|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.ObjectARoad0.gWork.LinkRightsImpl
ARoad0.AcsAddon.Accbee.Ubuntu.gWork.LinkRightsUbuntuImpl
public class LinkRightsUbuntuImpl
This class provides utilities about rights and links for Linux Ubuntu. It adds to its superclass the handling of Linux AGO Other rights. It removes for Ubuntu any DisplayableLinkImpl containing an AGO Other right while there is a superior right in another DisplayableLink, following the rule 'AGO right: AG rights deletes O rights'. Some unuseful Displayablelinks are removed, when the end has the form Actor/run_under/GroupIDMember/AGO Other/Resource, while another DisplayableLink ends with the form (same Actor)/AGO Other/(same Resource).
This class adds also the search of the 2 Linux Ubuntu capacity groups that are simulated in this Access Road version. For the AGO rights, the AccessControlLink.GLOBAL comments use in this Addon the constant ACLINK_C_AGO_OTHER to comment the AGO Other rights.
The paths search covers fully the ACL rights, even if in Ubuntu for this version, there is no management of the Linux Access Control Lists. An ACL transmits the Acount/Group context of its source to its target if they are from the same ACS. This is never true for a privilege (not managed in Ubuntu) or a bridge, for which the target has its proper AG context, even if sometimes this context is empty. This class is used by the gWork package.
AccessControlLinkImpl
Field Summary |
---|
Fields inherited from class ARoad0.gWork.LinkRightsImpl |
---|
interpreter_, linkUtil_, utility_ |
Fields inherited from interface ARoad0.gWorkInterface.LinkRights |
---|
INITIAL_CAPACITY |
Constructor Summary | |
---|---|
LinkRightsUbuntuImpl(AlgorithmInterpreter _interpreter)
only one public constructor |
Method Summary | |
---|---|
java.util.Collection |
detectAddonPriorityInAllLinksAGORights(java.util.Collection<DisplayableLinkImpl> _l_dLinks)
Removes any DisplayableLink which has an Ubuntu object, and contains an AGO right while there is a superior right in another DisplayableLink, following the applicable ACS rules of a given AcsAddon ACS. |
boolean |
detectAddonPriorityInLastLinkAGORights(DisplayableLinkImpl _dLink,
java.util.Collection<DisplayableLinkImpl> _upd_l_dLinks)
Applies the ACS priority rules to a DisplayableLink that ends with an access target, for a given Addon ACS that owns this target, through the analysis of a list of DisplayableLinkImpls. |
boolean |
getDetectAddonPriorityInAllLinksAGORights()
Called by CompoundRightsFactoryImpl.detectHiddenCompoundEpRights() in the final loop. |
boolean |
getDetectAddonPriorityInLastLinksAGORights()
Called by CompoundRightsFactoryImpl.detectHiddenCompoundEpRights() in the central loops, and by endsPathsFromGroupIDMemberWithAclPrivilegeMemberOwnContain() on ThreeNodeRightsFactoryImpl. |
java.util.List<GroupID> |
getLinuxCapacityGroups(ImmutableACS _acs)
Gets the capacity groups in a Linux system (not for an Unix system). |
java.util.List<java.lang.Integer> |
getLinuxOtherLinkTypePositions(DisplayableLinkImpl _dLink)
Gets the positions in getEorAllACLinks() having the types, if any, of the AccessControlLinks having the type GLOBAL which is commented by NodeRightsUbuntuImpl.ACLINK_C_AGO_OTHER to indicate that there is a Linux AGO Other right. |
boolean |
isTransferingAGcontext(AccessControlLinkImpl _acLink,
ImmutableACS _firstACS,
ImmutableACS _secondACS)
Adds to the super method, the transfering capacity when the type is GLOBAL with the comment NodeRightsUbuntuImpl.ACLINK_C_AGO_OTHER. |
java.util.Collection |
removeSomeOtherRightsInAllLinksAGORights(java.util.Collection _l_dLinks)
Removes for Ubuntu any DisplayableLink which contains an AGO Other right while there is a more direct AGO Other right. |
boolean |
removeSomeOtherRightsInLastLinkAGORights(DisplayableLinkImpl _dLink,
java.util.Collection<DisplayableLinkImpl> _upd_l_dLinks)
Removes any DisplayableLinkImpl which contains an AGO Other right in the last link. |
Methods inherited from class java.lang.Object |
---|
clone, finalize, getClass, notify, notifyAll, wait, wait, wait |
Constructor Detail |
---|
public LinkRightsUbuntuImpl(AlgorithmInterpreter _interpreter)
_interpreter
- algorithm interpreter of this viewMethod Detail |
---|
public boolean getDetectAddonPriorityInAllLinksAGORights()
getDetectAddonPriorityInAllLinksAGORights
in interface LinkRights
getDetectAddonPriorityInAllLinksAGORights
in class LinkRightsImpl
public boolean getDetectAddonPriorityInLastLinksAGORights()
getDetectAddonPriorityInLastLinksAGORights
in interface LinkRights
getDetectAddonPriorityInLastLinksAGORights
in class LinkRightsImpl
public java.util.Collection detectAddonPriorityInAllLinksAGORights(java.util.Collection<DisplayableLinkImpl> _l_dLinks)
detectAddonPriorityInAllLinksAGORights
in interface LinkRights
detectAddonPriorityInAllLinksAGORights
in class LinkRightsImpl
_l_dLinks
- DisplayableLinkImpls to analyze, all with the same two ends or not,
where this LinkRights is for one of the node in at least one DisplayableLinkImpl.
