Listing permissions
[hcoop/domtool2.git] / src / acl.sml
1 (* HCoop Domtool (http://hcoop.sourceforge.net/)
2 * Copyright (c) 2006, Adam Chlipala
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 *)
18
19 (* Per-user access control lists for resources various *)
20
21 structure Acl :> ACL = struct
22
23 type acl = {user : string,
24 class : string,
25 value : string}
26
27 structure SM = DataStructures.StringMap
28 structure SS = DataStructures.StringSet
29
30 val acl : SS.set SM.map SM.map ref = ref SM.empty
31
32 fun query {user, class, value} =
33 case SM.find (!acl, user) of
34 NONE => false
35 | SOME classes =>
36 case SM.find (classes, class) of
37 NONE => false
38 | SOME values => SS.member (values, value)
39
40 fun queryAll user =
41 case SM.find (!acl, user) of
42 NONE => []
43 | SOME classes => SM.foldri (fn (class, values, out) =>
44 (class, SS.foldr (op::) [] values) :: out)
45 [] classes
46
47 fun class {user, class} =
48 case SM.find (!acl, user) of
49 NONE => SS.empty
50 | SOME classes =>
51 case SM.find (classes, class) of
52 NONE => SS.empty
53 | SOME values => values
54
55 fun grant {user, class, value} =
56 let
57 val classes = Option.getOpt (SM.find (!acl, user), SM.empty)
58 val values = Option.getOpt (SM.find (classes, class), SS.empty)
59 in
60 acl := SM.insert (!acl, user,
61 SM.insert (classes, class,
62 SS.add (values, value)))
63 end
64
65 fun revoke {user, class, value} =
66 let
67 val classes = Option.getOpt (SM.find (!acl, user), SM.empty)
68 val values = Option.getOpt (SM.find (classes, class), SS.empty)
69
70 val values = if SS.member (values, value) then
71 SS.delete (values, value)
72 else
73 values
74 in
75 acl := SM.insert (!acl, user,
76 SM.insert (classes, class,
77 values))
78 end
79
80 fun read fname =
81 let
82 val inf = TextIO.openIn fname
83
84 fun users usrs =
85 case TextIO.inputLine inf of
86 NONE => usrs
87 | SOME line =>
88 case String.tokens Char.isSpace line of
89 [user] =>
90 let
91 fun classes clss =
92 case TextIO.inputLine inf of
93 NONE => clss
94 | SOME line =>
95 case String.tokens Char.isSpace line of
96 [] => clss
97 | class :: values =>
98 classes (SM.insert (clss, class,
99 foldl SS.add' SS.empty values))
100 in
101 users (SM.insert (usrs, user, classes SM.empty))
102 end
103 | _ => raise Fail "Unexpected ACL file format"
104 in
105 acl := users SM.empty
106 before TextIO.closeIn inf
107 end
108
109 fun write fname =
110 let
111 val outf = TextIO.openOut fname
112
113 val writeValues = SS.app (fn value =>
114 (TextIO.output (outf, " ");
115 TextIO.output (outf, value)))
116
117 val writeClasses = SM.appi (fn (class, values) =>
118 (TextIO.output (outf, class);
119 writeValues values;
120 TextIO.output (outf, "\n")))
121
122 val writeUsers = SM.appi (fn (user, classes) =>
123 (TextIO.output (outf, user);
124 TextIO.output (outf, "\n");
125 writeClasses classes;
126 TextIO.output (outf, "\n")))
127 in
128 writeUsers (!acl);
129 TextIO.closeOut outf
130 end
131
132 end