use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.
the class EntitlementUtil method addFilesystemPolicy.
/**
* This method persists a new XACML policy, which was read from filesystem,
* in the registry
*
* @param policyDTO PolicyDTO object
* @param registry Registry
* @param promote where policy must be promote PDP or not
* @return returns whether True/False
* @throws org.wso2.carbon.identity.entitlement.EntitlementException throws if policy with same id is exist
*/
public static boolean addFilesystemPolicy(PolicyDTO policyDTO, Registry registry, boolean promote) throws EntitlementException {
PAPPolicyStoreManager policyAdmin;
AbstractPolicy policyObj;
if (policyDTO.getPolicy() != null) {
policyDTO.setPolicy(policyDTO.getPolicy().replaceAll(">\\s+<", "><"));
}
policyObj = getPolicy(policyDTO.getPolicy());
if (policyObj != null) {
PAPPolicyStore policyStore = new PAPPolicyStore(registry);
policyAdmin = new PAPPolicyStoreManager();
policyDTO.setPolicyId(policyObj.getId().toASCIIString());
policyDTO.setActive(true);
if (isPolicyExists(policyDTO.getPolicyId(), registry)) {
return false;
}
policyDTO.setPromote(promote);
PolicyVersionManager versionManager = EntitlementAdminEngine.getInstance().getVersionManager();
try {
String version = versionManager.createVersion(policyDTO);
policyDTO.setVersion(version);
} catch (EntitlementException e) {
log.error("Policy versioning is not supported", e);
}
policyAdmin.addOrUpdatePolicy(policyDTO);
PAPPolicyStoreReader reader = new PAPPolicyStoreReader(policyStore);
policyDTO = reader.readPolicyDTO(policyDTO.getPolicyId());
if (Boolean.parseBoolean(System.getProperty(ENHANCED_XACML_LOADING_SYSTEM_PROPERTY)) && promote) {
EntitlementAdminEngine adminEngine = EntitlementAdminEngine.getInstance();
adminEngine.getPolicyStoreManager().addPolicy(policyDTO);
} else {
PolicyStoreDTO policyStoreDTO = new PolicyStoreDTO();
policyStoreDTO.setPolicyId(policyDTO.getPolicyId());
policyStoreDTO.setPolicy(policyDTO.getPolicy());
policyStoreDTO.setPolicyOrder(policyDTO.getPolicyOrder());
policyStoreDTO.setAttributeDTOs(policyDTO.getAttributeDTOs());
policyStoreDTO.setActive(policyDTO.isActive());
policyStoreDTO.setSetActive(policyDTO.isActive());
if (promote) {
addPolicyToPDP(policyStoreDTO);
}
policyAdmin.addOrUpdatePolicy(policyDTO);
}
return true;
} else {
throw new EntitlementException("Invalid Entitlement Policy");
}
}
use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.
the class EntitlementPolicyAdminService method addOrUpdatePolicy.
/**
* This method persists a XACML policy
*
* @param policyDTO PolicyDTO object
* @param isAdd whether this is policy adding or updating
* @throws EntitlementException throws if invalid policy or if policy
* with same id is exist
*/
private void addOrUpdatePolicy(PolicyDTO policyDTO, boolean isAdd) throws EntitlementException {
String regString = EntitlementServiceComponent.getEntitlementConfig().getEngineProperties().getProperty(PDPConstants.POLICY_ID_REGEXP_PATTERN);
if (regString == null || regString.trim().length() == 0) {
regString = "[a-zA-Z0-9._:-]{3,100}$";
}
PAPPolicyStoreManager policyAdmin = EntitlementAdminEngine.getInstance().getPapPolicyStoreManager();
PolicyVersionManager versionManager = EntitlementAdminEngine.getInstance().getVersionManager();
AbstractPolicy policyObj;
String policyId = null;
String policy = null;
String operation = EntitlementConstants.StatusTypes.UPDATE_POLICY;
if (isAdd) {
operation = EntitlementConstants.StatusTypes.ADD_POLICY;
}
if (policyDTO == null) {
throw new EntitlementException("Entitlement Policy can not be null.");
}
if (isAdd && policyDTO.getPolicy() == null) {
throw new EntitlementException("Entitlement Policy can not be null.");
}
try {
policy = policyDTO.getPolicy();
if (policy != null) {
policyDTO.setPolicy(policy.replaceAll(">\\s+<", "><"));
if (!EntitlementUtil.validatePolicy(policyDTO)) {
throw new EntitlementException("Invalid Entitlement Policy. " + "Policy is not valid according to XACML schema");
}
policyObj = PAPPolicyReader.getInstance(null).getPolicy(policy);
if (policyObj != null) {
policyId = policyObj.getId().toASCIIString();
policyDTO.setPolicyId(policyId);
// All the policies wont be active at the time been added.
policyDTO.setActive(policyDTO.isActive());
if (policyId.contains("/")) {
throw new EntitlementException(" Policy Id cannot contain / characters. Please correct and upload again");
}
if (!policyId.matches(regString)) {
throw new EntitlementException("An Entitlement Policy Id is not valid. It contains illegal characters");
}
policyDTO.setPolicyId(policyId);
if (isAdd) {
if (policyAdmin.isExistPolicy(policyId)) {
throw new EntitlementException("An Entitlement Policy with the given Id already exists");
}
}
} else {
throw new EntitlementException("Unsupported Entitlement Policy. Policy can not be parsed");
}
try {
String version = versionManager.createVersion(policyDTO);
policyDTO.setVersion(version);
} catch (EntitlementException e) {
log.error("Policy versioning is not supported", e);
}
}
policyAdmin.addOrUpdatePolicy(policyDTO);
} catch (EntitlementException e) {
handleStatus(operation, policyDTO, false, e.getMessage());
throw e;
}
handleStatus(operation, policyDTO, true, null);
// publish policy to PDP directly
if (policyDTO.isPromote()) {
if (isAdd) {
publishToPDP(new String[] { policyDTO.getPolicyId() }, EntitlementConstants.PolicyPublish.ACTION_CREATE, null, policyDTO.isActive(), policyDTO.getPolicyOrder());
} else {
publishToPDP(new String[] { policyDTO.getPolicyId() }, EntitlementConstants.PolicyPublish.ACTION_UPDATE, null, policyDTO.isActive(), policyDTO.getPolicyOrder());
}
}
}
use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.
the class EntitlementExtensionBuilder method populatePolicyVersionModule.
/**
* @param properties
* @param holder
* @throws Exception
*/
private void populatePolicyVersionModule(Properties properties, EntitlementConfigHolder holder) throws Exception {
PolicyVersionManager versionManager = null;
if (properties.getProperty("PAP.Policy.Version.Module") != null) {
String className = properties.getProperty("PAP.Policy.Version.Module");
Class clazz = Thread.currentThread().getContextClassLoader().loadClass(className);
versionManager = (PolicyVersionManager) clazz.newInstance();
int j = 1;
Properties storeProps = new Properties();
while (properties.getProperty(className + "." + j) != null) {
String[] props = properties.getProperty(className + "." + j++).split(",");
storeProps.put(props[0], props[1]);
}
versionManager.init(storeProps);
holder.addPolicyVersionModule(versionManager, storeProps);
}
}
use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.
the class EntitlementPolicyAdminService method getPolicyByVersion.
/**
* Gets policy for given policy id and version
*
* @param policyId policy id
* @param version version of policy
* @return returns policy
* @throws org.wso2.carbon.identity.entitlement.EntitlementException throws
*/
public PolicyDTO getPolicyByVersion(String policyId, String version) throws EntitlementException {
PolicyDTO policyDTO = null;
try {
PolicyVersionManager versionManager = EntitlementAdminEngine.getInstance().getVersionManager();
policyDTO = versionManager.getPolicy(policyId, version);
} catch (EntitlementException e) {
policyDTO = new PolicyDTO();
policyDTO.setPolicy(policyId);
handleStatus(EntitlementConstants.StatusTypes.GET_POLICY, policyDTO, false, e.getMessage());
throw e;
}
handleStatus(EntitlementConstants.StatusTypes.GET_POLICY, policyDTO, true, null);
return policyDTO;
}
use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.
the class EntitlementPolicyAdminService method rollBackPolicy.
/**
* @param policyId
* @param version
*/
public void rollBackPolicy(String policyId, String version) throws EntitlementException {
PolicyVersionManager versionManager = EntitlementAdminEngine.getInstance().getVersionManager();
PolicyDTO policyDTO = versionManager.getPolicy(policyId, version);
addOrUpdatePolicy(policyDTO, false);
}
Aggregations