You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openaz.apache.org by pd...@apache.org on 2015/04/13 17:38:39 UTC
[39/51] [partial] incubator-openaz git commit: Initial seed of merged
of AT&T and JP Morgan code
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Condition.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Condition.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Condition.java
new file mode 100755
index 0000000..0f02f78
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Condition.java
@@ -0,0 +1,149 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import com.att.research.xacml.api.AttributeValue;
+import com.att.research.xacml.api.DataTypeException;
+import com.att.research.xacml.api.Status;
+import com.att.research.xacml.api.StatusCode;
+import com.att.research.xacml.std.StdStatus;
+import com.att.research.xacml.std.StdStatusCode;
+import com.att.research.xacml.std.datatypes.DataTypes;
+import com.att.research.xacmlatt.pdp.eval.EvaluationContext;
+import com.att.research.xacmlatt.pdp.eval.EvaluationException;
+
+/**
+ * Condition extends {@link com.att.research.xacmlatt.pdp.policy.PolicyComponent} to represent the XACML Condition element
+ * in a XACML Rule.
+ *
+ * @author car
+ * @version $Revision: 1.1 $
+ */
+public class Condition extends PolicyComponent {
+ private static final Status STATUS_PE_RETURNED_BAG = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Condition Expression returned a bag");
+ private static final ExpressionResultBoolean ERB_RETURNED_BAG = new ExpressionResultBoolean(STATUS_PE_RETURNED_BAG);
+ private static final Status STATUS_PE_RETURNED_NULL = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Null value from Condition Expression");
+ private static final ExpressionResultBoolean ERB_RETURNED_NULL = new ExpressionResultBoolean(STATUS_PE_RETURNED_NULL);
+ private static final Status STATUS_PE_RETURNED_NON_BOOLEAN = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Non-boolean value from Condition Expression");
+ private static final ExpressionResultBoolean ERB_RETURNED_NON_BOOLEAN = new ExpressionResultBoolean(STATUS_PE_RETURNED_NON_BOOLEAN);
+ private static final Status STATUS_PE_INVALID_BOOLEAN = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Invalid Boolean value");
+ private static final ExpressionResultBoolean ERB_INVALID_BOOLEAN = new ExpressionResultBoolean(STATUS_PE_INVALID_BOOLEAN);
+
+ private Expression expression;
+
+ /**
+ * Creates a <code>Condition</code> with the given {@link com.att.research.xacml.api.StatusCode} and <code>String</code>
+ * status message.
+ *
+ * @param statusCodeIn the <code>StatusCode</code> for the <code>Condition</code>
+ * @param statusMessageIn the <code>String</code> status message for the <code>Condition</code>
+ */
+ public Condition(StatusCode statusCodeIn, String statusMessageIn) {
+ super(statusCodeIn, statusMessageIn);
+ }
+
+ /**
+ * Creates a <code>Condition</code> with the given <code>StatusCode</code. and a null status message.
+ *
+ * @param statusCodeIn the <code>StatusCode</code> for the <code>Condition</code>
+ */
+ public Condition(StatusCode statusCodeIn) {
+ super(statusCodeIn);
+ }
+
+ /**
+ * Creates an empty <code>Condition</code>
+ */
+ public Condition() {
+ }
+
+ /**
+ * Creates a new <code>Condition</code> with the given {@link com.att.research.xacmlatt.pdp.policy.Expression} and a default
+ * OK <code>StatusCode</code>.
+ *
+ * @param expressionIn the <code>Expression</code> for the <code>Condition</code>
+ */
+ public Condition(Expression expressionIn) {
+ this.expression = expressionIn;
+ }
+
+ public Expression getExpression() {
+ return this.expression;
+ }
+
+ public void setExpression(Expression expressionIn) {
+ this.expression = expressionIn;
+ }
+
+ @Override
+ protected boolean validateComponent() {
+ if (this.getExpression() == null) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing Expression");
+ return false;
+ } else {
+ this.setStatus(StdStatusCode.STATUS_CODE_OK, null);
+ return true;
+ }
+ }
+
+ /**
+ * Evaluates the <code>Expression</code> in this <code>Condition</code> in the given {@link com.att.research.xacmlatt.pdp.eval.EvaluationContext}.
+ * and validates that the result is a boolean.
+ *
+ * @param evaluationContext the <code>EvaluationContext</code> in which to evaluate this <code>Expression</code>
+ * @param policyDefaults the {@link com.att.research.xacml.pdp.policy.PolicyDefaults} to use in evaluating this <code>Expression</code>
+ * @return a {@link com.att.research.xacmlatt.pdp.policy.ExpressionResult}
+ */
+ public ExpressionResultBoolean evaluate(EvaluationContext evaluationContext, PolicyDefaults policyDefaults) throws EvaluationException {
+ if (!this.validate()) {
+ return new ExpressionResultBoolean(new StdStatus(this.getStatusCode(), this.getStatusMessage()));
+ }
+
+ /*
+ * Evaluate the expression
+ */
+ ExpressionResult expressionResult = this.getExpression().evaluate(evaluationContext, policyDefaults);
+ assert(expressionResult != null);
+
+ if (!expressionResult.isOk()) {
+ return new ExpressionResultBoolean(expressionResult.getStatus());
+ }
+
+ /*
+ * Ensure the result is a single element of type boolean
+ */
+ if (expressionResult.isBag()) {
+ return ERB_RETURNED_BAG;
+ }
+ AttributeValue<?> attributeValueResult = expressionResult.getValue();
+ if (attributeValueResult == null) {
+ return ERB_RETURNED_NULL;
+ } else if (!DataTypes.DT_BOOLEAN.getId().equals(attributeValueResult.getDataTypeId())) {
+ return ERB_RETURNED_NON_BOOLEAN;
+ }
+
+ /*
+ * Otherwise it is a valid condition evaluation
+ */
+ Boolean booleanValue = null;
+ try {
+ booleanValue = DataTypes.DT_BOOLEAN.convert(attributeValueResult.getValue());
+ } catch (DataTypeException ex) {
+ return new ExpressionResultBoolean(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, ex.getMessage()));
+ }
+ if (booleanValue == null) {
+ return ERB_INVALID_BOOLEAN;
+ } else {
+ return (booleanValue.booleanValue() ? ExpressionResultBoolean.ERB_TRUE : ExpressionResultBoolean.ERB_FALSE);
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Expression.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Expression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Expression.java
new file mode 100755
index 0000000..c40c41a
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Expression.java
@@ -0,0 +1,44 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import com.att.research.xacml.api.StatusCode;
+import com.att.research.xacmlatt.pdp.eval.EvaluationContext;
+import com.att.research.xacmlatt.pdp.eval.EvaluationException;
+
+/**
+ * Expression extends {@link com.att.research.xacmlatt.pdp.policy.PolicyComponent} to represent a XACML ExpressionType element.
+ *
+ * @author car
+ * @version $Revision: 1.1 $
+ */
+public abstract class Expression extends PolicyComponent {
+
+ public Expression(StatusCode statusCodeIn, String statusMessageIn) {
+ super(statusCodeIn, statusMessageIn);
+ }
+
+ public Expression(StatusCode statusCodeIn) {
+ super(statusCodeIn);
+ }
+
+ public Expression() {
+ }
+
+ /**
+ * Evaluates this <code>Expression</code> in the given {@link com.att.research.xacmlatt.pdp.eval.EvaluationContext}.
+ *
+ * @param evaluationContext the <code>EvaluationContext</code> in which to evaluate this <code>Expression</code>
+ * @param policyDefaults the {@link com.att.research.xacml.pdp.policy.PolicyDefaults} to use in evaluating this <code>Expression</code>
+ * @return a {@link com.att.research.xacmlatt.pdp.policy.ExpressionResult}
+ */
+ public abstract ExpressionResult evaluate(EvaluationContext evaluationContext, PolicyDefaults policyDefaults) throws EvaluationException;
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResult.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResult.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResult.java
new file mode 100755
index 0000000..778861f
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResult.java
@@ -0,0 +1,254 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import java.util.Iterator;
+
+import com.att.research.xacml.api.AttributeValue;
+import com.att.research.xacml.api.Status;
+import com.att.research.xacml.std.StdStatus;
+
+/**
+ * ExpressionResult is the object returned by the <code>evaluate</code> method of {@link Expression}
+ * objects.
