use of com.sun.identity.entitlement.UserAttributes in project OpenAM by OpenRock.
the class PrivilegeUtils method resourceAttributesToResponseProviders.
private static Map<String, ResponseProvider> resourceAttributesToResponseProviders(Set<ResourceAttribute> resourceAttributes) throws PolicyException, EntitlementException {
Map<String, ResponseProvider> results = new HashMap<String, ResponseProvider>();
if (resourceAttributes != null) {
Map<String, Map<String, Set<String>>> map = new HashMap<String, Map<String, Set<String>>>();
for (ResourceAttribute ra : resourceAttributes) {
if (ra instanceof StaticAttributes) {
resourceAttributesToResponseProviders((StaticAttributes) ra, map);
} else if (ra instanceof UserAttributes) {
resourceAttributesToResponseProviders((UserAttributes) ra, map);
}
}
for (String n : map.keySet()) {
ResponseProvider rp = new IDRepoResponseProvider();
Map<String, Set<String>> values = map.get(n);
Set<String> dynValues = values.get(IDRepoResponseProvider.DYNAMIC_ATTRIBUTE);
if ((dynValues != null) && !dynValues.isEmpty()) {
Map<String, Set<String>> configParams = new HashMap<String, Set<String>>();
configParams.put(PolicyConfig.SELECTED_DYNAMIC_ATTRIBUTES, dynValues);
rp.initialize(configParams);
}
rp.setProperties(values);
results.put(n, rp);
}
// Copy any legacy response providers over directly
for (ResourceAttribute ra : resourceAttributes) {
if (ra instanceof PolicyResponseProvider) {
PolicyResponseProvider prp = (PolicyResponseProvider) ra;
results.put(prp.getPResponseProviderName(), prp.getResponseProvider());
}
}
}
return results;
}
use of com.sun.identity.entitlement.UserAttributes in project OpenAM by OpenRock.
the class PrivilegeUtils method nrpsToResourceAttributes.
private static Set<ResourceAttribute> nrpsToResourceAttributes(IDRepoResponseProvider irp, String nrpName) throws EntitlementException {
Map<String, ResourceAttribute> map = new HashMap<String, ResourceAttribute>();
Map props = irp.getProperties();
if ((props != null) && !props.isEmpty()) {
Set<String> sas = (Set<String>) props.get(IDRepoResponseProvider.STATIC_ATTRIBUTE);
if (sas != null && !sas.isEmpty()) {
for (String sat : sas) {
int i = sat.indexOf("=");
String name = (i != -1) ? sat.substring(0, i) : sat;
String value = (i != -1) ? sat.substring(i + 1) : null;
String k = name + "_" + IDRepoResponseProvider.STATIC_ATTRIBUTE;
StaticAttributes sa = (StaticAttributes) map.get(k);
if (sa == null) {
sa = new StaticAttributes();
sa.setPropertyName(name);
map.put(k, sa);
}
if (value != null) {
sa.getPropertyValues().add(value);
}
sa.setPResponseProviderName(nrpName);
}
}
Set<String> uas = (Set<String>) props.get(IDRepoResponseProvider.DYNAMIC_ATTRIBUTE);
if (uas != null && !uas.isEmpty()) {
for (String uat : uas) {
int i = uat.indexOf("=");
String name = (i != -1) ? uat.substring(0, i) : uat;
String value = (i != -1) ? uat.substring(i + 1) : null;
String k = name + "_" + IDRepoResponseProvider.DYNAMIC_ATTRIBUTE;
UserAttributes ua = (UserAttributes) map.get(k);
if (ua == null) {
ua = new UserAttributes();
ua.setPropertyName(name);
map.put(k, ua);
}
if (value != null) {
ua.getPropertyValues().add(value);
}
ua.setPResponseProviderName(nrpName);
}
}
}
Set<ResourceAttribute> results = new HashSet<ResourceAttribute>();
results.addAll(map.values());
return results;
}
use of com.sun.identity.entitlement.UserAttributes in project OpenAM by OpenRock.
the class PrivilegeUtilsTest method testPrivilegeToPolicy.
