001 package railo.commons.io.res.type.s3; 002 003 import java.io.IOException; 004 import java.util.ArrayList; 005 import java.util.Iterator; 006 import java.util.List; 007 008 import railo.commons.lang.Md5; 009 import railo.commons.lang.StringUtil; 010 import railo.runtime.exp.PageException; 011 import railo.runtime.functions.s3.StoreGetACL; 012 import railo.runtime.op.Caster; 013 import railo.runtime.type.Array; 014 import railo.runtime.type.KeyImpl; 015 import railo.runtime.type.Struct; 016 017 public class AccessControl { 018 019 public static final short TYPE_GROUP=1; 020 public static final short TYPE_EMAIL=2; 021 public static final short TYPE_CANONICAL_USER=4; 022 023 private String id; 024 private String displayName; 025 private String permission; 026 private String uri; 027 private short type; 028 private String email; 029 030 /** 031 * @return the type 032 */ 033 public short getType() { 034 return type; 035 } 036 037 /** 038 * @param type the type to set 039 */ 040 public void setType(short type) { 041 this.type = type; 042 } 043 044 /** 045 * @return the id 046 */ 047 public String getId() { 048 return id; 049 } 050 /** 051 * @param id the id to set 052 */ 053 public void setId(String id) { 054 this.id = id; 055 } 056 /** 057 * @return the displayName 058 */ 059 public String getDisplayName() { 060 return displayName; 061 } 062 /** 063 * @param displayName the displayName to set 064 */ 065 public void setDisplayName(String displayName) { 066 this.displayName = displayName; 067 } 068 /** 069 * @return the permission 070 */ 071 public String getPermission() { 072 return permission; 073 } 074 075 public void setPermission(String permission) { 076 this.permission=permission; 077 } 078 079 /** 080 * @return the uri 081 */ 082 public String getUri() { 083 return uri; 084 } 085 /** 086 * @param uri the uri to set 087 */ 088 public void setUri(String uri) { 089 this.uri = uri; 090 } 091 092 093 094 /** 095 * @return the email 096 */ 097 public String getEmail() { 098 return email; 099 } 100 101 /** 102 * @param email the email to set 103 */ 104 public void setEmail(String email) { 105 this.email = email; 106 } 107 108 109 /** 110 * @see java.lang.Object#toString() 111 */ 112 public String toString(){ 113 return "displayName:"+displayName+";email:"+email+";id:"+id+";permission:"+permission+";type:"+type+";uri:"+uri; 114 } 115 116 public String hash() { 117 try { 118 return Md5.getDigestAsString(toString()); 119 } catch (IOException e) { 120 return null; 121 } 122 } 123 /** 124 * @see java.lang.Object#hashCode() 125 */ 126 public int hashCode() { 127 return hash().hashCode(); 128 } 129 130 131 132 133 134 135 136 137 public static List<AccessControl> toAccessControlList(Object objACL) throws S3Exception, PageException{ 138 Array arr = Caster.toArray(objACL,null); 139 if(arr==null) 140 throw new S3Exception("ACL Object must be a Array of Structs"); 141 142 Struct sct; 143 Iterator it = arr.valueIterator(); 144 List<AccessControl> acl=new ArrayList<AccessControl>(); 145 while(it.hasNext()){ 146 sct=Caster.toStruct(it.next(), null); 147 if(sct==null) 148 throw new S3Exception("ACL Object must be a Array of Structs"); 149 acl.add(toAccessControl(sct)); 150 } 151 return acl; 152 } 153 154 155 public static AccessControl toAccessControl(Struct sct) throws S3Exception, PageException{ 156 AccessControl ac=new AccessControl(); 157 ac.setPermission(AccessControl.toPermission(sct.get(StoreGetACL.PERMISSION,null))); 158 159 160 161 // Email 162 String email = Caster.toString(sct.get(StoreGetACL.EMAIL,null),null); 163 if(!StringUtil.isEmpty(email)){ 164 ac.setType(AccessControl.TYPE_EMAIL); 165 ac.setEmail(email); 166 return ac; 167 } 168 169 // Group 170 String uri=AccessControl.groupToURI(sct.get(StoreGetACL.GROUP,null)); 171 if(!StringUtil.isEmpty(uri)) { 172 ac.setType(AccessControl.TYPE_GROUP); 173 ac.setUri(uri); 174 return ac; 175 } 176 177 // Canonical 178 String id = Caster.toString(sct.get(KeyImpl.ID),null); 179 String displayName = Caster.toString(sct.get(StoreGetACL.DISPLAY_NAME),null); 180 if(StringUtil.isEmpty(id)) 181 throw new S3Exception("missing id for Canonical User defintion"); 182 183 ac.setType(AccessControl.TYPE_CANONICAL_USER); 184 ac.setId(id); 185 ac.setDisplayName(displayName); 186 187 return ac; 188 } 189 190 191 public static String toPermission(Object oPermission) throws S3Exception { 192 String permission=Caster.toString(oPermission,null); 193 if(StringUtil.isEmpty(permission,true)) 194 throw new S3Exception("missing permission definition"); 195 196 permission=permission.toUpperCase().trim(); 197 permission=AccessControl.removeWordDelimter(permission); 198 199 if("FULLCONTROL".equals(permission)) 200 return "FULL_CONTROL"; 201 else if("WRITEACP".equals(permission)) 202 return "WRITE_ACP"; 203 else if("READACP".equals(permission)) 204 return "READ_ACP"; 205 else if("WRITE".equals(permission)) 206 return "WRITE"; 207 else if("READ".equals(permission)) 208 return "READ"; 209 else 210 throw new S3Exception("invalid permission definition ["+permission+"], valid permissions are [FULL_CONTROL, WRITE, WRITE_ACP, READ, READ_ACP]"); 211 } 212 213 214 public static String groupToURI(Object oGroup) throws S3Exception { 215 if(!StringUtil.isEmpty(oGroup)) { 216 String group=Caster.toString(oGroup,null); 217 if(group==null) 218 throw new S3Exception("invalid object type for group definition"); 219 220 group=removeWordDelimter(group); 221 if("all".equalsIgnoreCase(group)) 222 return "http://acs.amazonaws.com/groups/global/AllUsers"; 223 if("authenticated".equalsIgnoreCase(group) || "AuthenticatedUser".equalsIgnoreCase(group) || "AuthenticatedUsers".equalsIgnoreCase(group)) 224 return "http://acs.amazonaws.com/groups/global/AuthenticatedUsers"; 225 if("logdelivery".equalsIgnoreCase(group)) 226 return "http://acs.amazonaws.com/groups/s3/LogDelivery"; 227 throw new S3Exception("invalid group definition ["+group+"], valid group defintions are are [all,authenticated,log_delivery]"); 228 229 } 230 return null; 231 } 232 233 234 public static String toType(short type) throws S3Exception { 235 String rtn = toType(type, null); 236 if(rtn!=null) return rtn; 237 throw new S3Exception("invalid type defintion"); 238 } 239 240 public static String toType(short type, String defaultValue) { 241 switch(type){ 242 case TYPE_EMAIL: return "AmazonCustomerByEmail"; 243 case TYPE_GROUP: return "Group"; 244 case TYPE_CANONICAL_USER: return "CanonicalUser"; 245 } 246 return defaultValue; 247 } 248 249 public static short toType(String type) throws S3Exception { 250 short rtn = toType(type, (short)-1); 251 if(rtn!=-1) return rtn; 252 253 throw new S3Exception("invalid type defintion ["+type+"], valid types are [Email,Group,CanonicalUser]"); 254 } 255 256 public static short toType(String type, short defaultValue) { 257 type=removeWordDelimter(type); 258 if("Email".equalsIgnoreCase(type)) return TYPE_EMAIL; 259 if("AmazonCustomerByEmail".equalsIgnoreCase(type)) return TYPE_EMAIL; 260 if("CanonicalUser".equalsIgnoreCase(type)) return TYPE_CANONICAL_USER; 261 if("Group".equalsIgnoreCase(type)) return TYPE_GROUP; 262 263 return defaultValue; 264 } 265 266 267 268 private static String removeWordDelimter(String str) { 269 str=StringUtil.replace(str,"_", "", false); 270 str=StringUtil.replace(str,"-", "", false); 271 str=StringUtil.replace(str," ", "", false); 272 return str; 273 } 274 }