ARoad0.gBase
Class ACSImpl

java.lang.Object
  extended by ARoad0.gBase.ACSImpl
All Implemented Interfaces:
ACS, ACSCatalog, ACSRun, BaseBeanManager, BaseObject, BoundBean, ImmutableACS, ImmutableCommonBase, java.io.Serializable, java.lang.Cloneable
Direct Known Subclasses:
ACSMySQLImpl, ACSUbuntuImpl

public class ACSImpl
extends java.lang.Object
implements ACS, BoundBean, java.io.Serializable

This class is responsible for modeling an Access Control System (ACS) which is the main unit of modelization for software. It registers its internal and external resources, its internal and external eligible parties (accounts, groups, actors), its internal and external virtual folders, its AclEntries, its Privileges and its ACS bridges. It also registers the other ACS which control this ACS. It cuts or restores in its objects, the external references to other ACS when it is closed or open. After ACSFactoryImpl, this is the most complex class of the gBase package.

The ACS is created by ACSFactoryImpl.createACS(), which set the booleans and string parameters for the new ACS. They cannot be changed after the ACS creation. They define the ACS general structure and behavior. At the ACS creation, the compliance to varied integrity rules is verified.

It is a javabean with the following bound properties: 'ExternalOrientedPrivilege', 'Controlled', 'ExternalOriented', 'OneController', 'M_OwnResources', 'OneExternalResource', 'OneResource' (when one resource is created or deleted), 'OneEligibleParty', 'OneBaseObject' for a Resource, VirtualFolder or EligibleParty, 'AclEntry', 'M_OwnEligibleParties', 'OneExternalEligibleParty', 'OwnResourcesRootName', 'OwnGroupsRootName', 'OwnResourceFoldersRootName', 'OwnEPFoldersRootName', 'BridgeSources', 'BridgeTargets', 'Comment', 'OneAcsRight', 'OneNoRightProxyActor', 'Privileges', 'TiedChildACSs', 'RootsForChildACS', 'OneTypedPrivilege', 'OneLinkedPrivilege', 'OneResourceVirtualFolder', 'OneEPVirtualFolder', 'IncompleteStructureModeling'.

The ACSImpl class is a tricky case for the thread management. There is very few direct accesses to ACS instances in the access paths search algorithms. This is recommanded to do so in the AcsAddons. For the rare ACS methods that are used or should be used by a view, the method documentation includes the comment 'may be called from a view worker thread'. These methods are fast, as far as possible. Furthermore, all the ACS new/remove methods on the classes implementing Resource, EligibleParty, VirtualFolder, AclEntry or Privilege are synchronized.

The listeners are proper to one ACSImpl instance, outside gBase, transient (not serialized), and they are called in any order, excepted for:

1/ The sequence for a Resource change is : ExternalOrientedAclEntry, ExternalOriented, M_OwnResources (or External), OneResource, OneBaseObject. It is very similar for an EligibleParty change and a VirtualFolder change.

2/ For Actors, 'OneResource' is always fired when 'OneEligibleParty' is fired, and it is fired before this event for a resource creation, and after this first event for a resource deletion. 'OneBaseObject' is fired when the operation is completed, and it is fired always just after 'OneEligibleParty' if it is an actor creation, and always just after 'OneResource' if it is an actor deletion.

Excepting for 'OneResource', 'OneEligibleParty', 'OneBaseObject', 'AclEntry', 'OneTypedPrivilege', 'OneLinkedPrivilege', 'OneVirtualFolder', the listeners receive only a copy of the new value, to protect the property. All the exceptions from the listeners are catched, and a dialog box is displayed to inform the user.

This class has several subclasses in the AcsAddon packages. Most of the variables are protected.

See Also:
BaseManagerImpl, Serialized Form

Field Summary
protected  java.lang.String aCSType_
          Defines the ACS type, which may be GENERIC, LINUX, WINDOWS, LDAP...
protected  BaseError baseError_
          BaseError for this acs
protected  java.util.Set<java.lang.String> categoriesInSpecializedRights_
          The possible specialized right types are 'AccRightsSet', 'GpORightsSet', 'AclRightsSet', 'PrvRightsSet', 'BdgRightsSet'.
protected  java.beans.PropertyChangeSupport changeSupport_
          manage all the property change listeners
protected  java.lang.String comment_
           
protected  boolean containsBridgeSource_
          if true, contains at most one actor which is a bridge source for another-ACS actor.
protected  boolean containsBridgeTarget_
          if true, contains at most one actor which is a bridge target for another-ACS actor.
protected  boolean containsRootActions_
          if true, contains some root actions and then, some ACS roots in other ACS.
protected  boolean controlled_
          True if this ACS has open controllers.
protected  java.lang.String editor_
           
static ACSImpl EMPTY_INSTANCE
          A reusable empty instance for initialization, to avoid the use of 'new' for temporary values.
protected  boolean externalOriented_
          if true, is a controller for other open ACS - that is the ACS has some open external AclEntries or Privileges.
static java.lang.String GENERIC
           
protected  boolean haveSpecializedRights_
          true if some specialized rights have been set
protected  javax.swing.ImageIcon icon_
          The icon of the aCS in the beamer - selected at the creation or the GUI uses the default value.
protected  java.lang.String iconName_
           
protected static int INCREMENT_CAPACITY
           
protected static int INITIAL_CAPACITY_25
           
protected static int INITIAL_CAPACITY_5
           
protected  boolean is_hub_
           
protected  ImmutableName iSname_
          Name of the IS which owns this ACS
protected  ImmutableAclEntry[] l_AclEntry_
          All the open aclentries of this ACS
protected  java.util.List<ImmutableActor> l_ActorBridgeSources_
          List of own Actors which are bridge sources for external actors.
protected  java.util.List<ImmutableActor> l_ActorBridgeTargets_
          List of own Actors which are bridge targets for external actors.
protected  java.util.Set<ImmutableAclEntry> l_ClosedAclEntries_
          Set of only closed external aclEntries, that is those which have their ACS that is currently closed.
protected  java.util.Set<ImmutableName> l_ClosedAclEntriesACSNames_
          Set of the ACS names of both controlled ACS and referenced ACS that control this ACS, which are in the closed acl entries
protected  java.util.Set<PrivilegeForLinks> l_ClosedPrivileges_
          Set of only closed external privileges, that is those which have their ACS that is currently closed.
protected  java.util.Set<ImmutableName> l_ClosedPrivilegesACSNames_
          Set of the ACS names of both controlled ACS and referenced ACS that control this ACS, which are in the closed privileges
protected  java.util.List<java.lang.String> l_ImmutableRules_
          List of the ACS rules which are derivated from the structure, like 'AGO right: A rights overlay G rights'.
protected  java.util.List<ImmutableActor> l_NoRightProxyActors_
          List of own Actors which are not right proxies, then which are secure and without any trojan able to deliver hidden rights to the right users executing these actors.
protected  ImmutableName[] l_OpenAcsControllerNames_
          the open controllers of this acs
protected  Privilege[] l_Privilege_
          Array of all the ACS privileges
protected  StringRight[] l_Rights_
          all the (ACS or meta) rights managed in this acs
protected  java.util.List<ImmutableName> l_RootNamesForAcsIntegrity_
          The list of the ACSObject roots of this ACS in an opened parent ACS, where each root in the parent ACS has some property updatings which may weaken the integrity of this ACS.
protected  java.util.List<ImmutableName> l_RootNamesForAcsOpeningNoClosing_
          The list of the ACSObject roots of this ACS in an opened parent ACS, where each root remains in the parent ACS at the closing of this ACS.
protected  java.util.List<ImmutableName> l_RootNamesForAcsOpeningWithClosing_
          The list of the ACSObject roots of this ACS in an opened parent ACS, where each root has to be in the parent ACS at the opening of this ACS, and it is deleted at the closing of the ACS.
protected  java.util.ArrayList<ImmutableName> l_TiedChildACSs_
          A child tied ACS has to be opened when this instance is opened.
protected  VirtualFolder[] l_VirtualFolders_
          Array of all the ACS virtual folders
static java.lang.String LINUX
           
protected  java.util.HashMap<java.lang.String,java.lang.String[]> m_AcsVocabulary_
          The ACS vocabulary defines several independant domains: - How to name the L_ACS_TREE_GENERIC_UPPER_NODES constants for this ACS, as names of the ACS tree nodes in the proper ACS internal frame.
protected  java.util.Map<ImmutableName,ImmutableActor> m_ActorBridgeTargets_
          Map (ImmutableName, Actor) of own Actors which are bridge targets for external actor sources.
protected  java.util.HashMap<java.lang.String,ImmutableName> m_BelongsToComposite_
          Immutable map which says if the ACS or a subACS belongs to a Composite ACS in the IS Name Tree.
protected  java.util.SortedMap<ImmutableName,java.util.ArrayList<ImmutableName>> m_closedSourcesOfActorBridgeTargets_
          Map of the closed external Actor names which are sources of own actor bridge targets.
protected  java.util.SortedMap<ImmutableName,ImmutableName> m_closedTargetsOfActorBridgeSources_
          Map of the closed external Actor names which are targets of own actor bridge sources.
protected  java.util.HashMap<java.lang.String,java.lang.String[]> m_CommentsOnProperties_
          Map of the comments on each ACS property, to explain the simulation.
protected  java.util.HashMap<java.lang.String,java.lang.String[]> m_ConstraintsForNewObjects_
          Map of mandatory associations on the ACS new objects.
protected  java.util.SortedMap<ImmutableName,ImmutableEligibleParty> m_EligibleParties_
          Map of all the eligible parties of this ACS
protected  java.util.SortedMap<ImmutableName,ImmutableResource> m_Resources_
          Map of all the resources of this ACS
protected  java.util.SortedMap<java.lang.String,StringRight[]> m_RightsOfInternalKey_
          Gets the ACS rights and the metarights this ACS handles and for a given internal key value of the associated metaright.
protected  java.util.HashMap<java.lang.String,java.lang.String[]> m_RootCommandsForAcsIntegrity_
          Get for a child ACS, the list of the ACSObject roots in the parent ACS which have a root relation with this child ACS.
protected  java.util.HashMap<java.lang.String,java.lang.String[]> m_RootCommandsForAcsOpeningAndClosing_
          For a child ACS, the list of the ACSObject roots in the parent ACS which have a root relation with this child ACS.
protected  java.util.HashMap<java.lang.String,java.lang.String[]> m_RootCommandsForAcsOpeningNoClosing_
          For a child ACS, the list of the ACSObject roots in the parent ACS which have a root relation with this child ACS.
protected  java.util.Map<java.lang.String,ImmutableName[]> m_RootsForChildACS_
          The map of the ACSObject roots which have with an opened or closed child ACS, a relation among those set by ACSFactoryUtilityImpl.getKeysForConstrainedChildACSMap().
protected  java.util.HashMap<java.lang.String,StringRight[]> m_SpecializedRights_
          To extend or to reduce the allowed AGO, ACL, PRI rights following the target/source interface or type
protected  java.util.HashMap<java.lang.String,StringRight[]> m_StandardRights_
          Map of restrictions on the ACS Right properties
protected  java.util.SortedMap<java.lang.String,java.lang.Boolean> m_Structure_
          The active booleans which define the ACS structure and features.
protected  java.util.HashMap<java.lang.String,java.lang.String[]> m_SubAndGroupPolicy_
          Gets the subACS names and their mode (for Resources or for GroupIDs) and the root names for groups trees, as nodes to display in the explorer.
protected  java.util.HashMap<java.lang.String,java.lang.String[]> m_TypeOrientedPolicy_
          Map of restrictions on the ACS GroupID/Node policy
protected  java.util.HashMap<java.lang.String,java.lang.String[]> m_TypesAndGUIPolicy_
          Map of restrictions on the ACS types and the GUI creation/display policy
protected static int MAX_FOR_TYPED_PRIVILEGES_NUMBER
           
protected  ImmutableName name_
          Name of the acs, which starts with the IS name
protected  ImmutableName ownEPFoldersRootName_
           
protected  ImmutableName ownGroupsRootName_
           
protected  ImmutableName ownResourceFoldersRootName_
           
protected  ImmutableName ownResourcesRootName_
           
protected  ImmutableName parentName_
          Name of the parent acs in the IS nametree.
protected static int PRIME
           
static java.io.ObjectStreamField[] serialPersistentFields
          variable for the JDK 2 serialization
protected static long serialVersionUID__
           
protected  java.lang.String visibleSpace_
           
 
Constructor Summary
ACSImpl()
          Default constructor used by valueOf() and the subclasses
 
Method Summary
protected  void addAcsController(ImmutableName _ACSname)
          Called by addResource() and addVirtualFolder().
protected  void addEligibleParty(ImmutableEligibleParty _ep)
          Registers a new own or an external eligible party in the ACS, without type control.
protected  void addInParentACS(java.util.List<ImmutableName> _l_roots)
          Adds the root properties to the parent ACS, and to the roots themself in the parent ACS.
protected  void addNoRightProxyActor(ImmutableActor _act)
          Adds an own Actor which is not right proxy, then which is supposed to be secure and without any virus able to deliver rights to the rights users which execute these actors.
protected  void addOwnActorBridgeSource(ImmutableActor _actor)
          Sets an own actor as a bridge source for an external actor.
protected  void addOwnActorBridgeTarget(ImmutableActor _source, ImmutableActor _target)
          Sets an own actor as a bridge target for an external actor.
 void addPropertyChangeListener(java.beans.PropertyChangeListener _l)
          Add a listener to the bean, for all the bound properties.
 void addPropertyChangeListener(java.lang.String _propertyName, java.beans.PropertyChangeListener _l)
          Adds a listener to the bean.
protected  void addResource(ImmutableResource _res)
          Registers a new own or a controlled resource without type control, and fires the bound properties 'M_OwnResources' or 'OneExternalResource', 'OneResource' and 'OneBaseObject' only if it is not an Actor.
 void addRight(StringRight _right)
          UNUSED METHOD, to implement ACSRun.
protected  void addRootForChildACS(ImmutableName _child, ACSObject _root)
          Adds an ACSObject which has at least one relation with any opened child ACS, among the possible relations <ForChildAcsOpeningAndClosing>, <ForChildAcsOpeningNoClosing> and <ForChildAcsIntegrity>.
protected  void addVirtualFolder(VirtualFolder _fold)
          Registers a new virtual folder in this ACS.
protected  void checkClosedAcsRights()
          Checks if there are ACS rights to register in their respective metarights.
protected  void checkClosedBridges(ACS _acs)
          Checks if there are bridge targets to create when the instance or the argument is an opening ACS.
protected  void checkClosedExternalAclEntries(ACS _acs)
          Opens any closed external AclEntry that has both its resource, its eligible party, the first condition group and the associated ACS(s) which are currently open.
protected  void checkClosedExternalLinkedPrivileges(ACS _acs)
          Opens any closed external linked one-to-one Privileges that has both its target, its eligible party and the associated ACS(s) which are currently open.
protected  void closeAcsRights()
          For the ACS rights, unregisters them in their metarights.
protected  void closeBridges(ACS _acs)
          Checks if there are own actor bridge sources or bridge targets for a given ACS.
protected  void closeExternalAclEntries(ACS _acs)
          Closes all the inner AclEntries relevant to an another ACS, to avoid any failed external references at the closing of one of theses ACS.
protected  void closeExternalLinkedPrivileges(ACS _acs)
          Closes all the inner linked privileges relevant to an another ACS, to avoid any failed external references at the closing of one of these ACS.
protected  void closeVirtualFolders()
          Sets the VirtualFolder internal properties, before any ACS deserialization.
 boolean containsAclEntry(ImmutableAclEntry _acl)
          Test if an AclEntry is known.
 boolean containsEligiblePartyName(ImmutableName _name)
          Test if the eligible party is opened, and owned by the ACS or external to the ACS and connected to it through an ACS aclEntry.
 boolean containsOwnEligiblePartyName(ImmutableName _name)
          True if the ACS owns this EP.
 boolean containsOwnResourceName(ImmutableName _name)
          Synchronized on the resources map.
 boolean containsOwnVirtualFolderName(ImmutableName _name)
          Tests if the ACS owns the virtual folder.
 boolean containsPrivilegeName(ImmutableName _name)
          Tests if a privilege is known.
 boolean containsResourceName(ImmutableName _name)
          Test if the resource is opened, and owned or controlled by the ACS.
 boolean containsVirtualFolderName(ImmutableName _name)
          Tests if a virtual folder is known.
protected  short controlEPandResourceTypes(java.lang.String _epType, java.lang.String _resourceType)
          Currently unused, this method allows to control the EP and/or resource types.
static ACSImpl copy(ImmutableName _iSname, ImmutableName _parentName, ImmutableName _name, boolean _is_hub, java.lang.String _visibleSpace, ACSImpl _acs, boolean _toRegisterInManager)
          NO USE.
 boolean equals(java.lang.Object _obj)
           
protected  void fillNoRightProxyActors()
          Fills the ACS internal property list, after an ACS deserialization.
protected  void fillRightsOfInternalKey()
          Sets the ACS rights and the metarights this ACS handles and for a given internal key value of the associated metaright.
protected  void fillVirtualFolders()
          Sets the VirtualFolder internal properties, after any ACS deserialization.
protected  void finalize()
          This method removes the object from the application space, but there is no guaranee that the JVM calls this method before the end of the application.
protected  void finalizeForBase()
          Closes the ACS.
protected  void firePropertyChange(java.lang.String _propertyName, java.lang.Object _oldValue, java.lang.Object _newValue)
          Fires an event to every registered listener, in any order.
 java.lang.String getACSType()
          Returns the ACS type, as ACSImpl.GENERIC, LINUX, or defined by the user, and it is completed by the ACS policy checksum.
 java.util.Set<java.lang.String> getCategoriesInSpecializedRights()
          The possible specialized right categories are 'AccRightsSet', 'GpORightsSet', 'AclRightsSet', 'PrvRightsSet', 'BdgRightsSet', 'RooRightsSet'.
 java.lang.String getComment()
           
 boolean getContainsBridgeSource()
          Gets the presence of actors which are bridge sources.
 boolean getContainsBridgeTarget()
          Gets the presence of actors which are bridge targets.
 boolean getContainsRootActions()
          Called by BeamerManager.getNotDisplayThisProperty().
 java.lang.String getEditorAndAddonNames()
          The form is 'Editor: full_editor_name - AcsAddon: addon_name'.
 boolean getEmbeddedInParentACS()
          Deprecated.  
 BaseError getEorBaseError()
           
 javax.swing.ImageIcon getEorIcon()
           