Not null.
removeSomeOtherRightsInAllLinksAGORights(java.util.Collection)
public boolean detectAddonPriorityInLastLinkAGORights(DisplayableLinkImpl _dLink, java.util.Collection<DisplayableLinkImpl> _upd_l_dLinks)
detectAddonPriorityInLastLinkAGORights
in interface LinkRights
detectAddonPriorityInLastLinkAGORights
in class LinkRightsImpl
_dLink
- where the second end is the node of this instance._upd_l_dLinks
- to analyze and update, all with the same two ends of _dLink.
Returns false if it is null or empty. It may be updated. May contain
the argument _dLink that is then ignored. May be null.
java.lang.InternalError
- with some ACS-specific errorsremoveSomeOtherRightsInLastLinkAGORights(ARoad0.CNot.DisplayableLinkImpl, java.util.Collection)
public java.util.Collection removeSomeOtherRightsInAllLinksAGORights(java.util.Collection _l_dLinks)
in dLink to remove, there is the form (same node1)-any link-(ep)-IS_MEMBER/RUN_UNDER-(groupidmember)-other link-(resource), and in some dLink2, there is a triplet (same node1)-any link-(same ep)-other link-(same resource).
A DisplayableLinkImpl may do not contain any Linux node, and then, it is not updated. Called by detectAddonPriorityInAllLinksAGORights().
_l_dLinks
- DisplayableLinkImpls to analyze, all with the same two ends or not,
where this LinkRights is for one of the node in at least one DisplayableLinkImpl.
Not null.
detectAddonPriorityInAllLinksAGORights(java.util.Collection)
public boolean removeSomeOtherRightsInLastLinkAGORights(DisplayableLinkImpl _dLink, java.util.Collection<DisplayableLinkImpl> _upd_l_dLinks)
- there is a superior right in another DisplayableLink, following the rule 'AGO right: AG rights deletes O rights',
- the end has the form Actor/run_under/GroupIDMember/AGO Other/Resource, while another DisplayableLink ends with the form (same Actor)/AGO Other/(same Resource).
If _dLink has no 'AGO Other' last link, it is always valid.
In the first case, the OWNER or CONTAIN removing relation may be without workable rights, but the CONTAIN relation from a capacity group is not a criterion for a removing. The _dLink is not validated if:
- in _dLink, there is a pair (EligibleParty)-...-other link-(_dLink second end), whatever the number of intermediate nodes between the EligibleParty and the Resource,
- in a _upd_l_dLinks link, there is the same pair with a path (EligibleParty)-...-OWNER or CONTAIN-(_dLink second end), with the Account/Primary Group context of the _dLink second end for this link second end, whatever the number of intermediate nodes between the EligibleParty and the link second end, and if the CONTAIN relation is not from a capacity group. This first case does not take account of the non-primary groups in the AG context of the second end.
In the second case, a DisplayableLink is not false but it is unuseful, as _dLink or not: - _dLink end has the form EligibleParty/run_under or is_member/GroupIDMember/AGO Other/Resource, and it is removed because,
- in a _upd_l_dLinks link, there is the ending form (same EligibleParty)/AGO Other/(same Resource).
OR,
- a _upd_l_dLinks link has the form EligibleParty/run_under or is_member/GroupIDMember/AGO Other/Resource, and it is removed because,
- _dlink has the ending form (same EligibleParty)/AGO Other/(same Resource).
This last subcase is handled by removeSomeOtherRightsInAllLinksAGORights(), because the shorter link may not be known when this method is called for the longer link.
Called by detectAddonPriorityInLastLinkAGORights().
_dLink
- where the second end is the node of this instance._upd_l_dLinks
- to analyze and update, all with the same two ends of _dLink.
Returns false if it is null or empty. It may be updated. May contain
the argument _dLink that is then ignored.
detectAddonPriorityInLastLinkAGORights(ARoad0.CNot.DisplayableLinkImpl, java.util.Collection)
public java.util.List<GroupID> getLinuxCapacityGroups(ImmutableACS _acs)
_acs
- to process. May not be a Linux system.
public java.util.List<java.lang.Integer> getLinuxOtherLinkTypePositions(DisplayableLinkImpl _dLink)
_dLink
- may contain nodes not from the AcsAddon Ubuntu
public boolean isTransferingAGcontext(AccessControlLinkImpl _acLink, ImmutableACS _firstACS, ImmutableACS _secondACS)
isTransferingAGcontext
in class LinkRightsImpl
_acLink
- never null_firstACS
- ACS of the _acLink first node. May be null._secondACS
- ACS of the _acLink second node May be null.
AccessControlLinkImpl.isTransferingAGcontextWithoutACL()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |