Search in sources :

Example 1 with StaticAttributes

use of com.sun.identity.entitlement.StaticAttributes in project OpenAM by OpenRock.

the class PrivilegeUtils method resourceAttributesToResponseProviders.

private static Map<String, ResponseProvider> resourceAttributesToResponseProviders(Set<ResourceAttribute> resourceAttributes) throws PolicyException, EntitlementException {
    Map<String, ResponseProvider> results = new HashMap<String, ResponseProvider>();
    if (resourceAttributes != null) {
        Map<String, Map<String, Set<String>>> map = new HashMap<String, Map<String, Set<String>>>();
        for (ResourceAttribute ra : resourceAttributes) {
            if (ra instanceof StaticAttributes) {
                resourceAttributesToResponseProviders((StaticAttributes) ra, map);
            } else if (ra instanceof UserAttributes) {
                resourceAttributesToResponseProviders((UserAttributes) ra, map);
            }
        }
        for (String n : map.keySet()) {
            ResponseProvider rp = new IDRepoResponseProvider();
            Map<String, Set<String>> values = map.get(n);
            Set<String> dynValues = values.get(IDRepoResponseProvider.DYNAMIC_ATTRIBUTE);
            if ((dynValues != null) && !dynValues.isEmpty()) {
                Map<String, Set<String>> configParams = new HashMap<String, Set<String>>();
                configParams.put(PolicyConfig.SELECTED_DYNAMIC_ATTRIBUTES, dynValues);
                rp.initialize(configParams);
            }
            rp.setProperties(values);
            results.put(n, rp);
        }
        // Copy any legacy response providers over directly
        for (ResourceAttribute ra : resourceAttributes) {
            if (ra instanceof PolicyResponseProvider) {
                PolicyResponseProvider prp = (PolicyResponseProvider) ra;
                results.put(prp.getPResponseProviderName(), prp.getResponseProvider());
            }
        }
    }
    return results;
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) StaticAttributes(com.sun.identity.entitlement.StaticAttributes) IDRepoResponseProvider(com.sun.identity.policy.plugins.IDRepoResponseProvider) UserAttributes(com.sun.identity.entitlement.UserAttributes) IDRepoResponseProvider(com.sun.identity.policy.plugins.IDRepoResponseProvider) ResponseProvider(com.sun.identity.policy.interfaces.ResponseProvider) ResourceAttribute(com.sun.identity.entitlement.ResourceAttribute) HashMap(java.util.HashMap) Map(java.util.Map)

Example 2 with StaticAttributes

use of com.sun.identity.entitlement.StaticAttributes in project OpenAM by OpenRock.

the class PrivilegeUtils method nrpsToResourceAttributes.

private static Set<ResourceAttribute> nrpsToResourceAttributes(IDRepoResponseProvider irp, String nrpName) throws EntitlementException {
    Map<String, ResourceAttribute> map = new HashMap<String, ResourceAttribute>();
    Map props = irp.getProperties();
    if ((props != null) && !props.isEmpty()) {
        Set<String> sas = (Set<String>) props.get(IDRepoResponseProvider.STATIC_ATTRIBUTE);
        if (sas != null && !sas.isEmpty()) {
            for (String sat : sas) {
                int i = sat.indexOf("=");
                String name = (i != -1) ? sat.substring(0, i) : sat;
                String value = (i != -1) ? sat.substring(i + 1) : null;
                String k = name + "_" + IDRepoResponseProvider.STATIC_ATTRIBUTE;
                StaticAttributes sa = (StaticAttributes) map.get(k);
                if (sa == null) {
                    sa = new StaticAttributes();
                    sa.setPropertyName(name);
                    map.put(k, sa);
                }
                if (value != null) {
                    sa.getPropertyValues().add(value);
                }
                sa.setPResponseProviderName(nrpName);
            }
        }
        Set<String> uas = (Set<String>) props.get(IDRepoResponseProvider.DYNAMIC_ATTRIBUTE);
        if (uas != null && !uas.isEmpty()) {
            for (String uat : uas) {
                int i = uat.indexOf("=");
                String name = (i != -1) ? uat.substring(0, i) : uat;
                String value = (i != -1) ? uat.substring(i + 1) : null;
                String k = name + "_" + IDRepoResponseProvider.DYNAMIC_ATTRIBUTE;
                UserAttributes ua = (UserAttributes) map.get(k);
                if (ua == null) {
                    ua = new UserAttributes();
                    ua.setPropertyName(name);
                    map.put(k, ua);
                }
                if (value != null) {
                    ua.getPropertyValues().add(value);
                }
                ua.setPResponseProviderName(nrpName);
            }
        }
    }
    Set<ResourceAttribute> results = new HashSet<ResourceAttribute>();
    results.addAll(map.values());
    return results;
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) StaticAttributes(com.sun.identity.entitlement.StaticAttributes) ResourceAttribute(com.sun.identity.entitlement.ResourceAttribute) HashMap(java.util.HashMap) Map(java.util.Map) UserAttributes(com.sun.identity.entitlement.UserAttributes) HashSet(java.util.HashSet)

