nbi.xmlsec.xacml.profile.rbac
Class Permission

java.lang.Object
  extended bynbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
      extended bynbi.xmlsec.xacml.profile.rbac.Permission

public class Permission
extends RBACPolicyElement

This class implements a permission rule according to the XACML RBAC Profile. It assigns permissions to access resources for given actions. The permission may be represented as a Ruleor parsed from a Rule representation.

Since:
Version:
$Revision: 1.10 $
Author:
Lutz Suhrbier

Field Summary
(package private)  Apply condition
          The condition of the permission rule or null
(package private) static Logger logger
           
(package private)  boolean permit
          The effect of the permission rule (permit or deny)
 
Fields inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
 
Constructor Summary
Permission(Rule rule)
          Create a Permission instance from its Rulerepresentation.
Permission(String domain, String label, boolean permit)
          Create Permission instance.
Permission(URI permId, boolean permit)
          Create an Permission instance.
 
Method Summary
 boolean add(RBACPolicyElement element)
          Adds the resources and actions of another Permission from the resources and actions of this permission respectively.
 boolean addAction(String action)
          Adds an String action to the resource set.
 boolean addResource(String resource)
          Adds an String resource to the resource set.
 boolean equals(Object obj)
          Compares the specified object with this permission.
 Set getActions()
          Gets the assigned actions of this this permission.
 Apply getCondition()
          Gets the condition.
 Set getResources()
          Gets the assigned resources of this this permission.
 boolean isPermit()
          Gets the permit effect.
 void parse(PolicyTreeElement element)
          Parses an permission from its Rulerepresentation.
 boolean remove(RBACPolicyElement element)
          Removes the resources and actions of another Permission from the resources and actions of this permission respectively.
 boolean removeAction(String action)
          Removes an String action from the action set.
 boolean removeResource(String resource)
          Removes an String resource from the resource set.
 void setCondition(Apply condition)
          Sets the condition.
 void setCondition(ConditionTypeBuilder conditionBuilder)
          Sets the condition.
 void setPermit(boolean permit)
          Sets the permit effect.
 PolicyTreeElement toPolicyTreeElement()
          Returns the Rulerepresentation of the permission.
 String toString()
           
 
Methods inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
getIdentifier, getTarget, hashCode, parse, setIdentifier, setIdentifier, setTarget
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

logger

static Logger logger

permit

boolean permit
The effect of the permission rule (permit or deny)


condition

Apply condition
The condition of the permission rule or null

Constructor Detail

Permission

public Permission(String domain,
                  String label,
                  boolean permit)
Create Permission instance.

Parameters:
domain - Domain of the permission identifier.
label - Label of the permission identifier.
permit - true sets the effect to DECISION_PERMIT, false to DECISION_DENY.

Permission

public Permission(URI permId,
                  boolean permit)
           throws ParsingException
Create an Permission instance.

Parameters:
permId - Assignment identifier (domain:assignment:label).
permit - true sets the effect to DECISION_PERMIT, false to DECISION_DENY.

Permission

public Permission(Rule rule)
           throws ParsingException
Create a Permission instance from its Rulerepresentation.

Parameters:
rule - Rulerepresentation.
Method Detail

addResource

public boolean addResource(String resource)
Adds an String resource to the resource set.

Parameters:
resource - The resource to add.
Returns:
true if the resource has been added succesfully, false otherwise.

removeResource

public boolean removeResource(String resource)
Removes an String resource from the resource set.

Parameters:
resource - The resource to remove.
Returns:
true if the resource has been removed succesfully, false otherwise.

addAction

public boolean addAction(String action)
Adds an String action to the resource set.

Parameters:
action - The action to add.
Returns:
true if the action has been added succesfully, false otherwise.

removeAction

public boolean removeAction(String action)
Removes an String action from the action set.

Parameters:
action - The action to remove.
Returns:
true if the action has been removed succesfully, false otherwise.

add

public boolean add(RBACPolicyElement element)
Adds the resources and actions of another Permission from the resources and actions of this permission respectively.

Specified by:
add in class RBACPolicyElement
Parameters:
element - The permission to add.
Returns:
true if the any of the permission target objects has been added succesfully, false otherwise.
See Also:
RBACPolicyElement.add(RBACPolicyElement)

remove

public boolean remove(RBACPolicyElement element)
Removes the resources and actions of another Permission from the resources and actions of this permission respectively.

Specified by:
remove in class RBACPolicyElement
Parameters:
element - The permission to remove.
Returns:
true if the any of the permission target objects has been removed succesfully, false otherwise.
See Also:
RBACPolicyElement.remove(RBACPolicyElement)

toPolicyTreeElement

public PolicyTreeElement toPolicyTreeElement()
Returns the Rulerepresentation of the permission.

Specified by:
toPolicyTreeElement in class RBACPolicyElement
Returns:
Permission's rule representation.

parse

public void parse(PolicyTreeElement element)
           throws ParsingException
Parses an permission from its Rulerepresentation.

Specified by:
parse in class RBACPolicyElement
Parameters:
element - The rule to parse.
Throws:
ParsingException - Indicates a malformed Rulerepresentation.

isPermit

public boolean isPermit()
Gets the permit effect.

Returns:
true if the effect is set to DECISION_PERMIT, false if the effect is set to DECISION_DENY.

setPermit

public void setPermit(boolean permit)
Sets the permit effect.

Parameters:
permit - true sets the effect to DECISION_PERMIT, false sets the effect to DECISION_DENY.

setCondition

public void setCondition(Apply condition)
Sets the condition.

Parameters:
condition - The condition

setCondition

public void setCondition(ConditionTypeBuilder conditionBuilder)
Sets the condition.

Parameters:
conditionBuilder - The condition

getCondition

public Apply getCondition()
Gets the condition.

Returns:
The condition

getResources

public Set getResources()
Gets the assigned resources of this this permission.

Returns:
The permission's resources.

getActions

public Set getActions()
Gets the assigned actions of this this permission.

Returns:
The permission's actions.

equals

public boolean equals(Object obj)
Compares the specified object with this permission. Returns true if the specified object is also an Permission and the underlying policy element is also equal.

Overrides:
equals in class RBACPolicyElement
Parameters:
obj - Object to be compared for equality with this permission.
Returns:
true if the specified Object is equal to this permission.

toString

public String toString()
Overrides:
toString in class RBACPolicyElement


Copyright © 2006 Lutz Suhrbier, Freie Universität Berlin. All Rights Reserved.