http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Condition.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Condition.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Condition.java new file mode 100755 index 0000000..0f02f78 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Condition.java @@ -0,0 +1,149 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import com.att.research.xacml.api.AttributeValue; +import com.att.research.xacml.api.DataTypeException; +import com.att.research.xacml.api.Status; +import com.att.research.xacml.api.StatusCode; +import com.att.research.xacml.std.StdStatus; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.datatypes.DataTypes; +import com.att.research.xacmlatt.pdp.eval.EvaluationContext; +import com.att.research.xacmlatt.pdp.eval.EvaluationException; + +/** + * Condition extends {@link com.att.research.xacmlatt.pdp.policy.PolicyComponent} to represent the XACML Condition element + * in a XACML Rule. + * + * @author car + * @version $Revision: 1.1 $ + */ +public class Condition extends PolicyComponent { + private static final Status STATUS_PE_RETURNED_BAG = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Condition Expression returned a bag"); + private static final ExpressionResultBoolean ERB_RETURNED_BAG = new ExpressionResultBoolean(STATUS_PE_RETURNED_BAG); + private static final Status STATUS_PE_RETURNED_NULL = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Null value from Condition Expression"); + private static final ExpressionResultBoolean ERB_RETURNED_NULL = new ExpressionResultBoolean(STATUS_PE_RETURNED_NULL); + private static final Status STATUS_PE_RETURNED_NON_BOOLEAN = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Non-boolean value from Condition Expression"); + private static final ExpressionResultBoolean ERB_RETURNED_NON_BOOLEAN = new ExpressionResultBoolean(STATUS_PE_RETURNED_NON_BOOLEAN); + private static final Status STATUS_PE_INVALID_BOOLEAN = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Invalid Boolean value"); + private static final ExpressionResultBoolean ERB_INVALID_BOOLEAN = new ExpressionResultBoolean(STATUS_PE_INVALID_BOOLEAN); + + private Expression expression; + + /** + * Creates a <code>Condition</code> with the given {@link com.att.research.xacml.api.StatusCode} and <code>String</code> + * status message. + * + * @param statusCodeIn the <code>StatusCode</code> for the <code>Condition</code> + * @param statusMessageIn the <code>String</code> status message for the <code>Condition</code> + */ + public Condition(StatusCode statusCodeIn, String statusMessageIn) { + super(statusCodeIn, statusMessageIn); + } + + /** + * Creates a <code>Condition</code> with the given <code>StatusCode</code. and a null status message. + * + * @param statusCodeIn the <code>StatusCode</code> for the <code>Condition</code> + */ + public Condition(StatusCode statusCodeIn) { + super(statusCodeIn); + } + + /** + * Creates an empty <code>Condition</code> + */ + public Condition() { + } + + /** + * Creates a new <code>Condition</code> with the given {@link com.att.research.xacmlatt.pdp.policy.Expression} and a default + * OK <code>StatusCode</code>. + * + * @param expressionIn the <code>Expression</code> for the <code>Condition</code> + */ + public Condition(Expression expressionIn) { + this.expression = expressionIn; + } + + public Expression getExpression() { + return this.expression; + } + + public void setExpression(Expression expressionIn) { + this.expression = expressionIn; + } + + @Override + protected boolean validateComponent() { + if (this.getExpression() == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing Expression"); + return false; + } else { + this.setStatus(StdStatusCode.STATUS_CODE_OK, null); + return true; + } + } + + /** + * Evaluates the <code>Expression</code> in this <code>Condition</code> in the given {@link com.att.research.xacmlatt.pdp.eval.EvaluationContext}. + * and validates that the result is a boolean. + * + * @param evaluationContext the <code>EvaluationContext</code> in which to evaluate this <code>Expression</code> + * @param policyDefaults the {@link com.att.research.xacml.pdp.policy.PolicyDefaults} to use in evaluating this <code>Expression</code> + * @return a {@link com.att.research.xacmlatt.pdp.policy.ExpressionResult} + */ + public ExpressionResultBoolean evaluate(EvaluationContext evaluationContext, PolicyDefaults policyDefaults) throws EvaluationException { + if (!this.validate()) { + return new ExpressionResultBoolean(new StdStatus(this.getStatusCode(), this.getStatusMessage())); + } + + /* + * Evaluate the expression + */ + ExpressionResult expressionResult = this.getExpression().evaluate(evaluationContext, policyDefaults); + assert(expressionResult != null); + + if (!expressionResult.isOk()) { + return new ExpressionResultBoolean(expressionResult.getStatus()); + } + + /* + * Ensure the result is a single element of type boolean + */ + if (expressionResult.isBag()) { + return ERB_RETURNED_BAG; + } + AttributeValue<?