/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.clerezza.platform.security;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.osgi.service.permissionadmin.PermissionInfo;
import org.apache.clerezza.rdf.core.Literal;
import org.apache.clerezza.rdf.core.MGraph;
import org.apache.clerezza.rdf.core.NonLiteral;
import org.apache.clerezza.rdf.core.Triple;
import org.apache.clerezza.rdf.core.UriRef;
import org.apache.clerezza.rdf.ontologies.OSGI;
import org.apache.clerezza.rdf.ontologies.PERMISSION;
import org.apache.clerezza.rdf.ontologies.SIOC;
/**
* Provides utility methods to extract infomation for the permission assignment.
*
* @author clemens
*/
class PermissionDefinitions {
private MGraph systemGraph;
PermissionDefinitions(MGraph systeGraph) {
this.systemGraph = systeGraph;
}
/**
* Returns the permissions of a specified location.
* I.e. the permissions of all permission assignments matching <code>location</code>.
*
* @param location the location of a bundle
* @return an array with <code>PermissionInfo</code> elements
*/
PermissionInfo[] retrievePermissions(String location) {
List<PermissionInfo> permInfoList = new ArrayList<PermissionInfo>();
Iterator<Triple> ownerTriples =
systemGraph.filter(new UriRef(location), OSGI.owner, null);
if (ownerTriples.hasNext()) {
NonLiteral user = (NonLiteral) ownerTriples.next().getObject();
lookForPermissions(user, permInfoList);
}
if (permInfoList.isEmpty()) {
return null;
}
return permInfoList.toArray(new PermissionInfo[permInfoList.size()]);
}
/**
* Look for all permissions of a role and add them to a list.
* And if the role has another role, then execute this function recursively,
* until all permissions are found.
*
* @param role a <code>NonLiteral</code> which is either a user or a role
* @param permInfoList a list with all the added permissions of this bundle
*/
private void lookForPermissions(NonLiteral role, List<PermissionInfo> permInfoList) {
Iterator<Triple> permissionTriples =
systemGraph.filter(role, PERMISSION.hasPermission, null);
while (permissionTriples.hasNext()) {
NonLiteral permission = (NonLiteral) permissionTriples.next().getObject();
Iterator<Triple> javaPermissionTriples =
systemGraph.filter(permission, PERMISSION.javaPermissionEntry, null);
while (javaPermissionTriples.hasNext()) {
Triple t = javaPermissionTriples.next();
Literal permEntry = (Literal) t.getObject();
permInfoList.add(new PermissionInfo(permEntry.getLexicalForm()));
}
}
Iterator<Triple> roleTriples =
systemGraph.filter(role, SIOC.has_function, null);
while (roleTriples.hasNext()) {
NonLiteral anotherRole = (NonLiteral) roleTriples.next().getObject();
this.lookForPermissions(anotherRole, permInfoList);
}
}
}