1 files changed, 257 insertions, 0 deletions
diff --git a/OpenSim/Framework/General/ACL.cs b/OpenSim/Framework/General/ACL.cs
new file mode 100644
index 0000000..348f0ae
--- /dev/null
+++ b/OpenSim/Framework/General/ACL.cs
@@ -0,0 +1,257 @@
+/*
+* Copyright (c) Contributors, http://opensimulator.org/
+* See CONTRIBUTORS.TXT for a full list of copyright holders.
+*
+* Redistribution and use in source and binary forms, with or without
+* modification, are permitted provided that the following conditions are met:
+*     * Redistributions of source code must retain the above copyright
+*       notice, this list of conditions and the following disclaimer.
+*     * Redistributions in binary form must reproduce the above copyright
+*       notice, this list of conditions and the following disclaimer in the
+*       documentation and/or other materials provided with the distribution.
+*     * Neither the name of the OpenSim Project nor the
+*       names of its contributors may be used to endorse or promote products
+*       derived from this software without specific prior written permission.
+*
+* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY
+* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+* 
+*/
+using System;
+using System.Collections.Generic;
+using System.Text;
+namespace OpenSim.Framework
+{
+    // ACL Class
+    // Modelled after the structure of the Zend ACL Framework Library
+    // with one key difference - the tree will search for all matching
+    // permissions rather than just the first. Deny permissions will
+    // override all others.
+    #region ACL Core Class
+    /// <summary>
+    /// Access Control List Engine
+    /// </summary>
+    public class ACL
+    {
+        Dictionary<string, Role> Roles = new Dictionary<string, Role>();
+        Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();
+        public ACL AddRole(Role role)
+        {
+            if (Roles.ContainsKey(role.Name))
+                throw new AlreadyContainsRoleException(role);
+            Roles.Add(role.Name, role);
+            return this;
+        }
+        public ACL AddResource(Resource resource)
+        {
+            Resources.Add(resource.Name, resource);
+            return this;
+        }
+        public Permission HasPermission(string role, string resource)
+        {
+            if (!Roles.ContainsKey(role))
+                throw new KeyNotFoundException();
+            if (!Resources.ContainsKey(resource))
+                throw new KeyNotFoundException();
+            return Roles[role].RequestPermission(resource);
+        }
+        public ACL GrantPermission(string role, string resource)
+        {
+            if (!Roles.ContainsKey(role))
+                throw new KeyNotFoundException();
+            if (!Resources.ContainsKey(resource))
+                throw new KeyNotFoundException();
+            Roles[role].GivePermission(resource, Permission.Allow);
+            return this;
+        }
+        public ACL DenyPermission(string role, string resource)
+        {
+            if (!Roles.ContainsKey(role))
+                throw new KeyNotFoundException();
+            if (!Resources.ContainsKey(resource))
+                throw new KeyNotFoundException();
+            Roles[role].GivePermission(resource, Permission.Deny);
+            return this;
+        }
+        public ACL ResetPermission(string role, string resource)
+        {
+            if (!Roles.ContainsKey(role))
+                throw new KeyNotFoundException();
+            if (!Resources.ContainsKey(resource))
+                throw new KeyNotFoundException();
+            Roles[role].GivePermission(resource, Permission.None);
+            return this;
+        }
+    }
+    #endregion
+    #region Exceptions
+    /// <summary>
+    /// Thrown when an ACL attempts to add a duplicate role.
+    /// </summary>
+    public class AlreadyContainsRoleException : Exception
+    {
+        protected Role m_role;
+        public Role ErrorRole
+        {
+            get { return m_role; }
+        }
+        public AlreadyContainsRoleException(Role role)
+        {
+            m_role = role;
+        }
+        public override string ToString()
+        {
+            return "This ACL already contains a role called '" + m_role.Name + "'.";
+        }
+    }
+    #endregion
+    #region Roles and Resources
+    /// <summary>
+    /// Does this Role have permission to access a specified Resource?
