Search in sources :

Example 1 with EntitlementAdminEngine

use of org.wso2.carbon.identity.entitlement.pap.EntitlementAdminEngine in project carbon-identity-framework by wso2.

the class CarbonPolicyFinder method init.

private synchronized void init() {
    if (initFinish) {
        return;
    }
    log.info("Initializing of policy store is started at :  " + new Date());
    String maxEntries = EntitlementServiceComponent.getEntitlementConfig().getEngineProperties().getProperty(PDPConstants.MAX_POLICY_REFERENCE_ENTRIES);
    if (maxEntries != null) {
        try {
            maxReferenceCacheEntries = Integer.parseInt(maxEntries.trim());
        } catch (Exception e) {
        // ignore
        }
    }
    policyReferenceCache = new LinkedHashMap<URI, AbstractPolicy>() {

        @Override
        protected boolean removeEldestEntry(Map.Entry eldest) {
            // oldest entry of the cache would be removed when max cache size become, i.e 50
            return size() > maxReferenceCacheEntries;
        }
    };
    PolicyCombiningAlgorithm policyCombiningAlgorithm = null;
    // get registered finder modules
    Map<PolicyFinderModule, Properties> finderModules = EntitlementServiceComponent.getEntitlementConfig().getPolicyFinderModules();
    if (finderModules != null) {
        this.finderModules = new ArrayList<PolicyFinderModule>(finderModules.keySet());
    }
    PolicyCollection tempPolicyCollection = null;
    // get policy collection
    Map<PolicyCollection, Properties> policyCollections = EntitlementServiceComponent.getEntitlementConfig().getPolicyCollections();
    if (policyCollections != null && policyCollections.size() > 0) {
        tempPolicyCollection = policyCollections.entrySet().iterator().next().getKey();
    } else {
        tempPolicyCollection = new SimplePolicyCollection();
    }
    // get policy reader
    policyReader = PolicyReader.getInstance(finder);
    if (this.finderModules != null && this.finderModules.size() > 0) {
        // find policy combining algorithm.
        // here we can get policy data store by using EntitlementAdminEngine. But we are not
        // use it here.  As we need not to have a dependant on EntitlementAdminEngine
        PolicyDataStore policyDataStore;
        Map<PolicyDataStore, Properties> dataStoreModules = EntitlementServiceComponent.getEntitlementConfig().getPolicyDataStore();
        if (dataStoreModules != null && dataStoreModules.size() > 0) {
            policyDataStore = dataStoreModules.entrySet().iterator().next().getKey();
        } else {
            policyDataStore = new DefaultPolicyDataStore();
        }
        policyCombiningAlgorithm = policyDataStore.getGlobalPolicyAlgorithm();
        tempPolicyCollection.setPolicyCombiningAlgorithm(policyCombiningAlgorithm);
        for (PolicyFinderModule finderModule : this.finderModules) {
            log.info("Start retrieving policies from " + finderModule + " at : " + new Date());
            String[] policies = finderModule.getActivePolicies();
            for (int a = 0; a < policies.length; a++) {
                String policy = policies[a];
                AbstractPolicy abstractPolicy = policyReader.getPolicy(policy);
                if (abstractPolicy != null) {
                    PolicyDTO policyDTO = new PolicyDTO();
                    policyDTO.setPolicyId(abstractPolicy.getId().toString());
                    policyDTO.setPolicyOrder(a);
                    policyCollectionOrder.add(policyDTO);
                    tempPolicyCollection.addPolicy(abstractPolicy);
                }
            }
            log.info("Finish retrieving policies from " + finderModule + " at : " + new Date());
        }
    } else {
        log.warn("No Carbon policy finder modules are registered");
    }
    policyCollection = tempPolicyCollection;
    initFinish = true;
    log.info("Initializing of policy store is finished at :  " + new Date());
}
Also used : DefaultPolicyDataStore(org.wso2.carbon.identity.entitlement.policy.store.DefaultPolicyDataStore) PolicyDataStore(org.wso2.carbon.identity.entitlement.policy.store.PolicyDataStore) PolicyCollection(org.wso2.carbon.identity.entitlement.policy.collection.PolicyCollection) SimplePolicyCollection(org.wso2.carbon.identity.entitlement.policy.collection.SimplePolicyCollection) Properties(java.util.Properties) URI(java.net.URI) PolicyCombiningAlgorithm(org.wso2.balana.combine.PolicyCombiningAlgorithm) Date(java.util.Date) URISyntaxException(java.net.URISyntaxException) EntitlementException(org.wso2.carbon.identity.entitlement.EntitlementException) PolicyDTO(org.wso2.carbon.identity.entitlement.dto.PolicyDTO) AbstractPolicy(org.wso2.balana.AbstractPolicy) SimplePolicyCollection(org.wso2.carbon.identity.entitlement.policy.collection.SimplePolicyCollection) DefaultPolicyDataStore(org.wso2.carbon.identity.entitlement.policy.store.DefaultPolicyDataStore) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map)

Example 2 with EntitlementAdminEngine

use of org.wso2.carbon.identity.entitlement.pap.EntitlementAdminEngine in project carbon-identity-framework by wso2.

the class EntitlementUtil method addFilesystemPolicy.

