001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.activemq.security;
018    
019    import java.util.HashSet;
020    import java.util.Iterator;
021    import java.util.List;
022    import java.util.Set;
023    
024    import org.apache.activemq.command.ActiveMQDestination;
025    import org.apache.activemq.filter.DestinationMap;
026    
027    /**
028     * Represents a destination based configuration of policies so that individual
029     * destinations or wildcard hierarchies of destinations can be configured using
030     * different policies. Each entry in the map represents the authorization ACLs
031     * for each operation.
032     * 
033     * @org.apache.xbean.XBean element="authorizationMap"
034     * 
035     */
036    public class DefaultAuthorizationMap extends DestinationMap implements AuthorizationMap {
037    
038        private AuthorizationEntry defaultEntry;
039    
040        private TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry;
041    
042        public DefaultAuthorizationMap() {
043        }
044    
045        public DefaultAuthorizationMap(List authorizationEntries) {
046            setAuthorizationEntries(authorizationEntries);
047    
048        }
049    
050        public void setTempDestinationAuthorizationEntry(TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry) {
051            this.tempDestinationAuthorizationEntry = tempDestinationAuthorizationEntry;
052        }
053    
054        public TempDestinationAuthorizationEntry getTempDestinationAuthorizationEntry() {
055            return this.tempDestinationAuthorizationEntry;
056        }
057    
058        public Set<Object> getTempDestinationAdminACLs() {
059            if (tempDestinationAuthorizationEntry != null) {
060                return tempDestinationAuthorizationEntry.getAdminACLs();
061            } else {
062                return null;
063            }
064        }
065    
066        public Set<Object> getTempDestinationReadACLs() {
067            if (tempDestinationAuthorizationEntry != null) {
068                return tempDestinationAuthorizationEntry.getReadACLs();
069            } else {
070                return null;
071            }
072        }
073    
074        public Set<Object> getTempDestinationWriteACLs() {
075            if (tempDestinationAuthorizationEntry != null) {
076                return tempDestinationAuthorizationEntry.getWriteACLs();
077            } else {
078                return null;
079            }
080        }
081    
082        public Set<Object> getAdminACLs(ActiveMQDestination destination) {
083            Set<AuthorizationEntry> entries = getAllEntries(destination);
084            Set<Object> answer = new HashSet<Object>();
085            // now lets go through each entry adding individual
086            for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) {
087                AuthorizationEntry entry = iter.next();
088                answer.addAll(entry.getAdminACLs());
089            }
090            return answer;
091        }
092    
093        public Set<Object> getReadACLs(ActiveMQDestination destination) {
094            Set<AuthorizationEntry> entries = getAllEntries(destination);
095            Set<Object> answer = new HashSet<Object>();
096    
097            // now lets go through each entry adding individual
098            for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) {
099                AuthorizationEntry entry = iter.next();
100                answer.addAll(entry.getReadACLs());
101            }
102            return answer;
103        }
104    
105        public Set<Object> getWriteACLs(ActiveMQDestination destination) {
106            Set<AuthorizationEntry> entries = getAllEntries(destination);
107            Set<Object> answer = new HashSet<Object>();
108    
109            // now lets go through each entry adding individual
110            for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) {
111                AuthorizationEntry entry = iter.next();
112                answer.addAll(entry.getWriteACLs());
113            }
114            return answer;
115        }
116    
117        public AuthorizationEntry getEntryFor(ActiveMQDestination destination) {
118            AuthorizationEntry answer = (AuthorizationEntry)chooseValue(destination);
119            if (answer == null) {
120                answer = getDefaultEntry();
121            }
122            return answer;
123        }
124    
125        /**
126         * Sets the individual entries on the authorization map
127         * 
128         * @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthorizationEntry"
129         */
130        public void setAuthorizationEntries(List entries) {
131            super.setEntries(entries);
132        }
133    
134        public AuthorizationEntry getDefaultEntry() {
135            return defaultEntry;
136        }
137    
138        public void setDefaultEntry(AuthorizationEntry defaultEntry) {
139            this.defaultEntry = defaultEntry;
140        }
141    
142        protected Class<AuthorizationEntry> getEntryClass() {
143            return AuthorizationEntry.class;
144        }
145    
146        protected Set<AuthorizationEntry> getAllEntries(ActiveMQDestination destination) {
147            Set<AuthorizationEntry> entries = get(destination);
148            if (defaultEntry != null) {
149                entries.add(defaultEntry);
150            }
151            return entries;
152        }
153    
154    }