001    /*
002     * Licensed to the Apache Software Foundation (ASF) under one
003     * or more contributor license agreements.  See the NOTICE file
004     * distributed with this work for additional information
005     * regarding copyright ownership.  The ASF licenses this file
006     * to you under the Apache License, Version 2.0 (the
007     * "License"); you may not use this file except in compliance
008     * with the License.  You may obtain a copy of the License at
009     *
010     *     http://www.apache.org/licenses/LICENSE-2.0
011     *
012     * Unless required by applicable law or agreed to in writing,
013     * software distributed under the License is distributed on an
014     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     * KIND, either express or implied.  See the License for the
016     * specific language governing permissions and limitations
017     * under the License.
018     */
019    package org.apache.shiro.authz;
020    
021    import java.util.Collection;
022    import java.util.HashSet;
023    import java.util.Set;
024    
025    /**
026     * Simple POJO implementation of the {@link AuthorizationInfo} interface that stores roles and permissions as internal
027     * attributes.
028     *
029     * @see org.apache.shiro.realm.AuthorizingRealm
030     * @since 0.9
031     * @author Jeremy Haile
032     * @author Les Hazlewood
033     */
034    public class SimpleAuthorizationInfo implements AuthorizationInfo {
035    
036        /**
037         * The internal roles collection.
038         */
039        protected Set<String> roles;
040    
041        /**
042         * Collection of all string-based permissions associated with the account.
043         */
044        protected Set<String> stringPermissions;
045    
046        /**
047         * Collection of all object-based permissions associaed with the account.
048         */
049        protected Set<Permission> objectPermissions;
050    
051        /**
052         * Default no-argument constructor.
053         */
054        public SimpleAuthorizationInfo() {
055        }
056    
057        /**
058         * Creates a new instance with the specified roles and no permissions.
059         * @param roles the roles assigned to the realm account.
060         */
061        public SimpleAuthorizationInfo(Set<String> roles) {
062            this.roles = roles;
063        }
064    
065        public Set<String> getRoles() {
066            return roles;
067        }
068    
069        /**
070         * Sets the roles assigned to the account.
071         * @param roles the roles assigned to the account.
072         */
073        public void setRoles(Set<String> roles) {
074            this.roles = roles;
075        }
076    
077        /**
078         * Adds (assigns) a role to those associated with the account.  If the account doesn't yet have any roles, a
079         * new roles collection (a Set) will be created automatically.
080         * @param role the role to add to those associated with the account.
081         */
082        public void addRole(String role) {
083            if (this.roles == null) {
084                this.roles = new HashSet<String>();
085            }
086            this.roles.add(role);
087        }
088    
089        /**
090         * Adds (assigns) multiple roles to those associated with the account.  If the account doesn't yet have any roles, a
091         * new roles collection (a Set) will be created automatically.
092         * @param roles the roles to add to those associated with the account.
093         */
094        public void addRoles(Collection<String> roles) {
095            if (this.roles == null) {
096                this.roles = new HashSet<String>();
097            }
098            this.roles.addAll(roles);
099        }
100    
101        public Set<String> getStringPermissions() {
102            return stringPermissions;
103        }
104    
105        /**
106         * Sets the string-based permissions assigned directly to the account.  The permissions set here, in addition to any
107         * {@link #getObjectPermissions() object permissions} constitute the total permissions assigned directly to the
108         * account.
109         *
110         * @param stringPermissions the string-based permissions assigned directly to the account.
111         */
112        public void setStringPermissions(Set<String> stringPermissions) {
113            this.stringPermissions = stringPermissions;
114        }
115    
116        /**
117         * Adds (assigns) a permission to those directly associated with the account.  If the account doesn't yet have any
118         * direct permissions, a new permission collection (a Set&lt;String&gt;) will be created automatically.
119         * @param permission the permission to add to those directly assigned to the account.
120         */
121        public void addStringPermission(String permission) {
122            if (this.stringPermissions == null) {
123                this.stringPermissions = new HashSet<String>();
124            }
125            this.stringPermissions.add(permission);
126        }
127    
128        /**
129         * Adds (assigns) multiple permissions to those associated directly with the account.  If the account doesn't yet
130         * have any string-based permissions, a  new permissions collection (a Set&lt;String&gt;) will be created automatically.
131         * @param permissions the permissions to add to those associated directly with the account.
132         */
133        public void addStringPermissions(Collection<String> permissions) {
134            if (this.stringPermissions == null) {
135                this.stringPermissions = new HashSet<String>();
136            }
137            this.stringPermissions.addAll(permissions);
138        }
139    
140        public Set<Permission> getObjectPermissions() {
141            return objectPermissions;
142        }
143    
144        /**
145         * Sets the object-based permissions assigned directly to the account.  The permissions set here, in addition to any
146         * {@link #getStringPermissions() string permissions} constitute the total permissions assigned directly to the
147         * account.
148         *
149         * @param objectPermissions the object-based permissions assigned directly to the account.
150         */
151        public void setObjectPermissions(Set<Permission> objectPermissions) {
152            this.objectPermissions = objectPermissions;
153        }
154    
155        /**
156         * Adds (assigns) a permission to those directly associated with the account.  If the account doesn't yet have any
157         * direct permissions, a new permission collection (a Set&lt;{@link Permission Permission}&gt;) will be created automatically.
158         * @param permission the permission to add to those directly assigned to the account.
159         */
160        public void addObjectPermission(Permission permission) {
161            if (this.objectPermissions == null) {
162                this.objectPermissions = new HashSet<Permission>();
163            }
164            this.objectPermissions.add(permission);
165        }
166    
167        /**
168         * Adds (assigns) multiple permissions to those associated directly with the account.  If the account doesn't yet
169         * have any object-based permissions, a  new permissions collection (a Set&lt;{@link Permission Permission}&gt;)
170         * will be created automatically.
171         * @param permissions the permissions to add to those associated directly with the account.
172         */
173        public void addObjectPermissions(Collection<Permission> permissions) {
174            if (this.objectPermissions == null) {
175                this.objectPermissions = new HashSet<Permission>();
176            }
177            this.objectPermissions.addAll(permissions);
178        }
179    }