001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied.  See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019package org.apache.shiro.authz;
020
021import java.util.Collection;
022import java.util.HashSet;
023import java.util.Set;
024
025/**
026 * Simple POJO implementation of the {@link AuthorizationInfo} interface that stores roles and permissions as internal
027 * attributes.
028 *
029 * @see org.apache.shiro.realm.AuthorizingRealm
030 * @since 0.9
031 */
032public class SimpleAuthorizationInfo implements AuthorizationInfo {
033
034    /**
035     * The internal roles collection.
036     */
037    protected Set<String> roles;
038
039    /**
040     * Collection of all string-based permissions associated with the account.
041     */
042    protected Set<String> stringPermissions;
043
044    /**
045     * Collection of all object-based permissions associaed with the account.
046     */
047    protected Set<Permission> objectPermissions;
048
049    /**
050     * Default no-argument constructor.
051     */
052    public SimpleAuthorizationInfo() {
053    }
054
055    /**
056     * Creates a new instance with the specified roles and no permissions.
057     * @param roles the roles assigned to the realm account.
058     */
059    public SimpleAuthorizationInfo(Set<String> roles) {
060        this.roles = roles;
061    }
062
063    public Set<String> getRoles() {
064        return roles;
065    }
066
067    /**
068     * Sets the roles assigned to the account.
069     * @param roles the roles assigned to the account.
070     */
071    public void setRoles(Set<String> roles) {
072        this.roles = roles;
073    }
074
075    /**
076     * Adds (assigns) a role to those associated with the account.  If the account doesn't yet have any roles, a
077     * new roles collection (a Set) will be created automatically.
078     * @param role the role to add to those associated with the account.
079     */
080    public void addRole(String role) {
081        if (this.roles == null) {
082            this.roles = new HashSet<String>();
083        }
084        this.roles.add(role);
085    }
086
087    /**
088     * Adds (assigns) multiple roles to those associated with the account.  If the account doesn't yet have any roles, a
089     * new roles collection (a Set) will be created automatically.
090     * @param roles the roles to add to those associated with the account.
091     */
092    public void addRoles(Collection<String> roles) {
093        if (this.roles == null) {
094            this.roles = new HashSet<String>();
095        }
096        this.roles.addAll(roles);
097    }
098
099    public Set<String> getStringPermissions() {
100        return stringPermissions;
101    }
102
103    /**
104     * Sets the string-based permissions assigned directly to the account.  The permissions set here, in addition to any
105     * {@link #getObjectPermissions() object permissions} constitute the total permissions assigned directly to the
106     * account.
107     *
108     * @param stringPermissions the string-based permissions assigned directly to the account.
109     */
110    public void setStringPermissions(Set<String> stringPermissions) {
111        this.stringPermissions = stringPermissions;
112    }
113
114    /**
115     * Adds (assigns) a permission to those directly associated with the account.  If the account doesn't yet have any
116     * direct permissions, a new permission collection (a Set&lt;String&gt;) will be created automatically.
117     * @param permission the permission to add to those directly assigned to the account.
118     */
119    public void addStringPermission(String permission) {
120        if (this.stringPermissions == null) {
121            this.stringPermissions = new HashSet<String>();
122        }
123        this.stringPermissions.add(permission);
124    }
125
126    /**
127     * Adds (assigns) multiple permissions to those associated directly with the account.  If the account doesn't yet
128     * have any string-based permissions, a  new permissions collection (a Set&lt;String&gt;) will be created automatically.
129     * @param permissions the permissions to add to those associated directly with the account.
130     */
131    public void addStringPermissions(Collection<String> permissions) {
132        if (this.stringPermissions == null) {
133            this.stringPermissions = new HashSet<String>();
134        }
135        this.stringPermissions.addAll(permissions);
136    }
137
138    public Set<Permission> getObjectPermissions() {
139        return objectPermissions;
140    }
141
142    /**
143     * Sets the object-based permissions assigned directly to the account.  The permissions set here, in addition to any
144     * {@link #getStringPermissions() string permissions} constitute the total permissions assigned directly to the
145     * account.
146     *
147     * @param objectPermissions the object-based permissions assigned directly to the account.
148     */
149    public void setObjectPermissions(Set<Permission> objectPermissions) {
150        this.objectPermissions = objectPermissions;
151    }
152
153    /**
154     * Adds (assigns) a permission to those directly associated with the account.  If the account doesn't yet have any
155     * direct permissions, a new permission collection (a Set&lt;{@link Permission Permission}&gt;) will be created automatically.
156     * @param permission the permission to add to those directly assigned to the account.
157     */
158    public void addObjectPermission(Permission permission) {
159        if (this.objectPermissions == null) {
160            this.objectPermissions = new HashSet<Permission>();
161        }
162        this.objectPermissions.add(permission);
163    }
164
165    /**
166     * Adds (assigns) multiple permissions to those associated directly with the account.  If the account doesn't yet
167     * have any object-based permissions, a  new permissions collection (a Set&lt;{@link Permission Permission}&gt;)
168     * will be created automatically.
169     * @param permissions the permissions to add to those associated directly with the account.
170     */
171    public void addObjectPermissions(Collection<Permission> permissions) {
172        if (this.objectPermissions == null) {
173            this.objectPermissions = new HashSet<Permission>();
174        }
175        this.objectPermissions.addAll(permissions);
176    }
177}