ARoad0.gBase
Class PrivilegeForLinksImpl

java.lang.Object
  extended by ARoad0.gBase.PrivilegeAbst
      extended by ARoad0.gBase.PrivilegeForLinksImpl
All Implemented Interfaces:
ACSObject, BaseObject, BoundBean, DetailledName, FinalizedObject, FinalizedObjectForUser, ImmutablePrivilege, PreviousDetailledName, Privilege, PrivilegeForLinks, java.io.Serializable, java.lang.Cloneable, java.lang.Comparable

public class PrivilegeForLinksImpl
extends PrivilegeAbst
implements PrivilegeForLinks, PreviousDetailledName

This class is responsible for modeling the direct links which manages some access rights from a EligibleParty list (or only one GroupID) to a privilege targets list (or only one target). Targets are Resources or VirtualFolders. There are three types of PrivilegeForLinks: LINKED, LINKED_IF_ALL_SOURCES and LINKED_FOR_ONE_TO_ONE. This privilege is usable by any couple (all sources set, one of the target) from the privilege ACS, or from another ACS for an external LINKED_FOR_ONE_TO_ONE privilege. A privilege is external if its source or its target is from an ACS which is not the ACS of the privilege. It is not possible to have a third ACS for the other end. A linked privilege may be inherited from the (in)direct parents of the target, except the LINKED_IF_ALL_SOURCES privilege. Only one target is authorized if the first target is from an ACS that manages the PRI inheritance.

Eligible Party and Resource types and classes are never used, on the contrary of PrivilegeForTypes, and the linked sources and targets register and unregister themself dynamically in the Privilege. So, it is possible to modify a Privilege on the fly following a program dynamic rule. The rights of a Privilege are immutable after its creation, while the AclEntry has immutable source and target, but with editable rights after the creation.

This is a javabean with the following bound properties:

- 'OneLinkedPrivilegeSource'

- 'OneLinkedPrivilegeTarget'

- 'ExternalPrivilege'

There are three types of PrivilegeForLinks: LINKED, LINKED_IF_ALL_SOURCES and LINKED_FOR_ONE_TO_ONE. For the last one, when it is finalized, "TPrivileges" and "SPrivileges" are thrown by the source and the target after 'OneLinkedPrivilegeSource' and 'OneLinkedPrivilegeTarget'. CAUTION: the gWork package manages only the LINKED PrivilegeForLinks, in this version.

The LINKED type allows to define in one privilege, a generic set of rights, and each EligibleParty which is source have all the rights on all the targets. The LINKED privilege is defined by its rights, then in a large ACS, such a privilege may have numerous linked sources or targets. With LINKED_IF_ALL_SOURCES, the rights on the targets are used by any EligibleParty which belongs to ALL the source containers, which are GroupIDMembers or DirectoryEPs. For instance, if there are a GroupID and an UserID as privilege sources, any Actor which is a member of the GroupID AND belongs to the UserID, has the rights of the privilege. If an actor belongs to the GroupID but is not under the UserID, it has not the privilege. To have an OR relation between the GroupID and the UserID, rather than AND, let's use 2 LINKED_FOR_ONE_TO_ONE privileges or two AclEntries. The conditional AclEntry is an alternative to the LINKED_IF_ALL_SOURCES privilege, but it is focused to deliver rights to one source which has to be member of the condition groups, and the couple (source, target) is immutable for an AclEntry. The number of privilege sources is limited to 4.

With LINKED_FOR_ONE_TO_ONE, there is at most one source, and it is an EligibleParty, and at most one PrivilegeTarget. A LINKED_FOR_ONE_TO_ONE privilege is like an ACL from an EP to a resource or a virtual folder. This is the only linked privilege able to be external. A LINKED_FOR_ONE_TO_ONE PrivilegeForLinks is an alternative to an AclEntry. Both may have one external access source or target, where the target is immutable while only the privilege can change its source, it is deleted when its source or its target is deleted but an AclEntry may be conditional, it can change dynamically its rights, and there are other differences as following:

- on sources, the AclEntry is as powerful as a LINKED_FOR_ONE_TO_ONE PrivilegeForLinks.

- on targets, the AclEntry is less powerful since it cannot be applied to VirtualFolders. In a one-to-one privilege, the target cannot be removed after the first adding, while it is possible for the source. For an external LINKED_FOR_ONE_TO_ONE privilege, one end (the source or the target) must belong to the privilege ACS, while the other end does not. The rights belongs always to the ACS privilege, if they are ACS rights.

The format of the detailled name for an internal linked privilege is as following:

privilegeType || nickName || first right

For an external linked privilege, the format of the detailled name is as following:

- ACS: ACS_name | privilegeType || nickName || first right

This means the detailled name changes when an empty privilege becomes an external one during the setting of an end by the user. This change is visible in the explorer for instance. The method getPreviousDetailledName returns the old detailled name if it is different. An Eligible Party or PrivilegeTarget name is incomplete if it belongs to the Privilege ACS. Since the source and the target are unknown at the creation of the PrivilegeForLinks, the privilege may become external only after the setting of the first external end, the source or the target. Then, its detailled name changes in the GUI.

