Examples with EntitlementSubject com.sun.identity.entitlement.EntitlementSubject used on opensource projects

Example 1 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class PrivilegeUtils method privilegeToPolicy.

public static Policy privilegeToPolicy(String realm, Privilege privilege) throws PolicyException, SSOException, EntitlementException {
    Policy policy = new Policy(privilege.getName());
    policy.setDescription(privilege.getDescription());
    if (privilege.getEntitlement() != null) {
        Entitlement entitlement = privilege.getEntitlement();
        Set<Rule> rules = entitlementToRule(realm, entitlement);
        for (Rule rule : rules) {
            policy.addRule(rule);
        }
    }
    EntitlementSubject es = privilege.getSubject();
    if ((es != null) && (es != Privilege.NOT_SUBJECT)) {
        Subject sbj = eSubjectToEPSubject(es);
        policy.addSubject(getSubjectName(es), sbj, false);
    }
    EntitlementCondition ec = privilege.getCondition();
    if (ec != null) {
        Condition cond = eConditionToEPCondition(ec);
        policy.addCondition(getConditionName(ec), cond);
    }
    if (privilege.getResourceAttributes() != null) {
        Map<String, ResponseProvider> nrps = resourceAttributesToResponseProviders(privilege.getResourceAttributes());
        for (String rpName : nrps.keySet()) {
            ResponseProvider responseProvider = nrps.get(rpName);
            policy.addResponseProvider(rpName, responseProvider);
        }
    }
    policy.setCreatedBy(privilege.getCreatedBy());
    policy.setCreationDate(privilege.getCreationDate());
    policy.setLastModifiedBy(privilege.getLastModifiedBy());
    policy.setLastModifiedDate(privilege.getLastModifiedDate());
    return policy;
}

Example 2 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class PrivilegeUtils method mapGenericSubject.

private static EntitlementSubject mapGenericSubject(String subjectName, Subject objSubject, boolean exclusive) {
    try {
        if (objSubject instanceof com.sun.identity.policy.plugins.PrivilegeSubject) {
            com.sun.identity.policy.plugins.PrivilegeSubject pips = (com.sun.identity.policy.plugins.PrivilegeSubject) objSubject;
            Set<String> values = pips.getValues();
            String val = values.iterator().next();
            int idx = val.indexOf("=");
            String className = val.substring(0, idx);
            String state = val.substring(idx + 1);
            EntitlementSubject es = (EntitlementSubject) Class.forName(className).newInstance();
            es.setState(state);
            return es;
        } else {
            Subject sbj = (Subject) objSubject;
            Set<String> val = sbj.getValues();
            String className = sbj.getClass().getName();
            return new PolicySubject(subjectName, className, val, exclusive);
        }
    } catch (ClassNotFoundException e) {
        PolicyConstants.DEBUG.error("PrivilegeUtils.mapGenericSubject", e);
    } catch (InstantiationException e) {
        PolicyConstants.DEBUG.error("PrivilegeUtils.mapGenericSubject", e);
    } catch (IllegalAccessException e) {
        PolicyConstants.DEBUG.error("PrivilegeUtils.mapGenericSubject", e);
    }
    return null;
}

Example 3 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class MultipleResourceRestTest method setup.

