com.att.research.xacmlatt.pdp.policy.PolicyDef Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of xacml-pdp Show documentation
Show all versions of xacml-pdp Show documentation
ATT reference implementation of XACML PDP engine
The newest version!
/*
*
* Copyright (c) 2013,2019 AT&T Knowledge Ventures
* SPDX-License-Identifier: MIT
*/
package com.att.research.xacmlatt.pdp.policy;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import com.att.research.xacml.api.Advice;
import com.att.research.xacml.api.IdReference;
import com.att.research.xacml.api.IdReferenceMatch;
import com.att.research.xacml.api.Identifier;
import com.att.research.xacml.api.Obligation;
import com.att.research.xacml.api.StatusCode;
import com.att.research.xacml.api.Version;
import com.att.research.xacml.api.VersionMatch;
import com.att.research.xacml.std.StdIdReference;
import com.att.research.xacml.std.StdStatus;
import com.att.research.xacml.std.StdStatusCode;
import com.att.research.xacml.util.StringUtils;
import com.att.research.xacmlatt.pdp.eval.EvaluationContext;
import com.att.research.xacmlatt.pdp.eval.EvaluationException;
import com.att.research.xacmlatt.pdp.eval.EvaluationResult;
import com.att.research.xacmlatt.pdp.eval.MatchResult;
/**
* PolicyDef extends {@link com.att.research.xacmlatt.pdp.policy.PolicySetChild} with members and methods common
* to XACML 3.0 Policies and PolicySets.
*
* @author car
* @version $Revision: 1.2 $
*/
public abstract class PolicyDef extends PolicySetChild {
private String description;
private PolicyIssuer policyIssuer;
private Target target;
private List combinerParameters;
private List obligationExpressions;
private List adviceExpressions;
private Version version;
private Integer maxDelegationDepth;
private IdReference idReference;
private void ensureCombinerParameters() {
if (this.combinerParameters == null) {
this.combinerParameters = new ArrayList<>();
}
}
private void ensureObligationExpressions() {
if (this.obligationExpressions == null) {
this.obligationExpressions = new ArrayList<>();
}
}
private void ensureAdviceExpressions() {
if (this.adviceExpressions == null) {
this.adviceExpressions = new ArrayList<>();
}
}
protected List getCombinerParameterList() {
return this.combinerParameters;
}
protected List getObligationExpressionList() {
return this.obligationExpressions;
}
protected List getAdviceExpressionList() {
return this.adviceExpressions;
}
protected void updateResult(EvaluationResult evaluationResult, EvaluationContext evaluationContext) throws EvaluationException {
List thisObligationExpressions = this.getObligationExpressionList();
if (thisObligationExpressions != null && ! thisObligationExpressions.isEmpty()) {
List listObligations = ObligationExpression.evaluate(evaluationContext, this.getPolicyDefaults(), evaluationResult.getDecision(), thisObligationExpressions);
if (listObligations != null && ! listObligations.isEmpty()) {
evaluationResult.addObligations(listObligations);
}
}
List thisAdviceExpressions = this.getAdviceExpressionList();
if (thisAdviceExpressions != null && ! thisAdviceExpressions.isEmpty()) {
List listAdvices = AdviceExpression.evaluate(evaluationContext, this.getPolicyDefaults(), evaluationResult.getDecision(), thisAdviceExpressions);
if (listAdvices != null && ! listAdvices.isEmpty()) {
evaluationResult.addAdvice(listAdvices);
}
}
}
@Override
protected boolean validateComponent() {
if (super.validateComponent()) {
if (this.getVersion() == null) {
this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing version string");
return false;
} else if (this.getTarget() == null) {
this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing Target in policy " + this.getIdReference().getId().stringValue());
return false;
} else {
return true;
}
} else {
return false;
}
}
public PolicyDef(PolicySet policySetParent, StatusCode statusCodeIn, String statusMessageIn) {
super(policySetParent, statusCodeIn, statusMessageIn);
}
public PolicyDef(StatusCode statusCodeIn, String statusMessageIn) {
super(statusCodeIn, statusMessageIn);
}
public PolicyDef(StatusCode statusCodeIn) {
super(statusCodeIn);
}
public PolicyDef(PolicySet policySetParent) {
super(policySetParent);
}
public PolicyDef() {
super();
}
@Override
public void setIdentifier(Identifier identifierIn) {
super.setIdentifier(identifierIn);
this.idReference = null;
}
/**
* Gets the String
description of this PolicyDef
.
*
* @return the String
description of this PolicyDef
.
*/
public String getDescription() {
return this.description;
}
/**
* Sets the String
description of this PolicyDef
.
*
* @param s the String
description of this PolicyDef
*/
public void setDescription(String s) {
this.description = s;
}
/**
* Gets the {@link com.att.research.xacmlatt.pdp.policy.PolicyIssuer} for this PolicyDef
.
