Examples with EntitlementCondition com.sun.identity.entitlement.EntitlementCondition used on opensource projects

Example 1 with EntitlementCondition

use of com.sun.identity.entitlement.EntitlementCondition in project OpenAM by OpenRock.

the class PrivilegeUtils method privilegeToPolicy.

public static Policy privilegeToPolicy(String realm, Privilege privilege) throws PolicyException, SSOException, EntitlementException {
    Policy policy = new Policy(privilege.getName());
    policy.setDescription(privilege.getDescription());
    if (privilege.getEntitlement() != null) {
        Entitlement entitlement = privilege.getEntitlement();
        Set<Rule> rules = entitlementToRule(realm, entitlement);
        for (Rule rule : rules) {
            policy.addRule(rule);
        }
    }
    EntitlementSubject es = privilege.getSubject();
    if ((es != null) && (es != Privilege.NOT_SUBJECT)) {
        Subject sbj = eSubjectToEPSubject(es);
        policy.addSubject(getSubjectName(es), sbj, false);
    }
    EntitlementCondition ec = privilege.getCondition();
    if (ec != null) {
        Condition cond = eConditionToEPCondition(ec);
        policy.addCondition(getConditionName(ec), cond);
    }
    if (privilege.getResourceAttributes() != null) {
        Map<String, ResponseProvider> nrps = resourceAttributesToResponseProviders(privilege.getResourceAttributes());
        for (String rpName : nrps.keySet()) {
            ResponseProvider responseProvider = nrps.get(rpName);
            policy.addResponseProvider(rpName, responseProvider);
        }
    }
    policy.setCreatedBy(privilege.getCreatedBy());
    policy.setCreationDate(privilege.getCreationDate());
    policy.setLastModifiedBy(privilege.getLastModifiedBy());
    policy.setLastModifiedDate(privilege.getLastModifiedDate());
    return policy;
}

Example 2 with EntitlementCondition

use of com.sun.identity.entitlement.EntitlementCondition in project OpenAM by OpenRock.

the class PrivilegeUtils method nConditionsToECondition.

private static EntitlementCondition nConditionsToECondition(Set nConditons) throws EntitlementException {
    Set<EntitlementCondition> ecSet = new HashSet<EntitlementCondition>();
    for (Object nConditionObj : nConditons) {
        Object[] nCondition = (Object[]) nConditionObj;
        EntitlementCondition ec = mapGenericCondition(nCondition);
        ecSet.add(ec);
    }
    if (ecSet.isEmpty()) {
        return null;
    }
    if (ecSet.size() == 1) {
        return ecSet.iterator().next();
    }
    Map<String, Set<EntitlementCondition>> cnEntcMap = new HashMap<String, Set<EntitlementCondition>>();
    for (EntitlementCondition ec : ecSet) {
        String key = (ec instanceof PolicyCondition) ? ((PolicyCondition) ec).getClassName() : ec.getClass().getName();
        Set<EntitlementCondition> values = cnEntcMap.get(key);
        if (values == null) {
            values = new HashSet<EntitlementCondition>();
            cnEntcMap.put(key, values);
        }
        values.add(ec);
    }
    Set<String> keySet = cnEntcMap.keySet();
    if (keySet.size() == 1) {
        Set<EntitlementCondition> values = cnEntcMap.get(keySet.iterator().next());
        return (values.size() == 1) ? values.iterator().next() : new OrCondition(values);
    }
    Set andSet = new HashSet();
    for (String key : keySet) {
        Set values = (Set) cnEntcMap.get(key);
        if (values.size() == 1) {
            andSet.add(values.iterator().next());
        } else {
            andSet.add(new OrCondition(values));
        }
    }
    return new AndCondition(andSet);
}

Example 3 with EntitlementCondition

use of com.sun.identity.entitlement.EntitlementCondition in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method createEntitlementCondition.

