com.ecyrd.jspwiki.auth.permissions
Class PagePermission

java.lang.Object
  extended by java.security.Permission
      extended by com.ecyrd.jspwiki.auth.permissions.PagePermission
All Implemented Interfaces:
Serializable, Guard

public final class PagePermission
extends Permission

Permission to perform an operation on a single page or collection of pages in a given wiki. Permission actions include: viewedit (edit the text of a wiki page), commentuploadmodify (edit text and upload attachments), delete  and rename.

The target of a permission is a single page or collection in a given wiki. The syntax for the target is the wiki name, followed by a colon (:) and the name of the page. "All wikis" can be specified using a wildcard (*). Page collections may also be specified using a wildcard. For pages, the wildcard may be a prefix, suffix, or all by itself. Examples of targets include:

*:*
*:JanneJalkanen
*:Jalkanen
*:Janne*
mywiki:JanneJalkanen
mywiki:*Jalkanen
mywiki:Janne*

For a given target, certain permissions imply others:

Since:
2.3
Version:
$Revision: 1.9 $ $Date: 2006/05/20 05:20:34 $
Author:
Andrew Jaquith
See Also:
Serialized Form

Field Summary
static PagePermission COMMENT
           
static String COMMENT_ACTION
           
protected static int COMMENT_MASK
           
static PagePermission DELETE
           
static String DELETE_ACTION
           
protected static int DELETE_MASK
           
static PagePermission EDIT
           
static String EDIT_ACTION
           
protected static int EDIT_MASK
           
static PagePermission MODIFY
           
static String MODIFY_ACTION
           
protected static int MODIFY_MASK
           
static PagePermission RENAME
           
static String RENAME_ACTION
           
protected static int RENAME_MASK
           
static PagePermission UPLOAD
           
static String UPLOAD_ACTION
           
protected static int UPLOAD_MASK
           
static PagePermission VIEW
           
static String VIEW_ACTION
           
protected static int VIEW_MASK
           
 
Constructor Summary
PagePermission(String page, String actions)
          Creates a new PagePermission for a specified page name and set of actions.
PagePermission(WikiPage page, String actions)
          Creates a new PagePermission for a specified page and set of actions.
 
Method Summary
protected static int createMask(String actions)
          Private method that creates a binary mask based on the actions specified.
 boolean equals(Object obj)
          Two PagePermission objects are considered equal if their actions (after normalization), wiki and target are equal.
 String getActions()
          Returns the actions for this permission: "view", "edit", "comment", "modify", "upload" or "delete".
 String getPage()
          Returns the name of the wiki page represented by this permission.
 String getWiki()
          Returns the name of the wiki containing the page represented by this permission; may return the wildcard string.
 int hashCode()
          Returns the hash code for this PagePermission.
protected static int impliedMask(int mask)
          Creates an "implied mask" based on the actions originally assigned: for example, delete implies modify, comment, upload and view.
 boolean implies(Permission permission)
           PagePermission can only imply other PagePermissions; no other permission types are implied.
protected static boolean isSubset(String superSet, String subSet)
          Determines whether one target string is a logical subset of the other.
 PermissionCollection newPermissionCollection()
          Returns a new AllPermissionCollection.
 String toString()
          Prints a human-readable representation of this permission.
 
Methods inherited from class java.security.Permission
checkGuard, getName
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

COMMENT_ACTION

public static final String COMMENT_ACTION
See Also:
Constant Field Values

DELETE_ACTION

public static final String DELETE_ACTION
See Also:
Constant Field Values

EDIT_ACTION

public static final String EDIT_ACTION
See Also:
Constant Field Values

MODIFY_ACTION

public static final String MODIFY_ACTION
See Also:
Constant Field Values

RENAME_ACTION

public static final String RENAME_ACTION
See Also:
Constant Field Values

UPLOAD_ACTION

public static final String UPLOAD_ACTION
See Also:
Constant Field Values

VIEW_ACTION

public static final String VIEW_ACTION
See Also:
Constant Field Values

COMMENT_MASK

protected static final int COMMENT_MASK
See Also:
Constant Field Values

DELETE_MASK

protected static final int DELETE_MASK
See Also:
Constant Field Values

EDIT_MASK

protected static final int EDIT_MASK
See Also:
Constant Field Values

MODIFY_MASK

protected static final int MODIFY_MASK
See Also:
Constant Field Values

RENAME_MASK

protected static final int RENAME_MASK
See Also:
Constant Field Values

UPLOAD_MASK

protected static final int UPLOAD_MASK
See Also:
Constant Field Values

VIEW_MASK

protected static final int VIEW_MASK
See Also:
Constant Field Values

COMMENT

public static final PagePermission COMMENT

DELETE

public static final PagePermission DELETE

EDIT

public static final PagePermission EDIT

RENAME

public static final PagePermission RENAME

MODIFY

public static final PagePermission MODIFY

UPLOAD

public static final PagePermission UPLOAD

VIEW

public static final PagePermission VIEW
Constructor Detail

PagePermission

public PagePermission(String page,
                      String actions)
Creates a new PagePermission for a specified page name and set of actions. Page should include a prepended wiki name followed by a slash. If the wiki name is not supplied or starts with a colon (:), the page refers no wiki in particular, and will never imply any other PagePermission.

Parameters:
page - the wiki page
actions - the allowed actions for this page

PagePermission

public PagePermission(WikiPage page,
                      String actions)
Creates a new PagePermission for a specified page and set of actions.

Parameters:
page -
actions -
Method Detail

equals

public final boolean equals(Object obj)
Two PagePermission objects are considered equal if their actions (after normalization), wiki and target are equal.

Specified by:
equals in class Permission
See Also:
Object.equals(java.lang.Object)

getActions

public final String getActions()
Returns the actions for this permission: "view", "edit", "comment", "modify", "upload" or "delete". The actions will always be sorted in alphabetic order, and will always appear in lower case.

Specified by:
getActions in class Permission
See Also:
Permission.getActions()

getPage

public final String getPage()
Returns the name of the wiki page represented by this permission.

Returns:
the page name

getWiki

public final String getWiki()
Returns the name of the wiki containing the page represented by this permission; may return the wildcard string.

Returns:
the wiki

hashCode

public final int hashCode()
Returns the hash code for this PagePermission.

Specified by:
hashCode in class Permission
See Also:
Object.hashCode()

implies

public final boolean implies(Permission permission)

PagePermission can only imply other PagePermissions; no other permission types are implied. One PagePermission implies another if its actions if three conditions are met:

  1. The other PagePermission's wiki is equal to, or a subset of, that of this permission. This permission's wiki is considered a superset of the other if it contains a matching prefix plus a wildcard, or a wildcard followed by a matching suffix.
  2. The other PagePermission's target is equal to, or a subset of, the target specified by this permission. This permission's target is considered a superset of the other if it contains a matching prefix plus a wildcard, or a wildcard followed by a matching suffix.
  3. All of other PagePermission's actions are equal to, or a subset of, those of this permission

Note: a significant (hard-coded) exception to the rule occurs with pages starting in DefaultGroupManager.GROUP_PREFIX, because these are group member list pages. For a permission whose target is the wildcard "*", permission for Group* pages is not implied. The target "Group*", however, works normally. This is most definitely a horrible hack.

Specified by:
implies in class Permission
See Also:
Permission.implies(java.security.Permission)

newPermissionCollection

public PermissionCollection newPermissionCollection()
Returns a new AllPermissionCollection.

Overrides:
newPermissionCollection in class Permission
See Also:
Permission.newPermissionCollection(), AllPermissionCollection.getInstance(String)

toString

public final String toString()
Prints a human-readable representation of this permission.

Overrides:
toString in class Permission
See Also:
Object.toString()

impliedMask

protected static final int impliedMask(int mask)
Creates an "implied mask" based on the actions originally assigned: for example, delete implies modify, comment, upload and view.

Parameters:
mask - binary mask for actions
Returns:
binary mask for implied actions

isSubset

protected static final boolean isSubset(String superSet,
                                        String subSet)
Determines whether one target string is a logical subset of the other.

Parameters:
superSet - the prospective superset
subSet - the prospective subset
Returns:
the results of the test, where true indicates that subSet is a subset of superSet

createMask

protected static final int createMask(String actions)
Private method that creates a binary mask based on the actions specified. This is used by implies(Permission).

Parameters:
actions - the actions for this permission, separated by commas
Returns:
the binary actions mask