+ *
+ * @author car
+ * @version $Revision: 1.1 $
+ */
+public abstract class ExpressionResult implements FunctionArgument {
+ private Status status;
+
+ /**
+ * ExpressionResultError extends <code>ExpressionResult</code> to represent error results.
+ *
+ * @author car
+ * @version $Revision: 1.1 $
+ */
+ private static class ExpressionResultError extends ExpressionResult {
+ public ExpressionResultError(Status statusIn) {
+ super(statusIn);
+ }
+
+ @Override
+ public AttributeValue<?> getValue() {
+ return null;
+ }
+
+ @Override
+ public boolean isBag() {
+ return false;
+ }
+
+ @Override
+ public Bag getBag() {
+ return null;
+ }
+ }
+
+ /**
+ * ExpressionResultSingle extends <code>ExpressionResult</code> to represent results with a single value.
+ *
+ * @author car
+ * @version $Revision: 1.1 $
+ */
+ private static class ExpressionResultSingle extends ExpressionResult {
+ AttributeValue<?> attributeValue;
+
+ public ExpressionResultSingle(AttributeValue<?> attributeValueIn) {
+ super(StdStatus.STATUS_OK);
+ this.attributeValue = attributeValueIn;
+ }
+
+ @Override
+ public AttributeValue<?> getValue() {
+ return this.attributeValue;
+ }
+
+ @Override
+ public boolean isBag() {
+ return false;
+ }
+
+ @Override
+ public Bag getBag() {
+ return null;
+ }
+ }
+
+ private static class ExpressionResultBag extends ExpressionResult {
+ private Bag bag;
+
+ public ExpressionResultBag(Bag bagIn) {
+ super(StdStatus.STATUS_OK);
+ this.bag = bagIn;
+ }
+
+ @Override
+ public AttributeValue<?> getValue() {
+ Iterator<AttributeValue<?>> iter = this.bag.getAttributeValues();
+ if (iter != null && iter.hasNext()) {
+ return iter.next();
+ } else {
+ return null;
+ }
+ }
+
+ @Override
+ public boolean isBag() {
+ return true;
+ }
+
+ @Override
+ public Bag getBag() {
+ return this.bag;
+ }
+ }
+
+ private static class ExpressionResultEmptyBag extends ExpressionResult {
+ public ExpressionResultEmptyBag() {
+ super(StdStatus.STATUS_OK);
+ }
+
+ @Override
+ public AttributeValue<?> getValue() {
+ return null;
+ }
+
+ @Override
+ public boolean isBag() {
+ return true;
+ }
+
+ @Override
+ public Bag getBag() {
+ return Bag.EMPTY;
+ }
+ }
+
+ /**
+ * Creates a new <code>ExpressionResult</code> with the given {@link com.att.research.xacml.api.Status}.
+ *
+ * @param statusIn the <code>Status</code> of this <code>ExpressionResult</code>
+ */
+ protected ExpressionResult(Status statusIn) {
+ this.status = statusIn;
+ }
+
+ /**
+ * Gets the <code>Status</code> for this <code>ExpressionResult</code>.
+ *
+ * @return the <code>Status</code> for this <code>ExpressionResult</code>
+ */
+ public Status getStatus() {
+ return this.status;
+ }
+
+ /**
+ * Shortcut procedure for determining if the <code>Status</code> of this <code>ExpressionResult</code> is OK.
+ *
+ * @return true if the <code>Status</code> is null or has a <code>StatusCode</code> value of <code>STATUS_CODE_OK</code>.
+ */
+ public boolean isOk() {
+ return (this.getStatus() == null || this.getStatus().isOk());
+ }
+
+ /**
+ * Gets the single {@link com.att.research.xacml.api.AttributeValue} from this <code>ExpressionResult</code>. If this
+ * <code>ExpressionResult</code> represents a bag, the first element in the bag is returned.
+ *
+ * @return a single <code>AttributeValue</code> from this <code>ExpressionResult</code>
+ */
+ public abstract AttributeValue<?> getValue();
+
+ /**
+ * Determines if this <code>ExpressionResult</code> represents a bag of <code>AttributeValue</code>s or not.
+ *
+ * @return true if this <code>ExpressionResult</code> represents a bag of <code>AttributeValue</code>s, else false
+ */
+ public abstract boolean isBag();
+
+ /**
+ * Gets the {@link Bag} of values for this <code>ExpressionResult</code> if
+ * there is one.
+ *
+ * @return the <code>Bag</code> of <code>AttributeValue</code>s for this <code>ExpressionResult</code>.
+ */
+ public abstract Bag getBag();
+
+ @Override
+ public String toString() {
+ StringBuilder stringBuilder = new StringBuilder("{");
+ stringBuilder.append("isOk=" + this.isOk());
+ stringBuilder.append(", isBag=" + this.isBag());
+ Status thisStatus = this.getStatus();
+ if (thisStatus != null) {
+ stringBuilder.append(", status=");
+ stringBuilder.append(thisStatus.toString());
+ }
+ AttributeValue<?> value = this.getValue();
+ if (value != null) {
+ stringBuilder.append(", value=");
+ stringBuilder.append(value);
+ }
+ /*
+ * Not sure if I want this dumped
+ if (this.isBag()) {
+ Bag bag = this.getBag();
+ if (bag != null) {
+ }
+ }
+ */
+ stringBuilder.append('}');
+ return stringBuilder.toString();
+ }
+ /**
+ * Creates a new instance of the <code>ExpressionResult</code> class representing an error.
+ *
+ * @param statusIn the <code>Status</code> containing the error information
+ * @return a new <code>ExpressionResult</code> representing the error
+ */
+ public static ExpressionResult newError(Status statusIn) {
+ return new ExpressionResultError(statusIn);
+ }
+
+ public static ExpressionResult newSingle(AttributeValue<?> attributeValue) {
+ return new ExpressionResultSingle(attributeValue);
+ }
+
+ /**
+ * Creates a new instance of the <code>ExpressionResult</code> class representing a bag of values
+ * from the given <code>Bag</code>.
+ *
+ * @param bag the <code>Bag</code> for the new <code>ExpressionResult</code>
+ * @return a new <code>ExpressionResult</code> representing the given <code>Bag</code>.
+ */
+ public static ExpressionResult newBag(Bag bag) {
+ return new ExpressionResultBag(bag);
+ }
+
+ /**
+ * Creates a new instance of the <code>ExpressionResult</code> class representing an empty bag of values.
+ *
+ * @return the <code>ExpressionResult</code> representing the empty bag of values of the expression
+ */
+ public static ExpressionResult newEmpty() {
+ return new ExpressionResultEmptyBag();
+ }
+
+ public static ExpressionResult newInstance(Status statusIn) {
+ if (statusIn.getStatusCode().equals(StdStatus.STATUS_OK.getStatusCode())) {
+ return newEmpty();
+ } else {
+ return newError(statusIn);
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResultBoolean.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResultBoolean.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResultBoolean.java
new file mode 100755
index 0000000..3554dfa
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResultBoolean.java
@@ -0,0 +1,65 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import com.att.research.xacml.api.AttributeValue;
+import com.att.research.xacml.api.Status;
+import com.att.research.xacml.std.StdStatus;
+import com.att.research.xacml.std.datatypes.DataTypeBoolean;
+
+/**
+ * ExpressionResultBoolean extends {@link ExpressionResult} to represent predicates.
+ *
+ * @author car
+ * @version $Revision: 1.1 $
+ */
+public class ExpressionResultBoolean extends ExpressionResult {
+ private AttributeValue<Boolean> value;
+ public static final ExpressionResultBoolean ERB_FALSE = new ExpressionResultBoolean(false);
+ public static final ExpressionResultBoolean ERB_TRUE = new ExpressionResultBoolean(true);
+
+ public ExpressionResultBoolean(Status statusIn) {
+ super(statusIn);
+ }
+
+ public ExpressionResultBoolean(boolean bvalue) {
+ super(StdStatus.STATUS_OK);
+ this.value = (bvalue ? DataTypeBoolean.AV_TRUE : DataTypeBoolean.AV_FALSE);
+ }
+
+ /**
+ * Gets the <code>boolean</code> value of this <code>ExpressionResultBoolean</code>
+ *
+ * @return the <code>boolean</code> value of this <code>ExpressionResultBoolean</code>
+ */
+ public boolean isTrue() {
+ if (this.value == null) {
+ return false;
+ } else {
+ return this.value.getValue().booleanValue();
+ }
+ }
+
+ @Override
+ public AttributeValue<?> getValue() {
+ return this.value;
+ }
+
+ @Override
+ public boolean isBag() {
+ return false;
+ }
+
+ @Override
+ public Bag getBag() {
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgument.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgument.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgument.java
new file mode 100755
index 0000000..207da3d
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgument.java
@@ -0,0 +1,62 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import com.att.research.xacml.api.AttributeValue;
+import com.att.research.xacml.api.Status;
+
+/**
+ * FunctionArgument is the interface implemented by objects that can serve as arguments to a {@link com.att.research.xacmlatt.pdp.policy.FunctionDefinition}
+ * <code>evaluate</code> call.
