|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.ObjectARoad0.gBase.ACSImpl
ARoad0.AcsAddon.Accbee.Ubuntu.gBase.ACSUbuntuImpl
public class ACSUbuntuImpl
This class is responsible for modeling a Linux Ubuntu as an access control system (ACS). It ensures the modelization of a classic Linux operating system, the Ubuntu authorizations on the system and hardware resources, and it covers partially the capability system. Most of the work is naturally done by the super class.
The ACS is created by ACSFactoryUbuntuImpl.createACS(), which set the booleans and string parameters for the new ACS. They cannot be changed after the ACS creation. They define the ACS general structure and comportement. At the ACS creation, the conformance to the integrity rules linking the parameters is verified.
The standard rights include the specific AcsAddon key 'Resource.OtherRights'. It is a javabean with the following bound properties: 'OneActorFromOtherInCurrentContext'.
BaseManagerImpl
,
ACSFactoryMySQLImpl
,
Serialized FormField Summary | |
---|---|
protected java.util.List |
l_FromOtherInCurrentContextActors_
List of own Linux/Unix right-proxy Actors which have a non-null currentUID or currentGID and are executable from 'other' rights which exist only in Linux/Unix ACS. |
Constructor Summary | |
---|---|
ACSUbuntuImpl()
Default constructor used by valueOf() and the subclasses |
Method Summary | |
---|---|
protected void |
addActorFromOtherInCurrentContext(ImmutableActor _act)
Adds a right-proxy actor with an 'execute' right in 'other' rights, and having a non-null current account/group. |
protected void |
fillFromOtherInCurrentContextActors()
Fills the ACS internal property list, after an ACS deserialization. |
protected void |
fillNoRightProxyActors()
Fills the ACS internal property list, after an ACS deserialization. |
java.util.Map<java.lang.String,java.lang.String> |
getAddonParentPropertiesToListen()
Gets the specific events to listen on a Resource or a VirtualFolder, its direct and indirect parents, because these events should change the rights of the Resource or VirtualFolder in an ACS Addon. |
java.util.List |
getEorL_FromOtherInCurrentContextActors()
Gets the actors with an 'execute' right in 'other' rights, and having a non-null current account/group. |
protected void |
newEorEligibleParty(ImmutableEligibleParty _ep)
Registers a new own eligible party in the ACS and controls that the eligible party type is allowed. |
protected void |
newEorResource(ImmutableResource _res)
Registers a new own resource with a type control, and fires the bound properties 'M_OwnResources' or 'M_ExternalResources', 'OneResource' and 'OneBaseObject' only if it is not an Actor. |
protected void |
removeActorFromOtherInCurrentContext(ImmutableActor _act)
Removes an actor with an 'execute' right in 'other' rights, and having a non-null current account/group. |
protected void |
removeEorEligibleParty(ImmutableEligibleParty _ep)
Removes the EligibleParty in m_EligibleParties_. |
protected void |
removeEorResource(ImmutableResource _res)
Unregisters the own resources. |
protected static ACSImpl |
valueOf(ImmutableName _iSname,
ImmutableName _parentName,
ImmutableName _name,
java.lang.String _type,
java.util.SortedMap<java.lang.String,java.lang.Boolean> _m_structure,
java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForStringValues,
java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForNewObjects,
java.util.HashMap<java.lang.String,StringRight[]> _m_constraintsForRightValues,
java.util.HashMap<java.lang.String,StringRight[]> _m_SpecializedRights,
StringRight[] _l_Rights,
java.util.List<java.lang.String> _l_ImmutableRules,
java.util.HashMap<java.lang.String,java.lang.String[]> _m_CommentsOnProperties,
java.util.HashMap<java.lang.String,java.lang.String[]> _m_AcsVocabulary)
Factory method to use for creating an instance. |
Methods inherited from class java.lang.Object |
---|
clone, getClass, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
protected transient java.util.List l_FromOtherInCurrentContextActors_
Constructor Detail |
---|
public ACSUbuntuImpl()
Method Detail |
---|
protected static ACSImpl valueOf(ImmutableName _iSname, ImmutableName _parentName, ImmutableName _name, java.lang.String _type, java.util.SortedMap<java.lang.String,java.lang.Boolean> _m_structure, java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForStringValues, java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForNewObjects, java.util.HashMap<java.lang.String,StringRight[]> _m_constraintsForRightValues, java.util.HashMap<java.lang.String,StringRight[]> _m_SpecializedRights, StringRight[] _l_Rights, java.util.List<java.lang.String> _l_ImmutableRules, java.util.HashMap<java.lang.String,java.lang.String[]> _m_CommentsOnProperties, java.util.HashMap<java.lang.String,java.lang.String[]> _m_AcsVocabulary) throws BaseError
_iSname
- is the IS name. May be null._parentName
- is the name of the parent node in the IS nametree.
No use if _iSname is null. May be null._name
- is the acs name_type
- is ACSImpl.GENERIC (default value), LINUX, another ACSImpl constant
or another user-defined value. Must be non-null. No use if _l_structure is null:
the type is then set to LINUX._m_structure
- is the map of booleans which defines the ACS structure. Is null
for LINUX-type ACS._m_constraintsForStringValues
- is the map where
the key is a String of an ACSObject interface (like Resource) ended by
a bound property name (like ResourceType), with '.' as separator,
and the value is a String array of the authorized values for this bound property
(like {file, directory, executable, script...} for ResourceType in Linux). May be null._m_constraintsForNewObjects
- is the map where
the key is a String following one of the 7 possible formats,
and the value is a String array of the authorized values among 17. May be null._m_constraintsForRightValues
- is the map where
the key is a String of an ACSObject interface (like Resource) ended by
a bound property name (like OthersRights), with '.' as separator,
and the value is a StringRight array of the authorized values for this bound property
(like {d, r, w, x} for OthersRights in Unix). Never null._m_SpecializedRights
- is the map where
the key is a quartet (object.domain.key.subkey)
and the value is is a StringRight array of the authorized values. Never null._l_Rights
- array of acsrights and/or metarights which are workable. Never null._l_ImmutableRules
- list of the immutable rules derivated from the structure.
Never null._m_CommentsOnProperties
- comments on each ACS property, to explain the simulation.
May be null._m_AcsVocabulary
- defines several independant domains, like
how to name the constants in Gui2.ACSTree.M_ACS_TREE_UPPER_NODES for this ACS,
as names of the ACS nodes in the proper ACS internal frame, and,
if this ACS is an AcsAddon, what are the subclassed classes in the generic gBase.
May be null.
BaseError
- if _l_structure lenght is not 20, if there is a rule about
_l_structure which is not applied, or if the ACS
is already known by BaseManagerImpl.protected void newEorResource(ImmutableResource _res) throws CreateError
newEorResource
in class ACSImpl
_res
- is just created in a Resource constructor, or
external resource which is associated to an aclEntry owned by this ACS
CreateError
- (and baseError) if the Name is already known
in ACSCatalog, if the Name is null, or if the resource type is not allowed
by this ACSprotected void removeEorResource(ImmutableResource _res) throws UpDateError
removeEorResource
in class ACSImpl
_res
- internal or external open ImmutableResource
to be taken off in the ACS.
UpDateError
- (and baseError) if the Name is unknown
in the ACS.protected void newEorEligibleParty(ImmutableEligibleParty _ep) throws CreateError
Fires a property change on "M_OwnEligibleParties" or "M_ExternalEligibleParties", "OneEligibleParty" and "OneBaseObject". Overrides the super method and call it
newEorEligibleParty
in class ACSImpl
_ep
- is just created in EligibleParty()
or in ActorImpl(), or associated to a newEorAclEntry() call
CreateError
- (and baseError) if the Name is already known
in ACSCatalog, if the Name is null or if the ep type is not allowed.protected void removeEorEligibleParty(ImmutableEligibleParty _ep) throws UpDateError
removeEorEligibleParty
in class ACSImpl
_ep
- eligible party to remove.
UpDateError
- (and baseError) if the Name is unknown in the ACS.public java.util.List getEorL_FromOtherInCurrentContextActors()
protected void addActorFromOtherInCurrentContext(ImmutableActor _act)
_act
- complies with the criterionprotected void removeActorFromOtherInCurrentContext(ImmutableActor _act)
_act
- does no more comply the criteriaprotected void fillFromOtherInCurrentContextActors()
protected void fillNoRightProxyActors()
fillNoRightProxyActors
in class ACSImpl
public java.util.Map<java.lang.String,java.lang.String> getAddonParentPropertiesToListen()
- 'THIS' to say that the single basic object is the Resource or VirtualFolder,
- 'ACS.method_name' to say that the list of Resources (or VirtualFolders) is returned by the method 'method_name' in the Addon ACS class.
For each map key, the values have the following format:
'AAA.method_name IF BBB'
where:
- AAA: PARENT (mandatory),
- method_name: 'get' method name of each basic objet parent that is associated, in the relevant BeanInfo class, to the event to listen (mandatory)
- IF BBB: where BBB is 'TRUE', 'FALSE', 'NULL' or 'NOT-NULL', to say that the event must be listened if and only if the returned value of the method_name is respectively a boolean TRUE, or FALSE, or an object NULL, or NOT-NULL (option).
When the map key starts with 'ACS', the ACS method to call has no argument. When the map value starts with 'PARENT', the parent method to call has no argument. Called by ARoad0.gBase.EPRViewInBaseImpl, NoThanViewInBaseImpl and ARoad0.gWork.RightsMediatorImpl. For instance, 'PARENT.getAGOAccessFromTheParentOther IF FALSE' is the value the ACS Addon Ubuntu ACS returns for the key ACS.getEorL_FromOtherInCurrentContextActors, to request the listening of the 'FromTheParentOther' event on all the indirect parents of a ResourceUbuntu in a view.
getAddonParentPropertiesToListen
in interface AcsAddon
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |