Ec2ErnBuilder.java example

Explorer
eucalyptus-master
- clc
  - modules
/*************************************************************************
 * Copyright 2009-2015 Eucalyptus Systems, Inc.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; version 3 of the License.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see http://www.gnu.org/licenses/.
 *
 * Please contact Eucalyptus Systems, Inc., 6755 Hollister Ave., Goleta
 * CA 93117, USA or visit http://www.eucalyptus.com/licenses/ if you need
 * additional information or have any questions.
 ************************************************************************/
package com.eucalyptus.compute.common.policy;

import java.util.Collections;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import com.eucalyptus.auth.policy.PolicySpec;
import com.eucalyptus.auth.policy.ern.AddressUtil;
import com.eucalyptus.auth.policy.ern.Ern;
import com.eucalyptus.auth.policy.ern.ServiceErnBuilder;
import net.sf.json.JSONException;

/**
 *
 */
public class Ec2ErnBuilder extends ServiceErnBuilder {

  public static final Pattern RESOURCE_PATTERN = Pattern.compile( "([a-z0-9_-]+)/(\\S+)" );

  public static final int ARN_PATTERNGROUP_EC2_TYPE = 1;
  public static final int ARN_PATTERNGROUP_EC2_ID = 2;

  public Ec2ErnBuilder( ) {
    super( Collections.singleton( "ec2" ) );
  }

  @Override
  public Ern build( final String ern,
                    final String service,
                    final String region,
                    final String account,
                    final String resource ) throws JSONException {
    final Matcher matcher = RESOURCE_PATTERN.matcher( resource );
    if ( matcher.matches( ) ) {
      String type = matcher.group( ARN_PATTERNGROUP_EC2_TYPE ).toLowerCase( );
      if ( !PolicySpec.EC2_RESOURCES.contains( type ) ) {
        throw new JSONException( "EC2 type '" + type + "' is not supported" );
      }
      String id = matcher.group( ARN_PATTERNGROUP_EC2_ID ).toLowerCase( );
      if ( PolicySpec.EC2_RESOURCE_ADDRESS.equals( type ) ) {
        AddressUtil.validateAddressRange( id );
      }
      // allow for pre-v4.1 type names
      if ( "keypair".equals( type ) ) {
        type = PolicySpec.EC2_RESOURCE_KEYPAIR;
      } else if ( "securitygroup".equals( type ) ) {
        type = PolicySpec.EC2_RESOURCE_SECURITYGROUP;
      }
      return new Ec2ResourceName( region, account, type, id );
    }
    throw new JSONException( "'" + ern + "' is not a valid ARN" );
  }
}