lib/servlet-api/javax/servlet/ServletSecurityElement.java

   1 /*
   2  * Licensed to the Apache Software Foundation (ASF) under one or more
   3  * contributor license agreements.  See the NOTICE file distributed with
   4  * this work for additional information regarding copyright ownership.
   5  * The ASF licenses this file to You under the Apache License, Version 2.0
   6  * (the "License"); you may not use this file except in compliance with
   7  * the License.  You may obtain a copy of the License at
   8  *
   9  *      http://www.apache.org/licenses/LICENSE-2.0
  10  *
  11  * Unless required by applicable law or agreed to in writing, software
  12  * distributed under the License is distributed on an "AS IS" BASIS,
  13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14  * See the License for the specific language governing permissions and
  15  * limitations under the License.
  16  */
  17 package javax.servlet;
  18
  19 import java.util.ArrayList;
  20 import java.util.Collection;
  21 import java.util.HashMap;
  22 import java.util.HashSet;
  23 import java.util.List;
  24 import java.util.Map;
  25
  26 import javax.servlet.annotation.HttpMethodConstraint;
  27 import javax.servlet.annotation.ServletSecurity;
  28
  29 /**
  30  *
  31  * @since Servlet 3.0
  32  * TODO SERVLET3 - Add comments
  33  */
  34 public class ServletSecurityElement extends HttpConstraintElement {
  35
  36     private final Map<String,HttpMethodConstraintElement> methodConstraints =
  37         new HashMap<>();
  38
  39     /**
  40      * Use default HttpConstraint.
  41      */
  42     public ServletSecurityElement() {
  43         super();
  44     }
  45
  46     /**
  47      * Use specified HttpConstraintElement.
  48      * @param httpConstraintElement
  49      */
  50     public ServletSecurityElement(HttpConstraintElement httpConstraintElement) {
  51         this (httpConstraintElement, null);
  52     }
  53
  54     /**
  55      * Use specific constraints for specified methods and default
  56      * HttpConstraintElement for all other methods.
  57      * @param httpMethodConstraints
  58      * @throws IllegalArgumentException if a method name is specified more than
  59      * once
  60      */
  61     public ServletSecurityElement(
  62             Collection<HttpMethodConstraintElement> httpMethodConstraints) {
  63         super();
  64         addHttpMethodConstraints(httpMethodConstraints);
  65     }
  66
  67
  68     /**
  69      * Use specified HttpConstraintElement as default and specific constraints
  70      * for specified methods.
  71      * @param httpConstraintElement
  72      * @param httpMethodConstraints
  73      * @throws IllegalArgumentException if a method name is specified more than
  74      */
  75     public ServletSecurityElement(HttpConstraintElement httpConstraintElement,
  76             Collection<HttpMethodConstraintElement> httpMethodConstraints) {
  77         super(httpConstraintElement.getEmptyRoleSemantic(),
  78                 httpConstraintElement.getTransportGuarantee(),
  79                 httpConstraintElement.getRolesAllowed());
  80         addHttpMethodConstraints(httpMethodConstraints);
  81     }
  82
  83     /**
  84      * Create from an annotation.
  85      * @param annotation
  86      * @throws IllegalArgumentException if a method name is specified more than
  87      */
  88     public ServletSecurityElement(ServletSecurity annotation) {
  89         this(new HttpConstraintElement(annotation.value().value(),
  90                 annotation.value().transportGuarantee(),
  91                 annotation.value().rolesAllowed()));
  92
  93         List<HttpMethodConstraintElement> l = new ArrayList<>();
  94         HttpMethodConstraint[] constraints = annotation.httpMethodConstraints();
  95         if (constraints != null) {
  96             for (int i = 0; i < constraints.length; i++) {
  97                 HttpMethodConstraintElement e =
  98                     new HttpMethodConstraintElement(constraints[i].value(),
  99                             new HttpConstraintElement(
 100                                     constraints[i].emptyRoleSemantic(),
 101                                     constraints[i].transportGuarantee(),
 102                                     constraints[i].rolesAllowed()));
 103                 l.add(e);
 104             }
 105         }
 106         addHttpMethodConstraints(l);
 107     }
 108
 109     public Collection<HttpMethodConstraintElement> getHttpMethodConstraints() {
 110         Collection<HttpMethodConstraintElement> result = new HashSet<>();
 111         result.addAll(methodConstraints.values());
 112         return result;
 113     }
 114
 115     public Collection<String> getMethodNames() {
 116         Collection<String> result = new HashSet<>();
 117         result.addAll(methodConstraints.keySet());
 118         return result;
 119     }
 120
 121     private void addHttpMethodConstraints(
 122             Collection<HttpMethodConstraintElement> httpMethodConstraints) {
 123         if (httpMethodConstraints == null) {
 124             return;
 125         }
 126         for (HttpMethodConstraintElement constraint : httpMethodConstraints) {
 127             String method = constraint.getMethodName();
 128             if (methodConstraints.containsKey(method)) {
 129                 throw new IllegalArgumentException(
 130                         "Duplicate method name: " + method);
 131             }
 132             methodConstraints.put(method, constraint);
 133         }
 134     }
 135 }