 ImmutableAclEntry[] getEorL_AclEntries()
          Get the internal and external AclEntries managed by this ACS.
 java.util.List<VirtualFolder> getEorL_EPVirtualFolders()
          Gets the virtual folders managed by this ACS and which contain only eligible parties.
 ImmutableAclEntry[] getEorL_ExternalAclEntries()
          Get the external AclEntries managed by this ACS.
 VirtualFolder[] getEorL_ExternalVirtualFolders()
          Copy of the external virtual folders in a new array.
 java.util.List<ImmutableActor> getEorL_NoRightProxyActors()
          List of own Actors which are not right proxies, then which are supposed to be secure and without any virus able to deliver rights to the rights users which execute these actors.
 java.util.List<ImmutableActor> getEorL_OwnActorBridgeSources()
          Gets all the own actors which are bridge sources for external actors.
 java.util.List<ImmutableActor> getEorL_OwnActorBridgeTargets()
          Gets all the own actors which are bridge targets for external actors.
 java.util.List<Privilege> getEorL_PrivilegeForLinks()
          Gets all the PrivilegeForLinks of the ACS, not the PrivilegeForTypes.
 java.util.List<Privilege> getEorL_PrivilegeForTypes()
          Gets all the PrivilegeForTypes of the ACS.
 java.util.List<Privilege> getEorL_PrivilegeForTypesForSource(java.lang.String _type)
          Gets all the PrivilegeForTypes which have the right source type.
 java.util.List<Privilege> getEorL_PrivilegeForTypesForTarget(java.lang.String _type)
          Gets all the PrivilegeForTypes which have the right target type.
 Privilege[] getEorL_Privileges()
          Gets the privileges managed by this ACS.
 java.util.List<VirtualFolder> getEorL_ResourceVirtualFolders()
          Gets the virtual folders managed by this ACS and which contain only resources.
 VirtualFolder[] getEorL_VirtualFolders()
          Gets the virtual folders managed by this ACS.
 java.util.SortedMap<ImmutableName,ImmutableActor> getEorM_Actors()
          Copy of all the actors in a new map.
 java.util.SortedMap<ImmutableName,ImmutableEligibleParty> getEorM_EligibleParties()
          The eligible parties are own or external ones.
 java.util.SortedMap<ImmutableName,ImmutableEligibleParty> getEorM_ExternalEligibleParties()
          Copy of the external eligible parties in a new map.
 java.util.SortedMap<ImmutableName,ImmutableResource> getEorM_ExternalResources()
          Copy of the external resources in a new map.
 java.util.SortedMap<ImmutableName,ImmutableActor> getEorM_OwnActors()
          Copy of the own actors in a new map.
 java.util.SortedMap<ImmutableName,ImmutableEligibleParty> getEorM_OwnEligibleParties()
          Copy of the own eligible parties in a new map.
 java.util.SortedMap<ImmutableName,ImmutableResource> getEorM_OwnNoParentResources()
          Copy of the own no-parent resources in a new map.
 java.util.SortedMap<ImmutableName,ImmutableResource> getEorM_OwnResources()
          Copy of the own resources in a new map.
 java.util.SortedMap<ImmutableName,ImmutableResource> getEorM_Resources()
          The resources are own or external ones.
 StringRight getFirstRightFromMeta(java.lang.String _metaRight)
          Gets the first right which is registered by this ACS with the correct metaright.
 StringRight getFullControlRight()
          Gets the first acsright which has 'full_control' as metaright, or this metaright if no acsright complies this condition.
 ImmutableName getFullName()
          The full name is unique for the Access Road program.
 boolean getHaveSpecializedRights()
          Called by BeamerManager.getNotDisplayThisProperty().
 boolean getHubProperty()
          Gets the hub property for the ACS node in the IS nametree.
 java.lang.String getIconName()
           
 boolean getIncompleteBehaviorModeling()
          The modeling of the behavior is incomplete when important constraints on ACSObjects are not modelled, for instance to set their allowed rights, or their effective default rights.
 boolean getIncompleteStructureModeling()
          The modeling of the structure is incomplete when some ACSObjects miss while they participate to the decision for some important access controls, or simply when these missed ACSObjects are important for the overall ACS security, or when their important relations with some other ACSObjects are not set.
 boolean getIsAuthorizationServer()
          May be called from a view worker thread.
 boolean getIsControlled()
          True if an other open ACS controls this ACS, that is has an external AclEntry or Linked Privilege for a resource or a virtual folder from this ACS.
 boolean getIsExternalOriented()
           
 boolean getIsFromAcsAddon()
          To detect an AcsAddon, this method tests (ACS.getClass().toString().indexOf("ARoad0.AcsAddon.") !
 ImmutableName getISName()
          Get the name of the information system which owns this acs.
 ImmutableName[] getL_AcsControllers()
          Gets all the open ACS that have an external AclEntry or an external Linked Privilege for a resource or a virtual folder from this ACS.
static java.util.List<java.lang.String> getL_AcsTypes()
          Get the standard ACS types, but not those created by the user.
protected  java.util.Set<ImmutableAclEntry> getL_ClosedAclEntries()
          Called by equals(), finalizeForBase().
protected  java.util.Set<ImmutableName> getL_ClosedAclEntriesACSNames()
          Gets all the closed ACS names if this ACS is a controller of external resource(s) or eligible, through its aclEntries, or if this ACS is controlled by other ACS.
protected  java.util.Set<ImmutableName> getL_ClosedACSBridgeSources()
          Gets the own bridge sources which are not activated because their targets belong to a closed ACS.
protected  java.util.Set<PrivilegeForLinks> getL_ClosedPrivileges()
          Called by BaseManagerImpl and another opening ACS for identifying its resources that are controlled in Privileges by this ACS.
protected  java.util.Set<ImmutableName> getL_ClosedPrivilegesACSNames()
          Gets all the closed ACS names if this ACS is a controller of external resource(s) or eligible, through its Privileges, or if this ACS is controlled by other ACS.
 java.util.List<java.lang.String> getL_ImmutableRules()
          Get the structural rules which are derived from the ACS structure and which define the processing of objects and rights in this ACS.
 StringRight[] getL_Rights()
          Gets all the rights which are allowed in this ACS.
 java.util.List<ImmutableName> getL_RootsForClosing()
          Gets the list of the ACSObject roots of this ACS in an opened parent ACS, where each root has to be deleted in the parent ACS at the closing of this ACS.
 java.util.List<ImmutableName> getL_RootsForIntegrity()
          Get the list of the ACSObject roots of this ACS in an opened parent ACS, where each root in the parent ACS has some property updatings which may weaken the integrity of this ACS.
 java.util.List<ImmutableName> getL_RootsForOpening()
          Gets the list of the ACSObject roots of this ACS in an opened parent ACS, where each root has to be in the parent ACS at the opening of this ACS to ensure its working.
 StringRight[] getL_SelectedRights(java.lang.String _r1, java.lang.String _r2, java.lang.String _r3, java.lang.String _r4, java.lang.String _r5)
          Gets the ACS or meta rights having one of the arguments as nick name, and used by the ACS.
 java.util.List<ImmutableName> getL_TiedChildACS()
          A tied child ACS has to be opened when this instance is opened.
 java.util.Map<java.lang.String,java.lang.String[]> getM_AcsVocabulary()
          Gets the ACS vocabulary.
 java.util.Map<java.lang.String,java.lang.String[]> getM_AssociationsOnNewObject()
          Get the associations to handle at the creation or the deletion of some ACSObjects, by the mean of actions to do by the program.
 java.util.Map<java.lang.String,ImmutableName> getM_BelongsToComposite()
          Gets the map which says if the ACS or a subACS belongs to a Composite ACS in the IS Name Tree.
 java.util.Map<java.lang.String,java.lang.String[]> getM_CommentsOnProperties()
          Gets comments to explain how this ACS simulates a real system/software.
 java.util.Map<java.lang.String,ImmutableName[]> getM_InnerRootsForChildACS()
          For a parent ACS, gets the list of the inner ACSObjects having with an opened child ACS, a relation among <ForChildAcsOpeningAndClosing>, <ForChildAcsOpeningNoClosing> and <ForChildAcsIntegrity>.
 java.util.SortedMap<java.lang.String,StringRight[]> getM_RightsOfInternalKey()
          Gets the ACS rights and the metarights this ACS handles and for a given internal key value of the associated metaright.
 java.util.Map<java.lang.String,java.lang.String[]> getM_RootCommandsForIntegrity()
          Gets for a child ACS, the list of associations to roots in its parent ACSs for integrity.
 java.util.Map<java.lang.String,java.lang.String[]> getM_RootCommandsForOpeningAndClosing()
          Gets for a child ACS, the list of associations to roots in its parent ACSs for running.
 java.util.Map<java.lang.String,java.lang.String[]> getM_RootCommandsForOpeningNoClosing()
          Gets for a child ACS, the list of associations to roots in its parent ACSs for running.
 java.util.Map<java.lang.String,StringRight[]> getM_SpecializedRights()
          Gets the specialized rights extending or constraining the allowed values which are defined for each right type set in getM_StandardRights().
 java.util.Map<java.lang.String,StringRight[]> getM_StandardRights()
          This map is initialized at the ACS creation to set the standard values for the ACSObject Right properties (for example, the Linux rights), but only when there is no applicable specialized rights.
 java.util.SortedMap<java.lang.String,java.lang.Boolean> getM_Structure()
          Gets the structure of this ACS.
 java.util.Map<java.lang.String,java.lang.String[]> getM_SubAndGroupPolicy()
          Gets the subACS names and their mode (for Resources or for GroupIDs) and the root names for groups trees, as nodes to display in the explorer.
 java.util.Map<java.lang.String,java.lang.String[]> getM_TypeOrientedPolicy()
          Gets the ACS constraints on the allowed or forbidden ACSObject types to set the GroupID, Node, Resource, AclEntry and Privilege policies.
 java.util.Map<java.lang.String,java.lang.String[]> getM_TypesAndGUIPolicy()
          Get the String values which define the allowed ACSObject types.
 boolean getManageAccounts()
          May be called from a view worker thread.
 boolean getManageACLRightsInheritance()
          May be called from a view worker thread.
 boolean getManageAcsRights()
          May be called from a view worker thread.
 boolean getManageActorInEPVirtualFolders()
          May be called from a view worker thread.
 boolean getManageActors()
          May be called from a view worker thread.
 boolean getManageAGORights()
          May be called from a view worker thread.
 boolean getManageAGORightsInheritance()
          May be called from a view worker thread.
 boolean getManageAuthorizationServerTypedPrivileges()
          May be called from a view worker thread.
 boolean getManageBridges()
          May be called from a view worker thread.
 boolean getManageClassedSpecificTypedPrivileges()
          May be called from a view worker thread.
 boolean getManageClassedTypedPrivileges()
          May be called from a view worker thread.
 boolean getManageDenyingRightPrivileges()
          May be called from a view worker thread.
 boolean getManageDenyRights()
          May be called from a view worker thread.
 boolean getManageDirectoryEPinEPVirtualFolders()
          May be called from a view worker thread.
 boolean getManageDirectoryEPs()
          May be called from a view worker thread.
 boolean getManageDirectoryInResourceVirtualFolders()
          May be called from a view worker thread.
 boolean getManageEPVirtualFolders()
          May be called from a view worker thread.
 boolean getManageExternalAcls()
          May be called from a view worker thread.
 boolean getManageExternalForOneToOneLinkedPrivileges()
          May be true if the privileges are managed but all the other privilege features are not managed, to allow an own component (source or target) in the privilege of another ACS.
 boolean getManageFlexibleConditionalAcls()
          The ACS cannot manage this property and the right-defined conditional ACLs.
 boolean getManageGrantingRightPrivileges()
          May be called from a view worker thread.
 boolean getManageGrantRights()
          May be called from a view worker thread.
 boolean getManageGroups()
          May be called from a view worker thread.
 boolean getManageGroupTrees()
          May be called from a view worker thread.
 boolean getManageIfAllSourceLinkedPrivileges()
          May be called from a view worker thread.
 boolean getManageInternalAcls()
          May be called from a view worker thread.
 boolean getManageInternalForOneToOneLinkedPrivileges()
          May be called from a view worker thread.
 boolean getManageInternalHardAlias()
           
 boolean getManageLPRIRightsInheritance()
          May be called from a view worker thread.
 boolean getManageMetaRights()
          May be called from a view worker thread.
 boolean getManageOneTimeInVirtualFolderTreeForMember()
           
 boolean getManagePrivilegeRights()
          May be called from a view worker thread.
 boolean getManagePrivilegesInResources()
          Caution: if getManageExternalForOneToOneLinkedPrivileges() returns true, the privilege of another ACS may always have as target a Resource of this ACS.
 boolean getManagePrivilegesInVirtualFolders()
          Caution: if getManageExternalForOneToOneLinkedPrivileges() returns true, the privilege of another ACS may always have as target a VirtualFloder of this ACS.
 boolean getManageResources()
          May be called from a view worker thread.
 boolean getManageResourceTrees()
          May be called from a view worker thread.
 boolean getManageResourceVirtualFolders()
          May be called from a view worker thread.
 boolean getManageRightDefinedConditionalAcls()
          The ACS cannot manage this property and the flexible conditional ACLs.
 boolean getManageSecGroupsForActor()
          May be called from a view worker thread.
 boolean getManageSimpleLinkedPrivileges()
          May be called from a view worker thread.
 boolean getManageSimpleResourceVirtualFolders()
          May be called from a view worker thread.
 boolean getManageSimpleTypedPrivileges()
          May be called from a view worker thread.
 boolean getManageSoftAlias()
          Only an AcsAddon can manage the soft aliasing.
 boolean getManageVirtualFolderRightsPropagationToMembers()
           
 boolean getManageVirtualFolders()
          May be called from a view worker thread.
 boolean getManageVirtualFolderTrees()
          May be called from a view worker thread.
 ImmutableName getName()
          Get the BaseObject name.
 java.lang.String getNickName()
          This short name is NOT always unique for the Access Road program.
 int getNumberOfEPs()
          Gets the number of own eligible parties in the ACS, without the external objects.
 int getNumberOfResources()
          Gets the number of own resources in the ACS, without the external objects.
 AclEntry getOneAclEntryFromDetailledName(java.lang.String _detailledName)
          Gets an AclEntry managed by this ACS from its detailled name.
 Privilege getOnePrivilegeFromDetailledName(java.lang.String _detailledName)
          Gets a privilege managed by this ACS from its detailled name.
 StringRight getOneRight(ImmutableName _name)
          Gets a right which is registered by this ACS.
 StringRight getOneRight(java.lang.String _right)
          Gets a right which is registered by this ACS.
 VirtualFolder getOneVirtualFolder(ImmutableName _name)
          Gets a virtual folder managed by this ACS.
 ImmutableName getOwnEPFoldersRootName()
          The current root is the first non-finalized virtual folder for eligible parties, without parent which has been created.
 ImmutableName getOwnGroupsRootName()
          The current root is the first non-finalized group without parent which has been created.
 ImmutableName getOwnResourceFoldersRootName()
          The current root is the first non-finalized virtual folder for resources without parent which has been created.
 ImmutableName getOwnResourcesRootName()
          The current root is the single directory without parent, if any.
 ImmutableName getParentName()
          Gets the mandatory parent name for the ACS in the IS nametree.
 ACSObject getReferenceOfSoftAlias(ACSObject _alias)
          Gets the reference in this ACS for an external or internal soft alias, by the way of a specific algorithm.
 boolean getRunningOnParentACS()
          Deprecated.  
 long getSerialVersionUID()
           
 boolean getTiedToParentACS()
          Gets the IS nametree property.
 java.lang.String getVisibleSpace()
          Gets the visible space for the ACS in the IS nametree.
protected  void handleAssociationsForInnerObject(ACSObject _obj, boolean _creating)
          Noop.
protected  void handleAssociationsForRootsOfChildACS(ACSObject _root, boolean _opening)
          Noop.
 int hashCode()
           
protected  void initializeAcsRelationsInIS(java.util.HashMap<java.lang.String,ImmutableName> _m_isComposite, java.util.HashMap<java.lang.String,java.lang.String[]> _m_RootsForAcsOpeningAndClosing, java.util.HashMap<java.lang.String,java.lang.String[]> _m_RootsForAcsOpeningNoClosing, java.util.HashMap<java.lang.String,java.lang.String[]> _m_RootsForAcsIntegrity, java.util.HashMap<java.lang.String,java.lang.String[]> _m_SubAndGroupPolicy)
          Sets the maps and lists describing the relations of this new ACS in the IS Name Tree.
 boolean isPropertyChangeListener(java.lang.String _propertyName, java.beans.PropertyChangeListener _listener)
          Tests a listener and returns true if it is registered for the listening of a given bound property.
protected  void newEorAclEntry(ImmutableAclEntry _acl)
          Method called by Resource.addAclEntry() before the updating of Resource.getL_aclEntry() and, indirectly, also called by checkClosedAclEntries().
protected  void newEorEligibleParty(ImmutableEligibleParty _ep)
          Registers a new own eligible party in the ACS and controls that the eligible party type is allowed.
protected  void newEorPrivilege(Privilege _priv)
          Registers a new privilege in this ACS.
protected  void newEorResource(ImmutableResource _res)
          Registers a new own resource with a type control.
protected  void newEorVirtualFolder(VirtualFolder _fold)
          Registers a new virtual folder in this ACS.
protected  void removeAcsController(ImmutableName _ACSname)
          This method is called by removeEorResource() and removeEorVirtualFolder().
protected  void removeEorAclEntry(ImmutableAclEntry _acl)
          Removes the AclEntry in the internal properties.
protected  void removeEorEligibleParty(ImmutableEligibleParty _ep)
          Removes the own and the external EligibleParty.
protected  void removeEorPrivilege(Privilege _priv)
          Removes the Privilege in the internal properties.
protected  void removeEorResource(ImmutableResource _res)
          Unregisters the own and the external resources.
protected  void removeEorVirtualFolder(VirtualFolder _fold)
          Unregisters a virtual folder in this ACS.
protected  void removeNoRightProxyActor(ImmutableActor _act)
          Removes an own Actor which is not right proxy, then which is supposed to be secure and without any virus able to deliver rights to the rights users which execute these actors.
protected  void removeOwnActorBridgeSource(ImmutableActor _actor)
          Removes an own actor which is a bridge source for an external actor.
protected  void removeOwnActorBridgeTarget(ImmutableActor _target)
          Removes an own actor as bridge targets for one or several external actor sources.
protected  void removeOwnActorBridgeTargetFromSource(ImmutableActor _source, BaseObject _caller)
          Removes an own actor as a bridge target for an external actor source.
 void removePropertyChangeListener(java.beans.PropertyChangeListener _l)
          Remove a listener to the bean.
 void removePropertyChangeListener(java.lang.String _propertyName, java.beans.PropertyChangeListener _l)
          Remove a listener to the bean.
 void removeRight(StringRight _right)
          UNUSED METHOD, to implement ACSRun.
protected  void removeRootForChildACS(ImmutableName _child, ACSObject _root)
          Removes an ACSObject which has no more relations with any opened child ACS, among the possible relations <ForChildAcsOpeningAndClosing>, <ForChildAcsOpeningNoClosing> and <ForChildAcsIntegrity>.
protected  void setAcsRelationsInIS(boolean _atCreation, boolean _atImport)
          Sets the maps and lists describing the relations of this ACS in the IS Name Tree.
 void setComment(java.lang.String _s)
          Set any comment related to this acs.
protected  void setEorIcon(java.lang.String _iconName)
          Used only by ACSFactoryImpl or a subclass.
protected  void setExternalOriented()
          The ACS is external oriented when it has at least one external AclEntry or one external Privilege, and thus at least one external resource, virtual folder or eligible party.
 void setIncompleteStructureModeling(boolean _b)
          Fires the event 'IncompleteStructureModeling'.
 void setL_TiedChildACS(java.util.List<ImmutableName> _l_names)
          A tied child ACS has to be opened when this instance is opened.
protected  void setOwnEPFoldersRootName(ImmutableName _name)
          Sets name of the root for the ACS own eligible party virtual folders.
protected  void setOwnGroupsRootName(ImmutableName _name)
          Set the name of the root for the ACS own groups.
protected  void setOwnResourceFoldersRootName(ImmutableName _name)
          Sets name of the root for the ACS own resource virtual folders.
protected  void setOwnResourcesRootName(ImmutableName _name)
          Set name of the root for the ACS own resources.
 java.lang.String toString()
          Get the name last component of the instance.
protected static ACSImpl valueOf(ImmutableName _iSname, ImmutableName _parentName, ImmutableName _name, java.lang.String _type, boolean _is_hub, java.lang.String _visibleSpace, java.util.SortedMap<java.lang.String,java.lang.Boolean> _m_structure, java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForStringValues, java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForNewObjects, java.util.HashMap<java.lang.String,StringRight[]> _m_constraintsForRightValues, java.util.HashMap<java.lang.String,StringRight[]> _m_SpecializedRights, StringRight[] _l_Rights, java.util.List<java.lang.String> _l_ImmutableRules, java.util.HashMap<java.lang.String,java.lang.String[]> _m_CommentsOnProperties, java.util.HashMap<java.lang.String,java.lang.String[]> _m_AcsVocabulary)
          Factory method to use for creating an instance.
protected static ACSImpl valueOfForGenericBase(ACSImpl _result, ImmutableName _iSname, ImmutableName _parentName, ImmutableName _name, java.lang.String _type, java.util.SortedMap<java.lang.String,java.lang.Boolean> _m_structure, java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForStringValues, java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForNewObjects, java.util.HashMap<java.lang.String,StringRight[]> _m_constraintsForRightValues, java.util.HashMap<java.lang.String,StringRight[]> _m_SpecializedRights, StringRight[] _l_Rights, java.util.List<java.lang.String> _l_ImmutableRules, java.util.HashMap<java.lang.String,java.lang.String[]> _m_CommentsOnProperties, java.util.HashMap<java.lang.String,java.lang.String[]> _m_AcsVocabulary)
          Factory method to use for creating an instance.
 
