Examples with Policy com.sun.identity.policy.Policy used on opensource projects

Example 61 with Policy

use of com.sun.identity.policy.Policy in project OpenAM by OpenRock.

the class PrivilegePolicyMapping method setup.

@BeforeClass
public void setup() throws Exception {
    try {
        UnittestLog.logMessage("PrivilegePolicyMapping.setUp():" + "entered");
        ipConditionEnvMap = new HashMap<String, Set<String>>();
        Set<String> set = new HashSet<String>();
        set.add("whatever.whatever");
        ipConditionEnvMap.put(Condition.DNS_NAME, set);
        ipConditionEnvMap1 = new HashMap<String, Set<String>>();
        set = new HashSet<String>();
        set.add("whatever1.whatever1");
        ipConditionEnvMap1.put(Condition.DNS_NAME, set);
        SSOToken adminToken = (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
        testUser = IdRepoUtils.createUser("/", TEST_USER_NAME);
        PolicyManager pm = new PolicyManager(adminToken, "/");
        policy = new Policy(POLICY_NAME, "", false, true);
        policy.addRule(createRule());
        policy.addSubject("subjectName", createSubject(pm));
        policy.addCondition("conditionName", createIPCondition(pm));
        policy.addCondition("conditionName1", createIPCondition1(pm));
        pm.addPolicy(policy);
    } catch (Exception e) {
        UnittestLog.logError("PrivilegePolicyMapping.setUp();" + "Exception STACKTRACE:" + e.getMessage());
        StackTraceElement[] elems = e.getStackTrace();
        for (StackTraceElement elem : elems) {
            UnittestLog.logMessage(elem.toString());
        }
        UnittestLog.logMessage("END STACKTRACE");
        throw e;
    }
}

Example 62 with Policy

use of com.sun.identity.policy.Policy in project OpenAM by OpenRock.

the class RealmTest method deletePolicy.

@Test(groups = { "cli-realm", "delete-policies" }, dependsOnMethods = { "getPolicy" })
public void deletePolicy() throws CLIException, PolicyException, SSOException {
    entering("deletePolicy", null);
    String[] args = { "delete-policies", CLIConstants.PREFIX_ARGUMENT_LONG + IArgument.REALM_NAME, "/", CLIConstants.PREFIX_ARGUMENT_LONG + RealmDeletePolicy.ARGUMENT_POLICY_NAMES, "clipolicy" };
    SSOToken adminSSOToken = getAdminSSOToken();
    CLIRequest req = new CLIRequest(null, args, adminSSOToken);
    cmdManager.addToRequestQueue(req);
    cmdManager.serviceRequestQueue();
    PolicyManager pm = new PolicyManager(adminSSOToken, "/");
    try {
        Policy p = pm.getPolicy("clipolicy");
        assert (p == null);
    } catch (NameNotFoundException e) {
    // do nothing
    }
    exiting("deletePolicy");
}

Example 63 with Policy

use of com.sun.identity.policy.Policy in project OpenAM by OpenRock.

the class UpgradeUtils method createPolicyAdminPolicy.

/**
     * Creates Policy Admin Policy.
     *
     * @param policyManager the policy manager object.
     * @param orgDN the organization dn.
     * @param orgID the organization identifier.
     */
private static void createPolicyAdminPolicy(PolicyManager policyManager, String orgDN, String orgID) {
    String classMethod = "UpgradeUtils:createRealmReadOnlyPolicy";
    try {
        String policyName = orgID + "^^PolicyAdmin";
        Policy realmPolicy = new Policy(policyName, null, false, true);
        // create Rule
        String resourceName = "sms://*" + orgDN + "/" + POLICY_SERVICE;
        Rule rule = getRule(DELEGATION_SERVICE, resourceName);
        if (rule != null) {
            realmPolicy.addRule(rule);
        }
        // add subjects
        String policyAdminRoleUniversalID = getUniversalID(orgDN, ORG_POLICY_ADMIN_ROLE);
        Subject subject = getSubject(policyManager, policyAdminRoleUniversalID);
        if (subject != null) {
            realmPolicy.addSubject(DELEGATION_SUBJECT, subject, false);
        }
        policyManager.addPolicy(realmPolicy);
    } catch (Exception e) {
        debug.error(classMethod + "Error creating policy admin policy", e);
    }
}

Example 64 with Policy

use of com.sun.identity.policy.Policy in project OpenAM by OpenRock.

the class UpgradeUtils method removeDelegationCondition.

/**
      * Removes Condition Properties.
      *
      * @param policyName Name of Policy.
      * @param attributeName the name of the attribute whose default values
      *        needs to be updated.
      * @param conditionNameMap Map of condition name to map of property name to
      *        set of attribute values to be removed.
      */
public static void removeDelegationCondition(String policyName, String attributeName, Map conditionNameMap) {
    try {
        PolicyManager pm = new PolicyManager(ssoToken, HIDDEN_REALM);
        Policy policy = pm.getPolicy(policyName);
        for (Iterator i = conditionNameMap.keySet().iterator(); i.hasNext(); ) {
            String condName = (String) i.next();
            Condition cond = policy.getCondition(condName);
            if (cond != null) {
                Set removeSet = (HashSet) conditionNameMap.get(condName);
                Map orig = cond.getProperties();
                for (Iterator j = removeSet.iterator(); j.hasNext(); ) {
                    String defaultValue = (String) j.next();
                    Set origValues = (Set) orig.get(attributeName);
                    if (origValues != null) {
                        origValues.removeAll(removeSet);
                    }
                }
                cond.setProperties(orig);
                policy.replaceCondition(condName, cond);
            }
        }
        pm.replacePolicy(policy);
    } catch (PolicyException e) {
        debug.error("UpgradeUtils.removeDelegationCondition", e);
    } catch (SSOException e) {
        debug.error("UpgradeUtils.removeDelegationCondition", e);
    }
}

Example 65 with Policy

use of com.sun.identity.policy.Policy in project OpenAM by OpenRock.

the class UpgradeEntitlementsStep method upgradeReferrals.

private void upgradeReferrals(PolicyManager pm, Set<String> referrals) throws Exception {
    for (String referralName : referrals) {
        if (DEBUG.messageEnabled()) {
            DEBUG.message("Upgrading referral: " + referralName);
        }
        Policy referral = pm.getPolicy(referralName);
        Set<String> resourceNames = getResourceNames(referral);
        Set<String> currentRuleNames = new HashSet<String>(referral.getRuleNames());
        for (String ruleName : currentRuleNames) {
            Rule rule = referral.getRule(ruleName);
            for (String definedResourceName : rule.getResourceNames()) {
                if (definedResourceName.endsWith("*?*")) {
                //This is a special case we don't want to handle for referrals
                } else if (definedResourceName.endsWith("*")) {
                    //define a new *?* resource within this referral
                    addSimilarPolicyRule(referral, rule, resourceNames, definedResourceName + "?*");
                } else {
                    //no wildcard at the end of the resource name, we should create both * and *?*
                    addSimilarPolicyRule(referral, rule, resourceNames, definedResourceName + "*");
                    addSimilarPolicyRule(referral, rule, resourceNames, definedResourceName + "*?*");
                }
            }
        }
        UpgradeProgress.reportStart("upgrade.entitlement.referral", referral.getName());
        //in either case we need to replace this referral to ensure the indexes are updated
        pm.replacePolicy(referral);
        UpgradeProgress.reportEnd("upgrade.success");
    }
}