WrapperPolicy.java

/* (c) 2014 Open Source Geospatial Foundation - all rights reserved
 * (c) 2001 - 2013 OpenPlans
 * This code is licensed under the GPL 2.0 license, available at the root
 * application directory.
 */
package org.geoserver.security;

import java.io.Serializable;


/** 
 * The combination of access level granted and response policy (lists only possible cases)
 */
public class WrapperPolicy implements Serializable, Comparable<WrapperPolicy> {
    private static final long serialVersionUID = -7490634837165130290L;
    
    // TODO: turn these into private fields
    public final AccessLevel level; // needed, depends on catalog mode and request type
    public final Response response; // needed, by catalog mode
    public final AccessLimits limits;
    
    public static final WrapperPolicy hide(AccessLimits limits) {
        return new WrapperPolicy(AccessLevel.HIDDEN, Response.HIDE, limits);
    }
    
    public static final WrapperPolicy metadata(AccessLimits limits) {
        return new WrapperPolicy(AccessLevel.METADATA, Response.CHALLENGE, limits);
    }
    
    public static final WrapperPolicy readOnlyChallenge(AccessLimits limits) {
        return new WrapperPolicy(AccessLevel.READ_ONLY, Response.CHALLENGE, limits);
    }
    
    public static final WrapperPolicy readOnlyHide(AccessLimits limits) {
        return new WrapperPolicy(AccessLevel.READ_ONLY, Response.HIDE, limits);
    }
    
    public static final WrapperPolicy readWrite(AccessLimits limits) {
        return new WrapperPolicy(AccessLevel.READ_WRITE, Response.HIDE, limits);
    }

    WrapperPolicy(AccessLevel level, Response response, AccessLimits limits) {
        this.level = level;
        this.response = response;
        this.limits = limits;
    }
    
    public Response getResponse() {
        return response;
    }
    
    public AccessLimits getLimits() {
        return limits;
    }
    
    public AccessLevel getAccessLevel() {
        return level;
    }
    
    public boolean isHide() {
        return level == AccessLevel.HIDDEN && response == Response.HIDE;
    }
    
    public boolean isMetadata() {
        return level == AccessLevel.METADATA && response == Response.CHALLENGE;
    }
    
    public boolean isReadOnlyChallenge() {
        return level == AccessLevel.READ_ONLY && response == Response.CHALLENGE;
    }
    
    public boolean isReadOnlyHide() {
        return level == AccessLevel.READ_ONLY && response == Response.HIDE;
    }
    
    public boolean isReadWrite() {
        return level == AccessLevel.READ_ONLY && response == Response.CHALLENGE;
    }

    /**
     * Sorts wrapper policies from more to less restrictive limits.
     * <p>
     * That is, first comparison order is {@link #getAccessLevel() getAccessLevel() ==}
     * {@link AccessLevel#HIDDEN HIDDEN}/{@link AccessLevel#METADATA METADATA}/
     * {@link AccessLevel#READ_ONLY READ_ONLY}/{@link AccessLevel#READ_WRITE READ_WRITE}.
     * <p>
     * Second comparison criteria is {@link AccessLimits#getMode() getLimits().getMode()}
     * {@code == } {@link CatalogMode#HIDE HIDE}/ {@link CatalogMode#CHALLENGE CHALLENGE}/
     * {@link CatalogMode#MIXED MIXED}/{@link #getLimits() getLimits() == null} (i.e. no limits)
     * 
     * @see java.lang.Comparable#compareTo(java.lang.Object)
     */
    @Override
    public int compareTo(WrapperPolicy w) {
        int levelComparison = getAccessLevel().compareTo(w.getAccessLevel());
        if(levelComparison != 0){
            return levelComparison;
        }
        CatalogMode myLimits = getLimits() == null ? null : getLimits().getMode();
        CatalogMode theirLimits = w.getLimits() == null ? null : w.getLimits().getMode();
        
        return myLimits == null ? (theirLimits == null ? 0 : 1) : (theirLimits == null ? -1
                : myLimits.compareTo(theirLimits));
    }
    
    @Override
    public String toString() {
        return "WrapperPolicy [level=" + level + ", response=" + response + ", limits=" + limits
                + "]";
    }

}