+ *
+ * @author car
+ * @version $Revision: 1.3 $
+ */
+public interface FunctionArgument {
+ /**
+ * Gets the {@link com.att.research.xacml.api.Status} from the evaluation of this <code>FunctionArgument</code>.
+ *
+ * @return the <code>Status</code> from the evaluation of this <code>FunctionArgument</code>>
+ */
+ public Status getStatus();
+
+ /**
+ * Determines if this <code>FunctionArgument</code> is OK and can have its <code>AttributeValue</code> or
+ * <code>Bag</code> retrieved.
+ *
+ * @return true if this <code>FunctionArgument</code> is OK, otherwise false.
+ */
+ public boolean isOk();
+
+ /**
+ * Determines if this <code>FunctionArgument</code> represents a bag of values.
+ *
+ * @return true if this <code>FunctionArgument</code> represents a bag of values, else false.
+ */
+ public boolean isBag();
+
+ /**
+ * Gets the single <code>AttributeValue</code> representing the value of this <code>FunctionArgument</code>. If
+ * this <code>FunctionArgument</code> represents a bag, the value returned is up to the implementation.
+ *
+ * @return the single <code>AttributeValue</code> representing the value of this <code>FunctionArgument</code>.
+ */
+ public AttributeValue<?> getValue();
+
+ /**
+ * Gets the {@link Bag} value for this <code>FunctionArgument</code> if the
+ * argument represents a <code>Bag</code>, (i.e. <code>isBag</code> returns true).
+ *
+ * @return the <code>Bag</code> value for this <code>FunctionArgument</code>.
+ */
+ public Bag getBag();
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentAttributeValue.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentAttributeValue.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentAttributeValue.java
new file mode 100755
index 0000000..d81c14b
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentAttributeValue.java
@@ -0,0 +1,59 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import com.att.research.xacml.api.AttributeValue;
+import com.att.research.xacml.api.Status;
+import com.att.research.xacml.std.StdStatus;
+
+/**
+ * FunctionArgumentAttributeValue implements {@link FunctionArgument} for a single
+ * {@link com.att.research.xacml.api.AttributeValue}
+ * @author car
+ *
+ */
+public class FunctionArgumentAttributeValue implements FunctionArgument {
+ private AttributeValue<?> attributeValue;
+
+ /**
+ * Creates a new <code>FunctionArgumentAttributeValue</code> from the given <code>AttributeValue</code>.
+ *
+ * @param attributeValueIn the <code>AttributeValue</code> for the new <code>FunctionArgumentAttributeValue</code>.
+ */
+ public FunctionArgumentAttributeValue(AttributeValue<?> attributeValueIn) {
+ this.attributeValue = attributeValueIn;
+ }
+
+ @Override
+ public Status getStatus() {
+ return StdStatus.STATUS_OK;
+ }
+
+ @Override
+ public boolean isOk() {
+ return true;
+ }
+
+ @Override
+ public boolean isBag() {
+ return false;
+ }
+
+ @Override
+ public AttributeValue<?> getValue() {
+ return this.attributeValue;
+ }
+
+ @Override
+ public Bag getBag() {
+ return null;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentBag.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentBag.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentBag.java
new file mode 100755
index 0000000..9fc66cd
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentBag.java
@@ -0,0 +1,67 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import java.util.Iterator;
+
+import com.att.research.xacml.api.AttributeValue;
+import com.att.research.xacml.api.Status;
+import com.att.research.xacml.std.StdStatus;
+
+/**
+ * FunctionArgumentBag implements the {@link FunctionArgument} interface for
+ * a {@link Bag} objects.
+ *
+ * @author car
+ * @version $Revision: 1.3 $
+ */
+public class FunctionArgumentBag implements FunctionArgument {
+ private Bag bag;
+
+ /**
+ * Creates a new <code>FunctionArgumentBag</code> from the given <code>Bag</code>.
+ *
+ * @param bagIn the <code>Bag</code> for the new <code>FunctionArgumentBag</code>.
+ */
+ public FunctionArgumentBag(Bag bagIn) {
+ this.bag = bagIn;
+ }
+
+ @Override
+ public Status getStatus() {
+ return StdStatus.STATUS_OK;
+ }
+
+ @Override
+ public boolean isOk() {
+ return true;
+ }
+
+ @Override
+ public boolean isBag() {
+ return true;
+ }
+
+ @Override
+ public AttributeValue<?> getValue() {
+ Iterator<AttributeValue<?>> iterAttributeValues = this.bag.getAttributeValues();
+ if (iterAttributeValues == null || !iterAttributeValues.hasNext()) {
+ return null;
+ } else {
+ return iterAttributeValues.next();
+ }
+ }
+
+ @Override
+ public Bag getBag() {
+ return this.bag;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentExpression.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentExpression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentExpression.java
new file mode 100755
index 0000000..5845280
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentExpression.java
@@ -0,0 +1,113 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import com.att.research.xacml.api.AttributeValue;
+import com.att.research.xacml.api.Status;
+import com.att.research.xacml.std.StdStatus;
+import com.att.research.xacml.std.StdStatusCode;
+import com.att.research.xacmlatt.pdp.eval.EvaluationContext;
+import com.att.research.xacmlatt.pdp.eval.EvaluationException;
+
+/**
+ * FunctionArgumentExpression implements the {@link FunctionArgument} interface for
+ * unevaluated {@link Expression}s.
+ *
+ * @author car
+ * @version $Revision: 1.3 $
+ */
+public class FunctionArgumentExpression implements FunctionArgument {
+ private static final Status STATUS_NULL_EXPRESSION_RESULT = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Null expression result");
+
+ private Expression expression;
+ private EvaluationContext evaluationContext;
+ private ExpressionResult expressionResult;
+ private PolicyDefaults policyDefaults;
+
+ protected ExpressionResult evaluateExpression() {
+ if (this.getExpression() != null && this.getEvaluationContext() != null) {
+ try {
+ this.expressionResult = this.getExpression().evaluate(this.getEvaluationContext(), this.getPolicyDefaults());
+ } catch (EvaluationException ex) {
+ this.expressionResult = ExpressionResult.newError(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, ex.getMessage()));
+ }
+ }
+ return this.expressionResult;
+ }
+
+ public FunctionArgumentExpression() {
+ }
+
+ public FunctionArgumentExpression(Expression expressionIn, EvaluationContext evaluationContextIn, PolicyDefaults policyDefaultsIn) {
+ this.expression = expressionIn;
+ this.evaluationContext = evaluationContextIn;
+ this.policyDefaults = policyDefaultsIn;
+ }
+
+ protected ExpressionResult getExpressionResult() {
+ return this.expressionResult;
+ }
+
+ protected Expression getExpression() {
+ return this.expression;
+ }
+
+ protected EvaluationContext getEvaluationContext() {
+ return this.evaluationContext;
+ }
+
+ protected PolicyDefaults getPolicyDefaults() {
+
+ return this.policyDefaults;
+ }
+
+ @Override
+ public Status getStatus() {
+ ExpressionResult thisExpressionResult = this.getExpressionResult();
+ if (thisExpressionResult == null) {
+ thisExpressionResult = this.evaluateExpression();
+ }
+ return (thisExpressionResult == null ? STATUS_NULL_EXPRESSION_RESULT : thisExpressionResult.getStatus());
+ }
+
+ @Override
+ public boolean isOk() {
+ Status thisStatus = this.getStatus();
+ return (thisStatus == null ? true : thisStatus.isOk());
+ }
+
+ @Override
+ public boolean isBag() {
+ ExpressionResult thisExpressionResult = this.getExpressionResult();
+ if (thisExpressionResult == null) {
+ thisExpressionResult = this.evaluateExpression();
+ }
+ return (thisExpressionResult == null ? false : thisExpressionResult.isBag());
+ }
+
+ @Override
+ public AttributeValue<?> getValue() {
+ ExpressionResult thisExpressionResult = this.getExpressionResult();
+ if (thisExpressionResult == null) {
+ thisExpressionResult = this.evaluateExpression();
+ }
+ return (thisExpressionResult == null ? null : thisExpressionResult.getValue());
+ }
+
+ @Override
+ public Bag getBag() {
+ ExpressionResult thisExpressionResult = this.getExpressionResult();
+ if (thisExpressionResult == null) {
+ thisExpressionResult = this.evaluateExpression();
+ }
+ return (thisExpressionResult == null ? null : thisExpressionResult.getBag());
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinition.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinition.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinition.java
new file mode 100755
index 0000000..d112318
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinition.java
@@ -0,0 +1,56 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import java.util.List;
+
+import com.att.research.xacml.api.Identifier;
+import com.att.research.xacmlatt.pdp.eval.EvaluationContext;
+
+/**
+ * FunctionDefinition is the interface that objects representing XACML functions found in Match and Apply elements in Policies, PolicySets
+ * and Rules.