Example 3 with StaticAttributes

use of com.sun.identity.entitlement.StaticAttributes in project OpenAM by OpenRock.

the class XACMLSchemaFactoryTest method shouldEnsureAdviceIsForPermitEffect.

@Test
public void shouldEnsureAdviceIsForPermitEffect() throws Exception {
    // Given
    StaticAttributes testAttribute = new StaticAttributes();
    // When
    AdviceExpression result = xacmlSchemaFactory.resourceAttributeToAdviceExpression(testAttribute);
    // Then
    assertThat(result).isNotNull();
    assertThat(result.getAppliesTo()).isEqualTo(EffectType.PERMIT);
}
Also used : AdviceExpression(com.sun.identity.entitlement.xacml3.core.AdviceExpression) StaticAttributes(com.sun.identity.entitlement.StaticAttributes) Test(org.testng.annotations.Test)

Example 4 with StaticAttributes

use of com.sun.identity.entitlement.StaticAttributes in project OpenAM by OpenRock.

the class PrivilegeUtilsTest method testPrivilegeToPolicy.

@Test
public void testPrivilegeToPolicy() throws Exception {
    String BASE_DN = Constants.DEFAULT_ROOT_SUFFIX;
    Map<String, Boolean> actionValues = new HashMap<String, Boolean>();
    actionValues.put("GET", Boolean.TRUE);
    actionValues.put("POST", Boolean.TRUE);
    String resourceName = "http://www.sun.com";
    Entitlement entitlement = new Entitlement("iPlanetAMWebAgentService", resourceName, actionValues);
    entitlement.setName("ent1");
    String user11 = "id=user11,ou=user," + BASE_DN;
    String user12 = "id=user12,ou=user," + BASE_DN;
    UserSubject us1 = new OpenSSOUserSubject();
    us1.setID(user11);
    UserSubject us2 = new OpenSSOUserSubject();
    us2.setID(user12);
    Set<EntitlementSubject> subjects = new HashSet<EntitlementSubject>();
    subjects.add(us1);
    subjects.add(us2);
    OrSubject os = new OrSubject(subjects);
    IPv4Condition ipc = new IPv4Condition();
    ipc.setStartIpAndEndIp("100.100.100.100", "200.200.200.200");
    Set<EntitlementCondition> setConditions = new HashSet<EntitlementCondition>();
    setConditions.add(ipc);
    AndCondition andCondition = new AndCondition();
    andCondition.setEConditions(setConditions);
    StaticAttributes sa1 = new StaticAttributes();
    Set<String> aValues = new HashSet<String>();
    aValues.add("a10");
    aValues.add("a20");
    sa1.setPropertyName("a");
    sa1.setPropertyValues(aValues);
    sa1.setPResponseProviderName("sa");
    StaticAttributes sa2 = new StaticAttributes();
    Set<String> bValues = new HashSet<String>();
    bValues.add("b10");
    bValues.add("b20");
    sa2.setPropertyName("b");
    sa2.setPropertyValues(bValues);
    sa2.setPResponseProviderName("sa");
    UserAttributes uat1 = new UserAttributes();
    uat1.setPropertyName("email");
    uat1.setPResponseProviderName("ua");
    UserAttributes uat2 = new UserAttributes();
    uat2.setPropertyName("uid");
    uat2.setPResponseProviderName("ua");
    Set<ResourceAttribute> ra = new HashSet<ResourceAttribute>();
    ra.add(sa1);
    ra.add(sa2);
    ra.add(uat1);
    ra.add(uat2);
    Privilege privilege = Privilege.getNewInstance();
    privilege.setName("PrivilegeUtilsTest");
    privilege.setEntitlement(entitlement);
    //orSubject
    privilege.setSubject(os);
    privilege.setCondition(andCondition);
    privilege.setResourceAttributes(ra);
    Policy policy = PrivilegeUtils.privilegeToPolicy("/", privilege);
    Set<IPrivilege> ps = PrivilegeUtils.policyToPrivileges(policy);
    if ((ps == null) || ps.isEmpty()) {
        throw new Exception("PrivilegeUtilsTest.testPrivilegeToPolicy failed.");
    }
}
Also used : EntitlementCondition(com.sun.identity.entitlement.EntitlementCondition) HashMap(java.util.HashMap) AndCondition(com.sun.identity.entitlement.AndCondition) UserAttributes(com.sun.identity.entitlement.UserAttributes) OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject) UserSubject(com.sun.identity.entitlement.UserSubject) ResourceAttribute(com.sun.identity.entitlement.ResourceAttribute) HashSet(java.util.HashSet) IPv4Condition(org.forgerock.openam.entitlement.conditions.environment.IPv4Condition) OpenSSOUserSubject(com.sun.identity.entitlement.opensso.OpenSSOUserSubject) StaticAttributes(com.sun.identity.entitlement.StaticAttributes) OrSubject(com.sun.identity.entitlement.OrSubject) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) EntitlementSubject(com.sun.identity.entitlement.EntitlementSubject) IPrivilege(com.sun.identity.entitlement.IPrivilege) Entitlement(com.sun.identity.entitlement.Entitlement) IPrivilege(com.sun.identity.entitlement.IPrivilege) Privilege(com.sun.identity.entitlement.Privilege) Test(org.testng.annotations.Test)

