Example 6 with OrCondition
use of com.sun.identity.entitlement.OrCondition in project OpenAM by OpenRock.
the class PrivilegePolicyMapping method policyToPrivilege.
@Test
public void policyToPrivilege() throws Exception {
Set<IPrivilege> privileges = PrivilegeUtils.policyToPrivileges(policy);
if (privileges.isEmpty()) {
throw new Exception("PrivilegePolicyMapping.policyToPrivilege: cannot get privilege");
}
privilege = (Privilege) privileges.iterator().next();
EntitlementCondition cond = privilege.getCondition();
if (!(cond instanceof OrCondition)) {
throw new Exception("PrivilegePolicyMapping.policyToPrivilege: condition is not AND condition");
}
OrCondition pOrCond = (OrCondition) cond;
for (EntitlementCondition ec : pOrCond.getEConditions()) {
if (!(ec instanceof PolicyCondition)) {
throw new Exception("PrivilegePolicyMapping.policyToPrivilege: condition is not policy condition");
}
PolicyCondition pCond = (PolicyCondition) ec;
Map<String, Set<String>> pCondProp = pCond.getProperties();
if (!pCondProp.equals(ipConditionEnvMap) && !pCondProp.equals(ipConditionEnvMap1)) {
throw new Exception("PrivilegePolicyMapping.policyToPrivilege: condition values are not correct");
}
}
EntitlementSubject sbj = privilege.getSubject();
if (!(sbj instanceof PolicySubject)) {
throw new Exception("PrivilegePolicyMapping.policyToPrivilege: subject is not privilege subject");
}
PolicySubject pSbj = (PolicySubject) sbj;
Set pSbjValue = pSbj.getValues();
if ((pSbjValue == null) || pSbjValue.isEmpty()) {
throw new Exception("PrivilegePolicyMapping.policyToPrivilege: subject value is empty");
}
if (!pSbjValue.contains(testUser.getUniversalId())) {
throw new Exception("PrivilegePolicyMapping.policyToPrivilege: subject value is incorrect");
}
}
Also used :
EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject)
EntitlementCondition(com.sun.identity.entitlement.EntitlementCondition)
HashSet(java.util.HashSet)
Set(java.util.Set)
IPrivilege(com.sun.identity.entitlement.IPrivilege)
OrCondition(com.sun.identity.entitlement.OrCondition)
PolicyException(com.sun.identity.policy.PolicyException)
Test(org.testng.annotations.Test)
Aggregations
OrCondition (com.sun.identity.entitlement.OrCondition)6
EntitlementCondition (com.sun.identity.entitlement.EntitlementCondition)5
HashSet (java.util.HashSet)5
Test (org.testng.annotations.Test)5
Privilege (com.sun.identity.entitlement.Privilege)4
Set (java.util.Set)3
AndCondition (com.sun.identity.entitlement.AndCondition)2
EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)2
PolicyCondition (com.sun.identity.entitlement.opensso.PolicyCondition)2
HashMap (java.util.HashMap)2
Entitlement (com.sun.identity.entitlement.Entitlement)1
IPrivilege (com.sun.identity.entitlement.IPrivilege)1
OrSubject (com.sun.identity.entitlement.OrSubject)1
ResourceAttribute (com.sun.identity.entitlement.ResourceAttribute)1
StaticAttributes (com.sun.identity.entitlement.StaticAttributes)1
UserAttributes (com.sun.identity.entitlement.UserAttributes)1
UserSubject (com.sun.identity.entitlement.UserSubject)1
OpenSSOPrivilege (com.sun.identity.entitlement.opensso.OpenSSOPrivilege)1
OpenSSOUserSubject (com.sun.identity.entitlement.opensso.OpenSSOUserSubject)1
PolicyException (com.sun.identity.policy.PolicyException)1