+ *
+ * @author car
+ * @version $Revision: 1.1 $
+ */
+public interface FunctionDefinition {
+ /**
+ * Gets the {@link com.att.research.xacml.api.Identifier} for this <code>FunctionDefinition</code>.
+ *
+ * @return the <code>Identifier</code> for this <code>FunctionDefinition</code>.
+ */
+ public Identifier getId();
+
+ /**
+ * Returns the <code>Identifier</code> for the data type returned by this function if <code>returnsBag()</code> is false or
+ * if this <code>FunctionDefinition</code> returns a bag containing a single data type. Otherwise it returns null.
+ *
+ * @return the <code>Identifier</code> for the XACML data type this <code>FunctionDefinition</code> returns
+ */
+ public Identifier getDataTypeId();
+
+ /**
+ * Determines if this <code>FunctionDefinition</code> returns a bag of values or a single value.
+ *
+ * @return true if this <code>FunctionDefinition</code> returns a bag, else false
+ */
+ public boolean returnsBag();
+
+ /**
+ * Evaluates this <code>FunctionDefinition</code> on the given <code>List</code> of{@link FunctionArgument}s.
+ *
+ * @param evaluationContext the {@link com.att.research.xacmlatt.pdp.eval.EvaluationContext} to use in the evaluation
+ * @param arguments the <code>List</code> of <code>FunctionArgument</code>s for the evaluation
+ * @return an {@link ExpressionResult} with the results of the call
+ */
+ public ExpressionResult evaluate(EvaluationContext evaluationContext, List<FunctionArgument> arguments);
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinitionFactory.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinitionFactory.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinitionFactory.java
new file mode 100755
index 0000000..f204729
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinitionFactory.java
@@ -0,0 +1,83 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import java.util.Properties;
+
+import com.att.research.xacml.api.Identifier;
+import com.att.research.xacml.util.FactoryException;
+import com.att.research.xacml.util.FactoryFinder;
+import com.att.research.xacmlatt.pdp.util.ATTPDPProperties;
+
+/**
+ * FunctionDefinitionFactory is an abstract class for mapping function {@link com.att.research.xacml.api.Identifier} ids to
+ * {@link FunctionDefinition} objects.
+ *
+ * @author car
+ * @version $Revision: 1.3 $
+ */
+public abstract class FunctionDefinitionFactory {
+ private static final String FACTORYID = ATTPDPProperties.PROP_FUNCTIONDEFINITIONFACTORY;
+ private static final String DEFAULT_FACTORY_CLASSNAME = "com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory";
+
+ protected FunctionDefinitionFactory() {
+ }
+
+ protected FunctionDefinitionFactory(Properties properties) {
+ }
+
+ /**
+ * Maps the given <code>Identifier</code> representing a XACML function to a <code>FunctionDefinition</code> object.
+ *
+ * @param functionId the <code>Identifier</code> of the <code>FunctionDefinition</code> to retrieve
+ * @return the <code>FunctionDefinition</code> for the given <code>Identifier</code> or null if not found
+ */
+ public abstract FunctionDefinition getFunctionDefinition(Identifier functionId);
+
+ /**
+ * Creates an instance of the <code>FunctionDefinitionFactory</code> using default configuration information.
+ *
+ * @return the default <code>FunctionDefinitionFactory</code>
+ */
+ public static FunctionDefinitionFactory newInstance() throws FactoryException {
+ return FactoryFinder.find(FACTORYID, DEFAULT_FACTORY_CLASSNAME, FunctionDefinitionFactory.class);
+ }
+
+ /**
+ * Creates an instance of the <code>FunctionDefinitionFactory</code> using default configuration information.
+ *
+ * @return the default <code>FunctionDefinitionFactory</code>
+ */
+ public static FunctionDefinitionFactory newInstance(Properties properties) throws FactoryException {
+ return FactoryFinder.find(FACTORYID, DEFAULT_FACTORY_CLASSNAME, FunctionDefinitionFactory.class, properties);
+ }
+
+ /**
+ * Creates an instance of the <code>FunctionDefinitionFactory</code> using the given class name.
+ *
+ * @param className the <code>String</code> class name of the <code>FunctionDefinitionFactory</code> to create
+ * @return the <code>FunctionDefinitionFactory</code> for the given class name.
+ */
+ public static FunctionDefinitionFactory newInstance(String className) throws FactoryException {
+ return FactoryFinder.newInstance(className, FunctionDefinitionFactory.class, null, true);
+ }
+
+ /**
+ * Creates an instance of the <code>FunctionDefinitionFactory</code> using the given class name using the given <code>ClassLoader</code>.
+ *
+ * @param className the <code>String</code> class name of the <code>FunctionDefinitionFactory</code> to create
+ * @param classLoader the <code>ClassLoader</code> to use to load the class with the given class name
+ * @return the <code>FunctionDefinitionFactory</code> for the given class name
+ */
+ public static FunctionDefinitionFactory newInstance(String className, ClassLoader classLoader) throws FactoryException {
+ return FactoryFinder.newInstance(className, FunctionDefinitionFactory.class, classLoader, false);
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Match.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Match.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Match.java
new file mode 100755
index 0000000..d32b8cc
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Match.java
@@ -0,0 +1,243 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import com.att.research.xacml.api.AttributeValue;
+import com.att.research.xacml.api.DataTypeException;
+import com.att.research.xacml.api.Identifier;
+import com.att.research.xacml.api.StatusCode;
+import com.att.research.xacml.api.XACML;
+import com.att.research.xacml.std.StdStatus;
+import com.att.research.xacml.std.StdStatusCode;
+import com.att.research.xacml.std.datatypes.DataTypes;
+import com.att.research.xacml.util.FactoryException;
+import com.att.research.xacmlatt.pdp.eval.EvaluationContext;
+import com.att.research.xacmlatt.pdp.eval.EvaluationException;
+import com.att.research.xacmlatt.pdp.eval.MatchResult;
+import com.att.research.xacmlatt.pdp.eval.Matchable;
+import com.att.research.xacmlatt.pdp.policy.expressions.AttributeRetrievalBase;
+
+/**
+ * Match extends {@link com.att.research.xacmlatt.pdp.policy.PolicyComponent} and implements the
+ * {@link com.att.research.xacmlatt.pdp.eval.Matchable} interface to represent a XACML Match element.
