001    package railo.commons.io.res.type.s3;
002    
003    import java.io.IOException;
004    import java.util.ArrayList;
005    import java.util.Iterator;
006    import java.util.List;
007    
008    import railo.commons.lang.Md5;
009    import railo.commons.lang.StringUtil;
010    import railo.runtime.exp.PageException;
011    import railo.runtime.functions.s3.StoreGetACL;
012    import railo.runtime.op.Caster;
013    import railo.runtime.type.Array;
014    import railo.runtime.type.Struct;
015    import railo.runtime.type.util.KeyConstants;
016    
017    public class AccessControl {
018    
019            public static final short TYPE_GROUP=1;
020            public static final short TYPE_EMAIL=2;
021            public static final short TYPE_CANONICAL_USER=4;
022            
023            private String id;
024            private String displayName;
025            private String permission;
026            private String uri;
027            private short type;
028            private String email;
029            
030            /**
031             * @return the type
032             */
033            public short getType() {
034                    return type;
035            }
036    
037            /**
038             * @param type the type to set
039             */
040            public void setType(short type) {
041                    this.type = type;
042            }
043    
044            /**
045             * @return the id
046             */
047            public String getId() {
048                    return id;
049            }
050            /**
051             * @param id the id to set
052             */
053            public void setId(String id) {
054                    this.id = id;
055            }
056            /**
057             * @return the displayName
058             */
059            public String getDisplayName() {
060                    return displayName;
061            }
062            /**
063             * @param displayName the displayName to set
064             */
065            public void setDisplayName(String displayName) {
066                    this.displayName = displayName;
067            }
068            /**
069             * @return the permission
070             */
071            public String getPermission() {
072                    return permission;
073            }
074            
075            public void setPermission(String permission) {
076                    this.permission=permission;
077            }
078            
079            /**
080             * @return the uri
081             */
082            public String getUri() {
083                    return uri;
084            }
085            /**
086             * @param uri the uri to set
087             */
088            public void setUri(String uri) {
089                    this.uri = uri;
090            }
091            
092    
093            
094            /**
095             * @return the email
096             */
097            public String getEmail() {
098                    return email;
099            }
100    
101            /**
102             * @param email the email to set
103             */
104            public void setEmail(String email) {
105                    this.email = email;
106            }
107            
108    
109            @Override
110            public String toString(){
111                    return "displayName:"+displayName+";email:"+email+";id:"+id+";permission:"+permission+";type:"+type+";uri:"+uri;
112            }
113    
114            public String hash() {
115                    try {
116                            return Md5.getDigestAsString(toString());
117                    } catch (IOException e) {
118                            return null;
119                    }
120            }
121            @Override
122            public int hashCode() {
123                    return hash().hashCode();
124            }
125            
126            
127            
128            
129            
130            
131            
132    
133            public static List<AccessControl> toAccessControlList(Object objACL) throws S3Exception, PageException{
134                    Array arr = Caster.toArray(objACL,null);
135                    if(arr==null)
136                            throw new S3Exception("ACL Object must be a Array of Structs");
137                    
138                    Struct sct;
139                    Iterator<Object> it = arr.valueIterator();
140                    List<AccessControl> acl=new ArrayList<AccessControl>();
141                    while(it.hasNext()){
142                            sct=Caster.toStruct(it.next(), null);
143                            if(sct==null)
144                                    throw new S3Exception("ACL Object must be a Array of Structs");
145                            acl.add(toAccessControl(sct));
146                    }
147                    return acl;
148            }
149            
150            
151            public static AccessControl toAccessControl(Struct sct) throws S3Exception, PageException{
152                    AccessControl ac=new AccessControl();
153            ac.setPermission(AccessControl.toPermission(sct.get(StoreGetACL.PERMISSION,null)));
154            
155            
156            
157            // Email
158            String email = Caster.toString(sct.get(KeyConstants._email,null),null);
159            if(!StringUtil.isEmpty(email)){
160                    ac.setType(AccessControl.TYPE_EMAIL);
161                    ac.setEmail(email);
