did some javadocs for the new security classes, now that they're pretty much

in their final form
This commit is contained in:
Eric J. Bowersox 2001-11-19 06:02:23 +00:00
parent de971c9c7b
commit 54807085b2
5 changed files with 514 additions and 22 deletions

View File

@ -22,6 +22,14 @@ import java.util.*;
import org.apache.log4j.*; import org.apache.log4j.*;
import com.silverwrist.venice.except.AccessError; import com.silverwrist.venice.except.AccessError;
/**
* The security monitor "below the root" of the security monitor tree, which defines the three roles
* which are "outside the standard scopes." Calls delegated to this instance of <CODE>SEcurityMonitor</CODE>
* generally fail or return <CODE>null</CODE>, except when returning the three defined roles.
*
* @author Eric J. Bowersox &lt;erbo@silcom.com&gt;
* @version X
*/
public class PrimordialSecurityMonitor implements SecurityMonitor public class PrimordialSecurityMonitor implements SecurityMonitor
{ {
/*-------------------------------------------------------------------------------- /*--------------------------------------------------------------------------------
@ -33,14 +41,32 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
private static Category logger = Category.getInstance(PrimordialSecurityMonitor.class); private static Category logger = Category.getInstance(PrimordialSecurityMonitor.class);
public static final String SYM_NOT_IN_LIST = "NotInList"; // default human readable names
public static final String SYM_NO_ACCESS = "NoAccess";
public static final String SYM_UNRESTRICTED = "UnrestrictedUser";
private static final String NAME_NOT_IN_LIST = "(not in list)"; private static final String NAME_NOT_IN_LIST = "(not in list)";
private static final String NAME_NO_ACCESS = "No Access"; private static final String NAME_NO_ACCESS = "No Access";
private static final String NAME_UNRESTRICTED = "'Unrestricted' User"; private static final String NAME_UNRESTRICTED = "'Unrestricted' User";
/**
* The programmatic name of the "not in list" defined role.
*
* @see ScopeInfo#L_NOT_THERE
*/
public static final String SYM_NOT_IN_LIST = "NotInList";
/**
* The programmatic name of the "no access" defined role.
*
* @see ScopeInfo#L_NO_ACCESS
*/
public static final String SYM_NO_ACCESS = "NoAccess";
/**
* The programmatic name of the "unrestricted user" defined role.
*
* @see ScopeInfo#L_UNRESTRICTED
*/
public static final String SYM_UNRESTRICTED = "UnrestrictedUser";
/*-------------------------------------------------------------------------------- /*--------------------------------------------------------------------------------
* Attributes * Attributes
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
@ -55,6 +81,9 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Creates a new instance of this object. Only one is ever created.
*/
private PrimordialSecurityMonitor() private PrimordialSecurityMonitor()
{ {
String name_not_in_list = null, name_no_access = null, name_unrestricted_user = null; String name_not_in_list = null, name_no_access = null, name_unrestricted_user = null;
@ -89,6 +118,21 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Tests a specified permission within this security monitor. If the supplied security level is less
* than the defined security level for this permission, an exception is thrown.
* (<CODE>PrimordialSecurityMonitor</CODE> always throws this exception.)
*
* @param symbol The programmatic symbol of the permission to test.
* @param level The security level to supply for the test.
* @param errormsg The error message to be thrown if the test fails. May be <CODE>null</CODE>, in
* which case the security monitor will throw an appropriate default, if applicable.
* @return <CODE>true</CODE> if the specified permission was defined and satisfied; <CODE>false</CODE>
* if the specified permission was not defined within this security monitor.
* @exception com.silverwrist.venice.except.AccessError If the specified permission was defined but
* not satisfied. (Always thrown by <CODE>PrimordialSecurityMonitor</CDOE>.)
* @see #testPermission(java.lang.String,int)
*/
public boolean testPermission(String symbol, int level, String errormsg) throws AccessError public boolean testPermission(String symbol, int level, String errormsg) throws AccessError
{ {
if (symbol==null) if (symbol==null)
@ -98,6 +142,18 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
} // end testPermission } // end testPermission
/**
* Tests a specified permission within this security monitor. If the supplied security level is greater
* than or equal to the defined security level for this permission, <CODE>true</CODE> is returned.
* (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>false</CODE>.)
*
* @param symbol The programmatic symbol of the permission to test.
* @param level The security level to supply for the test.
* @return <CODE>true</CODE> if the specified permission was defined and satisfied; <CODE>false</CODE>
* if the specified permission was not defined within this security monitor, or was defined but
* not satisfied. (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>false</CODE>.)
