From 459a3095c452b9d046376cd3ecdd93b28d11a18c Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Thu, 30 Apr 2009 07:58:53 +0000 Subject: [PATCH] SEC-1041: Applied patch with minor modifications - introduces permission constructor which sets pattern "on" code to '*' as a default. --- .../security/acls/AclFormattingUtils.java | 20 ++++++++++--------- .../security/acls/Permission.java | 11 +++++----- .../acls/domain/AbstractPermission.java | 20 ++++++++++++++++--- .../security/acls/domain/BasePermission.java | 4 ++++ 4 files changed, 38 insertions(+), 17 deletions(-) diff --git a/acl/src/main/java/org/springframework/security/acls/AclFormattingUtils.java b/acl/src/main/java/org/springframework/security/acls/AclFormattingUtils.java index 4680086f32..7536c00ca8 100644 --- a/acl/src/main/java/org/springframework/security/acls/AclFormattingUtils.java +++ b/acl/src/main/java/org/springframework/security/acls/AclFormattingUtils.java @@ -63,17 +63,11 @@ public abstract class AclFormattingUtils { return new String(replacement); } - private static String printBinary(int i, char on, char off) { - String s = Integer.toString(i, 2); - String pattern = Permission.THIRTY_TWO_RESERVED_OFF; - String temp2 = pattern.substring(0, pattern.length() - s.length()) + s; - - return temp2.replace('0', off).replace('1', on); - } - /** * Returns a representation of the active bits in the presented mask, with each active bit being denoted by - * character "".

Inactive bits will be denoted by character {@link Permission#RESERVED_OFF}.

+ * character '*'. + *

+ * Inactive bits will be denoted by character {@link Permission#RESERVED_OFF}. * * @param i the integer bit mask to print the active bits for * @@ -102,4 +96,12 @@ public abstract class AclFormattingUtils { return printBinary(mask, Permission.RESERVED_ON, Permission.RESERVED_OFF).replace(Permission.RESERVED_ON, code); } + + private static String printBinary(int i, char on, char off) { + String s = Integer.toString(i, 2); + String pattern = Permission.THIRTY_TWO_RESERVED_OFF; + String temp2 = pattern.substring(0, pattern.length() - s.length()) + s; + + return temp2.replace('0', off).replace('1', on); + } } diff --git a/acl/src/main/java/org/springframework/security/acls/Permission.java b/acl/src/main/java/org/springframework/security/acls/Permission.java index 53e6bb5dbe..003f4a5493 100644 --- a/acl/src/main/java/org/springframework/security/acls/Permission.java +++ b/acl/src/main/java/org/springframework/security/acls/Permission.java @@ -17,7 +17,7 @@ package org.springframework.security.acls; import java.io.Serializable; /** - * Represents a permission granted to a {@link org.springframework.security.acls.sid.Sid Sid} for a given domain object. + * Represents a permission granted to a Sid for a given domain object. * * @author Ben Alex * @version $Id$ @@ -46,10 +46,11 @@ public interface Permission extends Serializable { * {@link #RESERVED_OFF} which is used to denote a bit that is off (clear). * Implementations may also elect to use {@link #RESERVED_ON} internally for computation purposes, * although this method may not return any String containing {@link #RESERVED_ON}. - *

- *

The returned String must be 32 characters in length.

- *

This method is only used for user interface and logging purposes. It is not used in any permission - * calculations. Therefore, duplication of characters within the output is permitted.

+ *

+ * The returned String must be 32 characters in length. + *

+ * This method is only used for user interface and logging purposes. It is not used in any permission + * calculations. Therefore, duplication of characters within the output is permitted. * * @return a 32-character bit pattern */ diff --git a/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java b/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java index 480f52489d..ebc7440a0e 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java @@ -5,11 +5,9 @@ import org.springframework.security.acls.Permission; /** * Provides an abstract superclass for {@link Permission} implementations. - * + * * @author Ben Alex * @since 2.0.3 - * @see AbstractRegisteredPermission - * */ public abstract class AbstractPermission implements Permission { @@ -19,7 +17,23 @@ public abstract class AbstractPermission implements Permission { protected int mask; //~ Constructors =================================================================================================== + /** + * Sets the permission mask and uses the '*' character to represent active bits when represented as a bit + * pattern string. + * + * @param mask the integer bit mask for the permission + */ + protected AbstractPermission(int mask) { + this.mask = mask; + this.code = '*'; + } + /** + * Sets the permission mask and uses the specified character for active bits. + * + * @param mask the integer bit mask for the permission + * @param code the character to print for each active bit in the mask (see {@link Permission#getPattern()}) + */ protected AbstractPermission(int mask, char code) { this.mask = mask; this.code = code; diff --git a/acl/src/main/java/org/springframework/security/acls/domain/BasePermission.java b/acl/src/main/java/org/springframework/security/acls/domain/BasePermission.java index 21611cb3ac..c3128d9a55 100644 --- a/acl/src/main/java/org/springframework/security/acls/domain/BasePermission.java +++ b/acl/src/main/java/org/springframework/security/acls/domain/BasePermission.java @@ -44,6 +44,10 @@ public class BasePermission extends AbstractPermission { static { registerPermissionsFor(BasePermission.class); } + + protected BasePermission(int mask) { + super(mask); + } protected BasePermission(int mask, char code) { super(mask, code);