All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.att.research.xacmlatt.pdp.policy.expressions.AttributeDesignator Maven / Gradle / Ivy

The newest version!
/*
 *
 *          Copyright (c) 2013,2019, 2023  AT&T Knowledge Ventures
 *                     SPDX-License-Identifier: MIT
 */
package com.att.research.xacmlatt.pdp.policy.expressions;

import java.util.Collection;

import com.att.research.xacml.api.Attribute;
import com.att.research.xacml.api.AttributeValue;
import com.att.research.xacml.api.Identifier;
import com.att.research.xacml.api.MissingAttributeDetail;
import com.att.research.xacml.api.RequestAttributes;
import com.att.research.xacml.api.Status;
import com.att.research.xacml.api.StatusCode;
import com.att.research.xacml.api.StatusDetail;
import com.att.research.xacml.api.pip.PIPException;
import com.att.research.xacml.api.pip.PIPRequest;
import com.att.research.xacml.api.pip.PIPResponse;
import com.att.research.xacml.std.StdMutableMissingAttributeDetail;
import com.att.research.xacml.std.StdStatus;
import com.att.research.xacml.std.StdStatusCode;
import com.att.research.xacml.std.StdStatusDetail;
import com.att.research.xacml.std.pip.StdPIPRequest;
import com.att.research.xacml.std.pip.engines.EntityEngine;
import com.att.research.xacmlatt.pdp.eval.EvaluationContext;
import com.att.research.xacmlatt.pdp.eval.EvaluationException;
import com.att.research.xacmlatt.pdp.policy.Bag;
import com.att.research.xacmlatt.pdp.policy.ExpressionResult;
import com.att.research.xacmlatt.pdp.policy.PolicyDefaults;

/**
 * AttributeDesignator extends {@link com.att.research.xacmlatt.pdp.policy.expressions.AttributeRetrievalBase} to represent the
 * XACML AttributeDesignator element.
 * 
 * @author car
 * @version $Revision: 1.2 $
 */
public class AttributeDesignator extends AttributeRetrievalBase {
	private Identifier attributeId;
	private String issuer;
	private PIPRequest pipRequestCached;
	private MissingAttributeDetail missingAttributeDetail;
	private StatusDetail statusDetail;
	
	protected PIPRequest getPIPRequest() {
		if (this.pipRequestCached == null) {
			this.pipRequestCached	= new StdPIPRequest(this.getCategory(), this.getAttributeId(), this.getDataTypeId(), this.getIssuer());
		}
		return this.pipRequestCached;
	}

	protected MissingAttributeDetail getMissingAttributeDetail() {
		if (this.missingAttributeDetail == null) {
			this.missingAttributeDetail	= new StdMutableMissingAttributeDetail(this.getCategory(), this.getAttributeId(), this.getDataTypeId(), this.getIssuer());
		}
		return this.missingAttributeDetail;
	}
	
	protected StatusDetail getStatusDetail() {
		if (this.statusDetail == null) {
			this.statusDetail	= new StdStatusDetail(this.getMissingAttributeDetail());
		}
		return this.statusDetail;
	}
	
	public AttributeDesignator(StatusCode statusCodeIn, String statusMessageIn) {
		super(statusCodeIn, statusMessageIn);
	}

	public AttributeDesignator(StatusCode statusCodeIn) {
		super(statusCodeIn);
	}

	public AttributeDesignator() {
	}
	
	public Identifier getAttributeId() {
		return this.attributeId;
	}
	
	public void setAttributeId(Identifier identifierAttributeId) {
		this.attributeId	= identifierAttributeId;
	}
	
	public String getIssuer() {
		return this.issuer;
	}
	
	public void setIssuer(String issuerIn) {
		this.issuer	= issuerIn;
	}
	
	@Override
	protected boolean validateComponent() {
		if (!super.validateComponent()) {
			return false;
		} else if (this.getAttributeId() == null) {
			this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing AttributeId");
			return false;
		} else {
			return true;
		}
	}
	
