static { sysPermissionsByName = new HashMap<>(); sysPermissionsByName.put(INHERIT, SYSPERMISSION_INHERIT); sysPermissionsByName.put(IMPERSONATE, SYSPERMISSION_IMPERSONATE); sysPermissionsByName.put(RESET_CREDENTIALS, SYSPERMISSION_RESET_CREDENTIALS); sysPermissionsByName.put(DELETE, SYSPERMISSION_DELETE); sysPermissionsByName.put(QUERY, SYSPERMISSION_QUERY); sysPermissionNamesById = new HashMap<>(sysPermissionsByName.size()); for (SysPermission sysPermission : sysPermissionsByName.values()) { sysPermissionNamesById.put( sysPermission.getSystemPermissionId(), sysPermission.getPermissionName()); } sysPermissionNames = Collections.unmodifiableList(new ArrayList<>(sysPermissionNamesById.values())); }
private ResourcePermissionImpl(String permissionName, boolean withGrantOption) { assertPermissionNameSpecified(permissionName); permissionName = permissionName.trim(); if (permissionName.startsWith("*")) { SysPermission sysPermission = getSysPermission(permissionName); this.systemPermissionId = sysPermission.getSystemPermissionId(); this.permissionName = sysPermission.getPermissionName(); } else { this.systemPermissionId = 0; this.permissionName = permissionName.intern(); } this.withGrantOption = withGrantOption; }
public class ResourcePermissions { // constants for the important system permissions with pre-defined semantics private static final SysPermission SYSPERMISSION_INHERIT = new SysPermission(-101, "*INHERIT"); public static final String INHERIT = SYSPERMISSION_INHERIT.getPermissionName(); private static final SysPermission SYSPERMISSION_IMPERSONATE = new SysPermission(-102, "*IMPERSONATE"); public static final String IMPERSONATE = SYSPERMISSION_IMPERSONATE.getPermissionName(); private static final SysPermission SYSPERMISSION_RESET_CREDENTIALS = new SysPermission(-103, "*RESET-CREDENTIALS"); public static final String RESET_CREDENTIALS = SYSPERMISSION_RESET_CREDENTIALS.getPermissionName(); private static final SysPermission SYSPERMISSION_DELETE = new SysPermission(-104, "*DELETE"); public static final String DELETE = SYSPERMISSION_DELETE.getPermissionName(); private static final SysPermission SYSPERMISSION_QUERY = new SysPermission(-105, "*QUERY"); public static final String QUERY = SYSPERMISSION_QUERY.getPermissionName(); private static final Map<String, SysPermission> sysPermissionsByName; private static final Map<Long, String> sysPermissionNamesById; private static final List<String> sysPermissionNames; static { sysPermissionsByName = new HashMap<>(); sysPermissionsByName.put(INHERIT, SYSPERMISSION_INHERIT); sysPermissionsByName.put(IMPERSONATE, SYSPERMISSION_IMPERSONATE); sysPermissionsByName.put(RESET_CREDENTIALS, SYSPERMISSION_RESET_CREDENTIALS); sysPermissionsByName.put(DELETE, SYSPERMISSION_DELETE); sysPermissionsByName.put(QUERY, SYSPERMISSION_QUERY); sysPermissionNamesById = new HashMap<>(sysPermissionsByName.size()); for (SysPermission sysPermission : sysPermissionsByName.values()) { sysPermissionNamesById.put( sysPermission.getSystemPermissionId(), sysPermission.getPermissionName()); } sysPermissionNames = Collections.unmodifiableList(new ArrayList<>(sysPermissionNamesById.values())); } public static List<String> getSysPermissionNames() { return sysPermissionNames; } public static String getSysPermissionName(long systemPermissionId) { final String sysPermissionName = sysPermissionNamesById.get(systemPermissionId); if (sysPermissionName == null) { throw new IllegalArgumentException("Invalid system permission ID: " + systemPermissionId); } return sysPermissionName; } public static ResourcePermission getInstance(String permissionName) { return new ResourcePermissionImpl(permissionName, false); } public static ResourcePermission getInstanceWithGrantOption(String permissionName) { return new ResourcePermissionImpl(permissionName, true); } /** * @deprecated as of v2.0.0-rc.5; use {@link #getInstanceWithGrantOption(String)} or {@link * #getInstance(String)} instead. */ @Deprecated public static ResourcePermission getInstance(String permissionName, boolean withGrant) { return new ResourcePermissionImpl(permissionName, withGrant); } public static ResourcePermission getInstance(ResourcePermission resourcePermission) { if (resourcePermission instanceof ResourcePermissions.ResourcePermissionImpl) { return