162                    return ac;
163            }
164            
165            // Group
166            String uri=AccessControl.groupToURI(sct.get(KeyConstants._group,null));
167            if(!StringUtil.isEmpty(uri)) {
168                    ac.setType(AccessControl.TYPE_GROUP);
169                    ac.setUri(uri);
170                    return ac;
171            }
172            
173            // Canonical
174            String id = Caster.toString(sct.get(KeyConstants._id),null);
175            String displayName = Caster.toString(sct.get(StoreGetACL.DISPLAY_NAME),null);
176            if(StringUtil.isEmpty(id)) 
177                    throw new S3Exception("missing id for Canonical User defintion");
178            
179            ac.setType(AccessControl.TYPE_CANONICAL_USER);
180            ac.setId(id);
181            ac.setDisplayName(displayName);
182            
183            return ac;
184            }
185            
186            
187            public static String toPermission(Object oPermission) throws S3Exception {
188                    String permission=Caster.toString(oPermission,null);
189                    if(StringUtil.isEmpty(permission,true))
190                            throw new S3Exception("missing permission definition");
191                    
192                    permission=permission.toUpperCase().trim();
193                    permission=AccessControl.removeWordDelimter(permission);
194                    
195                    if("FULLCONTROL".equals(permission))
196                            return "FULL_CONTROL";
197                    else if("WRITEACP".equals(permission))
198                            return "WRITE_ACP";
199                    else if("READACP".equals(permission))
200                            return "READ_ACP";
201                    else if("WRITE".equals(permission))
202                            return "WRITE";
203                    else if("READ".equals(permission))
204                            return "READ";
205                    else
206                            throw new S3Exception("invalid permission definition ["+permission+"], valid permissions are [FULL_CONTROL, WRITE, WRITE_ACP, READ, READ_ACP]");
207            }
208            
209    
210            public static String groupToURI(Object oGroup) throws S3Exception {
211                    if(!StringUtil.isEmpty(oGroup)) {
212                            String group=Caster.toString(oGroup,null);
213                            if(group==null)
214                                    throw new S3Exception("invalid object type for group definition");
215                
216                            group=removeWordDelimter(group);
217                            if("all".equalsIgnoreCase(group))
218                    return "http://acs.amazonaws.com/groups/global/AllUsers";
219                            if("authenticated".equalsIgnoreCase(group) || "AuthenticatedUser".equalsIgnoreCase(group) || "AuthenticatedUsers".equalsIgnoreCase(group))
220                    return "http://acs.amazonaws.com/groups/global/AuthenticatedUsers";
221                            if("logdelivery".equalsIgnoreCase(group))
222                    return "http://acs.amazonaws.com/groups/s3/LogDelivery";
223                            throw new S3Exception("invalid group definition ["+group+"], valid group defintions are are [all,authenticated,log_delivery]");
224                    
225            }
226                    return null;
227            }
228            
229    
230            public static String toType(short type) throws S3Exception {
231                    String rtn = toType(type, null);
232                    if(rtn!=null) return rtn;
233                    throw new S3Exception("invalid type defintion");
234            }
235            
236            public static String toType(short type, String defaultValue) {
237                    switch(type){
238                    case TYPE_EMAIL: return "AmazonCustomerByEmail";
239                    case TYPE_GROUP: return "Group";
240                    case TYPE_CANONICAL_USER: return "CanonicalUser";
241                    }
242                    return defaultValue;
243            }
244    
245            public static short toType(String type) throws S3Exception {
246                    short rtn = toType(type, (short)-1);
247                    if(rtn!=-1) return rtn;
248                    
249                    throw new S3Exception("invalid type defintion ["+type+"], valid types are [Email,Group,CanonicalUser]");
250            }
251            
252            public static short toType(String type, short defaultValue) {
253                    type=removeWordDelimter(type);
254                    if("Email".equalsIgnoreCase(type)) return TYPE_EMAIL;
255                    if("AmazonCustomerByEmail".equalsIgnoreCase(type)) return TYPE_EMAIL;
256                    if("CanonicalUser".equalsIgnoreCase(type)) return TYPE_CANONICAL_USER;
257                    if("Group".equalsIgnoreCase(type)) return TYPE_GROUP;
258                    
259                    return defaultValue;
260            }
261            
262    
263            
264            private static String removeWordDelimter(String str) {
265                    str=StringUtil.replace(str,"_", "", false);
266                    str=StringUtil.replace(str,"-", "", false);
267                    str=StringUtil.replace(str," ", "", false);
268                    return str;
269            }
270    }