RoleSet.java example

Explorer
GeoprocessingAppstore-master
- src
/* See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * Esri Inc. licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.esri.gpt.framework.security.principal;
import com.esri.gpt.framework.collection.StringSet;
import com.esri.gpt.framework.security.identity.NotAuthorizedException;

/**
 * Maintains a set of role keys.
 * <p>
 * The intent is to use this set for quick evaluation of
 * authorization constraints.
 * <p>
 * Each value in the collection is a String. Null values are ignored. 
 * Values are trimmed, zero-length Strings are ignored. The set is 
 * unique and is not case sensitive.
 */
public class RoleSet extends StringSet {

// class variables =============================================================

// instance variables ==========================================================

// constructors ================================================================

/** Default constructor. */
public RoleSet() {
  super(false,false,true);
}

// properties ==================================================================

// methods =====================================================================

/**
 * Asserts that the current user has a required role.
 * <br/>If the user does not have the required role, a
 * NotAuthorizedException exception is thrown.
 * @param roleKey the key associated with the required role
 * @throws NotAuthorizedException if the user does not have a required role
 */
public void assertRole(String roleKey) throws NotAuthorizedException {
  if (!hasRole(roleKey)) {
    throw new NotAuthorizedException("Not authorized.");
  }
}

/**
 * Asserts that the current user has at least one of
 * the roles specified in the supplied role set.
 * <br/>If the user does not have the required role, a
 * NotAuthorizedException exception is thrown.
 * @param roleSet the set of roles to check
 * @throws NotAuthorizedException if the user does not have a required role
 */
public void assertRole(RoleSet roleSet) throws NotAuthorizedException {
  if (!hasRole(roleSet)) {
    throw new NotAuthorizedException("Not authorized.");
  }
}

/**
 * Determines if this set has a specified role.
 * @param roleKey the key associated with the role to check
 */
public boolean hasRole(String roleKey) {
  return contains(roleKey);
}

/**
 * Determines if the current set has at least one of
 * the roles specified in the supplied role set.
 * @param roleSet the set of roles to check
 */
public boolean hasRole(RoleSet roleSet) {
  boolean bHasRole = false;
  for (String sKey: roleSet) {
    if (hasRole(sKey)) {
      bHasRole = true;
      break;
    }
  }
  return bHasRole;
}

}