You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2005/09/16 23:21:19 UTC
svn commit: r289653 - in /directory/shared/ldap/trunk/common/src:
antlr/ACIItem.g java/org/apache/ldap/common/acl/ACIItemParser.java
test/org/apache/ldap/common/acl/ACIItemParserTest.java
Author: akarasulu
Date: Fri Sep 16 14:21:13 2005
New Revision: 289653
URL: http://svn.apache.org/viewcvs?rev=289653&view=rev
Log:
Applying Ersin Er's patch to the ACIItem parser from DIRLDAP-54 here:
http://issues.apache.org/jira/browse/DIRLDAP-54
Modified:
directory/shared/ldap/trunk/common/src/antlr/ACIItem.g
directory/shared/ldap/trunk/common/src/java/org/apache/ldap/common/acl/ACIItemParser.java
directory/shared/ldap/trunk/common/src/test/org/apache/ldap/common/acl/ACIItemParserTest.java
Modified: directory/shared/ldap/trunk/common/src/antlr/ACIItem.g
URL: http://svn.apache.org/viewcvs/directory/shared/ldap/trunk/common/src/antlr/ACIItem.g?rev=289653&r1=289652&r2=289653&view=diff
==============================================================================
--- directory/shared/ldap/trunk/common/src/antlr/ACIItem.g (original)
+++ directory/shared/ldap/trunk/common/src/antlr/ACIItem.g Fri Sep 16 14:21:13 2005
@@ -3,7 +3,7 @@
/*
* Copyright 2005 The Apache Software Foundation
*
- * Licensed under the Apache License, Version 2.0 (the "License");
+ * Licensed under the Apache License, Version 2.0 (the "License" );
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
@@ -26,6 +26,8 @@
import java.util.Set;
import java.util.Enumeration;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.BasicAttribute;
import javax.naming.Name;
import javax.naming.NamingException;
@@ -36,8 +38,10 @@
import org.apache.ldap.common.filter.LeafNode;
import org.apache.ldap.common.filter.SimpleNode;
import org.apache.ldap.common.name.DnParser;
+import org.apache.ldap.common.name.NameComponentNormalizer;
import org.apache.ldap.common.subtree.SubtreeSpecification;
import org.apache.ldap.common.subtree.SubtreeSpecificationModifier;
+import org.apache.ldap.common.util.NamespaceTools;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -86,31 +90,57 @@
{
private static final Logger log = LoggerFactory.getLogger( AntlrACIItemParser.class );
- private final DnParser dnParser = createDnParser();
+ // subordinate parser instances
+ private DnParser dnParser;
private final FilterParserImpl filterParser = new FilterParserImpl();
-
- private SubtreeSpecificationModifier ssModifier = null;
- // these Sets will be instantiated for each
+ private boolean isNormalizing = false;
+ NameComponentNormalizer normalizer;
+
+ // nonshared global data needed to avoid extensive pass/return stuff
+ // these are only used by three first order components
+ private String m_identificationTag;
+ private AuthenticationLevel m_authenticationLevel;
+ private int m_aciPrecedence;
+
+ // shared global data needed to avoid extensive pass/return stuff
+ private Set m_protectedItems;
+ private Set m_userClasses;
+ private Set m_itemPermissions;
+ private int m_precedence;
+ private Set m_grantsAndDenials;
+ private Set m_userPermissions;
+
private Set chopBeforeExclusions;
private Set chopAfterExclusions;
-
-
+ private SubtreeSpecificationModifier ssModifier = null;
+
+ private ACIItem m_ACIItem = null;
+
+
/**
- * Creates a subordinate DnParser for parsing Names.
+ * Creates a (normalizing) subordinate DnParser for parsing Names.
+ * This method MUST be called for each instance while we cannot do
+ * constructor overloading for this class.
*
* @return the DnParser to be used for parsing Names
*/
- private DnParser createDnParser()
+ public void init()
{
- // TODO : WE MAY NEED A NORMALIZING PARSER
try
{
- return new DnParser();
+ if( isNormalizing )
+ {
+ dnParser = new DnParser( normalizer );
+ }
+ else
+ {
+ dnParser = new DnParser();
+ }
}
catch ( NamingException e )
{
- String msg = "Failed to initialize the subordinate DnParser for this AntlrSubtreeSpecificationParser";
+ String msg = "Failed to initialize the subordinate DnParser for this AntlrACIItemParser";
// We throw a NPE since this variable cannot be null for proper operation
// so we can catch the null pointer before the dnParser is even used.
@@ -119,6 +149,15 @@
}
}
+ /**
+ * Sets the NameComponentNormalizer for this parser's dnParser.
+ */
+ public void setNormalizer(NameComponentNormalizer normalizer)
+ {
+ this.normalizer = normalizer;
+ this.isNormalizing = true;
+ }
+
private int token2Integer( Token token ) throws RecognitionException
{
int i = 0;
@@ -129,9 +168,9 @@
}
catch ( NumberFormatException e )
{
- throw new RecognitionException("Value of INTEGER token " +
- token.getText() +
- " cannot be converted to an Integer");
+ throw new RecognitionException( "Value of INTEGER token " +
+ token.getText() +
+ " cannot be converted to an Integer" );
}
return i;
@@ -143,17 +182,19 @@
// parser productions
// ----------------------------------------------------------------------------
-wrapperEntryPoint
+wrapperEntryPoint returns [ ACIItem l_ACIItem ]
{
log.debug( "entered wrapperEntryPoint()" );
+ l_ACIItem = null;
}
:
- theACIItem EOF
+ ( SP )* l_ACIItem=theACIItem ( SP )* EOF
;
-theACIItem
+theACIItem returns [ ACIItem l_ACIItem ]
{
log.debug( "entered theACIItem()" );
+ l_ACIItem = null;
}
:
OPEN_CURLY
@@ -162,6 +203,9 @@
SEP ( SP )* aci_authenticationLevel ( SP )*
SEP ( SP )* aci_itemOrUserFirst ( SP )*
CLOSE_CURLY
+ {
+ l_ACIItem = m_ACIItem;
+ }
;
aci_identificationTag
@@ -169,7 +213,10 @@
log.debug( "entered aci_identificationTag()" );
}
:
- ID_identificationTag ( SP )+ SAFEUTF8STRING
+ ID_identificationTag ( SP )+ token:SAFEUTF8STRING
+ {
+ m_identificationTag = token.getText();
+ }
;
aci_precedence
@@ -177,21 +224,23 @@
log.debug( "entered aci_precedence()" );
}
:
- ID_precedence ( SP )+ precedence
+ precedence
+ {
+ m_aciPrecedence = m_precedence;
+ }
;
-precedence returns [ int prec ]
+precedence
{
log.debug( "entered precedence()" );
- prec = 0;
}
:
- token:INTEGER
+ ID_precedence ( SP )+ token:INTEGER
{
- prec = token2Integer( token );
- if( prec < 0 || prec > 255 )
+ m_precedence = token2Integer( token );
+ if( m_precedence < 0 || m_precedence > 255 )
{
- throw new RecognitionException( "Expecting INTEGER token having value between 0 and 255, found " + prec );
+ throw new RecognitionException( "Expecting INTEGER token having an Integer value between 0 and 255, found " + m_precedence );
}
}
;
@@ -209,83 +258,25 @@
log.debug( "entered authenticationLevel()" );
}
:
- basicLevels // | other // the "other" component can be omitted for LDAP ACI
- ;
-
-basicLevels
-{
- log.debug( "entered basicLevels()" );
-}
- :
- ID_basicLevels ( SP )* COLON ( SP )*
- OPEN_CURLY ( SP )*
- level (SP)* level_follower
- CLOSE_CURLY
- ;
-
-level
-{
- log.debug( "entered level()" );
-}
- :
- ID_level ( SP )+
- ( ID_none
- | ID_simple
- | ID_strong
- )
- ;
-
-level_follower
-{
- log.debug( "entered level_follower()" );
-}
- :
- ( SEP (SP)* localQualifier_signed ) ?
