Examples with Policy com.sun.identity.policy.Policy used on opensource projects

Example 66 with Policy

use of com.sun.identity.policy.Policy in project OpenAM by OpenRock.

the class UpgradeEntitlementsStep method initialize.

@Override
public void initialize() throws UpgradeException {
    try {
        DEBUG.message("Initializing UpgradeEntitlementsStep");
        ServiceConfig appType = getDefaultApplicationType();
        Map<String, Set<String>> attrs = appType.getAttributes();
        String searchImpl = CollectionHelper.getMapAttr(attrs, SEARCH_INDEX_IMPL);
        String saveImpl = CollectionHelper.getMapAttr(attrs, SAVE_INDEX_IMPL);
        if (NEW_SEARCH_IMPL.equals(searchImpl) && NEW_SAVE_IMPL.equals(saveImpl)) {
            DEBUG.message("The entitlements framework is already using the new TreeSearchIndex/TreeSaveIndex" + " implementations");
        } else {
            // There might not be any policies to upgrade but always update the search and save index
            // implementation values if they are not already updated.
            upgradeIndexImpls = true;
            for (String realm : getRealmNames()) {
                Map<PolicyType, Set<String>> map = new EnumMap<PolicyType, Set<String>>(PolicyType.class);
                PolicyManager pm = new PolicyManager(getAdminToken(), realm);
                Set<String> policyNames = pm.getPolicyNames();
                for (String policyName : policyNames) {
                    Policy policy = pm.getPolicy(policyName);
                    PolicyType type;
                    if (policy.isReferralPolicy()) {
                        type = PolicyType.REFERRAL;
                    } else {
                        //There is a small edgecase here in case a rule contains multiple resourcenames, but that
                        //isn't quite a supported case anyways
                        policyRuleCount += policy.getRuleNames().size();
                        type = PolicyType.POLICY;
                    }
                    Set<String> values = map.get(type);
                    if (values == null) {
                        values = new HashSet<String>();
                    }
                    values.add(policyName);
                    map.put(type, values);
                    upgradableConfigs.put(realm, map);
                }
            }
            if (DEBUG.messageEnabled()) {
                DEBUG.message("Discovered following policies/referrals:\n" + upgradableConfigs);
            }
        }
    } catch (Exception ex) {
        DEBUG.error("Error while trying to detect changes in entitlements", ex);
        throw new UpgradeException(ex);
    }
}

Example 67 with Policy

use of com.sun.identity.policy.Policy in project OpenAM by OpenRock.

the class ResavePoliciesStep method perform.

public void perform() throws UpgradeException {
    try {
        for (Map.Entry<String, Set<String>> entry : policyMap.entrySet()) {
            String realm = entry.getKey();
            Set<String> policyNames = entry.getValue();
            PolicyManager pm = new PolicyManager(getAdminToken(), realm);
            for (String policyName : policyNames) {
                if (DEBUG.messageEnabled()) {
                    DEBUG.message("Resaving the following policy: " + policyName);
                }
                UpgradeProgress.reportStart("upgrade.policy.start", policyName);
                Policy policy = pm.getPolicy(policyName);
                pm.replacePolicy(policy);
                UpgradeProgress.reportEnd("upgrade.success");
            }
        }
    } catch (Exception ex) {
        UpgradeProgress.reportEnd("upgrade.failed");
        DEBUG.error("An error occurred while trying to resave policies", ex);
        throw new UpgradeException(ex);
    }
}

Example 68 with Policy

use of com.sun.identity.policy.Policy in project OpenAM by OpenRock.

the class UpgradeUtils method createRealmReadOnlyPolicy.

/**
     * Creates Realm Read Only Policy
     *
     * @param policyManager the policy manager object.
     * @param orgDN the organization dn.
     * @param orgID the organization identifier.
     */
private static void createRealmReadOnlyPolicy(PolicyManager policyManager, String orgDN, String orgID) {
    String classMethod = "UpgradeUtils:createRealmReadOnlyPolicy";
    try {
        String policyName = orgID + "^^" + REALM_READ_ONLY;
        Policy realmPolicy = new Policy(policyName, null, false, true);
        // create Rule
        String serviceName = DELEGATION_SERVICE;
        String resourceName = "sms://*" + orgDN + "/" + REALM_SERVICE;
        Rule rule = getRule(serviceName, resourceName);
        if (rule != null) {
            realmPolicy.addRule(rule);
        }
        // add subjects
        String policyAdminRoleUniversalID = getUniversalID(orgDN, ORG_POLICY_ADMIN_ROLE);
        Subject subject = getSubject(policyManager, policyAdminRoleUniversalID);
        if (subject != null) {
            realmPolicy.addSubject(DELEGATION_SUBJECT, subject, false);
        }
        policyManager.addPolicy(realmPolicy);
    } catch (Exception e) {
        debug.error(classMethod + "Error creating realm read only policy", e);
    }
}