Coverage Report - org.apache.shiro.authz.permission.WildcardPermission
 
Classes in this File Line Coverage Branch Coverage Complexity
WildcardPermission
88%
54/61
79%
27/34
3.273
 
 1  
 /*
 2  
  * Licensed to the Apache Software Foundation (ASF) under one
 3  
  * or more contributor license agreements.  See the NOTICE file
 4  
  * distributed with this work for additional information
 5  
  * regarding copyright ownership.  The ASF licenses this file
 6  
  * to you under the Apache License, Version 2.0 (the
 7  
  * "License"); you may not use this file except in compliance
 8  
  * with the License.  You may obtain a copy of the License at
 9  
  *
 10  
  *     http://www.apache.org/licenses/LICENSE-2.0
 11  
  *
 12  
  * Unless required by applicable law or agreed to in writing,
 13  
  * software distributed under the License is distributed on an
 14  
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 15  
  * KIND, either express or implied.  See the License for the
 16  
  * specific language governing permissions and limitations
 17  
  * under the License.
 18  
  */
 19  
 package org.apache.shiro.authz.permission;
 20  
 
 21  
 import org.apache.shiro.authz.Permission;
 22  
 import org.apache.shiro.util.CollectionUtils;
 23  
 import org.apache.shiro.util.StringUtils;
 24  
 
 25  
 import java.io.Serializable;
 26  
 import java.util.ArrayList;
 27  
 import java.util.LinkedHashSet;
 28  
 import java.util.List;
 29  
 import java.util.Set;
 30  
 
 31  
 /**
 32  
  * A <code>WildcardPermission</code> is a very flexible permission construct supporting multiple levels of
 33  
  * permission matching. However, most people will probably follow some standard conventions as explained below.
 34  
  * <p/>
 35  
  * <h3>Simple Usage</h3>
 36  
  * <p/>
 37  
  * In the simplest form, <code>WildcardPermission</code> can be used as a simple permission string. You could grant a
 38  
  * user an &quot;editNewsletter&quot; permission and then check to see if the user has the editNewsletter
 39  
  * permission by calling
 40  
  * <p/>
 41  
  * <code>subject.isPermitted(&quot;editNewsletter&quot;)</code>
 42  
  * <p/>
 43  
  * This is (mostly) equivalent to
 44  
  * <p/>
 45  
  * <code>subject.isPermitted( new WildcardPermission(&quot;editNewsletter&quot;) )</code>
 46  
  * <p/>
 47  
  * but more on that later.
 48  
  * <p/>
 49  
  * The simple permission string may work for simple applications, but it requires you to have permissions like
 50  
  * <code>&quot;viewNewsletter&quot;</code>, <code>&quot;deleteNewsletter&quot;</code>,
 51  
  * <code>&quot;createNewsletter&quot;</code>, etc. You can also grant a user <code>&quot;*&quot;</code> permissions
 52  
  * using the wildcard character (giving this class its name), which means they have <em>all</em> permissions. But
 53  
  * using this approach there's no way to just say a user has &quot;all newsletter permissions&quot;.
 54  
  * <p/>
 55  
  * For this reason, <code>WildcardPermission</code> supports multiple <em>levels</em> of permissioning.
 56  
  * <p/>
 57  
  * <h3>Multiple Levels</h3>
 58  
  * <p/>
 59  
  * WildcardPermission</code> also supports the concept of multiple <em>levels</em>.  For example, you could
 60  
  * restructure the previous simple example by granting a user the permission <code>&quot;newsletter:edit&quot;</code>.
 61  
  * The colon in this example is a special character used by the <code>WildcardPermission</code> that delimits the
 62  
  * next token in the permission.
 63  
  * <p/>
 64  
  * In this example, the first token is the <em>domain</em> that is being operated on
 65  
  * and the second token is the <em>action</em> being performed. Each level can contain multiple values.  So you
 66  
  * could simply grant a user the permission <code>&quot;newsletter:view,edit,create&quot;</code> which gives them
 67  
  * access to perform <code>view</code>, <code>edit</code>, and <code>create</code> actions in the <code>newsletter</code>
 68  
  * <em>domain</em>. Then you could check to see if the user has the <code>&quot;newsletter:create&quot;</code>
 69  
  * permission by calling
 70  
  * <p/>
 71  
  * <code>subject.isPermitted(&quot;newsletter:create&quot;)</code>
 72  
  * <p/>
 73  
  * (which would return true).
 74  
  * <p/>
 75  
  * In addition to granting multiple permissions via a single string, you can grant all permission for a particular
 76  
  * level. So if you wanted to grant a user all actions in the <code>newsletter</code> domain, you could simply give
 77  
  * them <code>&quot;newsletter:*&quot;</code>. Now, any permission check for <code>&quot;newsletter:XXX&quot;</code>
 78  
  * will return <code>true</code>. It is also possible to use the wildcard token at the domain level (or both): so you
 79  
  * could grant a user the <code>&quot;view&quot;</code> action across all domains <code>&quot;*:view&quot;</code>.
 80  
  * <p/>
 81  
  * <h3>Instance-level Access Control</h3>
 82  
  * <p/>
 83  
  * Another common usage of the <code>WildcardPermission</code> is to model instance-level Access Control Lists.
 84  
  * In this scenario you use three tokens - the first is the <em>domain</em>, the second is the <em>action</em>, and
 85  
  * the third is the <em>instance</em> you are acting on.
 86  
  * <p/>
 87  
  * So for example you could grant a user <code>&quot;newsletter:edit:12,13,18&quot;</code>.  In this example, assume
 88  
  * that the third token is the system's ID of the newsletter. That would allow the user to edit newsletters
 89  
  * <code>12</code>, <code>13</code>, and <code>18</code>. This is an extremely powerful way to express permissions,
 90  
  * since you can now say things like <code>&quot;newsletter:*:13&quot;</code> (grant a user all actions for newsletter
 91  
  * <code>13</code>), <code>&quot;newsletter:view,create,edit:*&quot;</code> (allow the user to
 92  
  * <code>view</code>, <code>create</code>, or <code>edit</code> <em>any</em> newsletter), or
 93  
  * <code>&quot;newsletter:*:*</code> (allow the user to perform <em>any</em> action on <em>any</em> newsletter).
 94  
  * <p/>
 95  
  * To perform checks against these instance-level permissions, the application should include the instance ID in the
 96  
  * permission check like so:
 97  
  * <p/>
 98  
  * <code>subject.isPermitted( &quot;newsletter:edit:13&quot; )</code>
 99  
  * <p/>
 100  
  * There is no limit to the number of tokens that can be used, so it is up to your imagination in terms of ways that
 101  
  * this could be used in your application.  However, the Shiro team likes to standardize some common usages shown
 102  
  * above to help people get started and provide consistency in the Shiro community.
 103  
  *
 104  
  * @since 0.9
 105  
  */
 106  
 public class WildcardPermission implements Permission, Serializable {
 107  
 
