use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class ListXACML method getPolicies.
/**
* Uses the Realm and Search Filters to identify all Privileges in the Entitlement
* framework to export.
*
* @throws CLIException If there was an unexpected error.
*/
private void getPolicies() throws CLIException {
FileOutputStream fout = null;
PrintWriter pwout = null;
if (outfile != null) {
try {
fout = new FileOutputStream(outfile, true);
pwout = new PrintWriter(fout, true);
} catch (FileNotFoundException e) {
debugError("ListXACML.handleXACMLPolicyRequest", e);
try {
if (fout != null) {
fout.close();
}
} catch (IOException ex) {
//do nothing
}
throw new CLIException(e, ExitCodes.IO_EXCEPTION);
} catch (SecurityException e) {
debugError("ListXACML.handleXACMLPolicyRequest", e);
try {
if (fout != null) {
fout.close();
}
} catch (IOException ex) {
//do nothing
}
throw new CLIException(e, ExitCodes.IO_EXCEPTION);
}
}
PolicySet policySet = null;
try {
PrivilegeValidator privilegeValidator = new PrivilegeValidator(new RealmValidator(new OrganizationConfigManager(adminSSOToken, "/")));
XACMLExportImport importExport = new XACMLExportImport(new XACMLExportImport.PrivilegeManagerFactory(), new XACMLReaderWriter(), privilegeValidator, new SearchFilterFactory(), PrivilegeManager.debug);
policySet = importExport.exportXACML(realm, adminSubject, filters);
} catch (EntitlementException e) {
String[] args = { realm, e.getMessage() };
debugError("ListXACML.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SMSException e) {
String[] args = { realm, e.getMessage() };
debugError("ListXACML.handleRequest", e);
writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
}
if (policySet == null || policySet.getPolicySetOrPolicyOrPolicySetIdReference().isEmpty()) {
String[] arg = { realm };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-no-policies"), (Object[]) arg));
} else {
try {
if (pwout != null) {
pwout.write(XACMLPrivilegeUtils.toXML(policySet));
} else {
outputWriter.printlnMessage(XACMLPrivilegeUtils.toXML(policySet));
}
} catch (EntitlementException e) {
throw new CLIException(e, ExitCodes.IO_EXCEPTION);
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_GET_POLICY_IN_REALM", new String[] { realm });
String[] arg = { realm };
outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-succeed"), (Object[]) arg));
if (pwout != null) {
try {
pwout.close();
fout.close();
} catch (IOException e) {
//do nothing
}
}
}
}
use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method policyToReferral.
public static ReferralPrivilege policyToReferral(Policy policy) throws EntitlementException, JSONException {
String policyId = policy.getPolicyId();
String privilegeName = policyIdToPrivilegeName(policyId);
String description = policy.getDescription();
String createdBy = getVariableById(policy, XACMLConstants.PRIVILEGE_CREATED_BY);
long createdAt = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_CREATION_DATE));
String lastModifiedBy = getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_BY);
long lastModifiedAt = dateStringToLong(getVariableById(policy, XACMLConstants.PRIVILEGE_LAST_MODIFIED_DATE));
List<Match> policyMatches = getAllMatchesFromTarget(policy.getTarget());
JSONObject jo = getRealmsAppsResources(policyMatches);
Set<String> realms = JSONUtils.getSet(jo, "realms");
Map<String, Set<String>> appsResources = JSONUtils.getMapStringSetString(jo, "appsResources");
ReferralPrivilege referral = new ReferralPrivilege(privilegeName, appsResources, realms);
referral.setDescription(description);
referral.setCreatedBy(createdBy);
referral.setCreationDate(createdAt);
referral.setLastModifiedBy(lastModifiedBy);
referral.setLastModifiedDate(lastModifiedAt);
return referral;
}
use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method getRules.
static List<Rule> getRules(Policy policy) {
if (policy == null) {
return null;
}
List<Rule> ruleList = new ArrayList<Rule>();
List<Object> obList = policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition();
for (Object ob : obList) {
if (ob instanceof Rule) {
ruleList.add((Rule) ob);
}
}
return ruleList;
}
use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method privilegesToPolicySetInternal.
private static PolicySet privilegesToPolicySetInternal(String realm, Collection<Privilege> privileges) throws JAXBException {
if (privileges == null) {
return null;
}
Set<Policy> policies = new HashSet<Policy>();
for (Privilege privilege : privileges) {
Policy policy = privilegeToPolicy(privilege);
policies.add(policy);
}
PolicySet policySet = policiesToPolicySetInternal(realm, policies);
return policySet;
}
use of com.sun.identity.entitlement.xacml3.core.Policy in project OpenAM by OpenRock.
the class XACMLPrivilegeUtils method policySetToPrivileges.
public static Set<Privilege> policySetToPrivileges(PolicySet policySet) throws EntitlementException {
if (policySet == null) {
return null;
}
Set<Privilege> privileges = new HashSet<Privilege>();
Set<Policy> policies = getPoliciesFromPolicySet(policySet);
if (policies != null) {
for (Policy policy : policies) {
Privilege p = policyToPrivilege(policy);
privileges.add(p);
}
}
return privileges;
}
Aggregations