*
* @return the PolicyIssuer
for this PolicyDef
*/
public PolicyIssuer getPolicyIssuer() {
return this.policyIssuer;
}
/**
* Sets the PolicyIssuer
for this PolicyDef
.
*
* @param policyIssuerIn the PolicyIssuer
for this PolicyDef
.
*/
public void setPolicyIssuer(PolicyIssuer policyIssuerIn) {
this.policyIssuer = policyIssuerIn;
}
/**
* Gets the Target
for this PolicyDef
.
*
* @return the Target
for this PolicyDef
*/
public Target getTarget() {
return this.target;
}
/**
* Sets the Target
for this PolicyDef
.
*
* @param targetIn the Target
for this PolicyDef
*/
public void setTarget(Target targetIn) {
this.target = targetIn;
}
/**
* Gets an Iterator
over the CombinerParameter
s for this Policy
.
*
* @return an Iterator
over the CombinerParameter
s for this Policy
or null if there are none
*/
public Iterator getCombinerParameters() {
return (this.combinerParameters == null ? null : this.combinerParameters.iterator());
}
/**
* Sets the CombinerParameter
s for thisPolicy
to the contents of the
* given Collection
. If the Collection
is null, the set of CombinerParameter
s
* for this Policy
is set to null.
*
* @param combinerParametersIn the Collection
of CombinerParameter
s for this PolicyDef
*/
public void setCombinerParameters(Collection combinerParametersIn) {
this.combinerParameters = null;
if (combinerParametersIn != null) {
this.addCombinerParameters(combinerParametersIn);
}
}
/**
* Adds the given CombinerParameter
to the set of CombinerParameter
s for this
* PolicyDef
*
* @param combinerParameter the CombinerParameter
to add
*/
public void add(CombinerParameter combinerParameter) {
this.ensureCombinerParameters();
this.combinerParameters.add(combinerParameter);
}
/**
* Adds the given Collection
of CombinerParameter
s to this PolicyDef
*
* @param combinerParametersIn the Collection
of CombinerParameter
s to add
*/
public void addCombinerParameters(Collection combinerParametersIn) {
this.ensureCombinerParameters();
this.combinerParameters.addAll(combinerParametersIn);
}
/**
* Gets an Iterator
over the ObligationExpression
s for this PolicyDef
.
*
* @return an Iterator
over the ObligationExpression
s for this PolicyDef
or null if there are none.
*/
public Iterator getObligationExpressions() {
return (this.obligationExpressions == null ? null : this.obligationExpressions.iterator());
}
/**
* Sets the ObligationExpression
s for this PolicyDef
to the contents of the given Collection
.
* If the Collection
is null, the ObligationExpression
s for this PolicyDef
are set to null.
*
* @param obligationExpressionsIn the Collection
of ObligationExpression
s for this PolicyDef
.
*/
public void setObligationExpressions(Collection obligationExpressionsIn) {
this.obligationExpressions = null;
if (obligationExpressionsIn != null) {
this.addObligationExpressions(obligationExpressionsIn);
}
}
/**
* Adds the given ObligationExpression
to the set of ObligationExpression
s for this PolicyDef
.
*
* @param obligationExpression the ObligationExpression
to add
*/
public void add(ObligationExpression obligationExpression) {
this.ensureObligationExpressions();
this.obligationExpressions.add(obligationExpression);
}
/**
* Adds the contents of the given Collection
of ObligationExpression
s to the set of ObligationExpression
s for
* this PolicyDef
.
*
* @param obligationExpressionsIn the Collection
of ObligationExpression
s to add
*/
public void addObligationExpressions(Collection obligationExpressionsIn) {
this.ensureObligationExpressions();
this.obligationExpressions.addAll(obligationExpressionsIn);
}
/**
* Gets an Iterator
over the set of AdviceExpression
s for this PolicyDef
.
*
* @return an Iterator
over the set of AdviceExpression
s for this PolicyDef
or null if there are none.
*/
public Iterator getAdviceExpressions() {
return (this.adviceExpressions == null ? null : this.adviceExpressions.iterator());
}
/**
* Sets the set of AdviceExpression
s for this PolicyDef
to the contents of the given Collection
.
*
* @param adviceExpressionsIn the Collection
of AdviceExpression
to add
*/
public void setAdviceExpressions(Collection adviceExpressionsIn) {
this.adviceExpressions = null;
if (adviceExpressionsIn != null) {
this.addAdviceExpressions(adviceExpressionsIn);
}
}
/**
* Adds the given AdviceExpression
to the set of AdviceExpression
s for this PolicyDef
.
*
* @param adviceExpression the AdviceExpression
to add.
*/
public void add(AdviceExpression adviceExpression) {
this.ensureAdviceExpressions();
this.adviceExpressions.add(adviceExpression);
}
/**
* Adds the contents of the given Collection
of AdviceExpression
s to the set of
* AdviceExpression
s for this PolicyDef
.
