From fea33de67b8452f6671b513abcfb1d205e9a5b5f Mon Sep 17 00:00:00 2001
From: "lucio.lelii" <lucio.lelii@isti.cnr.it>
Date: Mon, 2 May 2016 16:43:26 +0000
Subject: [PATCH] git-svn-id:
 http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-library@128415
 82a268e6-3cf1-43bd-a215-b396298e98cf

---
 .../policies/Service2ServicePolicy.java       | 10 +-
 .../library/policies/ServiceAccess.java       | 36 +++----
 .../library/policies/ServiceEntity.java       | 96 +++++++++++++++++++
 .../library/policies/Services.java            | 18 ++++
 .../library/policies/SerializationTest.java   |  3 +-
 5 files changed, 134 insertions(+), 29 deletions(-)
 create mode 100644 src/main/java/org/gcube/common/authorization/library/policies/ServiceEntity.java
 create mode 100644 src/main/java/org/gcube/common/authorization/library/policies/Services.java

diff --git a/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java b/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java
index 738cf34..cd92c6e 100644
--- a/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java
+++ b/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java
@@ -8,7 +8,7 @@ import javax.xml.bind.annotation.XmlRootElement;
 @XmlAccessorType(XmlAccessType.FIELD)
 public class Service2ServicePolicy extends Policy{
 	
-	private ServiceAccess client;
+	private ServiceEntity client;
 	private String context;
 	private ServiceAccess serviceAccess;
 	private Action mode = Action.ALL;
@@ -16,14 +16,14 @@ public class Service2ServicePolicy extends Policy{
 	protected Service2ServicePolicy(){}
 	
 	public Service2ServicePolicy(String context, ServiceAccess serviceAccess,
-			ServiceAccess client) {
+			ServiceEntity client) {
 		this.context = context;
 		this.serviceAccess = serviceAccess;
 		this.client = client;
 	}
 	
 	public Service2ServicePolicy(String context, ServiceAccess serviceAccess,
-			ServiceAccess client, Action mode) {
+			ServiceEntity client, Action mode) {
 		this(context, serviceAccess, client);
 		this.mode = mode;
 	}
@@ -35,10 +35,10 @@ public class Service2ServicePolicy extends Policy{
 
 	@Override
 	public String getPolicyAsString() {
-		return this.context+","+serviceAccess.getAsString()+","+serviceAccess.getAsString()+","+mode.toString();
+		return this.context+","+serviceAccess.getAsString()+","+client.getAsString()+","+mode.toString();
 	}
 
-	public ServiceAccess getClient() {
+	public ServiceEntity getClient() {
 		return client;
 	}
 
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/ServiceAccess.java b/src/main/java/org/gcube/common/authorization/library/policies/ServiceAccess.java
index b205957..c172946 100644
--- a/src/main/java/org/gcube/common/authorization/library/policies/ServiceAccess.java
+++ b/src/main/java/org/gcube/common/authorization/library/policies/ServiceAccess.java
@@ -32,15 +32,18 @@ public class ServiceAccess {
 		this(name, serviceClass);
 		this.serviceId = serviceId;
 	}
-
-	/*
-	public ServiceAccess(String name, String serviceClass, String serviceId,
-			HashMap<String, String> serviceSpecificPolices) {
-		this(name, serviceClass, serviceId);
-		this.serviceSpecificPolices = serviceSpecificPolices;
-	}*/
-	
 	
+	public boolean isSubsetOf(ServiceAccess access){
+		if (this.equals(access)) return true;
+		if (access.getServiceClass()==null) return true;
+		
+		if (access.getServiceClass().equals(this.serviceClass)){
+			if (access.getName()==null) return true;
+			if (access.getName().equals(this.name) && access.getServiceId()==null) 
+				return true;
+		} 
+		return false;
+	}
 	
 	public String getAsString(){
 		if (serviceClass == null)
@@ -73,18 +76,6 @@ public class ServiceAccess {
 	public String getServiceId() {
 		return serviceId;
 	}
-
-	public boolean isSubsetOf(ServiceAccess access){
-		if (this.equals(access)) return true;
-		if (access.getServiceClass()==null) return true;
-		
-		if (access.getServiceClass().equals(this.serviceClass)){
-			if (access.getName()==null) return true;
-			if (access.getName().equals(this.name) && access.getServiceId()==null) 
-				return true;
-		} 
-		return false;
-	}
 	
 	@Override
 	public int hashCode() {
@@ -136,9 +127,8 @@ public class ServiceAccess {
 
 	@Override
 	public String toString() {
-		return "ServiceAccess ["+getAsString()+"]";
+		return getAsString();
 	}
-		
-	
+
 	