A specific use of PrivilegeForLinks is to extend the structural relations among the ACS objects, without any change in the types model of AccessControlLink. For example, for a given ACS, it is possible to create privileges linking some pattern-name Directories to each item which is member of them whithout being a child of these Directories. This pattern-name Directory is not a VirtualFolder and allows AclEntries as target. The main feature is then to avoid to code a new link in the ACS addon.

To process the inherited PrivilegeForLinks, it is mandatory to code in an AcsAddon how the Directory or VirtualFolder creates and removes the inherited PrivilegeForLinks in its direct children. This may include the choice of the objects that becomes inherited ones, and the definition of an order to select them in each target. The default behavior, in this generic class, is to inherit all the applicable PrivilegeForLinks, and to sum up all the rights. After the inherited object creation to code in an AcsAddon, the right updating of the inherited object is handled by this generic class, at every change on the sources. The target ACS cannot manage the PRI inheritance in a LINKED_IF_ALL_SOURCES privilege. For the other types, only one target is authorized if the first target is from an ACS that manages the PRI inheritance.

The privilege key is used by the ACS to find a privilege. The key is the couple (privilege type, nick name). The main privilege value is an unmodifiable list of rights. The privilege has positive or negative rights to grant or deny the access. The rights and the key CANNOT be updated after the privilege creation, nor the rights sens (grant or deny). There is a 'See Why' description to complement the comment.

This is a typical sequence of calls, in the inverse order, when the ACS of an external linked privilege is saved:

ARoad0.Gui1.CollectionPropertyEditor.propertyChange()

at java.beans.PropertyChangeSupport.firePropertyChange(PropertyChangeSupport.java:339)

at java.beans.PropertyChangeSupport.firePropertyChange(PropertyChangeSupport.java:347)

at java.beans.PropertyChangeSupport.firePropertyChange(PropertyChangeSupport.java:276)

at ARoad0.gBase.ACSImpl.firePropertyChange(ACSImpl.java:5454)

at ARoad0.gBase.ACSImpl.removeAcsController(ACSImpl.java:7981)

at ARoad0.gBase.ACSImpl.removeEorResource(ACSImpl.java:4014)

at ARoad0.gBase.PrivilegeForLinksImpl.removeEorPrivilegeTargetLink(PrivilegeForLinksImpl.java:1447)

at ARoad0.gBase.CPrivilegeUserImpl.removeEorPrivilegeToTarget(CPrivilegeUserImpl.java:481)

at ARoad0.gBase.ResourceImpl.removeEorPrivilegeToTarget(ResourceImpl.java:1999)

at ARoad0.gBase.PrivilegeForLinksImpl.finalizeForBase(PrivilegeForLinksImpl.java:1829)

at ARoad0.gBase.PrivilegeAbst.finalizeForUser(PrivilegeAbst.java:1281)

at ARoad0.gBase.ACSImpl.closeExternalLinkedPrivileges(ACSImpl.java:6327)

at ARoad0.gBase.BaseManagerImpl.cutACSExternalLinks(BaseManagerImpl.java:2915)

at ARoad0.gBase.BaseManagerImpl.saveOpenACS(BaseManagerImpl.java:2393)

at ARoad0.gWork.ACS_Facade.saveACS(ACS_Facade.java:188)

at ARoad0.gDMak.ActionSave.save(ActionSave.java:210)

at ARoad0.gDMak.ActionSaveAll.saveAll(ActionSaveAll.java:302)

at ARoad0.gDMak.ActionSaveAll.actionPerformed(ActionSaveAll.java:87)

This class has subclasses in the AcsAddon packages. Most of the variables are protected. See the Copyright.

See Also:
PrivilegeAbst, PrivilegeForTypeImpl, Serialized Form

Field Summary
protected  boolean changedDetailledName_
          True to return the previous detailled name, after a change of the external source or target.
static PrivilegeForLinksImpl EMPTY_INSTANCE
          A reusable empty instance for initialization, to avoid the use of the constructor for temporary values.
protected  boolean ifAllSources_
          if true, the instance has the LINKED_IF_ALL_SOURCES type, with only one internal or external GroupID as source, and only one internal or external target.
protected  java.util.List<java.lang.String> l_internalAllowedSourceTypes_
          The source types that the ACS authorizes for this privilege
protected  java.util.List<java.lang.String> l_internalAllowedTargetTypes_
          The target types that the ACS authorizes for this privilege
protected  java.util.ArrayList<PrivilegeSource> l_sources_
          Access sources which are connected to this privilege.
protected  java.util.ArrayList<PrivilegeTarget> l_targets_
          Access targets are Resources and VirtualFolders connected to this privilege.
protected  ImmutableName nameOfSourceAcs_
          If LINKED_FOR_ONE_TO_ONE, the single target ACS name, if any.
protected  ImmutableName nameOfTargetAcs_
          If LINKED_FOR_ONE_TO_ONE, the single target ACS name, if any.
protected  boolean oneRoleOneTarget_
          if true, the instance has the LINKED_FOR_ONE_TO_ONE type, with only one internal or external EligibleParty as source, and only one internal or external target.
static java.io.ObjectStreamField[] serialPersistentFields
          variable for the JDK 2 serialization
protected  ImmutableName sourceName_
          If LINKED_FOR_ONE_TO_ONE, the single source full name, if any.
protected  ImmutableName targetName_
          If LINKED_FOR_ONE_TO_ONE, the single target full name, if any.
 