Methods inherited from class java.lang.Object
clone, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

LINUX

public static final java.lang.String LINUX
See Also:
Constant Field Values

GENERIC

public static final java.lang.String GENERIC
See Also:
Constant Field Values

serialVersionUID__

protected static final long serialVersionUID__
See Also:
Constant Field Values

PRIME

protected static final int PRIME
See Also:
Constant Field Values

INITIAL_CAPACITY_25

protected static final int INITIAL_CAPACITY_25
See Also:
Constant Field Values

INITIAL_CAPACITY_5

protected static final int INITIAL_CAPACITY_5
See Also:
Constant Field Values

INCREMENT_CAPACITY

protected static final int INCREMENT_CAPACITY
See Also:
Constant Field Values

MAX_FOR_TYPED_PRIVILEGES_NUMBER

protected static final int MAX_FOR_TYPED_PRIVILEGES_NUMBER
See Also:
Constant Field Values

iSname_

protected ImmutableName iSname_
Name of the IS which owns this ACS


name_

protected ImmutableName name_
Name of the acs, which starts with the IS name


parentName_

protected ImmutableName parentName_
Name of the parent acs in the IS nametree. May be null.


baseError_

protected BaseError baseError_
BaseError for this acs


m_Resources_

protected final java.util.SortedMap<ImmutableName,ImmutableResource> m_Resources_
Map of all the resources of this ACS


m_EligibleParties_

protected final java.util.SortedMap<ImmutableName,ImmutableEligibleParty> m_EligibleParties_
Map of all the eligible parties of this ACS


m_ConstraintsForNewObjects_

protected java.util.HashMap<java.lang.String,java.lang.String[]> m_ConstraintsForNewObjects_
Map of mandatory associations on the ACS new objects.


m_TypesAndGUIPolicy_

protected java.util.HashMap<java.lang.String,java.lang.String[]> m_TypesAndGUIPolicy_
Map of restrictions on the ACS types and the GUI creation/display policy


m_TypeOrientedPolicy_

protected java.util.HashMap<java.lang.String,java.lang.String[]> m_TypeOrientedPolicy_
Map of restrictions on the ACS GroupID/Node policy


m_StandardRights_

protected java.util.HashMap<java.lang.String,StringRight[]> m_StandardRights_
Map of restrictions on the ACS Right properties


m_SpecializedRights_

protected java.util.HashMap<java.lang.String,StringRight[]> m_SpecializedRights_
To extend or to reduce the allowed AGO, ACL, PRI rights following the target/source interface or type


l_ImmutableRules_

protected java.util.List<java.lang.String> l_ImmutableRules_
List of the ACS rules which are derivated from the structure, like 'AGO right: A rights overlay G rights'.


haveSpecializedRights_

protected boolean haveSpecializedRights_
true if some specialized rights have been set


l_AclEntry_

protected ImmutableAclEntry[] l_AclEntry_
All the open aclentries of this ACS


ownResourcesRootName_

protected ImmutableName ownResourcesRootName_

ownGroupsRootName_

protected ImmutableName ownGroupsRootName_

ownResourceFoldersRootName_

protected ImmutableName ownResourceFoldersRootName_

ownEPFoldersRootName_

protected ImmutableName ownEPFoldersRootName_

icon_

protected javax.swing.ImageIcon icon_
The icon of the aCS in the beamer - selected at the creation or the GUI uses the default value.


iconName_

protected java.lang.String iconName_

editor_

protected java.lang.String editor_

is_hub_

protected boolean is_hub_

visibleSpace_

protected java.lang.String visibleSpace_

l_OpenAcsControllerNames_

protected ImmutableName[] l_OpenAcsControllerNames_
the open controllers of this acs


comment_

protected java.lang.String comment_

l_Rights_

protected StringRight[] l_Rights_
all the (ACS or meta) rights managed in this acs


l_Privilege_

protected Privilege[] l_Privilege_
Array of all the ACS privileges


l_VirtualFolders_

protected VirtualFolder[] l_VirtualFolders_
Array of all the ACS virtual folders


categoriesInSpecializedRights_

protected java.util.Set<java.lang.String> categoriesInSpecializedRights_
The possible specialized right types are 'AccRightsSet', 'GpORightsSet', 'AclRightsSet', 'PrvRightsSet', 'BdgRightsSet'.


aCSType_

protected java.lang.String aCSType_
Defines the ACS type, which may be GENERIC, LINUX, WINDOWS, LDAP... or a user-defined type. ACSImpl.GENERIC is the default value.


controlled_

protected boolean controlled_
True if this ACS has open controllers. They are others ACS which have external AclEntries or Privileges handling targets (not sources) from this ACS.


externalOriented_

protected boolean externalOriented_
if true, is a controller for other open ACS - that is the ACS has some open external AclEntries or Privileges.


l_ClosedAclEntriesACSNames_

protected java.util.Set<ImmutableName> l_ClosedAclEntriesACSNames_
Set of the ACS names of both controlled ACS and referenced ACS that control this ACS, which are in the closed acl entries


l_ClosedAclEntries_

protected java.util.Set<ImmutableAclEntry> l_ClosedAclEntries_
Set of only closed external aclEntries, that is those which have their ACS that is currently closed. BaseManagerImpl.importACS() handles directly this property.


l_ClosedPrivilegesACSNames_

protected java.util.Set<ImmutableName> l_ClosedPrivilegesACSNames_
Set of the ACS names of both controlled ACS and referenced ACS that control this ACS, which are in the closed privileges


l_ClosedPrivileges_

protected java.util.Set<PrivilegeForLinks> l_ClosedPrivileges_
Set of only closed external privileges, that is those which have their ACS that is currently closed. BaseManagerImpl.importACS() handles directly this property.


m_closedTargetsOfActorBridgeSources_

protected java.util.SortedMap<ImmutableName,ImmutableName> m_closedTargetsOfActorBridgeSources_
Map of the closed external Actor names which are targets of own actor bridge sources. The key is the own actor bridge source name. May be null. BaseManagerImpl.importACS() handles directly this property.


m_closedSourcesOfActorBridgeTargets_

protected java.util.SortedMap<ImmutableName,java.util.ArrayList<ImmutableName>> m_closedSourcesOfActorBridgeTargets_
Map of the closed external Actor names which are sources of own actor bridge targets. The key is the own actor bridge target name. May be null. BaseManagerImpl.importACS() handles directly this property.


m_Structure_

protected java.util.SortedMap<java.lang.String,java.lang.Boolean> m_Structure_
The active booleans which define the ACS structure and features. The name of the parameter is the key, and the Boolean value indicates if the parameter is managed by this ACS. By default, the parameter is not in this map as key, and the value to consider is then false. Some complementary, non-generic values are allowed for the AcsAddons. This map may be directly updated at the creation of an AcsAddon ACS, for adding new keys of non-generic immutable properties that are ridden by their proper AcsAddon classes.


l_TiedChildACSs_

protected java.util.ArrayList<ImmutableName> l_TiedChildACSs_
A child tied ACS has to be opened when this instance is opened. Like any child ACS, it has to be closed when this instance is closed, and it may be closed alone.


m_SubAndGroupPolicy_

protected java.util.HashMap<java.lang.String,java.lang.String[]> m_SubAndGroupPolicy_
Gets the subACS names and their mode (for Resources or for GroupIDs) and the root names for groups trees, as nodes to display in the explorer. A subACS is always open with its ACS. In the returned value, the key is the subACS name or a group root name, in one word, and the value is an array which may contain one or two items among the following values: , and .


m_BelongsToComposite_

protected java.util.HashMap<java.lang.String,ImmutableName> m_BelongsToComposite_
Immutable map which says if the ACS or a subACS belongs to a Composite ACS in the IS Name Tree.

In the returned value, the key is the subACS name, in one word, or the ACS name last component, and the value is the Composite name.


m_RootCommandsForAcsOpeningAndClosing_

protected java.util.HashMap<java.lang.String,java.lang.String[]> m_RootCommandsForAcsOpeningAndClosing_
For a child ACS, the list of the ACSObject roots in the parent ACS which have a root relation with this child ACS.

This relation set that the root parent ACSObject, or one of its property value, has to be there when the child ACS is opened, to ensure its ability to exist, and has to be closed or updated (for a property value) at its closing.


m_RootCommandsForAcsOpeningNoClosing_

protected java.util.HashMap<java.lang.String,java.lang.String[]> m_RootCommandsForAcsOpeningNoClosing_
For a child ACS, the list of the ACSObject roots in the parent ACS which have a root relation with this child ACS.

This relation set that the root parent ACSObject, or one of its property value, has to be there when the child ACS is opened, to ensure its ability to exist, but there is NO constraint at its closing.


m_RootCommandsForAcsIntegrity_

protected java.util.HashMap<java.lang.String,java.lang.String[]> m_RootCommandsForAcsIntegrity_
Get for a child ACS, the list of the ACSObject roots in the parent ACS which have a root relation with this child ACS.

This relation set that the root parent ACSObject, or one of its property value, has to be there when the child ACS is opened, to ensure its ability to work well, in other words, following its specifications.


m_RootsForChildACS_

protected java.util.Map<java.lang.String,ImmutableName[]> m_RootsForChildACS_
The map of the ACSObject roots which have with an opened or closed child ACS, a relation among those set by ACSFactoryUtilityImpl.getKeysForConstrainedChildACSMap(). These relations set that the deleting or the updating of the ACSObject will stop the child ACS or will modify its ability to work well. The key is the child ACS name in its String form, and the value is an array of the root names in this ACS.


m_CommentsOnProperties_

protected java.util.HashMap<java.lang.String,java.lang.String[]> m_CommentsOnProperties_
Map of the comments on each ACS property, to explain the simulation. Used with add/removeCommentsOnProperties().


l_RootNamesForAcsOpeningNoClosing_

protected java.util.List<ImmutableName> l_RootNamesForAcsOpeningNoClosing_
The list of the ACSObject roots of this ACS in an opened parent ACS, where each root remains in the parent ACS at the closing of this ACS.


m_AcsVocabulary_

protected java.util.HashMap<java.lang.String,java.lang.String[]> m_AcsVocabulary_
The ACS vocabulary defines several independant domains:

- How to name the L_ACS_TREE_GENERIC_UPPER_NODES constants for this ACS, as names of the ACS tree nodes in the proper ACS internal frame. An example is to replace the tree node 'Actors (right user target)' by 'Scripts'.

- If the ACS is an AcsAddon, what are the generic gBase classes that are subclassed in the AcsAddon gBase package (see L_CLASSIC_CLASS_KEYS), like when the Addon Ubuntu subclasses ResourceImpl with ResourceUbuntuImpl.

- If the ACS is an AcsAddon, what are the specific new classes in the AcsAddon gBase package (see ACSADDON_NEW_CLASSES). In this case, the class names are separated by one space, like in 'ExecutableUbuntu XXXXUbuntu YYYYUbuntu'. The default value is ACSFactoryUtilityImpl.M_GENERIC_ACS_VOCABULARY.

See Also:
ACSFactoryUtilityImpl.M_GENERIC_ACS_VOCABULARY, ACSFactoryUtilityImpl.L_ACS_TREE_GENERIC_UPPER_NODES, ACSFactoryUtilityImpl.L_ACS_TREE_UPPER_NODES_FOR_ONE_ACS, ACSFactoryUtilityImpl.L_CLASSIC_CLASS_KEYS, ACSFactoryUtilityImpl.ACSADDON_EXTENSION_CLASSES

containsBridgeTarget_

protected transient boolean containsBridgeTarget_
if true, contains at most one actor which is a bridge target for another-ACS actor.


containsBridgeSource_

protected transient boolean containsBridgeSource_
if true, contains at most one actor which is a bridge source for another-ACS actor.


containsRootActions_

protected transient boolean containsRootActions_
if true, contains some root actions and then, some ACS roots in other ACS.


m_ActorBridgeTargets_

protected transient java.util.Map<ImmutableName,ImmutableActor> m_ActorBridgeTargets_
Map (ImmutableName, Actor) of own Actors which are bridge targets for external actor sources. Used only in the two methods removeOwnActorBridgeTarget. The key is the external actor bridge source name.


l_ActorBridgeTargets_

protected transient java.util.List<ImmutableActor> l_ActorBridgeTargets_
List of own Actors which are bridge targets for external actors. One actor may be the target of several sources. Synchronized with m_ActorBridgeTargets_.


l_ActorBridgeSources_

protected transient java.util.List<ImmutableActor> l_ActorBridgeSources_
List of own Actors which are bridge sources for external actors.


l_NoRightProxyActors_

protected transient java.util.List<ImmutableActor> l_NoRightProxyActors_
List of own Actors which are not right proxies, then which are secure and without any trojan able to deliver hidden rights to the right users executing these actors. The default state of right proxy is based on no confidence in the security of actor code, because no code failure is an exception. Thus, setting an actor as been not a right proxy is an important user choice to do with caution.


changeSupport_

protected transient java.beans.PropertyChangeSupport changeSupport_
manage all the property change listeners


l_RootNamesForAcsOpeningWithClosing_

protected transient java.util.List<ImmutableName> l_RootNamesForAcsOpeningWithClosing_
The list of the ACSObject roots of this ACS in an opened parent ACS, where each root has to be in the parent ACS at the opening of this ACS, and it is deleted at the closing of the ACS.


l_RootNamesForAcsIntegrity_

protected transient java.util.List<ImmutableName> l_RootNamesForAcsIntegrity_
The list of the ACSObject roots of this ACS in an opened parent ACS, where each root in the parent ACS has some property updatings which may weaken the integrity of this ACS.


m_RightsOfInternalKey_

protected transient java.util.SortedMap<java.lang.String,StringRight[]> m_RightsOfInternalKey_
Gets the ACS rights and the metarights this ACS handles and for a given internal key value of the associated metaright. The map key is the metaright internal key. This map is always filled up by fillRightsOfInternalKey(), called by BaseManagerImpl.restoreACSInternalLinks() at each opening and ACS import, and by valueOfForGenericBase() at the ACS creation.


EMPTY_INSTANCE

public static final ACSImpl EMPTY_INSTANCE
A reusable empty instance for initialization, to avoid the use of 'new' for temporary values. Caution: never change the state of the returned instance.


serialPersistentFields

public static final java.io.ObjectStreamField[] serialPersistentFields
variable for the JDK 2 serialization

Constructor Detail

ACSImpl

public ACSImpl()
Default constructor used by valueOf() and the subclasses

Method Detail

valueOf

protected static ACSImpl valueOf(ImmutableName _iSname,
                                 ImmutableName _parentName,
                                 ImmutableName _name,
                                 java.lang.String _type,
                                 boolean _is_hub,
                                 java.lang.String _visibleSpace,
                                 java.util.SortedMap<java.lang.String,java.lang.Boolean> _m_structure,
                                 java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForStringValues,
                                 java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForNewObjects,
                                 java.util.HashMap<java.lang.String,StringRight[]> _m_constraintsForRightValues,
                                 java.util.HashMap<java.lang.String,StringRight[]> _m_SpecializedRights,
                                 StringRight[] _l_Rights,
                                 java.util.List<java.lang.String> _l_ImmutableRules,
                                 java.util.HashMap<java.lang.String,java.lang.String[]> _m_CommentsOnProperties,
                                 java.util.HashMap<java.lang.String,java.lang.String[]> _m_AcsVocabulary)
                          throws BaseError
Factory method to use for creating an instance. Called by ACSFactoryImpl.createdACS(). Does not register the new instance in BaseManagerImpl.

Parameters:
_iSname - is the IS name. May be null.
_parentName - is the name of the parent node in the IS nametree. No use if _iSname is null. May be null.
_name - is the acs name
_type - is ACSImpl.GENERIC (default value), LINUX, another ACSImpl constant or another user-defined value. Must be non-null. No use if _l_structure is null: the type is then set to LINUX.
_is_hub - the IS nametree property for the ACS
_visibleSpace - the IS nametree property for the ACS
_m_structure - is the map of booleans which defines the ACS structure. Is null for LINUX-type ACS.
_m_constraintsForStringValues - is the map where the key is a String of an ACSObject interface (like Resource) ended by a bound property name (like ResourceType), with '.' as separator, and the value is a String array of the authorized values for this bound property (like {file, directory, executable, script...} for ResourceType). May be null.
_m_constraintsForNewObjects - is the map where the key is a String following one of the 7 possible formats, and the value is a String array of the authorized values among 17. May be null.
_m_constraintsForRightValues - is the map where the key is a String of an ACSObject interface (like Resource) ended by a bound property name (like the AGO GroupRights), with '.' as separator, and the value is a StringRight array of the authorized values for this bound property (like {d, r, w, x} for GroupRights). Never null.
_m_SpecializedRights - is the map where the key is a quartet (object.domain.key.subkey) and the value is is a StringRight array of the authorized values. Never null.
_l_Rights - array of acsrights and/or metarights which are workable. Never null.
_l_ImmutableRules - list of the immutable rules derivated from the structure. Never null.
_m_CommentsOnProperties - comments on each ACS property, to explain the simulation. May be null.
_m_AcsVocabulary - defines several independant domains, like how to name the constants in Gui2.ACSTree.M_ACS_TREE_UPPER_NODES for this ACS, as names of the ACS nodes in the proper ACS internal frame, and, if this ACS is an AcsAddon, what are the subclassed classes in the generic gBase. May be null.
Returns:
the new ACSImpl
Throws:
BaseError - if _l_structure lenght is not 20, if there is a rule about _l_structure which is not applied, or if the ACS is already known by BaseManagerImpl.

valueOfForGenericBase

protected static ACSImpl valueOfForGenericBase(ACSImpl _result,
                                               ImmutableName _iSname,
                                               ImmutableName _parentName,
                                               ImmutableName _name,
                                               java.lang.String _type,
                                               java.util.SortedMap<java.lang.String,java.lang.Boolean> _m_structure,
                                               java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForStringValues,
                                               java.util.HashMap<java.lang.String,java.lang.String[]> _m_constraintsForNewObjects,
                                               java.util.HashMap<java.lang.String,StringRight[]> _m_constraintsForRightValues,
                                               java.util.HashMap<java.lang.String,StringRight[]> _m_SpecializedRights,
                                               StringRight[] _l_Rights,
                                               java.util.List<java.lang.String> _l_ImmutableRules,
                                               java.util.HashMap<java.lang.String,java.lang.String[]> _m_CommentsOnProperties,
                                               java.util.HashMap<java.lang.String,java.lang.String[]> _m_AcsVocabulary)
                                        throws BaseError
Factory method to use for creating an instance. Called only by valueOf() from this class and from the subclasses. Does not register the new instance in BaseManagerImpl.

Parameters:
_result - the ACS to configure
_iSname - is the IS name. May be null.
_parentName - is the name of the parent node in the IS nametree. No use if _iSname is null. May be null.
_name - is the acs name
_type - is ACSImpl.GENERIC (default value), LINUX, another ACSImpl constant or another user-defined value. Must be non-null. No use if _l_structure is null: the type is then set to LINUX.
_m_structure - is the map of booleans which defines the ACS structure. Is null for LINUX-type ACS.
_m_constraintsForStringValues - is the map where the key is a String of an ACSObject interface (like Resource) ended by a bound property name (like ResourceType), with '.' as separator, and the value is a String array of the authorized values for this bound property (like {file, directory, executable, script...} for ResourceType). May be null.
_m_constraintsForNewObjects - is the map where the key is a String following one of the 7 possible formats, and the value is a String array of the authorized values among 17. May be null.
_m_constraintsForRightValues - is the map where the key is a String of an ACSObject interface (like Resource) ended by a bound property name (like OthersRights), with '.' as separator, and the value is a StringRight array of the authorized values for this bound property (like {d, r, w, x} for OthersRights in Unix). Never null.
_m_SpecializedRights - is the map where the key is a quartet (object.domain.key.subkey) and the value is is a StringRight array of the authorized values. Never null.
_l_Rights - array of acsrights and/or metarights which are workable. Never null.
_l_ImmutableRules - list of the immutable rules derivated from the structure. Never null.
_m_CommentsOnProperties - comments on each ACS property, to explain the simulation. May be null.
_m_AcsVocabulary - defines several independant domains, like how to name the constants in Gui2.ACSTree.M_ACS_TREE_UPPER_NODES for this ACS, as names of the ACS nodes in the proper ACS internal frame, and, if this ACS is an AcsAddon, what are the subclassed classes in the generic gBase. May be null.
Returns:
the new ACSImpl
Throws:
BaseError - if _l_structure lenght is not 20, if there is a rule about _l_structure which is not applied, or if the ACS is already known by BaseManagerImpl.

copy

public static ACSImpl copy(ImmutableName _iSname,
                           ImmutableName _parentName,
                           ImmutableName _name,
                           boolean _is_hub,
                           java.lang.String _visibleSpace,
                           ACSImpl _acs,
                           boolean _toRegisterInManager)
                    throws BaseError
NO USE. TO REVIEW. This method creates an ACS copy with another name, without registering it. This copy method breaks the copy() standard form. Each internal variable that is an external object reference has a shallow copy (no deep copy). The order of copy is:

- EligibleParties, excepted for Actors,

- Resources (including Actors), with their aclEntries,

- Privileges

The GroupIDMembers are copied and registered in the copied GroupID. The bridge source is copied with its link to the same bridge target, and the bridge target is copied with its link to a copied new source. The copy does not cover the links with closed ACS, both the aclEntries links and bridge links, and does not copy the associations.

Calls BaseUtilityImpl.copyDirectoryChildrenForACS() and EligibleParty.copyWithoutAcl().

Parameters:
_iSname - is the IS name; may be null
_parentName - is the name of the parent node in the IS nametree; may be null only if _iSname is null
_name - of the ACS. It is copied.
_is_hub - is true if the ACS is a node hub, which means that for this node, any direct child may have exchanges with any other direct child, if the rights allow them.
_visibleSpace - is a NameISTreeImpl constant which defines the nodes in the IS nametree which are visible from this ACS node
_acs - is the ACSImpl to copy.
_toRegisterInManager - true to register the copy in BaseManagerImpl.
Returns:
ACSImpl as copy
Throws:
BaseError - if _iSname or _name is null or already known in BaseManagerImpl, or if _acs is not known

getHaveSpecializedRights

public boolean getHaveSpecializedRights()
Called by BeamerManager.getNotDisplayThisProperty().

Specified by:
getHaveSpecializedRights in interface ImmutableACS
Returns:
true if some specialized rights have been defined in this ACS.

getISName

public final ImmutableName getISName()
Get the name of the information system which owns this acs.

Specified by:
getISName in interface ACSRun
Returns:
a copy of the IS name. May be empty, but not null.

getName

public final ImmutableName getName()
Get the BaseObject name. The information system name is the first part of the name, if it is non-null.

Specified by:
getName in interface BaseObject
Returns:
a copy of the ACS name. May be empty, but not null.

getFullName

public ImmutableName getFullName()
The full name is unique for the Access Road program. Its is equal to the ACS name.

Specified by:
getFullName in interface BaseObject
Returns:
a copy of the name. May be empty, but not null.

getNickName

public java.lang.String getNickName()
This short name is NOT always unique for the Access Road program.

Specified by:
getNickName in interface BaseObject
Returns:
the ACS name last component. Never null.

getParentName

public ImmutableName getParentName()
Gets the mandatory parent name for the ACS in the IS nametree.

Specified by:
getParentName in interface ACSRun
Specified by:
getParentName in interface ImmutableACS
Returns:
the parent name. Never null nor empty.

getACSType

public java.lang.String getACSType()
Returns the ACS type, as ACSImpl.GENERIC, LINUX, or defined by the user, and it is completed by the ACS policy checksum.