 }
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/ServiceEntity.java b/src/main/java/org/gcube/common/authorization/library/policies/ServiceEntity.java
new file mode 100644
index 0000000..9138bd4
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/policies/ServiceEntity.java
@@ -0,0 +1,96 @@
+package org.gcube.common.authorization.library.policies;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class ServiceEntity {
+
+	private ServiceAccess service = null;
+
+	private List<ServiceAccess> excludes = null;
+
+	@SuppressWarnings("unused")
+	private ServiceEntity() {}
+
+	protected ServiceEntity(ServiceAccess service) {
+		if (service==null) throw new IllegalArgumentException("serviceAccess cannot be null");
+		this.service = service;
+	}
+
+	protected ServiceEntity(List<ServiceAccess> excludes) {
+		if (excludes==null || excludes.isEmpty()) throw new IllegalArgumentException("list of excludes cannot be empty");
+		List<ServiceAccess> newExcludes = new ArrayList<ServiceAccess>();
+		check:
+			for (ServiceAccess sa: excludes){
+				if (sa.getClass()==null) throw new IllegalArgumentException("excluding all services to a deny policy is illegal");
+				for (ServiceAccess alreadySaved : newExcludes)
+					if (sa.isSubsetOf(alreadySaved))
+						break check;
+				newExcludes.add(sa);
+			}
+
+		this.excludes = newExcludes;
+	}
+
+	public ServiceAccess getService() {
+		return service;
+	}
+
+	public List<ServiceAccess> getExcludes() {
+		return Collections.unmodifiableList(excludes);
+	}
+	
+	@Override
+	public int hashCode() {
+		final int prime = 31;
+		int result = 1;
+		result = prime * result
+				+ ((excludes == null) ? 0 : excludes.hashCode());
+		result = prime * result + ((service == null) ? 0 : service.hashCode());
+		return result;
+	}
+
+	@Override
+	public boolean equals(Object obj) {
+		if (this == obj)
+			return true;
+		if (obj == null)
+			return false;
+		if (getClass() != obj.getClass())
+			return false;
+		ServiceEntity other = (ServiceEntity) obj;
+		if (excludes == null) {
+			if (other.excludes != null)
+				return false;
+		} else if (!excludes.equals(other.excludes))
+			return false;
+		if (service == null) {
+			if (other.service != null)
+				return false;
+		} else if (!service.equals(other.service))
+			return false;
+		return true;
+	}
+
+	@Override
+	public String toString() {
+		if (service!=null)
+			return "ServiceEntity [service=" + service + "]";
+		return "ServiceEntity [ allExcept : " + excludes+ "]";
+	}
+	
+	public String getAsString() {
+		if (service!=null)
+			return service.getAsString();
+		else return "allExcept"+ excludes;
+	}
+	
+
+}
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/Services.java b/src/main/java/org/gcube/common/authorization/library/policies/Services.java
new file mode 100644
index 0000000..7fc5c85
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/policies/Services.java
@@ -0,0 +1,18 @@
+package org.gcube.common.authorization.library.policies;
+
+import java.util.Arrays;
+
+public class Services {
+
+	public static ServiceEntity all(){
+		return new ServiceEntity(new ServiceAccess());
+	}
+	
+	public static ServiceEntity specialized(ServiceAccess serviceAccess){
+		return new ServiceEntity(serviceAccess);
+	}
+	
+	public static ServiceEntity allExcept(ServiceAccess ... serviceAccesses){
+		return new ServiceEntity(Arrays.asList(serviceAccesses));
+	}
+}
diff --git a/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java b/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java
index acebc21..791a5e2 100644
--- a/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java
+++ b/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java
@@ -30,7 +30,8 @@ public class SerializationTest {
 	
 	@Test
 	public void serializeServicePolicy() throws Exception{
-		Service2ServicePolicy sp = new Service2ServicePolicy("/gcube", new ServiceAccess("ServiceName","ServiceClass"),new ServiceAccess("ServiceName2", "ServiceClass2"));
+		Service2ServicePolicy sp = new Service2ServicePolicy("/gcube", new ServiceAccess("ServiceName","ServiceClass"),
+				Services.allExcept(new ServiceAccess("ServiceName2", "ServiceClass2"),new ServiceAccess("ServiceClass2")));
 		StringWriter sw = new StringWriter();
 		context.createMarshaller().marshal(sp, sw);
 		Service2ServicePolicy spCopy = (Service2ServicePolicy)context.createUnmarshaller().unmarshal(new StringReader(sw.toString()));