resourcePermission; } final ResourcePermission verifiedPermission; if (resourcePermission.isWithGrantOption()) { verifiedPermission = getInstanceWithGrantOption(resourcePermission.getPermissionName()); } else { verifiedPermission = getInstance(resourcePermission.getPermissionName()); } // validate system permission name and id matched if (resourcePermission.isSystemPermission() && verifiedPermission.getSystemPermissionId() != resourcePermission.getSystemPermissionId()) { throw new IllegalArgumentException( "Invalid system permission id for resource permission: " + resourcePermission); } return verifiedPermission; } private static class ResourcePermissionImpl implements ResourcePermission, Serializable { private static final long serialVersionUID = 1L; // permission data private final long systemPermissionId; private final String permissionName; private final boolean withGrantOption; private ResourcePermissionImpl(String permissionName, boolean withGrantOption) { assertPermissionNameSpecified(permissionName); permissionName = permissionName.trim(); if (permissionName.startsWith("*")) { SysPermission sysPermission = getSysPermission(permissionName); this.systemPermissionId = sysPermission.getSystemPermissionId(); this.permissionName = sysPermission.getPermissionName(); } else { this.systemPermissionId = 0; this.permissionName = permissionName.intern(); } this.withGrantOption = withGrantOption; } @Override public boolean isSystemPermission() { return systemPermissionId != 0; } @Override public String getPermissionName() { return permissionName; } @Override public long getSystemPermissionId() { if (!isSystemPermission()) { throw new IllegalArgumentException( "No system permission ID may be retrieved for user permission: " + permissionName + ", please check your code"); } return systemPermissionId; } @Override public boolean isWithGrantOption() { return withGrantOption; } @Override @Deprecated public boolean isWithGrant() { return isWithGrantOption(); } @Override public boolean isGrantableFrom(ResourcePermission other) { if (other == null) { return false; } if (!other.isWithGrantOption()) { return false; } return this.equalsIgnoreGrantOption(other); } @Override public boolean equals(Object other) { if (this == other) { return true; } if (other == null || getClass() != other.getClass()) { return false; } ResourcePermissionImpl otherResourcePermission = (ResourcePermissionImpl) other; if (!permissionName.equals(otherResourcePermission.permissionName)) { return false; } if (withGrantOption != otherResourcePermission.withGrantOption) { return false; } return true; } @Override public boolean equalsIgnoreGrantOption(Object other) { if (this == other) { return true; } if (other == null || getClass() != other.getClass()) { return false; } ResourcePermissionImpl otherResourcePermission = (ResourcePermissionImpl) other; if (!permissionName.equals(otherResourcePermission.permissionName)) { return false; } return true; } @Override @Deprecated public boolean equalsIgnoreGrant(Object other) { return equalsIgnoreGrantOption(other); } @Override public int hashCode() { int result = permissionName.hashCode(); result = 31 * result + (withGrantOption ? 1 : 0); return result; } @Override public String toString() { return (isSystemPermission() ? "SYS:" + permissionName : permissionName) + (withGrantOption ? " /G" : ""); } // private helper methods private void assertPermissionNameSpecified(String permissionName) { if (permissionName == null || permissionName.trim().isEmpty()) { throw new IllegalArgumentException("A permission name is required"); } } // private static helper method to convert a sys permission name to a sys permission object private static SysPermission getSysPermission(String permissionName) { if (permissionName == null) { throw new IllegalArgumentException("A system permission name is required"); } final String trimmedPermissionName = permissionName.trim(); if (trimmedPermissionName.isEmpty()) { throw new IllegalArgumentException("A system permission name is required"); } final SysPermission sysPermission = sysPermissionsByName.get(trimmedPermissionName); if (sysPermission == null) { throw new IllegalArgumentException( "Invalid system permission name: " + trimmedPermissionName); } return sysPermission; } } }