* @see #testPermission(java.lang.String,int,java.lang.String)
*/
public boolean testPermission(String symbol, int level) public boolean testPermission(String symbol, int level)
{ {
if (symbol==null) if (symbol==null)
@ -107,6 +163,17 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
} // end testPermission } // end testPermission
/**
* Determines whether this <CODE>SecurityMonitor</CODE> defines the specified permission symbol.
* (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>false</CODE>.)
*
* @param symbol The programmatic symbol of the permission to look up.
* @param no_follow If this is <CODE>true</CODE>, we look only in this <CODE>SecurityMonitor</CODE>
* for the specified permission, and not in any "parent" <CODE>SecurityMonitor</CODE>
* objects.
* @return <CODE>true</CODE> if this is a defined permission symbol, <CODE>false</CODE> if not.
* (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>false</CODE>.)
*/
public boolean permissionDefined(String symbol, boolean no_follow) public boolean permissionDefined(String symbol, boolean no_follow)
{ {
if (symbol==null) if (symbol==null)
@ -115,6 +182,15 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
} // end permissionDefined } // end permissionDefined
/**
* Returns a defined list of roles for this <CODE>SecurityMonitor</CODE>.
* (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>null</CODE>.)
*
* @param symbol The programmatic symbol of the role list to look up.
* @return The associated role list, or <CODE>null</CODE> if the role list name was not defined.
* (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>null</CODE>.)
* @see Role
*/
public List getRoleList(String symbol) public List getRoleList(String symbol)
{ {
if (symbol==null) if (symbol==null)
@ -124,6 +200,13 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
} // end getRoleList } // end getRoleList
/**
* Returns a defined role for this <CODE>SecurityMonitor</CODE>.
*
* @param symbol The programmatic symbol of the role to look up.
* @return The associated role, or <CODE>null</CODE> if the role name was not defined.
* @see Role
*/
public Role getRole(String symbol) public Role getRole(String symbol)
{ {
if (symbol==null) if (symbol==null)
@ -139,6 +222,13 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
} // end getRole } // end getRole
/**
* Returns the defined role that has the given level.
*
* @param level The level value to look up.
* @return The associated role, or <CODE>null</CODE> if no such role could be found.
* @see Role
*/
public Role getRoleForLevel(int level) public Role getRoleForLevel(int level)
{ {
if (level==ScopeInfo.L_NOT_THERE) if (level==ScopeInfo.L_NOT_THERE)
@ -152,6 +242,15 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
} // end getRoleForLevel } // end getRoleForLevel
/**
* Returns a defined default role for this <CODE>SecurityMonitor</CODE>.
* (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>null</CODE>.)
*
* @param symbol The programmatic symbol of the default role to look up.
* @return The associated role, or <CODE>null</CODE> if the default role name was not defined.
* (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>null</CODE>.)
* @see Role
*/
public Role getDefaultRole(String symbol) public Role getDefaultRole(String symbol)
{ {
logger.error("getDefaultRole: symbol \"" + symbol + "\" has no default role"); logger.error("getDefaultRole: symbol \"" + symbol + "\" has no default role");
@ -159,12 +258,27 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
} // end getDefaultRole } // end getDefaultRole
/**
* Returns the <CODE>ScopeInfo</CODE> associated with this <CODE>SecurityMonitor</CODE>.
* (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>null</CODE>.)
*
* @return The <CODE>ScopeInfo</CODE> associated with this <CODE>SecurityMonitor</CODE>.
* (<CODE>PrimordialSecurityMonitor</CODE> always returns <CODE>null</CODE>.)
* @see ScopeInfo
*/
public ScopeInfo getScopeInfo() public ScopeInfo getScopeInfo()
{ {
return null; // this security monitor HAS no scope return null; // this security monitor HAS no scope
} // end getScopeInfo } // end getScopeInfo
/**
* Returns the identifier for this <CODE>SecurityMonitor</CODE>. (<CODE>PrimordialSecurityMonitor</CODE>
* always returns <CODE>null</CODE>.)
*
* @return The identifier for this <CODE>SecurityMonitor</CODE>. (<CODE>PrimordialSecurityMonitor</CODE>
* always returns <CODE>null</CODE>.)
*/
public String getID() public String getID()
{ {
return null; // this security monitor HAS no ID return null; // this security monitor HAS no ID
@ -176,6 +290,11 @@ public class PrimordialSecurityMonitor implements SecurityMonitor
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Returns the singleton instance of the <CODE>PrimordialSecurityMonitor</CODE>.
*
* @return The singleton instance of the <CODE>PrimordialSecurityMonitor</CODE>.
