1 (* HCoop
Domtool (http
://hcoop
.sourceforge
.net
/)
2 * Copyright (c
) 2006, Adam Chlipala
4 * This program is free software
; you can redistribute it
and/or
5 * modify it under the terms
of the GNU General Public License
6 * as published by the Free Software Foundation
; either version
2
7 * of the License
, or (at your option
) any later version
.
9 * This program is distributed
in the hope that it will be useful
,
10 * but WITHOUT ANY WARRANTY
; without even the implied warranty
of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE
. See the
12 * GNU General Public License for more details
.
14 * You should have received a copy
of the GNU General Public License
15 * along
with this program
; if not
, write to the Free Software
16 * Foundation
, Inc
., 51 Franklin Street
, Fifth Floor
, Boston
, MA
02110-1301, USA
.
19 (* Per
-user access control lists for resources various
*)
21 structure Acl
:> ACL
= struct
23 type acl
= {user
: string,
27 structure SM
= DataStructures
.StringMap
28 structure SS
= DataStructures
.StringSet
30 val acl
: SS
.set SM
.map SM
.map ref
= ref SM
.empty
32 fun query
{user
, class
, value
} =
33 case SM
.find (!acl
, user
) of
36 case SM
.find (classes
, class
) of
38 | SOME values
=> SS
.member (values
, value
)
41 case SM
.find (!acl
, user
) of
43 | SOME classes
=> SM
.foldri (fn (class
, values
, out
) =>
44 (class
, SS
.foldr (op::) [] values
) :: out
)
47 fun users () = SM
.foldri (fn (user
, _
, ls
) => user
:: ls
) [] (!acl
)
49 fun whoHas
{class
, value
} =
50 SM
.foldri (fn (user
, classes
, users
) =>
51 case SM
.find (classes
, class
) of
54 if SS
.member (values
, value
) then
59 fun class
{user
, class
} =
60 case SM
.find (!acl
, user
) of
63 case SM
.find (classes
, class
) of
65 | SOME values
=> values
68 (acl
:= #
1 (SM
.remove (!acl
, user
)))
71 fun grant
{user
, class
, value
} =
73 val classes
= Option
.getOpt (SM
.find (!acl
, user
), SM
.empty
)
74 val values
= Option
.getOpt (SM
.find (classes
, class
), SS
.empty
)
76 acl
:= SM
.insert (!acl
, user
,
77 SM
.insert (classes
, class
,
78 SS
.add (values
, value
)))
81 fun revoke
{user
, class
, value
} =
83 val classes
= Option
.getOpt (SM
.find (!acl
, user
), SM
.empty
)
84 val values
= Option
.getOpt (SM
.find (classes
, class
), SS
.empty
)
86 val values
= if SS
.member (values
, value
) then
87 SS
.delete (values
, value
)
91 val classes
= if SS
.isEmpty values
then
92 (#
1 (SM
.remove (classes
, class
)))
93 handle NotFound
=> classes
95 SM
.insert (classes
, class
, values
)
97 if SM
.numItems classes
= 0 then
98 (acl
:= #
1 (SM
.remove (!acl
, user
)))
101 acl
:= SM
.insert (!acl
, user
, classes
)
104 fun revokeFromAll
{class
, value
} =
105 acl
:= SM
.map (fn classes
=>
106 case SM
.find (classes
, class
) of
109 ((SM
.insert (classes
, class
, SS
.delete (values
, value
)))
110 handle NotFound
=> classes
)) (!acl
)
114 val inf
= TextIO.openIn fname
117 case TextIO.inputLine inf
of
120 case String.tokens
Char.isSpace line
of
124 case TextIO.inputLine inf
of
127 case String.tokens
Char.isSpace line
of
130 classes (SM
.insert (clss
, class
,
131 foldl SS
.add
' SS
.empty values
))
133 users (SM
.insert (usrs
, user
, classes SM
.empty
))
135 | _
=> raise Fail
"Unexpected ACL file format"
137 acl
:= users SM
.empty
138 before TextIO.closeIn inf
143 val outf
= TextIO.openOut fname
145 val writeValues
= SS
.app (fn value
=>
146 (TextIO.output (outf
, " ");
147 TextIO.output (outf
, value
)))
149 val writeClasses
= SM
.appi (fn (class
, values
) =>
150 if SS
.isEmpty values
then
153 (TextIO.output (outf
, class
);
155 TextIO.output (outf
, "\n")))
157 val writeUsers
= SM
.appi (fn (user
, classes
) =>
158 if SM
.numItems classes
= 0 then
161 (TextIO.output (outf
, user
);
162 TextIO.output (outf
, "\n");
163 writeClasses classes
;
164 TextIO.output (outf
, "\n")))