001    package railo.commons.io.res.type.s3;
002    
003    import java.io.IOException;
004    import java.util.ArrayList;
005    import java.util.Iterator;
006    import java.util.List;
007    
008    import railo.commons.lang.Md5;
009    import railo.commons.lang.StringUtil;
010    import railo.runtime.exp.PageException;
011    import railo.runtime.functions.s3.StoreGetACL;
012    import railo.runtime.op.Caster;
013    import railo.runtime.type.Array;
014    import railo.runtime.type.KeyImpl;
015    import railo.runtime.type.Struct;
016    
017    public class AccessControl {
018    
019            public static final short TYPE_GROUP=1;
020            public static final short TYPE_EMAIL=2;
021            public static final short TYPE_CANONICAL_USER=4;
022            
023            private String id;
024            private String displayName;
025            private String permission;
026            private String uri;
027            private short type;
028            private String email;
029            
030            /**
031             * @return the type
032             */
033            public short getType() {
034                    return type;
035            }
036    
037            /**
038             * @param type the type to set
039             */
040            public void setType(short type) {
041                    this.type = type;
042            }
043    
044            /**
045             * @return the id
046             */
047            public String getId() {
048                    return id;
049            }
050            /**
051             * @param id the id to set
052             */
053            public void setId(String id) {
054                    this.id = id;
055            }
056            /**
057             * @return the displayName
058             */
059            public String getDisplayName() {
060                    return displayName;
061            }
062            /**
063             * @param displayName the displayName to set
064             */
065            public void setDisplayName(String displayName) {
066                    this.displayName = displayName;
067            }
068            /**
069             * @return the permission
070             */
071            public String getPermission() {
072                    return permission;
073            }
074            
075            public void setPermission(String permission) {
076                    this.permission=permission;
077            }
078            
079            /**
080             * @return the uri
081             */
082            public String getUri() {
083                    return uri;
084            }
085            /**
086             * @param uri the uri to set
087             */
088            public void setUri(String uri) {
089                    this.uri = uri;
090            }
091            
092    
093            
094            /**
095             * @return the email
096             */
097            public String getEmail() {
098                    return email;
099            }
100    
101            /**
102             * @param email the email to set
103             */
104            public void setEmail(String email) {
105                    this.email = email;
106            }
107            
108    
109            /**
110             * @see java.lang.Object#toString()
111             */
112            public String toString(){
113                    return "displayName:"+displayName+";email:"+email+";id:"+id+";permission:"+permission+";type:"+type+";uri:"+uri;
114            }
115    
116            public String hash() {
117                    try {
118                            return Md5.getDigestAsString(toString());
119                    } catch (IOException e) {
120                            return null;
121                    }
122            }
123            /**
124             * @see java.lang.Object#hashCode()
125             */
126            public int hashCode() {
127                    return hash().hashCode();
128            }
129            
130            
131            
132            
133            
134            
135            
136    
137            public static List<AccessControl> toAccessControlList(Object objACL) throws S3Exception, PageException{
138                    Array arr = Caster.toArray(objACL,null);
139                    if(arr==null)
140                            throw new S3Exception("ACL Object must be a Array of Structs");
141                    
142                    Struct sct;
143                    Iterator it = arr.valueIterator();
144                    List<AccessControl> acl=new ArrayList<AccessControl>();
145                    while(it.hasNext()){
146                            sct=Caster.toStruct(it.next(), null);
147                            if(sct==null)
148                                    throw new S3Exception("ACL Object must be a Array of Structs");
149                            acl.add(toAccessControl(sct));
150                    }
151                    return acl;
152            }
153            
154            
155            public static AccessControl toAccessControl(Struct sct) throws S3Exception, PageException{
156                    AccessControl ac=new AccessControl();
157            ac.setPermission(AccessControl.toPermission(sct.get(StoreGetACL.PERMISSION,null)));
158            
159            
160            
161            // Email
162            String email = Caster.toString(sct.get(StoreGetACL.EMAIL,null),null);
163            if(!StringUtil.isEmpty(email)){