Fields inherited from class ARoad0.gBase.PrivilegeAbst
aCS_, acsName_, changeSupport_, comment_, detailledName_, INCREMENT_CAPACITY, INITIAL_CAPACITY, l_rights_, L_TYPES, LINKED, LINKED_FOR_ONE_TO_ONE, LINKED_IF_ALL_SOURCES, mainType_, nickName_, positiveRight_, PRIME, secondType_, seeWhy_, TYPED, TYPED_CLASSED, TYPED_CLASSED_SPECIFIC, TYPED_FOR_SEED
 
Constructor Summary
PrivilegeForLinksImpl()
          Constructor to use only as a transient value for initialization, or used from ARoad0.gBase.PrivilegeImplBeanInfo.getPropertyDescriptors() in ARoad0.Gui1.CollectionPropertyEditor.getValue().
PrivilegeForLinksImpl(ACS _aCS, java.lang.String _nickName, java.lang.String _mainType, StringRight[] _l_rights, java.lang.String _secondType)
          This is the only way to create a linked privilege instance from the GUI.
PrivilegeForLinksImpl(ACS _aCS, java.lang.String _nickName, java.lang.String _mainType, StringRight[] _l_rights, java.lang.String _secondType, boolean _toRegisterInManager)
          This is the only way to create a linked privilege instance.
 
Method Summary
 void addEorPrivilegeSourceLink(PrivilegeSource _ep)
          Links to a source which uses this PrivilegeForLinks.
 void addEorPrivilegeTargetLink(PrivilegeTarget _res)
          Adds a connected target which has this PrivilegeForLinks.
 void addPropertyChangeListener(java.lang.String _propertyName, java.beans.PropertyChangeListener _l)
          Adds a listener to the bean for the events 'OneLinkedPrivilegeSource', 'OneLinkedPrivilegeTarget', 'ExternalPrivilege'.
 java.lang.Object clone()
          Used to clone a privilege.
 java.lang.Object copy(ImmutableName _name, ACS _acs, Node _parent, java.lang.Boolean _toRegisterInManager)
          TO REVIEW This method provides a copy of the instance, in the same ACS or another one, on the contrary of PrivilegeForTypeImpl.copy().
protected  PrivilegeForLinksImpl copyForExternal()
          Called by ACSImpl.closeExternalLinkedPrivileges() only for the external privileges, thus for the LINKED_FOR_ONE_TO_ONE privileges, when the links to other ACS have to be cut and cloned.
 boolean equals(java.lang.Object _obj)
          In this method, the current sources and targets are not compared.
protected  void finalizeClosedPrivilege()
          This method is to use only for closed LINKED_FOR_ONE_TO_ONE privileges in the relevant ACS list.
 void finalizeForBase()
          It sets to null almost all variables, so the instance is equals to a new empty PrivilegeForLinksImpl.
protected  void finalizeFromDeserialization()
          This method finalizes all the sources and all the targets, since it is used after a deserialization.
protected static java.lang.String getDetailledNameFromNameForLinks(ImmutableName _name, int _typeIndex)
          Gets the registered detailled name from the privilege name.
 Privilege getEmptyInstance()
           
 java.util.List<PrivilegeSource> getEorLinkedSources()
          Gets the sources set which have this privilege.
 java.util.List<PrivilegeTarget> getEorLinkedTargets()
          Gets the targets which use this privilege.
 ImmutableName getFullName()
          The full name is unique for the Access Road program.
 boolean getIfAllSources()
           
 java.lang.Object[] getKeyReferencesFromName(ImmutableName _privName)
          Gets the main components from the linked privilege name as a string, returned by getName().
 java.util.List<java.lang.String> getL_InternalAllowedSourceTypes()
          Caution: the list is from the privilege ACS, and an external privilege may accept types from another ACS.
 java.util.List<java.lang.String> getL_InternalAllowedTargetTypes()
          Caution: the list is from the privilege ACS, and an external privilege may accept types from another ACS.
 ImmutableName getName()
          Gets the BaseObject name of the privilege.
 ImmutableName getNameOfSingleSourceACS()
           
 ImmutableName getNameOfSingleTargetACS()
           
 boolean getOneRoleOneTarget()
           
 java.lang.String getPreviousDetailledName()
          This method returns the detailled name or the previous detailled name for the GUI, which gives the key components of the object.
 java.beans.PropertyChangeListener[] getPropertyChangeListeners(java.lang.String _propertyName)
          Returns the change listeners for a property.
 ImmutableName getSingleSourceName()
           
 ImmutableName getSingleTargetName()
           
 java.lang.String getSource()
          Gets the access sources set displayed in the beamer.
 boolean isEmpty()
           
 boolean isExternalPrivilege()
          Only the LINKED_FOR_ONE_TO_ONE privileges may be external ones, among the linked privileges.
 void removeEorPrivilegeSourceLink(PrivilegeSource _ep)
          Removes a connected source using this PrivilegeForLinks.
 void removeEorPrivilegeTargetLink(PrivilegeTarget _res)
          Removes a connected target using this PrivilegeForLinks.
 void removePropertyChangeListener(java.lang.String _propertyName, java.beans.PropertyChangeListener _l)
          Removes a listener to the bean for the events 'OneLinkedPrivilegeSource', 'OneLinkedPrivilegeTarget', 'ExternalPrivilege'.
protected  void resetRightsAsInheritedPrivilege()
          If the target is in an ACS that manages the PRI inheritance, calls resetInheritedPrivilegeyRightsOfChildren() to reset the effective rights in the inherited Privilege map of each child.
 java.lang.String toString()
          The form is ' Detailled name: KKKK + Source(s): FFFF + Target(s): NNNNNNNN + Right(s): jjjj| kkkk| mmmm| ', where the detailed name has the form: 'privilegeType || nickName || first right'.
 
