Examples with Match com.sun.identity.entitlement.xacml3.core.Match used on opensource projects

Example 1 with Match

use of com.sun.identity.entitlement.xacml3.core.Match in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method resourceNameToMatch.

public static Match resourceNameToMatch(String resourceName, String applicationName) {
    if (resourceName == null || resourceName.length() == 0) {
        return null;
    }
    Match match = new Match();
    String matchId = XACMLConstants.ENTITLEMENT_RESOURCE_MATCH + ":" + applicationName;
    match.setMatchId(matchId);
    AttributeValue attributeValue = new AttributeValue();
    String dataType = XACMLConstants.XS_STRING;
    attributeValue.setDataType(dataType);
    attributeValue.getContent().add(resourceName);
    AttributeDesignator attributeDesignator = new AttributeDesignator();
    String category = XACMLConstants.XACML_RESOURCE_CATEGORY;
    attributeDesignator.setCategory(category);
    String attributeId = XACMLConstants.XACML_RESOURCE_ID;
    attributeDesignator.setAttributeId(attributeId);
    String dt = XACMLConstants.XS_STRING;
    attributeDesignator.setDataType(dt);
    // TOOD: not a constant?
    String issuer = XACMLConstants.RESOURCE_ISSUER;
    // attributeDesignator.setIssuer(issuer); TODO: verify and fix
    boolean mustBePresent = true;
    attributeDesignator.setMustBePresent(mustBePresent);
    match.setAttributeValue(attributeValue);
    match.setAttributeDesignator(attributeDesignator);
    return match;
}

Example 2 with Match

use of com.sun.identity.entitlement.xacml3.core.Match in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method policyToReferral.

public static ReferralPrivilege policyToReferral(Policy policy) throws EntitlementException, JSONException {
    String policyId = policy.getPolicyId();
    String privilegeName = policyIdToPrivilegeName(policyId);
    String description = policy.getDescription();
    String createdBy = getVariableById(policy, XACMLConstants.PRIVILEGE_CREATED_BY);
    long createdAt = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_CREATION_DATE));
    String lastModifiedBy = getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_BY);
    long lastModifiedAt = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_DATE));
    List<Match> policyMatches = getAllMatchesFromTarget(policy.getTarget());
    JSONObject jo = getRealmsAppsResources(policyMatches);
    Set<String> realms = JSONUtils.getSet(jo, "realms");
    Map<String, Set<String>> appsResources = JSONUtils.getMapStringSetString(jo, "appsResources");
    ReferralPrivilege referral = new ReferralPrivilege(privilegeName, appsResources, realms);
    referral.setDescription(description);
    referral.setCreatedBy(createdBy);
    referral.setCreationDate(createdAt);
    referral.setLastModifiedBy(lastModifiedBy);
    referral.setLastModifiedDate(lastModifiedAt);
    return referral;
}

Example 3 with Match

use of com.sun.identity.entitlement.xacml3.core.Match in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method getRealmsAppsResources.

static JSONObject getRealmsAppsResources(List<Match> matches) throws JSONException {
    if (matches == null) {
        return null;
    }
    JSONObject jo = null;
    String jsonString = null;
    for (Match match : matches) {
        String matchId = match.getMatchId();
        if ((matchId != null) && matchId.equals(XACMLConstants.JSON_REALMS_APPS_RESOURCES_MATCH)) {
            AttributeValue attributeValue = match.getAttributeValue();
            if (attributeValue != null) {
                List<Object> contentList = attributeValue.getContent();
                if ((contentList != null) && !contentList.isEmpty()) {
                    Object obj = contentList.get(0);
                    jsonString = obj.toString();
                    break;
                }
            }
        }
    }
    if (jsonString != null) {
        jo = new JSONObject(jsonString);
    }
    return jo;
}

Example 4 with Match

use of com.sun.identity.entitlement.xacml3.core.Match in project OpenAM by OpenRock.

the class XACMLExportImport method exportXACML.

/**
     * Performs an export of all Policies found in the Privilege Manager that match the
     * provided filters.
     *
     * @param realm Non null realm.
     * @param admin Non null admin subject to authenticate as.
     * @param filters Non null, but maybe empty filters to select Privileges against.
     * @return A non null but possibly empty collection of Policies.
     * @throws EntitlementException If there was any problem with the generation of Policies.
     */
public PolicySet exportXACML(String realm, Subject admin, List<String> filters) throws EntitlementException {
    PrivilegeManager pm = privilegeManagerFactory.createReferralPrivilegeManager(realm, admin);
    Set<SearchFilter> filterSet = new HashSet<SearchFilter>();
    if (filters != null) {
        for (String filter : filters) {
            SearchFilter searchFilter = searchFilterFactory.getFilter(filter);
            message("Export: Search Filter: {0}", searchFilter);
            filterSet.add(searchFilter);
        }
    }
    Set<String> privilegeNames = pm.searchNames(filterSet);
    message("Export: Privilege Matches {0}", privilegeNames.size());
    PrivilegeSet privilegeSet = new PrivilegeSet();
    for (String name : privilegeNames) {
        Privilege privilege = pm.findByName(name, admin);
        message("Export: Privilege {0}", privilege.getName());
        privilegeSet.addPrivilege(privilege);
    }
    PolicySet policySet = xacmlReaderWriter.toXACML(realm, privilegeSet);
    message("Export: Complete");
    return policySet;
}

Example 5 with Match

use of com.sun.identity.entitlement.xacml3.core.Match in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method realmsAppsResourcesToAnyOf.

public static AnyOf realmsAppsResourcesToAnyOf(Set<String> realms, Map<String, Set<String>> appsResources) throws JSONException {
    AnyOf anyOf = new AnyOf();
    List<AllOf> allOfList = anyOf.getAllOf();
    AllOf allOf = new AllOf();
    allOfList.add(allOf);
    List<Match> matchList = allOf.getMatch();
    Match match = new Match();
    matchList.add(match);
    //FIXME
    match.setMatchId(XACMLConstants.JSON_REALMS_APPS_RESOURCES_MATCH);
    AttributeValue attributeValue = new AttributeValue();
    //FIXME
    String dataType = XACMLConstants.JSON_REALMS_APPS_RESOURCES_DATATYPE;
    attributeValue.setDataType(dataType);
    JSONObject jo = new JSONObject();
    jo.put("realms", realms);
    jo.put("appsResources", appsResources);
    attributeValue.getContent().add(jo.toString());
    AttributeDesignator attributeDesignator = new AttributeDesignator();
    String category = XACMLConstants.REALMS_APPS_RESOURCES_CATEGORY;
    attributeDesignator.setCategory(category);
    String attributeId = XACMLConstants.JSON_REALMS_APPS_RESOURCES_ID;
    attributeDesignator.setAttributeId(attributeId);
    attributeDesignator.setDataType(dataType);
    boolean mustBePresent = false;
    attributeDesignator.setMustBePresent(mustBePresent);
    match.setAttributeValue(attributeValue);
    match.setAttributeDesignator(attributeDesignator);
    return anyOf;
}