*/
public static synchronized SecurityMonitor get() public static synchronized SecurityMonitor get()
{ {
if (self==null) if (self==null)

View File

@ -19,6 +19,26 @@ package com.silverwrist.venice.security;
import java.util.*; import java.util.*;
/**
* Represents a security role for a user within the Venice architecture.<P>
* Venice uses a system of scoped security roles to govern access to various features. Each role
* has associated with it a <EM>security level</EM>, which is nominally a 16-bit unsigned integer
* (but is represented in Java as an <CODE>int</CODE>). Each access permission also has associated
* with it an access level; if the user's granted level is greater than or equal to the access level,
* access is granted.<P>
* Access levels are arranged in <EM>scopes</EM>; if an object is logically contained within another
* object, then its scope is greater than that of the containing object. The system itself has
* scope 0; communities use scope 3 by default; objects such as conferences (within communities) are
* at scope 6. The scope system is described further in {@link ScopeInfo}.<P>
* Each role also has associated with it a human-readable name and a programmatic symbol. The symbol
* will usually be of the form "<EM>subsystem.name</EM>," such as "Global.Normal," "Community.Host,"
* or "Conference.Member."<P>
* Roles are created as part of a {@link SecurityMonitor}, such as {@link StaticSecurityMonitor}, and
* are managed by it.
*
* @author Eric J. Bowersox &lt;erbo@silcom.com&gt;
* @version X
*/
public final class Role implements Comparable, Cloneable public final class Role implements Comparable, Cloneable
{ {
/*-------------------------------------------------------------------------------- /*--------------------------------------------------------------------------------
@ -35,14 +55,14 @@ public final class Role implements Comparable, Cloneable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
protected Role(int level, String name) /**
{ * Creates a new instance of a <CODE>Role</CODE> object.
this.level = level; *
this.name = name; * @param level The level to encode in this role.
this.symbol = null; * @param name The human-readable name of the role.
* @param symbol The programmatic symbol of the role.
} // end constructor * @see #create(int,java.lang.String,java.lang.String)
*/
protected Role(int level, String name, String symbol) protected Role(int level, String name, String symbol)
{ {
this.level = level; this.level = level;
@ -56,6 +76,13 @@ public final class Role implements Comparable, Cloneable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Tests this object for equality with another object. Two <CODE>Role</CODE> objects are equivalent
* iff the levels that they enclose are equal.
*
* @param obj The other object to compare to this one.
* @return <CODE>true</CODE> if the two objects are equal.
*/
public boolean equals(Object obj) public boolean equals(Object obj)
{ {
if (obj==null) if (obj==null)
@ -73,18 +100,28 @@ public final class Role implements Comparable, Cloneable
} // end equals } // end equals
/**
* Returns a hash code that can be used as an index for this object in a hash table. In keeping
* with the definition of <CODE>equals</CODE>, a <CODE>Role</CODE>'s hash code is its level.
*
* @return The hash code for this object.
* @see #equals(java.lang.Object)
*/
public int hashCode() public int hashCode()
{ {
return level; return level;
} // end hashCode } // end hashCode
/**
* Returns a "debugging" string equivalent for this role.
*
* @return The string equivalent for this role.
*/
public String toString() public String toString()
{ {
StringBuffer buf = new StringBuffer(name); StringBuffer buf = new StringBuffer(name);
buf.append('[').append(level).append(']'); buf.append('[').append(level).append("]{").append(symbol).append('}');
if (symbol!=null)
buf.append('{').append(symbol).append('}');
return buf.toString(); return buf.toString();
} // end toString } // end toString
@ -94,6 +131,16 @@ public final class Role implements Comparable, Cloneable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Compares one <CODE>Role</CODE> object to another. A <CODE>Role</CODE> is logically less
* than another one if its enclosed level is less than the other one's enclosed level.
*
* @param obj The other role object to compare to.
* @return A value less than 0 if this <CODE>Role</CODE> is logically "less than" the specified one; a
* value greater than 0 if this <CODE>Role</CODE> is logically "greater than" the other one; 0 if
* the two are equal.
* @exception java.lang.ClassCastException If <CODE>obj</CODE> is not a <CODE>Role</CODE> object.
*/
public int compareTo(Object obj) public int compareTo(Object obj)
{ {
if (obj==null) if (obj==null)
@ -110,24 +157,47 @@ public final class Role implements Comparable, Cloneable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Returns the security level associated with this <CODE>Role</CODE>.
*
* @return The security level associated with this <CODE>Role</CODE>.
*/
public final int getLevel() public final int getLevel()
{ {
return level; return level;
} // end getLevel } // end getLevel
/**
* Returns the human-readable name associated with this <CODE>Role</CODE>.
