Search in sources :

Example 1 with PolicyVersionManager

use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.

the class EntitlementUtil method addFilesystemPolicy.

/**
 * This method persists a new XACML policy, which was read from filesystem,
 * in the registry
 *
 * @param policyDTO PolicyDTO object
 * @param registry  Registry
 * @param promote   where policy must be promote PDP or not
 * @return returns whether True/False
 * @throws org.wso2.carbon.identity.entitlement.EntitlementException throws if policy with same id is exist
 */
public static boolean addFilesystemPolicy(PolicyDTO policyDTO, Registry registry, boolean promote) throws EntitlementException {
    PAPPolicyStoreManager policyAdmin;
    AbstractPolicy policyObj;
    if (policyDTO.getPolicy() != null) {
        policyDTO.setPolicy(policyDTO.getPolicy().replaceAll(">\\s+<", "><"));
    }
    policyObj = getPolicy(policyDTO.getPolicy());
    if (policyObj != null) {
        PAPPolicyStore policyStore = new PAPPolicyStore(registry);
        policyAdmin = new PAPPolicyStoreManager();
        policyDTO.setPolicyId(policyObj.getId().toASCIIString());
        policyDTO.setActive(true);
        if (isPolicyExists(policyDTO.getPolicyId(), registry)) {
            return false;
        }
        policyDTO.setPromote(promote);
        PolicyVersionManager versionManager = EntitlementAdminEngine.getInstance().getVersionManager();
        try {
            String version = versionManager.createVersion(policyDTO);
            policyDTO.setVersion(version);
        } catch (EntitlementException e) {
            log.error("Policy versioning is not supported", e);
        }
        policyAdmin.addOrUpdatePolicy(policyDTO);
        PAPPolicyStoreReader reader = new PAPPolicyStoreReader(policyStore);
        policyDTO = reader.readPolicyDTO(policyDTO.getPolicyId());
        if (Boolean.parseBoolean(System.getProperty(ENHANCED_XACML_LOADING_SYSTEM_PROPERTY)) && promote) {
            EntitlementAdminEngine adminEngine = EntitlementAdminEngine.getInstance();
            adminEngine.getPolicyStoreManager().addPolicy(policyDTO);
        } else {
            PolicyStoreDTO policyStoreDTO = new PolicyStoreDTO();
            policyStoreDTO.setPolicyId(policyDTO.getPolicyId());
            policyStoreDTO.setPolicy(policyDTO.getPolicy());
            policyStoreDTO.setPolicyOrder(policyDTO.getPolicyOrder());
            policyStoreDTO.setAttributeDTOs(policyDTO.getAttributeDTOs());
            policyStoreDTO.setActive(policyDTO.isActive());
            policyStoreDTO.setSetActive(policyDTO.isActive());
            if (promote) {
                addPolicyToPDP(policyStoreDTO);
            }
            policyAdmin.addOrUpdatePolicy(policyDTO);
        }
        return true;
    } else {
        throw new EntitlementException("Invalid Entitlement Policy");
    }
}
Also used : PolicyStoreDTO(org.wso2.carbon.identity.entitlement.dto.PolicyStoreDTO) PAPPolicyStoreManager(org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreManager) PolicyVersionManager(org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager) AbstractPolicy(org.wso2.balana.AbstractPolicy) PAPPolicyStoreReader(org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreReader) EntitlementAdminEngine(org.wso2.carbon.identity.entitlement.pap.EntitlementAdminEngine) PAPPolicyStore(org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStore)

Example 2 with PolicyVersionManager

use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.

the class EntitlementPolicyAdminService method addOrUpdatePolicy.

/**
 * This method persists a XACML policy
 *
 * @param policyDTO PolicyDTO object
 * @param isAdd     whether this is policy adding or updating
 * @throws EntitlementException throws if invalid policy or if policy
 *                              with same id is exist
 */
private void addOrUpdatePolicy(PolicyDTO policyDTO, boolean isAdd) throws EntitlementException {
    String regString = EntitlementServiceComponent.getEntitlementConfig().getEngineProperties().getProperty(PDPConstants.POLICY_ID_REGEXP_PATTERN);
    if (regString == null || regString.trim().length() == 0) {
        regString = "[a-zA-Z0-9._:-]{3,100}$";
    }
    PAPPolicyStoreManager policyAdmin = EntitlementAdminEngine.getInstance().getPapPolicyStoreManager();
    PolicyVersionManager versionManager = EntitlementAdminEngine.getInstance().getVersionManager();
    AbstractPolicy policyObj;
    String policyId = null;
    String policy = null;
    String operation = EntitlementConstants.StatusTypes.UPDATE_POLICY;
    if (isAdd) {
        operation = EntitlementConstants.StatusTypes.ADD_POLICY;
    }
    if (policyDTO == null) {
        throw new EntitlementException("Entitlement Policy can not be null.");
    }
    if (isAdd && policyDTO.getPolicy() == null) {
        throw new EntitlementException("Entitlement Policy can not be null.");
    }
    try {
        policy = policyDTO.getPolicy();
        if (policy != null) {
            policyDTO.setPolicy(policy.replaceAll(">\\s+<", "><"));
            if (!EntitlementUtil.validatePolicy(policyDTO)) {
                throw new EntitlementException("Invalid Entitlement Policy. " + "Policy is not valid according to XACML schema");
            }
            policyObj = PAPPolicyReader.getInstance(null).getPolicy(policy);
            if (policyObj != null) {
                policyId = policyObj.getId().toASCIIString();
                policyDTO.setPolicyId(policyId);
                // All the policies wont be active at the time been added.
                policyDTO.setActive(policyDTO.isActive());
                if (policyId.contains("/")) {
                    throw new EntitlementException(" Policy Id cannot contain / characters. Please correct and upload again");
                }
                if (!policyId.matches(regString)) {
                    throw new EntitlementException("An Entitlement Policy Id is not valid. It contains illegal characters");
                }
                policyDTO.setPolicyId(policyId);
                if (isAdd) {
                    if (policyAdmin.isExistPolicy(policyId)) {
                        throw new EntitlementException("An Entitlement Policy with the given Id already exists");
                    }
                }
            } else {
                throw new EntitlementException("Unsupported Entitlement Policy. Policy can not be parsed");
            }
            try {
                String version = versionManager.createVersion(policyDTO);
                policyDTO.setVersion(version);
            } catch (EntitlementException e) {
                log.error("Policy versioning is not supported", e);
            }
        }
        policyAdmin.addOrUpdatePolicy(policyDTO);
    } catch (EntitlementException e) {
        handleStatus(operation, policyDTO, false, e.getMessage());
        throw e;
    }
    handleStatus(operation, policyDTO, true, null);
    // publish policy to PDP directly
    if (policyDTO.isPromote()) {
        if (isAdd) {
            publishToPDP(new String[] { policyDTO.getPolicyId() }, EntitlementConstants.PolicyPublish.ACTION_CREATE, null, policyDTO.isActive(), policyDTO.getPolicyOrder());
        } else {
            publishToPDP(new String[] { policyDTO.getPolicyId() }, EntitlementConstants.PolicyPublish.ACTION_UPDATE, null, policyDTO.isActive(), policyDTO.getPolicyOrder());
        }
    }
}
Also used : PAPPolicyStoreManager(org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreManager) PolicyVersionManager(org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager) AbstractPolicy(org.wso2.balana.AbstractPolicy)

Example 3 with PolicyVersionManager

use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.

the class EntitlementExtensionBuilder method populatePolicyVersionModule.