- ;
-
-localQualifier_signed
-{
- log.debug( "entered localQualifier_signed()" );
-}
- :
- ID_localQualifier (SP)+ token:INTEGER (SP)* signed_e
+ ID_none
{
- token2Integer( token );
+ m_authenticationLevel = AuthenticationLevel.NONE;
+ }
+ |
+ ID_simple
+ {
+ m_authenticationLevel = AuthenticationLevel.SIMPLE;
+ }
+ |
+ ID_strong
+ {
+ m_authenticationLevel = AuthenticationLevel.STRONG;
}
- | signed
- ;
-
-signed_e
-{
- log.debug( "entered signed_e()" );
-}
- : ( SEP (SP)* signed )?
- ;
-
-signed
-{
- log.debug( "entered signed()" );
-}
- :
- ID_signed (SP)+ booleanValue (SP)*
- ;
-
-booleanValue
-{
- log.debug( "entered booleanValue()" );
-}
- :
- ID_FALSE | ID_TRUE
;
-//other
-// :
-// token:EXTERNAL // !!! See RFC 3642 for ABNF grammar !!!
-// ;
-
aci_itemOrUserFirst
{
- log.debug("entered aci_itemOrUserFirst()");
+ log.debug( "entered aci_itemOrUserFirst()" );
}
:
ID_itemOrUserFirst ( SP )+ itemOrUserFirst
@@ -293,7 +284,7 @@
itemOrUserFirst
{
- log.debug("entered itemOrUserFirst()");
+ log.debug( "entered itemOrUserFirst()" );
}
:
itemFirst | userFirst
@@ -301,292 +292,357 @@
itemFirst
{
- log.debug("entered itemFirst()");
+ log.debug( "entered itemFirst()" );
}
:
- ID_itemFirst COLON
+ ID_itemFirst ( SP )* COLON ( SP )*
OPEN_CURLY ( SP )*
- protectedItems
+ protectedItems ( SP )*
SEP ( SP )* itemPermissions
( SP )* CLOSE_CURLY
+ {
+ m_ACIItem = new ItemFirstACIItem(
+ m_identificationTag,
+ m_precedence,
+ m_authenticationLevel,
+ m_protectedItems,
+ m_itemPermissions );
+ }
;
userFirst
{
- log.debug("entered userFirst()");
+ log.debug( "entered userFirst()" );
}
:
- ID_userFirst COLON
- OPEN_CURLY
- ( SP )* userClasses
+ ID_userFirst ( SP )* COLON ( SP )*
+ OPEN_CURLY ( SP )*
+ userClasses ( SP )*
SEP ( SP )* userPermissions
( SP )* CLOSE_CURLY
+ {
+ m_ACIItem = new UserFirstACIItem(
+ m_identificationTag,
+ m_aciPrecedence,
+ m_authenticationLevel,
+ m_userClasses,
+ m_userPermissions );
+ }
;
protectedItems
{
- log.debug("entered protectedItems()");
+ log.debug( "entered protectedItems()" );
+ m_protectedItems = new HashSet();
}
:
ID_protectedItems ( SP )*
- OPEN_CURLY (SP)*
+ OPEN_CURLY ( SP )*
(
- ( entry entry_follower
- | allUserAttributeTypes allUserAttributeTypes_follower
- | attributeType attributeType_follower
- | allAttributeValues allAttributeValues_follower
- | allUserAttributeTypesAndValues allUserAttributeTypesAndValues_follower
- | attributeValue attributeValue_follower
- | selfValue selfValue_follower
- | rangeOfValues rangeOfValues_follower
- | maxValueCount maxValueCount_follower
- | maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- // LDAP does not have contexts
- // contexts
- classes
+ ( entry ( SP )* entry_follower
+ | allUserAttributeTypes ( SP )* allUserAttributeTypes_follower
+ | attributeType ( SP )* attributeType_follower
+ | allAttributeValues ( SP )* allAttributeValues_follower
+ | allUserAttributeTypesAndValues ( SP )* allUserAttributeTypesAndValues_follower
+ | attributeValue ( SP )* attributeValue_follower
+ | selfValue ( SP )* selfValue_follower
+ | rangeOfValues ( SP )* rangeOfValues_follower
+ | maxValueCount ( SP )* maxValueCount_follower
+ | maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
- ( SP )*
)?
- CLOSE_CURLY
+ CLOSE_CURLY
;
entry_follower
+{
+ log.debug( "entered entry_follower()" );
+}
:
( SEP ( SP )*
- (
- allUserAttributeTypes allUserAttributeTypes_follower
- | attributeType attributeType_follower
- | allAttributeValues allAttributeValues_follower
- | allUserAttributeTypesAndValues allUserAttributeTypesAndValues_follower
- | attributeValue attributeValue_follower
- | selfValue selfValue_follower
- | rangeOfValues rangeOfValues_follower
- | maxValueCount maxValueCount_follower
- | maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- | classes
+ ( allUserAttributeTypes ( SP )* allUserAttributeTypes_follower
+ | attributeType ( SP )* attributeType_follower
+ | allAttributeValues ( SP )* allAttributeValues_follower
+ | allUserAttributeTypesAndValues ( SP )* allUserAttributeTypesAndValues_follower
+ | attributeValue ( SP )* attributeValue_follower
+ | selfValue ( SP )* selfValue_follower
+ | rangeOfValues ( SP )* rangeOfValues_follower
+ | maxValueCount ( SP )* maxValueCount_follower
+ | maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
allUserAttributeTypes_follower
+{
+ log.debug( "entered allUserAttributeTypes_follower()" );
+}
:
- ( SEP ( SP )*
- (
- attributeType attributeType_follower
- | allAttributeValues allAttributeValues_follower
- | allUserAttributeTypesAndValues allUserAttributeTypesAndValues_follower
- | attributeValue attributeValue_follower
- | selfValue selfValue_follower
- | rangeOfValues rangeOfValues_follower
- | maxValueCount maxValueCount_follower
- | maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- | classes
+ ( SEP ( SP )*
+ ( attributeType ( SP )* attributeType_follower
+ | allAttributeValues ( SP )* allAttributeValues_follower
+ | allUserAttributeTypesAndValues ( SP )* allUserAttributeTypesAndValues_follower
+ | attributeValue ( SP )* attributeValue_follower
+ | selfValue ( SP )* selfValue_follower
+ | rangeOfValues ( SP )* rangeOfValues_follower
+ | maxValueCount ( SP )* maxValueCount_follower
+ | maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
attributeType_follower
+{
+ log.debug( "entered attributeType_follower()" );
+}
:
( SEP ( SP )*
- (
- allAttributeValues allAttributeValues_follower
- | allUserAttributeTypesAndValues allUserAttributeTypesAndValues_follower
- | attributeValue attributeValue_follower
- | selfValue selfValue_follower
- | rangeOfValues rangeOfValues_follower
- | maxValueCount maxValueCount_follower
- | maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- | classes