*
* @return The human-readable name associated with this <CODE>Role</CODE>.
*/
public final String getName() public final String getName()
{ {
return name; return name;
} // end getName } // end getName
/**
* Returns the programmatic symbol associated with this <CODE>Role</CODE>.
*
* @return The programmatic symbol associated with this <CODE>Role</CODE>.
*/
public final String getSymbol() public final String getSymbol()
{ {
return symbol; return symbol;
} // end getSymbol } // end getSymbol
/**
* Returns <CODE>true</CODE> if the capability associated with this <CODE>Role</CODE> would
* be satisfied by the specified security level, i.e. the parameter is greater than or equal to
* the level associated with this role.
*
* @param l The level to test against this <CODE>Role</CODE>.
* @return <CODE>true</CODE> if the role is satisfied by this level.
*/
public final boolean isSatisfiedBy(int l) public final boolean isSatisfiedBy(int l)
{ {
return (l>=level); return (l>=level);
@ -139,6 +209,14 @@ public final class Role implements Comparable, Cloneable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Creates a new <CODE>Role</CODE>.
*
* @param level The level to encode in this role.
* @param name The human-readable name of the role.
* @param symbol The programmatic symbol of the role.
* @return The new associated <CODE>Role</CODE> object.
*/
static final Role create(int level, String name, String symbol) static final Role create(int level, String name, String symbol)
{ {
return new Role(level,name,symbol); return new Role(level,name,symbol);

View File

@ -17,6 +17,25 @@
*/ */
package com.silverwrist.venice.security; package com.silverwrist.venice.security;
/**
* The information that represents a single security "scope" within Venice. A security "scope"
* defines two subranges of the 16-bit range for security levels, the "lowband" range and the "highband"
* range. Scopes are numbered from 0 to 15; for any pair of scopes, <EM>x</EM> and <EM>y</EM>, if
* <EM>x&lt;y</EM>, that means that all values in the lowband of scope <EM>x</EM> are less than all
* values in the lowband of scope <EM>y</EM>, and all values in the highband of scope <EM>x</EM> are
* greater than all values in the highband of scope <EM>y</EM>. In general, security scopes with
* higher indexes are used for more specific objects. The system itself, for instance, uses scope 0;
* communities use scope 3; conferences and other objects inside communities use scope 6.<P>
* Three levels are defined that are outside the scope system: the "not in list" value, which is defined
* as the (integer) value -1; the "no access" value, which is greater than any value in the lowband or
* highband of any scope; and the "unrestricted user" value, which is greater than any value in the lowband
* of any scope, but less than any value in the highband of any scope. (Administrator levels are generally
* defined within the highband of their scope, allowing administrators to exert control over any enclosed
* objects as well.)
*
* @author Eric J. Bowersox &lt;erbo@silcom.com&gt;
* @version X
*/
public final class ScopeInfo implements Cloneable, Comparable public final class ScopeInfo implements Cloneable, Comparable
{ {
/*-------------------------------------------------------------------------------- /*--------------------------------------------------------------------------------
@ -37,11 +56,25 @@ public final class ScopeInfo implements Cloneable, Comparable
{ 64999, 62999, 60999, 58999, 56999, 54999, 52999, 50999, 48999, 46999, 44999, 42999, 40999, 38999, { 64999, 62999, 60999, 58999, 56999, 54999, 52999, 50999, 48999, 46999, 44999, 42999, 40999, 38999,
36999, 34999 }; 36999, 34999 };
public static final int L_NOT_THERE = -1; // global "not there" constant /**
public static final int L_UNRESTRICTED = 32500; // global "unrestricted user" constant * The defined "not there" value.
public static final int L_NO_ACCESS = 65500; // global "no access" constant */
public static final int L_NOT_THERE = -1;
public static final int BAND_WIDTH = 1999; // offset between "high and low" values within a band /**
* The defined "unrestricted user" value.
*/
public static final int L_UNRESTRICTED = 32500;
/**
* The defined "no access" value.
*/
public static final int L_NO_ACCESS = 65500;
/**
* A value which represents the difference between the low end and high end of a single band.
*/
public static final int BAND_WIDTH = 1999;
/*-------------------------------------------------------------------------------- /*--------------------------------------------------------------------------------
* Attributes * Attributes
@ -55,6 +88,13 @@ public final class ScopeInfo implements Cloneable, Comparable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Creates a new <CODE>ScopeInfo</CODE> object.
*
* @param scope The scope value.
* @exception java.lang.IndexOutOfBoundsException The given scope value is out of range. It must be
* between 0 and 15.
*/
public ScopeInfo(int scope) public ScopeInfo(int scope)
{ {
if ((scope<0) || (scope>=LB_LOW.length)) if ((scope<0) || (scope>=LB_LOW.length))
@ -68,6 +108,13 @@ public final class ScopeInfo implements Cloneable, Comparable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Tests this object for equality with another object. Two <CODE>ScopeInfo</CODE> objects are equivalent
* iff the scopes that they enclose are equal.
*
* @param obj The other object to compare to this one.
* @return <CODE>true</CODE> if the two objects are equal.
*/
public boolean equals(Object o) public boolean equals(Object o)
{ {
if ((o==null) || !(o instanceof ScopeInfo)) if ((o==null) || !(o instanceof ScopeInfo))
@ -77,12 +124,24 @@ public final class ScopeInfo implements Cloneable, Comparable
} // end equals } // end equals
/**
* Returns a hash code that can be used as an index for this object in a hash table. In keeping
* with the definition of <CODE>equals</CODE>, a <CODE>ScopeInfo</CODE>'s hash code is its scope.
*
* @return The hash code for this object.
* @see #equals(java.lang.Object)
*/
public int hashCode() public int hashCode()
{ {
return scope; return scope;
} // end hashCode } // end hashCode
/**
* Returns a "debugging" string equivalent for this <CODE>ScopeInfo</CODE>.
*
* @return The string equivalent for this <CODE>ScopeInfo</CODE>.
*/
public String toString() public String toString()
{ {
StringBuffer buf = new StringBuffer("{ScopeInfo("); StringBuffer buf = new StringBuffer("{ScopeInfo(");
@ -97,6 +156,16 @@ public final class ScopeInfo implements Cloneable, Comparable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Compares one <CODE>ScopeInfo</CODE> object to another. A <CODE>ScopeInfo</CODE> is logically less
* than another one if its scope is less than the other one's scope.
*
* @param obj The other <CODE>ScopeInfo</CODE> object to compare to.
* @return A value less than 0 if this <CODE>ScopeInfo</CODE> is logically "less than" the specified one; a
* value greater than 0 if this <CODE>ScopeInfo</CODE> is logically "greater than" the other one;
* 0 if the two are equal.
* @exception java.lang.ClassCastException If <CODE>obj</CODE> is not a <CODE>ScopeInfo</CODE> object.
*/
public int compareTo(Object o) public int compareTo(Object o)
{ {
if (o==null) if (o==null)
@ -111,39 +180,75 @@ public final class ScopeInfo implements Cloneable, Comparable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Returns the scope associated with this <CODE>ScopeInfo</CODE> object.
*
* @return The scope associated with this <CODE>ScopeInfo</CODE> object.
*/
public final int getScope() public final int getScope()
{ {
return scope; return scope;
} // end getScope } // end getScope
/**
* Returns the lower limit of the lowband of this scope.
*
* @return The lower limit of the lowband of this scope.
*/
public final int getLowBandLow() public final int getLowBandLow()
{ {
return LB_LOW[scope]; return LB_LOW[scope];
} // end getLowBandLow } // end getLowBandLow
/**
* Returns the upper limit of the lowband of this scope.
*
* @return The upper limit of the lowband of this scope.
*/
public final int getLowBandHigh() public final int getLowBandHigh()
{ {
return LB_HIGH[scope]; return LB_HIGH[scope];
} // end getLowBandHigh } // end getLowBandHigh
/**
* Returns the lower limit of the highband of this scope.
*
* @return The lower limit of the highband of this scope.
*/
public final int getHighBandLow() public final int getHighBandLow()
{ {
return HB_LOW[scope]; return HB_LOW[scope];
} // end getHighBandLow } // end getHighBandLow
/**
* Returns the upper limit of the highband of this scope.
*
* @return The upper limit of the highband of this scope.
*/
public final int getHighBandHigh() public final int getHighBandHigh()
{ {
return HB_HIGH[scope]; return HB_HIGH[scope];
} // end getHighBandHigh } // end getHighBandHigh
/**
* Computes a new level within the scope.
*
* @param highband <CODE>true</CODE> to return a value within the highband of this scope, <CODE>false</CODE>
* to return a value within a lowband of this scope.
* @param offset Offset from the lower limit of the band. If this value is negative, it is viewed as
* an offset from the upper limit of the band.
* @return The computed level.
* @exception java.lang.IllegalArgumentException If the computed level would be outside this scope.
*/
public final int getLevel(boolean highband, int offset) public final int getLevel(boolean highband, int offset)
{ {
int rc; int rc; // return from this method
if (highband) if (highband)
{ // it's in the highband { // it's in the highband
if (offset<0) if (offset<0)
@ -185,6 +290,13 @@ public final class ScopeInfo implements Cloneable, Comparable
} // end getLevel } // end getLevel
/**
* Returns <CODE>true</CODE> if the specified level represents a value within this scope,
* <CODE>false</CODE> if not.
*
* @param value The level value to be tested.
* @return <CODE>true</CODE> if the specified level represents a value within this scope.
*/
public final boolean isInScope(int value) public final boolean isInScope(int value)
{ {
if ((value>=LB_LOW[scope]) && (value<=LB_HIGH[scope])) if ((value>=LB_LOW[scope]) && (value<=LB_HIGH[scope]))
@ -200,12 +312,25 @@ public final class ScopeInfo implements Cloneable, Comparable
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Returns <CODE>true</CODE> if the specified index represents a valid scope, <CODE>false</CODE> if not.
*
* @param s The scope index to be tested.
* @return <CODE>true</CODE> if the specified index represents a valid scope.
*/
public static final boolean isValidScope(int s) public static final boolean isValidScope(int s)
{ {
return ((s>=0) && (s<LB_LOW.length)); return ((s>=0) && (s<LB_LOW.length));
} // end isValidScope } // end isValidScope
/**
* Given a level value, returns the index of the scope that would contain it.
*
* @param value The level value to be tested.
* @return The index of the scope that contains this level. If this value lies outside any scope,
* returns -1.
*/
public static final int getScopeOf(int value) public static final int getScopeOf(int value)
{ {
if ((value<LB_LOW[0]) || (value>HB_HIGH[0])) if ((value<LB_LOW[0]) || (value>HB_HIGH[0]))

View File

@ -20,24 +20,105 @@ package com.silverwrist.venice.security;
import java.util.List; import java.util.List;
import com.silverwrist.venice.except.AccessError; import com.silverwrist.venice.except.AccessError;
/**
* Defines a service interface for a <EM>security monitor</EM>. A security monitor is specific to a
* particular type of object within Venice, and defines the security scope used to deal with that
* object, the roles used, lists of roles, default role values, and permissions that may be tested.
*
* @author Eric J. Bowersox &lt;erbo@silcom.com&gt;
* @version X
*/
public interface SecurityMonitor public interface SecurityMonitor
{ {
/**
* Tests a specified permission within this security monitor. If the supplied security level is less
* than the defined security level for this permission, an exception is thrown.
*
* @param symbol The programmatic symbol of the permission to test.
* @param level The security level to supply for the test.
* @param errormsg The error message to be thrown if the test fails. May be <CODE>null</CODE>, in
* which case the security monitor will throw an appropriate default, if applicable.
* @return <CODE>true</CODE> if the specified permission was defined and satisfied; <CODE>false</CODE>
* if the specified permission was not defined within this security monitor.
* @exception com.silverwrist.venice.except.AccessError If the specified permission was defined but
* not satisfied.
* @see #testPermission(java.lang.String,int)
*/
public abstract boolean testPermission(String symbol, int level, String errormsg) throws AccessError; public abstract boolean testPermission(String symbol, int level, String errormsg) throws AccessError;
/**
* Tests a specified permission within this security monitor. If the supplied security level is greater
* than or equal to the defined security level for this permission, <CODE>true</CODE> is returned.
*
* @param symbol The programmatic symbol of the permission to test.
* @param level The security level to supply for the test.
* @return <CODE>true</CODE> if the specified permission was defined and satisfied; <CODE>false</CODE>
* if the specified permission was not defined within this security monitor, or was defined but
* not satisfied.
* @see #testPermission(java.lang.String,int,java.lang.String)
*/
public abstract boolean testPermission(String symbol, int level); public abstract boolean testPermission(String symbol, int level);
/**
* Determines whether this <CODE>SecurityMonitor</CODE> defines the specified permission symbol.
*
* @param symbol The programmatic symbol of the permission to look up.
* @param no_follow If this is <CODE>true</CODE>, we look only in this <CODE>SecurityMonitor</CODE>
* for the specified permission, and not in any "parent" <CODE>SecurityMonitor</CODE>
* objects.
* @return <CODE>true</CODE> if this is a defined permission symbol, <CODE>false</CODE> if not.
*/
public abstract boolean permissionDefined(String symbol, boolean no_follow); public abstract boolean permissionDefined(String symbol, boolean no_follow);
/**
* Returns a defined list of roles for this <CODE>SecurityMonitor</CODE>.
*
* @param symbol The programmatic symbol of the role list to look up.
* @return The associated role list, or <CODE>null</CODE> if the role list name was not defined.
* @see Role
*/
public abstract List getRoleList(String symbol); public abstract List getRoleList(String symbol);
/**
* Returns a defined role for this <CODE>SecurityMonitor</CODE>.
*
* @param symbol The programmatic symbol of the role to look up.
* @return The associated role, or <CODE>null</CODE> if the role name was not defined.
* @see Role
*/
public abstract Role getRole(String symbol); public abstract Role getRole(String symbol);
/**
* Returns the defined role that has the given level.
*
* @param level The level value to look up.
* @return The associated role, or <CODE>null</CODE> if no such role could be found.
* @see Role
*/
public abstract Role getRoleForLevel(int level); public abstract Role getRoleForLevel(int level);
/**
* Returns a defined default role for this <CODE>SecurityMonitor</CODE>.
*
* @param symbol The programmatic symbol of the default role to look up.
* @return The associated role, or <CODE>null</CODE> if the default role name was not defined.
* @see Role
*/
public abstract Role getDefaultRole(String symbol); public abstract Role getDefaultRole(String symbol);
/**
* Returns the <CODE>ScopeInfo</CODE> associated with this <CODE>SecurityMonitor</CODE>.
*
* @return The <CODE>ScopeInfo</CODE> associated with this <CODE>SecurityMonitor</CODE>.
* @see ScopeInfo
*/
public abstract ScopeInfo getScopeInfo(); public abstract ScopeInfo getScopeInfo();
/**
* Returns the identifier for this <CODE>SecurityMonitor</CODE>.
*
* @return The identifier for this <CODE>SecurityMonitor</CODE>.
*/
public abstract String getID(); public abstract String getID();
} // end interface SecurityMonitor } // end interface SecurityMonitor

View File

@ -24,6 +24,14 @@ import com.silverwrist.util.DOMElementHelper;
import com.silverwrist.venice.except.AccessError; import com.silverwrist.venice.except.AccessError;
import com.silverwrist.venice.except.ConfigException; import com.silverwrist.venice.except.ConfigException;
/**
* A <CODE>SecurityMonitor</CODE> which is configured by means of XML data, supplied by means of a Venice
* configuration file. The configuration file defines roles, role lists, defaults, and permissions within
* the security monitor's scope.
*
* @author Eric J. Bowersox &lt;erbo@silcom.com&gt;
* @version X
*/
public class StaticSecurityMonitor implements SecurityMonitor public class StaticSecurityMonitor implements SecurityMonitor
{ {
/*-------------------------------------------------------------------------------- /*--------------------------------------------------------------------------------
@ -33,8 +41,8 @@ public class StaticSecurityMonitor implements SecurityMonitor
final class StaticPermission final class StaticPermission
{ {
private Role role; private Role role; // the role for the test
private String message; private String message; // the failure message
StaticPermission(Role role, String message) StaticPermission(Role role, String message)
{ {
@ -98,6 +106,14 @@ public class StaticSecurityMonitor implements SecurityMonitor
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Creates a new <CODE>StaticSecurityMonitor</CODE> from information stored as XML in a configuration file.
*
* @param cfg The root element of the security monitor configuration, which must be a
* <CODE>&lt;security-definition/&gt;</CODE> element.
* @exception com.silverwrist.venice.except.ConfigException The XML configuration data was incorrect in
* some fashion.
*/
public StaticSecurityMonitor(Element cfg) throws ConfigException public StaticSecurityMonitor(Element cfg) throws ConfigException
{ {
boolean set_root_monitor = false; boolean set_root_monitor = false;
@ -605,6 +621,20 @@ public class StaticSecurityMonitor implements SecurityMonitor
*-------------------------------------------------------------------------------- *--------------------------------------------------------------------------------
*/ */
/**
* Tests a specified permission within this security monitor. If the supplied security level is less
* than the defined security level for this permission, an exception is thrown.
*
* @param symbol The programmatic symbol of the permission to test.
* @param level The security level to supply for the test.
* @param errormsg The error message to be thrown if the test fails. May be <CODE>null</CODE>, in
* which case the security monitor will throw an appropriate default, if applicable.
* @return <CODE>true</CODE> if the specified permission was defined and satisfied; <CODE>false</CODE>
* if the specified permission was not defined within this security monitor.
* @exception com.silverwrist.venice.except.AccessError If the specified permission was defined but
* not satisfied.