164                    ac.setType(AccessControl.TYPE_EMAIL);
165                    ac.setEmail(email);
166                    return ac;
167            }
168            
169            // Group
170            String uri=AccessControl.groupToURI(sct.get(StoreGetACL.GROUP,null));
171            if(!StringUtil.isEmpty(uri)) {
172                    ac.setType(AccessControl.TYPE_GROUP);
173                    ac.setUri(uri);
174                    return ac;
175            }
176            
177            // Canonical
178            String id = Caster.toString(sct.get(KeyImpl.ID),null);
179            String displayName = Caster.toString(sct.get(StoreGetACL.DISPLAY_NAME),null);
180            if(StringUtil.isEmpty(id)) 
181                    throw new S3Exception("missing id for Canonical User defintion");
182            
183            ac.setType(AccessControl.TYPE_CANONICAL_USER);
184            ac.setId(id);
185            ac.setDisplayName(displayName);
186            
187            return ac;
188            }
189            
190            
191            public static String toPermission(Object oPermission) throws S3Exception {
192                    String permission=Caster.toString(oPermission,null);
193                    if(StringUtil.isEmpty(permission,true))
194                            throw new S3Exception("missing permission definition");
195                    
196                    permission=permission.toUpperCase().trim();
197                    permission=AccessControl.removeWordDelimter(permission);
198                    
199                    if("FULLCONTROL".equals(permission))
200                            return "FULL_CONTROL";
201                    else if("WRITEACP".equals(permission))
202                            return "WRITE_ACP";
203                    else if("READACP".equals(permission))
204                            return "READ_ACP";
205                    else if("WRITE".equals(permission))
206                            return "WRITE";
207                    else if("READ".equals(permission))
208                            return "READ";
209                    else
210                            throw new S3Exception("invalid permission definition ["+permission+"], valid permissions are [FULL_CONTROL, WRITE, WRITE_ACP, READ, READ_ACP]");
211            }
212            
213    
214            public static String groupToURI(Object oGroup) throws S3Exception {
215                    if(!StringUtil.isEmpty(oGroup)) {
216                            String group=Caster.toString(oGroup,null);
217                            if(group==null)
218                                    throw new S3Exception("invalid object type for group definition");
219                
220                            group=removeWordDelimter(group);
221                            if("all".equalsIgnoreCase(group))
222                    return "http://acs.amazonaws.com/groups/global/AllUsers";
223                            if("authenticated".equalsIgnoreCase(group) || "AuthenticatedUser".equalsIgnoreCase(group) || "AuthenticatedUsers".equalsIgnoreCase(group))
224                    return "http://acs.amazonaws.com/groups/global/AuthenticatedUsers";
225                            if("logdelivery".equalsIgnoreCase(group))
226                    return "http://acs.amazonaws.com/groups/s3/LogDelivery";
227                            throw new S3Exception("invalid group definition ["+group+"], valid group defintions are are [all,authenticated,log_delivery]");
228                    
229            }
230                    return null;
231            }
232            
233    
234            public static String toType(short type) throws S3Exception {
235                    String rtn = toType(type, null);
236                    if(rtn!=null) return rtn;
237                    throw new S3Exception("invalid type defintion");
238            }
239            
240            public static String toType(short type, String defaultValue) {
241                    switch(type){
242                    case TYPE_EMAIL: return "AmazonCustomerByEmail";
243                    case TYPE_GROUP: return "Group";
244                    case TYPE_CANONICAL_USER: return "CanonicalUser";
245                    }
246                    return defaultValue;
247            }
248    
249            public static short toType(String type) throws S3Exception {
250                    short rtn = toType(type, (short)-1);
251                    if(rtn!=-1) return rtn;
252                    
253                    throw new S3Exception("invalid type defintion ["+type+"], valid types are [Email,Group,CanonicalUser]");
254            }
255            
256            public static short toType(String type, short defaultValue) {
257                    type=removeWordDelimter(type);
258                    if("Email".equalsIgnoreCase(type)) return TYPE_EMAIL;
259                    if("AmazonCustomerByEmail".equalsIgnoreCase(type)) return TYPE_EMAIL;
260                    if("CanonicalUser".equalsIgnoreCase(type)) return TYPE_CANONICAL_USER;
261                    if("Group".equalsIgnoreCase(type)) return TYPE_GROUP;
262                    
263                    return defaultValue;
264            }
265            
266    
267            
268            private static String removeWordDelimter(String str) {
269                    str=StringUtil.replace(str,"_", "", false);
270                    str=StringUtil.replace(str,"-", "", false);
271                    str=StringUtil.replace(str," ", "", false);
272                    return str;
273            }
274    }