001/**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements.  See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License.  You may obtain a copy of the License at
008 *
009 *      http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.apache.activemq.security;
018
019import java.util.HashSet;
020import java.util.Iterator;
021import java.util.List;
022import java.util.Set;
023
024import org.apache.activemq.command.ActiveMQDestination;
025import org.apache.activemq.filter.DestinationMap;
026
027/**
028 * Represents a destination based configuration of policies so that individual
029 * destinations or wildcard hierarchies of destinations can be configured using
030 * different policies. Each entry in the map represents the authorization ACLs
031 * for each operation.
032 * 
033 * @org.apache.xbean.XBean element="authorizationMap"
034 * 
035 */
036public class DefaultAuthorizationMap extends DestinationMap implements AuthorizationMap {
037
038    private AuthorizationEntry defaultEntry;
039
040    private TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry;
041
042    public DefaultAuthorizationMap() {
043    }
044
045    public DefaultAuthorizationMap(List authorizationEntries) {
046        setAuthorizationEntries(authorizationEntries);
047
048    }
049
050    public void setTempDestinationAuthorizationEntry(TempDestinationAuthorizationEntry tempDestinationAuthorizationEntry) {
051        this.tempDestinationAuthorizationEntry = tempDestinationAuthorizationEntry;
052    }
053
054    public TempDestinationAuthorizationEntry getTempDestinationAuthorizationEntry() {
055        return this.tempDestinationAuthorizationEntry;
056    }
057
058    public Set<Object> getTempDestinationAdminACLs() {
059        if (tempDestinationAuthorizationEntry != null) {
060            return tempDestinationAuthorizationEntry.getAdminACLs();
061        } else {
062            return null;
063        }
064    }
065
066    public Set<Object> getTempDestinationReadACLs() {
067        if (tempDestinationAuthorizationEntry != null) {
068            return tempDestinationAuthorizationEntry.getReadACLs();
069        } else {
070            return null;
071        }
072    }
073
074    public Set<Object> getTempDestinationWriteACLs() {
075        if (tempDestinationAuthorizationEntry != null) {
076            return tempDestinationAuthorizationEntry.getWriteACLs();
077        } else {
078            return null;
079        }
080    }
081
082    public Set<Object> getAdminACLs(ActiveMQDestination destination) {
083        Set<AuthorizationEntry> entries = getAllEntries(destination);
084        Set<Object> answer = new HashSet<Object>();
085        // now lets go through each entry adding individual
086        for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) {
087            AuthorizationEntry entry = iter.next();
088            answer.addAll(entry.getAdminACLs());
089        }
090        return answer;
091    }
092
093    public Set<Object> getReadACLs(ActiveMQDestination destination) {
094        Set<AuthorizationEntry> entries = getAllEntries(destination);
095        Set<Object> answer = new HashSet<Object>();
096
097        // now lets go through each entry adding individual
098        for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) {
099            AuthorizationEntry entry = iter.next();
100            answer.addAll(entry.getReadACLs());
101        }
102        return answer;
103    }
104
105    public Set<Object> getWriteACLs(ActiveMQDestination destination) {
106        Set<AuthorizationEntry> entries = getAllEntries(destination);
107        Set<Object> answer = new HashSet<Object>();
108
109        // now lets go through each entry adding individual
110        for (Iterator<AuthorizationEntry> iter = entries.iterator(); iter.hasNext();) {
111            AuthorizationEntry entry = iter.next();
112            answer.addAll(entry.getWriteACLs());
113        }
114        return answer;
115    }
116
117    public AuthorizationEntry getEntryFor(ActiveMQDestination destination) {
118        AuthorizationEntry answer = (AuthorizationEntry)chooseValue(destination);
119        if (answer == null) {
120            answer = getDefaultEntry();
121        }
122        return answer;
123    }
124
125    /**
126     * Sets the individual entries on the authorization map
127     * 
128     * @org.apache.xbean.ElementType class="org.apache.activemq.security.AuthorizationEntry"
129     */
130    public void setAuthorizationEntries(List entries) {
131        super.setEntries(entries);
132    }
133
134    public AuthorizationEntry getDefaultEntry() {
135        return defaultEntry;
136    }
137
138    public void setDefaultEntry(AuthorizationEntry defaultEntry) {
139        this.defaultEntry = defaultEntry;
140    }
141
142    protected Class<AuthorizationEntry> getEntryClass() {
143        return AuthorizationEntry.class;
144    }
145
146    protected Set<AuthorizationEntry> getAllEntries(ActiveMQDestination destination) {
147        Set<AuthorizationEntry> entries = get(destination);
148        if (defaultEntry != null) {
149            entries.add(defaultEntry);
150        }
151        return entries;
152    }
153
154}