Specified by:
getACSType in interface ACSRun
Returns:
the acs type

getIsControlled

public boolean getIsControlled()
True if an other open ACS controls this ACS, that is has an external AclEntry or Linked Privilege for a resource or a virtual folder from this ACS. If an another ACS has an external AclEntry or Privilege which is connected to an eligible party from this ACS, this ACS is NOT controlled. The concept of control is for targets only.

Specified by:
getIsControlled in interface ImmutableACS
Returns:
true if this ACS is controlled by one or several ACS

getIconName

public java.lang.String getIconName()
Specified by:
getIconName in interface ImmutableACS
Returns:
the name of the icon associated to the ACS. May be null.

getEorIcon

public javax.swing.ImageIcon getEorIcon()
Specified by:
getEorIcon in interface ImmutableACS
Returns:
the icon associated to the ACS. May be null.

getEditorAndAddonNames

public java.lang.String getEditorAndAddonNames()
The form is 'Editor: full_editor_name - AcsAddon: addon_name'. It is derived from the values returned by BaseManagerImpl.getL_AcsAddonDescriptors(). The AcsAddon name is 'NONE' if the ACS is not from an AcsAddon. This is a simple copy of the values in the vocabulary map. Caution: the full editor name is at the key ACSFactoryUtilityImpl.ACSADDON_EDITOR, not at the key ACSFactoryUtilityImpl.ACSADDON_PACKAGE_EDITOR.

Specified by:
getEditorAndAddonNames in interface ACSCatalog
Returns:
the full editor name and the AcsAddon name for the ACS. Never null.

getIsFromAcsAddon

public boolean getIsFromAcsAddon()
To detect an AcsAddon, this method tests (ACS.getClass().toString().indexOf("ARoad0.AcsAddon.") != -1).

Specified by:
getIsFromAcsAddon in interface ImmutableACS

getSerialVersionUID

public long getSerialVersionUID()
Specified by:
getSerialVersionUID in interface ImmutableCommonBase
Returns:
long is the serialVersionUID used by the serialization process.

getEorBaseError

public BaseError getEorBaseError()
Specified by:
getEorBaseError in interface ImmutableCommonBase
Returns:
the BaseError instance

getEorM_Resources

public final java.util.SortedMap<ImmutableName,ImmutableResource> getEorM_Resources()
The resources are own or external ones. They may be directories, actors or nx executables. May be called from a view worker thread.

Specified by:
getEorM_Resources in interface ACSCatalog
Returns:
SortedMap of registered open resources. Unmodifiable map where the name is the key.

getEorM_EligibleParties

public final java.util.SortedMap<ImmutableName,ImmutableEligibleParty> getEorM_EligibleParties()
The eligible parties are own or external ones. They may be accounts, groups or actors. Called in the generic access paths search, then may be called from a view worker thread.

Specified by:
getEorM_EligibleParties in interface ACSCatalog
Returns:
SortedMap of registered open eligible parties. Unmodifiable map where the name is the key.

getEorM_OwnEligibleParties

public final java.util.SortedMap<ImmutableName,ImmutableEligibleParty> getEorM_OwnEligibleParties()
Copy of the own eligible parties in a new map.

Specified by:
getEorM_OwnEligibleParties in interface ACSCatalog
Returns:
SortedMap of registered own eligible parties in the ACS base. Unmodifiable map where the name is the key. Returns a subset of the getEorM_EligibleParties method, thus it is slower.

getEorM_OwnResources

public final java.util.SortedMap<ImmutableName,ImmutableResource> getEorM_OwnResources()
Copy of the own resources in a new map.

Specified by:
getEorM_OwnResources in interface ACSCatalog
Returns:
SortedMap of registred own resources copies, for which it is the main ACS. Unmodifiable map where the name is the key. Returns a subset of the getEorM_Resources method, thus it is slower.

getEorM_OwnNoParentResources

public final java.util.SortedMap<ImmutableName,ImmutableResource> getEorM_OwnNoParentResources()
Copy of the own no-parent resources in a new map.

Specified by:
getEorM_OwnNoParentResources in interface ACSCatalog
Returns:
SortedMap of registred own resources copies, for which there is no parent. Unmodifiable map where the name is the key. Returns a subset of the getEorM_Resources method, thus it is much slower.

getEorM_ExternalResources

public final java.util.SortedMap<ImmutableName,ImmutableResource> getEorM_ExternalResources()
Copy of the external resources in a new map. They are defined as owned by another ACS but controlled by this ACS through an external AclEntry or Linked Privilege.

Specified by:
getEorM_ExternalResources in interface ACSCatalog
Returns:
SortedMap of registred external resources copies, for which it is NOT the main ACS. Unmodifiable map where the name is the key. Returns a subset of getEorM_Resources(), thus it is slower. May be empty but never null.

getEorM_ExternalEligibleParties

public final java.util.SortedMap<ImmutableName,ImmutableEligibleParty> getEorM_ExternalEligibleParties()
Copy of the external eligible parties in a new map. They are defined as owned by another ACS but having rights through an external AclEntry or Linked Privilege that is managed by this ACS.

Specified by:
getEorM_ExternalEligibleParties in interface ACSCatalog
Returns:
SortedMap of registred external eligible party copies, for which it is NOT the main ACS. Unmodifiable map where the name is the key. Returns a subset of getEorM_EligibleParty(), thus it is slower. May be empty but never null.

getEorL_ExternalVirtualFolders

public final VirtualFolder[] getEorL_ExternalVirtualFolders()
Copy of the external virtual folders in a new array. They are defined as owned by another ACS but having rights through an external Privilege that is managed by this ACS.

Specified by:
getEorL_ExternalVirtualFolders in interface ACSCatalog
Returns:
copy of the virtual folders list. May be null.

getEorM_Actors

public java.util.SortedMap<ImmutableName,ImmutableActor> getEorM_Actors()
Copy of all the actors in a new map. The actors are controlled resources; they are internal or external. They can't be external eligible actors, referenced in some AclEntries.

Specified by:
getEorM_Actors in interface ACSCatalog
Returns:
new SortedMap of registred actors. Unmodifiable map where the name is the key. Return a subset of getM_Resources(), thus it is slower.

getEorM_OwnActors

public java.util.SortedMap<ImmutableName,ImmutableActor> getEorM_OwnActors()
Copy of the own actors in a new map. Get new unmodifiable SortedMap of registred own actors, for which it is the main ACS.

Specified by:
getEorM_OwnActors in interface ACSCatalog
Returns:
unmodifiable SortedMap of registered own actors, for which it is the main ACS. Unmodifiable map where the name is the key. Return a subset of getM_OwnResources(), thus it is slower than getM_OwnResources().

getEorL_NoRightProxyActors

public java.util.List<ImmutableActor> getEorL_NoRightProxyActors()
List of own Actors which are not right proxies, then which are supposed to be secure and without any virus able to deliver rights to the rights users which execute these actors. The default state is to be a right proxy, that is to suppose no confidence in the security of actor code. For the user, it is an important choice to set an actor as not been a right proxy.

Returns:
unmodifiable List of actors. May be empty.

getNumberOfResources

public int getNumberOfResources()
Gets the number of own resources in the ACS, without the external objects. The returned value is not updated through a property change.

Specified by:
getNumberOfResources in interface ACSCatalog
Returns:
number of resources owned by the ACS

getNumberOfEPs

public int getNumberOfEPs()
Gets the number of own eligible parties in the ACS, without the external objects. The returned value is not updated through a property change.

Specified by:
getNumberOfEPs in interface ACSCatalog
Returns:
number of eligible parties owned by the ACS

getOwnResourcesRootName

public ImmutableName getOwnResourcesRootName()
The current root is the single directory without parent, if any. If there are two or more directories without parent, returns an empty name.

Specified by:
getOwnResourcesRootName in interface ImmutableACS
Returns:
Never null. May be equal to NameImpl.EMPTY_INSTANCE.

getOwnGroupsRootName

public ImmutableName getOwnGroupsRootName()
The current root is the first non-finalized group without parent which has been created.

Specified by:
getOwnGroupsRootName in interface ImmutableACS
Returns:
name of the root for the recorded own groups in the ACS base. May be equal to NameImpl.EMPTY_INSTANCE.

getOwnResourceFoldersRootName

public ImmutableName getOwnResourceFoldersRootName()
The current root is the first non-finalized virtual folder for resources without parent which has been created.

Specified by:
getOwnResourceFoldersRootName in interface ACSCatalog
Specified by:
getOwnResourceFoldersRootName in interface ImmutableACS
Returns:
name of the root for the recorded virtual folders in the ACS base. May be equal to NameImpl.EMPTY_INSTANCE.

getOwnEPFoldersRootName

public ImmutableName getOwnEPFoldersRootName()
The current root is the first non-finalized virtual folder for eligible parties, without parent which has been created.

Specified by:
getOwnEPFoldersRootName in interface ACSCatalog
Specified by:
getOwnEPFoldersRootName in interface ImmutableACS
Returns:
name of the root for the recorded virtual folders in the ACS base. May be equal to NameImpl.EMPTY_INSTANCE.

getEorL_AclEntries

public ImmutableAclEntry[] getEorL_AclEntries()
Get the internal and external AclEntries managed by this ACS. They connect a resource and an eligible party from this ACS or from other ones. They can't be deleted directly. Use their resources for doing that.

Specified by:
getEorL_AclEntries in interface ACSCatalog
Returns:
ImmutableAclEntry[]: copy of the AclEntries of this ACS. May be null, with empty aclEntries, or equal to 'new AclEntryImpl[] {new AclEntryImpl()}'.

getEorL_ExternalAclEntries

public ImmutableAclEntry[] getEorL_ExternalAclEntries()
Get the external AclEntries managed by this ACS. They connect a resource and an eligible party, and at least one of them is an external object for this ACS.

Returns:
copy of the external AclEntries of this ACS. May be null.

getOneAclEntryFromDetailledName

public AclEntry getOneAclEntryFromDetailledName(java.lang.String _detailledName)
Gets an AclEntry managed by this ACS from its detailled name.

Specified by:
getOneAclEntryFromDetailledName in interface ACSCatalog
Parameters:
_detailledName - AclEntry detailled name
Returns:
the AclEntry may be null.

getL_Rights

public final StringRight[] getL_Rights()
Gets all the rights which are allowed in this ACS. May be metarights, which then do not belong to this ACS, or may be acsrights. Called in the generic access paths search, then may be called from a view worker thread.

Specified by:
getL_Rights in interface ACSRun
Returns:
all the rights used in this acs.

getFullControlRight

public StringRight getFullControlRight()
Gets the first acsright which has 'full_control' as metaright, or this metaright if no acsright complies this condition. 'full_control' metaright has 'deny_all' metaright as opposite.

Specified by:
getFullControlRight in interface ACSRun
Returns:
the right. Never null.

getOneRight

public final StringRight getOneRight(ImmutableName _name)
Gets a right which is registered by this ACS. It may be a StringMetaRight.

Specified by:
getOneRight in interface ACSRun
Parameters:
_name - is the name of the right, provided by StringRight.getName().
Returns:
the right. Null if it does not exist.

getOneRight

public final StringRight getOneRight(java.lang.String _right)
Gets a right which is registered by this ACS. It may be a StringMetaRight. Called by StringRightImpl.getRightFromNameAsString() and getL_SelectedAcsRights().

Specified by:
getOneRight in interface ACSRun
Parameters:
_right - is the right, provided by StringRight.getRight(). May be null.
Returns:
the right. Null if it does not exist.

getFirstRightFromMeta

public final StringRight getFirstRightFromMeta(java.lang.String _metaRight)
Gets the first right which is registered by this ACS with the correct metaright. Several acsrights in the ACS may be associated to the same metaright. It may be a StringMetaRight. It may be desactivated.

Specified by:
getFirstRightFromMeta in interface ACSRun
Parameters:
_metaRight - is the right of the metaright of the searched right, provided by StringRight.getRight().
Returns:
the first-found right. Null if it does not exist.

addRight

public void addRight(StringRight _right)
              throws CreateError
UNUSED METHOD, to implement ACSRun. Register a new acsright or a used metaright in this ACS. Not described in the BeanInfo.

Specified by:
addRight in interface ACSRun
Parameters:
_right - is the new right to register. Not null.
Throws:
CreateError - if the method is called.

removeRight

public void removeRight(StringRight _right)
                 throws UpDateError
UNUSED METHOD, to implement ACSRun. Unregisters a right in this ACS. Used by the StringRight.finalizeForUser() method. Not described in the BeanInfo. 'OneRight' is a bound property.

Specified by:
removeRight in interface ACSRun
Parameters:
_right - the right to unregister.
Throws:
UpDateError - if the right is null or not known.

getEorL_Privileges

public Privilege[] getEorL_Privileges()
Gets the privileges managed by this ACS. They may connect several resources and several eligible parties from this ACS.

Specified by:
getEorL_Privileges in interface ACSCatalog
Returns:
a copy of the privileges list. May be null or empty.

getOnePrivilegeFromDetailledName

public Privilege getOnePrivilegeFromDetailledName(java.lang.String _detailledName)
Gets a privilege managed by this ACS from its detailled name.

Specified by:
getOnePrivilegeFromDetailledName in interface ACSCatalog
Parameters:
_detailledName - the privilege detailled name
Returns:
the Privilege. May be null.

getEorL_PrivilegeForLinks

public java.util.List<Privilege> getEorL_PrivilegeForLinks()
Gets all the PrivilegeForLinks of the ACS, not the PrivilegeForTypes.

Specified by:
getEorL_PrivilegeForLinks in interface ACSCatalog
Returns:
List of PrivilegeForLinks. May be empty and then immutable, but never null.

getEorL_PrivilegeForTypes

public java.util.List<Privilege> getEorL_PrivilegeForTypes()
Gets all the PrivilegeForTypes of the ACS.

Specified by:
getEorL_PrivilegeForTypes in interface ACSCatalog
Returns:
List of PrivilegeForTypes. May be empty and then immutable, but never null.

getEorL_PrivilegeForTypesForSource

public java.util.List<Privilege> getEorL_PrivilegeForTypesForSource(java.lang.String _type)
Gets all the PrivilegeForTypes which have the right source type. The key word 'immutable' is removed before the comparison of types. There is an inverse method gWorkInterface.LinkRights.getEorL_SourcesForPrivilegeForType(). Caution: works for TYPED, TYPED_CLASSED, TYPED_CLASSED_SPECIFIC privileges, but not for TYPED_FOR_SEED privileges. Called by BasicImpl.setType() only for for TYPED and TYPED_CLASSED privileges. Calls UtilityImpl.getObjectTypeWithoutImmutable().

Specified by:
getEorL_PrivilegeForTypesForSource in interface ACSCatalog
Parameters:
_type - is the source type or, for TYPED_CLASSED_SPECIFIC, it is the source name. No action if null.
Returns:
List of PrivilegeForTypes. May be empty and then immutable, but never null.

getEorL_PrivilegeForTypesForTarget

public java.util.List<Privilege> getEorL_PrivilegeForTypesForTarget(java.lang.String _type)
Gets all the PrivilegeForTypes which have the right target type. The key word 'immutable' is not taken in account in the comparison of types. There is an inverse method gWorkInterface.LinkRights.getEorL_TargetsForPrivilegeForType(). Caution: works for TYPED, TYPED_CLASSED, TYPED_CLASSED_SPECIFIC privileges, but not for TYPED_FOR_SEED privileges. Called by BasicImpl.setType() and VirtualFolderImpl.setType() only for for TYPED and TYPED_CLASSED privileges. Calls UtilityImpl.getObjectTypeWithoutImmutable().

Specified by:
getEorL_PrivilegeForTypesForTarget in interface ACSCatalog
Parameters:
_type - is the target type or, for TYPED_CLASSED_SPECIFIC, it is the target name. No action if null.
Returns:
List of PrivilegeForTypes. May be empty and then immutable, but never null.

getEorL_VirtualFolders

public VirtualFolder[] getEorL_VirtualFolders()
Gets the virtual folders managed by this ACS. Called in the generic access paths search, then may be called from a view worker thread.

Specified by:
getEorL_VirtualFolders in interface ACSCatalog
Returns:
VirtualFolder[] is a copy of the virtual folders list. May be empty or null.

getEorL_ResourceVirtualFolders

public java.util.List<VirtualFolder> getEorL_ResourceVirtualFolders()
Gets the virtual folders managed by this ACS and which contain only resources.

Specified by:
getEorL_ResourceVirtualFolders in interface ACSCatalog
Returns:
the relevant virtual folders. May be empty but not null.

getEorL_EPVirtualFolders

public java.util.List<VirtualFolder> getEorL_EPVirtualFolders()
Gets the virtual folders managed by this ACS and which contain only eligible parties.

Specified by:
getEorL_EPVirtualFolders in interface ACSCatalog
Returns:
List of the virtual folders list. May be empty but not null.

getOneVirtualFolder

public VirtualFolder getOneVirtualFolder(ImmutableName _name)
Gets a virtual folder managed by this ACS.

Specified by:
getOneVirtualFolder in interface ACSCatalog
Parameters:
_name - is the folder name
Returns:
the VirtualFolder - May be null.

getL_AcsControllers

public final ImmutableName[] getL_AcsControllers()
Gets all the open ACS that have an external AclEntry or an external Linked Privilege for a resource or a virtual folder from this ACS. For compatibility purpose about the version 0.7.0, this method removes the null values in the array.

Specified by:
getL_AcsControllers in interface ACSCatalog
Returns:
the open ACS controller names. May be empty but not null. No null value in the array.

getEorL_OwnActorBridgeSources

public final java.util.List<ImmutableActor> getEorL_OwnActorBridgeSources()
Gets all the own actors which are bridge sources for external actors.

Specified by:
getEorL_OwnActorBridgeSources in interface ACSCatalog
Returns:
List of ImmutableActors. May be empty but not null.

getEorL_OwnActorBridgeTargets

public final java.util.List<ImmutableActor> getEorL_OwnActorBridgeTargets()
Gets all the own actors which are bridge targets for external actors. A returned value may be a bridge target for several sources in other ACS.

Specified by:
getEorL_OwnActorBridgeTargets in interface ACSCatalog
Returns:
List of ImmutableActor. May be empty but not null.

getIncompleteStructureModeling

public boolean getIncompleteStructureModeling()
The modeling of the structure is incomplete when some ACSObjects miss while they participate to the decision for some important access controls, or simply when these missed ACSObjects are important for the overall ACS security, or when their important relations with some other ACSObjects are not set. On the other hand, the modeling remains complete if some secondary ACSObjects are not modeled, like for instance image files in an operating system file system. When the modeling of an ACS structure is incomplete, all the views which use this ACS are set incomplete in their results.

Specified by:
getIncompleteStructureModeling in interface ACSCatalog
Returns:
true if the modeling of the ACS structure is incomplete.

setIncompleteStructureModeling

public void setIncompleteStructureModeling(boolean _b)
Fires the event 'IncompleteStructureModeling'. Note: if the structure map does not contain the key 'access metarule: incomplete modeling of the ACS structure', this method throws a NullPointerException.

Specified by:
setIncompleteStructureModeling in interface ACS
Parameters:
_b - true if the modeling of the ACS structure is incomplete.
Since:
0.7.0

getIncompleteBehaviorModeling

public boolean getIncompleteBehaviorModeling()
The modeling of the behavior is incomplete when important constraints on ACSObjects are not modelled, for instance to set their allowed rights, or their effective default rights. On the other hand, the modeling remains complete if some secondary relations or constraints are not modeled by the program, like for instance the presence of image files in an operating system file system for a given application software. The user may complements manually the properties of an ACSObject for which the behavior has not been totally defined in the ACS model. When the modeling of an ACS behavior is incomplete, the views which use this ACS remain complete in their results, but the creation or deletion of a new ACSObject should be reviewed by the user to ensure that all the properties are still well defined in the ACS.

Specified by:
getIncompleteBehaviorModeling in interface ACSCatalog
Returns:
true if the modeling of the ACS behavior is incomplete.

getHubProperty

public boolean getHubProperty()
Gets the hub property for the ACS node in the IS nametree. This property is not described in the BeanInfo. It is a simple copy of the IS nametree property.

Specified by:
getHubProperty in interface ImmutableACS
Returns:
the 'is_hub' property
Since:
0.7.0

getVisibleSpace

public java.lang.String getVisibleSpace()
Gets the visible space for the ACS in the IS nametree. This property is not described in the BeanInfo. It is a simple copy of the IS nametree property.

Specified by:
getVisibleSpace in interface ImmutableACS
Returns:
the visible space property
Since:
0.7.0

getTiedToParentACS

public boolean getTiedToParentACS()
Description copied from interface: ImmutableACS
Gets the IS nametree property.

Specified by:
getTiedToParentACS in interface ImmutableACS
Returns:
true if the acs is tied to its parent acs.
Since:
0.7.0

getManageResources

public boolean getManageResources()
May be called from a view worker thread.

Specified by:
getManageResources in interface ACSCatalog
Returns:
true if the resources are managed.

getManageResourceTrees

public boolean getManageResourceTrees()
May be called from a view worker thread.

Specified by:
getManageResourceTrees in interface ACSCatalog
Returns:
true if the resource trees are managed.

getManageAccounts

public boolean getManageAccounts()
May be called from a view worker thread.

Specified by:
getManageAccounts in interface ACSCatalog
Returns:
true if the accounts (or users) are managed.

getManageGroups

public boolean getManageGroups()
May be called from a view worker thread.

Specified by:
getManageGroups in interface ACSCatalog
Returns:
true if the groups of accounts are managed.

getManageGroupTrees

public boolean getManageGroupTrees()
May be called from a view worker thread. Caution: the name of this method is confusing, because a collection of nested groups may be more than one single group tree.

Specified by:
getManageGroupTrees in interface ACSCatalog
Returns:
true if the nested groups are managed

getManageInternalAcls

public boolean getManageInternalAcls()
May be called from a view worker thread.

Specified by:
getManageInternalAcls in interface ACSCatalog
Returns:
true if the internal acl entries are managed.

getManageExternalAcls

public boolean getManageExternalAcls()
May be called from a view worker thread.

Specified by:
getManageExternalAcls in interface ACSCatalog
Returns:
true if the external AclEntries are managed, as controler of other-acs objects, and/or as acs which is controled by other acs.

getManageFlexibleConditionalAcls

public boolean getManageFlexibleConditionalAcls()
The ACS cannot manage this property and the right-defined conditional ACLs. May be called from a view worker thread.

Specified by:
getManageFlexibleConditionalAcls in interface ACSCatalog
Returns:
true if the flexible conditional AclEntries are managed
Since:
0.7.0

getManageRightDefinedConditionalAcls

public boolean getManageRightDefinedConditionalAcls()
The ACS cannot manage this property and the flexible conditional ACLs. May be called from a view worker thread.

Specified by:
getManageRightDefinedConditionalAcls in interface ACSCatalog
Returns:
true if the right-defined conditional AclEntries are managed.
Since:
0.7.0

getManageACLRightsInheritance

public boolean getManageACLRightsInheritance()
May be called from a view worker thread.

Specified by:
getManageACLRightsInheritance in interface ACSCatalog
Returns:
true if the aclentry rights inheritance from the parent are managed (not necessary all these rights).

getManageActors

public boolean getManageActors()
May be called from a view worker thread.

Specified by:
getManageActors in interface ACSCatalog
Returns:
true if the actors are managed.

getManageDirectoryEPs

public boolean getManageDirectoryEPs()
May be called from a view worker thread.

Specified by:
getManageDirectoryEPs in interface ACSCatalog
Returns:
true if the directoryEP are managed.

getManageBridges

public boolean getManageBridges()
May be called from a view worker thread.

Specified by:
getManageBridges in interface ACSCatalog
Returns:
true if the ACS bridges are managed.

getManageSecGroupsForActor

public boolean getManageSecGroupsForActor()
May be called from a view worker thread. Called in the access paths search, then may be called from a view worker thread.

Specified by:
getManageSecGroupsForActor in interface ACSCatalog
Returns:
true if the secondary groups are managed for actors; not applicable to DirectoryEPs

getManageAGORights

public boolean getManageAGORights()
May be called from a view worker thread.

Specified by:
getManageAGORights in interface ACSCatalog
Returns:
true if some account-group-other rights are managed (not necessary all these rights).

getManageAGORightsInheritance

public boolean getManageAGORightsInheritance()
May be called from a view worker thread.

Specified by:
getManageAGORightsInheritance in interface ACSCatalog
Returns:
true if Account-Group rights inheritance from the parent are managed (not necessary all these rights).
Since:
0.7.0

getManagePrivilegeRights

public boolean getManagePrivilegeRights()
May be called from a view worker thread.

Specified by:
getManagePrivilegeRights in interface ACSCatalog
Returns:
true if the privileges are managed.
Since:
0.7.0

getManageVirtualFolders

public boolean getManageVirtualFolders()
May be called from a view worker thread.

Specified by:
getManageVirtualFolders in interface ACSCatalog
Returns:
true if the virtual folders are managed for the ACS.
Since:
0.7.0

getManageSimpleLinkedPrivileges

public boolean getManageSimpleLinkedPrivileges()
May be called from a view worker thread.

Specified by:
getManageSimpleLinkedPrivileges in interface ACSCatalog
Returns:
true if the simple linked privilege rights are managed.
Since:
0.7.0

getManageSimpleTypedPrivileges

public boolean getManageSimpleTypedPrivileges()
May be called from a view worker thread.

Specified by:
getManageSimpleTypedPrivileges in interface ACSCatalog
Returns:
true if the simple typed privilege rights are managed.
Since:
0.7.0

getManageIfAllSourceLinkedPrivileges

public boolean getManageIfAllSourceLinkedPrivileges()
May be called from a view worker thread.

Specified by:
getManageIfAllSourceLinkedPrivileges in interface ACSCatalog
Returns:
true if the if-all-sources linked privilege rights are managed.
Since:
0.7.0

getManageInternalForOneToOneLinkedPrivileges

public boolean getManageInternalForOneToOneLinkedPrivileges()
May be called from a view worker thread.

Specified by:
getManageInternalForOneToOneLinkedPrivileges in interface ACSCatalog
Returns:
true if the internal one-to-one linked privilege rights are managed.
Since:
0.7.0

getManageExternalForOneToOneLinkedPrivileges

public boolean getManageExternalForOneToOneLinkedPrivileges()
May be true if the privileges are managed but all the other privilege features are not managed, to allow an own component (source or target) in the privilege of another ACS. Managing external privileges always implies that all the own sources of this ACS may have an inner external privilege. To allow an own resource or an own virtual folder of this ACS to get an inner external privilege, the privileges in resources or in virtual folders have to be managed. This allows to limit the inner external privileges to the own sources of the ACS, excluding the own targets, if there are no internal privileges to manage. On the other hand, having internal privileges means that the inner external privileges always accept as target an own resource or own virtual folder.

Specified by:
getManageExternalForOneToOneLinkedPrivileges in interface ACSCatalog
Returns:
true if the external one-to-one linked privilege rights are managed as inner privileges or as privileges of another ACS.
Since:
0.7.0

getManageClassedTypedPrivileges

public boolean getManageClassedTypedPrivileges()
May be called from a view worker thread.

Specified by:
getManageClassedTypedPrivileges in interface ACSCatalog
Returns:
true if the classed typed privilege rights are managed.
Since:
0.7.0

getManageClassedSpecificTypedPrivileges

public boolean getManageClassedSpecificTypedPrivileges()
May be called from a view worker thread.

Specified by:
getManageClassedSpecificTypedPrivileges in interface ACSCatalog
Returns:
true if the classed specific typed privilege rights are managed, for designated source and target.
Since:
0.7.0

getManageAuthorizationServerTypedPrivileges

public boolean getManageAuthorizationServerTypedPrivileges()
May be called from a view worker thread.

Specified by:
getManageAuthorizationServerTypedPrivileges in interface ACSCatalog
Returns:
true if the typed privilege rights for authorization servers are managed.
Since:
0.7.0

getManageGrantingRightPrivileges

public boolean getManageGrantingRightPrivileges()
May be called from a view worker thread.

Specified by:
getManageGrantingRightPrivileges in interface ACSCatalog
Returns:
true if the granting rights in privileges are managed.
Since:
0.7.0

getManageDenyingRightPrivileges

public boolean getManageDenyingRightPrivileges()
May be called from a view worker thread.

Specified by:
getManageDenyingRightPrivileges in interface ACSCatalog
Returns:
true if the denying rights in privileges are managed.
Since:
0.7.0

getManagePrivilegesInResources

public boolean getManagePrivilegesInResources()
Caution: if getManageExternalForOneToOneLinkedPrivileges() returns true, the privilege of another ACS may always have as target a Resource of this ACS. May be called from a view worker thread.

Specified by:
getManagePrivilegesInResources in interface ACSCatalog
Returns:
true if the inner privileges in Resources are managed.
Since:
0.7.0

getManagePrivilegesInVirtualFolders

public boolean getManagePrivilegesInVirtualFolders()
Caution: if getManageExternalForOneToOneLinkedPrivileges() returns true, the privilege of another ACS may always have as target a VirtualFloder of this ACS. May be called from a view worker thread.

Specified by:
getManagePrivilegesInVirtualFolders in interface ACSCatalog
Returns:
true if the inner privileges in VirtualFolders are managed.
Since:
0.7.0

getManageLPRIRightsInheritance

public boolean getManageLPRIRightsInheritance()
May be called from a view worker thread.

Specified by:
getManageLPRIRightsInheritance in interface ACSCatalog
Returns:
true if the linked privilege rights inheritance from the parent are managed (not necessary all these rights).
Since:
0.7.0

getManageResourceVirtualFolders

public boolean getManageResourceVirtualFolders()
May be called from a view worker thread.

Specified by:
getManageResourceVirtualFolders in interface ACSCatalog
Returns:
true if the virtual folders of resources are managed for the ACS, and where actors are forbidden.
Since:
0.7.0

getManageEPVirtualFolders

public boolean getManageEPVirtualFolders()
May be called from a view worker thread.

Specified by:
getManageEPVirtualFolders in interface ACSCatalog
Returns:
true if the virtual folders of actors are managed for the ACS, and where other resources are forbidden.
Since:
0.7.0

getManageSimpleResourceVirtualFolders

public boolean getManageSimpleResourceVirtualFolders()
May be called from a view worker thread.

Specified by:
getManageSimpleResourceVirtualFolders in interface ACSCatalog
Returns:
true if the virtual folders of simple resources are managed for the ACS.

getManageDirectoryInResourceVirtualFolders

public boolean getManageDirectoryInResourceVirtualFolders()
May be called from a view worker thread.

Specified by:
getManageDirectoryInResourceVirtualFolders in interface ACSCatalog
Returns:
true if the resource virtual folders manage directories for the ACS.
Since:
0.7.0

getManageActorInEPVirtualFolders

public boolean getManageActorInEPVirtualFolders()
May be called from a view worker thread.

Specified by:
getManageActorInEPVirtualFolders in interface ACSCatalog
Returns:
true if the virtual folders of eligible parties manage actors for the ACS.
Since:
0.7.0

getManageDirectoryEPinEPVirtualFolders

public boolean getManageDirectoryEPinEPVirtualFolders()
May be called from a view worker thread.

Specified by:
getManageDirectoryEPinEPVirtualFolders in interface ACSCatalog
Returns:
true if the EP virtual folders manage the directoryEPs for the ACS.
Since:
0.7.0

getManageVirtualFolderTrees

public boolean getManageVirtualFolderTrees()
May be called from a view worker thread.

Specified by:
getManageVirtualFolderTrees in interface ACSCatalog
Returns:
true if the virtual folder trees are managed for the ACS.
Since:
0.7.0

getManageOneTimeInVirtualFolderTreeForMember

public boolean getManageOneTimeInVirtualFolderTreeForMember()
Specified by:
getManageOneTimeInVirtualFolderTreeForMember in interface ACSCatalog
Returns:
true if a member is no more than one time in each virtual folder tree.
Since:
0.7.0

getManageVirtualFolderRightsPropagationToMembers

public boolean getManageVirtualFolderRightsPropagationToMembers()
Specified by:
getManageVirtualFolderRightsPropagationToMembers in interface ACSCatalog
Returns:
true if a virtual folder propagates its target rights to all its members.
Since:
0.7.0

getManageSoftAlias

public boolean getManageSoftAlias()
Only an AcsAddon can manage the soft aliasing.

Specified by:
getManageSoftAlias in interface ACSCatalog
Returns:
true if the acs manages the external soft aliases
Since:
0.7.0

getManageInternalHardAlias

public boolean getManageInternalHardAlias()
Specified by:
getManageInternalHardAlias in interface ACSCatalog
Returns:
true if the acs manages the internal hard aliases
Since:
0.7.0

getEmbeddedInParentACS

public boolean getEmbeddedInParentACS()
Deprecated. 

This method is semantically included in getL_TiedChildACS().

Specified by:
getEmbeddedInParentACS in interface ACSCatalog
Returns:
true if the acs is embedded in the parent acs.

getRunningOnParentACS

public boolean getRunningOnParentACS()
Deprecated. 

This method is semantically included in getM_RootCommandsForOpeningAndClosing(), getM_RootsForOpeningNoClosing() and getM_RootsForIntegrity().

Specified by:
getRunningOnParentACS in interface ACSCatalog
Returns:
true if the acs is running on the parent acs.

getIsAuthorizationServer

public boolean getIsAuthorizationServer()
May be called from a view worker thread.

Specified by:
getIsAuthorizationServer in interface ACSCatalog
Returns:
true if the acs is an authorization server, as an LDAP directory for instance.

getManageGrantRights

public boolean getManageGrantRights()
May be called from a view worker thread.

Specified by:
getManageGrantRights in interface ACSCatalog
Returns:
true if the Grant rights are managed.

getManageDenyRights

public boolean getManageDenyRights()
May be called from a view worker thread.

Specified by:
getManageDenyRights in interface ACSCatalog
Returns:
true if the Deny rights are managed.

getManageAcsRights

public boolean getManageAcsRights()
May be called from a view worker thread.

Specified by:
getManageAcsRights in interface ACSCatalog
Returns:
true if the acs manages ACS rights (it main manages metarights too).

getManageMetaRights

public boolean getManageMetaRights()
May be called from a view worker thread.

Specified by:
getManageMetaRights in interface ACSCatalog
Returns:
true if the acs manages metarights (it may manage ACS rights too).

getM_StandardRights

public java.util.Map<java.lang.String,StringRight[]> getM_StandardRights()
This map is initialized at the ACS creation to set the standard values for the ACSObject Right properties (for example, the Linux rights), but only when there is no applicable specialized rights. The possible keys for the generic ACS are:

- 'Resource.OwnerRights',

- 'Resource.GroupRights',

- 'Resource.AclRights',

- 'Actor.BridgeRights',

- 'PrivilegeRights.MainType.'+PrivilegeAbst.TYPED,

- 'PrivilegeRights.MainType.'+PrivilegeAbst.LINKED,

An AcsAddon ACS may have complementary keys, like for instance 'Resource.OtherRights' in the ACSUbuntuImpl class. In all cases, these AcsAddon keys have to start with the name of an interface, to be detected by ACSFactoryUtilityImpl.getL_MapKeysForSpecializedRights(), and they have to end with a property change name containing 'Rights', to be detected by BaseUtilityImpl.getRestrictedValues().

Specified by:
getM_StandardRights in interface ACSCatalog
Returns:
unmodifiable HashMap where the key is a String of ACSObject class interface (like Resource) ended by a bound property name including 'Rights'(like GroupRights), with '.' as separator, and the value is a StringRight array of the authorized standard values for this bound property. May be null but never empty.
See Also:
getM_SpecializedRights()

getM_TypesAndGUIPolicy

public java.util.Map<java.lang.String,java.lang.String[]> getM_TypesAndGUIPolicy()
Get the String values which define the allowed ACSObject types. The default value is always all the possible values, when there is no key to match. The types are used to manage the display of nodes in the explorer, and to forbid the creation of instances having some specified types for a given class. There are 10 possible keys, and the last one is the most complex. They are described hereinafter:

- 'Resource.ResourceType' defines the allowed types for the Resources

- 'Actor.ResourceType' defines the allowed types for the Actors

- 'EligibleParty.EPType' defines the allowed types for the Eligible Parties

- 'VirtualFolder.resourceVFType' defines the allowed String types for the Resource VirtualFolders of the ACS

- 'VirtualFolder.EPVFType' defines the allowed String types for the Right User VirtualFolders of the ACS

- 'PrivilegeForType.SecondType' defines the allowed String types for the PrivilegeForTypes of the ACS

- 'PrivilegeForLinks.SecondType' defines the allowed String types for the PrivilegeForLinks of the ACS

- 'Explorer.NoAcsNode', where the values have the format 'ACSTree.XXX', to forbid the display in the explorer, of some standard nodes like 'AclEntries...' or 'GroupIDs',

- 'Explorer.SubAcsNode' sets some subacs nodes in the explorer, where the values have the format 'ResourceType.<byAcsCreator> XXX' or 'GroupType.<byAcsCreator> XXX', to specify the display under a dedicated node '<XXX_subacs>', of all the resources or groups having a type starting with '<byAcsCreator> XXX'. This type starting is reserved to these children.

- 'Explorer.AcsGroupTree' sets some group trees in the explorer, where the values have the format 'GroupType.<byAcsCreator> XXX', to specify the display under a dedicated node '<XXX_tree>' as its direct children, all the groupIDs having a type which starts with '<byAcsCreator> YYY'. This type starting is reserved to these children.

- 'CreationByBeamer.NoType' where the values are some forbidden types, to forbid the creation by the user and through the GUI, of ACSObjects having these types for a given class.

With the key 'CreationByBeamer.NoType', the user can create some ACSObjects only with the types the ACS authorizes. Typically, the types 'ResourceType.<byAcsCreator>' and 'EPType.<byAcsCreator>' are not allowed. After the first selection of allowed types, it may have a removing of some values from the getM_TypesAndGUIPolicy() key 'CreationByBeamer.NoType'. The forbidden types are the map values, with one of the following forms: 'ResourceType.forbidden type', 'EPType.forbidden type', 'DirectoryType.forbidden type', 'ActorType.forbidden type', 'UserIDType.forbidden type', 'GroupIDType.forbidden type', 'VirtualFolderType.forbidden type', 'PrivilegeSecondType.forbidden type'.

A forbidden type for EligibleParty is not forbidden to all the EligibleParty subclasses. This is also true for a forbidden type for Resource. Like the order of interfaces, the 'ActorType.forbidden type' list is the single list to applied to an Actor, just like 'DirectoryType.forbidden type' for the Directories, and 'UserIDType.forbidden type' for the UserID.

Specified by:
getM_TypesAndGUIPolicy in interface ACSCatalog
Returns:
an unmodifiable HashMap where the key is a String of ACSObject class interface (like Resource) ended by a bound property name (like ResourceType), with '.' as separator, and the value is a String array of the values for this key. May be null but never empty.

getM_TypeOrientedPolicy

public java.util.Map<java.lang.String,java.lang.String[]> getM_TypeOrientedPolicy()
Gets the ACS constraints on the allowed or forbidden ACSObject types to set the GroupID, Node, Resource, AclEntry and Privilege policies. The values are types of ACSObject, that is the type of a Basic or a VirtualFolder, or the second type of a Privilege. The default value is always to allow all the possible values, when there is no key to match. The keys are composed of a structured word which defines the application domain, like 'GroupID.NoPrimaryGroup', and there is sometimes a type at the end. The key word 'immutable' may be in an ACSObject type, but it is never used in the keys for type policies. This means that an immutable type has to apply the policy of its simplified form.

There are 31 possible forms for the key, presented hereinafter:

- 'GroupIDMember.NoMemberOf', where the values are the types of the groupmembers for which the role of member of another group is forbidden

- 'GroupIDMember.IsNotConditionalAclSource', where the values are the types of the GroupIDmembers for which the conditional ACL is forbidden as source

- 'GroupID.NoPrimaryGroup', where the values are the types of the groups for which the role of primary group for an account is forbidden

- 'GroupID.NoMainGroup' where the values are the types of the groups for which the role of main group of a resource is forbidden

- 'GroupID.NoSecondaryGroup' where the values are the types of the groups for which the role of secondary group of an actor is forbidden

- 'GroupID.MemberFromAdmin' where the values are the types of the groups where every member has to be an administrator

- 'GroupID.NoUserIDMember' where the values are the types of the groups where every member has to not be an UserID

- 'GroupID.NoGroupIDMember' where the values are the types of the groups where every member has to not be a GroupID

- 'GroupID.NoMoreThanOneMember' where the values are the types of the groups where only one member is allowed

- 'GroupID.ConditionalAclGroup' where the values are the types of the groups which may be condition groups in some flexible or right-defined conditional ACLs

- 'Resource.OneRightACL' where the values are the types of the resources which handled only AclEntries with no or one right

- 'Resource.NoAccount' where the values are the types of the resources which do not handle an account as owner (a group is possible from parent)

- 'Resource.NoConditionalACL' where the values are the types of the resources which never handle flexible or right-defined conditional AclEntries

- 'Resource.NoNonConditionalACL' where the values are the types of the resources for which an AclEntry without condition group(s) is never operational

- 'Resource.OneConditionGroupInACL' where the values are the types of the resources which handled only conditional AclEntries with no or one condition group

- 'Actor.NoCurrentAccount' where the values are the types of the actors for which a current account is forbidden

- 'Actor.NoCurrentGroup' where the values are the types of the actors for which a current group is forbidden

- 'Actor.NoNullCurrentAccount' where the values are the types of the actors for which a current account is mandatory

- 'Actor.IsNotBridgeTarget' where the values are the types of the actors which cannot be bridge targets

- 'Actor.IsNotBridgeSource' where the values are the types of the actors which cannot be bridge sources

- 'Actor.IsNotConditionalAclSource', where the values are the types of the Actors for which the conditional ACL is forbidden as source

The following keys include an ACSObject type, after the last point: - 'GroupID.TypesOfMemberFor.allowed_GroupID_type' where the values are the allowed types of the members for a group having this type

- 'GroupIDMember.NoMoreThanOneGroup.allowed_GroupIDMember_type' where the values are the GroupID types for which the groupIDmember may be member of one group of this type at most

- 'GroupIDMember.RecommandedGroupsAsMember.allowed_GroupIDMember_type' where the values are the GroupID types for which a message recommands to the user to put the groupIDMember as member; there, it is possible to describe some alternatives like 'group_type_onegroup_type_two'

- 'Directory.TypesOfChildFor.allowed_Directory_type' where the values are the allowed types of the children for a Directory having this type, or if the type is 'NULL', for a Resource without parent

- 'VirtualFolder.TypesOfMemberFor.allowed_VirtualFolder_type' where the values are the allowed types of the members for a VirtualFolder having this type

- 'VirtualFolder.TypesOfChildFor.allowed_VirtualFolder_type' where the values are the allowed types of the children for a VirtualFolder having this type, or if the type is 'NULL', for a VirtualFolder without parent

- 'Resource.SecondTypesOfPrivilegeFor.allowed_Resource_type' where the values are the allowed second types of the privileges for a Resource having this type

- 'EligibleParty.SecondTypesOfPrivilegeFor.allowed_EligibleParty_type' where the values are the allowed second types of the privileges for an EligibleParty having this type

- 'VirtualFolder.SecondTypesOfPrivilegeFor.allowed_VirtualFolder_type' where the values are the allowed second types of the privileges for a VirtualFolder having this type

- 'Resource.TypesOfSourceForConditionalACL.allowed_Resource_type' where the values are the allowed EligibleParty types as source of a conditional ACL in a Resource having this type

Specified by:
getM_TypeOrientedPolicy in interface ACSCatalog
Returns:
an unmodifiable HashMap where the key is an ACSObject class interface (like Resource) ended by a bound property name (like ResourceType), with '.' as separator, and the value is a String array of the authorized types. May be null but never empty.

getM_SpecializedRights

public final java.util.Map<java.lang.String,StringRight[]> getM_SpecializedRights()
Gets the specialized rights extending or constraining the allowed values which are defined for each right type set in getM_StandardRights(). The specialized rights are then superior to the standard ones, which are unworkable if some specialized rights are applicable. If several sets of specialized rights are applicable, it is their intersection which is workable.

As map keys, examples of quartets (object.domain.key.subkey) are:

- 'Target.AclRightsSet.Interface.Directory', for ACL rights when the target is a Directory instance

- 'Target.AccRightsSet.Type.script', for Account rights when the target has the type 'script'

- 'Source.AclRightsSet.Type.group', for ACL rights when the source has the type 'group'

- 'PFType.PrvRightsSet.Type.role one', for PrivilegeForTypes having the second type 'role one'

The object is Target or Source to indicate that these rights are for the target (or source) which has the correct interface or type.

For Privileges only, 'PFType' indicates rights for PrivilegeForTypes, and 'PFLink' indicates that it is for PrivilegeForLinks.

The domain may be one of the right categories: 'AccRightsSet' for Target only, 'GpORightsSet' for Target only, 'AclRightsSet' for Target only, 'BdgRightsSet', 'RooRightsSet' for root. 'PrvRightsSet' for PrivilegeForTypes and PrivilegeForLinks only.

The key is 'Interface' or 'Type' to indicate that the subkey belongs to one of these categories.

The subkey is an interface name or a Basic type (or second type for a Privilege), for which the specialized rights have to be used.

The value in the returned map is an array of StringRight which may have a lenght of 0.

Specified by:
getM_SpecializedRights in interface ACSCatalog
Returns:
a copied Map where the key is a quartet of Strings, and the value is a copy of an array of StringRights. May be null but never empty.
See Also:
BaseUtilityImpl.getL_AcsSpecializedRights(java.lang.String, ARoad0.gBaseInterface.ImmutableACS, java.lang.String, java.lang.String, java.util.Collection), getM_StandardRights()

getCategoriesInSpecializedRights

public java.util.Set<java.lang.String> getCategoriesInSpecializedRights()
The possible specialized right categories are 'AccRightsSet', 'GpORightsSet', 'AclRightsSet', 'PrvRightsSet', 'BdgRightsSet', 'RooRightsSet'. This property is not displayed in the BeanInfo.

Returns:
the set of the used right types in the specialized rights.

getM_AssociationsOnNewObject

public final java.util.Map<java.lang.String,java.lang.String[]> getM_AssociationsOnNewObject()
Get the associations to handle at the creation or the deletion of some ACSObjects, by the mean of actions to do by the program. Actions have numbers from 1 to 999. The criteria is a map key among the followings:

- 'Class'.'Property'.<Value>.XXX: a new object property has the value XXX;

- 'Class'.'Property'.<Valuecontains>.XXX: a new object property value contains the value XXX;

- 'Class'.'Property'.<Class>.XXX: a new object property has a class with exactly the simple name XXX;

- 'Class'.'Property'.<NameStartsWith>.XXX: the new object property name starts with the ACS name plus the subname XXX;

- 'Class'.<NameStartsWith>.XXX: the new object name of the class starts with the ACS name plus the subname XXX;

- <Class>.<Value>.XXX: the new object class is XXX in a gBase package;

The allowed String map values depends lightly on the map key. The values define one or several actions to do if the key matches. There are 5 possible formats for the first value of the action N:

- N.<AssociateClass>.XXX which specifies the class name XXX in gBase, without the Impl String,

of an associate object to build up or to finalize when the master is build up

or finalized

- N.<CalledMethod>.<Master>.YYY which specifies the method YYY to call on the master,

- N.<CalledMethod>.<ACS>.YYY which specifies the method YYY to call on the master ACS

- N.<CalledMethod>.<Action>.C.ZZZ which specifies the method ZZZ

to call on the associate previously created by the action number C.

- <CalledMethod>.<Object>.XXX+<Class>+YYY+<Value>+ZZZ which specifies the method ZZZ

to call on the future ACSObject having the name XXX and the class YYY, where the parameters must be the master or an associate to set the reverse operation when it is finalized.

After each first value, there is the full list of the constraints on the arguments of the constructor (case 1) or the method (cases 2 to 5), and there is one constraint specification per argument. Note that the method does not need to know the property name, but it is usefull to the user. Each argument constraint specification belongs to a set of 9 allowed formats, presented herein for the action with the N number:

- N.'PropertyName'.<Null>: null value for the argument having the name 'PropertyName'

- N.'PropertyName'.<Master>: the master is the argument

- N.'PropertyName'.<MasterCreation>: boolean true if the master is creating, false if it is finalizing

- N.'PropertyName'.<ArgumentValue>.C: the associate or argument number C object

- N.'PropertyName'.<Value>.XXX: the argument is XXX as String, ImmutableName if it is the property type, true/false if the type is boolean, or any BaseObject get from its name

- N.'PropertyName'.<Value>.XXX+<MasterValue>+YYY: the master value

for the same property in its BeanInfo (the read method has to not return an array), with some optional pre String value 'XXX' and post value 'YYY' if the property type is String

- N.'PropertyName'.<Value>.XXX+<MasterNameLastComponent>+YYY:

the last component in the master name, with some optional

pre and post Name values as Strings

- N.'PropertyName'.<Value>.<MasterNameContext>+YYY

the context in the master name, with a post Name value as String

- N.'PropertyName'.<Value>.<ACSName>+YYY: the master ACS name,

with a post Name value as String if it is the property type, or any BaseObject get from its name

The internal map may contain values where the first characters are not 'N.', but the first no-number value and its followings are returned by this method which is used by StringMapPropertyEditor to edit the internal map. Called by ActionNewACSyst.fillDerivedACSproperties() to populate the new acs associations.

Specified by:
getM_AssociationsOnNewObject in interface ACSRun
Returns:
a copied Map where the key is a String, and the value is an array of Strings started by a number between 1 to 9 followed by a point. May be empty, but not null.

addPropertyChangeListener

public void addPropertyChangeListener(java.beans.PropertyChangeListener _l)
Add a listener to the bean, for all the bound properties. Used by Gui1.SimplePropertyEditor and Gui2.ACSTreeBaseListenerImpl.

The listeners are proper to one ACSImpl instance, outside gBase, transient (not serialized), and they are called in any order, excepted for:

1/ The sequence for a Resource change is : ExternalOrientedAclEntry, ExternalOriented, M_OwnResources (or External), OneResource, OneBaseObject. It is very similar for an EligibleParty change and a VirtualFolder change.

2/ For Actors, 'OneResource' is always fired when 'OneEligibleParty' is fired, and it is fired before this event for a resource creation, and after this first event for a resource deletion. 'OneBaseObject' is fired when the operation is completed, so, and it is fired always just after 'OneEligibleParty' if it is an actor creation, and always just after 'OneResource' if it is an actor deletion.

Caution: when this method is used to detect a new ACSObject instance send by ACSImpl in a PropertyChangeEvent, the new instance may be not still fully initialized.

Specified by:
addPropertyChangeListener in interface BaseBeanManager
Specified by:
addPropertyChangeListener in interface BoundBean
Parameters:
_l - PropertyChangeListener to add. Caution: the listener must NOT have specific hashCode() and equals() methods, to work with HashSet in the removing operations.
Since:
0.5.1

addPropertyChangeListener

public void addPropertyChangeListener(java.lang.String _propertyName,
                                      java.beans.PropertyChangeListener _l)
Adds a listener to the bean. Called by gDMak.ACSTreeBaseListenerImpl, Gui1.CollectionPropertyEditor, Gui1.SimplePropertyEditor, ViewInBaseImpl.

The listeners are proper to one ACSImpl instance, outside gBase, transient (not serialized), and they are called in any order, excepted for:

1/ The sequence for a Resource change is : ExternalOrientedAclEntry, ExternalOriented, M_OwnResources (or External), OneResource, OneBaseObject. It is very similar for an EligibleParty change and a VirtualFolder change.

2/ For Actors, 'OneResource' is always fired when 'OneEligibleParty' is fired, and it is fired before this event for a resource creation, and after this first event for a resource deletion. 'OneBaseObject' is fired when the operation is completed, so, and it is fired always just after 'OneEligibleParty' if it is an actor creation, and always just after 'OneResource' if it is an actor deletion.

Caution: when this method is used to detect a new ACSObject instance send by ACSImpl in a PropertyChangeEvent, the new instance may be not still fully initialized.

Specified by:
addPropertyChangeListener in interface ACSRun
Specified by:
addPropertyChangeListener in interface BaseBeanManager
Specified by:
addPropertyChangeListener in interface BoundBean
Parameters:
_propertyName - String is the name of the property
_l - PropertyChangeListener to add. Caution: the listener must NOT have specific hashCode() and equals() methods, to work with HashSet in the removing operations.

removePropertyChangeListener

public void removePropertyChangeListener(java.beans.PropertyChangeListener _l)
Remove a listener to the bean. To be compliant to the BaseBeanManager interface, but no using so far.

Specified by:
removePropertyChangeListener in interface BaseBeanManager
Specified by:
removePropertyChangeListener in interface BoundBean
Parameters:
_l - PropertyChangeListener to remove
Since:
0.5.1

removePropertyChangeListener

public void removePropertyChangeListener(java.lang.String _propertyName,
                                         java.beans.PropertyChangeListener _l)
Remove a listener to the bean. Used by gDMak.ACSTreeBaseListenerImpl and Gui1.XXXPropertyEditor.

Specified by:
removePropertyChangeListener in interface ACSRun
Specified by:
removePropertyChangeListener in interface BaseBeanManager
Specified by:
removePropertyChangeListener in interface BoundBean
Parameters:
_propertyName - String is the name of the property
_l - PropertyChangeListener to remove

containsResourceName

public final boolean containsResourceName(ImmutableName _name)
Test if the resource is opened, and owned or controlled by the ACS.

Specified by:
containsResourceName in interface ACSCatalog
Parameters:
_name - ImmutableName of the resource to test in the ACS
Returns:
true if the ACS knows the resource

containsOwnResourceName

public final boolean containsOwnResourceName(ImmutableName _name)
Synchronized on the resources map.

Specified by:
containsOwnResourceName in interface ACSCatalog
Parameters:
_name - of the resource to test
Returns:
true if the ACS owns this resource, false if this resource is unknown or if it is an external one, known through an aclEntry.

containsEligiblePartyName

public final boolean containsEligiblePartyName(ImmutableName _name)
Test if the eligible party is opened, and owned by the ACS or external to the ACS and connected to it through an ACS aclEntry.

Specified by:
containsEligiblePartyName in interface ACSCatalog
Parameters:
_name - ImmutableName of the eligible party to test
Returns:
true if the ACS knows this EP as its own or as an external one

containsOwnEligiblePartyName

public final boolean containsOwnEligiblePartyName(ImmutableName _name)
True if the ACS owns this EP.

Specified by:
containsOwnEligiblePartyName in interface ACSCatalog
Parameters:
_name - ImmutableName of the eligible party to test
Returns:
true if the ACS owns this EP

containsAclEntry

public final boolean containsAclEntry(ImmutableAclEntry _acl)
Test if an AclEntry is known. Use the equals() method.

Specified by:
containsAclEntry in interface ACSCatalog
Parameters:
_acl - AclEntry to test
Returns:
boolean true if the ACS has recorded this aclEntry instance

containsPrivilegeName

public final boolean containsPrivilegeName(ImmutableName _name)
Tests if a privilege is known.

Specified by:
containsPrivilegeName in interface ACSCatalog
Parameters:
_name - of the privilege to test
Returns:
boolean true if the ACS has recorded this privilege instance

containsVirtualFolderName

public final boolean containsVirtualFolderName(ImmutableName _name)
Tests if a virtual folder is known.

Specified by:
containsVirtualFolderName in interface ACSCatalog
Parameters:
_name - of the virtual folder to test
Returns:
boolean true if the ACS has recorded this virtual folder instance

containsOwnVirtualFolderName

public final boolean containsOwnVirtualFolderName(ImmutableName _name)
Tests if the ACS owns the virtual folder.

Specified by:
containsOwnVirtualFolderName in interface ACSCatalog
Parameters:
_name - of the virtual folder to test
Returns:
boolean true if this virtual folder is from this ACS

getIsExternalOriented

public boolean getIsExternalOriented()
Specified by:
getIsExternalOriented in interface ImmutableACS
Returns:
true if, through its open external AclEntries or Linked Privileges, the ACS is a controller of the target of another ACS, or if it delivers some rights to an eligible party in another ACS. Closed AclEntries and Privileges are not taken in account.

getContainsBridgeTarget

public boolean getContainsBridgeTarget()
Gets the presence of actors which are bridge targets.

Specified by:
getContainsBridgeTarget in interface ImmutableACS
Returns:
boolean true if, for the bridge relations, the ACS contains own bridge targets.

getContainsBridgeSource

public boolean getContainsBridgeSource()
Gets the presence of actors which are bridge sources.

Specified by:
getContainsBridgeSource in interface ImmutableACS
Returns:
boolean true if, for the bridge relations, the ACS contains own bridge sources.

getL_AcsTypes

public static final java.util.List<java.lang.String> getL_AcsTypes()
Get the standard ACS types, but not those created by the user. Standard types are 'LINUX' and 'GENERIC'.

Returns:
the registered ACS types which are used by the ACS constructors.

getL_ImmutableRules

public final java.util.List<java.lang.String> getL_ImmutableRules()
Get the structural rules which are derived from the ACS structure and which define the processing of objects and rights in this ACS.

Specified by:
getL_ImmutableRules in interface ACSCatalog
Returns:
the immutable rules which are derived from the ACS structure, without cloning of the list nor Immutable wrapping, to be fast. Never empty nor null.

getComment

public java.lang.String getComment()
Returns:
String comment which is associated to the acs. May be null.

setComment

public void setComment(java.lang.String _s)
Set any comment related to this acs. It is a bound property.

Specified by:
setComment in interface ACS
Parameters:
_s - comment which is associated to the acs.

equals

public boolean equals(java.lang.Object _obj)
Specified by:
equals in interface BaseObject
Overrides:
equals in class java.lang.Object
Parameters:
_obj - object to compare
Returns:
true if the two objects are instances of classes that are ACSImpl or extend ACSImpl (and not ACSRun, ACSCatalog or ImmutableACS)

hashCode

public int hashCode()
Specified by:
hashCode in interface BaseObject
Overrides:
hashCode in class java.lang.Object
Returns:
the hashcode value for the ACS, based only on its type and its name.

toString

public java.lang.String toString()
Get the name last component of the instance.

Overrides:
toString in class java.lang.Object
Returns:
String

getL_TiedChildACS

public java.util.List<ImmutableName> getL_TiedChildACS()
A tied child ACS has to be opened when this instance is opened. Like any child ACS, it has to be closed when this instance is closed, and it may be closed alone. The subACSs are not tied children.

Specified by:
getL_TiedChildACS in interface ImmutableACS
Returns:
the names of the child ACS which are tied up to this instance. May be empty, but never null.

setL_TiedChildACS

public void setL_TiedChildACS(java.util.List<ImmutableName> _l_names)
A tied child ACS has to be opened when this instance is opened. Like any child ACS, it has to be closed when this instance is closed, and it may be closed alone. Called by ACSFactoryImpl.createACS(). Fires the property change 'TiedChildACSs'.

Specified by:
setL_TiedChildACS in interface ACS
Parameters:
_l_names - the names of the child ACS which are tied up to this instance. May be null or empty.

getM_SubAndGroupPolicy

public java.util.Map<java.lang.String,java.lang.String[]> getM_SubAndGroupPolicy()
Gets the subACS names and their mode (for Resources or for GroupIDs) and the root names for groups trees, as nodes to display in the explorer. A subACS is always open with its ACS. In the returned value, the key is the subACS name or a group root name, in one word, and the value is an array which may contain one or two items among the following values:

<ResourceSubACS>, <GroupSubACS> and <GroupTree>.

For instance, the value 'yyy' for the key <GroupTree>, means that a group root node '<yyy_tree>' has to be displayed directly under the GroupIDs node, in the explorer. For the two other keys, a value 'xxxx' means that a node '<xxxx_subacs>' has to be displayed directly under the Resources and the AclEntries nodes, or under the GroupIDs node.

Specified by:
getM_SubAndGroupPolicy in interface ImmutableACS
Returns:
the cloned map of the subACSs and the groups tree roots. May be empty but never null.

getM_BelongsToComposite

public java.util.Map<java.lang.String,ImmutableName> getM_BelongsToComposite()
Gets the map which says if the ACS or a subACS belongs to a Composite ACS in the IS Name Tree.

In the returned value, the key is the subACS name, in one word, or the ACS name last component, and the value is the Composite name.

Specified by:
getM_BelongsToComposite in interface ImmutableACS
Returns:
the map of the composite relations. Never null and may be empty.

getM_InnerRootsForChildACS

public java.util.Map<java.lang.String,ImmutableName[]> getM_InnerRootsForChildACS()
For a parent ACS, gets the list of the inner ACSObjects having with an opened child ACS, a relation among <ForChildAcsOpeningAndClosing>, <ForChildAcsOpeningNoClosing> and <ForChildAcsIntegrity>. These relations set that the deleting or the updating of the ACSObject will stop the child ACS or will modify its ability to run correctly.

Specified by:
getM_InnerRootsForChildACS in interface ImmutableACS
Returns:
the map of the inner ACSObjects which support at least one child ACS. The child ACS names are the keys, and the values are arrays of root names from this ACS. Never null and may be empty.
See Also:
getM_RootCommandsForOpeningAndClosing(), getM_RootCommandsForOpeningNoClosing(), getM_RootCommandsForIntegrity()

getM_RootCommandsForOpeningAndClosing

public java.util.Map<java.lang.String,java.lang.String[]> getM_RootCommandsForOpeningAndClosing()
Gets for a child ACS, the list of associations to roots in its parent ACSs for running.

This relation set that the root parent ACSObject, or one of its property value, has to be there when the child ACS is opened, to ensure its ability to exist, and has to be closed or updated (for a property value) at its closing.

Specified by:
getM_RootCommandsForOpeningAndClosing in interface ImmutableACS
Returns:
The map key has the format:

- ACS.Name.<Value>.XXX: a parent ACS name having the value XXX.

The map value is a sequence of commands which are executed by AssociateUtilityImpl. Never null.

See Also:
AssociateUtilityImpl

getM_RootCommandsForOpeningNoClosing

public java.util.Map<java.lang.String,java.lang.String[]> getM_RootCommandsForOpeningNoClosing()
Gets for a child ACS, the list of associations to roots in its parent ACSs for running.

This relation set that the root parent ACSObject, or one of its property value, has to be there when the child ACS is opened, to ensure its ability to exist, but there is NO constraint to free the associations at its closing.

Specified by:
getM_RootCommandsForOpeningNoClosing in interface ImmutableACS
Returns:
The map key has the format:

- ACS.Name.<Value>.XXX: a parent ACS name having the value XXX.

The map value is a sequence of commands which are executed by AssociateUtilityImpl.

See Also:
AssociateUtilityImpl

getM_RootCommandsForIntegrity

public java.util.Map<java.lang.String,java.lang.String[]> getM_RootCommandsForIntegrity()
Gets for a child ACS, the list of associations to roots in its parent ACSs for integrity.

This relation set that the root parent ACSObject, or one of its property value, has to be there when the child ACS is opened, to ensure its ability to work well, in other words, following its specifications.

Specified by:
getM_RootCommandsForIntegrity in interface ImmutableACS
Returns:
The map key has the format:

- ACS.Name.<Value>.XXX: a parent ACS name having the value XXX.

The map value is a sequence of commands which are executed by AssociateUtilityImpl.

See Also:
AssociateUtilityImpl

getL_RootsForOpening

public java.util.List<ImmutableName> getL_RootsForOpening()
Gets the list of the ACSObject roots of this ACS in an opened parent ACS, where each root has to be in the parent ACS at the opening of this ACS to ensure its working. There is no common roots with the values in getL_RootsForIntegrity(), but some common values may exist with getL_RootsForClosing(). This list is generated by AssociateUtilityImpl from the commands in getM_RootCommandsForOpeningAndClosing() and getM_RootCommandsForOpeningNoClosing().

Specified by:
getL_RootsForOpening in interface ImmutableACS
Returns:
the root names. May be empty but never null.

getL_RootsForClosing

public java.util.List<ImmutableName> getL_RootsForClosing()
Gets the list of the ACSObject roots of this ACS in an opened parent ACS, where each root has to be deleted in the parent ACS at the closing of this ACS. There is no common roots with the values in getL_RootsForIntegrity(), but all the values should exist in getL_RootsForOpening(). This list is generated by AssociateUtilityImpl from the commands in getM_RootCommandsForOpeningAndClosing().

Specified by:
getL_RootsForClosing in interface ImmutableACS
Returns:
the root names. May be empty but never null.

getL_RootsForIntegrity

public java.util.List<ImmutableName> getL_RootsForIntegrity()
Get the list of the ACSObject roots of this ACS in an opened parent ACS, where each root in the parent ACS has some property updatings which may weaken the integrity of this ACS. There is no common roots with the values in getL_RootsForOpening() and getL_RootsForClosing(). This list is generated by AssociateUtilityImpl from the commands in getM_RootCommandsForIntegrity().

Specified by:
getL_RootsForIntegrity in interface ImmutableACS
Returns:
the root names. May be empty but never null.

getContainsRootActions

public boolean getContainsRootActions()
Called by BeamerManager.getNotDisplayThisProperty().

Specified by:
getContainsRootActions in interface ImmutableACS
Returns:
true if the ACS has some roots in a parent ACS

getM_CommentsOnProperties

public final java.util.Map<java.lang.String,java.lang.String[]> getM_CommentsOnProperties()
Gets comments to explain how this ACS simulates a real system/software. The criteria is an ACS property displaying name. The value is a String array of free user comments on the settings of the related ACS property.

Specified by:
getM_CommentsOnProperties in interface ACSRun
Returns:
an unmodifiable Map where the key is a String, and the value is an array of Strings. May be empty, but not null. A map value may be empty but is never null.

getM_AcsVocabulary

public final java.util.Map<java.lang.String,java.lang.String[]> getM_AcsVocabulary()
Gets the ACS vocabulary. This may cover several independant domains:

- the AcsAddon editor, the AcsAddon package editor and the AcsAddon name, in three keys,

- how to name the L_ACS_TREE_UPPER_NODES_FOR_ONE_ACS constants for this ACS, as names of the ACS tree nodes in the proper ACS internal frame. An example is to replace the tree node 'UserIDs (right user)' by 'Accounts'.

- what are the gBase classes to use, from the generic package or from the AcsAddon gBase package (see L_CLASSIC_CLASS_KEYS), like when the Addon Ubuntu subclasses ResourceImpl with ResourceUbuntuImpl. The full Java name of the subclass has to be put in the value array.

- If the ACS is an AcsAddon, what are the specific new classes in the AcsAddon gBase package (see ACSADDON_NEW_CLASSES). In this case, the class names are separated by one space, like in 'Executable/is/Actor XXX/is/Resource'.

- If the ACS is an AcsAddon, what are the non-generic rights in the ACSObjects on which the ACS constraints of the specialized rights are applicable, and in that case, what domain is applicable. An example is the domain 'GpORightsSet' for the property 'OtherRights', in Ubuntu, that is declared by the value 'OtherRights.GpORightsSet'.

The method getEditorAndAddonNames() also returns the editor and AcsAddon names.

Specified by:
getM_AcsVocabulary in interface ACSRun
Returns:
an unmodifiable Map where the key is a String, and the value is a String array. May be empty, but not null. A map value is never null but may be empty.
Since:
0.7.0
See Also:
ACSFactoryUtilityImpl.L_ACS_TREE_UPPER_NODES_FOR_ONE_ACS, ACSFactoryUtilityImpl.L_CLASSIC_CLASS_KEYS, ACSFactoryUtilityImpl.ACSADDON_EXTENSION_CLASSES

getM_Structure

public java.util.SortedMap<java.lang.String,java.lang.Boolean> getM_Structure()
Gets the structure of this ACS. For the generic properties, that are defined in gBase.ACSImpl), there is a dedicated method getManageXXX to read the value of each property. Some complementary, non-generic values are allowed for the AcsAddons. This map may be directly updated at the creation of an AcsAddon ACS, for adding new keys of non-generic properties which are ridden by their proper AcsAddon classes.

Specified by:
getM_Structure in interface ACSCatalog
Returns:
the unmodifiable ACS structure. Never empty nor null.

getM_RightsOfInternalKey

public java.util.SortedMap<java.lang.String,StringRight[]> getM_RightsOfInternalKey()
Gets the ACS rights and the metarights this ACS handles and for a given internal key value of the associated metaright. The map key is the metaright internal key.

Specified by:
getM_RightsOfInternalKey in interface ACSCatalog
Returns:
the unmodifiable rights map. Never empty nor null.

getL_SelectedRights

public StringRight[] getL_SelectedRights(java.lang.String _r1,
                                         java.lang.String _r2,
                                         java.lang.String _r3,
                                         java.lang.String _r4,
                                         java.lang.String _r5)
Gets the ACS or meta rights having one of the arguments as nick name, and used by the ACS. Called by AssociateUtilityImpl.addAssociateActions() to get some rights array for the roots to create. This is why the five arguments are not put in a single array or list.

Specified by:
getL_SelectedRights in interface ACSCatalog
Parameters:
_r1 - nick name of an ACS right. May be null.
_r2 - nick name of an ACS right. May be null.
_r3 - nick name of an ACS right. May be null.
_r4 - nick name of an ACS right. May be null.
_r5 - nick name of an ACS right. May be null.
Returns:
from zero to five required acs rights or meta rights

getReferenceOfSoftAlias

public ACSObject getReferenceOfSoftAlias(ACSObject _alias)
Gets the reference in this ACS for an external or internal soft alias, by the way of a specific algorithm. The internal reference may have several aliases. This method returns null in this ACSImpl class. It has to be overridden in the AcsAddons where an external or internal soft alias is managed, and it is then responsible to update the soft alias and the soft reference properties. This means that a call to this method is the only mean to update these bound properties. If the soft aliasing links may vary, it is the responsivility of the AcsAddon to call this method at the right moment. This is true typically when an object is deleted, or when there is a change into the parameters defining the soft aliasing rules. This method is not declared in the ACS BeanInfo.

Specified by:
getReferenceOfSoftAlias in interface ImmutableACS
Parameters:
_alias - ACSObject from another ACS
Returns:
the internal ACSObject which is the reference of the argument. May be null.

setEorIcon

protected void setEorIcon(java.lang.String _iconName)
Used only by ACSFactoryImpl or a subclass. No property change firing. For an AcsAddon, the icon is searching in the AcsAddon gBase package, not in the Gui1/images package. For the copy of an open ACS, ActionNewACS sets imageIcon_ in the ACSFactoryImpl, and it is used to set directly icon_ in this instance, without calling to this method.

Parameters:
_iconName - file name of the icon associated to the ACS. Never null.

newEorResource

protected void newEorResource(ImmutableResource _res)
                       throws CreateError
Registers a new own resource with a type control. This method restricted to calls from resource constructors, to control if the resource type is allowed by theis acs, the call addResource() which registers the resource and fires the events. Overridden by the AcsAddon subclasses. Calls addResource().

Parameters:
_res - is just created in a Resource constructor, or external resource which is associated to an aclEntry owned by this ACS
Throws:
CreateError - (and baseError) if the Name is already known in ACSCatalog, if the Name is null, or if the resource type is not allowed by this ACS

addResource

protected void addResource(ImmutableResource _res)
                    throws CreateError
Registers a new own or a controlled resource without type control, and fires the bound properties 'M_OwnResources' or 'OneExternalResource', 'OneResource' and 'OneBaseObject' only if it is not an Actor. External Object Reference: _res.getName() and _res are directly put in the resource map. Called from newEorResource(), newEorAclEntry() for external AclEntries, PrivilegeForLinksImpl.addEorPrivilegeTargetLink() for external Linked Privileges.

Parameters:
_res - is just created in a Resource constructor, or external resource which is associated to an aclEntry owned by this ACS
Throws:
CreateError - (and baseError) if the Name is already known, if the Name is null.

removeEorResource

protected void removeEorResource(ImmutableResource _res)
                          throws UpDateError
Unregisters the own and the external resources. An own resource is already unregistered in its parent, GroupID and UserID; its AclEntries are already deleted. Its ACS and ACS name are still known by the resource.

Updates the resources root name if _res is this root. Called by removeEorAclEntry() and PrivilegeForLinks.removeEorPrivilegeTargetLink() for an external resource. Not called by removeEorPrivilege(). For an external resource, calls removeAcsController() on its ACS. Fires property change events on "M_OwnResources" or "OneExternalResource", and fire "OneResource", "OneBaseObject". Overridden by the AcsAddon subclasses.

Parameters:
_res - internal or external open ImmutableResource to be taken off in the ACS.
Throws:
UpDateError - (and baseError) if the Name is unknown in the ACS.

newEorEligibleParty

protected void newEorEligibleParty(ImmutableEligibleParty _ep)
                            throws CreateError
Registers a new own eligible party in the ACS and controls that the eligible party type is allowed.

Calls addEligibleParty() which does the work and fires a property change on "M_OwnEligibleParties", "OneEligibleParty" and "OneBaseObject".

Overridden by the AcsAddon subclasses. Called from the subclasses and EligibleParty implementations.

Parameters:
_ep - is just created in EligibleParty() or in ActorImpl(), or associated to a newEorAclEntry() call
Throws:
CreateError - (and baseError) if the Name is already known in ACSCatalog, if the Name is null or if the ep type is not allowed.

addEligibleParty

protected void addEligibleParty(ImmutableEligibleParty _ep)
                         throws CreateError
Registers a new own or an external eligible party in the ACS, without type control. Fires property changes on 'M_OwnEligibleParties' or 'OneExternalEligibleParty', 'OneEligibleParty' and 'OneBaseObject'. Called by newEorAclEntry() for external AclEntries, newEorEligibleParty(), PrivilegeForLinksImpl.addEorPrivilegeSourceLink() for external Linked Privileges.

Parameters:
_ep - is just created in EligibleParty() or in ActorImpl(), or associated to a newEorAclEntry() call
Throws:
CreateError - (and baseError) if the Name is already known in the base, if the Name is null.

removeEorEligibleParty

protected void removeEorEligibleParty(ImmutableEligibleParty _ep)
                               throws UpDateError
Removes the own and the external EligibleParty. May update the closed bridge targets map. Called by PrivilegeForLinks.removeEorPrivilegeTargetLink(). Fire property changes on 'M_OwnEligibleParties' or 'OneExternalEligibleParty', and 'OneEligibleParty'.

Parameters:
_ep - to remove
Throws:
UpDateError - (and BaseError) if the name is unknown

newEorAclEntry

protected final void newEorAclEntry(ImmutableAclEntry _acl)
                             throws CreateError
Method called by Resource.addAclEntry() before the updating of Resource.getL_aclEntry() and, indirectly, also called by checkClosedAclEntries().

If the resource ACS is different to this ACS and if it is unknown by this ACS, the resource is recorded as an external one. If the resource ACS unknowns this ACS as a controller, this ACS is recorded as a controller in the resource ACS, but only if the acl ACS is not closed. Calls setExternalOriented(). The ACL rights are not controlled there, like in the new methods for resource and for eligible party, because the ACS restrictions are controlled in the AclEntry constructor.

The change events are fired after the updating of the AclEntry internal list. Fires an event 'AclEntry' without copy, and for an external object, 'OneExternalResource', 'OneResource', or 'OneExternalEligibleParty' and 'OneEligibleParty'. May invoke addResource() and addEligibleParty() if _acl is the first aclEntry to associate these external objects to this ACS. The sequence of the property change firings is: events from the external addResource/EligibleParty methods, 'Controlled' and 'OneController' from the controlled ACS, 'ExternalOriented', then 'AclEntry'.

Caution: These property changes are not to be used for updating the views, since they are fired before the associated firings from the AclEntry Resource and EligibleParty on which the changes are followed by the views.

Parameters:
_acl - new AclEntry managed by this ACS. It is associated to one resource and one eligible party, and they may belong to this ACS or not
Throws:
CreateError - (and baseError) if the resource name is null, if the _acl ACS is closed or null. No test of unicity for _acl, done in Resource.addAclEntry()

removeEorAclEntry

protected final void removeEorAclEntry(ImmutableAclEntry _acl)
                                throws UpDateError
Removes the AclEntry in the internal properties. Called by AclEntryImpl.finalizeForUser() after the updating of the resource list and before the updating of the acs controller list in the resource. This method is indirectly called by closeExternalAclEntries(). It uses a direct equal operator ('==') to find the AclEntry to remove.

The change events are fired after the updating of the AclEntry internal list. Fires an event 'OneExternalEligibleParty' or 'OneExternalResource', when the removed AclEntry has a Resource or an EligibleParty that belongs to another ACS. Calls setExternalOriented(). Fires an event for the 'AclEntry' property using a clone of _acl. May invoke removeEorResource(), removeEorEligibleParty() for external objects. May call removeAcsController(), but only if the acl ACS is not closed. if _acl is the last AclEntry to associate these external objects to this ACS. The sequence of the optional property change firings is: event 'OneExternalEligibleParty' or 'OneExternalResource', 'ExternalOriented', 'Controlled' from the controlled ACS, then 'AclEntry'.

Parameters:
_acl - aclEntry to remove.
Throws:
UpDateError - if _acl is recorded more than once, if the resource name is unknown in the ACS, if _acl ACS is not a recorded controller of this ACS.

setExternalOriented

protected void setExternalOriented()
The ACS is external oriented when it has at least one external AclEntry or one external Privilege, and thus at least one external resource, virtual folder or eligible party. Note: The methods addResource, addEligibleParty and addVirtualFolder directly update this property and fire the event. Fires an event 'ExternalOriented' if the value has changed. Called by removeEorResource(), removeEorVirtualFolder() and removeEorEligibleParty().


newEorPrivilege

protected void newEorPrivilege(Privilege _priv)
                        throws CreateError
Registers a new privilege in this ACS. Used by the Privilege constructors and by the methods PrivilegeForLinksImpl.addEorPrivilegeSourceLink/TargetLink(), which controls the unicity of the privilege detailled name, and indirectly, also called by checkClosedPrivileges(). For a typed privilege, checks MAX_FOR_TYPED_PRIVILEGES_NUMBER if this ACS is not an authorization server. If the target ACS is different to this ACS and if it is unknown by this ACS, the target is recorded as an external one. If the target ACS unknowns this ACS as a controller, this ACS is recorded as a controller in the target ACS, but only if the privilege ACS is not closed. Calls setExternalOriented(). The setting of the privilege management in the ACS is controlled in the PrivilegeAbst constructor.

The sequence of the property change firings is: 'Privileges' then 'OneTypedPrivilege' or 'OneLinkedPrivilege', and 'OneBaseObject'.

Parameters:
_priv - is the new privilege to register. Not null.
Throws:
CreateError - if typed privilege, and if the number of typed privileges is at its maximum number, if another privilege as the same detailled name.
java.lang.InternalError - if this ACS does not manage the privileges.

removeEorPrivilege

protected void removeEorPrivilege(Privilege _priv)
                           throws UpDateError
Removes the Privilege in the internal properties. Called by Privilege.finalizeForBase().

The change events are fired after the updating of the Privilege internal lists. Fires the events 'Privileges', 'OneTypedPrivilege' or 'OneLinkedPrivilege', and 'OneBaseObject'.

Parameters:
_priv - to unregister.
Throws:
UpDateError - if the privilege is null or not known.

controlEPandResourceTypes

protected final short controlEPandResourceTypes(java.lang.String _epType,
                                                java.lang.String _resourceType)
Currently unused, this method allows to control the EP and/or resource types. It is used by PrivilegeForTypeImpl.setSourceClass() and setTargetClass(). Caution: does not manage 'Actor.ResourceType' in m_TypesAndGUIPolicy_.

Parameters:
_epType - is the type of the object which have the access rights. Cannot be null, but '<undefined>' is a neutral always-allowed value.
_resourceType - is the type of the object on which access rights are applied. Cannot be null, but '<undefined>' is a neutral always-allowed value.
Returns:
short '0' if the two types are allowed by the ACS, '-1' if only the EP type is not allowed, '-2' if only the resource type is not allowed, '-3' if the two types are not allowed.
Throws:
java.lang.InternalError - if an argument type is null, if this ACS does not manage Resources or EligibleParties

addVirtualFolder

protected void addVirtualFolder(VirtualFolder _fold)
                         throws CreateError
Registers a new virtual folder in this ACS. Used only by the VirtualFolder constructors. No control on the type. Fires the 'OneResourceVirtualFolder' or 'OneEPVirtualFolder', 'ExternalOriented' and 'OneBaseObject' events. No 'M_ExternalVirtualFolders' event. Called by newEorVirtualFolder() and PrivilegeForLinksImpl.addEorPrivilegeTargetLink() for external Linked Privileges.

Parameters:
_fold - is the new folder to register. Not null.
Throws:
CreateError - if the VirtualFolder is null, if the name is already used, or if this ACS does not manage this object type.

newEorVirtualFolder

protected void newEorVirtualFolder(VirtualFolder _fold)
                            throws CreateError
Registers a new virtual folder in this ACS. Used only by the VirtualFolder constructors. No control on the type, since the control is done in the VirtualFolder constructor. Calls addVirtualFolder().

Parameters:
_fold - is the new folder to register. Not null.
Throws:
CreateError - if the VirtualFolder is null, if the name is already used, or if this ACS does not manage this object type.

removeEorVirtualFolder

protected void removeEorVirtualFolder(VirtualFolder _fold)
                               throws UpDateError
Unregisters a virtual folder in this ACS. Called by the VirtualFolder.finalizeForUser() method. Called by PrivilegeForLinks.removeEorPrivilegeTargetLink() for an external virtual folder. Not called by removeEorPrivilege(). For an external virtual folder, calls removeAcsController() on its ACS. Fires the 'OneResourceVirtualFolder' or 'OneEPVirtualFolder' event, and fires a 'OneBaseObject' event. No 'M_ExternalVirtualFolders' event.

Parameters:
_fold - to unregister.
Throws:
UpDateError - if the folder is null or not known.

getL_ClosedAclEntriesACSNames

protected final java.util.Set<ImmutableName> getL_ClosedAclEntriesACSNames()
Gets all the closed ACS names if this ACS is a controller of external resource(s) or eligible, through its aclEntries, or if this ACS is controlled by other ACS. The current ACS instance manages only references to open ACS.

Returns:
immutable set of closed or non closed ACS names, for which there are aclEntries in getL_ClosedAclEntries(). May be null.

getL_ClosedAclEntries

protected final java.util.Set<ImmutableAclEntry> getL_ClosedAclEntries()
Called by equals(), finalizeForBase().

Returns:
Set of the closed own aclEntries, without copy. May be null.

getL_ClosedACSBridgeSources

protected final java.util.Set<ImmutableName> getL_ClosedACSBridgeSources()
Gets the own bridge sources which are not activated because their targets belong to a closed ACS. Called by BaseManagerImpl.

Returns:
immutable Set of actor names. May be null.

getL_ClosedPrivilegesACSNames

protected final java.util.Set<ImmutableName> getL_ClosedPrivilegesACSNames()
Gets all the closed ACS names if this ACS is a controller of external resource(s) or eligible, through its Privileges, or if this ACS is controlled by other ACS. The current ACS instance manages only references to open ACS.

Returns:
immutable set of closed or non closed ACS names, for which there are Privileges in getL_ClosedPrivileges(). May be null.

getL_ClosedPrivileges

protected final java.util.Set<PrivilegeForLinks> getL_ClosedPrivileges()
Called by BaseManagerImpl and another opening ACS for identifying its resources that are controlled in Privileges by this ACS.

Returns:
Set of the closed own Privileges, without copy. May be null.

finalizeForBase

protected void finalizeForBase()
Closes the ACS. It is not removed from the ACS list in the BaseManager. The ACS is not saved. Removes the roots if necessary, and updates the roots map in the parent ACS. The other associations are internal to the ACS. They are not explicitly handled by a call to the finalizeForUser method on each ACSObject, since all the ACSObjects are finalized. Called only by BaseManagerImpl.closeACS(). In this method, THE OBJECT IS SET TO NULL. - If there are listener(s) for the BaseManager bound property 'openACS', an event has been fired to them without any order by BaseManagerImpl before the call of this method. - the listeners, in the GUI, for the bound properties of the ACSImpl objects are not managed here, since the graphical objects (XXXTreeBaseListener) which are dedicated to this ACS and which are listeners, are finalized through the BaseManager bound property 'openACS'.


finalize

protected void finalize()
                 throws java.lang.Throwable
This method removes the object from the application space, but there is no guaranee that the JVM calls this method before the end of the application.