+ ( allAttributeValues ( SP )* allAttributeValues_follower
+ | allUserAttributeTypesAndValues ( SP )* allUserAttributeTypesAndValues_follower
+ | attributeValue ( SP )* attributeValue_follower
+ | selfValue ( SP )* selfValue_follower
+ | rangeOfValues ( SP )* rangeOfValues_follower
+ | maxValueCount ( SP )* maxValueCount_follower
+ | maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
allAttributeValues_follower
+{
+ log.debug( "entered allAttributeValues_follower()" );
+}
:
( SEP ( SP )*
- (
- allUserAttributeTypesAndValues allUserAttributeTypesAndValues_follower
- | attributeValue attributeValue_follower
- | selfValue selfValue_follower
- | rangeOfValues rangeOfValues_follower
- | maxValueCount maxValueCount_follower
- | maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- | classes
+ ( allUserAttributeTypesAndValues ( SP )* allUserAttributeTypesAndValues_follower
+ | attributeValue ( SP )* attributeValue_follower
+ | selfValue ( SP )* selfValue_follower
+ | rangeOfValues ( SP )* rangeOfValues_follower
+ | maxValueCount ( SP )* maxValueCount_follower
+ | maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
allUserAttributeTypesAndValues_follower
+{
+ log.debug( "entered allUserAttributeTypesAndValues_follower()" );
+}
:
( SEP ( SP )*
- (
- attributeValue attributeValue_follower
- | selfValue selfValue_follower
- | rangeOfValues rangeOfValues_follower
- | maxValueCount maxValueCount_follower
- | maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- | classes
+ ( attributeValue ( SP )* attributeValue_follower
+ | selfValue ( SP )* selfValue_follower
+ | rangeOfValues ( SP )* rangeOfValues_follower
+ | maxValueCount ( SP )* maxValueCount_follower
+ | maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
attributeValue_follower
+{
+ log.debug( "entered attributeValue_follower()" );
+}
:
( SEP ( SP )*
- (
- selfValue selfValue_follower
- | rangeOfValues rangeOfValues_follower
- | maxValueCount maxValueCount_follower
- | maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- | classes
+ ( selfValue ( SP )* selfValue_follower
+ | rangeOfValues ( SP )* rangeOfValues_follower
+ | maxValueCount ( SP )* maxValueCount_follower
+ | maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
selfValue_follower
+{
+ log.debug( "entered selfValue_follower()" );
+}
:
( SEP ( SP )*
- (
- rangeOfValues rangeOfValues_follower
- | maxValueCount maxValueCount_follower
- | maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- | classes
+ ( rangeOfValues ( SP )* rangeOfValues_follower
+ | maxValueCount ( SP )* maxValueCount_follower
+ | maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
rangeOfValues_follower
+{
+ log.debug( "entered rangeOfValues_follower()" );
+}
:
( SEP ( SP )*
- (
- maxValueCount maxValueCount_follower
- | maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- | classes
+ ( maxValueCount ( SP )* maxValueCount_follower
+ | maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
maxValueCount_follower
+{
+ log.debug( "entered maxValueCount_follower()" );
+}
:
( SEP ( SP )*
- (
- maxImmSub maxImmSub_follower
- | restrictedBy restrictedBy_follower
- | classes
+ ( maxImmSub ( SP )* maxImmSub_follower
+ | restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
maxImmSub_follower
+{
+ log.debug( "entered maxImmSub_follower()" );
+}
:
( SEP ( SP )*
- (
- restrictedBy restrictedBy_follower
- | classes
+ ( restrictedBy ( SP )* restrictedBy_follower
+ | classes ( SP )*
)
)?
;
restrictedBy_follower
+{
+ log.debug( "entered restrictedBy_follower()" );
+}
:
( SEP ( SP )*
- (
- classes
- )
+ classes ( SP )*
)?
;
entry
{
- log.debug("entered entry()");
+ log.debug( "entered entry()" );
}
:
ID_entry
+ {
+ m_protectedItems.add( ProtectedItem.ENTRY );
+ }
;
allUserAttributeTypes
{
- log.debug("entered allUserAttributeTypes()");
+ log.debug( "entered allUserAttributeTypes()" );
}
:
ID_allUserAttributeTypes
+ {
+ m_protectedItems.add( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES );
+ }
;
attributeType
{
- log.debug("entered attributeType()");
+ log.debug( "entered attributeType()" );
+ Set l_attributeTypeSet = null;
}
:
- ID_attributeType ( SP )+ attributeTypeSet
+ ID_attributeType ( SP )+ l_attributeTypeSet=attributeTypeSet
+ {
+ m_protectedItems.add( new ProtectedItem.AttributeType( l_attributeTypeSet ) );
+ }
;
allAttributeValues
{
- log.debug("entered allAttributeValues()");
+ log.debug( "entered allAttributeValues()" );
+ Set l_attributeTypeSet = null;
}
:
- ID_allAttributeValues ( SP )+ attributeTypeSet
+ ID_allAttributeValues ( SP )+ l_attributeTypeSet=attributeTypeSet
+ {
+ m_protectedItems.add( new ProtectedItem.AllAttributeValues( l_attributeTypeSet ) );
+ }
;
allUserAttributeTypesAndValues
{
- log.debug("entered allUserAttributeTypesAndValues()");
+ log.debug( "entered allUserAttributeTypesAndValues()" );
}
:
ID_allUserAttributeTypesAndValues
+ {
+ m_protectedItems.add( ProtectedItem.ALL_USER_ATTRIBUTE_TYPES_AND_VALUES );
+ }
;
attributeValue
{
- log.debug("entered attributeValue()");
+ log.debug( "entered attributeValue()" );
+ String attributeTypeAndValue = null;
+ String attributeType = null;
+ String attributeValue = null;
+ Set attributeSet = new HashSet();
}
:
token:ATTRIBUTE_VALUE_CANDIDATE // ate the identifier for subordinate dn parser workaround
{
// A Dn can be considered as a set of attributeTypeAndValues
// So, parse the set as a Dn and extract each attributeTypeAndValue
- Name attributeTypeAnvValueSetAsDn = dnParser.parse( token.getText() );
- Enumeration attributeTypeandValueSet = attributeTypeAnvValueSetAsDn.getAll();
- String attributeTypeandValue = null;
- while (attributeTypeandValueSet.hasMoreElements())
+ Name attributeTypeAndValueSetAsDn = dnParser.parse( token.getText() );
+ Enumeration attributeTypeAndValueSet = attributeTypeAndValueSetAsDn.getAll();
+ while ( attributeTypeAndValueSet.hasMoreElements() )
{
- attributeTypeandValue = ( String ) attributeTypeandValueSet.nextElement();
- log.debug( "An attributeTypeAndValue from the set: " + attributeTypeandValue );
+ attributeTypeAndValue = ( String ) attributeTypeAndValueSet.nextElement();
+ attributeType = NamespaceTools.getRdnAttribute( attributeTypeAndValue );
+ attributeValue = NamespaceTools.getRdnValue( attributeTypeAndValue );
+ attributeSet.add( new BasicAttribute( attributeType, attributeValue ) );
+ log.debug( "An attributeTypeAndValue from the set: " + attributeType + "=" + attributeValue);
}
+ m_protectedItems.add( new ProtectedItem.AttributeValue( attributeSet ) );
}
;
exception
catch [Exception e]
{
- throw new RecognitionException( "dnParser failed. " + e.getMessage() );
+ throw new RecognitionException( "dnParser failed for " + token.getText() + " , " + e.getMessage() );
}
selfValue
{
- log.debug("entered selfValue()");
+ log.debug( "entered selfValue()" );
+ Set l_attributeTypeSet = null;
}
:
- ID_selfValue ( SP )+ attributeTypeSet
+ ID_selfValue ( SP )+ l_attributeTypeSet=attributeTypeSet
+ {
+ m_protectedItems.add( new ProtectedItem.SelfValue( l_attributeTypeSet ) );
+ }
;
-rangeOfValues returns [ ExprNode node ]
+rangeOfValues
{
- log.debug("entered rangeOfValues()");
- node = null;
+ log.debug( "entered rangeOfValues()" );
}
:
token:RANGE_OF_VALUES_CANDIDATE
{
- node = filterParser.parse( token.getText() );
+ m_protectedItems.add(
+ new ProtectedItem.RangeOfValues(
+ filterParser.parse( token.getText() ) ) );
+ log.debug( "filterParser parsed " + token.getText() );
}
;
exception
@@ -597,321 +653,442 @@
maxValueCount
{
- log.debug("entered maxValueCount()");
+ log.debug( "entered maxValueCount()" );
+ ProtectedItem.MaxValueCountItem l_maxValueCount = null;
+ Set maxValueCountSet = new HashSet();
}
:
ID_maxValueCount ( SP )+
OPEN_CURLY ( SP )*
- aMaxValueCount ( SP )*
- ( SEP ( SP )* aMaxValueCount ( SP )* )*
+ l_maxValueCount=aMaxValueCount ( SP )*
+ {
+ maxValueCountSet.add( l_maxValueCount );
+ }
+ ( SEP ( SP )* l_maxValueCount=aMaxValueCount ( SP )*
+ {
+ maxValueCountSet.add( l_maxValueCount );
+ }
+ )*
CLOSE_CURLY
+ {
+ m_protectedItems.add( new ProtectedItem.MaxValueCount( maxValueCountSet ) );
+ }
;
-aMaxValueCount
+aMaxValueCount returns [ ProtectedItem.MaxValueCountItem l_maxValueCount ]
{
- log.debug("entered aMaxValueCount()");
+ log.debug( "entered aMaxValueCount()" );
+ l_maxValueCount = null;
+ String l_oid = null;
}
:
OPEN_CURLY ( SP )*
- ID_type ( SP )+ oid ( SP )* SEP ( SP )*
+ ID_type ( SP )+ l_oid=oid ( SP )* SEP ( SP )*
ID_maxCount ( SP )+ token:INTEGER
- {
- token2Integer( token );
- }
( SP )* CLOSE_CURLY
+ {
+ l_maxValueCount = new ProtectedItem.MaxValueCountItem( l_oid, token2Integer( token ) );
+ }
;
maxImmSub
{
- log.debug("entered maxImmSub()");
+ log.debug( "entered maxImmSub()" );
}
:
ID_maxImmSub ( SP )+ token:INTEGER
{
- token2Integer( token );
+
+ m_protectedItems.add(
+ new ProtectedItem.MaxImmSub(
+ token2Integer( token ) ) );
+
}
;
restrictedBy
{
- log.debug("entered restrictedBy()");
+ log.debug( "entered restrictedBy()" );
+ ProtectedItem.RestrictedByItem l_restrictedValue = null;
+ Set l_restrictedBy = new HashSet();
}
:
ID_restrictedBy ( SP )+
- OPEN_CURLY ( SP )*
- restrictedValue ( SP )*
- ( SEP ( SP )* restrictedValue ( SP )* )*
- CLOSE_CURLY
+ OPEN_CURLY ( SP )*
+ l_restrictedValue=restrictedValue ( SP )*
+ {
+ l_restrictedBy.add( l_restrictedValue );
+ }
+ ( SEP ( SP )* l_restrictedValue=restrictedValue ( SP )*
+ {
+ l_restrictedBy.add( l_restrictedValue );
+ }
+ )*
+ CLOSE_CURLY
+ {
+ m_protectedItems.add( new ProtectedItem.RestrictedBy( l_restrictedBy ) );
+ }
;
-restrictedValue
+restrictedValue returns [ ProtectedItem.RestrictedByItem l_restrictedValue ]
{
- log.debug("entered restrictedValue()");
+ log.debug( "entered restrictedValue()" );
+ String typeOid = null;
+ String valuesInOid = null;
+ l_restrictedValue = null;
}
:
OPEN_CURLY ( SP )*
- ID_type ( SP )+ oid ( SP )* SEP ( SP )*
- ID_valuesIn ( SP )+ oid
+ ID_type ( SP )+ typeOid=oid ( SP )* SEP ( SP )*
+ ID_valuesIn ( SP )+ valuesInOid=oid
( SP )* CLOSE_CURLY
+ {
+ l_restrictedValue = new ProtectedItem.RestrictedByItem( typeOid, valuesInOid );
+ }
;
-attributeTypeSet
+attributeTypeSet returns [ Set l_attributeTypeSet ]
{
- log.debug("entered attributeTypeSet()");
+ log.debug( "entered attributeTypeSet()" );
+ String l_oid = null;
+ l_attributeTypeSet = new HashSet();
}
:
- OPEN_CURLY (SP)*
- oid (SP)*
- ( SEP (SP)* oid (SP)* )*
- CLOSE_CURLY
+ OPEN_CURLY ( SP )*
+ l_oid=oid ( SP )*
+ {
+ l_attributeTypeSet.add( l_oid );
+ }
+ ( SEP ( SP )* l_oid=oid ( SP )*
+ {
+ l_attributeTypeSet.add( l_oid );
+ }
+ )*
+ CLOSE_CURLY
;
classes
{
- log.debug("entered classes()");
+ log.debug( "entered classes()" );
+ ExprNode l_classes = null;
}
:
- ID_classes (SP)+ refinement
+ ID_classes ( SP )+ l_classes=refinement
+ {
+ m_protectedItems.add( new ProtectedItem.Classes( l_classes ) );
+ }
;
itemPermissions
{
- log.debug("entered itemPermissions()");
+ log.debug( "entered itemPermissions()" );
+ m_itemPermissions = new HashSet();
+ ItemPermission l_itemPermission = null;
}
:
- ID_itemPermissions (SP)+
- OPEN_CURLY (SP)*
- ( itemPermission (SP)*
- ( SEP (SP)* itemPermission (SP)* )*
- )?
- CLOSE_CURLY
+ ID_itemPermissions ( SP )+
+ OPEN_CURLY ( SP )*
+ ( l_itemPermission=itemPermission ( SP )*
+ {
+ m_itemPermissions.add( l_itemPermission );
+ }
+ ( SEP ( SP )* l_itemPermission=itemPermission ( SP )*
+ {
+ m_itemPermissions.add( l_itemPermission );
+ }
+ )*
+ )?