@Test
public void testPrivilegeToPolicy() throws Exception {
String BASE_DN = Constants.DEFAULT_ROOT_SUFFIX;
Map<String, Boolean> actionValues = new HashMap<String, Boolean>();
actionValues.put("GET", Boolean.TRUE);
actionValues.put("POST", Boolean.TRUE);
String resourceName = "http://www.sun.com";
Entitlement entitlement = new Entitlement("iPlanetAMWebAgentService", resourceName, actionValues);
entitlement.setName("ent1");
String user11 = "id=user11,ou=user," + BASE_DN;
String user12 = "id=user12,ou=user," + BASE_DN;
UserSubject us1 = new OpenSSOUserSubject();
us1.setID(user11);
UserSubject us2 = new OpenSSOUserSubject();
us2.setID(user12);
Set<EntitlementSubject> subjects = new HashSet<EntitlementSubject>();
subjects.add(us1);
subjects.add(us2);
OrSubject os = new OrSubject(subjects);
IPv4Condition ipc = new IPv4Condition();
ipc.setStartIpAndEndIp("100.100.100.100", "200.200.200.200");
Set<EntitlementCondition> setConditions = new HashSet<EntitlementCondition>();
setConditions.add(ipc);
AndCondition andCondition = new AndCondition();
andCondition.setEConditions(setConditions);
StaticAttributes sa1 = new StaticAttributes();
Set<String> aValues = new HashSet<String>();
aValues.add("a10");
aValues.add("a20");
sa1.setPropertyName("a");
sa1.setPropertyValues(aValues);
sa1.setPResponseProviderName("sa");
StaticAttributes sa2 = new StaticAttributes();
Set<String> bValues = new HashSet<String>();
bValues.add("b10");
bValues.add("b20");
sa2.setPropertyName("b");
sa2.setPropertyValues(bValues);
sa2.setPResponseProviderName("sa");
UserAttributes uat1 = new UserAttributes();
uat1.setPropertyName("email");
uat1.setPResponseProviderName("ua");
UserAttributes uat2 = new UserAttributes();
uat2.setPropertyName("uid");
uat2.setPResponseProviderName("ua");
Set<ResourceAttribute> ra = new HashSet<ResourceAttribute>();
ra.add(sa1);
ra.add(sa2);
ra.add(uat1);
ra.add(uat2);
Privilege privilege = Privilege.getNewInstance();
privilege.setName("PrivilegeUtilsTest");
privilege.setEntitlement(entitlement);
//orSubject
privilege.setSubject(os);
privilege.setCondition(andCondition);
privilege.setResourceAttributes(ra);
Policy policy = PrivilegeUtils.privilegeToPolicy("/", privilege);
Set<IPrivilege> ps = PrivilegeUtils.policyToPrivileges(policy);
if ((ps == null) || ps.isEmpty()) {
throw new Exception("PrivilegeUtilsTest.testPrivilegeToPolicy failed.");
}
}
use of com.sun.identity.entitlement.UserAttributes in project OpenAM by OpenRock.
the class JsonPolicyParserTest method shouldPrintResourceAttributes.
@Test
public void shouldPrintResourceAttributes() throws Exception {
// Given
Privilege policy = new StubPrivilege();
ResourceAttribute userAttrs = new UserAttributes();
String userAttrName = "testUserAttribute";
userAttrs.setPropertyName(userAttrName);
StaticAttributes staticAttributes = new StaticAttributes();
String staticAttrName = "testStaticAttribute";
staticAttributes.setPropertyName(staticAttrName);
Set<String> staticAttrValue = CollectionUtils.asSet("one", "two", "three");
staticAttributes.setPropertyValues(staticAttrValue);
policy.setResourceAttributes(new LinkedHashSet<ResourceAttribute>(Arrays.asList(userAttrs, staticAttributes)));
// When
JsonValue result = parser.printPolicy(policy);
// Then
assertThat(result.get("resourceAttributes").asList()).hasSize(2);
assertThat(result.get(new JsonPointer("resourceAttributes/0/type")).asString()).isEqualTo("User");
assertThat(result.get(new JsonPointer("resourceAttributes/0/propertyName")).asString()).isEqualTo(userAttrName);
assertThat(result.get(new JsonPointer("resourceAttributes/1/type")).asString()).isEqualTo("Static");
assertThat(result.get(new JsonPointer("resourceAttributes/1/propertyName")).asString()).isEqualTo(staticAttrName);
assertThat(result.get(new JsonPointer("resourceAttributes/1/propertyValues")).asList(String.class)).containsOnly(staticAttrValue.toArray());
}
use of com.sun.identity.entitlement.UserAttributes in project OpenAM by OpenRock.
the class PrivilegeUtilsTest method testPrivilegeToXACMLPolicy.
