001    /*
002     * Licensed to the Apache Software Foundation (ASF) under one
003     * or more contributor license agreements.  See the NOTICE file
004     * distributed with this work for additional information
005     * regarding copyright ownership.  The ASF licenses this file
006     * to you under the Apache License, Version 2.0 (the
007     * "License"); you may not use this file except in compliance
008     * with the License.  You may obtain a copy of the License at
009     *
010     *     http://www.apache.org/licenses/LICENSE-2.0
011     *
012     * Unless required by applicable law or agreed to in writing,
013     * software distributed under the License is distributed on an
014     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     * KIND, either express or implied.  See the License for the
016     * specific language governing permissions and limitations
017     * under the License.
018     */
019    package org.apache.shiro.authz;
020    
021    import java.util.Collection;
022    import java.util.HashSet;
023    import java.util.Set;
024    
025    /**
026     * Simple POJO implementation of the {@link AuthorizationInfo} interface that stores roles and permissions as internal
027     * attributes.
028     *
029     * @see org.apache.shiro.realm.AuthorizingRealm
030     * @since 0.9
031     */
032    public class SimpleAuthorizationInfo implements AuthorizationInfo {
033    
034        /**
035         * The internal roles collection.
036         */
037        protected Set<String> roles;
038    
039        /**
040         * Collection of all string-based permissions associated with the account.
041         */
042        protected Set<String> stringPermissions;
043    
044        /**
045         * Collection of all object-based permissions associaed with the account.
046         */
047        protected Set<Permission> objectPermissions;
048    
049        /**
050         * Default no-argument constructor.
051         */
052        public SimpleAuthorizationInfo() {
053        }
054    
055        /**
056         * Creates a new instance with the specified roles and no permissions.
057         * @param roles the roles assigned to the realm account.
058         */
059        public SimpleAuthorizationInfo(Set<String> roles) {
060            this.roles = roles;
061        }
062    
063        public Set<String> getRoles() {
064            return roles;
065        }
066    
067        /**
068         * Sets the roles assigned to the account.
069         * @param roles the roles assigned to the account.
070         */
071        public void setRoles(Set<String> roles) {
072            this.roles = roles;
073        }
074    
075        /**
076         * Adds (assigns) a role to those associated with the account.  If the account doesn't yet have any roles, a
077         * new roles collection (a Set) will be created automatically.
078         * @param role the role to add to those associated with the account.
079         */
080        public void addRole(String role) {
081            if (this.roles == null) {
082                this.roles = new HashSet<String>();
083            }
084            this.roles.add(role);
085        }
086    
087        /**
088         * Adds (assigns) multiple roles to those associated with the account.  If the account doesn't yet have any roles, a
089         * new roles collection (a Set) will be created automatically.
090         * @param roles the roles to add to those associated with the account.
091         */
092        public void addRoles(Collection<String> roles) {
093            if (this.roles == null) {
094                this.roles = new HashSet<String>();
095            }
096            this.roles.addAll(roles);
097        }
098    
099        public Set<String> getStringPermissions() {
100            return stringPermissions;
101        }
102    
103        /**
104         * Sets the string-based permissions assigned directly to the account.  The permissions set here, in addition to any
105         * {@link #getObjectPermissions() object permissions} constitute the total permissions assigned directly to the
106         * account.
107         *
108         * @param stringPermissions the string-based permissions assigned directly to the account.
109         */
110        public void setStringPermissions(Set<String> stringPermissions) {
111            this.stringPermissions = stringPermissions;
112        }
113    
114        /**
115         * Adds (assigns) a permission to those directly associated with the account.  If the account doesn't yet have any
116         * direct permissions, a new permission collection (a Set&lt;String&gt;) will be created automatically.
117         * @param permission the permission to add to those directly assigned to the account.
118         */
119        public void addStringPermission(String permission) {
120            if (this.stringPermissions == null) {
121                this.stringPermissions = new HashSet<String>();
122            }
123            this.stringPermissions.add(permission);
124        }
125    
126        /**
127         * Adds (assigns) multiple permissions to those associated directly with the account.  If the account doesn't yet
128         * have any string-based permissions, a  new permissions collection (a Set&lt;String&gt;) will be created automatically.
129         * @param permissions the permissions to add to those associated directly with the account.
130         */
131        public void addStringPermissions(Collection<String> permissions) {
132            if (this.stringPermissions == null) {
133                this.stringPermissions = new HashSet<String>();
134            }
135            this.stringPermissions.addAll(permissions);
136        }
137    
138        public Set<Permission> getObjectPermissions() {
139            return objectPermissions;
140        }
141    
142        /**
143         * Sets the object-based permissions assigned directly to the account.  The permissions set here, in addition to any
144         * {@link #getStringPermissions() string permissions} constitute the total permissions assigned directly to the
145         * account.
146         *
147         * @param objectPermissions the object-based permissions assigned directly to the account.
148         */
149        public void setObjectPermissions(Set<Permission> objectPermissions) {
150            this.objectPermissions = objectPermissions;
151        }
152    
153        /**
154         * Adds (assigns) a permission to those directly associated with the account.  If the account doesn't yet have any
155         * direct permissions, a new permission collection (a Set&lt;{@link Permission Permission}&gt;) will be created automatically.
156         * @param permission the permission to add to those directly assigned to the account.
157         */
158        public void addObjectPermission(Permission permission) {
159            if (this.objectPermissions == null) {
160                this.objectPermissions = new HashSet<Permission>();
161            }
162            this.objectPermissions.add(permission);
163        }
164    
165        /**
166         * Adds (assigns) multiple permissions to those associated directly with the account.  If the account doesn't yet
167         * have any object-based permissions, a  new permissions collection (a Set&lt;{@link Permission Permission}&gt;)
168         * will be created automatically.
169         * @param permissions the permissions to add to those associated directly with the account.
170         */
171        public void addObjectPermissions(Collection<Permission> permissions) {
172            if (this.objectPermissions == null) {
173                this.objectPermissions = new HashSet<Permission>();
174            }
175            this.objectPermissions.addAll(permissions);
176        }
177    }