+ *
+ * @author car
+ * @version $Revision: 1.2 $
+ */
+public class Match extends PolicyComponent implements Matchable {
+ private Identifier matchId;
+ private AttributeValue<?> attributeValue;
+ private AttributeRetrievalBase attributeRetrievalBase;
+ private PolicyDefaults policyDefaults;
+ private FunctionDefinition functionDefinition;
+
+ protected FunctionDefinition getFunctionDefinition() {
+ Identifier functionDefinitionId = this.getMatchId();
+ if (this.functionDefinition == null && functionDefinitionId != null) {
+ try {
+ this.functionDefinition = FunctionDefinitionFactory.newInstance().getFunctionDefinition(functionDefinitionId);
+ } catch (FactoryException ex) {
+ this.setStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "FactoryException getting FunctionDefinition");
+ }
+ }
+ return this.functionDefinition;
+ }
+
+ public Match(StatusCode statusCodeIn, String statusMessageIn) {
+ super(statusCodeIn, statusMessageIn);
+ }
+
+ public Match(StatusCode statusCodeIn) {
+ super(statusCodeIn);
+ }
+
+ public Match() {
+ }
+
+ public Match(Identifier matchIdIn, AttributeValue<?> attributeValueIn, AttributeRetrievalBase attributeRetrievalBaseIn, PolicyDefaults policyDefaultsIn) {
+ this(StdStatusCode.STATUS_CODE_OK);
+ this.matchId = matchIdIn;
+ this.attributeValue = attributeValueIn;
+ this.attributeRetrievalBase = attributeRetrievalBaseIn;
+ this.policyDefaults = policyDefaultsIn;
+ }
+
+ public Identifier getMatchId() {
+ return this.matchId;
+ }
+
+ public void setMatchId(Identifier matchIdIn) {
+ this.matchId = matchIdIn;
+ }
+
+ public AttributeValue<?> getAttributeValue() {
+ return this.attributeValue;
+ }
+
+ public void setAttributeValue(AttributeValue<?> attributeValueIn) {
+ this.attributeValue = attributeValueIn;
+ }
+
+ public AttributeRetrievalBase getAttributeRetrievalBase() {
+ return this.attributeRetrievalBase;
+ }
+
+ public void setAttributeRetrievalBase(AttributeRetrievalBase attributeRetrievalBaseIn) {
+ this.attributeRetrievalBase = attributeRetrievalBaseIn;
+ }
+
+ public PolicyDefaults getPolicyDefaults() {
+ return this.policyDefaults;
+ }
+
+ public void setPolicyDefaults(PolicyDefaults policyDefaultsIn) {
+ this.policyDefaults = policyDefaultsIn;
+ }
+
+ private static MatchResult match(EvaluationContext evaluationContext, FunctionDefinition functionDefinition, FunctionArgument arg1, FunctionArgument arg2) throws EvaluationException {
+ List<FunctionArgument> listArguments = new ArrayList<FunctionArgument>(2);
+ listArguments.add(arg1);
+ listArguments.add(arg2);
+
+ ExpressionResult expressionResult = functionDefinition.evaluate(evaluationContext, listArguments);
+ assert(expressionResult != null);
+ if (!expressionResult.isOk()) {
+ return new MatchResult(expressionResult.getStatus());
+ }
+
+ AttributeValue<Boolean> attributeValueResult = null;
+ try {
+ attributeValueResult = DataTypes.DT_BOOLEAN.convertAttributeValue(expressionResult.getValue());
+ } catch (DataTypeException ex) {
+ return new MatchResult(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, ex.getMessage()));
+ }
+ if (attributeValueResult == null) {
+ return new MatchResult(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Non-boolean result from Match Function " + functionDefinition.getId() + " on " + expressionResult.getValue().toString()));
+ } else if (attributeValueResult.getValue().booleanValue()) {
+ return MatchResult.MM_MATCH;
+ } else {
+ return MatchResult.MM_NOMATCH;
+ }
+
+ }
+
+ @Override
+ public MatchResult match(EvaluationContext evaluationContext) throws EvaluationException {
+ if (!this.validate()) {
+ return new MatchResult(new StdStatus(this.getStatusCode(), this.getStatusMessage()));
+ }
+
+ FunctionDefinition functionDefinitionMatch = this.getFunctionDefinition();
+ assert(functionDefinitionMatch != null);
+
+ AttributeValue<?> attributeValue = this.getAttributeValue();
+ assert(attributeValue != null);
+ FunctionArgument functionArgument1 = new FunctionArgumentAttributeValue(attributeValue);
+
+ AttributeRetrievalBase attributeRetrievalBase = this.getAttributeRetrievalBase();
+ assert(attributeRetrievalBase != null);
+
+ ExpressionResult expressionResult = attributeRetrievalBase.evaluate(evaluationContext, this.getPolicyDefaults());
+ assert(expressionResult != null);
+ if (!expressionResult.isOk()) {
+ return new MatchResult(expressionResult.getStatus());
+ }
+
+ if (expressionResult.isBag()) {
+ MatchResult matchResult = MatchResult.MM_NOMATCH;
+ Bag bagAttributeValues = expressionResult.getBag();
+ if (bagAttributeValues != null) {
+ Iterator<AttributeValue<?>> iterAttributeValues = bagAttributeValues.getAttributeValues();
+ while (matchResult.getMatchCode() != MatchResult.MatchCode.MATCH && iterAttributeValues.hasNext()) {
+ MatchResult matchResultValue = match(evaluationContext, functionDefinitionMatch, functionArgument1, new FunctionArgumentAttributeValue(iterAttributeValues.next()));
+ switch(matchResultValue.getMatchCode()) {
+ case INDETERMINATE:
+ if (matchResult.getMatchCode() != MatchResult.MatchCode.INDETERMINATE) {
+ matchResult = matchResultValue;
+ }
+ break;
+ case MATCH:
+ matchResult = matchResultValue;
+ break;
+ case NOMATCH:
+ break;
+ }
+ }
+ }
+ return matchResult;
+ } else {
+ /*
+ * There is a single value, so add it as the second argument and do the one function evaluation
+ */
+ AttributeValue<?> attributeValueExpressionResult = expressionResult.getValue();
+ if (attributeValueExpressionResult == null) {
+ return new MatchResult(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Null AttributeValue"));
+ }
+
+ return match(evaluationContext, functionDefinitionMatch, functionArgument1, new FunctionArgumentAttributeValue(attributeValueExpressionResult));
+ }
+ }
+
+ @Override
+ protected boolean validateComponent() {
+ FunctionDefinition functionDefinitionHere;
+ if (this.getAttributeValue() == null) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing AttributeValue");
+ return false;
+ } else if (this.getMatchId() == null) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing MatchId");
+ return false;
+ } else if ((functionDefinitionHere = this.getFunctionDefinition()) == null) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Unknown MatchId \"" + this.getMatchId().toString() + "\"");
+ return false;
+ } else if (functionDefinitionHere.returnsBag()) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "FunctionDefinition returns a bag");
+ return false;
+ } else if (functionDefinitionHere.getDataTypeId() == null || !functionDefinitionHere.getDataTypeId().equals(XACML.ID_DATATYPE_BOOLEAN)) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Non-Boolean return type for FunctionDefinition");
+ return false;
+ } else if (this.getAttributeRetrievalBase() == null) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing AttributeSelector or AttributeDesignator");
+ return false;
+ } else {
+ this.setStatus(StdStatusCode.STATUS_CODE_OK, null);
+ return true;
+ }
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder stringBuilder = new StringBuilder("{");
+ stringBuilder.append("super=");
+ stringBuilder.append(super.toString());
+
+ Object objectToDump;
+ if ((objectToDump = this.getMatchId()) != null) {
+ stringBuilder.append(",matchId=");
+ stringBuilder.append(objectToDump.toString());
+ }
+ if ((objectToDump = this.getAttributeValue()) != null) {
+ stringBuilder.append(",attributeValue=");
+ stringBuilder.append(objectToDump.toString());
+ }
+ if ((objectToDump = this.getAttributeRetrievalBase()) != null) {
+ stringBuilder.append(",attributeRetrieval=");
+ stringBuilder.append(objectToDump.toString());
+ }
+ stringBuilder.append('}');
+ return stringBuilder.toString();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ObligationExpression.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ObligationExpression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ObligationExpression.java
new file mode 100755
index 0000000..3ef01ef
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ObligationExpression.java
@@ -0,0 +1,174 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+import com.att.research.xacml.api.AttributeAssignment;
+import com.att.research.xacml.api.Decision;
+import com.att.research.xacml.api.Identifier;
+import com.att.research.xacml.api.Obligation;
+import com.att.research.xacml.api.StatusCode;
+import com.att.research.xacml.std.StdMutableObligation;
+import com.att.research.xacml.std.StdStatusCode;
+import com.att.research.xacmlatt.pdp.eval.EvaluationContext;
+import com.att.research.xacmlatt.pdp.eval.EvaluationException;
+
+/**
+ * ObligationExpression extends {@link PolicyComponent} to implement the XACML
+ * ObligationExpression element.