Example 5 with StaticAttributes

use of com.sun.identity.entitlement.StaticAttributes in project OpenAM by OpenRock.

the class EntitlementRegistryTest method shouldNotReturnSuperTypeAttributeNames.

@Test
public void shouldNotReturnSuperTypeAttributeNames() {
    // Given
    ResourceAttribute testAttribute = new StaticAttributes();
    // Only super-type registered
    testRegistry.registerAttributeType(ResourceAttribute.class);
    // When
    String result = testRegistry.getAttributeName(testAttribute);
    // Then
    assertThat(result).isNull();
}
Also used : StaticAttributes(com.sun.identity.entitlement.StaticAttributes) ResourceAttribute(com.sun.identity.entitlement.ResourceAttribute) Test(org.testng.annotations.Test)

Aggregations

StaticAttributes (com.sun.identity.entitlement.StaticAttributes)8 ResourceAttribute (com.sun.identity.entitlement.ResourceAttribute)7 Test (org.testng.annotations.Test)6 UserAttributes (com.sun.identity.entitlement.UserAttributes)5 HashMap (java.util.HashMap)4 HashSet (java.util.HashSet)4 Privilege (com.sun.identity.entitlement.Privilege)3 AndCondition (com.sun.identity.entitlement.AndCondition)2 Entitlement (com.sun.identity.entitlement.Entitlement)2 EntitlementCondition (com.sun.identity.entitlement.EntitlementCondition)2 EntitlementSubject (com.sun.identity.entitlement.EntitlementSubject)2 OrSubject (com.sun.identity.entitlement.OrSubject)2 UserSubject (com.sun.identity.entitlement.UserSubject)2 OpenSSOUserSubject (com.sun.identity.entitlement.opensso.OpenSSOUserSubject)2 Map (java.util.Map)2 Set (java.util.Set)2 IPv4Condition (org.forgerock.openam.entitlement.conditions.environment.IPv4Condition)2 SSOException (com.iplanet.sso.SSOException)1 IPrivilege (com.sun.identity.entitlement.IPrivilege)1 OrCondition (com.sun.identity.entitlement.OrCondition)1