> attributeValueResult = expressionResult.getValue(); + if (attributeValueResult == null) { + return ERB_RETURNED_NULL; + } else if (!DataTypes.DT_BOOLEAN.getId().equals(attributeValueResult.getDataTypeId())) { + return ERB_RETURNED_NON_BOOLEAN; + } + + /* + * Otherwise it is a valid condition evaluation + */ + Boolean booleanValue = null; + try { + booleanValue = DataTypes.DT_BOOLEAN.convert(attributeValueResult.getValue()); + } catch (DataTypeException ex) { + return new ExpressionResultBoolean(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, ex.getMessage())); + } + if (booleanValue == null) { + return ERB_INVALID_BOOLEAN; + } else { + return (booleanValue.booleanValue() ? ExpressionResultBoolean.ERB_TRUE : ExpressionResultBoolean.ERB_FALSE); + } + } + +}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Expression.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Expression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Expression.java new file mode 100755 index 0000000..c40c41a --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Expression.java @@ -0,0 +1,44 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import com.att.research.xacml.api.StatusCode; +import com.att.research.xacmlatt.pdp.eval.EvaluationContext; +import com.att.research.xacmlatt.pdp.eval.EvaluationException; + +/** + * Expression extends {@link com.att.research.xacmlatt.pdp.policy.PolicyComponent} to represent a XACML ExpressionType element. + * + * @author car + * @version $Revision: 1.1 $ + */ +public abstract class Expression extends PolicyComponent { + + public Expression(StatusCode statusCodeIn, String statusMessageIn) { + super(statusCodeIn, statusMessageIn); + } + + public Expression(StatusCode statusCodeIn) { + super(statusCodeIn); + } + + public Expression() { + } + + /** + * Evaluates this <code>Expression</code> in the given {@link com.att.research.xacmlatt.pdp.eval.EvaluationContext}. + * + * @param evaluationContext the <code>EvaluationContext</code> in which to evaluate this <code>Expression</code> + * @param policyDefaults the {@link com.att.research.xacml.pdp.policy.PolicyDefaults} to use in evaluating this <code>Expression</code> + * @return a {@link com.att.research.xacmlatt.pdp.policy.ExpressionResult} + */ + public abstract ExpressionResult evaluate(EvaluationContext evaluationContext, PolicyDefaults policyDefaults) throws EvaluationException; +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResult.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResult.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResult.java new file mode 100755 index 0000000..778861f --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResult.java @@ -0,0 +1,254 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import java.util.Iterator; + +import com.att.research.xacml.api.AttributeValue; +import com.att.research.xacml.api.Status; +import com.att.research.xacml.std.StdStatus; + +/** + * ExpressionResult is the object returned by the <code>evaluate</code> method of {@link Expression} + * objects. + * + * @author car + * @version $Revision: 1.1 $ + */ +public abstract class ExpressionResult implements FunctionArgument { + private Status status; + + /** + * ExpressionResultError extends <code>ExpressionResult</code> to represent error results. + * + * @author car + * @version $Revision: 1.1 $ + */ + private static class ExpressionResultError extends ExpressionResult { + public ExpressionResultError(Status statusIn) { + super(statusIn); + } + + @Override + public AttributeValue<?> getValue() { + return null; + } + + @Override + public boolean isBag() { + return false; + } + + @Override + public Bag getBag() { + return null; + } + } + + /** + * ExpressionResultSingle extends <code>ExpressionResult</code> to represent results with a single value. + * + * @author car + * @version $Revision: 1.1 $ + */ + private static class ExpressionResultSingle extends ExpressionResult { + AttributeValue<?