use of com.sun.identity.entitlement.xacml3.core.Apply in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method getEntitlementSubjectFromPolicy.
static EntitlementSubject getEntitlementSubjectFromPolicy(Policy policy) {
if (policy == null) {
return null;
}
List<Rule> rules = getRules(policy);
if (rules == null) {
return null;
}
EntitlementSubject es = null;
for (Rule rule : rules) {
Condition condition = rule.getCondition();
JAXBElement jaxbElement = condition.getExpression();
if (jaxbElement.getDeclaredType().equals(Apply.class)) {
Apply apply = (Apply) jaxbElement.getValue();
String functionId = apply.getFunctionId();
if (XACMLConstants.JSON_SUBJECT_AND_CONDITION_SATISFIED.equals(functionId)) {
List<JAXBElement<?>> expressionList = apply.getExpression();
for (JAXBElement jaxe : expressionList) {
if (jaxe.getDeclaredType().equals(AttributeValue.class)) {
AttributeValue av = (AttributeValue) jaxe.getValue();
String dataType = av.getDataType();
if (dataType.startsWith(XACMLConstants.JSON_SUBJECT_DATATYPE)) {
List<Object> valueList = av.getContent();
String value = null;
if (valueList != null) {
for (Object ob : valueList) {
if (ob instanceof String) {
value = (String) ob;
break;
}
}
}
if (value != null) {
es = createEntitlementSubject(dataType, value);
}
}
}
}
}
}
if (es != null) {
break;
}
}
return es;
}
use of com.sun.identity.entitlement.xacml3.core.Apply in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method getEntitlementConditionFromPolicy.
static EntitlementCondition getEntitlementConditionFromPolicy(Policy policy) throws EntitlementException {
if (policy == null) {
return null;
}
List<Rule> rules = getRules(policy);
if (rules == null) {
return null;
}
EntitlementCondition ec = null;
for (Rule rule : rules) {
Condition condition = rule.getCondition();
JAXBElement jaxbElement = condition.getExpression();
if (jaxbElement.getDeclaredType().equals(Apply.class)) {
Apply apply = (Apply) jaxbElement.getValue();
String functionId = apply.getFunctionId();
if (XACMLConstants.JSON_SUBJECT_AND_CONDITION_SATISFIED.equals(functionId)) {
List<JAXBElement<?>> expressionList = apply.getExpression();
for (JAXBElement jaxe : expressionList) {
if (jaxe.getDeclaredType().equals(AttributeValue.class)) {
AttributeValue av = (AttributeValue) jaxe.getValue();
String dataType = av.getDataType();
if (dataType.startsWith(XACMLConstants.JSON_CONDITION_DATATYPE)) {
List<Object> valueList = av.getContent();
String value = null;
if (valueList != null) {
for (Object ob : valueList) {
if (ob instanceof String) {
value = (String) ob;
break;
}
}
}
if (value != null) {
ec = createEntitlementCondition(dataType, value);
}
}
}
}
}
if (ec != null) {
break;
}
}
}
return ec;
}
use of com.sun.identity.entitlement.xacml3.core.Apply in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method eSubjectConditionToXCondition.
public static Condition eSubjectConditionToXCondition(EntitlementSubject es, EntitlementCondition ec) throws JAXBException {
Condition condition = null;
if (es != null || ec != null) {
condition = new Condition();
JAXBContext jaxbContext = JAXBContext.newInstance(XACMLConstants.XACML3_CORE_PKG);
Apply apply = new Apply();
apply.setFunctionId(XACMLConstants.JSON_SUBJECT_AND_CONDITION_SATISFIED);
List applyExpressions = apply.getExpression();
if (es != null) {
String esString = es.getState();
// TODO: add custom xml attribute to idenity as privilge subject
AttributeValue esv = new AttributeValue();
Map<QName, String> otherAttrs = esv.getOtherAttributes();
QName qn = new QName("privilegeComponent");
otherAttrs.put(qn, "entitlementSubject");
String dataType = XACMLConstants.JSON_SUBJECT_DATATYPE + ":" + es.getClass().getName();
esv.setDataType(dataType);
esv.getContent().add(esString);
JAXBElement esve = objectFactory.createAttributeValue(esv);
applyExpressions.add(esve);
}
if (ec != null) {
String ecString = ec.getState();
// TODO: add custom xml attribute to idenity as privilge condition
AttributeValue ecv = new AttributeValue();
Map<QName, String> otherAttrs = ecv.getOtherAttributes();
QName qn = new QName("privilegeComponent");
otherAttrs.put(qn, "entitlementCondition");
String dataType = XACMLConstants.JSON_CONDITION_DATATYPE + ":" + ec.getClass().getName();
ecv.setDataType(dataType);
ecv.getContent().add(ecString);
JAXBElement ecve = objectFactory.createAttributeValue(ecv);
applyExpressions.add(ecve);
}
JAXBElement applyElement = objectFactory.createApply(apply);
condition.setExpression(applyElement);
}
return condition;
}
Aggregations