use of com.sun.identity.policy.PolicyEvaluator in project OpenAM by OpenRock.
the class Util method isGetPostAllowed.
/**
* Checks the user/url combination against existing Policy rules.
* @param userToken The user to use in the policy check.
* @param url The URL to use in the policy check.
* @param scope The scope of the policy check.
* @return True if the policy check was OK for the given user/url combination.
* @throws SSOException If there was a problem with the users token.
* @throws PolicyException if there was a problem checking the url.
* @throws NameNotFoundException If there was a problem looking up the policy service.
*/
public static boolean isGetPostAllowed(SSOToken userToken, String url, String scope) throws SSOException, PolicyException, NameNotFoundException {
PolicyEvaluator pe = new PolicyEvaluator(IPLANETAMWEBAGENTSERVICE);
Set<ResourceResult> resResults = pe.getResourceResults(userToken, url, scope, Collections.EMPTY_MAP);
ResourceResult resResult = resResults.iterator().next();
PolicyDecision pd = resResult.getPolicyDecision();
Map<String, ActionDecision> decisions = pd.getActionDecisions();
ActionDecision get = decisions.get(GET_ACTION);
ActionDecision post = decisions.get(POST_ACTION);
return (get != null && get.getValues().contains(ALLOW_DECISION)) && (post != null && post.getValues().contains(ALLOW_DECISION));
}
Aggregations