aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Framework/General/ACL.cs
diff options
context:
space:
mode:
Diffstat (limited to 'OpenSim/Framework/General/ACL.cs')
-rw-r--r--OpenSim/Framework/General/ACL.cs524
1 files changed, 262 insertions, 262 deletions
diff --git a/OpenSim/Framework/General/ACL.cs b/OpenSim/Framework/General/ACL.cs
index 0e9df19..8f9c6e7 100644
--- a/OpenSim/Framework/General/ACL.cs
+++ b/OpenSim/Framework/General/ACL.cs
@@ -1,263 +1,263 @@
1/* 1/*
2* Copyright (c) Contributors, http://opensimulator.org/ 2* Copyright (c) Contributors, http://opensimulator.org/
3* See CONTRIBUTORS.TXT for a full list of copyright holders. 3* See CONTRIBUTORS.TXT for a full list of copyright holders.
4* 4*
5* Redistribution and use in source and binary forms, with or without 5* Redistribution and use in source and binary forms, with or without
6* modification, are permitted provided that the following conditions are met: 6* modification, are permitted provided that the following conditions are met:
7* * Redistributions of source code must retain the above copyright 7* * Redistributions of source code must retain the above copyright
8* notice, this list of conditions and the following disclaimer. 8* notice, this list of conditions and the following disclaimer.
9* * Redistributions in binary form must reproduce the above copyright 9* * Redistributions in binary form must reproduce the above copyright
10* notice, this list of conditions and the following disclaimer in the 10* notice, this list of conditions and the following disclaimer in the
11* documentation and/or other materials provided with the distribution. 11* documentation and/or other materials provided with the distribution.
12* * Neither the name of the OpenSim Project nor the 12* * Neither the name of the OpenSim Project nor the
13* names of its contributors may be used to endorse or promote products 13* names of its contributors may be used to endorse or promote products
14* derived from this software without specific prior written permission. 14* derived from this software without specific prior written permission.
15* 15*
16* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY 16* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY
17* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 17* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 18* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY 19* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 20* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 21* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 22* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 24* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26* 26*
27*/ 27*/
28using System; 28using System;
29using System.Collections.Generic; 29using System.Collections.Generic;
30 30
31namespace OpenSim.Framework 31namespace OpenSim.Framework
32{ 32{
33 // ACL Class 33 // ACL Class
34 // Modelled after the structure of the Zend ACL Framework Library 34 // Modelled after the structure of the Zend ACL Framework Library
35 // with one key difference - the tree will search for all matching 35 // with one key difference - the tree will search for all matching
36 // permissions rather than just the first. Deny permissions will 36 // permissions rather than just the first. Deny permissions will
37 // override all others. 37 // override all others.
38 38
39 #region ACL Core Class 39 #region ACL Core Class
40 40
41 /// <summary> 41 /// <summary>
42 /// Access Control List Engine 42 /// Access Control List Engine
43 /// </summary> 43 /// </summary>
44 public class ACL 44 public class ACL
45 { 45 {
46 private Dictionary<string, Role> Roles = new Dictionary<string, Role>(); 46 private Dictionary<string, Role> Roles = new Dictionary<string, Role>();
47 private Dictionary<string, Resource> Resources = new Dictionary<string, Resource>(); 47 private Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();
48 48
49 public ACL AddRole(Role role) 49 public ACL AddRole(Role role)
50 { 50 {
51 if (Roles.ContainsKey(role.Name)) 51 if (Roles.ContainsKey(role.Name))
52 throw new AlreadyContainsRoleException(role); 52 throw new AlreadyContainsRoleException(role);