> attributeValue; + + public ExpressionResultSingle(AttributeValue<?> attributeValueIn) { + super(StdStatus.STATUS_OK); + this.attributeValue = attributeValueIn; + } + + @Override + public AttributeValue<?> getValue() { + return this.attributeValue; + } + + @Override + public boolean isBag() { + return false; + } + + @Override + public Bag getBag() { + return null; + } + } + + private static class ExpressionResultBag extends ExpressionResult { + private Bag bag; + + public ExpressionResultBag(Bag bagIn) { + super(StdStatus.STATUS_OK); + this.bag = bagIn; + } + + @Override + public AttributeValue<?> getValue() { + Iterator<AttributeValue<?>> iter = this.bag.getAttributeValues(); + if (iter != null && iter.hasNext()) { + return iter.next(); + } else { + return null; + } + } + + @Override + public boolean isBag() { + return true; + } + + @Override + public Bag getBag() { + return this.bag; + } + } + + private static class ExpressionResultEmptyBag extends ExpressionResult { + public ExpressionResultEmptyBag() { + super(StdStatus.STATUS_OK); + } + + @Override + public AttributeValue<?> getValue() { + return null; + } + + @Override + public boolean isBag() { + return true; + } + + @Override + public Bag getBag() { + return Bag.EMPTY; + } + } + + /** + * Creates a new <code>ExpressionResult</code> with the given {@link com.att.research.xacml.api.Status}. + * + * @param statusIn the <code>Status</code> of this <code>ExpressionResult</code> + */ + protected ExpressionResult(Status statusIn) { + this.status = statusIn; + } + + /** + * Gets the <code>Status</code> for this <code>ExpressionResult</code>. + * + * @return the <code>Status</code> for this <code>ExpressionResult</code> + */ + public Status getStatus() { + return this.status; + } + + /** + * Shortcut procedure for determining if the <code>Status</code> of this <code>ExpressionResult</code> is OK. + * + * @return true if the <code>Status</code> is null or has a <code>StatusCode</code> value of <code>STATUS_CODE_OK</code>. + */ + public boolean isOk() { + return (this.getStatus() == null || this.getStatus().isOk()); + } + + /** + * Gets the single {@link com.att.research.xacml.api.AttributeValue} from this <code>ExpressionResult</code>. If this + * <code>ExpressionResult</code> represents a bag, the first element in the bag is returned. + * + * @return a single <code>AttributeValue</code> from this <code>ExpressionResult</code> + */ + public abstract AttributeValue<?> getValue(); + + /** + * Determines if this <code>ExpressionResult</code> represents a bag of <code>AttributeValue</code>s or not. + * + * @return true if this <code>ExpressionResult</code> represents a bag of <code>AttributeValue</code>s, else false + */ + public abstract boolean isBag(); + + /** + * Gets the {@link Bag} of values for this <code>ExpressionResult</code> if + * there is one. + * + * @return the <code>Bag</code> of <code>AttributeValue</code>s for this <code>ExpressionResult</code>. + */ + public abstract Bag getBag(); + + @Override + public String toString() { + StringBuilder stringBuilder = new StringBuilder("{"); + stringBuilder.append("isOk=" + this.isOk()); + stringBuilder.append(", isBag=" + this.isBag()); + Status thisStatus = this.getStatus(); + if (thisStatus != null) { + stringBuilder.append(", status="); + stringBuilder.append(thisStatus.toString()); + } + AttributeValue<?> value = this.getValue(); + if (value != null) { + stringBuilder.append(", value="); + stringBuilder.append(value); + } + /* + * Not sure if I want this dumped + if (this.isBag()) { + Bag bag = this.getBag(); + if (bag != null) { + } + } + */ + stringBuilder.append('}'); + return stringBuilder.toString(); + } + /** + * Creates a new instance of the <code>ExpressionResult</code> class representing an error. + * + * @param statusIn the <code>Status</code> containing the error information + * @return a new <code>ExpressionResult</code> representing the error + */ + public static ExpressionResult newError(Status statusIn) { + return new ExpressionResultError(statusIn); + } + + public static ExpressionResult newSingle(AttributeValue<?