aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Framework/General/PolicyManager/ACL.cs
diff options
context:
space:
mode:
Diffstat (limited to 'OpenSim/Framework/General/PolicyManager/ACL.cs')
-rw-r--r--OpenSim/Framework/General/PolicyManager/ACL.cs514
1 files changed, 257 insertions, 257 deletions
diff --git a/OpenSim/Framework/General/PolicyManager/ACL.cs b/OpenSim/Framework/General/PolicyManager/ACL.cs
index 8dffe7b..b6f2966 100644
--- a/OpenSim/Framework/General/PolicyManager/ACL.cs
+++ b/OpenSim/Framework/General/PolicyManager/ACL.cs
@@ -1,257 +1,257 @@
1/* 1/*
2* Copyright (c) Contributors, http://opensimulator.org/ 2* Copyright (c) Contributors, http://opensimulator.org/
3* See CONTRIBUTORS.TXT for a full list of copyright holders. 3* See CONTRIBUTORS.TXT for a full list of copyright holders.
4* 4*
5* Redistribution and use in source and binary forms, with or without 5* Redistribution and use in source and binary forms, with or without
6* modification, are permitted provided that the following conditions are met: 6* modification, are permitted provided that the following conditions are met:
7* * Redistributions of source code must retain the above copyright 7* * Redistributions of source code must retain the above copyright
8* notice, this list of conditions and the following disclaimer. 8* notice, this list of conditions and the following disclaimer.
9* * Redistributions in binary form must reproduce the above copyright 9* * Redistributions in binary form must reproduce the above copyright
10* notice, this list of conditions and the following disclaimer in the 10* notice, this list of conditions and the following disclaimer in the
11* documentation and/or other materials provided with the distribution. 11* documentation and/or other materials provided with the distribution.
12* * Neither the name of the OpenSim Project nor the 12* * Neither the name of the OpenSim Project nor the
13* names of its contributors may be used to endorse or promote products 13* names of its contributors may be used to endorse or promote products
14* derived from this software without specific prior written permission. 14* derived from this software without specific prior written permission.
15* 15*
16* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY 16* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS AS IS AND ANY
17* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 17* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 18* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY 19* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 20* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 21* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 22* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 24* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26* 26*
27*/ 27*/
28using System; 28using System;
29using System.Collections.Generic; 29using System.Collections.Generic;
30using System.Text; 30using System.Text;
31 31
32namespace OpenSim.Framework.PolicyManager 32namespace OpenSim.Framework.PolicyManager
33{ 33{
34 // ACL Class 34 // ACL Class
35 // Modelled after the structure of the Zend ACL Framework Library 35 // Modelled after the structure of the Zend ACL Framework Library
36 // with one key difference - the tree will search for all matching 36 // with one key difference - the tree will search for all matching
37 // permissions rather than just the first. Deny permissions will 37 // permissions rather than just the first. Deny permissions will
38 // override all others. 38 // override all others.
39 39
40 40
41 #region ACL Core Class 41 #region ACL Core Class
42 /// <summary> 42 /// <summary>
43 /// Access Control List Engine 43 /// Access Control List Engine
44 /// </summary> 44 /// </summary>
45 public class ACL 45 public class ACL
46 { 46 {
47 Dictionary<string, Role> Roles = new Dictionary<string, Role>(); 47 Dictionary<string, Role> Roles = new Dictionary<string, Role>();
48 Dictionary<string, Resource> Resources = new Dictionary<string, Resource>(); 48 Dictionary<string, Resource> Resources = new Dictionary<string, Resource>();
49 49
50 public ACL AddRole(Role role) 50 public ACL AddRole(Role role)
51 { 51 {
52 if (Roles.ContainsKey(role.Name)) 52 if (Roles.ContainsKey(role.Name))