53 53
54 Roles.Add(role.Name, role); 54 Roles.Add(role.Name, role);
55 55
56 return this; 56 return this;
57 } 57 }
58 58
59 public ACL AddResource(Resource resource) 59 public ACL AddResource(Resource resource)
60 { 60 {
61 Resources.Add(resource.Name, resource); 61 Resources.Add(resource.Name, resource);
62 62
63 return this; 63 return this;
64 } 64 }
65 65
66 public Permission HasPermission(string role, string resource) 66 public Permission HasPermission(string role, string resource)
67 { 67 {
68 if (!Roles.ContainsKey(role)) 68 if (!Roles.ContainsKey(role))
69 throw new KeyNotFoundException(); 69 throw new KeyNotFoundException();
70 70
71 if (!Resources.ContainsKey(resource)) 71 if (!Resources.ContainsKey(resource))
72 throw new KeyNotFoundException(); 72 throw new KeyNotFoundException();
73 73
74 return Roles[role].RequestPermission(resource); 74 return Roles[role].RequestPermission(resource);
75 } 75 }
76 76
77 public ACL GrantPermission(string role, string resource) 77 public ACL GrantPermission(string role, string resource)
78 { 78 {
79 if (!Roles.ContainsKey(role)) 79 if (!Roles.ContainsKey(role))
80 throw new KeyNotFoundException(); 80 throw new KeyNotFoundException();
81 81
82 if (!Resources.ContainsKey(resource)) 82 if (!Resources.ContainsKey(resource))
83 throw new KeyNotFoundException(); 83 throw new KeyNotFoundException();
84 84
85 Roles[role].GivePermission(resource, Permission.Allow); 85 Roles[role].GivePermission(resource, Permission.Allow);
86 86
87 return this; 87 return this;
88 } 88 }
89 89
90 public ACL DenyPermission(string role, string resource) 90 public ACL DenyPermission(string role, string resource)
91 { 91 {
92 if (!Roles.ContainsKey(role)) 92 if (!Roles.ContainsKey(role))
93 throw new KeyNotFoundException(); 93 throw new KeyNotFoundException();
94 94
95 if (!Resources.ContainsKey(resource)) 95 if (!Resources.ContainsKey(resource))
96 throw new KeyNotFoundException(); 96 throw new KeyNotFoundException();
97 97
98 Roles[role].GivePermission(resource, Permission.Deny); 98 Roles[role].GivePermission(resource, Permission.Deny);
99 99
100 return this; 100 return this;
101 } 101 }
102 102
103 public ACL ResetPermission(string role, string resource) 103 public ACL ResetPermission(string role, string resource)
104 { 104 {
105 if (!Roles.ContainsKey(role)) 105 if (!Roles.ContainsKey(role))
106 throw new KeyNotFoundException(); 106 throw new KeyNotFoundException();
107 107
108 if (!Resources.ContainsKey(resource)) 108 if (!Resources.ContainsKey(resource))
109 throw new KeyNotFoundException(); 109 throw new KeyNotFoundException();
110 110
111 Roles[role].GivePermission(resource, Permission.None); 111 Roles[role].GivePermission(resource, Permission.None);
112 112
113 return this; 113 return this;
114 } 114 }
115 } 115 }
116 116
117 #endregion 117 #endregion
118 118
119 #region Exceptions 119 #region Exceptions
120 120
121 /// <summary> 121 /// <summary>
122 /// Thrown when an ACL attempts to add a duplicate role. 122 /// Thrown when an ACL attempts to add a duplicate role.
123 /// </summary> 123 /// </summary>
124 public class AlreadyContainsRoleException : Exception 124 public class AlreadyContainsRoleException : Exception
125 { 125 {
126 protected Role m_role; 126 protected Role m_role;
127 127
128 public Role ErrorRole 128 public Role ErrorRole
129 { 129 {
130 get { return m_role; } 130 get { return m_role; }
131 } 131 }
132 132
133 public AlreadyContainsRoleException(Role role) 133 public AlreadyContainsRoleException(Role role)
134 { 134 {
135 m_role = role; 135 m_role = role;
136 } 136 }
137 137
138 public override string ToString() 138 public override string ToString()
139 { 139 {
140 return "This ACL already contains a role called '" + m_role.Name + "'."; 140 return "This ACL already contains a role called '" + m_role.Name + "'.";
141 } 141 }
142 } 142 }
143 143
144 #endregion 144 #endregion
145 145
146 #region Roles and Resources 146 #region Roles and Resources
147 147
148 /// <summary> 148 /// <summary>
149 /// Does this Role have permission to access a specified Resource? 149 /// Does this Role have permission to access a specified Resource?
150 /// </summary> 150 /// </summary>
151 public enum Permission 151 public enum Permission
152 { 152 {
153 Deny, 153 Deny,
154 None, 154 None,
155 Allow 155 Allow
156 } ; 156 } ;
157 157
158 /// <summary> 158 /// <summary>
159 /// A role class, for use with Users or Groups 159 /// A role class, for use with Users or Groups
160 /// </summary> 160 /// </summary>
161 public class Role 161 public class Role
162 { 162 {
163 private string m_name; 163 private string m_name;
164 private Role[] m_parents; 164 private Role[] m_parents;
165 private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>(); 165 private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();
166 166
167 public string Name 167 public string Name
168 { 168 {
169 get { return m_name; } 169 get { return m_name; }
170 } 170 }
171 171
172 public Permission RequestPermission(string resource) 172 public Permission RequestPermission(string resource)
173 { 173 {
174 return RequestPermission(resource, Permission.None); 174 return RequestPermission(resource, Permission.None);
175 } 175 }
176 176
177 public Permission RequestPermission(string resource, Permission current) 177 public Permission RequestPermission(string resource, Permission current)
178 { 178 {
179 // Deny permissions always override any others 179 // Deny permissions always override any others
180 if (current == Permission.Deny) 180 if (current == Permission.Deny)
181 return current; 181 return current;
182 182
183 Permission temp = Permission.None; 183 Permission temp = Permission.None;
184 184
185 // Pickup non-None permissions 185 // Pickup non-None permissions
186 if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None) 186 if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)
187 temp = m_resources[resource]; 187 temp = m_resources[resource];
188 188
189 if (m_parents != null) 189 if (m_parents != null)
190 { 190 {
191 foreach (Role parent in m_parents) 191 foreach (Role parent in m_parents)
192 { 192 {
193 temp = parent.RequestPermission(resource, temp); 193 temp = parent.RequestPermission(resource, temp);
194 } 194 }
195 } 195 }
196 196
197 return temp; 197 return temp;
198 } 198 }
199 199
200 public void GivePermission(string resource, Permission perm) 200 public void GivePermission(string resource, Permission perm)
201 { 201 {
202 m_resources[resource] = perm; 202 m_resources[resource] = perm;
203 } 203 }
204 204
205 public Role(string name) 205 public Role(string name)
206 { 206 {
207 m_name = name; 207 m_name = name;
208 m_parents = null; 208 m_parents = null;
209 } 209 }
210 210
211 public Role(string name, Role[] parents) 211 public Role(string name, Role[] parents)
212 { 212 {
213 m_name = name; 213 m_name = name;
214 m_parents = parents; 214 m_parents = parents;
215 } 215 }
216 } 216 }
217 217
218 public class Resource 218 public class Resource
219 { 219 {
220 private string m_name; 220 private string m_name;
221 221
222 public string Name 222 public string Name
223 { 223 {
224 get { return m_name; } 224 get { return m_name; }
225 } 225 }
226 226
227 public Resource(string name) 227 public Resource(string name)
228 { 228 {
229 m_name = name; 229 m_name = name;
230 } 230 }
231 } 231 }
232 232
233 #endregion 233 #endregion
234 234
235 #region Tests 235 #region Tests
236 236
237 internal class ACLTester 237 internal class ACLTester
238 { 238 {
239 public ACLTester() 239 public ACLTester()
240 { 240 {
241 ACL acl = new ACL(); 241 ACL acl = new ACL();
242 242
243 Role Guests = new Role("Guests"); 243 Role Guests = new Role("Guests");
244 acl.AddRole(Guests); 244 acl.AddRole(Guests);
245 245
246 Role[] parents = new Role[0]; 246 Role[] parents = new Role[0];
247 parents[0] = Guests; 247 parents[0] = Guests;
248 248
249 Role JoeGuest = new Role("JoeGuest", parents); 249 Role JoeGuest = new Role("JoeGuest", parents);
250 acl.AddRole(JoeGuest); 250 acl.AddRole(JoeGuest);
251 251
252 Resource CanBuild = new Resource("CanBuild"); 252 Resource CanBuild = new Resource("CanBuild");
253 acl.AddResource(CanBuild); 253 acl.AddResource(CanBuild);
254 254
255 255
256 acl.GrantPermission("Guests", "CanBuild"); 256 acl.GrantPermission("Guests", "CanBuild");
257 257
258 acl.HasPermission("JoeGuest", "CanBuild"); 258 acl.HasPermission("JoeGuest", "CanBuild");
259 } 259 }
260 } 260 }
261 261
262 #endregion 262 #endregion
263} \ No newline at end of file 263} \ No newline at end of file