Examples with PolicySet - com.sun.identity.entitlement.xacml3.core.PolicySet

Example 1 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class ListXACML method getPolicies.

/**
     * Uses the Realm and Search Filters to identify all Privileges in the Entitlement
     * framework to export.
     *
     * @throws CLIException If there was an unexpected error.
     */
private void getPolicies() throws CLIException {
    FileOutputStream fout = null;
    PrintWriter pwout = null;
    if (outfile != null) {
        try {
            fout = new FileOutputStream(outfile, true);
            pwout = new PrintWriter(fout, true);
        } catch (FileNotFoundException e) {
            debugError("ListXACML.handleXACMLPolicyRequest", e);
            try {
                if (fout != null) {
                    fout.close();
                }
            } catch (IOException ex) {
            //do nothing
            }
            throw new CLIException(e, ExitCodes.IO_EXCEPTION);
        } catch (SecurityException e) {
            debugError("ListXACML.handleXACMLPolicyRequest", e);
            try {
                if (fout != null) {
                    fout.close();
                }
            } catch (IOException ex) {
            //do nothing
            }
            throw new CLIException(e, ExitCodes.IO_EXCEPTION);
        }
    }
    PolicySet policySet = null;
    try {
        PrivilegeValidator privilegeValidator = new PrivilegeValidator(new RealmValidator(new OrganizationConfigManager(adminSSOToken, "/")));
        XACMLExportImport importExport = new XACMLExportImport(new XACMLExportImport.PrivilegeManagerFactory(), new XACMLReaderWriter(), privilegeValidator, new SearchFilterFactory(), PrivilegeManager.debug);
        policySet = importExport.exportXACML(realm, adminSubject, filters);
    } catch (EntitlementException e) {
        String[] args = { realm, e.getMessage() };
        debugError("ListXACML.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    } catch (SMSException e) {
        String[] args = { realm, e.getMessage() };
        debugError("ListXACML.handleRequest", e);
        writeLog(LogWriter.LOG_ERROR, Level.INFO, "FAILED_GET_POLICY_IN_REALM", args);
        throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
    }
    if (policySet == null || policySet.getPolicySetOrPolicyOrPolicySetIdReference().isEmpty()) {
        String[] arg = { realm };
        outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-no-policies"), (Object[]) arg));
    } else {
        try {
            if (pwout != null) {
                pwout.write(XACMLPrivilegeUtils.toXML(policySet));
            } else {
                outputWriter.printlnMessage(XACMLPrivilegeUtils.toXML(policySet));
            }
        } catch (EntitlementException e) {
            throw new CLIException(e, ExitCodes.IO_EXCEPTION);
        }
        writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_GET_POLICY_IN_REALM", new String[] { realm });
        String[] arg = { realm };
        outputWriter.printlnMessage(MessageFormat.format(getResourceString("get-policy-in-realm-succeed"), (Object[]) arg));
        if (pwout != null) {
            try {
                pwout.close();
                fout.close();
            } catch (IOException e) {
            //do nothing
            }
        }
    }
}

Also used : SearchFilterFactory(com.sun.identity.entitlement.xacml3.SearchFilterFactory) SMSException(com.sun.identity.sm.SMSException) FileNotFoundException(java.io.FileNotFoundException) XACMLExportImport(com.sun.identity.entitlement.xacml3.XACMLExportImport) IOException(java.io.IOException) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet) PrivilegeValidator(com.sun.identity.entitlement.xacml3.validation.PrivilegeValidator) EntitlementException(com.sun.identity.entitlement.EntitlementException) FileOutputStream(java.io.FileOutputStream) OrganizationConfigManager(com.sun.identity.sm.OrganizationConfigManager) CLIException(com.sun.identity.cli.CLIException) RealmValidator(com.sun.identity.entitlement.xacml3.validation.RealmValidator) XACMLReaderWriter(com.sun.identity.entitlement.xacml3.XACMLReaderWriter) PrintWriter(java.io.PrintWriter)

Example 2 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class XACMLExportTest method testListXACML.

@Test
public void testListXACML() throws EntitlementException {
    //UnittestLog.logMessage("XACMLExportTest.testListXACML()");
    Set<Privilege> privileges = new HashSet<Privilege>();
    Privilege privilege = pm.findByName(PRIVILEGE_NAME, adminSubject);
    privileges.add(privilege);
    PolicySet policySet = XACMLPrivilegeUtils.privilegesToPolicySet("/", privileges);
    policySetXML = XACMLPrivilegeUtils.toXML(policySet);
}

Also used : PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet) HashSet(java.util.HashSet) Test(org.testng.annotations.Test)

Example 3 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class XACMLExportTest method testCreateXACML.

