001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017 package org.apache.activemq.security;
018
019 import java.util.HashSet;
020 import java.util.Iterator;
021 import java.util.List;
022 import java.util.Set;
023
024 import org.apache.activemq.command.ActiveMQDestination;
025 import org.apache.activemq.filter.DestinationMap;
026
027 /**
028 * Represents a destination based configuration of policies so that individual
029 * destinations or wildcard hierarchies of destinations can be configured using
030 * different policies. Each entry in the map represents the authorization ACLs
031 * for each operation.
032 *
033 * @org.apache.xbean.XBean element="authorizationMap"
034 *
035 */
036 public class DefaultAuthorizationMap extends DestinationMap implements AuthorizationMap {
037
038 private AuthorizationEntry defaultEntry;
039
040 private TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry;
041
042 public DefaultAuthorizationMap() {
043 }
044
045 public DefaultAuthorizationMap(List authorizationEntries) {
046 setAuthorizationEntries(authorizationEntries);
047
048 }
049
050 public void setTempDestinationAuthorizationEntry(TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry) {
051 this.tempDestinationAuthorizationEntry = tempDestinationAuthorizationEntry;
052 }
053
054 public TempDestinationAuthorizationEntry getTempDestinationAuthorizationEntry() {
055 return this.tempDestinationAuthorizationEntry;
056 }
057
058 public Set<Object> getTempDestinationAdminACLs() {
059 if (tempDestinationAuthorizationEntry != null) {
060 return tempDestinationAuthorizationEntry.getAdminACLs();
061 } else {
062 return null;
063 }
064 }
065
066 public Set<Object> getTempDestinationReadACLs() {
067 if (tempDestinationAuthorizationEntry != null) {
068 return tempDestinationAuthorizationEntry.getReadACLs();
069 } else {
070 return null;
071 }
072 }
073
074 public Set<Object> getTempDestinationWriteACLs() {
075 if (tempDestinationAuthorizationEntry != null) {
076 return tempDestinationAuthorizationEntry.getWriteACLs();
077 } else {
078 return null;
079 }
080 }
081
082 public Set<Object> getAdminACLs(ActiveMQDestination destination) {
083 Set<AuthorizationEntry> entries = getAllEntries(destination);
084 Set<Object> answer = new HashSet<Object>();
085 // now lets go through each entry adding individual
086 for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) {
087 AuthorizationEntry entry = iter.next();
088 answer.addAll(entry.getAdminACLs());
089 }
090 return answer;
091 }
092
093 public Set<Object> getReadACLs(ActiveMQDestination destination) {
094 Set<AuthorizationEntry> entries = getAllEntries(destination);
095 Set<Object> answer = new HashSet<Object>();
096
097 // now lets go through each entry adding individual
098 for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) {
099 AuthorizationEntry entry = iter.next();
100 answer.addAll(entry.getReadACLs());
101 }
102 return answer;
103 }
104
105 public Set<Object> getWriteACLs(ActiveMQDestination destination) {
106 Set<AuthorizationEntry> entries = getAllEntries(destination);
107 Set<Object> answer = new HashSet<Object>();
108
109 // now lets go through each entry adding individual
110 for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) {
111 AuthorizationEntry entry = iter.next();
112 answer.addAll(entry.getWriteACLs());
113 }
114 return answer;
115 }
116
117 public AuthorizationEntry getEntryFor(ActiveMQDestination destination) {
118 AuthorizationEntry answer = (AuthorizationEntry)chooseValue(destination);
119 if (answer == null) {
120 answer = getDefaultEntry();
121 }
122 return answer;
123 }
124
125 /**
126 * Sets the individual entries on the authorization map
127 *
128 * @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthorizationEntry"
129 */
130 public void setAuthorizationEntries(List entries) {
131 super.setEntries(entries);
132 }
133
134 public AuthorizationEntry getDefaultEntry() {
135 return defaultEntry;
136 }
137
138 public void setDefaultEntry(AuthorizationEntry defaultEntry) {
139 this.defaultEntry = defaultEntry;
140 }
141
142 protected Class<AuthorizationEntry> getEntryClass() {
143 return AuthorizationEntry.class;
144 }
145
146 protected Set<AuthorizationEntry> getAllEntries(ActiveMQDestination destination) {
147 Set<AuthorizationEntry> entries = get(destination);
148 if (defaultEntry != null) {
149 entries.add(defaultEntry);
150 }
151 return entries;
152 }
153
154 }