53 throw new AlreadyContainsRoleException(role); 53 throw new AlreadyContainsRoleException(role);
54 54
55 Roles.Add(role.Name, role); 55 Roles.Add(role.Name, role);
56 56
57 return this; 57 return this;
58 } 58 }
59 59
60 public ACL AddResource(Resource resource) 60 public ACL AddResource(Resource resource)
61 { 61 {
62 Resources.Add(resource.Name, resource); 62 Resources.Add(resource.Name, resource);
63 63
64 return this; 64 return this;
65 } 65 }
66 66
67 public Permission HasPermission(string role, string resource) 67 public Permission HasPermission(string role, string resource)
68 { 68 {
69 if (!Roles.ContainsKey(role)) 69 if (!Roles.ContainsKey(role))
70 throw new KeyNotFoundException(); 70 throw new KeyNotFoundException();
71 71
72 if (!Resources.ContainsKey(resource)) 72 if (!Resources.ContainsKey(resource))
73 throw new KeyNotFoundException(); 73 throw new KeyNotFoundException();
74 74
75 return Roles[role].RequestPermission(resource); 75 return Roles[role].RequestPermission(resource);
76 } 76 }
77 77
78 public ACL GrantPermission(string role, string resource) 78 public ACL GrantPermission(string role, string resource)
79 { 79 {
80 if (!Roles.ContainsKey(role)) 80 if (!Roles.ContainsKey(role))
81 throw new KeyNotFoundException(); 81 throw new KeyNotFoundException();
82 82
83 if (!Resources.ContainsKey(resource)) 83 if (!Resources.ContainsKey(resource))
84 throw new KeyNotFoundException(); 84 throw new KeyNotFoundException();
85 85
86 Roles[role].GivePermission(resource, Permission.Allow); 86 Roles[role].GivePermission(resource, Permission.Allow);
87 87
88 return this; 88 return this;
89 } 89 }
90 90
91 public ACL DenyPermission(string role, string resource) 91 public ACL DenyPermission(string role, string resource)
92 { 92 {
93 if (!Roles.ContainsKey(role)) 93 if (!Roles.ContainsKey(role))
94 throw new KeyNotFoundException(); 94 throw new KeyNotFoundException();
95 95
96 if (!Resources.ContainsKey(resource)) 96 if (!Resources.ContainsKey(resource))
97 throw new KeyNotFoundException(); 97 throw new KeyNotFoundException();
98 98
99 Roles[role].GivePermission(resource, Permission.Deny); 99 Roles[role].GivePermission(resource, Permission.Deny);
100 100
101 return this; 101 return this;
102 } 102 }
103 103
104 public ACL ResetPermission(string role, string resource) 104 public ACL ResetPermission(string role, string resource)
105 { 105 {
106 if (!Roles.ContainsKey(role)) 106 if (!Roles.ContainsKey(role))
107 throw new KeyNotFoundException(); 107 throw new KeyNotFoundException();
108 108
109 if (!Resources.ContainsKey(resource)) 109 if (!Resources.ContainsKey(resource))
110 throw new KeyNotFoundException(); 110 throw new KeyNotFoundException();
111 111
112 Roles[role].GivePermission(resource, Permission.None); 112 Roles[role].GivePermission(resource, Permission.None);
113 113
114 return this; 114 return this;
115 } 115 }
116 } 116 }
117 #endregion 117 #endregion
118 118
119 #region Exceptions 119 #region Exceptions
120 /// <summary> 120 /// <summary>
121 /// Thrown when an ACL attempts to add a duplicate role. 121 /// Thrown when an ACL attempts to add a duplicate role.
122 /// </summary> 122 /// </summary>
123 public class AlreadyContainsRoleException : Exception 123 public class AlreadyContainsRoleException : Exception
124 { 124 {
125 protected Role m_role; 125 protected Role m_role;
126 126
127 public Role ErrorRole 127 public Role ErrorRole
128 { 128 {
129 get { return m_role; } 129 get { return m_role; }
130 } 130 }
131 131
132 public AlreadyContainsRoleException(Role role) 132 public AlreadyContainsRoleException(Role role)
133 { 133 {
134 m_role = role; 134 m_role = role;
135 } 135 }
136 136
137 public override string ToString() 137 public override string ToString()
138 { 138 {
139 return "This ACL already contains a role called '" + m_role.Name + "'."; 139 return "This ACL already contains a role called '" + m_role.Name + "'.";
140 } 140 }
141 } 141 }
142 #endregion 142 #endregion
143 143
144 #region Roles and Resources 144 #region Roles and Resources
145 145
146 /// <summary> 146 /// <summary>
147 /// Does this Role have permission to access a specified Resource? 147 /// Does this Role have permission to access a specified Resource?
148 /// </summary> 148 /// </summary>
149 public enum Permission { Deny, None, Allow }; 149 public enum Permission { Deny, None, Allow };
150 150
151 /// <summary> 151 /// <summary>
152 /// A role class, for use with Users or Groups 152 /// A role class, for use with Users or Groups
153 /// </summary> 153 /// </summary>
154 public class Role 154 public class Role
155 { 155 {
156 private string m_name; 156 private string m_name;
157 private Role[] m_parents; 157 private Role[] m_parents;
158 private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>(); 158 private Dictionary<string, Permission> m_resources = new Dictionary<string, Permission>();
159 159
160 public string Name 160 public string Name
161 { 161 {
162 get { return m_name; } 162 get { return m_name; }
163 } 163 }
164 164
165 public Permission RequestPermission(string resource) 165 public Permission RequestPermission(string resource)
166 { 166 {
167 return RequestPermission(resource, Permission.None); 167 return RequestPermission(resource, Permission.None);
168 } 168 }
169 169
170 public Permission RequestPermission(string resource, Permission current) 170 public Permission RequestPermission(string resource, Permission current)
171 { 171 {
172 // Deny permissions always override any others 172 // Deny permissions always override any others
173 if (current == Permission.Deny) 173 if (current == Permission.Deny)
174 return current; 174 return current;
175 175
176 Permission temp = Permission.None; 176 Permission temp = Permission.None;
177 177
178 // Pickup non-None permissions 178 // Pickup non-None permissions
179 if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None) 179 if (m_resources.ContainsKey(resource) && m_resources[resource] != Permission.None)
180 temp = m_resources[resource]; 180 temp = m_resources[resource];
181 181
182 if (m_parents != null) 182 if (m_parents != null)
183 { 183 {
184 foreach (Role parent in m_parents) 184 foreach (Role parent in m_parents)
185 { 185 {
186 temp = parent.RequestPermission(resource, temp); 186 temp = parent.RequestPermission(resource, temp);
187 } 187 }
188 } 188 }
189 189
190 return temp; 190 return temp;
191 } 191 }
192 192
193 public void GivePermission(string resource, Permission perm) 193 public void GivePermission(string resource, Permission perm)
194 { 194 {
195 m_resources[resource] = perm; 195 m_resources[resource] = perm;
196 } 196 }
197 197
198 public Role(string name) 198 public Role(string name)
199 { 199 {
200 m_name = name; 200 m_name = name;
201 m_parents = null; 201 m_parents = null;
202 } 202 }
203 203
204 public Role(string name, Role[] parents) 204 public Role(string name, Role[] parents)
205 { 205 {
206 m_name = name; 206 m_name = name;
207 m_parents = parents; 207 m_parents = parents;
208 } 208 }
209 } 209 }
210 210
211 public class Resource 211 public class Resource
212 { 212 {
213 private string m_name; 213 private string m_name;
214 214
215 public string Name 215 public string Name
216 { 216 {
217 get { return m_name; } 217 get { return m_name; }
218 } 218 }
219 219
220 public Resource(string name) 220 public Resource(string name)
221 { 221 {
222 m_name = name; 222 m_name = name;
223 } 223 }
224 } 224 }
225 225
226 #endregion 226 #endregion
227 227
228 #region Tests 228 #region Tests
229 229
230 class ACLTester 230 class ACLTester
231 { 231 {
232 public ACLTester() 232 public ACLTester()
233 { 233 {
234 ACL acl = new ACL(); 234 ACL acl = new ACL();
235 235
236 Role Guests = new Role("Guests"); 236 Role Guests = new Role("Guests");
237 acl.AddRole(Guests); 237 acl.AddRole(Guests);
238 238
239 Role[] parents = new Role[0]; 239 Role[] parents = new Role[0];
240 parents[0] = Guests; 240 parents[0] = Guests;
241 241
242 Role JoeGuest = new Role("JoeGuest", parents); 242 Role JoeGuest = new Role("JoeGuest", parents);
243 acl.AddRole(JoeGuest); 243 acl.AddRole(JoeGuest);
244 244
245 Resource CanBuild = new Resource("CanBuild"); 245 Resource CanBuild = new Resource("CanBuild");
246 acl.AddResource(CanBuild); 246 acl.AddResource(CanBuild);
247 247
248 248
249 acl.GrantPermission("Guests", "CanBuild"); 249 acl.GrantPermission("Guests", "CanBuild");
250 250
251 acl.HasPermission("JoeGuest", "CanBuild"); 251 acl.HasPermission("JoeGuest", "CanBuild");
252 252
253 } 253 }
254 } 254 }
255 255
256 #endregion 256 #endregion
257} 257}