> attributeValue) { + return new ExpressionResultSingle(attributeValue); + } + + /** + * Creates a new instance of the <code>ExpressionResult</code> class representing a bag of values + * from the given <code>Bag</code>. + * + * @param bag the <code>Bag</code> for the new <code>ExpressionResult</code> + * @return a new <code>ExpressionResult</code> representing the given <code>Bag</code>. + */ + public static ExpressionResult newBag(Bag bag) { + return new ExpressionResultBag(bag); + } + + /** + * Creates a new instance of the <code>ExpressionResult</code> class representing an empty bag of values. + * + * @return the <code>ExpressionResult</code> representing the empty bag of values of the expression + */ + public static ExpressionResult newEmpty() { + return new ExpressionResultEmptyBag(); + } + + public static ExpressionResult newInstance(Status statusIn) { + if (statusIn.getStatusCode().equals(StdStatus.STATUS_OK.getStatusCode())) { + return newEmpty(); + } else { + return newError(statusIn); + } + } + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResultBoolean.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResultBoolean.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResultBoolean.java new file mode 100755 index 0000000..3554dfa --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ExpressionResultBoolean.java @@ -0,0 +1,65 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import com.att.research.xacml.api.AttributeValue; +import com.att.research.xacml.api.Status; +import com.att.research.xacml.std.StdStatus; +import com.att.research.xacml.std.datatypes.DataTypeBoolean; + +/** + * ExpressionResultBoolean extends {@link ExpressionResult} to represent predicates. + * + * @author car + * @version $Revision: 1.1 $ + */ +public class ExpressionResultBoolean extends ExpressionResult { + private AttributeValue<Boolean> value; + public static final ExpressionResultBoolean ERB_FALSE = new ExpressionResultBoolean(false); + public static final ExpressionResultBoolean ERB_TRUE = new ExpressionResultBoolean(true); + + public ExpressionResultBoolean(Status statusIn) { + super(statusIn); + } + + public ExpressionResultBoolean(boolean bvalue) { + super(StdStatus.STATUS_OK); + this.value = (bvalue ? DataTypeBoolean.AV_TRUE : DataTypeBoolean.AV_FALSE); + } + + /** + * Gets the <code>boolean</code> value of this <code>ExpressionResultBoolean</code> + * + * @return the <code>boolean</code> value of this <code>ExpressionResultBoolean</code> + */ + public boolean isTrue() { + if (this.value == null) { + return false; + } else { + return this.value.getValue().booleanValue(); + } + } + + @Override + public AttributeValue<?> getValue() { + return this.value; + } + + @Override + public boolean isBag() { + return false; + } + + @Override + public Bag getBag() { + return null; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgument.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgument.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgument.java new file mode 100755 index 0000000..207da3d --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgument.java @@ -0,0 +1,62 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import com.att.research.xacml.api.AttributeValue; +import com.att.research.xacml.api.Status; + +/** + * FunctionArgument is the interface implemented by objects that can serve as arguments to a {@link com.att.research.xacmlatt.pdp.policy.FunctionDefinition} + * <code>evaluate</code> call. + * + * @author car + * @version $Revision: 1.3 $ + */ +public interface FunctionArgument { + /** + * Gets the {@link com.att.research.xacml.api.Status} from the evaluation of this <code>FunctionArgument</code>. + * + * @return the <code>Status</code> from the evaluation of this <code>FunctionArgument</code>> + */ + public Status getStatus(); + + /** + * Determines if this <code>FunctionArgument</code> is OK and can have its <code>AttributeValue</code> or + * <code>Bag</code> retrieved. + * + * @return true if this <code>FunctionArgument</code> is OK, otherwise false. + */ + public boolean isOk(); + + /** + * Determines if this <code>FunctionArgument</code> represents a bag of values. + * + * @return true if this <code>FunctionArgument</code> represents a bag of values, else false. + */ + public boolean isBag(); + + /** + * Gets the single <code>AttributeValue</code> representing the value of this <code>FunctionArgument</code>. If + * this <code>FunctionArgument</code> represents a bag, the value returned is up to the implementation. + * + * @return the single <code>AttributeValue</code> representing the value of this <code>FunctionArgument</code>. + */ + public AttributeValue<?