+ CLOSE_CURLY
;
-itemPermission
+itemPermission returns [ ItemPermission l_itemPermission ]
{
log.debug( "entered itemPermission()" );
+ l_itemPermission = null;
}
:
- OPEN_CURLY (SP)*
- precedence_e // -- defaults to precedence in ACIItem
- (SP)* CLOSE_CURLY
- ;
-
-precedence_e
-{
- log.debug("entered precedence_e()");
-}
- :
- ID_precedence (SP)+ precedence (SP)* (SEP) (SP)* userClasses (SP)* (SEP) (SP)* grantsAndDenials
- | userClasses (SP)* (SEP) (SP)* grantsAndDenials
+ OPEN_CURLY ( SP )*
+ ( precedence ( SP )*
+ ( SEP ) ( SP )* userClasses ( SP )*
+ ( SEP ) ( SP )* grantsAndDenials ( SP )*
+ {
+ l_itemPermission = new ItemPermission( m_precedence, m_grantsAndDenials, m_userClasses );
+ }
+ |
+ userClasses ( SP )*
+ ( SEP ) ( SP )* grantsAndDenials ( SP )*
+ {
+ // precedence defaults to ACIItem precedence
+ l_itemPermission = new ItemPermission( m_aciPrecedence, m_grantsAndDenials, m_userClasses );
+ }
+ )
+ CLOSE_CURLY
;
grantsAndDenials
{
- log.debug("entered grantsAndDenials()");
+ log.debug( "entered grantsAndDenials()" );
+ m_grantsAndDenials = new HashSet();
+ GrantAndDenial l_grantAndDenial = null;
}
:
- ID_grantsAndDenials (SP)+
- OPEN_CURLY (SP)*
- ( grantAndDenialsBit (SP)*
- ( SEP (SP)* grantAndDenialsBit (SP)* )*
+ ID_grantsAndDenials ( SP )+
+ OPEN_CURLY ( SP )*
+ ( l_grantAndDenial = grantAndDenial ( SP )*
+ {
+ m_grantsAndDenials.add( l_grantAndDenial );
+ }
+ ( SEP ( SP )* l_grantAndDenial = grantAndDenial ( SP )*
+ {
+ m_grantsAndDenials.add( l_grantAndDenial );
+ }
+ )*
)?
CLOSE_CURLY
;
-grantAndDenialsBit
+grantAndDenial returns [ GrantAndDenial l_grantAndDenial ]
{
- log.debug("entered grantAndDenialsBit()");
+ log.debug( "entered grantAndDenialsBit()" );
+ l_grantAndDenial = null;
}
:
- ID_grantAdd // (0),
- | ID_denyAdd // (1),
- | ID_grantDiscloseOnError // (2),
- | ID_denyDiscloseOnError // (3),
- | ID_grantRead // (4),
- | ID_denyRead // (5),
- | ID_grantRemove // (6),
- | ID_denyRemove // (7),
+ ID_grantAdd { l_grantAndDenial = GrantAndDenial.GRANT_ADD; }
+ | ID_denyAdd { l_grantAndDenial = GrantAndDenial.DENY_ADD; }
+ | ID_grantDiscloseOnError { l_grantAndDenial = GrantAndDenial.GRANT_DISCLOSE_ON_ERROR; }
+ | ID_denyDiscloseOnError { l_grantAndDenial = GrantAndDenial.DENY_DISCLOSE_ON_ERROR; }
+ | ID_grantRead { l_grantAndDenial = GrantAndDenial.GRANT_READ; }
+ | ID_denyRead { l_grantAndDenial = GrantAndDenial.DENY_READ; }
+ | ID_grantRemove { l_grantAndDenial = GrantAndDenial.GRANT_REMOVE; }
+ | ID_denyRemove { l_grantAndDenial = GrantAndDenial.DENY_REMOVE; }
//-- permissions that may be used only in conjunction
//-- with the entry component
- | ID_grantBrowse // (8),
- | ID_denyBrowse // (9),
- | ID_grantExport // (10),
- | ID_denyExport // (11),
- | ID_grantImport // (12),
- | ID_denyImport // (13),
- | ID_grantModify // (14),
- | ID_denyModify // (15),
- | ID_grantRename // (16),
- | ID_denyRename // (17),
- | ID_grantReturnDN // (18),
- | ID_denyReturnDN // (19),
+ | ID_grantBrowse { l_grantAndDenial = GrantAndDenial.GRANT_BROWSE; }
+ | ID_denyBrowse { l_grantAndDenial = GrantAndDenial.DENY_BROWSE; }
+ | ID_grantExport { l_grantAndDenial = GrantAndDenial.GRANT_EXPORT; }
+ | ID_denyExport { l_grantAndDenial = GrantAndDenial.DENY_EXPORT; }
+ | ID_grantImport { l_grantAndDenial = GrantAndDenial.GRANT_IMPORT; }
+ | ID_denyImport { l_grantAndDenial = GrantAndDenial.DENY_IMPORT; }
+ | ID_grantModify { l_grantAndDenial = GrantAndDenial.GRANT_MODIFY; }
+ | ID_denyModify { l_grantAndDenial = GrantAndDenial.DENY_MODIFY; }
+ | ID_grantRename { l_grantAndDenial = GrantAndDenial.GRANT_RENAME; }
+ | ID_denyRename { l_grantAndDenial = GrantAndDenial.DENY_RENAME; }
+ | ID_grantReturnDN { l_grantAndDenial = GrantAndDenial.GRANT_RETURN_DN; }
+ | ID_denyReturnDN { l_grantAndDenial = GrantAndDenial.DENY_RETURN_DN; }
//-- permissions that may be used in conjunction
//-- with any component, except entry, of ProtectedItems
- | ID_grantCompare // (20),
- | ID_denyCompare // (21),
- | ID_grantFilterMatch // (22),
- | ID_denyFilterMatch // (23),
- | ID_grantInvoke // (24),
- | ID_denyInvoke // (25)
+ | ID_grantCompare { l_grantAndDenial = GrantAndDenial.GRANT_COMPARE; }
+ | ID_denyCompare { l_grantAndDenial = GrantAndDenial.DENY_COMPARE; }
+ | ID_grantFilterMatch { l_grantAndDenial = GrantAndDenial.GRANT_FILTER_MATCH; }
+ | ID_denyFilterMatch { l_grantAndDenial = GrantAndDenial.DENY_FILTER_MATCH; }
+ | ID_grantInvoke { l_grantAndDenial = GrantAndDenial.GRANT_INVOKE; }
+ | ID_denyInvoke { l_grantAndDenial = GrantAndDenial.DENY_INVOKE; }
;
userClasses
+{
+ log.debug( "entered userClasses()" );
+ m_userClasses = new HashSet();
+}
:
- ID_userClasses (SP)+
- OPEN_CURLY (SP)*
+ ID_userClasses ( SP )+
+ OPEN_CURLY ( SP )*
(
- ( allUsers allUsers_follower
- | thisEntry thisEntry_follower
- | name name_follower
- | userGroup userGroup_follower
- | subtree
+ ( allUsers ( SP )* allUsers_follower
+ | thisEntry ( SP )* thisEntry_follower
+ | name ( SP )* name_follower
+ | userGroup ( SP )* userGroup_follower
+ | subtree ( SP )*
)
- ( SP )*
+
)?
CLOSE_CURLY
;
allUsers_follower
+{
+ log.debug( "entered allUsers_follower()" );
+}
:
( SEP ( SP )*
- (
- thisEntry thisEntry_follower
- | name name_follower
- | userGroup userGroup_follower
- | subtree
+ ( thisEntry ( SP )* thisEntry_follower
+ | name ( SP )* name_follower
+ | userGroup ( SP )* userGroup_follower
+ | subtree ( SP )*
)
)?
;
thisEntry_follower
+{
+ log.debug( "entered thisEntry_follower()" );
+}
:
( SEP ( SP )*
- (
- name name_follower
- | userGroup userGroup_follower
- | subtree
+ ( name ( SP )* name_follower
+ | userGroup ( SP )* userGroup_follower
+ | subtree ( SP )*
)
)?
;
name_follower
+{
+ log.debug( "entered name_follower()" );
+}
:
( SEP ( SP )*
- (
- userGroup userGroup_follower
- | subtree
+ ( userGroup ( SP )* userGroup_follower
+ | subtree ( SP )*
)
)?
;
userGroup_follower
+{
+ log.debug( "entered userGroup_follower()" );
+}
:
( SEP ( SP )*
- (
- subtree
- )
+ subtree ( SP )*
)?
;
allUsers
+{
+ log.debug( "entered allUsers()" );
+}
:
ID_allUsers
+ {
+ m_userClasses.add( UserClass.ALL_USERS );
+ }
;
thisEntry
+{
+ log.debug( "entered thisEntry()" );
+}
:
ID_thisEntry
+ {
+ m_userClasses.add( UserClass.THIS_ENTRY );
+ }
;
name
{
- log.debug("entered name()");
+ log.debug( "entered name()" );
+ Set l_name = new HashSet();
+ Name l_distinguishedName = null;
}
:
ID_name ( SP )+
- OPEN_CURLY (SP)*
- token1:SAFEUTF8STRING
- {
- dnParser.parse( token1.getText() );
- log.debug( "name : " + token1.getText() );
- } (SP)*
- ( SEP (SP)* token2:SAFEUTF8STRING
- {
- dnParser.parse( token2.getText() );
- log.debug( "name : " + token2.getText() );
- } (SP)*
- )*
- CLOSE_CURLY
- ;
- exception
- catch [Exception e]
+ OPEN_CURLY ( SP )*
+ l_distinguishedName=distinguishedName ( SP )*
+ {
+ l_name.add( l_distinguishedName );
+ }
+ ( SEP ( SP )* l_distinguishedName=distinguishedName ( SP )*
+ {
+ l_name.add( l_distinguishedName );
+ } )*
+ CLOSE_CURLY
{
- throw new RecognitionException( "dnParser failed. " + e.getMessage() );
+ m_userClasses.add( new UserClass.Name( l_name ) );
}
+ ;
userGroup
{
- log.debug("entered userGroup()");
+ log.debug( "entered userGroup()" );
+ Set l_userGroup = new HashSet();
+ Name l_distinguishedName = null;
}
- :
+ :
ID_userGroup ( SP )+
- OPEN_CURLY (SP)*
- token1:SAFEUTF8STRING
- {
- dnParser.parse( token1.getText() );
- log.debug("name : " + token1.getText() );
- } (SP)*
- ( SEP (SP)* token2:SAFEUTF8STRING
- {
- dnParser.parse( token2.getText() );
- log.debug( "name : " + token2.getText() );
- } (SP)*
- )*
- CLOSE_CURLY
- ;
- exception
- catch [Exception e]
+ OPEN_CURLY ( SP )*
+ l_distinguishedName=distinguishedName ( SP )*
+ {
+ l_userGroup.add( l_distinguishedName );
+ }
+ ( SEP ( SP )* l_distinguishedName=distinguishedName ( SP )*
+ {
+ l_userGroup.add( l_distinguishedName );
+ } )*
+ CLOSE_CURLY
{
- throw new RecognitionException( "dnParser failed. " + e.getMessage() );
+ m_userClasses.add( new UserClass.UserGroup( l_userGroup ) );
}
+ ;
subtree
+{
+ log.debug( "entered subtree()" );
+ Set l_subtree = new HashSet();
+ SubtreeSpecification l_subtreeSpecification = null;
+}
:
- ID_subtree (SP)+
- OPEN_CURLY (SP)*
- subtreeSpecification (SP)*
- ( SEP (SP)* subtreeSpecification (SP)* )*
- CLOSE_CURLY
+ ID_subtree ( SP )+
+ OPEN_CURLY ( SP )*
+ l_subtreeSpecification=subtreeSpecification ( SP )*
+ {
+ l_subtree.add( l_subtreeSpecification );
+ }
+ ( SEP ( SP )* l_subtreeSpecification=subtreeSpecification ( SP )*
+ {
+ l_subtree.add( l_subtreeSpecification );
+ } )*
+ CLOSE_CURLY
+ {
+ m_userClasses.add( new UserClass.Subtree( l_subtree ) );
+ }
;
userPermissions
- :
- ID_userPermissions (SP)+
- OPEN_CURLY (SP)*
- ( userPermission (SP)*
- ( SEP (SP)* userPermission (SP)* )*
- )?
- CLOSE_CURLY
- ;
-
-userPermission
{
- log.debug( "entered userPermission()" );
+ log.debug( "entered userPermissions()" );
+ m_userPermissions = new HashSet();
+ UserPermission l_userPermission = null;
}
:
- OPEN_CURLY (SP)*
- precedence_ee // -- defaults to precedence in ACIItem
- (SP)* CLOSE_CURLY
+ ID_userPermissions ( SP )+
+ OPEN_CURLY ( SP )*
+ ( l_userPermission=userPermission ( SP )*
+ {
+ m_userPermissions.add( l_userPermission );
+ }
+ ( SEP ( SP )* l_userPermission=userPermission ( SP )*
+ {
+ m_userPermissions.add( l_userPermission );
+ }
+ )*
+ )?
+ CLOSE_CURLY
;
-precedence_ee
+userPermission returns [ UserPermission l_userPermission ]
{
- log.debug("entered precedence_ee()");
+ log.debug( "entered userPermission()" );
+ l_userPermission = null;
}
:
- ID_precedence (SP)+ precedence (SP)* (SEP) (SP)* protectedItems (SP)* (SEP) (SP)* grantsAndDenials
- | protectedItems (SP)* (SEP) (SP)* grantsAndDenials
+ OPEN_CURLY ( SP )*
+ ( precedence ( SP )*
+ ( SEP ) ( SP )* protectedItems ( SP )*
+ ( SEP ) ( SP )* grantsAndDenials ( SP )*
+ {
+ l_userPermission = new UserPermission(m_precedence, m_grantsAndDenials, m_protectedItems );
+ }
+ |
+ protectedItems ( SP )*
+ ( SEP ) ( SP )* grantsAndDenials ( SP )*
+ {
+ // precedence defaults to ACIItem precedence
+ l_userPermission = new UserPermission(m_aciPrecedence, m_grantsAndDenials, m_protectedItems );
+ }
+ )
+ CLOSE_CURLY
;
subtreeSpecification returns [SubtreeSpecification ss]
@@ -927,14 +1104,12 @@
:
OPEN_CURLY ( SP )*
(
- (
- ss_base ss_base_follower
- | ss_specificExclusions ss_specificExclusions_follower
- | ss_minimum ss_minimum_follower
- | ss_maximum ss_maximum_follower
- | ss_specificationFilter
+ ( ( ss_base ( SP )* ss_base_follower )
+ | ( ss_specificExclusions ( SP )* ss_specificExclusions_follower )
+ | ( ss_minimum ( SP )* ss_minimum_follower )
+ | ( ss_maximum ( SP )* ss_maximum_follower )
+ | ( ss_specificationFilter ( SP )* )
)
- ( SP )*
)?
CLOSE_CURLY
{
@@ -943,44 +1118,51 @@
;
ss_base_follower
+{
+ log.debug( "entered ss_base_follower()" );
+}
:
( SEP ( SP )*
- (
- ss_specificExclusions ss_specificExclusions_follower
- | ss_minimum ss_minimum_follower
- | ss_maximum ss_maximum_follower
- | ss_specificationFilter
+ ( ( ss_specificExclusions ( SP )* ss_specificExclusions_follower )
+ | ( ss_minimum ( SP )* ss_minimum_follower )
+ | ( ss_maximum ( SP )* ss_maximum_follower )
+ | ( ss_specificationFilter ( SP )* )
)
)?