 108  
     //TODO - JavaDoc methods
 109  
 
 110  
     /*--------------------------------------------
 111  
     |             C O N S T A N T S             |
 112  
     ============================================*/
 113  
     protected static final String WILDCARD_TOKEN = "*";
 114  
     protected static final String PART_DIVIDER_TOKEN = ":";
 115  
     protected static final String SUBPART_DIVIDER_TOKEN = ",";
 116  
     protected static final boolean DEFAULT_CASE_SENSITIVE = false;
 117  
 
 118  
     /*--------------------------------------------
 119  
     |    I N S T A N C E   V A R I A B L E S    |
 120  
     ============================================*/
 121  
     private List<Set<String>> parts;
 122  
 
 123  
     /*--------------------------------------------
 124  
     |         C O N S T R U C T O R S           |
 125  
     ============================================*/
 126  
     /**
 127  
      * Default no-arg constructor for subclasses only - end-user developers instantiating Permission instances must
 128  
      * provide a wildcard string at a minimum, since Permission instances are immutable once instantiated.
 129  
      * <p/>
 130  
      * Note that the WildcardPermission class is very robust and typically subclasses are not necessary unless you
 131  
      * wish to create type-safe Permission objects that would be used in your application, such as perhaps a
 132  
      * {@code UserPermission}, {@code SystemPermission}, {@code PrinterPermission}, etc.  If you want such type-safe
 133  
      * permission usage, consider subclassing the {@link DomainPermission DomainPermission} class for your needs.
 134  
      */
 135  5
     protected WildcardPermission() {
 136  5
     }
 137  
 
 138  
     public WildcardPermission(String wildcardString) {
 139  104
         this(wildcardString, DEFAULT_CASE_SENSITIVE);
 140  100
     }
 141  
 
 142  110
     public WildcardPermission(String wildcardString, boolean caseSensitive) {
 143  110
         setParts(wildcardString, caseSensitive);
 144  106
     }
 145  
 
 146  
     protected void setParts(String wildcardString) {
 147  5
         setParts(wildcardString, DEFAULT_CASE_SENSITIVE);
 148  5
     }
 149  
 
 150  
     protected void setParts(String wildcardString, boolean caseSensitive) {
 151  115
         wildcardString = StringUtils.clean(wildcardString);
 152  
 
 153  115
         if (wildcardString == null || wildcardString.isEmpty()) {
 154  3
             throw new IllegalArgumentException("Wildcard string cannot be null or empty. Make sure permission strings are properly formatted.");
 155  
         }
 156  
 
 157  112
         List<String> parts = CollectionUtils.asList(wildcardString.split(PART_DIVIDER_TOKEN));
 158  
 
 159  112
         this.parts = new ArrayList<Set<String>>();
 160  112
         for (String part : parts) {
 161  198
             Set<String> subparts = CollectionUtils.asSet(part.split(SUBPART_DIVIDER_TOKEN));
 162  198
             if (!caseSensitive) {
 163  198
                 subparts = lowercase(subparts);
 164  
             }
 165  198
             if (subparts.isEmpty()) {
 166  1
                 throw new IllegalArgumentException("Wildcard string cannot contain parts with only dividers. Make sure permission strings are properly formatted.");
 167  
             }
 168  197
             this.parts.add(subparts);
 169  197
         }
 170  
 
 171  111
         if (this.parts.isEmpty()) {
 172  0
             throw new IllegalArgumentException("Wildcard string cannot contain only dividers. Make sure permission strings are properly formatted.");
 173  
         }
 174  111
     }
 175  
 
 176  
     private Set<String> lowercase(Set<String> subparts) {
 177  198
         Set<String> lowerCasedSubparts = new LinkedHashSet<String>(subparts.size());
 178  198
         for (String subpart : subparts) {
 179  231
             lowerCasedSubparts.add(subpart.toLowerCase());
 180  231
         }
 181  198
         return lowerCasedSubparts;
 182  
     }
 183  
 
 184  
     /*--------------------------------------------
 185  
     |  A C C E S S O R S / M O D I F I E R S    |
 186  
     ============================================*/
 187  
     protected List<Set<String>> getParts() {
 188  460
         return this.parts;
 189  
     }
 190  
 
 191  
     /*--------------------------------------------
 192  
     |               M E T H O D S               |
 193  
     ============================================*/
 194  
 
 195  
     public boolean implies(Permission p) {
 196  
         // By default only supports comparisons with other WildcardPermissions
 197  81
         if (!(p instanceof WildcardPermission)) {
 198  0
             return false;
 199  
         }
 200  
 
 201  81
         WildcardPermission wp = (WildcardPermission) p;
 202  
 
 203  81
         List<Set<String>> otherParts = wp.getParts();
 204  
 
 205  81
         int i = 0;
 206  81
         for (Set<String> otherPart : otherParts) {
 207  
             // If this permission has less parts than the other permission, everything after the number of parts contained
 208  
             // in this permission is automatically implied, so return true
 209  152
             if (getParts().size() - 1 < i) {
 210  11
                 return true;
 211  
             } else {
 212  141
                 Set<String> part = getParts().get(i);
 213  141
                 if (!part.contains(WILDCARD_TOKEN) && !part.containsAll(otherPart)) {
 214  21
                     return false;
 215  
                 }
 216  120
                 i++;
 217  
             }
 218  120
         }
 219  
 
 220  
         // If this permission has more parts than the other parts, only imply it if all of the other parts are wildcards
 221  77
         for (; i < getParts().size(); i++) {
 222  18
             Set<String> part = getParts().get(i);
 223  18
             if (!part.contains(WILDCARD_TOKEN)) {
 224  4
                 return false;
 225  
             }
 226  
         }
 227  
 
 228  45
         return true;
 229  
     }
 230  
 
 231  
     public String toString() {
 232  4
         StringBuilder buffer = new StringBuilder();
 233  4
         for (Set<String> part : parts) {
 234  4
             if (buffer.length() > 0) {
 235  0
                 buffer.append(":");
 236  
             }
 237  4
             buffer.append(part);
 238  4
         }
 239  4
         return buffer.toString();
 240  
     }
 241  
 
 242  
     public boolean equals(Object o) {
 243  0
         if (o instanceof WildcardPermission) {
 244  0
             WildcardPermission wp = (WildcardPermission) o;
 245  0
             return parts.equals(wp.parts);
 246  
         }
 247  0
         return false;
 248  
     }
 249  
 
 250  
     public int hashCode() {
 251  129
         return parts.hashCode();
 252  
     }
 253  
 
 254  
 }