*
* @param adviceExpressionsIn the Collection
of AdviceExpression
s to add.
*/
public void addAdviceExpressions(Collection adviceExpressionsIn) {
this.ensureAdviceExpressions();
this.adviceExpressions.addAll(adviceExpressionsIn);
}
/**
* Gets the String
version for this PolicyDef
.
*
* @return the String
version for this PolicyDef
.
*/
public Version getVersion() {
return this.version;
}
/**
* Sets the version String
for this PolicyDef
*
* @param versionIn the String
version for this PolicyDef
*/
public void setVersion(Version versionIn) {
this.version = versionIn;
this.idReference = null;
}
/**
* Creates the IdReference
for this PolicyDef
if needed and returns it.
*
* @return the IdReference
for this PolicyDef
*/
public IdReference getIdReference() {
if (this.idReference == null) {
this.idReference = new StdIdReference(this.getIdentifier(), this.getVersion());
}
return this.idReference;
}
public boolean matches(IdReferenceMatch idReferenceRequest) {
IdReference thisIdReference = this.getIdReference();
if (thisIdReference == null || thisIdReference.getId() == null || idReferenceRequest == null || idReferenceRequest.getId() == null) {
return false;
} else if (!thisIdReference.getId().equals(idReferenceRequest.getId())) {
return false;
}
/*
* Now do version number matching
*/
VersionMatch idReferenceRequestVersion = idReferenceRequest.getVersion();
if (idReferenceRequestVersion != null) {
/*
* Do exact version matching
*/
Version thisVersion = thisIdReference.getVersion();
if (thisVersion == null) {
return false;
} else {
return idReferenceRequestVersion.match(thisVersion, 0);
}
} else {
VersionMatch idReferenceRequestEarliestVersion = idReferenceRequest.getEarliestVersion();
Version thisVersion = thisIdReference.getVersion();
if (idReferenceRequestEarliestVersion != null) {
if (thisVersion == null) {
return false;
} else if (!idReferenceRequestEarliestVersion.match(thisVersion, 1)) {
return false;
}
}
VersionMatch idReferenceRequestLatestVersion = idReferenceRequest.getLatestVersion();
if (idReferenceRequestLatestVersion != null) {
if (thisVersion == null) {
return false;
} else if (!idReferenceRequestLatestVersion.match(thisVersion, -1)) {
return false;
}
}
return true;
}
}
/**
* Gets the Integer
maximum delegation depth for this PolicyDef
.
*
* @return the Integer
maximum delegation depth for this PolicyDef
*/
public Integer getMaxDelegationDepth() {
return this.maxDelegationDepth;
}
/**
* Sets the Integer
maximum delegation depth for this PolicyDef
* @param i the Integer
maximum delegation depth for this PolicyDef
*/
public void setMaxDelegationDepth(Integer i) {
this.maxDelegationDepth = i;
}
@Override
public String toString() {
StringBuilder stringBuilder = new StringBuilder("{");
stringBuilder.append("super=");
stringBuilder.append(super.toString());
Object objectToDump;
if ((objectToDump = this.getDescription()) != null) {
stringBuilder.append(",description=");
stringBuilder.append((String)objectToDump);
}
if ((objectToDump = this.getPolicyIssuer()) != null) {
stringBuilder.append(",policyIssuer=");
stringBuilder.append(objectToDump.toString());
}
if ((objectToDump = this.getTarget()) != null) {
stringBuilder.append(",target=");
stringBuilder.append(objectToDump.toString());
}
String iteratorToString;
if ((iteratorToString = StringUtils.toString(this.getCombinerParameters())) != null) {
stringBuilder.append(",combinerParameters=");
stringBuilder.append(iteratorToString);
}
if ((iteratorToString = StringUtils.toString(this.getObligationExpressions())) != null) {
stringBuilder.append(",obligationExpressions=");
stringBuilder.append(iteratorToString);
}
if ((iteratorToString = StringUtils.toString(this.getAdviceExpressions())) != null) {
stringBuilder.append(",adviceExpressions=");
stringBuilder.append(iteratorToString);
}
if ((objectToDump = this.getVersion()) != null) {
stringBuilder.append(",version=");
stringBuilder.append(objectToDump.toString());
}
if ((objectToDump = this.getMaxDelegationDepth()) != null) {
stringBuilder.append(",maxDelegationDepth=");
stringBuilder.append(objectToDump.toString());
}
stringBuilder.append('}');
return stringBuilder.toString();
}
@Override
public MatchResult match(EvaluationContext evaluationContext) throws EvaluationException {
if (!this.validate()) {
return new MatchResult(new StdStatus(this.getStatusCode(), this.getStatusMessage()));
}
return this.getTarget().match(evaluationContext);
}
}