@Test
public void testPrivilegeToXACMLPolicy() throws Exception {
try {
UnittestLog.logMessage("PrivilegeUtils.testPrivilegeToXACMLPolicy():" + " entered");
Map<String, Boolean> actionValues = new HashMap<String, Boolean>();
actionValues.put("GET", Boolean.TRUE);
actionValues.put("POST", Boolean.FALSE);
// The port is required for passing equals test
// opensso policy would add default port if port not specified
String resourceName = "http://www.sun.com:80";
Entitlement entitlement = new Entitlement(SERVICE_NAME, resourceName, actionValues);
entitlement.setName("ent1");
String user11 = "id=user11,ou=user," + ServiceManager.getBaseDN();
String user12 = "id=user12,ou=user," + ServiceManager.getBaseDN();
UserSubject ua1 = new OpenSSOUserSubject();
ua1.setID(user11);
UserSubject ua2 = new OpenSSOUserSubject();
ua2.setID(user12);
Set<EntitlementSubject> subjects = new HashSet<EntitlementSubject>();
subjects.add(ua1);
subjects.add(ua2);
OrSubject os = new OrSubject(subjects);
Set<EntitlementCondition> conditions = new HashSet<EntitlementCondition>();
String startIp = "100.100.100.100";
String endIp = "200.200.200.200";
IPv4Condition ipc = new IPv4Condition();
ipc.setStartIpAndEndIp(startIp, endIp);
conditions.add(ipc);
OrCondition oc = new OrCondition(conditions);
AndCondition ac = new AndCondition(conditions);
StaticAttributes sa1 = new StaticAttributes();
Set<String> aValues = new HashSet<String>();
aValues.add("a10");
aValues.add("a20");
sa1.setPropertyName("a");
sa1.setPropertyValues(aValues);
sa1.setPResponseProviderName("sa");
StaticAttributes sa2 = new StaticAttributes();
Set<String> bValues = new HashSet<String>();
bValues.add("b10");
bValues.add("b20");
sa2.setPropertyName("b");
sa2.setPropertyValues(bValues);
sa2.setPResponseProviderName("sa");
UserAttributes uat1 = new UserAttributes();
uat1.setPropertyName("email");
uat1.setPResponseProviderName("ua");
UserAttributes uat2 = new UserAttributes();
uat2.setPropertyName("uid");
uat2.setPResponseProviderName("ua");
Set<ResourceAttribute> ra = new HashSet<ResourceAttribute>();
ra.add(sa1);
ra.add(sa2);
ra.add(uat1);
ra.add(uat2);
Privilege privilege = Privilege.getNewInstance();
privilege.setName(PRIVILEGE_NAME);
privilege.setEntitlement(entitlement);
privilege.setSubject(ua1);
privilege.setCondition(ipc);
privilege.setResourceAttributes(ra);
privilege.setCreatedBy("amadmin");
privilege.setLastModifiedBy("amadmin");
privilege.setCreationDate(System.currentTimeMillis());
privilege.setLastModifiedDate(System.currentTimeMillis());
UnittestLog.logMessage("PrivilegeUtils.testPrivilegeToXACMLPolicy():" + "Privilege=" + privilege.toString());
UnittestLog.logMessage("PrivilegeUtils.testPrivilegeToXACMLPolicy():" + "converting to xacml policy");
// TODO(jtb): not compiling
String xacmlString = XACMLPrivilegeUtils.toXACML(privilege);
UnittestLog.logMessage("xacml policy=" + xacmlString);
} catch (Throwable t) {
UnittestLog.logError("Throwable:", t);
UnittestLog.logMessage("Throwable:" + t.getMessage());
t.printStackTrace();
}
}
Aggregations