Methods inherited from class ARoad0.gBase.PrivilegeAbst
addPropertyChangeListener, buildUpDetailledName, compareTo, finalizeForUser, firePropertyChange, getAcsFromName, getAcsName, getComment, getDetailledName, getDetailledNameFromName, getEorACS, getKeyPropertiesFromDetailledName, getL_PrivilegeTypes, getL_Rights, getMainType, getNameFromDetailledName, getNickName, getPositiveRight, getSecondType, getSeeWhy, getSerialVersionUID, hashCode, removePropertyChangeListener, setComment, setRights, setSecondType, setSeeWhy
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface ARoad0.gBaseInterface.Privilege
setComment, setSecondType, setSeeWhy
 
Methods inherited from interface ARoad0.gBaseInterface.ImmutablePrivilege
getAcsFromName, getComment, getEorACS, getL_Rights, getMainType, getPositiveRight, getSecondType, getSeeWhy
 
Methods inherited from interface ARoad0.gBaseInterface.ACSObject
getAcsName
 
Methods inherited from interface ARoad0.gBaseInterface.BaseObject
getNickName, hashCode
 
Methods inherited from interface ARoad0.gBaseInterface.BoundBean
addPropertyChangeListener, removePropertyChangeListener
 
Methods inherited from interface ARoad0.gBaseInterface.DetailledName
getDetailledName, getDetailledNameFromName, getKeyPropertiesFromDetailledName, getNameFromDetailledName
 
Methods inherited from interface ARoad0.gBaseInterface.FinalizedObjectForUser
finalizeForUser
 
Methods inherited from interface java.lang.Comparable
compareTo
 

Field Detail

ifAllSources_

protected boolean ifAllSources_
if true, the instance has the LINKED_IF_ALL_SOURCES type, with only one internal or external GroupID as source, and only one internal or external target.


oneRoleOneTarget_

protected boolean oneRoleOneTarget_
if true, the instance has the LINKED_FOR_ONE_TO_ONE type, with only one internal or external EligibleParty as source, and only one internal or external target.


l_sources_

protected java.util.ArrayList<PrivilegeSource> l_sources_
Access sources which are connected to this privilege. Restricted to one item, if oneRoleOneTarget_ is true.


l_targets_

protected java.util.ArrayList<PrivilegeTarget> l_targets_
Access targets are Resources and VirtualFolders connected to this privilege. Restricted to one item, if oneRoleOneTarget_ is true. Updated by the targets.


sourceName_

protected ImmutableName sourceName_
If LINKED_FOR_ONE_TO_ONE, the single source full name, if any.


targetName_

protected ImmutableName targetName_
If LINKED_FOR_ONE_TO_ONE, the single target full name, if any.


nameOfSourceAcs_

protected ImmutableName nameOfSourceAcs_
If LINKED_FOR_ONE_TO_ONE, the single target ACS name, if any.


nameOfTargetAcs_

protected ImmutableName nameOfTargetAcs_
If LINKED_FOR_ONE_TO_ONE, the single target ACS name, if any.


l_internalAllowedSourceTypes_

protected java.util.List<java.lang.String> l_internalAllowedSourceTypes_
The source types that the ACS authorizes for this privilege


l_internalAllowedTargetTypes_

protected java.util.List<java.lang.String> l_internalAllowedTargetTypes_
The target types that the ACS authorizes for this privilege


changedDetailledName_

protected transient boolean changedDetailledName_
True to return the previous detailled name, after a change of the external source or target.


EMPTY_INSTANCE

public static final PrivilegeForLinksImpl EMPTY_INSTANCE
A reusable empty instance for initialization, to avoid the use of the constructor for temporary values. Caution: never change the state of the returned instance.


serialPersistentFields

public static final java.io.ObjectStreamField[] serialPersistentFields
variable for the JDK 2 serialization

Constructor Detail

PrivilegeForLinksImpl

public PrivilegeForLinksImpl()
Constructor to use only as a transient value for initialization, or used from ARoad0.gBase.PrivilegeImplBeanInfo.getPropertyDescriptors() in ARoad0.Gui1.CollectionPropertyEditor.getValue().


PrivilegeForLinksImpl

public PrivilegeForLinksImpl(ACS _aCS,
                             java.lang.String _nickName,
                             java.lang.String _mainType,
                             StringRight[] _l_rights,
                             java.lang.String _secondType)
                      throws CreateError
This is the only way to create a linked privilege instance from the GUI. Calls the second constructor.