@Test(dependsOnMethods = { "testDeleteXACML" })
public void testCreateXACML() throws Exception {
    //UnittestLog.logMessage("XACMLExportTest.testCreateXACML()");
    //UnittestLog.logMessage("XACMLExportTest.testCreateXML(): policySetXML:"
    //+ policySetXML);
    PolicySet policySet = XACMLPrivilegeUtils.streamToPolicySet(new ByteArrayInputStream(policySetXML.getBytes("UTF-8")));
    Set<Privilege> privileges = XACMLPrivilegeUtils.policySetToPrivileges(policySet);
    if (privileges == null | privileges.isEmpty()) {
        throw new Exception("privielges is null");
    }
    Privilege privilege = privileges.iterator().next();
    //+ privilege.toString());
    if (privilege == null) {
        throw new Exception("privielge is null");
    }
    assert privilege.equals(privilege1);
    pm.add(privilege);
}

Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet) SMSException(com.sun.identity.sm.SMSException) IdRepoException(com.sun.identity.idm.IdRepoException) SSOException(com.iplanet.sso.SSOException) Test(org.testng.annotations.Test)

Example 4 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class XACMLPrivilegeUtils method privilegesToPolicySetInternal.

private static PolicySet privilegesToPolicySetInternal(String realm, Collection<Privilege> privileges) throws JAXBException {
    if (privileges == null) {
        return null;
    }
    Set<Policy> policies = new HashSet<Policy>();
    for (Privilege privilege : privileges) {
        Policy policy = privilegeToPolicy(privilege);
        policies.add(policy);
    }
    PolicySet policySet = policiesToPolicySetInternal(realm, policies);
    return policySet;
}

Also used : Policy(com.sun.identity.entitlement.xacml3.core.Policy) XACMLOpenSSOPrivilege(com.sun.identity.entitlement.opensso.XACMLOpenSSOPrivilege) Privilege(com.sun.identity.entitlement.Privilege) ReferralPrivilege(com.sun.identity.entitlement.ReferralPrivilege) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet) HashSet(java.util.HashSet)

Example 5 with PolicySet

use of com.sun.identity.entitlement.xacml3.core.PolicySet in project OpenAM by OpenRock.

the class XacmlServiceTest method testDispositionOfSubSubRealmExport.

@Test
public void testDispositionOfSubSubRealmExport() throws Exception {
    //given
    query.add(XacmlService.QUERY_PARAM_STRING, "test1");
    query.add(XacmlService.QUERY_PARAM_STRING, "test2");
    PolicySet policySet = new PolicySet();
    doReturn(policySet).when(importExport).exportXACML(eq("/"), any(Subject.class), any(List.class));
    //when
    Representation result = service.exportXACML("/sub1/sub2");
    Disposition disposition = result.getDisposition();
    assertThat(disposition.getFilename()).isEqualTo("sub1-sub2-realm-policies.xml");
    assertThat(disposition.getType()).isEqualTo(disposition.TYPE_ATTACHMENT);
}

Also used : Disposition(org.restlet.data.Disposition) List(java.util.List) JacksonRepresentation(org.restlet.ext.jackson.JacksonRepresentation) Representation(org.restlet.representation.Representation) PolicySet(com.sun.identity.entitlement.xacml3.core.PolicySet) Subject(javax.security.auth.Subject) Test(org.testng.annotations.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Aggregations

PolicySet (com.sun.identity.entitlement.xacml3.core.PolicySet)23 Policy (com.sun.identity.entitlement.xacml3.core.Policy)12 Test (org.testng.annotations.Test)12 Privilege (com.sun.identity.entitlement.Privilege)9 ReferralPrivilege (com.sun.identity.entitlement.ReferralPrivilege)9 EntitlementException (com.sun.identity.entitlement.EntitlementException)5 HashSet (java.util.HashSet)5 JAXBContext (javax.xml.bind.JAXBContext)5 JAXBElement (javax.xml.bind.JAXBElement)5 JacksonRepresentation (org.restlet.ext.jackson.JacksonRepresentation)5 Representation (org.restlet.representation.Representation)5 ArrayList (java.util.ArrayList)4 List (java.util.List)4 Subject (javax.security.auth.Subject)4 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)4 Disposition (org.restlet.data.Disposition)4 JAXBException (javax.xml.bind.JAXBException)3 XACMLOpenSSOPrivilege (com.sun.identity.entitlement.opensso.XACMLOpenSSOPrivilege)2 Target (com.sun.identity.entitlement.xacml3.core.Target)2 Version (com.sun.identity.entitlement.xacml3.core.Version)2