;
ss_specificExclusions_follower
+{
+ log.debug( "entered ss_specificExclusions_follower()" );
+}
:
( SEP ( SP )*
- (
- ss_minimum ss_minimum_follower
- | ss_maximum ss_maximum_follower
- | ss_specificationFilter
+ ( ( ss_minimum ( SP )* ss_minimum_follower )
+ | ( ss_maximum ( SP )* ss_maximum_follower )
+ | ( ss_specificationFilter ( SP )* )
)
)?
;
ss_minimum_follower
+{
+ log.debug( "entered ss_minimum_follower()" );
+}
:
( SEP ( SP )*
- (
- ss_maximum ss_maximum_follower
- | ss_specificationFilter
+ ( ( ss_maximum ( SP )* ss_maximum_follower )
+ | ( ss_specificationFilter ( SP )* )
)
)?
;
ss_maximum_follower
+{
+ log.debug( "entered ss_maximum_follower()" );
+}
:
( SEP ( SP )*
- (
- ss_specificationFilter
- )
+ ss_specificationFilter ( SP )*
)?
;
@@ -990,7 +1172,7 @@
Name base = null;
}
:
- ID_base ( SP )+ base=localName
+ ID_base ( SP )+ base=distinguishedName
{
ssModifier.setBase( base );
}
@@ -1014,8 +1196,8 @@
}
:
OPEN_CURLY ( SP )*
- ( specificExclusion (SP)*
- ( SEP ( SP )* specificExclusion )*
+ ( specificExclusion ( SP )*
+ ( SEP ( SP )* specificExclusion ( SP )* )*
)?
CLOSE_CURLY
;
@@ -1034,7 +1216,7 @@
Name chopBeforeExclusion = null;
}
:
- ID_chopBefore COLON chopBeforeExclusion=localName
+ ID_chopBefore ( SP )* COLON ( SP )* chopBeforeExclusion=distinguishedName
{
chopBeforeExclusions.add( chopBeforeExclusion );
}
@@ -1046,7 +1228,7 @@
Name chopAfterExclusion = null;
}
:
- ID_chopAfter COLON chopAfterExclusion=localName
+ ID_chopAfter ( SP )* COLON ( SP )* chopAfterExclusion=distinguishedName
{
chopAfterExclusions.add( chopAfterExclusion );
}
@@ -1088,24 +1270,25 @@
}
;
-localName returns [Name name]
+distinguishedName returns [ Name name ]
{
- log.debug( "entered localName()" );
+ log.debug( "entered distinguishedName()" );
name = null;
}
:
token:SAFEUTF8STRING
{
name = dnParser.parse( token.getText() );
+ log.debug( "recognized a DistinguishedName: " + token.getText() );
}
;
exception
catch [Exception e]
{
- throw new RecognitionException( "dnParser failed." + e.getMessage() );
+ throw new RecognitionException( "dnParser failed for " + token.getText() + " " + e.getMessage() );
}
-baseDistance returns [int distance]
+baseDistance returns [ int distance ]
{
log.debug( "entered baseDistance()" );
distance = 0;
@@ -1117,103 +1300,97 @@
}
;
-oid returns [String result]
+oid returns [ String result ]
{
log.debug( "entered oid()" );
result = null;
+ Token token = null;
}
:
- token1:DESCR
- {
- result = token1.getText();
- log.debug("Recognized a DESCR: " + token1.getText());
- }
- |
- token2:NUMERICOID
+ { token = LT( 1 ); } // an interesting trick goes here ;-)
+ ( DESCR | NUMERICOID )
{
- result = token2.getText();
- log.debug("Recognized a NUMERICOID: " + token2.getText());
+ result = token.getText();
+ log.debug( "recognized an oid: " + result );
}
;
-refinement returns [ExprNode node]
+refinement returns [ ExprNode node ]
{
log.debug( "entered refinement()" );
node = null;
-} :
- ( node=item | node=and | node=or | node=not )
- {
- log.debug("refinement icinde node: " + node.toString());
- }
+}
+ :
+ node=item | node=and | node=or | node=not
;
-item returns [LeafNode node]
+item returns [ LeafNode node ]
{
log.debug( "entered item()" );
node = null;
String l_oid = null;
}
- :
- ID_item COLON l_oid=oid
+ :
+ ID_item ( SP )* COLON ( SP )* l_oid=oid
{
node = new SimpleNode( "objectClass" , l_oid , AbstractExprNode.EQUALITY );
}
;
-and returns [BranchNode node]
+and returns [ BranchNode node ]
{
log.debug( "entered and()" );
node = null;
ArrayList children = null;
}
- :
- ID_and COLON children=refinements
+ :
+ ID_and ( SP )* COLON ( SP )* children=refinements
{
node = new BranchNode( AbstractExprNode.AND , children );
}
;
-or returns [BranchNode node]
+or returns [ BranchNode node ]
{
log.debug( "entered or()" );
node = null;
ArrayList children = null;
}
- :
- ID_or COLON children=refinements
+ :
+ ID_or ( SP )* COLON ( SP )* children=refinements
{
node = new BranchNode( AbstractExprNode.OR , children );
}
;
-not returns [BranchNode node]
+not returns [ BranchNode node ]
{
log.debug( "entered not()" );
node = null;
ArrayList children = null;
}
:
- ID_not COLON children=refinements
+ ID_not ( SP )* COLON ( SP )* children=refinements
{
node = new BranchNode( AbstractExprNode.NOT , children );
}
;
-refinements returns [ArrayList children]
+refinements returns [ ArrayList children ]
{
log.debug( "entered refinements()" );
children = null;
ExprNode child = null;
ArrayList tempChildren = new ArrayList();
}
- :
- OPEN_CURLY
+ :
+ OPEN_CURLY ( SP )*
(
- child=refinement
+ child=refinement ( SP )*
{
tempChildren.add( child );
}
- ( SEP child=refinement
+ ( SEP ( SP )* child=refinement ( SP )*
{
tempChildren.add( child );
} )*
@@ -1343,7 +1520,7 @@
// ----------------------------------------------------------------------------
{
- private static final Logger log = LoggerFactory.getLogger( AntlrACIItemLexer.class );
+ private static final Logger log = LoggerFactory.getLogger( AntlrACIItemLexer.class );
}
@@ -1409,10 +1586,10 @@
DESCR // THIS RULE ALSO STANDS FOR AN IDENTIFIER
:
( "attributeValue" ( SP! )+ '{' ) =>
- "attributeValue"! ( SP! )+ '{'! (options { greedy=false;}:. )* '}'!
+ "attributeValue"! ( SP! )+ '{'! ( options { greedy = false; } : . )* '}'!