Parameters:
_aCS - is the ACS which owns this Privilege. Non-null external object reference.
_nickName - is the short privilege name. Cannot be null.
_mainType - is equal to PrivilegeAbst.LINKED, LINKED_FOR_ONE_TO_ONE, or to LINKED_IF_ALL_SOURCES
_l_rights - is a StringRight array of privilege rights. May be null, but a null value is not allowed at the first position. Creates an empty array with a length of 0 if the argument is null. All rights have to be all positive or all negative.
_secondType - second type which drives the rights and the immutability, just like a Basic type. If null, the internal value is set to '<undefined>'.
Throws:
CreateError - if this privilege already exists (_aCS.newEorPrivilege() throws it), if the rights or the privilege type is not correct, if _nickName contains '::' or '>>', or if a parameter is null.

PrivilegeForLinksImpl

public PrivilegeForLinksImpl(ACS _aCS,
                             java.lang.String _nickName,
                             java.lang.String _mainType,
                             StringRight[] _l_rights,
                             java.lang.String _secondType,
                             boolean _toRegisterInManager)
                      throws CreateError
This is the only way to create a linked privilege instance.

Parameters:
_aCS - is the ACS which owns this Privilege. Non-null external object reference.
_nickName - is the short privilege name. Cannot be null.
_mainType - is equal to PrivilegeAbst.LINKED, LINKED_FOR_ONE_TO_ONE, or to LINKED_IF_ALL_SOURCES
_l_rights - is a StringRight array of privilege rights. May be null, but a null value is not allowed at the first position. Creates an empty array with a length of 0 if the argument is null. All rights have to be all positive or all negative.
_secondType - second type which drives the rights and the immutability, just like a Basic type. If null, the internal value is set to '<undefined>'.
_toRegisterInManager - false if this method must not register the instance in its ACS.
Throws:
CreateError - if this privilege already exists, if the rights or the privilege type is not correct, or if the nick name contains '::' or '>>', contains a character that is not a letter, if a null right or a right which is not authorized. of if a parameter is null.
Method Detail

getPreviousDetailledName

public java.lang.String getPreviousDetailledName()
This method returns the detailled name or the previous detailled name for the GUI, which gives the key components of the object. An external privilege has a detailled name starting with 'ACS: acs_name | '. When the state of external changes, this method allows to get the right detailled name, with or without the ACS name. If the privilege ACS does not manage the external One-to-One linked privileges, of if this privilege is not an One-to-One linked privilege, the detailled name is returned. This is also true if the property changedDetailledName_ is false. Otherwise, the specific previous detailled name is returned, that is with 'ACS' if the current detailled name does not contain it, or without 'ACS' otherwise. The 4 methods add/removeEorPrivilegeTarget/SourceLink() update the property changedDetailledName_ to change the value this method returns to the GUI.

Specified by:
getPreviousDetailledName in interface PreviousDetailledName
Overrides:
getPreviousDetailledName in class PrivilegeAbst
Returns:
the detailled name if it has not changed, or the other version of the detailled name

getDetailledNameFromNameForLinks

protected static java.lang.String getDetailledNameFromNameForLinks(ImmutableName _name,
                                                                   int _typeIndex)
                                                            throws BaseError
Gets the registered detailled name from the privilege name. The format of the returned value is:

- privilegeType || nickName || first right, for an internal privilege,

- ACS: ACS_name | privilegeType || nickName || first right, for an external privilege.

Calls ACS.getOnePrivilegeFromDetailledName() twice to test if there is an ACS or not in the detailled name privilege the ACS knows. Calls PrivilegeAbst.buildUpDetailledName() and BaseManagerImpl.getInstance().getEorM_OpenACS(). Called by PrivilegeAbst.getDetailledNameFromName() and clone().

Parameters:
_name - linked privilege name
_typeIndex - index of the component '|| PRIV_TYPE' in _name
Returns:
the detailled name of the privilege
Throws:
BaseError - if there is a wrong format for _name
See Also:
PrivilegeAbst.buildUpDetailledName(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)

getFullName

public ImmutableName getFullName()
The full name is unique for the Access Road program. There, it is equal to the privilege name.

Specified by:
getFullName in interface BaseObject
Returns:
a copy of the name. Null for an empty privilege.

getName

public ImmutableName getName()
Gets the BaseObject name of the privilege. The linked privilege name is composed of:

ACS:: ACS name

:: || PRIV_TYPE:: main type

:: || NICK_NAME:: privilege name

:: || FIRST_RIGHT:: first right

here, ':: ' is added by gBase.NameImpl.toString(). The reverse function of getName() is getKeyReferencesFromName(). This name is used only outside gBase, following the BaseObject interface.

Specified by:
getName in interface BaseObject
Specified by:
getName in interface ImmutablePrivilege
Returns:
ImmutableName of the privilege, or null if it is an empty privilege

getIfAllSources

public boolean getIfAllSources()
Returns:
true if the type of the instance is LINKED_IF_ALL.

getOneRoleOneTarget

public boolean getOneRoleOneTarget()
Specified by:
getOneRoleOneTarget in interface PrivilegeForLinks
Returns:
true if the type of the instance is LINKED_FOR_ONE_TO_ONE.

isExternalPrivilege

public boolean isExternalPrivilege()
Only the LINKED_FOR_ONE_TO_ONE privileges may be external ones, among the linked privileges. An external privilege has exactly one source or one target that does not belong to the privilege ACS. If the source or the target is null, returns always false. An external privilege has a different detailled name format.

Specified by:
isExternalPrivilege in interface ImmutablePrivilege
Returns:
true if the source or the target is from another ACS

getEorLinkedSources

public java.util.List<PrivilegeSource> getEorLinkedSources()
Gets the sources set which have this privilege. If LINKED_IF_ALL_SOURCES, the privilege is applied only to the objects belonging to every linked source. If LINKED_FOR_ONE_TO_ONE, there is at most one EligibleParty as linked source.

Specified by:
getEorLinkedSources in interface PrivilegeForLinks
Returns:
List of PrivilegeSources. May be empty, but never null.

getSingleSourceName

public ImmutableName getSingleSourceName()
Specified by:
getSingleSourceName in interface PrivilegeForLinks
Returns:
the single source name, for LINKED_FOR_ONE_TO_ONE privilege only, or null.

getSingleTargetName

public ImmutableName getSingleTargetName()
Specified by:
getSingleTargetName in interface PrivilegeForLinks
Returns:
the single target name, for LINKED_FOR_ONE_TO_ONE privilege only, or null.

getNameOfSingleSourceACS

public ImmutableName getNameOfSingleSourceACS()
Specified by:
getNameOfSingleSourceACS in interface PrivilegeForLinks
Returns:
the single source ACS name, for LINKED_FOR_ONE_TO_ONE privilege only, or null.

getNameOfSingleTargetACS

public ImmutableName getNameOfSingleTargetACS()
Specified by:
getNameOfSingleTargetACS in interface PrivilegeForLinks
Returns:
the single target ACS name, for LINKED_FOR_ONE_TO_ONE privilege only, or null.

getSource

public java.lang.String getSource()
Gets the access sources set displayed in the beamer. The format is 'full role name + (LPRI)' if LINKED_FOR_ONE_TO_ONE, or, if there are 3 sources for instance, 'source last-component name 1 <+> source last-component name 2 <+> source last-component name 3 <+> (LPRI)' The number of sources is from 0 to 4.

Returns:
the sources last-component or full names. Never null.

addEorPrivilegeSourceLink

public void addEorPrivilegeSourceLink(PrivilegeSource _ep)
                               throws BaseError
Links to a source which uses this PrivilegeForLinks. The format of the detailled name for an internal linked privilege is as following:

privilegeType || nickName || first right

For an external linked privilege, the format of the detailled name is as following:

- ACS: ACS_name | privilegeType || nickName || first right

An Eligible Party or PrivilegeTarget name is incomplete if it belongs to the Privilege ACS. Since the source and the target are unknown at the creation of the PrivilegeForLinks, the privilege may become external only after the setting of the first source or target. Then, its detailled name changes. The ACS listeners and the privilege target reset the detailled name. Because the detailled name changes when the state of external is updated, this method calls removeEorPrivilegeToTarget() then addEorPrivilegeToTarget() on the target, if any, to handle the new detailled name.

Calls resetRightsAsInheritedPrivilege() and PrivilegeSource.addEorPrivilegeToSource(). Caution: contains a summary of addEorPrivilegeTargetLink(), and the two methods have to remain consistent. Fires the events 'OneLinkedPrivilegeSource', 'OneLinkedPrivilegeTarget', 'OneLinkedPrivilege' and 'ExternalPrivilege'.

Parameters:
_ep - is a non-null source to connect
Throws:
BaseError - if the source type is not authorized, or when the instance is a LINKED_FOR_ONE_TO_ONE privilege, if:

- there is already a source

- the new detailled name of the external privilege is not unique in its ACS

or, when the instance is a LINKED_IF_ALL_SOURCES privilege, if:

- _ep is not a GroupIDMember

for all the privilege types:

- if the second type sets the privilege as immutable,

- if the number of sources will be superior to 4, or

- _ep is null or is immutable, or its name is null,

- _ep is empty,

- _ep name is already known by this instance.

for all the types excepted for LINKED_FOR_ONE_TO_ONE privilege:

- _ep belongs to another acs


addEorPrivilegeTargetLink

public void addEorPrivilegeTargetLink(PrivilegeTarget _res)
                               throws BaseError
Adds a connected target which has this PrivilegeForLinks. Calls ACSImpl.addAcsController() and PrivilegeTarget.addEorPrivilegeToTarget(). Because the detailled name changes when the state of external is updated, this method calls removeEorPrivilegeToSource() then addEorPrivilegeToSource() on the target, if any, to handle the new detailled name. Caution: contains a summary of addEorPrivilegeSourceLink(), and the two methods have to remain consistent. Fires the events 'OneLinkedPrivilegeSource', 'OneLinkedPrivilegeTarget', 'OneLinkedPrivilege' and 'ExternalPrivilege'.

