1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.ldap.server.authz.support;
20
21 import java.util.Collection;
22 import java.util.Iterator;
23
24 import javax.naming.Name;
25 import javax.naming.NamingException;
26 import javax.naming.directory.Attributes;
27
28 import org.apache.ldap.common.aci.ACITuple;
29 import org.apache.ldap.common.aci.AuthenticationLevel;
30 import org.apache.ldap.server.partition.DirectoryPartitionNexusProxy;
31
32
33 /***
34 * An {@link ACITupleFilter} that discards all tuples having a precedence less
35 * than the highest remaining precedence. (18.8.4.1, X.501)
36 *
37 * @author The Apache Directory Project
38 * @version $Rev: 326050 $, $Date: 2005-10-18 04:19:14 -0400 (Tue, 18 Oct 2005) $
39 */
40 public class HighestPrecedenceFilter implements ACITupleFilter
41 {
42 public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, Collection userGroupNames, Name userName, Attributes userEntry, AuthenticationLevel authenticationLevel, Name entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException
43 {
44 if( tuples.size() <= 1 )
45 {
46 return tuples;
47 }
48
49 int maxPrecedence = -1;
50
51
52 for( Iterator i = tuples.iterator(); i.hasNext(); )
53 {
54 ACITuple tuple = ( ACITuple ) i.next();
55 if( tuple.getPrecedence() > maxPrecedence )
56 {
57 maxPrecedence = tuple.getPrecedence();
58 }
59 }
60
61
62 for( Iterator i = tuples.iterator(); i.hasNext(); )
63 {
64 ACITuple tuple = ( ACITuple ) i.next();
65 if( tuple.getPrecedence() != maxPrecedence )
66 {
67 i.remove();
68 }
69 }
70
71 return tuples;
72 }
73 }