filemailbox.java

java 开发的邮件服务器平台。支持以下协议。 协议可以修改为自己的专门标识

        boolean change;
        boolean[] rights = new boolean[NUMBER_OF_RIGHTS];

        if (mods[0] == ADD_RIGHTS) {
            change = true;
            System.arraycopy(existingRights, 0, rights, 0,
                             NUMBER_OF_RIGHTS);
        } else if (mods[0] == REMOVE_RIGHTS) {
            change = false;
            System.arraycopy(existingRights, 0, rights, 0,
                             NUMBER_OF_RIGHTS);
        } else {                                             // means replace
            System.arraycopy(NO_RIGHTS, 0, rights, 0,
                             NUMBER_OF_RIGHTS);
            char[] new_mods = new char[mods.length + 1];
            System.arraycopy(mods, 0, new_mods, 1, mods.length);
            mods = new_mods;
            change = true;
        }

        for (int i=1; i <mods.length; i++) {
            switch(mods[i]) {
            case LOOKUP_RIGHTS: rights[LOOKUP] = change;
                break;
            case READ_RIGHTS: rights[READ] = change;
                break;
            case KEEP_SEEN_RIGHTS: rights[KEEP_SEEN] = change;
                break;
            case WRITE_RIGHTS: rights[WRITE] = change;
                break;
            case INSERT_RIGHTS: rights[INSERT] = change;
                break;
            case POST_RIGHTS: rights[POST] = change;
                break;
            case CREATE_RIGHTS: rights[CREATE] = change;
                break;
            case DELETE_RIGHTS: rights[DELETE] = change;
                break;
            case ADMIN_RIGHTS: rights[ADMIN] = change;
                break;
            default: return false;
            }
        }

        //  All rights above lookup require lookup
        if(rights[LOOKUP] == false  &&  !Arrays.equals(rights, NO_RIGHTS)) {
            return false;
        }
        // Each right requires all the rights before it.
        int count = 0;
        for (int i=1; i< NUMBER_OF_RIGHTS; i++) {
            if(rights[i-1] ^ rights[i]) {
                count++;
            }
        }
        switch (count) {
        case 0:                              // now Admin or deleted
            if (rights[ADMIN]) {
                acl.put(identifier, rights);
                break;
            } else {
                if (otherAdmin(identifier)) {
                    acl.remove(identifier);
                    break;
                } else {
                    return false;
                }
            }
        case 2:              // not allowed
            return false;
        case 1:             // not Admin, check there remains an Admin
            // Iterator namesIt = acl.keySet().iterator();
            //boolean otherAdmin = false;
            //while(namesIt.hasNext() && !otherAdmin) {
            //String name = (String)namesIt.next();
            //if (name != identifier) {
            //    boolean[] otherRights = (boolean[]) acl.get(name);
            //        otherAdmin = otherRights[ADMIN];
            //}
            //}
            if (otherAdmin(identifier)) {
                acl.put(identifier, rights);
                break;
            } else {
                return false;
            }
        default:             // not allowed
            return false;
        }
        writeMailbox();
        return true;
    }

    /**
     * Check there is a person other than identifier who has Admin rights.
     */
    private boolean otherAdmin(String identifier) {
        Iterator namesIt = acl.keySet().iterator();
        boolean result = false;
        while(namesIt.hasNext() && !result) {
            String name = (String)namesIt.next();
            if (!name.equals(identifier)) {
                boolean[] otherRights = (boolean[]) acl.get(name);
                result = otherRights[ADMIN];
            }
        }
        return result;
    }

    /**
     * Retrieve access rights for a specific identity.
     *
     * @param getter String representing user attempting to get the rights,
     * must be non-null and non-empty
     * @param identity String representing user whose rights are being got,
     * must be non-null and non-empty
     * @return String of rights usingrfc2086 syntax, empty if identity has no
     * rights in this mailbox.
     * @throws AccessControlException if getter does not have lookup rights for
     * this mailbox (ie they should not know this mailbox exists).
     * @throws AuthorizationException if implementation does not wish to expose
     * ACL for this identity to this getter.
     */
    public String getRights(String getter, String identity)
        throws AccessControlException, AuthorizationException {
        boolean[] gettersRights = (boolean[])  acl.get(getter);
        if (gettersRights == null
            || (gettersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        } else if (!getter.equals(identity) && gettersRights[ADMIN] == false) {
            throw new AuthorizationException(DENY_AUTH + getter);
        }
        boolean[] rights = (boolean[]) acl.get(identity);
        if (rights == null) {
            return null;
        } else {
            StringBuffer buf = new StringBuffer(NUMBER_OF_RIGHTS);
            for (int i = 0; i<NUMBER_OF_RIGHTS; i++) {
                if (rights[i]) {
                    buf.append(RIGHTS[i]);
                }
            }
            return buf.toString();
        }
    }

