source: fedd/abac-src/ttg/process/ACPolicy.java @ df783c1

package com.nailabs.abac.process;

import java.util.*;
import edu.stanford.peer.rbtm.credential.*;

/**
 * Access control policy for credentials. The policy can be queried using the 
 * <code>requires</code> method with a specific credential. 
 */
public class ACPolicy implements java.io.Serializable {
    /** Implicitly allow access if there is no relevant policy */
    public static final Role TRUE = null;

    /** Internal hash table for policy storage */
    private HashMap accessControl = null;

    /** Default constructor with a non-resstrictive policy */
    public ACPolicy() {
        accessControl = new HashMap();
    }

    /** Accessor for all the access control policy keys */
    public Vector getProtectedCredentials() { 
        return new Vector(accessControl.keySet()); 
    }

    /** 
     * Useful for forward discovery. 
     * @return a set of all roles which satisfy the AC policy requirements
     */
    public Vector getRequiredRoles() {
        return new Vector(accessControl.values());
    }

    /** Adds a single policy atom from String parameters. */
    public void addACFact(String cred, String expr) 
        throws CredentialParsingException {
        addACFact(new StaticCredential(cred), 
             StaticCredential.getEntityExpression(expr));
    }

    /** Adds a single policy atom. */
    public void addACFact(Credential key, EntityExpression expr) {
        accessControl.put(key, expr);
    }

    /** Query the policy to determine the required role for a credential */
    public EntityExpression requires(Credential resource) {
        return (EntityExpression)accessControl.get(resource);
    }

    /** Returns the underlying storage data structure in a printable format */
    public String toString() {
        if(accessControl == null)
            return null;
        else 
            return accessControl.toString();
    }

}