> getValue(); + + /** + * Gets the {@link Bag} value for this <code>FunctionArgument</code> if the + * argument represents a <code>Bag</code>, (i.e. <code>isBag</code> returns true). + * + * @return the <code>Bag</code> value for this <code>FunctionArgument</code>. + */ + public Bag getBag(); + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentAttributeValue.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentAttributeValue.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentAttributeValue.java new file mode 100755 index 0000000..d81c14b --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentAttributeValue.java @@ -0,0 +1,59 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import com.att.research.xacml.api.AttributeValue; +import com.att.research.xacml.api.Status; +import com.att.research.xacml.std.StdStatus; + +/** + * FunctionArgumentAttributeValue implements {@link FunctionArgument} for a single + * {@link com.att.research.xacml.api.AttributeValue} + * @author car + * + */ +public class FunctionArgumentAttributeValue implements FunctionArgument { + private AttributeValue<?> attributeValue; + + /** + * Creates a new <code>FunctionArgumentAttributeValue</code> from the given <code>AttributeValue</code>. + * + * @param attributeValueIn the <code>AttributeValue</code> for the new <code>FunctionArgumentAttributeValue</code>. + */ + public FunctionArgumentAttributeValue(AttributeValue<?> attributeValueIn) { + this.attributeValue = attributeValueIn; + } + + @Override + public Status getStatus() { + return StdStatus.STATUS_OK; + } + + @Override + public boolean isOk() { + return true; + } + + @Override + public boolean isBag() { + return false; + } + + @Override + public AttributeValue<?> getValue() { + return this.attributeValue; + } + + @Override + public Bag getBag() { + return null; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentBag.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentBag.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentBag.java new file mode 100755 index 0000000..9fc66cd --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentBag.java @@ -0,0 +1,67 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import java.util.Iterator; + +import com.att.research.xacml.api.AttributeValue; +import com.att.research.xacml.api.Status; +import com.att.research.xacml.std.StdStatus; + +/** + * FunctionArgumentBag implements the {@link FunctionArgument} interface for + * a {@link Bag} objects. + * + * @author car + * @version $Revision: 1.3 $ + */ +public class FunctionArgumentBag implements FunctionArgument { + private Bag bag; + + /** + * Creates a new <code>FunctionArgumentBag</code> from the given <code>Bag</code>. + * + * @param bagIn the <code>Bag</code> for the new <code>FunctionArgumentBag</code>. + */ + public FunctionArgumentBag(Bag bagIn) { + this.bag = bagIn; + } + + @Override + public Status getStatus() { + return StdStatus.STATUS_OK; + } + + @Override + public boolean isOk() { + return true; + } + + @Override + public boolean isBag() { + return true; + } + + @Override + public AttributeValue<?> getValue() { + Iterator<AttributeValue<?>> iterAttributeValues = this.bag.getAttributeValues(); + if (iterAttributeValues == null || !iterAttributeValues.hasNext()) { + return null; + } else { + return iterAttributeValues.next(); + } + } + + @Override + public Bag getBag() { + return this.bag; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentExpression.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentExpression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentExpression.java new file mode 100755 index 0000000..5845280 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionArgumentExpression.java @@ -0,0 +1,113 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import com.att.research.xacml.api.AttributeValue; +import com.att.research.xacml.api.Status; +import com.att.research.xacml.std.StdStatus; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacmlatt.pdp.eval.EvaluationContext; +import com.att.research.xacmlatt.pdp.eval.EvaluationException; + +/** + * FunctionArgumentExpression implements the {@link FunctionArgument} interface for + * unevaluated {@link Expression}s. + * + * @author car + * @version $Revision: 1.3 $ + */ +public class FunctionArgumentExpression implements FunctionArgument { + private static final Status STATUS_NULL_EXPRESSION_RESULT = new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Null expression result"); + + private Expression expression; + private EvaluationContext evaluationContext; + private