    /**
     * Retrieves a String of one or more <identity space rights> who have
     * rights in this ACL
     *
     * @param getter String representing user attempting to get the rights,
     * must be non-null and non-empty
     * @return String of rights sets usingrfc2086 syntax
     * @throws AccessControlException if getter does not have lookup rights for
     * this mailbox (ie they should not know this mailbox exists).
     * @throws AuthorizationException if implementation does not wish to expose
     * ACL to this getter.
     */
    public String getAllRights(String getter)
        throws AccessControlException, AuthorizationException {
        boolean[] gettersRights = (boolean[]) acl.get(getter);
        if (gettersRights == null
            || (gettersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        } else if ( gettersRights[ADMIN] == false) {
            throw new AuthorizationException(DENY_AUTH + getter);
        }
        Iterator namesIt = acl.keySet().iterator();
        StringBuffer response = new StringBuffer(20*acl.size());
        while(namesIt.hasNext()) {
            String name = (String)namesIt.next();
            response.append("<" + name + " ");
            boolean[] rights = (boolean[]) acl.get(name);
            for (int i = 0; i<NUMBER_OF_RIGHTS; i++) {
                if (rights[i]) {
                    response.append(RIGHTS[i]);
                }
            }
            response.append("> ");
        }

        return response.toString();
    }

    /**
     * Retrieve rights which will always be granted to the specified identity.
     *
     * @param getter String representing user attempting to get the rights,
     * must be non-null and non-empty
     * @param identity String representing user whose rights are being got,
     * must be non-null and non-empty
     * @return String of rights usingrfc2086 syntax, empty if identity has no
     * guaranteed rights in this mailbox.
     * @throws AccessControlException if getter does not have lookup rights for
     * this mailbox (ie they should not know this mailbox exists).
     * @throws AuthorizationException if implementation does not wish to expose
     * ACL for this identity to this getter.
     */
    public String getRequiredRights(String getter, String identity)
        throws AccessControlException, AuthorizationException {
        boolean[] gettersRights = (boolean[]) acl.get(getter);
        if (gettersRights == null
            || (gettersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        } else if (!getter.equals(identity) && gettersRights[ADMIN] == false) {
            throw new AuthorizationException(DENY_AUTH + getter);
        }

        return "\"\"";
    }

    /**
     * Retrieve rights which may be granted to the specified identity.
     * @param getter String representing user attempting to get the rights,
     * must be non-null and non-empty
     * @param identity String representing user whose rights are being got,
     * must be non-null and non-empty
     * @return String of rights usingrfc2086 syntax, empty if identity has no
     * guaranteed rights in this mailbox.
     * @throws AccessControlException if getter does not have lookup rights for
     * this mailbox (ie they should not know this mailbox exists).
     * @throws AuthorizationException if implementation does not wish to expose
     * ACL for this identity to this getter.
     */
    public String getOptionalRights(String getter, String identity)
        throws AccessControlException, AuthorizationException {
        boolean[] gettersRights = (boolean[]) acl.get(getter);
        if (gettersRights == null
            || (gettersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        } else if (!getter.equals(identity) && gettersRights[ADMIN] == false) {
            throw new AuthorizationException(DENY_AUTH + getter);
        }

        return OPTIONAL_RIGHTS;
    }

    /**
     * Helper boolean methods.
     * Provided for cases where you need to check the ACL before selecting the
     * mailbox.
     *
     * @param username String representing user
     * @return true if user has the requested right.
     * &throws AccessControlException if username does not have lookup rights.
     * (Except for hasLookupRights which just returns false.
     */
    public boolean hasLookupRights(String username) {
        boolean[] usersRights = (boolean[]) acl.get(username);
        return (( usersRights == null || (usersRights[LOOKUP] == false))
                ? false : true);
    }

    public boolean hasReadRights(String username)
        throws AccessControlException {
        boolean[] usersRights = (boolean[]) acl.get(username);
        if (usersRights == null  || (usersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        }
        return usersRights[READ];
    }

    public boolean hasKeepSeenRights(String username)
        throws AccessControlException {
        boolean[] usersRights = (boolean[]) acl.get(username);
        if (usersRights == null  || (usersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        }
        return usersRights[KEEP_SEEN];
    }

    public boolean hasWriteRights(String username)
        throws AccessControlException {
        boolean[] usersRights = (boolean[]) acl.get(username);
        if (usersRights == null  || (usersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        }
        return usersRights[WRITE];
    }

    public boolean hasInsertRights(String username)
        throws AccessControlException {
        boolean[] usersRights = (boolean[]) acl.get(username);
        if (usersRights == null  || (usersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        }
        return usersRights[INSERT];
    }

    public boolean hasCreateRights(String username)
        throws AccessControlException {
        boolean[] usersRights = (boolean[]) acl.get(username);
        if (usersRights == null  || (usersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        }
        return usersRights[CREATE];
    }

    public boolean hasDeleteRights(String username)
        throws AccessControlException {
        boolean[] usersRights = (boolean[]) acl.get(username);
        if (usersRights == null  || (usersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        }
        return usersRights[DELETE];
    }

    public boolean hasAdminRights(String username)
        throws AccessControlException {
        boolean[] usersRights = (boolean[]) acl.get(username);
        if (usersRights == null  || (usersRights[LOOKUP] == false)) {
            throw new AccessControlException(DENY_ACCESS);
        }
        return usersRights[ADMIN];
    }

    // Mailbox methods using the ACL ---------------------------

    /**
     * Indicates if this folder may be selected by the specified user. Requires
     * user to have at least read rights. It does not indicate whether user
     * can write to mailbox
     *
     * @param username String represnting user
     * @return boolean TRUE if specified user can Select mailbox.
     * @throws AccessControlException if username does not have lookup rights
     */
    public  synchronized  boolean isSelectable(String username)
        throws AccessControlException {
        return ( ! notSelectableByAnyone && hasReadRights(username) );