001/* 002 * CDDL HEADER START 003 * 004 * The contents of this file are subject to the terms of the 005 * Common Development and Distribution License, Version 1.0 only 006 * (the "License"). You may not use this file except in compliance 007 * with the License. 008 * 009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt 010 * or http://forgerock.org/license/CDDLv1.0.html. 011 * See the License for the specific language governing permissions 012 * and limitations under the License. 013 * 014 * When distributing Covered Code, include this CDDL HEADER in each 015 * file and include the License file at legal-notices/CDDLv1_0.txt. 016 * If applicable, add the following below this CDDL HEADER, with the 017 * fields enclosed by brackets "[]" replaced with your own identifying 018 * information: 019 * Portions Copyright [yyyy] [name of copyright owner] 020 * 021 * CDDL HEADER END 022 * 023 * 024 * Copyright 2008 Sun Microsystems, Inc. 025 * Portions Copyright 2013-2015 ForgeRock AS 026 */ 027package org.opends.server.authorization.dseecompat; 028 029import org.forgerock.i18n.LocalizableMessage; 030import static org.opends.messages.AccessControlMessages.*; 031 032/** 033 * The class represents the ssf keyword in a bind rule.SSF stands for 034 * security strength factor. 035 */ 036public class SSF implements KeywordBindRule { 037 038 /** Enumeration representing the bind rule operation type. */ 039 private EnumBindRuleType type; 040 041 private static final int MAX_KEY_BITS=1024; 042 private int ssf; 043 044 private SSF(int ssf, EnumBindRuleType type) { 045 this.ssf = ssf; 046 this.type = type; 047 } 048 049 /** 050 * Create SSF instance using the specified expression string and bind rule 051 * type enumeration. 052 * @param expr The expression string. 053 * @param type The bind rule type enumeration. 054 * @return A SSF instance. 055 * @throws AciException If the SSF instance cannot be created. 056 */ 057 static SSF decode(String expr, EnumBindRuleType type) throws AciException { 058 int valueAsInt = 0; 059 try { 060 valueAsInt = Integer.parseInt(expr); 061 } catch (NumberFormatException nfe) { 062 LocalizableMessage message = 063 WARN_ACI_SYNTAX_INVALID_SSF_FORMAT.get(expr, nfe.getMessage()); 064 throw new AciException(message); 065 } 066 if (valueAsInt <= 0 || valueAsInt > MAX_KEY_BITS) { 067 LocalizableMessage message = WARN_ACI_SYNTAX_INVALID_SSF_RANGE.get(expr); 068 throw new AciException(message); 069 } 070 return new SSF(valueAsInt, type); 071 } 072 073 /** 074 * Evaluate the specified evaluation context. 075 * @param evalCtx The evaluation context to evaluate. 076 * 077 * @return An evaluation result enumeration containing the result of the 078 * context evaluation. 079 */ 080 public EnumEvalResult evaluate(AciEvalContext evalCtx) { 081 int currentSSF = evalCtx.getCurrentSSF(); 082 EnumEvalResult matched = getMatched(currentSSF); 083 return matched.getRet(type, false); 084 } 085 086 private EnumEvalResult getMatched(int currentSSF) { 087 switch (type) { 088 case EQUAL_BINDRULE_TYPE: 089 case NOT_EQUAL_BINDRULE_TYPE: 090 if (currentSSF == ssf) { 091 return EnumEvalResult.TRUE; 092 } 093 break; 094 095 case LESS_OR_EQUAL_BINDRULE_TYPE: 096 if (currentSSF <= ssf) { 097 return EnumEvalResult.TRUE; 098 } 099 break; 100 101 case LESS_BINDRULE_TYPE: 102 if (currentSSF < ssf) { 103 return EnumEvalResult.TRUE; 104 } 105 break; 106 107 case GREATER_OR_EQUAL_BINDRULE_TYPE: 108 if (currentSSF >= ssf) { 109 return EnumEvalResult.TRUE; 110 } 111 break; 112 113 case GREATER_BINDRULE_TYPE: 114 if (currentSSF > ssf) { 115 return EnumEvalResult.TRUE; 116 } 117 } 118 return EnumEvalResult.FALSE; 119 } 120 121 /** {@inheritDoc} */ 122 @Override 123 public String toString() 124 { 125 final StringBuilder sb = new StringBuilder(); 126 toString(sb); 127 return sb.toString(); 128 } 129 130 /** {@inheritDoc} */ 131 @Override 132 public final void toString(StringBuilder buffer) 133 { 134 buffer.append(super.toString()); 135 } 136 137}