* @see #testPermission(java.lang.String,int)
*/
public boolean testPermission(String symbol, int level, String errormsg) throws AccessError public boolean testPermission(String symbol, int level, String errormsg) throws AccessError
{ {
if (symbol==null) if (symbol==null)
@ -625,6 +655,17 @@ public class StaticSecurityMonitor implements SecurityMonitor
} // end testPermission } // end testPermission
/**
* Tests a specified permission within this security monitor. If the supplied security level is greater
* than or equal to the defined security level for this permission, <CODE>true</CODE> is returned.
*
* @param symbol The programmatic symbol of the permission to test.
* @param level The security level to supply for the test.
* @return <CODE>true</CODE> if the specified permission was defined and satisfied; <CODE>false</CODE>
* if the specified permission was not defined within this security monitor, or was defined but
* not satisfied.
* @see #testPermission(java.lang.String,int,java.lang.String)
*/
public boolean testPermission(String symbol, int level) public boolean testPermission(String symbol, int level)
{ {
if (symbol==null) if (symbol==null)
@ -644,6 +685,15 @@ public class StaticSecurityMonitor implements SecurityMonitor
} // end testPermission } // end testPermission
/**
* Determines whether this <CODE>SecurityMonitor</CODE> defines the specified permission symbol.
*
* @param symbol The programmatic symbol of the permission to look up.
* @param no_follow If this is <CODE>true</CODE>, we look only in this <CODE>SecurityMonitor</CODE>
* for the specified permission, and not in any "parent" <CODE>SecurityMonitor</CODE>
* objects.
* @return <CODE>true</CODE> if this is a defined permission symbol, <CODE>false</CODE> if not.
*/
public boolean permissionDefined(String symbol, boolean no_follow) public boolean permissionDefined(String symbol, boolean no_follow)
{ {
if (symbol==null) if (symbol==null)
@ -656,6 +706,13 @@ public class StaticSecurityMonitor implements SecurityMonitor
} // end permissionDefined } // end permissionDefined
/**
* Returns a defined list of roles for this <CODE>SecurityMonitor</CODE>.
*
* @param symbol The programmatic symbol of the role list to look up.
* @return The associated role list, or <CODE>null</CODE> if the role list name was not defined.
* @see Role
*/
public List getRoleList(String symbol) public List getRoleList(String symbol)
{ {
if (symbol==null) if (symbol==null)
@ -667,6 +724,13 @@ public class StaticSecurityMonitor implements SecurityMonitor
} // end getRoleList } // end getRoleList
/**
* Returns a defined role for this <CODE>SecurityMonitor</CODE>.
*
* @param symbol The programmatic symbol of the role to look up.
* @return The associated role, or <CODE>null</CODE> if the role name was not defined.
* @see Role
*/
public Role getRole(String symbol) public Role getRole(String symbol)
{ {
if (symbol==null) if (symbol==null)
@ -678,6 +742,13 @@ public class StaticSecurityMonitor implements SecurityMonitor
} // end getRole } // end getRole
/**
* Returns the defined role that has the given level.
*
* @param level The level value to look up.
* @return The associated role, or <CODE>null</CODE> if no such role could be found.
* @see Role
*/
public Role getRoleForLevel(int level) public Role getRoleForLevel(int level)
{ {
Role rc = (Role)(level_to_role.get(new Integer(level))); Role rc = (Role)(level_to_role.get(new Integer(level)));
@ -687,6 +758,13 @@ public class StaticSecurityMonitor implements SecurityMonitor
} // end getRoleForLevel } // end getRoleForLevel
/**
* Returns a defined default role for this <CODE>SecurityMonitor</CODE>.
*
* @param symbol The programmatic symbol of the default role to look up.
* @return The associated role, or <CODE>null</CODE> if the default role name was not defined.
* @see Role
*/
public Role getDefaultRole(String symbol) public Role getDefaultRole(String symbol)
{ {
if (symbol==null) if (symbol==null)
@ -698,12 +776,23 @@ public class StaticSecurityMonitor implements SecurityMonitor
} // end getDefaultRole } // end getDefaultRole
/**
* Returns the <CODE>ScopeInfo</CODE> associated with this <CODE>SecurityMonitor</CODE>.
*
* @return The <CODE>ScopeInfo</CODE> associated with this <CODE>SecurityMonitor</CODE>.
* @see ScopeInfo
*/
public ScopeInfo getScopeInfo() public ScopeInfo getScopeInfo()
{ {
return scope; return scope;
} // end getScopeInfo } // end getScopeInfo
/**
* Returns the identifier for this <CODE>SecurityMonitor</CODE>.
*
* @return The identifier for this <CODE>SecurityMonitor</CODE>.
*/
public String getID() public String getID()
{ {
return id; return id;