+    /// </summary>
+    public enum Permission { Deny, None, Allow };
+    /// <summary>
+    /// A role class, for use with Users or Groups
+    /// </summary>
+    public class Role
+    {
+        private string m_name;
+        private Role[] m_parents;
+        private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();
+        public string Name
+        {
+            get { return m_name; }
+        }
+        public Permission RequestPermission(string resource)
+        {
+            return RequestPermission(resource, Permission.None);
+        }
+        public Permission RequestPermission(string resource, Permission current)
+        {
+            // Deny permissions always override any others
+            if (current == Permission.Deny)
+                return current;
+            Permission temp = Permission.None;
+            // Pickup non-None permissions
+            if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)
+                temp = m_resources[resource];
+            if (m_parents != null)
+            {
+                foreach (Role parent in m_parents)
+                {
+                    temp = parent.RequestPermission(resource, temp);
+                }
+            }
+            return temp;
+        }
+        public void GivePermission(string resource, Permission perm)
+        {
+            m_resources[resource] = perm;
+        }
+        public Role(string name)
+        {
+            m_name = name;
+            m_parents = null;
+        }
+        public Role(string name, Role[] parents)
+        {
+            m_name = name;
+            m_parents = parents;
+        }
+    }
+    public class Resource
+    {
+        private string m_name;
+        public string Name
+        {
+            get { return m_name; }
+        }
+        public Resource(string name)
+        {
+            m_name = name;
+        }
+    }
+    #endregion
+    #region Tests
+    class ACLTester
+    {
+        public ACLTester()
+        {
+            ACL acl = new ACL();
+            Role Guests = new Role("Guests");
+            acl.AddRole(Guests);
+            Role[] parents = new Role[0];
+            parents[0] = Guests;
+            Role JoeGuest = new Role("JoeGuest", parents);
+            acl.AddRole(JoeGuest);
+            Resource CanBuild = new Resource("CanBuild");
+            acl.AddResource(CanBuild);
+            acl.GrantPermission("Guests", "CanBuild");
+            acl.HasPermission("JoeGuest", "CanBuild");
+        }
+    }
+    #endregion
+}

diff --git a/OpenSim/Framework/General/ACL.cs b/OpenSim/Framework/General/ACL.cs new file mode 100644 index 0000000..348f0ae --- /dev/null +++ b/OpenSim/Framework/General/ACL.cs
@@ -0,0 +1,257 @@
	1	/*
	2	* Copyright (c) Contributors, http://opensimulator.org/
	3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions are met:
	7	* * Redistributions of source code must retain the above copyright
	8	* notice, this list of conditions and the following disclaimer.
	9	* * Redistributions in binary form must reproduce the above copyright
	10	* notice, this list of conditions and the following disclaimer in the
	11	* documentation and/or other materials provided with the distribution.
	12	* * Neither the name of the OpenSim Project nor the
	13	* names of its contributors may be used to endorse or promote products
	14	* derived from this software without specific prior written permission.
	15	*
	16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY
	17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
	20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
	21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
	23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
	25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	26	*
	27	*/
	28	using System;
	29	using System.Collections.Generic;
	30	using System.Text;
	31
	32	namespace OpenSim.Framework
	33	{
	34	// ACL Class
	35	// Modelled after the structure of the Zend ACL Framework Library
	36	// with one key difference - the tree will search for all matching
	37	// permissions rather than just the first. Deny permissions will
	38	// override all others.
	39
	40
	41	#region ACL Core Class
	42	/// <summary>
	43	/// Access Control List Engine
	44	/// </summary>
	45	public class ACL
	46	{
	47	Dictionary<string, Role> Roles = new Dictionary<string, Role>();
	48	Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();
	49
	50	public ACL AddRole(Role role)
	51	{
	52	if (Roles.ContainsKey(role.Name))
	53	throw new AlreadyContainsRoleException(role);
	54
	55	Roles.Add(role.Name, role);
	56
	57	return this;
	58	}
	59
	60	public ACL AddResource(Resource resource)
	61	{
	62	Resources.Add(resource.Name, resource);
	63
	64	return this;
	65	}
	66
	67	public Permission HasPermission(string role, string resource)
	68	{
	69	if (!Roles.ContainsKey(role))
	70	throw new KeyNotFoundException();
	71
	72	if (!Resources.ContainsKey(resource))
	73	throw new KeyNotFoundException();
	74
	75	return Roles[role].RequestPermission(resource);
	76	}
	77
	78	public ACL GrantPermission(string role, string resource)
	79	{
	80	if (!Roles.ContainsKey(role))
	81	throw new KeyNotFoundException();
	82
	83	if (!Resources.ContainsKey(resource))
	84	throw new KeyNotFoundException();
	85
	86	Roles[role].GivePermission(resource, Permission.Allow);
	87
	88	return this;
	89	}
	90
	91	public ACL DenyPermission(string role, string resource)
	92	{
	93	if (!Roles.ContainsKey(role))
	94	throw new KeyNotFoundException();
	95
	96	if (!Resources.ContainsKey(resource))
	97	throw new KeyNotFoundException();
	98
	99	Roles[role].GivePermission(resource, Permission.Deny);
	100
	101	return this;
	102	}
	103
	104	public ACL ResetPermission(string role, string resource)
	105	{
	106	if (!Roles.ContainsKey(role))
	107	throw new KeyNotFoundException();
	108
	109	if (!Resources.ContainsKey(resource))
	110	throw new KeyNotFoundException();
	111
	112	Roles[role].GivePermission(resource, Permission.None);
	113
	114	return this;
	115	}
	116	}
	117	#endregion
	118
	119	#region Exceptions
	120	/// <summary>
	121	/// Thrown when an ACL attempts to add a duplicate role.