@BeforeClass
public void setup() throws Exception {
    PrivilegeManager pm = PrivilegeManager.getInstance(REALM, adminSubject);
    {
        Privilege privilege = Privilege.getNewInstance();
        privilege.setName(PRIVILEGE_NAME + "1");
        Map<String, Boolean> actions = new HashMap<String, Boolean>();
        actions.put("GET", true);
        Entitlement entitlement = new Entitlement(RESOURCE_NAME + "/*", actions);
        privilege.setEntitlement(entitlement);
        EntitlementSubject sbj = new AuthenticatedUsers();
        privilege.setSubject(sbj);
        pm.add(privilege);
    }
    {
        Privilege privilege = Privilege.getNewInstance();
        privilege.setName(PRIVILEGE_NAME + "2");
        Map<String, Boolean> actions = new HashMap<String, Boolean>();
        actions.put("GET", false);
        Entitlement entitlement = new Entitlement(RESOURCE_NAME + "/index.html", actions);
        privilege.setEntitlement(entitlement);
        EntitlementSubject sbj = new AuthenticatedUsers();
        privilege.setSubject(sbj);
        pm.add(privilege);
    }
    String tokenId = adminToken.getTokenID().toString();
    hashedTokenId = Hash.hash(tokenId);
    tokenIdHeader = RestServiceManager.SSOTOKEN_SUBJECT_PREFIX + RestServiceManager.SUBJECT_DELIMITER + tokenId;
    String cookieValue = tokenId;
    if (Boolean.parseBoolean(SystemProperties.get(Constants.AM_COOKIE_ENCODE, "false"))) {
        cookieValue = URLEncoder.encode(tokenId, "UTF-8");
    }
    cookie = new Cookie(SystemProperties.get(Constants.AM_COOKIE_NAME), cookieValue);
    user = IdRepoUtils.createUser(REALM, "MultipleResourceRestTestUser");
    decisionsClient = Client.create().resource(SystemProperties.getServerInstanceName() + "/ws/1/entitlement/decisions");
    entitlementsClient = Client.create().resource(SystemProperties.getServerInstanceName() + "/ws/1/entitlement/entitlements");
}

Example 4 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class PolicyConditionUpgrader method isSubjectConditionUpgradable.

private boolean isSubjectConditionUpgradable(EntitlementSubject subject) {
    if (subject == null) {
        return true;
    }
    if (subject instanceof NoSubject) {
        return true;
    }
    if (subject instanceof LogicalSubject) {
        LogicalSubject logicalSubject = (LogicalSubject) subject;
        boolean upgradable = true;
        for (EntitlementSubject sub : logicalSubject.getESubjects()) {
            upgradable &= isUpgradablePolicySubject(sub);
        }
        return upgradable;
    }
    return isUpgradablePolicySubject(subject);
}

Example 5 with EntitlementSubject

use of com.sun.identity.entitlement.EntitlementSubject in project OpenAM by OpenRock.

the class PolicyConditionUpgraderTest method isPolicyWithAndSubjectConditionUpgradable.

@Test(dataProvider = "isPolicyWithAndSubjectConditionUpgradableDataProvider")
public void isPolicyWithAndSubjectConditionUpgradable(Class<? extends EntitlementSubject> sub1, boolean sub1InMap, Class<? extends EntitlementSubject> sub2, boolean sub2InMap, boolean expectedResult) {
    //Given
    Privilege policy = mock(Privilege.class);
    AndSubject andSubject = mock(AndSubject.class);
    Set<EntitlementSubject> andSubjects = new HashSet<EntitlementSubject>();
    EntitlementSubject subject1 = mock(sub1);
    EntitlementSubject subject2 = mock(sub2);
    andSubjects.add(subject1);
    andSubjects.add(subject2);
    given(policy.getSubject()).willReturn(andSubject);
    given(andSubject.getESubjects()).willReturn(andSubjects);
    if (subject1 instanceof PolicySubject) {
        given(((PolicySubject) subject1).getClassName()).willReturn("SUBJECT1_CLASS_NAME");
    }
    if (subject2 instanceof PolicySubject) {
        given(((PolicySubject) subject2).getClassName()).willReturn("SUBJECT2_CLASS_NAME");
    }
    given(conditionUpgradeMap.containsSubjectCondition("SUBJECT1_CLASS_NAME")).willReturn(sub1InMap);
    given(conditionUpgradeMap.containsSubjectCondition("SUBJECT2_CLASS_NAME")).willReturn(sub2InMap);
    //When
    boolean upgradable = conditionUpgrader.isPolicyUpgradable(policy);
    //Then
    assertThat(upgradable).isEqualTo(expectedResult);
}