/**
 * @param properties
 * @param holder
 * @throws Exception
 */
private void populatePolicyVersionModule(Properties properties, EntitlementConfigHolder holder) throws Exception {
    PolicyVersionManager versionManager = null;
    if (properties.getProperty("PAP.Policy.Version.Module") != null) {
        String className = properties.getProperty("PAP.Policy.Version.Module");
        Class clazz = Thread.currentThread().getContextClassLoader().loadClass(className);
        versionManager = (PolicyVersionManager) clazz.newInstance();
        int j = 1;
        Properties storeProps = new Properties();
        while (properties.getProperty(className + "." + j) != null) {
            String[] props = properties.getProperty(className + "." + j++).split(",");
            storeProps.put(props[0], props[1]);
        }
        versionManager.init(storeProps);
        holder.addPolicyVersionModule(versionManager, storeProps);
    }
}
Also used : PolicyVersionManager(org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager) Properties(java.util.Properties)

Example 4 with PolicyVersionManager

use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.

the class EntitlementPolicyAdminService method getPolicyByVersion.

/**
 * Gets policy for given policy id and version
 *
 * @param policyId policy id
 * @param version  version of policy
 * @return returns policy
 * @throws org.wso2.carbon.identity.entitlement.EntitlementException throws
 */
public PolicyDTO getPolicyByVersion(String policyId, String version) throws EntitlementException {
    PolicyDTO policyDTO = null;
    try {
        PolicyVersionManager versionManager = EntitlementAdminEngine.getInstance().getVersionManager();
        policyDTO = versionManager.getPolicy(policyId, version);
    } catch (EntitlementException e) {
        policyDTO = new PolicyDTO();
        policyDTO.setPolicy(policyId);
        handleStatus(EntitlementConstants.StatusTypes.GET_POLICY, policyDTO, false, e.getMessage());
        throw e;
    }
    handleStatus(EntitlementConstants.StatusTypes.GET_POLICY, policyDTO, true, null);
    return policyDTO;
}
Also used : PolicyDTO(org.wso2.carbon.identity.entitlement.dto.PolicyDTO) PolicyVersionManager(org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager)

Example 5 with PolicyVersionManager

use of org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager in project carbon-identity-framework by wso2.

the class EntitlementPolicyAdminService method rollBackPolicy.

/**
 * @param policyId
 * @param version
 */
public void rollBackPolicy(String policyId, String version) throws EntitlementException {
    PolicyVersionManager versionManager = EntitlementAdminEngine.getInstance().getVersionManager();
    PolicyDTO policyDTO = versionManager.getPolicy(policyId, version);
    addOrUpdatePolicy(policyDTO, false);
}
Also used : PolicyDTO(org.wso2.carbon.identity.entitlement.dto.PolicyDTO) PolicyVersionManager(org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager)

Aggregations

PolicyVersionManager (org.wso2.carbon.identity.entitlement.policy.version.PolicyVersionManager)6 PolicyDTO (org.wso2.carbon.identity.entitlement.dto.PolicyDTO)3 AbstractPolicy (org.wso2.balana.AbstractPolicy)2 PAPPolicyStoreManager (org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreManager)2 ArrayList (java.util.ArrayList)1 Properties (java.util.Properties)1 EntitlementException (org.wso2.carbon.identity.entitlement.EntitlementException)1 PAPStatusDataHandler (org.wso2.carbon.identity.entitlement.PAPStatusDataHandler)1 PolicyStoreDTO (org.wso2.carbon.identity.entitlement.dto.PolicyStoreDTO)1 PublisherDataHolder (org.wso2.carbon.identity.entitlement.dto.PublisherDataHolder)1 StatusHolder (org.wso2.carbon.identity.entitlement.dto.StatusHolder)1 EntitlementAdminEngine (org.wso2.carbon.identity.entitlement.pap.EntitlementAdminEngine)1 PAPPolicyStore (org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStore)1 PAPPolicyStoreReader (org.wso2.carbon.identity.entitlement.pap.store.PAPPolicyStoreReader)1