{ $setType( ATTRIBUTE_VALUE_CANDIDATE ); }
- | ( "rangeOfValues" ( SP! )+ '(') =>
- "rangeOfValues"! ( SP! )+ '(' (options { greedy=false;}:. )* ')'
+ | ( "rangeOfValues" ( SP! )+ '(' ) =>
+ "rangeOfValues"! ( SP! )+ '(' ( options { greedy = false; } : . )* ')'
{ $setType( RANGE_OF_VALUES_CANDIDATE ); }
| ALPHA ( ALPHA | DIGIT | HYPHEN )*
;
Modified: directory/shared/ldap/trunk/common/src/java/org/apache/ldap/common/acl/ACIItemParser.java
URL: http://svn.apache.org/viewcvs/directory/shared/ldap/trunk/common/src/java/org/apache/ldap/common/acl/ACIItemParser.java?rev=289653&r1=289652&r2=289653&view=diff
==============================================================================
--- directory/shared/ldap/trunk/common/src/java/org/apache/ldap/common/acl/ACIItemParser.java (original)
+++ directory/shared/ldap/trunk/common/src/java/org/apache/ldap/common/acl/ACIItemParser.java Fri Sep 16 14:21:13 2005
@@ -23,6 +23,8 @@
import java.io.StringReader;
import java.text.ParseException;
+import org.apache.ldap.common.name.NameComponentNormalizer;
+
import antlr.RecognitionException;
import antlr.TokenStreamException;
@@ -41,7 +43,9 @@
private ReusableAntlrACIItemParser parser;
/** the antlr generated lexer being wrapped */
private ReusableAntlrACIItemLexer lexer;
-
+
+ private final boolean isNormalizing;
+
/**
* Creates a ACIItem parser.
@@ -50,6 +54,24 @@
{
this.lexer = new ReusableAntlrACIItemLexer( new StringReader( "" ) );
this.parser = new ReusableAntlrACIItemParser( lexer );
+
+ this.parser.init(); // this method MUST be called while we cannot do
+ // constructor overloading for antlr generated parser
+ this.isNormalizing = false;
+ }
+
+ /**
+ * Creates a normalizing ACIItem parser.
+ */
+ public ACIItemParser(NameComponentNormalizer normalizer)
+ {
+ this.lexer = new ReusableAntlrACIItemLexer( new StringReader( "" ) );
+ this.parser = new ReusableAntlrACIItemParser( lexer );
+
+ this.parser.setNormalizer( normalizer );
+ this.parser.init(); // this method MUST be called while we cannot do
+ // constructor overloading for antlr generated parser
+ this.isNormalizing = true;
}
/**
@@ -74,18 +96,20 @@
* @throws ParseException if there are any recognition errors (bad syntax)
* @throws IOException if there is a problem with underlying streams
*/
- public synchronized void parse( String spec ) throws ParseException, IOException
+ public synchronized ACIItem parse( String spec ) throws ParseException, IOException
{
+ ACIItem l_ACIItem = null;
+
if ( spec == null || spec.trim().equals( "" ) )
{
- // return null;
+ return null;
}
reset(spec); // reset and initialize the parser / lexer pair
try
{
- /*l_ACIItem = */this.parser.wrapperEntryPoint();
+ l_ACIItem = this.parser.wrapperEntryPoint();
}
catch ( TokenStreamException e )
{
@@ -100,6 +124,16 @@
throw new ParseException( msg, e.getColumn() );
}
- //return l_ACIItem;
+ return l_ACIItem;
+ }
+
+ /**
+ * Tests to see if this parser is normalizing.
+ *
+ * @return true if it normalizes false otherwise
+ */
+ public boolean isNormizing()
+ {
+ return this.isNormalizing ;
}
}
Modified: directory/shared/ldap/trunk/common/src/test/org/apache/ldap/common/acl/ACIItemParserTest.java
URL: http://svn.apache.org/viewcvs/directory/shared/ldap/trunk/common/src/test/org/apache/ldap/common/acl/ACIItemParserTest.java?rev=289653&r1=289652&r2=289653&view=diff
==============================================================================
--- directory/shared/ldap/trunk/common/src/test/org/apache/ldap/common/acl/ACIItemParserTest.java (original)
+++ directory/shared/ldap/trunk/common/src/test/org/apache/ldap/common/acl/ACIItemParserTest.java Fri Sep 16 14:21:13 2005
@@ -34,8 +34,8 @@
/** the ACIItem parser wrapper */
ACIItemParser parser;
-// /** holds multithreaded success value */
-// boolean isSuccessMultithreaded = true;
+ // /** holds multithreaded success value */
+ // boolean isSuccessMultithreaded = true;
/**
@@ -59,26 +59,38 @@
/**
- * Tests the parser with some valid input.
+ * Tests the parser with an ACIItem of ItemFirst main component.
*/
- public void testSpecItemFirst() throws Exception
- {
- String spec1 = "{ identificationTag \"id1\" , precedence 114, authenticationLevel basicLevels:{ level none, localQualifier 23, signed FALSE }, " +
- "itemOrUserFirst itemFirst:{ protectedItems{ entry, attributeType { 1.2.3, ou }, attributeValue { ou=people, cn=Ersin }, rangeOfValues (cn=ErsinEr) }, " +
- "itemPermissions { { userClasses {allUsers, userGroup { \"1.2=y,z=t\", \"a=b,c=d\" }, subtree { { base \"ou=people\" } } }, grantsAndDenials { denyCompare, grantModify } } } }}";
+ public void testItemFirst() throws Exception
+ {
+ String spec1 = " { identificationTag \"id1\" , precedence 114 , authenticationLevel simple , " +
+ "itemOrUserFirst itemFirst :{ protectedItems { entry , attributeType { 1.2.3 , ou } , " +
+ " attributeValue { ou=people , cn=Ersin } , rangeOfValues (cn=ErsinEr) , " +
+ "classes and : { item: xyz , or:{item:X,item:Y} }} , " +
+ "itemPermissions { { userClasses {allUsers , userGroup { \"1.2=y,z=t\" , \"a=b,c=d\" } " +
+ " , subtree { { base \"ou=people\" } } } , grantsAndDenials { denyCompare , grantModify } }," +
+ "{ precedence 10, userClasses {allUsers , userGroup { \"1.2=y,z=t\" , \"a=b,c=d\" } " +
+ " , subtree { { base \"ou=people\" } } } , grantsAndDenials { denyCompare , grantModify } } } }}";
+
+ ACIItem l_ACIItem = parser.parse(spec1);
- parser.parse(spec1);
+ // System.out.println( l_ACIItem );
}
/**
- * Tests the parser with some valid input.
+ * Tests the parser with an ACIItem of UserFirst main component.
*/
- public void testSpecUserFirst() throws Exception
- {
- String spec2 = "{ identificationTag \"id2\", precedence 14, authenticationLevel basicLevels:{ level none, localQualifier 23, signed FALSE }, " +
- "itemOrUserFirst userFirst:{ userClasses {allUsers, name { \"ou=people,cn=ersin\" } }, " +
- "userPermissions { { protectedItems{ entry, attributeType { cn, ou }, rangeOfValues (cn=ErsinEr) }, grantsAndDenials { grantBrowse } } } }}";
+ public void testUserFirst() throws Exception
+ {
+ String spec2 = "{ identificationTag \"id2\" , precedence 14, authenticationLevel none , " +
+ "itemOrUserFirst userFirst: { userClasses { allUsers , name { \"ou=people,cn=ersin\" }, " +
+ "subtree {{ base \"ou=system\", specificationFilter and:{ } }, { base \"ou=ORGANIZATIONUNIT\"," +
+ "minimum 1, maximum 2 } } } , " +
+ "userPermissions { { protectedItems{ entry , attributeType { cn , ou } , attributeValue {x=y,m=n,k=l} , " +
+ "rangeOfValues (cn=ErsinEr) } , grantsAndDenials { grantBrowse } } } } } ";
+
+ ACIItem l_ACIItem = parser.parse(spec2);
- parser.parse(spec2);
+ // System.out.println( l_ACIItem );
}
}