+ *
+ * @author car
+ * @version $Revision: 1.1 $
+ */
+public class ObligationExpression extends PolicyComponent {
+ private Identifier obligationId;
+ private RuleEffect ruleEffect;
+ private List<AttributeAssignmentExpression> attributeAssignmentExpressions;
+
+ protected List<AttributeAssignmentExpression> getAttributeAssignmentExpressionList(boolean bNoNull) {
+ if (this.attributeAssignmentExpressions == null && bNoNull) {
+ this.attributeAssignmentExpressions = new ArrayList<AttributeAssignmentExpression>();
+ }
+ return this.attributeAssignmentExpressions;
+ }
+
+ protected void clearAttributeAssignmentExpressions() {
+ if (this.attributeAssignmentExpressions != null) {
+ this.attributeAssignmentExpressions.clear();
+ }
+ }
+
+ public ObligationExpression(StatusCode statusCodeIn, String statusMessageIn) {
+ super(statusCodeIn, statusMessageIn);
+ }
+
+ public ObligationExpression(StatusCode statusCodeIn) {
+ super(statusCodeIn);
+ }
+
+ public ObligationExpression() {
+ }
+
+ public Identifier getObligationId() {
+ return this.obligationId;
+ }
+
+ public void setObligationId(Identifier identifier) {
+ this.obligationId = identifier;
+ }
+
+ public RuleEffect getRuleEffect() {
+ return this.ruleEffect;
+ }
+
+ public void setRuleEffect(RuleEffect ruleEffectIn) {
+ this.ruleEffect = ruleEffectIn;
+ }
+
+ public Iterator<AttributeAssignmentExpression> getAttributeAssignmentExpressions() {
+ List<AttributeAssignmentExpression> listAttributeAssignmentExpressions = this.getAttributeAssignmentExpressionList(false);
+ return (listAttributeAssignmentExpressions == null ? null : listAttributeAssignmentExpressions.iterator());
+ }
+
+ public void setAttributeAssignmentExpressions(Collection<AttributeAssignmentExpression> attributeAssignmentExpressionsIn) {
+ this.clearAttributeAssignmentExpressions();
+ if (attributeAssignmentExpressionsIn != null) {
+ this.addAttributeAssignmentExpressions(attributeAssignmentExpressionsIn);
+ }
+ }
+
+ public void addAttributeAssignmentExpression(AttributeAssignmentExpression attributeAssignmentExpression) {
+ List<AttributeAssignmentExpression> listAttributeAssignmentExpressions = this.getAttributeAssignmentExpressionList(true);
+ listAttributeAssignmentExpressions.add(attributeAssignmentExpression);
+ }
+
+ public void addAttributeAssignmentExpressions(Collection<AttributeAssignmentExpression> attributeAssignmentExpressionsIn) {
+ List<AttributeAssignmentExpression> listAttributeAssignmentExpressions = this.getAttributeAssignmentExpressionList(true);
+ listAttributeAssignmentExpressions.addAll(attributeAssignmentExpressionsIn);
+ }
+
+ /**
+ * Evaluates this <code>ObligationExpression</code> in the given {@link com.att.research.xacmlatt.pdp.eval.EvaluationContext}
+ * to get an {@link com.att.research.xacml.api.Obligation} to include in a PDP result.
+ *
+ * @param evaluationContext the <code>EvaluationContext</code> in which to evaluate this <code>ObligationExpression</code>
+ * @param policyDefaults the <code>PolicyDefaults</code> to apply to the evaluation
+ * @return a new <code>Obliagion</code> from this <code>ObligationExpression</code>
+ * @throws com.att.research.xacmlatt.pdp.eval.EvaluationException if there is an error evaluating any of the <code>AttributeAssignmentExpression</code>s
+ */
+ public Obligation evaluate(EvaluationContext evaluationContext, PolicyDefaults policyDefaults) throws EvaluationException {
+ if (!this.validate()) {
+ return null;
+ }
+ List<AttributeAssignment> listAttributeAssignments = new ArrayList<AttributeAssignment>();
+ Iterator<AttributeAssignmentExpression> iterAttributeAssignmentExpressions = this.getAttributeAssignmentExpressions();
+ if (iterAttributeAssignmentExpressions != null) {
+ while (iterAttributeAssignmentExpressions.hasNext()) {
+ AttributeAssignmentResult attributeAssignmentResult = iterAttributeAssignmentExpressions.next().evaluate(evaluationContext, policyDefaults);
+ if (attributeAssignmentResult.isOk() && attributeAssignmentResult.getNumAttributeAssignments() > 0) {
+ Iterator<AttributeAssignment> iterAttributeAssignments = attributeAssignmentResult.getAttributeAssignments();
+ while (iterAttributeAssignments.hasNext()) {
+ listAttributeAssignments.add(iterAttributeAssignments.next());
+ }
+ }
+ }
+ }
+ return new StdMutableObligation(this.getObligationId(), listAttributeAssignments);
+ }
+
+ /**
+ * Evaluates a <code>Collection</code> of <code>ObligationExpression</code>s in the given <code>EvaluationContext</code> and returns
+ * a <code>List</code> of <code>Obligation</code>s.
+ *
+ * @param evaluationContext
+ * @param policyDefaults
+ * @param listObligationExpressions
+ * @return
+ * @throws com.att.research.xacmlatt.pdp.eval.EvaluationException
+ */
+ public static List<Obligation> evaluate(EvaluationContext evaluationContext, PolicyDefaults policyDefaults, Decision decision, Collection<ObligationExpression> listObligationExpressions) throws EvaluationException {
+ List<Obligation> listObligations = new ArrayList<Obligation>();
+ Iterator<ObligationExpression> iterObligationExpressions = listObligationExpressions.iterator();
+ while (iterObligationExpressions.hasNext()) {
+ ObligationExpression obligationExpression = iterObligationExpressions.next();
+ obligationExpression.validateComponent();
+ if ( ! obligationExpression.isOk()) {
+ throw new EvaluationException(obligationExpression.getStatusMessage());
+ }
+ if (decision == null || obligationExpression.getRuleEffect().getDecision().equals(decision)) {
+ Obligation obligation = obligationExpression.evaluate(evaluationContext, policyDefaults);
+ if (obligation != null) {
+ listObligations.add(obligation);
+ }
+ }
+ }
+ return listObligations;
+ }
+
+ @Override
+ protected boolean validateComponent() {
+ if (this.getObligationId() == null) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing ObligationId attribute");
+ return false;
+ } else if (this.getRuleEffect() == null) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing FulfillOn attribute");
+ return false;
+ } else {
+ this.setStatus(StdStatusCode.STATUS_CODE_OK, null);
+ return true;
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Policy.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Policy.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Policy.java
new file mode 100755
index 0000000..a7efaa5
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Policy.java
@@ -0,0 +1,323 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+
+package com.att.research.xacmlatt.pdp.policy;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+import com.att.research.xacml.api.Decision;
+import com.att.research.xacml.api.Result;
+import com.att.research.xacml.api.StatusCode;
+import com.att.research.xacml.std.StdStatus;
+import com.att.research.xacml.std.StdStatusCode;
+import com.att.research.xacml.std.trace.StdTraceEvent;
+import com.att.research.xacml.util.StringUtils;
+import com.att.research.xacmlatt.pdp.eval.EvaluationContext;
+import com.att.research.xacmlatt.pdp.eval.EvaluationException;
+import com.att.research.xacmlatt.pdp.eval.EvaluationResult;
+import com.att.research.xacmlatt.pdp.eval.MatchResult;
+
+/**
+ * Policy extends {@link com.att.research.xacmlatt.pdp.policy.PolicyDef} to represent a XACML 3.0 Policy element.
+ *
+ * @author car
+ * @version $Revision: 1.2 $
+ */
+public class Policy extends PolicyDef {
+ private TargetedCombinerParameterMap<String,Rule> ruleCombinerParameters = new TargetedCombinerParameterMap<String,Rule>();
+ private VariableMap variableMap = new VariableMap();
+ private List<Rule> rules = new ArrayList<Rule>();
+ private List<CombiningElement<Rule>> combiningRules;
+ private CombiningAlgorithm<Rule> ruleCombiningAlgorithm;
+
+ @Override
+ protected boolean validateComponent() {
+ if (super.validateComponent()) {
+ if (this.getRuleCombiningAlgorithm() == null) {
+ this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing rule combining algorithm");
+ return false;
+ } else {
+ return true;
+ }
+ } else {
+ return false;
+ }
+ }
+
+ /**
+ * Performs lazy evaluation of the combining parameters from this <code>Policy</code>.
+ *
+ * @return the <code>List</code> of <code>CombiningElement</code>s for all of the <code>Rule</code>s
+ */
+ protected List<CombiningElement<Rule>> getCombiningRules() {
+ if (this.combiningRules == null) {
+ this.combiningRules = new ArrayList<CombiningElement<Rule>>();
+ Iterator<Rule> iterRules = this.getRules();
+ while (iterRules.hasNext()) {
+ Rule rule = iterRules.next();
+ this.combiningRules.add(new CombiningElement<Rule>(rule, this.ruleCombinerParameters.getCombinerParameters(rule)));
+ }
+ }
+ return this.combiningRules;
+ }
+
+ public Policy(PolicySet policySetParent, StatusCode statusCodeIn, String statusMessageIn) {
+ super(policySetParent, statusCodeIn, statusMessageIn);
+ }
+
+ public Policy(StatusCode statusCodeIn, String statusMessageIn) {
+ super(statusCodeIn, statusMessageIn);
+ }
+
+ public Policy(StatusCode statusCodeIn) {
+ super(statusCodeIn);
+ }
+
+ public Policy(PolicySet policySetParent) {
+ super(policySetParent);
+ }
+
+ public Policy() {
+ super();
+ ruleCombinerParameters.getTargetedCombinerParameters();
+ }
+
+ /**
+ * Gets an <code>Iterator</code> over the {@link com.att.research.xacmlatt.pdp.policy.TargetedCombinerParameter}s for
+ * the {@link Rule}s in this <code>Policy</code>.
+ *
+ * @return an <code>Iterator</code> over the <code>TargetedCombinerParameter</code>s for this <code>Policy</code>.
+ */
+ public Iterator<TargetedCombinerParameter<String,Rule>> getRuleCombinerParameters() {
+ return this.ruleCombinerParameters.getTargetedCombinerParameters();
+ }
+
+ /**
+ * Sets the Rule combiner parameters for this <code>Policy</code> to the contents of the given <code>Collection</code> of
+ * <code>TargetedCombinerParameter</code>s.
+ *
+ * @param ruleCombinerParameters the <code>Collection</code> of <code>TargetedCombinerParameter</code>s to set
+ */
+ public void setRuleCombinerParameters(Collection<TargetedCombinerParameter<String,Rule>> ruleCombinerParameters) {
+ this.ruleCombinerParameters.setCombinerParameters(ruleCombinerParameters);
+ }
+
+ /**
+ * Adds the given <code>TargetedCombinerParameter</code> to the set of Rule combiner parameters for this <code>Policy</code>.
+ * @param ruleCombinerParameter the <code>TargetedCombinerParameter</code> for <code>Rule</code>s to add.
+ */
+ public void addRuleCombinerParameter(TargetedCombinerParameter<String,Rule> ruleCombinerParameter) {
+ this.ruleCombinerParameters.addCombinerParameter(ruleCombinerParameter);
+ }
+
+ /**
+ * Adds the contents of the given <code>Collection</code> of <code>TargetedCombinerParameter</code>s to the set of Rule combiner parameters
+ * for this <code>Policy</code>.
+ *
+ * @param ruleCombinerParameters the <code>Collection</code> of <code>TargetedCombinerParameter</code>s to add
+ */
+ public void addRuleCombinerParameters(Collection<TargetedCombinerParameter<String,Rule>> ruleCombinerParameters) {
+ this.ruleCombinerParameters.addCombinerParameters(ruleCombinerParameters);
+ }
+
+ /**
+ * Gets an <code>Iterator</code> over the {@link com.att.research.xacmlatt.pdp.policy.VariableDefinition}s in this <code>Policy</code>.
+ *
+ * @return an <code>Iterator</code> over the <code>VariableDefinition</code>s in this <code>Policy</code>
+ */
+ public Iterator<VariableDefinition> getVariableDefinitions() {
+ return this.variableMap.getVariableDefinitions();
+ }
+
+ /**
+ * Gets the <code>VariableDefinition</code> for the given <code>String</code> variable identifier.
+ *
+ * @param variableId the <code>String</code> variable identifier
+ * @return the <code>VariableDefinition</code> with the given <code>String</code> identifier or null if not found
+ */
+ public VariableDefinition getVariableDefinition(String variableId) {
+ return this.variableMap.getVariableDefinition(variableId);
+ }
+
+ /**
+ * Sets the <code>VariableDefinition</code>s in this <code>Policy</code> to the contents of the given <code>Collection</code>.
+ *
+ * @param listVariableDefinitions the <code>Collection</code> of <code>VariableDefinition</code>s to set
+ */
+ public void setVariableDefinitions(Collection<VariableDefinition> listVariableDefinitions) {
+ this.variableMap.setVariableDefinitions(listVariableDefinitions);
+ }
+
+ /**
+ * Adds the given <code>VariableDefinition</code> to the set of <code>VariableDefinition</code>s for this <code>Policy</code>.
+ *
+ * @param variableDefinition the <code>VariableDefinition</code> to add
+ */
+ public void addVariableDefinition(VariableDefinition variableDefinition) {
+ this.variableMap.add(variableDefinition);
+ }
+
+ /**
+ * Adds the contents of the given <code>Collection</code> of <code>VariableDefinition</code>s to this <code>Policy</code>.
+ *
+ * @param variableDefinitions the <code>Collection</code> of <code>VariableDefinition</code>s to add.
+ */
+ public void addVariableDefinitions(Collection<VariableDefinition> variableDefinitions) {
+ this.variableMap.addVariableDefinitions(variableDefinitions);
+ }
+
+ /**
+ * Gets an <code>Iterator</code> over the <code>Rule</code>s in this <code>Policy</code> or null if there are none.
+ *
+ * @return an <code>Iterator</code> over the <code>Rule</code>s in this <code>Policy</code> or null if there are none.
+ */
+ public Iterator<Rule> getRules() {
+ return this.rules.iterator();
+ }
+
+ /**
+ * Sets the <code>Rule</code>s for this <code>Policy</code> to the contents of the given <code>Collection</code> of
+ * <code>Rule</code>s. If the <code>Collection</code> is null, the set of <code>Rule</code>s for this <code>Policy</code> is set to null.
+ *
+ * @param listRules the <code>Collection</code> of <code>Rule</code>s or null
+ */
+ public void setRules(Collection<Rule> listRules) {
+ this.rules.clear();
+ if (listRules != null) {
+ this.addRules(listRules);
+ }
+ }
+
+ /**
+ * Adds the given <code>Rule</code> to the set of <code>Rule</code>s for this <code>Policy</code>.
+ *
+ * @param rule the <code>Rule</code> to add
+ */
+ public void addRule(Rule rule) {
+ this.rules.add(rule);
+ }
+
+ /**
+ * Adds the contents of the given <code>Collection</code> of <code>Rule</code>s to the set of <code>Rule</code>s for
+ * this <code>Policy</code>.
+ *
+ * @param listRules the <code>Collection</code> of <code>Rule</code>s to add
+ */
+ public void addRules(Collection<Rule> listRules) {
+ this.rules.addAll(listRules);
+ }
+
+ /**
+ * Gets the <code>CombiningAlgorithm</code> for <code>Rule</code>s for this <code>Policy</code>.
+ *
+ * @return the <code>CombiningAlgorithm</code> for <code>Rule</code>s for this <code>Policy</code>.
+ */
+ public CombiningAlgorithm<Rule> getRuleCombiningAlgorithm() {
+ return this.ruleCombiningAlgorithm;
+ }
+
+ /**
+ * Sets the <code>CombiningAlgorithm</code> for <code>Rule</code>s for this <code>Policy</code>>
+ *
+ * @param ruleCombiningAlgorithmIn the <code>CombiningAlgorithm</code> for <code>Rule</code>s for this <code>Policy</code>
+ */
+ public void setRuleCombiningAlgorithm(CombiningAlgorithm<Rule> ruleCombiningAlgorithmIn) {
+ this.ruleCombiningAlgorithm = ruleCombiningAlgorithmIn;
+ }
+
+ @Override
+ public EvaluationResult evaluate(EvaluationContext evaluationContext) throws EvaluationException {
+ /*
+ * First check to see if we are valid. If not, return an error status immediately
+ */
+ if (!this.validate()) {
+ return new EvaluationResult(new StdStatus(this.getStatusCode(), this.getStatusMessage()));
+ }
+
+ /*
+ * See if we match
+ */
+ MatchResult thisMatchResult = this.match(evaluationContext);
+ assert(thisMatchResult != null);
+ if (evaluationContext.isTracing()) {
+ evaluationContext.trace(new StdTraceEvent<MatchResult>("Match", this, thisMatchResult));
+ }
+ switch(thisMatchResult.getMatchCode()) {
+ case INDETERMINATE:
+ return new EvaluationResult(Decision.INDETERMINATE, thisMatchResult.getStatus());
+ case MATCH:
+ break;
+ case NOMATCH:
+ return new EvaluationResult(Decision.NOTAPPLICABLE);
+ }
+
+ /*
+ * Get the combining elements
+ */
+ List<CombiningElement<Rule>> ruleCombiningElements = this.getCombiningRules();
+ assert(ruleCombiningElements != null);
+
+ /*
+ * Run the combining algorithm
+ */
+ assert(this.getRuleCombiningAlgorithm() != null);
+ EvaluationResult evaluationResultCombined = this.getRuleCombiningAlgorithm().combine(evaluationContext, ruleCombiningElements, this.getCombinerParameterList());
+ assert(evaluationResultCombined != null);
+
+ if (evaluationResultCombined.getDecision() == Decision.DENY || evaluationResultCombined.getDecision() == Decision.PERMIT) {
+ this.updateResult(evaluationResultCombined, evaluationContext);
+
+ /*
+ * Add my id to the policy identifiers
+ */
+ if (evaluationContext.getRequest().getReturnPolicyIdList()) {
+ evaluationResultCombined.addPolicyIdentifier(this.getIdReference());
+ }
+ }
+ if (evaluationContext.isTracing()) {
+ evaluationContext.trace(new StdTraceEvent<Result>("Result", this, evaluationResultCombined));
+ }
+ return evaluationResultCombined;
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder stringBuilder = new StringBuilder("{");
+ stringBuilder.append("super=");
+ stringBuilder.append(super.toString());
+
+ String iteratorToDump;
+ if ((iteratorToDump = StringUtils.toString(this.getRuleCombinerParameters())) != null) {
+ stringBuilder.append(",ruleCombinerParameters=");
+ stringBuilder.append(iteratorToDump);
+ }
+ if ((iteratorToDump = StringUtils.toString(this.getVariableDefinitions())) != null) {
+ stringBuilder.append(",variableDefinitions=");
+ stringBuilder.append(iteratorToDump);
+ }
+ if ((iteratorToDump = StringUtils.toString(this.getRules())) != null) {
+ stringBuilder.append(",rules=");
+ stringBuilder.append(iteratorToDump);
+ }
+
+ Object objectToDump;
+ if ((objectToDump = this.getRuleCombiningAlgorithm()) != null) {
+ stringBuilder.append(",ruleCombiningAlgorithm=");
+ stringBuilder.append(objectToDump.toString());
+ }
+ stringBuilder.append('}');
+ return stringBuilder.toString();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/PolicyComponent.java
----------------------------------------------------------------------
diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/PolicyComponent.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/PolicyComponent.java
new file mode 100755
index 0000000..9195249
--- /dev/null
+++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/PolicyComponent.java
@@ -0,0 +1,144 @@
+/*
+ * AT&T - PROPRIETARY
+ * THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+ * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+ * ACCORDANCE WITH APPLICABLE AGREEMENTS.
+ *
+ * Copyright (c) 2013 AT&T Knowledge Ventures
+ * Unpublished and Not for Publication
+ * All Rights Reserved
+ */
+package com.att.research.xacmlatt.pdp.policy;
+
+import com.att.research.xacml.api.StatusCode;
+import com.att.research.xacml.std.StdStatusCode;
+
+/**
+ * PolicyComponent is the base class for all pieces of a XACML Policy or PolicySet that could potentially have errors associated
+ * with them by the policy loader.
+ *
+ * @author car
+ * @version $Revision: 1.1 $
+ */
+abstract class PolicyComponent {
+ private StatusCode statusCode;
+ private String statusMessage;
+
+ /**
+ * Creates a new <code>PolicyComponent</code> with the given {@link com.att.research.xacml.api.StatusCode} and
+ * <code>String</code> detailed message. If the <code>StatusCode</code> is null, a default OK status code is used.
+ *
+ * @param statusCodeIn the <code>StatusCode</code> for the new <code>PolicyComponent</code>
+ * @param statusMessageIn the <code>String</code> detailed status message for the new <code>PolicyComponent</code>
+ */
+ public PolicyComponent(StatusCode statusCodeIn, String statusMessageIn) {
+ this.statusCode = statusCodeIn;
+ this.statusMessage = statusMessageIn;
+ }
+
+ /**
+ * Creates a new <code>PolicyComponent</code> with the given <code>StatusCode</code> and no status message.
+ *
+ * @param statusCodeIn the <code>StatusCode</code> for the new <code>PolicyComponent</code>
+ */
+ public PolicyComponent(StatusCode statusCodeIn) {
+ this(statusCodeIn, null);
+ }
+
+ /**
+ * Creates a new <code>PolicyCOmponent</code> with no <code>StatusCode</code> or status message.
+ */
+ public PolicyComponent() {
+ this(null, null);
+ }
+
+ /**
+ * Gets the <code>StatusCode</code> associated with this <code>PolicyComponent</code>.
+ *
+ * @return the <code>StatusCode</code> associated with this <code>PolicyComponent</code>
+ */
+ public StatusCode getStatusCode() {
+ return this.statusCode;
+ }
+
+ /**
+ * Gets the <code>String</code> status message associated with this <code>PolicyComponent</code>.
+ *
+ * @return the <code>String</code> status message associated with this <code>PolicyComponent</code> or null if none
+ */
+ public String getStatusMessage() {
+ return this.statusMessage;
+ }
+
+ /**
+ * Sets the <code>StatusCode</code> and <code>String</code> status message for this <code>PolicyComponent</code>.
+ * This method is mainly provided for objects that may have lazy evaluations performed on them, in which case the
+ * status is not determined until the object is actually used.
+ *
+ * @param statusCodeIn the <code>StatusCode</code> for this <code>PolicyComponent</code>
+ * @param messageIn the <code>String</code> status message for this <code>PolicyComponent</code>
+ */
+ public void setStatus(StatusCode statusCodeIn, String messageIn) {
+ this.statusCode = statusCodeIn;
+ this.statusMessage = messageIn;
+ }
+
+ /**
+ * Does a check on the <code>StatusCode</code> for this element to determine if it is equivalent to the
+ * OK status code.
+ *
+ * @return true if the <code>StatusCode</code> is equivalent to OK, otherwise false
+ */
+ public boolean isOk() {
+ return StdStatusCode.STATUS_CODE_OK.equals(this.getStatusCode());
+ }
+
+ /**
+ * Validates that this <code>PolicyComponent</code> has all of the required elements according to the XACML 3.0
+ * specification. If the component is not valid, this method should set the <code>StatusCode</code> to reflect a
+ * syntax error, and should set the status message to reflect the invalid piece(s).
+ *
+ * <code>PolicyComponent</code>s that implement this method should only validate their immediate elements and not perform
+ * a deep validation of descendents.
+ *
+ * @return true if the resulting status code is OK, otherwise false
+ */
+ abstract protected boolean validateComponent();
+
+ /**
+ * If a <code>StatusCode</code> has not been set, ask this <code>PolicyComponent</code> to validate itself and return
+ * the value from the validation. Otherwise, check to see if the cached <code>StatusCode</code> indicates this <code>PolicyComponent</code> is valid.
+ *
+ * @return true if this <code>PolicyComponent</code> is valid, else false.
+ */
+ public boolean validate() {
+ if (this.getStatusCode() == null) {
+ return this.validateComponent();
+ } else {
+ return this.isOk();
+ }
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder stringBuilder = new StringBuilder("{");
+ Object objectToDump;
+ boolean needsComma = false;
+ if ((objectToDump = this.getStatusCode()) != null) {
+ stringBuilder.append("statusCode=");
+ stringBuilder.append(objectToDump.toString());
+ needsComma = true;
+ }
+ if ((objectToDump = this.getStatusMessage()) != null) {
+ if (needsComma) {
+ stringBuilder.append(',');
+ }
+ stringBuilder.append("statusMessage=");
+ stringBuilder.append((String)objectToDump);
+ needsComma = true;
+ }
+ stringBuilder.append('}');
+ return stringBuilder.toString();
+ }
+
+}