	/**
	 * Determines if the given Attribute has the same category, attribute id, and issuer as this
	 * AttributeDesignator.
	 * 
	 * @param attribute the Attribute to test
	 * @return true if the Attribute matches, else false
	 */
	protected boolean match(Attribute attribute) {
		if (this.getCategory() != null && !this.getCategory().equals(attribute.getCategory())) {
			return false;
		} else if (!this.getAttributeId().equals(attribute.getAttributeId())) {
			return false;
		} else if (this.getIssuer() != null && !this.getIssuer().equals(attribute.getIssuer())) {
			return false;
		} else {
			return true;
		}
	}
	
	/**
	 * Determines if the given AttributeValue has the same data type id as this
	 * AttributeDesignator.
	 * 
	 * @param attributeValue the AttributeValue to test
	 * @return true if the AttributeValue maches, else false
	 */
	protected boolean match(AttributeValue attributeValue) {
		if (!this.getDataTypeId().equals(attributeValue.getDataTypeId())) {
			return false;
		} else {
			return true;
		}
	}

	/**
	 * Evaluates a {@link PIPRequest}. If an Entity was specified via {@link #setEntity(RequestAttributes)} then
	 * evaluation of the request is delegated to the Entity. Otherwise, the evluation is delegated to the supplied
	 * {@link EvaluationContext}.
	 *
	 * @param evaluationContext The evaluation context.
	 * @param pipRequest The PIP request.
	 * @return the PIP response.
	 * @throws PIPException if the PIP request couldn't be evaluated.
	 */
	protected PIPResponse getAttributes(EvaluationContext evaluationContext, PIPRequest pipRequest) throws PIPException {
		if (getCategory() != null) {
			return evaluationContext.getAttributes(pipRequest);
		} else {
			assert (getEntity() != null);
			EntityEngine entityEngine = new EntityEngine(getEntity());
			return entityEngine.getAttributes(pipRequest, null);
		}
	}

	@Override
	public ExpressionResult evaluate(EvaluationContext evaluationContext, PolicyDefaults policyDefaults) throws EvaluationException {
		if (!this.validate()) {
			return ExpressionResult.newInstance(new StdStatus(this.getStatusCode(), this.getStatusMessage()));
		}
		
		/*
		 * Set up the PIPRequest representing this
		 */
		PIPRequest pipRequest	= this.getPIPRequest();
		assert(pipRequest != null);
		
		/*
		 * Query the evaluation context for results
		 */
		PIPResponse pipResponse	= null;
		try {
			pipResponse	= getAttributes(evaluationContext, pipRequest);
		} catch (PIPException ex) {
			throw new EvaluationException("PIPException getting Attributes", ex);
		}
		assert(pipResponse != null);
		
		/*
		 * See if the request was successful
		 */
		Status pipStatus		= pipResponse.getStatus();
		if (pipStatus != null && !pipStatus.getStatusCode().equals(StdStatusCode.STATUS_CODE_OK)) {
			return ExpressionResult.newInstance(pipStatus);
		}
		
		/*
		 * See if there were any results
		 */
		Bag bagAttributeValues				= new Bag();
		Collection listAttributes	= pipResponse.getAttributes();
		for (Attribute attribute : listAttributes) {
			if (this.match(attribute)) {
				for (AttributeValue attributeValue: attribute.getValues()) {
					if (this.match(attributeValue)) {
						bagAttributeValues.add(attributeValue);
					}
				}
			}		
		}
		if (this.getMustBePresent() && bagAttributeValues.size() == 0) {
			return ExpressionResult.newError(new StdStatus(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE, "Missing required attribute", new StdStatusDetail(this.getMissingAttributeDetail())));
		} else {
			return ExpressionResult.newBag(bagAttributeValues);
		}
	}
	
	@Override
	public String toString() {
		StringBuilder stringBuilder	= new StringBuilder("{");
		
		stringBuilder.append("super=");
		stringBuilder.append(super.toString());
		
		Object objectToDump;
		if ((objectToDump = this.getAttributeId()) != null) {
			stringBuilder.append(",attributeId=");
			stringBuilder.append(objectToDump.toString());
		}
		if ((objectToDump = this.getIssuer()) != null) {
			stringBuilder.append(",issuer=");
			stringBuilder.append((String)objectToDump);
		}
		stringBuilder.append('}');
		return stringBuilder.toString();
	}
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy