Example 96 with Privilege
use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method policyToPrivilege.
public static Privilege policyToPrivilege(Policy policy) throws EntitlementException {
String policyId = policy.getPolicyId();
String privilegeName = policyIdToPrivilegeName(policyId);
String description = policy.getDescription();
String createdBy = getVariableById(policy, XACMLConstants.PRIVILEGE_CREATED_BY);
long createdAt = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_CREATION_DATE));
String lastModifiedBy = getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_BY);
long lastModifiedAt = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_DATE));
String entitlementName = getVariableById(policy, XACMLConstants.ENTITLEMENT_NAME);
String applicationName = getVariableById(policy, XACMLConstants.APPLICATION_NAME);
List<Match> policyMatches = getAllMatchesFromTarget(policy.getTarget());
Set<String> resourceNames = getResourceNamesFromMatches(policyMatches);
Map<String, Boolean> actionValues = getActionValuesFromPolicy(policy);
EntitlementSubject es = getEntitlementSubjectFromPolicy(policy);
EntitlementCondition ec = getEntitlementConditionFromPolicy(policy);
/*
* Construct entitlement from Rule target
* Get resource names, excluded resource names, action names from Rule Match element
* One Match for Action
* One Rule per value
*/
Entitlement entitlement = new Entitlement(applicationName, resourceNames, actionValues);
if (entitlementName != null) {
entitlement.setName(entitlementName);
}
// Process AdviceExpressions from Export into ResourceAttributes
Set<ResourceAttribute> ras = schemaFactory.adviceExpressionsToResourceAttributes(policy.getAdviceExpressions());
Privilege privilege = new XACMLOpenSSOPrivilege();
privilege.setName(privilegeName);
privilege.setDescription(description);
privilege.setCreatedBy(createdBy);
privilege.setCreationDate(createdAt);
privilege.setLastModifiedBy(lastModifiedBy);
privilege.setLastModifiedDate(lastModifiedAt);
privilege.setEntitlement(entitlement);
privilege.setSubject(es);
privilege.setCondition(ec);
privilege.setResourceAttributes(ras);
return privilege;
}
Also used :
EntitlementCondition(com.sun.identity.entitlement.EntitlementCondition)
Match(com.sun.identity.entitlement.xacml3.core.Match)
EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject)
XACMLOpenSSOPrivilege(com.sun.identity.entitlement.opensso.XACMLOpenSSOPrivilege)
Entitlement(com.sun.identity.entitlement.Entitlement)
ResourceAttribute(com.sun.identity.entitlement.ResourceAttribute)
XACMLOpenSSOPrivilege(com.sun.identity.entitlement.opensso.XACMLOpenSSOPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
Example 97 with Privilege
use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.
the class FactoryMethods method getArbitraryPrivilegeAsPolicy.
public static Policy getArbitraryPrivilegeAsPolicy(long now) throws EntitlementException {
Set<Privilege> privileges = createArbitraryPrivilegeSet(now);
PolicySet policySet = XACMLPrivilegeUtils.privilegesToPolicySet("/", privileges);
return (Policy) policySet.getPolicySetOrPolicyOrPolicySetIdReference().get(0).getValue();
}
Also used :
Policy(com.sun.identity.entitlement.xacml3.core.Policy)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)
Example 98 with Privilege
use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.
the class PolicyResource method updateInstance.
/**
* {@inheritDoc}
*/
@Override
public Promise<ResourceResponse, ResourceException> updateInstance(Context context, String resourceId, UpdateRequest request) {
try {
Privilege policy = policyParser.parsePolicy(resourceId, request.getContent());
ResourceResponse result = policyResource(policyStoreProvider.getPolicyStore(context).update(resourceId, policy));
return newResultPromise(result);
} catch (EntitlementException ex) {
DEBUG.error("PolicyResource :: UPDATE : Error updating policy, " + resourceId + ".", ex);
return resourceErrorHandler.handleError(context, request, ex).asPromise();
}
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
ResourceResponse(org.forgerock.json.resource.ResourceResponse)
Privilege(com.sun.identity.entitlement.Privilege)
Example 99 with Privilege
use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.
the class XACMLPrivilegeUtilsTest method shouldReturnNullWhenGivenNullAsPrivilegeSet.
@Test
public void shouldReturnNullWhenGivenNullAsPrivilegeSet() {
//Given
Set<Privilege> privileges = null;
//When
PolicySet policySet = XACMLPrivilegeUtils.privilegesToPolicySet("/", privileges);
//Then
assertNull(policySet, "Expected PolicySet to be null.");
}
Also used :
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)
Test(org.testng.annotations.Test)
Example 100 with Privilege
use of com.sun.identity.entitlement.Privilege in project OpenAM by OpenRock.
the class XACMLPrivilegeUtilsTest method shouldResultInEquivalentPrivilegesWhenValidPrivilegeSetSerializedToXACMLThenDeserialized.
@Test
public void shouldResultInEquivalentPrivilegesWhenValidPrivilegeSetSerializedToXACMLThenDeserialized() throws EntitlementException {
//Given
Set<Privilege> privileges = createArbitraryPrivilegeSet(now);
PolicySet policySet = XACMLPrivilegeUtils.privilegesToPolicySet("/", privileges);
List<Policy> policies = getPoliciesFromPolicySet(policySet);
List<Privilege> deserializedPrivileges = new ArrayList<Privilege>();
for (Policy policy : policies) {
//When
deserializedPrivileges.add(XACMLPrivilegeUtils.policyToPrivilege(policy));
}
//Then
assertAllPrivilegesEquivalent(deserializedPrivileges, privileges);
}
Also used :
Policy(com.sun.identity.entitlement.xacml3.core.Policy)
ArrayList(java.util.ArrayList)
ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet)
Test(org.testng.annotations.Test)
Aggregations
Privilege (com.sun.identity.entitlement.Privilege)122
Test (org.testng.annotations.Test)76
JsonValue (org.forgerock.json.JsonValue)46
OpenSSOPrivilege (com.sun.identity.entitlement.opensso.OpenSSOPrivilege)39
HashSet (java.util.HashSet)30
ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)26
EntitlementException (com.sun.identity.entitlement.EntitlementException)23
IPrivilege (com.sun.identity.entitlement.IPrivilege)23
Entitlement (com.sun.identity.entitlement.Entitlement)19
EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)18
PrivilegeManager (com.sun.identity.entitlement.PrivilegeManager)17
HashMap (java.util.HashMap)15
EntitlementCondition (com.sun.identity.entitlement.EntitlementCondition)13
ApplicationPrivilege (com.sun.identity.entitlement.ApplicationPrivilege)11
PolicyCondition (com.sun.identity.entitlement.opensso.PolicyCondition)10
Set (java.util.Set)9
SSOToken (com.iplanet.sso.SSOToken)8
PolicySubject (com.sun.identity.entitlement.opensso.PolicySubject)8
Subject (javax.security.auth.Subject)8
ResourceResponse (org.forgerock.json.resource.ResourceResponse)8
