/** * Implements the equals operation so that 2 elements are equal if all their member values are * equal. */ public boolean equals(Object object) { if (object == null) { return false; } BaseSecurityEntry obj = (BaseSecurityEntry) object; Iterator i = accesses.iterator(); Iterator i2 = obj.accesses.iterator(); while (i.hasNext()) { BaseSecurityAccess c1 = (BaseSecurityAccess) i.next(); BaseSecurityAccess c2 = null; if (i2.hasNext()) { c2 = (BaseSecurityAccess) i2.next(); } else { return false; } if (!c1.equals(c2)) { return false; } } if (i2.hasNext()) { return false; } return super.equals(object); }
/** * Removes a security access for the named action. This does not take into account the "*" action * when the "*" is not the named action. * * @param String access name of access to remove in its entirety */ public void revokeAccess(String action) { List list = getAccesses(); for (int i = 0; i < list.size(); i++) { BaseSecurityAccess access = (BaseSecurityAccess) list.get(i); if (access.getAction().equals(action)) { list.remove(i); return; } } }
/** * Returns the SecurityAccess object for the <code>action</code> requested or null if no specific * access is defined for this action. The "*" does change this, if an action is not specifically * defined in the registry, null is returned * * @param SecurityEntry entry SecurityEntry to check against * @param String action The action we want the access for. * @return SecurityAccess that is defined for this action or <code>null</code> if one is not * <strong>specifically defined</strong> */ public SecurityAccess getAccess(String action) { Iterator itr = getAccesses().iterator(); while (itr.hasNext()) { BaseSecurityAccess access = (BaseSecurityAccess) itr.next(); if (access.getAction().equals(action)) { return access; } } return null; }
/** * Checks whether a role is specifically allowed to access the request action This method ignores * the "*" action and is here to play a maintenance role. * * @param String action name of action to check * @param String role name of role to verify access for * @return boolean whether or not the <code>role</code> has access to this specific action. */ public boolean allowsSpecificUser(String action, String user) { BaseSecurityAccess access = (BaseSecurityAccess) getAccess(action); if (access.getAllAllows() != null) { Iterator allAllows = access.getAllows().iterator(); while (allAllows.hasNext()) { BaseSecurityAllow allow = (BaseSecurityAllow) allAllows.next(); if (allow.getUser() != null && allow.getUser().equals(user)) { return true; } } } return false; }