Parameters:
_res - is a non-null target to connect
Throws:
BaseError - when the instance is a LINKED_FOR_ONE_TO_ONE privilege, if:

- there is already a target

- the new detailled name of the external privilege is not unique in its ACS

for all privilege types:

- if the privilege type is not authorized to the target,

- if the second type sets the privilege as immutable,

- if _res is null or immutable, or its name is null,

- _res is empty,

- _res name is already known by this instance.

for all types excepted for LINKED_FOR_ONE_TO_ONE privilege:

- _res belongs to another acs and, for the LINKED_IF_ALL_SOURCES privilege:

- the target ACS cannot manage the PRI inheritance in a LINKED_IF_ALL_SOURCES privilege. and, for all types excepted for LINKED_IF_ALL_SOURCES privilege:

- the first target ACS manages the PRI inheritance, then no target may be added


removeEorPrivilegeSourceLink

public void removeEorPrivilegeSourceLink(PrivilegeSource _ep)
                                  throws BaseError
Removes a connected source using this PrivilegeForLinks. Called by CPrivilegeUserImpl, for instance when this privilege is finalizing, and by the GUI. Calls resetRightsAsInheritedPrivilege() and PrivilegeSource.removeEorPrivilegeToTarget(). Because the detailled name changes when the state of external is updated, this method calls removeEorPrivilegeToTarget() then addEorPrivilegeToTarget() on the target, if any, to handle the new detailled name. Caution: contains a summary of addEorPrivilegeTargetLink(), and the two methods have to remain consistent. Fires the events 'OneLinkedPrivilegeSource', 'OneLinkedPrivilegeTarget', 'OneLinkedPrivilege' and 'ExternalPrivilege'.

Parameters:
_ep - is a source to unset
Throws:
BaseError - if the name is null, or the source is null or immutable, if the second type sets the privilege as immutable, or if the source is not known.

removeEorPrivilegeTargetLink

public void removeEorPrivilegeTargetLink(PrivilegeTarget _res)
                                  throws BaseError
Removes a connected target using this PrivilegeForLinks. Called by the CPrivilegeUserImpl of the target when this privilege is finalizing, and by the GUI. Calls PrivilegeTarget.removeEorPrivilegeForLinksToTarget(). In a one-to-one privilege, the target can be removed only when the privilege is finalizing. Fires the events 'OneLinkedPrivilegeTarget' and 'ExternalPrivilege'.

Parameters:
_res - target to remove
Throws:
BaseError - if the name is null, or the target is null or immutable, if the second type sets the privilege as immutable, or if the target is not known.

getEorLinkedTargets

public java.util.List<PrivilegeTarget> getEorLinkedTargets()
Gets the targets which use this privilege. If LINKED_FOR_ONE_TO_ONE, there is at most one target. If the targets are external ones, all targets belong to the same ACS.

Specified by:
getEorLinkedTargets in interface PrivilegeForLinks
Returns:
List of PrivilegeTargets. May be empty, but never null.

getL_InternalAllowedSourceTypes

public java.util.List<java.lang.String> getL_InternalAllowedSourceTypes()
Caution: the list is from the privilege ACS, and an external privilege may accept types from another ACS.

Specified by:
getL_InternalAllowedSourceTypes in interface PrivilegeForLinks
Returns:
unmodifiable list of the source types that the ACS authorizes for this privilege. May be empty but never null.

getL_InternalAllowedTargetTypes

public java.util.List<java.lang.String> getL_InternalAllowedTargetTypes()
Caution: the list is from the privilege ACS, and an external privilege may accept types from another ACS. A target may be a resource or a VirtualFolder.

Specified by:
getL_InternalAllowedTargetTypes in interface PrivilegeForLinks
Returns:
unmodifiable list of the target types that the ACS authorizes for this privilege. May be empty but never null.

resetRightsAsInheritedPrivilege

protected void resetRightsAsInheritedPrivilege()
If the target is in an ACS that manages the PRI inheritance, calls resetInheritedPrivilegeyRightsOfChildren() to reset the effective rights in the inherited Privilege map of each child. Called by add/removeEorPrivilegeSourceLink(). Calls Directory.resetInheritedPrivilegeRightsOfChildren() and VirtualFolder.resetInheritedPrivilegeRightsOfChildren(). Note: the creation of the inherited Privilege in a child is not handled by the generic gBase package, while the rights updating of the inherited Privilege is handled. Fires no PropertyChangeEvent.


addPropertyChangeListener

public void addPropertyChangeListener(java.lang.String _propertyName,
                                      java.beans.PropertyChangeListener _l)
Adds a listener to the bean for the events 'OneLinkedPrivilegeSource', 'OneLinkedPrivilegeTarget', 'ExternalPrivilege'.

Used by Gui1.CommonPropertyEditor for the 'Comment' and 'SeeWhy' properties. Overiddes the super method.

Specified by:
addPropertyChangeListener in interface BoundBean
Overrides:
addPropertyChangeListener in class PrivilegeAbst
Parameters:
_propertyName - String is the name of the property
_l - PropertyChangeListener to add

removePropertyChangeListener

public void removePropertyChangeListener(java.lang.String _propertyName,
                                         java.beans.PropertyChangeListener _l)
Removes a listener to the bean for the events 'OneLinkedPrivilegeSource', 'OneLinkedPrivilegeTarget', 'ExternalPrivilege'.

Overiddes the super method.

Specified by:
removePropertyChangeListener in interface BoundBean
Overrides:
removePropertyChangeListener in class PrivilegeAbst
Parameters:
_propertyName - String is the name of the property
_l - PropertyChangeListener to remove

getPropertyChangeListeners

public java.beans.PropertyChangeListener[] getPropertyChangeListeners(java.lang.String _propertyName)
Returns the change listeners for a property. Used by the AcsAddons.

Specified by:
getPropertyChangeListeners in interface ImmutablePrivilege
Overrides:
getPropertyChangeListeners in class PrivilegeAbst
Parameters:
_propertyName - name of the listened property.
Returns:
the change listeners. May be null or empty.

clone

public java.lang.Object clone()
Used to clone a privilege. Provides a shallow copy of sources and target lists. Caution: the clone is not registered in its ACS, nor in its sources and targets.

Overrides:
clone in class PrivilegeAbst
Returns:
Object without change in the external references but copy of these references.

equals

public boolean equals(java.lang.Object _obj)
In this method, the current sources and targets are not compared.

Specified by:
equals in interface BaseObject
Overrides:
equals in class PrivilegeAbst
Parameters:
_obj - to compare.
Returns:
boolean true if _obj is equal with the same class and the same detailled name.

isEmpty

public boolean isEmpty()
Specified by:
isEmpty in interface ImmutablePrivilege
Returns:
boolean true if equal to new PrivilegeForLinksImpl()

getKeyReferencesFromName

public java.lang.Object[] getKeyReferencesFromName(ImmutableName _privName)
                                            throws CreateError
Gets the main components from the linked privilege name as a string, returned by getName(). These key components define fully the privilege instance.

Specified by:
getKeyReferencesFromName in interface ImmutablePrivilege
Parameters:
_privName - has been returned by getName()
Returns:
null if the name format is wrong, or an array of the 6 Privilege components:

- index 0: name of the ACS which manages this privilege (ImmutableName)

- index 1: privilege type (String)

- index 2: nick name (String)

- index 3: first right (String)

- index 4: null

- index 5: null

Throws:
CreateError - if the argument or a component is null or not correct, not a privilege name string, or if a main component string is not provided by NameImpl.toString()
See Also:
PrivilegeAbst.getAcsFromName(ARoad0.gBaseInterface.ImmutableName)

toString

public java.lang.String toString()
The form is ' Detailled name: KKKK + Source(s): FFFF + Target(s): NNNNNNNN + Right(s): jjjj| kkkk| mmmm| ', where the detailed name has the form: 'privilegeType || nickName || first right'. Called by BaseManagerImpl.importACS() to display the closed Privileges.

Overrides:
toString in class java.lang.Object
Returns:
String

finalizeForBase

public void finalizeForBase()
                     throws UpDateError
It sets to null almost all variables, so the instance is equals to a new empty PrivilegeForLinksImpl. The relevant sources and targets register/unregister the linked privilege when the source, the target or the privilege is created/deleted. An unused object has to be deleted to inform the others objects, and this method HAS TO BE CALLED before deleting this object. This method is called by finalize(), finalizeForUser() and ACSImpl.closeExternalLinkedPrivileges().

Specified by:
finalizeForBase in interface FinalizedObject
Overrides:
finalizeForBase in class PrivilegeAbst
Throws:
UpDateError - if the privilege is unknwon from the ACS, the sources or the targets.

finalizeFromDeserialization

protected void finalizeFromDeserialization()
This method finalizes all the sources and all the targets, since it is used after a deserialization. There, the attributes have been deserialized but are not 'true' objects of the base. The instance is NOT removed as a listener, since there is no listener. The internal maps are set to null, but not the private bound properties sets. Does not call finalizeForBase(). Called for EPRViewInBaseImpl only.


finalizeClosedPrivilege

protected void finalizeClosedPrivilege()
This method is to use only for closed LINKED_FOR_ONE_TO_ONE privileges in the relevant ACS list. It cuts all the external references, which can be from and to another ACS, without updating these objects as finalizeForUser() does. It set to null almost all variables, so the instance becames empty. It is called by ACSImpl.checkClosedExternalLinkedPrivileges(), to delete the instance in ACSImpl.l_ClosedPrivileges_.


copy

public java.lang.Object copy(ImmutableName _name,
                             ACS _acs,
                             Node _parent,
                             java.lang.Boolean _toRegisterInManager)
                      throws CreateError
TO REVIEW This method provides a copy of the instance, in the same ACS or another one, on the contrary of PrivilegeForTypeImpl.copy(). If the copy is provided inside the privilege ACS, all the source and target links are copied, with an update of the original sources and targets on which is so added one new privilege link. If the copy is provided outside the privilege ACS, the copy is linked to sources and targets in its ACS if instances with the same names may be found. If not, the link is not copied. Comment is not copied.

Parameters:
_name - is the copy name must be a one-component name, and the component is the nick name of the new privilege. May be equals to the nick name of this privilege, but only for another ACS.
_acs - is the ACS of the copy to create. May be different to the ACS of this instance.
_parent - must be null here.
_toRegisterInManager - false if this method must not register the instance in its ACS.
Returns:
Object is a copy of the object, in the same class.
Throws:
CreateError - if _name or _acs is null, or _parent is not null, or _name is not a one-component name.

getEmptyInstance

public Privilege getEmptyInstance()
Specified by:
getEmptyInstance in interface ImmutablePrivilege

copyForExternal

protected PrivilegeForLinksImpl copyForExternal()
Called by ACSImpl.closeExternalLinkedPrivileges() only for the external privileges, thus for the LINKED_FOR_ONE_TO_ONE privileges, when the links to other ACS have to be cut and cloned. No copy of the sources and target lists, nor the detailled name. Caution: the copy is not registered in its ACS, nor in its sources and targets.

Returns:
Object without change in the external references but copy of these references.