static EntitlementCondition createEntitlementCondition(String dataType, String value) throws EntitlementException {
    if (dataType == null || value == null) {
        return null;
    }
    EntitlementCondition ec = null;
    int i = dataType.indexOf(XACMLConstants.JSON_CONDITION_DATATYPE);
    if (i != 0) {
        return null;
    }
    String className = null;
    if (dataType.length() > XACMLConstants.JSON_CONDITION_DATATYPE.length()) {
        className = dataType.substring(XACMLConstants.JSON_CONDITION_DATATYPE.length() + 1);
        Object ob = createDefaultObject(className);
        if (ob != null && ob instanceof EntitlementCondition) {
            ec = (EntitlementCondition) ob;
        } else {
            PrivilegeManager.debug.error("XACMLPrivilegeUtils." + "createEntitlementCondition()" + "not an EntitlementCondition");
        }
    }
    if (ec != null) {
        ec.setState(value);
        ec.validate();
    }
    return ec;
}

Example 4 with EntitlementCondition

use of com.sun.identity.entitlement.EntitlementCondition in project OpenAM by OpenRock.

the class PolicyConditionUpgrader method migrateEnvironmentConditions.

private void migrateEnvironmentConditions(Privilege privilege, MigrationReport migrationReport) throws UpgradeException, EntitlementException {
    if (privilege.getCondition() == null) {
        return;
    }
    if (privilege.getCondition() instanceof LogicalCondition) {
        LogicalCondition logicalCondition = (LogicalCondition) privilege.getCondition();
        Set<EntitlementCondition> conditions = logicalCondition.getEConditions();
        Set<EntitlementCondition> migratedConditions = new HashSet<EntitlementCondition>();
        for (EntitlementCondition condition : conditions) {
            if (!(condition instanceof PolicyCondition)) {
                //This should never happen due to check in initialise
                throw new UpgradeException("Cannot upgrade a environment condition that is not of PolicyCondition type!");
            }
            migratedConditions.add(migrateEnvironmentCondition((PolicyCondition) condition, migrationReport));
        }
        logicalCondition.setEConditions(migratedConditions);
    } else if (privilege.getCondition() instanceof PolicyCondition) {
        privilege.setCondition(migrateEnvironmentCondition((PolicyCondition) privilege.getCondition(), migrationReport));
    } else {
        //This should never happen due to check in initialise
        throw new UpgradeException("Cannot upgrade a environment condition that is not of PolicyCondition type!");
    }
}

Example 5 with EntitlementCondition

use of com.sun.identity.entitlement.EntitlementCondition in project OpenAM by OpenRock.

the class PolicyConditionUpgraderTest method shouldMigratePolicyWithNotEnvironmentCondition.

@Test
public void shouldMigratePolicyWithNotEnvironmentCondition() throws EntitlementException, UpgradeException {
    //Given
    Privilege policy = mock(Privilege.class);
    NotCondition notCondition = mock(NotCondition.class);
    Set<EntitlementCondition> notConditions = new HashSet<EntitlementCondition>();
    PolicyCondition condition = mock(PolicyCondition.class);
    notConditions.add(condition);
    EntitlementCondition migratedCondition = mock(EntitlementCondition.class);
    given(policy.getCondition()).willReturn(notCondition);
    given(notCondition.getEConditions()).willReturn(notConditions);
    given(condition.getClassName()).willReturn("CONDITION_CLASS_NAME");
    given(conditionUpgradeMap.migrateEnvironmentCondition(eq("CONDITION_CLASS_NAME"), eq(condition), Matchers.<MigrationReport>anyObject())).willReturn(migratedCondition);
    //When
    conditionUpgrader.dryRunPolicyUpgrade(policy);
    //Then
    ArgumentCaptor<Set> conditionCaptor = ArgumentCaptor.forClass(Set.class);
    verify(notCondition).setEConditions(conditionCaptor.capture());
    assertThat(conditionCaptor.getValue()).hasSize(1).contains(migratedCondition);
    verify(policy, never()).setSubject(Matchers.<EntitlementSubject>anyObject());
    verify(policy, never()).setCondition(Matchers.<EntitlementCondition>anyObject());
}