use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method entitlementSubjectToAnyOfList.
// TODO: not used now, use, test, fix and verify
public static List<AnyOf> entitlementSubjectToAnyOfList(EntitlementSubject es) {
if (es == null) {
return null;
}
List<AnyOf> anyOfList = new ArrayList<AnyOf>();
AnyOf anyOf = new AnyOf();
anyOfList.add(anyOf);
List<AllOf> allOfList = anyOf.getAllOf();
AllOf allOf = new AllOf();
allOfList.add(allOf);
List<Match> matchList = allOf.getMatch();
if (es instanceof UserSubject) {
UserSubject us = (UserSubject) es;
String userId = us.getID();
Match match = new Match();
matchList.add(match);
match.setMatchId("user-subject-match");
AttributeValue attributeValue = new AttributeValue();
String dataType = "datatype";
attributeValue.setDataType(dataType);
attributeValue.getContent().add(userId);
AttributeDesignator attributeDesignator = new AttributeDesignator();
String category = "subject-category";
attributeDesignator.setCategory(category);
String attributeId = "user-subject:user-id";
attributeDesignator.setAttributeId(attributeId);
String dt = "xs;string";
attributeDesignator.setDataType(dt);
String issuer = "subject:issuer";
// attributeDesignator.setIssuer(issuer); TODO: verify and fix
boolean mustBePresent = true;
attributeDesignator.setMustBePresent(mustBePresent);
match.setAttributeValue(attributeValue);
match.setAttributeDesignator(attributeDesignator);
}
return anyOfList;
}
use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method resourceNameToNotMatch.
public static Match resourceNameToNotMatch(String resourceName, String applicationName) {
if (resourceName == null || resourceName.length() == 0) {
return null;
}
Match match = new Match();
String matchId = XACMLConstants.ENTITLEMENT_RESOURCE_NO_MATCH + ":" + applicationName;
match.setMatchId(matchId);
AttributeValue attributeValue = new AttributeValue();
String dataType = XACMLConstants.XS_STRING;
attributeValue.setDataType(dataType);
attributeValue.getContent().add(resourceName);
AttributeDesignator attributeDesignator = new AttributeDesignator();
String category = XACMLConstants.XACML_RESOURCE_CATEGORY;
attributeDesignator.setCategory(category);
String attributeId = XACMLConstants.XACML_RESOURCE_ID;
attributeDesignator.setAttributeId(attributeId);
String dt = XACMLConstants.XS_STRING;
attributeDesignator.setDataType(dt);
// TODO: not a constant?
String issuer = XACMLConstants.RESOURCE_ISSUER;
// attributeDesignator.setIssuer(issuer); TODO: verify and fix
boolean mustBePresent = true;
attributeDesignator.setMustBePresent(mustBePresent);
match.setAttributeValue(attributeValue);
match.setAttributeDesignator(attributeDesignator);
return match;
}
use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method getVariableById.
public static String getVariableById(Policy policy, String id) {
String val = null;
List<Object> vrList = policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition();
for (Object obj : vrList) {
if (obj instanceof VariableDefinition) {
VariableDefinition vd = (VariableDefinition) obj;
if (vd.getVariableId().equals(id)) {
JAXBElement<AttributeValue> jav = (JAXBElement<AttributeValue>) vd.getExpression();
AttributeValue attributeValue = (AttributeValue) jav.getValue();
val = attributeValue.getContent().get(0).toString();
}
}
}
return val;
}
use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method entitlementSubjectToAnyOf.
public static AnyOf entitlementSubjectToAnyOf(EntitlementSubject es) throws JAXBException {
if (es == null) {
return null;
}
AnyOf anyOf = new AnyOf();
List<AllOf> allOfList = anyOf.getAllOf();
AllOf allOf = new AllOf();
allOfList.add(allOf);
List<Match> matchList = allOf.getMatch();
Match match = new Match();
matchList.add(match);
match.setMatchId(XACMLConstants.JSON_SUBJECT_MATCH);
AttributeValue attributeValue = new AttributeValue();
String dataType = XACMLConstants.JSON_SUBJECT_DATATYPE + ":" + es.getClass().getName();
attributeValue.setDataType(dataType);
String esString = es.getState();
attributeValue.getContent().add(esString);
AttributeDesignator attributeDesignator = new AttributeDesignator();
String category = XACMLConstants.XACML_ACCESS_SUBJECT_CATEGORY;
attributeDesignator.setCategory(category);
String attributeId = XACMLConstants.JSON_SUBJECT_ID;
attributeDesignator.setAttributeId(attributeId);
String dt = XACMLConstants.JSON_SUBJECT_DATATYPE + ":" + es.getClass().getName();
attributeDesignator.setDataType(dt);
// TODO: not a constant?
String issuer = XACMLConstants.SUBJECT_ISSUER;
//attributeDesignator.setIssuer(issuer); //TODO: verify and fix
boolean mustBePresent = true;
attributeDesignator.setMustBePresent(mustBePresent);
match.setAttributeValue(attributeValue);
match.setAttributeDesignator(attributeDesignator);
return anyOf;
}
use of com.sun.identity.entitlement.xacml3.core.AttributeValue in project OpenAM by OpenRock.
the class XACMLSchemaFactoryTest method checkEqualAttributeAssignmentExpressions.
/**
* @param first First attribute assignment expression to check
* @param second Second attribute assignment expression to check
* @return true if both attribute assignment expressions contain the same values, false otherwise
*/
private boolean checkEqualAttributeAssignmentExpressions(AttributeAssignmentExpression first, AttributeAssignmentExpression second) {
if (first == null && second == null) {
return true;
}
if (first == null || second == null) {
return false;
}
JAXBElement<?> firstJaxbElement = first.getExpression();
JAXBElement<?> secondJaxbElement = second.getExpression();
Object firstObject = firstJaxbElement.getValue();
Object secondObject = secondJaxbElement.getValue();
if (firstObject == null && secondObject == null) {
return true;
}
if (firstObject == null || secondObject == null) {
return false;
}
if (!(firstObject instanceof AttributeValue) || !(secondObject instanceof AttributeValue)) {
return false;
}
AttributeValue firstAttributeValue = (AttributeValue) firstObject;
AttributeValue secondAttributeValue = (AttributeValue) secondObject;
return checkEqualAttributeValues(firstAttributeValue, secondAttributeValue);
}
Aggregations