/** * Reduces an access control list by an access control entry * * @param acl * the access control list to reduce * @param role * the role of the access control entry to remove * @param action * the action of the access control entry to remove * @return the reduced access control list or the same if already contained */ public static AccessControlList reduceAcl(AccessControlList acl, String role, String action) { AccessControlList newAcl = new AccessControlList(); for (AccessControlEntry ace : acl.getEntries()) { if (!ace.getAction().equalsIgnoreCase(action) || !ace.getRole().equalsIgnoreCase(role)) { newAcl.getEntries().add(ace); } } return newAcl; }
/** * Define equality on AccessControlLists. Two AccessControlLists are considered equal if they contain the exact same * entries no matter in which order. * <p> * This has not been implemented in terms of #equals and #hashCode because the list of entries is not immutable and * therefore not suitable to be put in a set. */ public static boolean equals(AccessControlList a, AccessControlList b) { return bothNotNull(a, b) && eqListUnsorted(a.getEntries(), b.getEntries()); }
/** * Constructor function for ACLs. * * @see #entry(String, String, boolean) * @see #entries(String, org.opencastproject.util.data.Tuple[]) */ public static AccessControlList acl(Either<AccessControlEntry, List<AccessControlEntry>>... entries) { // sequence entries final List<AccessControlEntry> seq = mlist(entries) .foldl(new ArrayList<AccessControlEntry>(), new Function2<List<AccessControlEntry>, Either<AccessControlEntry, List<AccessControlEntry>>, List<AccessControlEntry>>() { @Override public List<AccessControlEntry> apply(List<AccessControlEntry> sum, Either<AccessControlEntry, List<AccessControlEntry>> current) { if (current.isLeft()) sum.add(current.left().value()); else sum.addAll(current.right().value()); return sum; } }); return new AccessControlList(seq); }
ArrayList<AccessControlEntry> newEntries = new ArrayList<>(acl.getEntries());
Object jsonAceObj = jsonAcl.get(ACE); AccessControlList acl = new AccessControlList(); if (jsonAceObj == null) return acl; acl.getEntries().add(getAce(jsonAce)); } else { JSONArray jsonAceArray = (JSONArray) jsonAceObj; for (Object element : jsonAceArray) { JSONObject jsonAce = (JSONObject) element; acl.getEntries().add(getAce(jsonAce));
rules.put(key, entry); for (AccessControlEntry entry : acl.getEntries()) { key = new SimpleEntry<>(entry.getRole(), entry.getAction()); rules.put(key, entry);
AccessControlList newAcl = new AccessControlList(); boolean foundAce = false; for (AccessControlEntry ace : acl.getEntries()) { if (ace.getAction().equalsIgnoreCase(action) && ace.getRole().equalsIgnoreCase(role)) { if (ace.isAllow() == allow) { newAcl.getEntries().add(new AccessControlEntry(role, action, allow)); newAcl.getEntries().add(ace); newAcl.getEntries().add(new AccessControlEntry(role, action, allow));
JSONObject json = new JSONObject(); JSONObject jsonAcl = new JSONObject(); List<AccessControlEntry> entries = acl.getEntries(); int numEntries = entries.size(); switch (numEntries) {
for (AccessControlEntry entry : acl.getEntries()) { if (!action.toString().equals(entry.getAction())) continue;
/** Calculate an MD5 checksum for an {@link AccessControlList}. */ public static Checksum calculateChecksum(AccessControlList acl) { // Use 0 as a word separator. This is safe since none of the UTF-8 code points // except \u0000 contains a null byte when converting to a byte array. final byte[] sep = new byte[] { 0 }; final MessageDigest md = $(acl.getEntries()).sort(sortAcl).bind(new Fn<AccessControlEntry, Stream<String>>() { @Override public Stream<String> apply(AccessControlEntry entry) { return $(entry.getRole(), entry.getAction(), Boolean.toString(entry.isAllow())); } }).foldl(mkMd5MessageDigest(), new Fn2<MessageDigest, String, MessageDigest>() { @Override public MessageDigest apply(MessageDigest digest, String s) { digest.update(s.getBytes(StandardCharsets.UTF_8)); // add separator byte (see definition above) digest.update(sep); return digest; } }); try { return Checksum.create("md5", Checksum.convertToHex(md.digest())); } catch (NoSuchAlgorithmException e) { return chuck(e); } }