/**
 * This method persists a new XACML policy, which was read from filesystem,
 * in the registry
 *
 * @param policyDTO PolicyDTO object
 * @param registry  Registry
 * @param promote   where policy must be promote PDP or not
 * @return returns whether True/False
 * @throws org.wso2.carbon.identity.entitlement.EntitlementException throws if policy with same id is exist
 */
public static boolean addFilesystemPolicy(PolicyDTO policyDTO, Registry registry, boolean promote) throws EntitlementException {
    PAPPolicyStoreManager policyAdmin;
    AbstractPolicy policyObj;
    if (policyDTO.getPolicy() != null) {
        policyDTO.setPolicy(policyDTO.getPolicy().replaceAll(">\\s+<", "><"));
    }
    policyObj = getPolicy(policyDTO.getPolicy());
    if (policyObj != null) {
        PAPPolicyStore policyStore = new PAPPolicyStore(registry);
        policyAdmin = new PAPPolicyStoreManager();
        policyDTO.setPolicyId(policyObj.getId().toASCIIString());
        policyDTO.setActive(true);
        if (isPolicyExists(policyDTO.getPolicyId(), registry)) {
            return false;
        }
        policyDTO.setPromote(promote);
        PolicyVersionManager versionManager = EntitlementAdminEngine.getInstance().getVersionManager();
        try {
            String version = versionManager.createVersion(policyDTO);
            policyDTO.setVersion(version);
        } catch (EntitlementException e) {
            log.error("Policy versioning is not supported", e);
        }
        policyAdmin.addOrUpdatePolicy(policyDTO);
        PAPPolicyStoreReader reader = new PAPPolicyStoreReader(policyStore);
        policyDTO = reader.readPolicyDTO(policyDTO.getPolicyId());
        if (Boolean.parseBoolean(System.getProperty(ENHANCED_XACML_LOADING_SYSTEM_PROPERTY)) && promote) {
            EntitlementAdminEngine adminEngine = EntitlementAdminEngine.getInstance();
            adminEngine.getPolicyStoreManager().addPolicy(policyDTO);
        } else {
            PolicyStoreDTO policyStoreDTO = new PolicyStoreDTO();
            policyStoreDTO.setPolicyId(policyDTO.getPolicyId());
            policyStoreDTO.setPolicy(policyDTO.getPolicy());
            policyStoreDTO.setPolicyOrder(policyDTO.getPolicyOrder());
            policyStoreDTO.setAttributeDTOs(policyDTO.getAttributeDTOs());
            policyStoreDTO.setActive(policyDTO.isActive());
            policyStoreDTO.setSetActive(policyDTO.isActive());
            if (promote) {
                addPolicyToPDP(policyStoreDTO);
            }
            policyAdmin.addOrUpdatePolicy(policyDTO);
        }
        return true;
    } else {
        throw new EntitlementException("Invalid Entitlement Policy");
    }
}
Also used : PolicyStoreDTO(org.wso2.carbon.identity.entitlement.dto.PolicyStoreDTO) PAPPolicyStoreManager(org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreManager) PolicyVersionManager(org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager) AbstractPolicy(org.wso2.balana.AbstractPolicy) PAPPolicyStoreReader(org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreReader) EntitlementAdminEngine(org.wso2.carbon.identity.entitlement.pap.EntitlementAdminEngine) PAPPolicyStore(org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStore)

Aggregations

AbstractPolicy (org.wso2.balana.AbstractPolicy)2 URI (java.net.URI)1 URISyntaxException (java.net.URISyntaxException)1 Date (java.util.Date)1 LinkedHashMap (java.util.LinkedHashMap)1 Map (java.util.Map)1 Properties (java.util.Properties)1 PolicyCombiningAlgorithm (org.wso2.balana.combine.PolicyCombiningAlgorithm)1 EntitlementException (org.wso2.carbon.identity.entitlement.EntitlementException)1 PolicyDTO (org.wso2.carbon.identity.entitlement.dto.PolicyDTO)1 PolicyStoreDTO (org.wso2.carbon.identity.entitlement.dto.PolicyStoreDTO)1 EntitlementAdminEngine (org.wso2.carbon.identity.entitlement.pap.EntitlementAdminEngine)1 PAPPolicyStore (org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStore)1 PAPPolicyStoreManager (org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreManager)1 PAPPolicyStoreReader (org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreReader)1 PolicyCollection (org.wso2.carbon.identity.entitlement.policy.collection.PolicyCollection)1 SimplePolicyCollection (org.wso2.carbon.identity.entitlement.policy.collection.SimplePolicyCollection)1 DefaultPolicyDataStore (org.wso2.carbon.identity.entitlement.policy.store.DefaultPolicyDataStore)1 PolicyDataStore (org.wso2.carbon.identity.entitlement.policy.store.PolicyDataStore)1 PolicyVersionManager (org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager)1