return EnumEvalResult.TRUE; 106 } 107 } 108 return EnumEvalResult.FALSE; 109 } 110 111 /** {@inheritDoc} */ 112 @Override 113 public String toString() 114 { 115 final StringBuilder sb = new StringBuilder(); 116 toString(sb); 117 return sb.toString(); 118 } 119 120 /** {@inheritDoc} */ 121 @Override 122 public final void toString(StringBuilder buffer) 123 { 124 buffer.append(super.toString()); 125 } 126 127}