Overrides:
finalize in class java.lang.Object
Throws:
java.lang.Throwable

firePropertyChange

protected void firePropertyChange(java.lang.String _propertyName,
                                  java.lang.Object _oldValue,
                                  java.lang.Object _newValue)
Fires an event to every registered listener, in any order. For the properties * 'ExternalOrientedPrivilege', 'Controlled', 'OneController', 'ExternalOriented', 'M_OwnResources', 'OneExternalResource', 'OneResource' (when one resource is created or deleted), 'OneEligibleParty', 'OneBaseObject' (Resource or EligibleParty) , 'AclEntry', 'M_OwnEligibleParties', 'OneExternalEligibleParty', 'OwnResourcesRootName', 'OwnGroupsRootName', 'OwnResourceFoldersRootName', 'OwnEPFoldersRootName', 'BridgeSources', 'BridgeTargets', 'Comment', 'OneAcsRight', 'OneNoRightProxyActor', 'TiedChildACSs', 'RootsForChildACS', 'Privileges', 'OneTypedPrivilege', 'OneLinkedPrivilege', 'OneResourceVirtualFolder', 'OneEPVirtualFolder', 'IncompleteStructureModeling'.

The listeners are proper to one ACSImpl instance, outside gBase, transient (not serialized), and they are called in any order, excepted for:

1/ The order for a Resource change is : M_OwnResources (or External), OneResource, OneBaseObject. It is the same for the EligibleParty changes.

2/ For Actors, 'OneResource' is always fired when 'OneEligibleParty' is fired, and it is fired before this event for a resource creation, and after this event for a resource deletion. 'OneBaseObject' is fired when the operation is completed, so, and it is fired always just after 'OneEligibleParty' if it is an actor creation, and always just after 'OneResource' if it is an actor deletion.

Parameters:
_propertyName - name of the bound property
_oldValue - of the property
_newValue - of the property. No operation if equal to _oldValue and if the two values are not null.

isPropertyChangeListener

public boolean isPropertyChangeListener(java.lang.String _propertyName,
                                        java.beans.PropertyChangeListener _listener)
Tests a listener and returns true if it is registered for the listening of a given bound property. Called by RightsMediatorImpl to avoid multiple registrations.

Specified by:
isPropertyChangeListener in interface ImmutableACS
Parameters:
_listener - to test
_propertyName - name of the bound property to listen
Returns:
true if _listener is registered

closeExternalAclEntries

protected final void closeExternalAclEntries(ACS _acs)
Closes all the inner AclEntries relevant to an another ACS, to avoid any failed external references at the closing of one of theses ACS. If an _acs resource or an _acs eligible party is controlled by an AclEntry of this ACS, the AclEntry is deleted after a copyForExternal has been put in l_ClosedAclEntries_. l_ClosedAclEntriesACSNames_ is updated. No action if _acs is this instance. Called by BaseManagerImpl.cutACSExternalLinks().

Parameters:
_acs - to perform. Not null.

checkClosedExternalAclEntries

protected final void checkClosedExternalAclEntries(ACS _acs)
Opens any closed external AclEntry that has both its resource, its eligible party, the first condition group and the associated ACS(s) which are currently open. If not, the resource and/or the eligible party are not set as external objects. Creates these AclEntries in their resources. Selects the right first condition group from the resource ACS or the EP ACS. If an external closed AclEntry has a Resource or an EligibleParty which has been deleted in its open ACS, the closed AclEntry is deleted. The metarights in the AclEntries are removed if they have been finalized, and else, are switched to the reference metarights in BaseManagerImpl. Called by BaseManagerImpl.restoreACSExternalLinks(). Updates l_ClosedAclEntries_ and l_ClosedAclEntriesACSNames_.

Parameters:
_acs - an open ACS

closeBridges

protected final void closeBridges(ACS _acs)
Checks if there are own actor bridge sources or bridge targets for a given ACS. They are linked through a bridge to an ACS. This method closes these links and fills up the two persistant maps of these actors. The maps are used by the method checkBridges() at the opening of the ACS, to restore the bridge links with the actors from other open ACS. Called by BaseManagerImpl.cutACSExternalLinks().

Parameters:
_acs - process the actors from this ACS

checkClosedBridges

protected final void checkClosedBridges(ACS _acs)
Checks if there are bridge targets to create when the instance or the argument is an opening ACS. If not, the closed target remains still the right ACS is opening. Note: the maps m_closedTargetsOfActorBridgeSources_ and m_closedSourcesOfActorBridgeTargets_ keep the data when an ACS or an external actor is deleted. The main difference is that m_closedSourcesOfActorBridgeTargets_ is not ridden by this method, and it simply updated when a closed source resets the bridge through addOwnActorBridgeSource(). Called by BaseManagerImpl.restoreACSExternalLinks().

Parameters:
_acs - an ACS

closeExternalLinkedPrivileges

protected final void closeExternalLinkedPrivileges(ACS _acs)
Closes all the inner linked privileges relevant to an another ACS, to avoid any failed external references at the closing of one of these ACS. If an _acs resource or an _acs virtual folder is controlled by a Privilege of this ACS, the Privilege is deleted and its copyForExternal is put in l_ClosedExternalLinkedPrivileges_. The TYPED_FOR_SEED PrivilegeForTypes are external privileges but they are never closed. l_ClosedPrivilegesACSNames_ is updated. No action if _acs is this instance. Called by BaseManagerImpl.cutACSExternalLinks().

Parameters:
_acs - to perform. Not null.

checkClosedExternalLinkedPrivileges

protected final void checkClosedExternalLinkedPrivileges(ACS _acs)
Opens any closed external linked one-to-one Privileges that has both its target, its eligible party and the associated ACS(s) which are currently open. If not, the resource and/or the eligible party are not set as external objects. Creates these Privileges in this ACS. The TYPED_FOR_SEED PrivilegeForTypes are external privileges but they are never closed and restored. If an external closed Privilege has a Target or an EligibleParty which has been deleted in its open ACS, the closed Privilege is deleted. The metarights in the Privileges are removed if they have been finalized, and else, they are switched to the reference metarights in BaseManagerImpl. Called by BaseManagerImpl.restoreACSExternalLinks(). Updates l_ClosedPrivileges_, l_ClosedPrivilegesACSNames_, externalOriented_.

Parameters:
_acs - an open ACS

closeAcsRights

protected final void closeAcsRights()
For the ACS rights, unregisters them in their metarights. The metarights are serialized without their map of acsrights, but with all the links to the upper and lower metarights. Called by BaseManagerImpl.cutACSExternalLinks().


checkClosedAcsRights

protected final void checkClosedAcsRights()
Checks if there are ACS rights to register in their respective metarights. During the import of an ACS, a deserialized metaright which is unknown is added in the BaseManager. The deserialized metarights in the rights array are not switched to their equivallent in the BaseManager, nor the deserialized metarights in the ACS constraints maps like 'AccRights'. See checkClosedExternalAclEntries() where only the metarights in AclEntries are switched. This is also true for the closed Privileges. Called by BaseManagerImpl.restoreACSExternalLinks().


fillNoRightProxyActors

protected void fillNoRightProxyActors()
Fills the ACS internal property list, after an ACS deserialization. On the contrary of getEorM_Actors(), an Actor is tested as instance, and not through Resource.getActorActivated(). Called by BaseManagerImpl.restoreACSInternalLinks(). Overridden by the AcsAddon Ubuntu.


addNoRightProxyActor

protected void addNoRightProxyActor(ImmutableActor _act)
Adds an own Actor which is not right proxy, then which is supposed to be secure and without any virus able to deliver rights to the rights users which execute these actors. Fires the event 'OneNoRightProxyActor'. Called by Actor.setIsRightProxy().

Parameters:
_act - complies the criteria

removeNoRightProxyActor

protected void removeNoRightProxyActor(ImmutableActor _act)
Removes an own Actor which is not right proxy, then which is supposed to be secure and without any virus able to deliver rights to the rights users which execute these actors. Fires the event 'OneNoRightProxyActor'. Called by Actor.setIsRightProxy().

Parameters:
_act - does not comply the criteria

closeVirtualFolders

protected void closeVirtualFolders()
Sets the VirtualFolder internal properties, before any ACS deserialization. Called by BaseManagerImpl.cutACSInternalLinks().


fillVirtualFolders

protected void fillVirtualFolders()
Sets the VirtualFolder internal properties, after any ACS deserialization. It is not necessary to call this method when closeVirtualFolders() has been called to save the ACS, since the workable properties of the VirtualFolders remains usable after closeVirtualFolders(). If the virtual folder is already restored, there is no action. Thus, BaseManagerImpl may call this method at the request of a method AcsFactoryAcsAddon.configure(). Called by BaseManagerImpl.restoreACSInternalLinks().


fillRightsOfInternalKey

protected void fillRightsOfInternalKey()
Sets the ACS rights and the metarights this ACS handles and for a given internal key value of the associated metaright. The map key is the metaright internal key. If the map is already set, there is no action. Thus, BaseManagerImpl may call this method at the request of a method AcsFactoryAcsAddon.configure(), after the ACS creation. Called by BaseManagerImpl.restoreACSInternalLinks() and valueOfForGenericBase().


handleAssociationsForRootsOfChildACS

protected void handleAssociationsForRootsOfChildACS(ACSObject _root,
                                                    boolean _opening)
Noop. This hook is there to be overriden.

May be called by AssociateUtilityImpl.add/removeAssociateActions() to update the ACS after the opening or the closing of one of its child ACS, following an association script. For instance, it should be used to make some complex works the scripts cannot do.

On the other hand, the scripts have the property to be ridden in the GUI by the advanced users of Access Road, on the contrary of this method.

Parameters:
_root - is the ACSObject of this parent ACS which is a root of a child ACS
_opening - true if this method is called for the opening of the child ACS, and false for its closing

handleAssociationsForInnerObject

protected void handleAssociationsForInnerObject(ACSObject _obj,
                                                boolean _creating)
Noop. This hook is there to be overriden.

Called by AssociateUtilityImpl.add/removeAssociateActions() to update the ACS after the creating or the deleting of one of its ACSObject, following an association script. For instance, it should be used to make some complex works the scripts cannot do.

On the other hand, the scripts have the property to be ridden in the GUI by the advanced users of Access Road, on the contrary of this method.

Parameters:
_obj - is the ACSObject of this ACS which is creating or deleting
_creating - false if _obj is finalizing

setOwnResourcesRootName

protected void setOwnResourcesRootName(ImmutableName _name)
                                throws UpDateError
Set name of the root for the ACS own resources. The current root is the first non-finalized directory without parent which has been created. So, if there is already a resource root, the only allowed operation is to nullify the root name. Called by the Directory constructor and finalizer. Fire changes on the 'OwnResourcesRootName' property.

Parameters:
_name - ImmutableName of the root for the recorded own resources in the ACS base. May be null or empty. The directory has to be already recorded in the ACS base.
Throws:
UpDateError - if the Node has a parent, or if it doesn't owned to this ACS.

setOwnGroupsRootName

protected void setOwnGroupsRootName(ImmutableName _name)
                             throws UpDateError
Set the name of the root for the ACS own groups. The current root is the first non-finalized group without parent which has been created. So, if there is already a group root, the only allowed operation is to nullify the root name. Called by the GroupImpl constructor and finalizer. Fire changes on the 'OwnGroupsRootName' property.

Parameters:
_name - of the root for the recorded own groups in the ACS base. May be null or empty. The group has to be already recorded in the ACS base.
Throws:
UpDateError - if the group has a parent, or if it doesn't owned to this ACS.

setOwnResourceFoldersRootName

protected void setOwnResourceFoldersRootName(ImmutableName _name)
                                      throws UpDateError
Sets name of the root for the ACS own resource virtual folders. The current root is the first non-finalized folder without parent which has been created. So, if there is already a resource virtual folder, the only allowed operation is to nullify the root name. Called by the VirtualFolderImpl constructor and finalizer, and by removeEorVirtualFolder(). Fire change on 'OwnResourceFoldersRootName' property.

Parameters:
_name - of the root for the recorded own resource folders in the ACS base. May be null or empty. The folder has to be already recorded in the ACS base.
Throws:
UpDateError - if the folder has a parent, or if it doesn't owned to this ACS.

setOwnEPFoldersRootName

protected void setOwnEPFoldersRootName(ImmutableName _name)
                                throws UpDateError
Sets name of the root for the ACS own eligible party virtual folders. The current root is the first non-finalized folder without parent which has been created. So, if there is already a EP virtual folder, the only allowed operation is to nullify the root name. Called by the VirtualFolderImpl constructor and finalizer, and by removeEorVirtualFolder(). Fire change on 'OwnEPFoldersRootName' property.

Parameters:
_name - of the root for the recorded own EP folders in the ACS base. May be null or empty. The folder has to be already recorded in the ACS base.
Throws:
UpDateError - if the folder has a parent, or if it doesn't owned to this ACS.

addOwnActorBridgeTarget

protected final void addOwnActorBridgeTarget(ImmutableActor _source,
                                             ImmutableActor _target)
                                      throws CreateError
Sets an own actor as a bridge target for an external actor. Fires the property event 'BridgeTargets'. Called by _source.

Parameters:
_source - is a non-null external actor which is the source
_target - is a non-null own actor which is the target
Throws:
CreateError - if a parameter is null or does not belong to the right ACS.

removeOwnActorBridgeTarget

protected final void removeOwnActorBridgeTarget(ImmutableActor _target)
                                         throws CreateError
Removes an own actor as bridge targets for one or several external actor sources. Searches in m_ActorBridgeTargets_ all the sources which have the argument as bridge target. Does not fire any property event. Called by the own BridgeTarget.finalizeForUser() and closeBridges(). Uses removeOwnActorBridgeTargetFromSource().

Parameters:
_target - non-null own actor which is a bridge target
Throws:
CreateError - if the source is null or not registered, or InternalError if the associated source is not found

removeOwnActorBridgeTargetFromSource

protected final void removeOwnActorBridgeTargetFromSource(ImmutableActor _source,
                                                          BaseObject _caller)
                                                   throws CreateError
Removes an own actor as a bridge target for an external actor source. Called by the source instance from setEorACSBridgeTarget() and finalizeForBase(), and by removeOwnActorBridgeTarget(). Calls _source.setEorACSBridgeTarget() if the caller is not the source. Does not update the _source ACS. Fires a property change 'BridgeTargets' only if the relevant own target has _source as the unique bridge source.

Parameters:
_source - non-null actor which is an axternal source (not the target!)
_caller - is used to call to the source if it is not the caller
Throws:
CreateError - if the source is null or not registered

addOwnActorBridgeSource

protected final void addOwnActorBridgeSource(ImmutableActor _actor)
                                      throws CreateError
Sets an own actor as a bridge source for an external actor. Fires the property event 'BridgeSources'. Called by _actor.setEorACSBridgeTarget().

Parameters:
_actor - non-null actor which is a source
Throws:
CreateError - if the actor does not belong to the ACS

removeOwnActorBridgeSource

protected final void removeOwnActorBridgeSource(ImmutableActor _actor)
                                         throws CreateError
Removes an own actor which is a bridge source for an external actor. Fires the property event 'BridgeSources'. Called by _actor.setEorACSBridgeTarget(). Updates m_closedTargetsOfActorBridgeSources_ and calls back getEorACSBridgeTarget() on the argument.

Parameters:
_actor - non-null actor which is a source
Throws:
CreateError - if not registered

addRootForChildACS

protected final void addRootForChildACS(ImmutableName _child,
                                        ACSObject _root)
                                 throws CreateError
Adds an ACSObject which has at least one relation with any opened child ACS, among the possible relations <ForChildAcsOpeningAndClosing>, <ForChildAcsOpeningNoClosing> and <ForChildAcsIntegrity>. These relations set that the deleting or the updating of the ACSObject will stop the child ACS or will modify its ability to run correctly. Fires the property event 'RootsForChildACS'. Called by the child ACS setAcsRelationsInIS() method.

Parameters:
_child - child ACS name
_root - from this ACS to add as root for _child. Noop if it is already known.
Throws:
CreateError - if an argument is null, _child is this ACS or if _root does not belong to this ACS

removeRootForChildACS

protected final void removeRootForChildACS(ImmutableName _child,
                                           ACSObject _root)
                                    throws CreateError
Removes an ACSObject which has no more relations with any opened child ACS, among the possible relations <ForChildAcsOpeningAndClosing>, <ForChildAcsOpeningNoClosing> and <ForChildAcsIntegrity>. These relations set that the deleting or the updating of the ACSObject will stop the child ACS or will modify its ability to run correctly. Fires the property event 'RootsForChildACS'. Called by the child ACS.finalizeForBase() method for with-closing roots. At the ACS opening, setAcsRelationsInIS() checks the deleted child ACSs for without-closing roots, and deleted them directly in the property whithout any call to this method.

Parameters:
_child - child ACS name
_root - to remove
Throws:
CreateError - if an argument is null, _child is this ACS, if _root does not belong to this ACS, or if _obj is unknown.

initializeAcsRelationsInIS

protected void initializeAcsRelationsInIS(java.util.HashMap<java.lang.String,ImmutableName> _m_isComposite,
                                          java.util.HashMap<java.lang.String,java.lang.String[]> _m_RootsForAcsOpeningAndClosing,
                                          java.util.HashMap<java.lang.String,java.lang.String[]> _m_RootsForAcsOpeningNoClosing,
                                          java.util.HashMap<java.lang.String,java.lang.String[]> _m_RootsForAcsIntegrity,
                                          java.util.HashMap<java.lang.String,java.lang.String[]> _m_SubAndGroupPolicy)
                                   throws BaseError
Sets the maps and lists describing the relations of this new ACS in the IS Name Tree. Called by ACSFactoryImpl just after the creation of the instance. Creates the roots if necessary, and updates the roots map in the parent ACS. Does not fire any property change. Calls setAcsRelationsInIS().

Parameters:
_m_isComposite - the map of the composite relations. The key is the subACS name, in one word, or the ACS name last component, and the value is the Composite name. May be null but not empty.
_m_RootsForAcsOpeningAndClosing - where the map key has the format ACS.Name..XXX which is a parent ACS name having the value XXX. The map values is a set of commands. May be null but not empty.
_m_RootsForAcsOpeningNoClosing - where the map key has the format ACS.Name..XXX which is a parent ACS name having the value XXX. The map values is a set of commands. May be null but not empty.
_m_RootsForAcsIntegrity - where the map key has the format ACS.Name..XXX which is a parent ACS name having the value XXX. The map values is a set of commands. May be null but not empty.
_m_SubAndGroupPolicy - where the map key is the subACS name, in one word, and the map value is an array which may contain the following values:

'Resources', 'UserIDs' and 'GroupIDs'. May be null but not empty.

Throws:
BaseError - from AssociateUtilityImpl or addRootForChildACS()

setAcsRelationsInIS

protected void setAcsRelationsInIS(boolean _atCreation,
                                   boolean _atImport)
                            throws BaseError
Sets the maps and lists describing the relations of this ACS in the IS Name Tree. Called by initializeAcsRelationsInIS() and by BaseManagerImpl after the opening or the importation of the ACS. Creates the roots if necessary, and updates the roots map in the parent ACS and the roots themself. Checks the child ACS roots, and deletes the without-closing roots if the child ACS has been deleted from the base. Caution: any returned ACSObject by AssociateUtilityImpl.addRootsInParentACSs() is put in the root names lists if it does not belong to this ACS. When a root command calls a method to get an argument for a next root command, it should not be such an ACSObject, to avoid to be seen as a root. The BaseErrors are not thrown during an importation, during the creation of the roots. The importation operation is not stopped by such an error, and it may deliver a partial set of roots in the parent ACS.

Does not fire any property change. Calls addRootForChildACS(), AssociateUtilityImpl.addRootsInParentACSs() and getL_AssociatesAndCalledMethods().

Parameters:
_atCreation - true at the creation or importation of the ACS, false at its opening
_atImport - true only at the importation of the ACS
Throws:
BaseError - from AssociateUtilityImpl, addRootForChildACS(), NameImpl.getNameFromString(), Resource/EligibleParty.finalizeForUser()

removeAcsController

protected final void removeAcsController(ImmutableName _ACSname)
                                  throws UpDateError
This method is called by removeEorResource() and removeEorVirtualFolder(). It takes off _ACSname into the list of Acs Controllers of this ACS, and it updates controlled_. Note: there is an ACS controllers list in Resource, but not on VirtualFolder. Fires the PropertyChange events 'OneController' and 'Controlled'.

Parameters:
_ACSname - open ACS that controls this ACS
Throws:
UpDateError - if _ACSname is unknown.

addAcsController

protected final void addAcsController(ImmutableName _ACSname)
                               throws CreateError
Called by addResource() and addVirtualFolder().

Parameters:
_ACSname - of open ACS that controls a resource of this ACS. This method is called by newEorAclEntry() from the AclEntry ACS if it is an another ACS, and by PrivilegeforLinks.addEorPrivilegeSource/TargetLink() if it is from another ACS. If _ACSName is unknown, it adds _ACSname in the list of AcsControllers, sets controlled_ to true. Fires the PropertyChange events 'OneController' and 'Controlled'.
Throws:
CreateError - if the ACS is closed (no exception if it is already known).

addInParentACS

protected final void addInParentACS(java.util.List<ImmutableName> _l_roots)
                             throws CreateError,
                                    BaseError
Adds the root properties to the parent ACS, and to the roots themself in the parent ACS. Called by setAcsRelationsInIS().

Parameters:
_l_roots - list of the roots to add in the parent ACSs
Throws:
CreateError - if the ACS is closed (no exception if it is already known).
BaseError