1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.ldap.server.authz.support;
20
21 import java.util.Collection;
22 import java.util.Iterator;
23
24 import javax.naming.Name;
25 import javax.naming.NamingException;
26 import javax.naming.directory.Attribute;
27 import javax.naming.directory.Attributes;
28
29 import org.apache.ldap.common.aci.ACITuple;
30 import org.apache.ldap.common.aci.AuthenticationLevel;
31 import org.apache.ldap.common.aci.ProtectedItem;
32 import org.apache.ldap.common.aci.ProtectedItem.MaxValueCountItem;
33 import org.apache.ldap.server.partition.DirectoryPartitionNexusProxy;
34
35
36 /***
37 * An {@link ACITupleFilter} that discards all tuples that doesn't satisfy
38 * {@link ProtectedItem.MaxValueCount} constraint if available. (18.8.3.3, X.501)
39 *
40 * @author The Apache Directory Project
41 * @version $Rev: 326050 $, $Date: 2005-10-18 04:19:14 -0400 (Tue, 18 Oct 2005) $
42 */
43 public class MaxValueCountFilter implements ACITupleFilter
44 {
45 public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel, Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException
46 {
47 if( scope != OperationScope.ATTRIBUTE_TYPE_AND_VALUE )
48 {
49 return tuples;
50 }
51
52 if( tuples.size() == 0 )
53 {
54 return tuples;
55 }
56
57 for( Iterator i = tuples.iterator(); i.hasNext(); )
58 {
59 ACITuple tuple = ( ACITuple ) i.next();
60 if( !tuple.isGrant() )
61 {
62 continue;
63 }
64
65 for( Iterator j = tuple.getProtectedItems().iterator(); j.hasNext(); )
66 {
67 ProtectedItem item = ( ProtectedItem ) j.next();
68 if( item instanceof ProtectedItem.MaxValueCount )
69 {
70 ProtectedItem.MaxValueCount mvc = ( ProtectedItem.MaxValueCount ) item;
71 if( isRemovable( mvc, attrId, entry ) )
72 {
73 i.remove();
74 break;
75 }
76 }
77 }
78 }
79
80 return tuples;
81 }
82
83 private boolean isRemovable( ProtectedItem.MaxValueCount mvc, String attrId, Attributes entry )
84 {
85 for( Iterator k = mvc.iterator(); k.hasNext(); )
86 {
87 MaxValueCountItem mvcItem = ( MaxValueCountItem ) k.next();
88 if( attrId.equalsIgnoreCase( mvcItem.getAttributeType() ) )
89 {
90 Attribute attr = entry.get( attrId );
91 int attrCount = attr == null? 0 : attr.size();
92 if( attrCount >= mvcItem.getMaxCount() )
93 {
94 return true;
95 }
96 }
97 }
98
99 return false;
100 }
101
102 }