	122	/// </summary>
	123	public class AlreadyContainsRoleException : Exception
	124	{
	125	protected Role m_role;
	126
	127	public Role ErrorRole
	128	{
	129	get { return m_role; }
	130	}
	131
	132	public AlreadyContainsRoleException(Role role)
	133	{
	134	m_role = role;
	135	}
	136
	137	public override string ToString()
	138	{
	139	return "This ACL already contains a role called '" + m_role.Name + "'.";
	140	}
	141	}
	142	#endregion
	143
	144	#region Roles and Resources
	145
	146	/// <summary>
	147	/// Does this Role have permission to access a specified Resource?
	148	/// </summary>
	149	public enum Permission { Deny, None, Allow };
	150
	151	/// <summary>
	152	/// A role class, for use with Users or Groups
	153	/// </summary>
	154	public class Role
	155	{
	156	private string m_name;
	157	private Role[] m_parents;
	158	private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();
	159
	160	public string Name
	161	{
	162	get { return m_name; }
	163	}
	164
	165	public Permission RequestPermission(string resource)
	166	{
	167	return RequestPermission(resource, Permission.None);
	168	}
	169
	170	public Permission RequestPermission(string resource, Permission current)
	171	{
	172	// Deny permissions always override any others
	173	if (current == Permission.Deny)
	174	return current;
	175
	176	Permission temp = Permission.None;
	177
	178	// Pickup non-None permissions
	179	if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)
	180	temp = m_resources[resource];
	181
	182	if (m_parents != null)
	183	{
	184	foreach (Role parent in m_parents)
	185	{
	186	temp = parent.RequestPermission(resource, temp);
	187	}
	188	}
	189
	190	return temp;
	191	}
	192
	193	public void GivePermission(string resource, Permission perm)
	194	{
	195	m_resources[resource] = perm;
	196	}
	197
	198	public Role(string name)
	199	{
	200	m_name = name;
	201	m_parents = null;
	202	}
	203
	204	public Role(string name, Role[] parents)
	205	{
	206	m_name = name;
	207	m_parents = parents;
	208	}
	209	}
	210
	211	public class Resource
	212	{
	213	private string m_name;
	214
	215	public string Name
	216	{
	217	get { return m_name; }
	218	}
	219
	220	public Resource(string name)
	221	{
	222	m_name = name;
	223	}
	224	}
	225
	226	#endregion
	227
	228	#region Tests
	229
	230	class ACLTester
	231	{
	232	public ACLTester()
	233	{
	234	ACL acl = new ACL();
	235
	236	Role Guests = new Role("Guests");
	237	acl.AddRole(Guests);
	238
	239	Role[] parents = new Role[0];
	240	parents[0] = Guests;
	241
	242	Role JoeGuest = new Role("JoeGuest", parents);
	243	acl.AddRole(JoeGuest);
	244
	245	Resource CanBuild = new Resource("CanBuild");
	246	acl.AddResource(CanBuild);
	247
	248
	249	acl.GrantPermission("Guests", "CanBuild");
	250
	251	acl.HasPermission("JoeGuest", "CanBuild");
	252
	253	}
	254	}
	255
	256	#endregion
	257	}