ExpressionResult expressionResult; + private PolicyDefaults policyDefaults; + + protected ExpressionResult evaluateExpression() { + if (this.getExpression() != null && this.getEvaluationContext() != null) { + try { + this.expressionResult = this.getExpression().evaluate(this.getEvaluationContext(), this.getPolicyDefaults()); + } catch (EvaluationException ex) { + this.expressionResult = ExpressionResult.newError(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, ex.getMessage())); + } + } + return this.expressionResult; + } + + public FunctionArgumentExpression() { + } + + public FunctionArgumentExpression(Expression expressionIn, EvaluationContext evaluationContextIn, PolicyDefaults policyDefaultsIn) { + this.expression = expressionIn; + this.evaluationContext = evaluationContextIn; + this.policyDefaults = policyDefaultsIn; + } + + protected ExpressionResult getExpressionResult() { + return this.expressionResult; + } + + protected Expression getExpression() { + return this.expression; + } + + protected EvaluationContext getEvaluationContext() { + return this.evaluationContext; + } + + protected PolicyDefaults getPolicyDefaults() { + + return this.policyDefaults; + } + + @Override + public Status getStatus() { + ExpressionResult thisExpressionResult = this.getExpressionResult(); + if (thisExpressionResult == null) { + thisExpressionResult = this.evaluateExpression(); + } + return (thisExpressionResult == null ? STATUS_NULL_EXPRESSION_RESULT : thisExpressionResult.getStatus()); + } + + @Override + public boolean isOk() { + Status thisStatus = this.getStatus(); + return (thisStatus == null ? true : thisStatus.isOk()); + } + + @Override + public boolean isBag() { + ExpressionResult thisExpressionResult = this.getExpressionResult(); + if (thisExpressionResult == null) { + thisExpressionResult = this.evaluateExpression(); + } + return (thisExpressionResult == null ? false : thisExpressionResult.isBag()); + } + + @Override + public AttributeValue<?> getValue() { + ExpressionResult thisExpressionResult = this.getExpressionResult(); + if (thisExpressionResult == null) { + thisExpressionResult = this.evaluateExpression(); + } + return (thisExpressionResult == null ? null : thisExpressionResult.getValue()); + } + + @Override + public Bag getBag() { + ExpressionResult thisExpressionResult = this.getExpressionResult(); + if (thisExpressionResult == null) { + thisExpressionResult = this.evaluateExpression(); + } + return (thisExpressionResult == null ? null : thisExpressionResult.getBag()); + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinition.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinition.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinition.java new file mode 100755 index 0000000..d112318 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinition.java @@ -0,0 +1,56 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import java.util.List; + +import com.att.research.xacml.api.Identifier; +import com.att.research.xacmlatt.pdp.eval.EvaluationContext; + +/** + * FunctionDefinition is the interface that objects representing XACML functions found in Match and Apply elements in Policies, PolicySets + * and Rules. + * + * @author car + * @version $Revision: 1.1 $ + */ +public interface FunctionDefinition { + /** + * Gets the {@link com.att.research.xacml.api.Identifier} for this <code>FunctionDefinition</code>. + * + * @return the <code>Identifier</code> for this <code>FunctionDefinition</code>. + */ + public Identifier getId(); + + /** + * Returns the <code>Identifier</code> for the data type returned by this function if <code>returnsBag()</code> is false or + * if this <code>FunctionDefinition</code> returns a bag containing a single data type. Otherwise it returns null. + * + * @return the <code>Identifier</code> for the XACML data type this <code>FunctionDefinition</code> returns + */ + public Identifier getDataTypeId(); + + /** + * Determines if this <code>FunctionDefinition</code> returns a bag of values or a single value. + * + * @return true if this <code>FunctionDefinition</code> returns a bag, else false + */ + public boolean returnsBag(); + + /** + * Evaluates this <code>FunctionDefinition</code> on the given <code>List</code> of{@link FunctionArgument}s. + * + * @param evaluationContext the {@link com.att.research.xacmlatt.pdp.eval.EvaluationContext} to use in the evaluation + * @param arguments the <code>List</code> of <code>FunctionArgument</code>s for the evaluation + * @return an {@link ExpressionResult} with the results of the call + */ + public ExpressionResult evaluate(EvaluationContext evaluationContext, List<FunctionArgument> arguments); +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinitionFactory.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinitionFactory.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinitionFactory.java new file mode 100755 index 0000000..f204729 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/FunctionDefinitionFactory.java @@ -0,0 +1,83 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import java.util.Properties; + +import com.att.research.xacml.api.Identifier; +import com.att.research.xacml.util.FactoryException; +import com.att.research.xacml.util.FactoryFinder; +import com.att.research.xacmlatt.pdp.util.ATTPDPProperties; + +/** + * FunctionDefinitionFactory is an abstract class for mapping function {@link com.att.research.xacml.api.Identifier} ids to + * {@link FunctionDefinition} objects. + * + * @author car + * @version $Revision: 1.3 $ + */ +public abstract class FunctionDefinitionFactory { + private static final String FACTORYID = ATTPDPProperties.PROP_FUNCTIONDEFINITIONFACTORY; + private static final String DEFAULT_FACTORY_CLASSNAME = "com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory"; + + protected FunctionDefinitionFactory() { + } + + protected FunctionDefinitionFactory(Properties properties) { + } + + /** + * Maps the given <code>Identifier</code> representing a XACML function to a <code>FunctionDefinition</code> object. + * + * @param functionId the <code>Identifier</code> of the <code>FunctionDefinition</code> to retrieve + * @return the <code>FunctionDefinition</code> for the given <code>Identifier</code> or null if not found + */ + public abstract FunctionDefinition getFunctionDefinition(Identifier functionId); + + /** + * Creates an instance of the <code>FunctionDefinitionFactory</code> using default configuration information. + * + * @return the default <code>FunctionDefinitionFactory</code> + */ + public static FunctionDefinitionFactory newInstance() throws FactoryException { + return FactoryFinder.find(FACTORYID, DEFAULT_FACTORY_CLASSNAME, FunctionDefinitionFactory.class); + } + + /** + * Creates an instance of the <code>FunctionDefinitionFactory</code> using default configuration information. + * + * @return the default <code>FunctionDefinitionFactory</code> + */ + public static FunctionDefinitionFactory newInstance(Properties properties) throws FactoryException { + return FactoryFinder.find(FACTORYID, DEFAULT_FACTORY_CLASSNAME, FunctionDefinitionFactory.class, properties); + } + + /** + * Creates an instance of the <code>FunctionDefinitionFactory</code> using the given class name. + * + * @param className the <code>String</code> class name of the <code>FunctionDefinitionFactory</code> to create + * @return the <code>FunctionDefinitionFactory</code> for the given class name. + */ + public static FunctionDefinitionFactory newInstance(String className) throws FactoryException { + return FactoryFinder.newInstance(className, FunctionDefinitionFactory.class, null, true); + } + + /** + * Creates an instance of the <code>FunctionDefinitionFactory</code> using the given class name using the given <code>ClassLoader</code>. + * + * @param className the <code>String</code> class name of the <code>FunctionDefinitionFactory</code> to create + * @param classLoader the <code>ClassLoader</code> to use to load the class with the given class name + * @return the <code>FunctionDefinitionFactory</code> for the given class name + */ + public static FunctionDefinitionFactory newInstance(String className, ClassLoader classLoader) throws FactoryException { + return FactoryFinder.newInstance(className, FunctionDefinitionFactory.class, classLoader, false); + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Match.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Match.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Match.java new file mode 100755 index 0000000..d32b8cc --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Match.java @@ -0,0 +1,243 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; + +import com.att.research.xacml.api.AttributeValue; +import com.att.research.xacml.api.DataTypeException; +import com.att.research.xacml.api.Identifier; +import com.att.research.xacml.api.StatusCode; +import com.att.research.xacml.api.XACML; +import com.att.research.xacml.std.StdStatus; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.datatypes.DataTypes; +import com.att.research.xacml.util.FactoryException; +import com.att.research.xacmlatt.pdp.eval.EvaluationContext; +import com.att.research.xacmlatt.pdp.eval.EvaluationException; +import com.att.research.xacmlatt.pdp.eval.MatchResult; +import com.att.research.xacmlatt.pdp.eval.Matchable; +import com.att.research.xacmlatt.pdp.policy.expressions.AttributeRetrievalBase; + +/** + * Match extends {@link com.att.research.xacmlatt.pdp.policy.PolicyComponent} and implements the + * {@link com.att.research.xacmlatt.pdp.eval.Matchable} interface to represent a XACML Match element. + * + * @author car + * @version $Revision: 1.2 $ + */ +public class Match extends PolicyComponent implements Matchable { + private Identifier matchId; + private AttributeValue<?> attributeValue; + private AttributeRetrievalBase attributeRetrievalBase; + private PolicyDefaults policyDefaults; + private FunctionDefinition functionDefinition; + + protected FunctionDefinition getFunctionDefinition() { + Identifier functionDefinitionId = this.getMatchId(); + if (this.functionDefinition == null && functionDefinitionId != null) { + try { + this.functionDefinition = FunctionDefinitionFactory.newInstance().getFunctionDefinition(functionDefinitionId); + } catch (FactoryException ex) { + this.setStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "FactoryException getting FunctionDefinition"); + } + } + return this.functionDefinition; + } + + public Match(StatusCode statusCodeIn, String statusMessageIn) { + super(statusCodeIn, statusMessageIn); + } + + public Match(StatusCode statusCodeIn) { + super(statusCodeIn); + } + + public Match() { + } + + public Match(Identifier matchIdIn, AttributeValue<?> attributeValueIn, AttributeRetrievalBase attributeRetrievalBaseIn, PolicyDefaults policyDefaultsIn) { + this(StdStatusCode.STATUS_CODE_OK); + this.matchId = matchIdIn; + this.attributeValue = attributeValueIn; + this.attributeRetrievalBase = attributeRetrievalBaseIn; + this.policyDefaults = policyDefaultsIn; + } + + public Identifier getMatchId() { + return this.matchId; + } + + public void setMatchId(Identifier matchIdIn) { + this.matchId = matchIdIn; + } + + public AttributeValue<?> getAttributeValue() { + return this.attributeValue; + } + + public void setAttributeValue(AttributeValue<?> attributeValueIn) { + this.attributeValue = attributeValueIn; + } + + public AttributeRetrievalBase getAttributeRetrievalBase() { + return this.attributeRetrievalBase; + } + + public void setAttributeRetrievalBase(AttributeRetrievalBase attributeRetrievalBaseIn) { + this.attributeRetrievalBase = attributeRetrievalBaseIn; + } + + public PolicyDefaults getPolicyDefaults() { + return this.policyDefaults; + } + + public void setPolicyDefaults(PolicyDefaults policyDefaultsIn) { + this.policyDefaults = policyDefaultsIn; + } + + private static MatchResult match(EvaluationContext evaluationContext, FunctionDefinition functionDefinition, FunctionArgument arg1, FunctionArgument arg2) throws EvaluationException { + List<FunctionArgument> listArguments = new ArrayList<FunctionArgument>(2); + listArguments.add(arg1); + listArguments.add(arg2); + + ExpressionResult expressionResult = functionDefinition.evaluate(evaluationContext, listArguments); + assert(expressionResult != null); + if (!expressionResult.isOk()) { + return new MatchResult(expressionResult.getStatus()); + } + + AttributeValue<Boolean> attributeValueResult = null; + try { + attributeValueResult = DataTypes.DT_BOOLEAN.convertAttributeValue(expressionResult.getValue()); + } catch (DataTypeException ex) { + return new MatchResult(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, ex.getMessage())); + } + if (attributeValueResult == null) { + return new MatchResult(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Non-boolean result from Match Function " + functionDefinition.getId() + " on " + expressionResult.getValue().toString())); + } else if (attributeValueResult.getValue().booleanValue()) { + return MatchResult.MM_MATCH; + } else { + return MatchResult.MM_NOMATCH; + } + + } + + @Override + public MatchResult match(EvaluationContext evaluationContext) throws EvaluationException { + if (!this.validate()) { + return new MatchResult(new StdStatus(this.getStatusCode(), this.getStatusMessage())); + } + + FunctionDefinition functionDefinitionMatch = this.getFunctionDefinition(); + assert(functionDefinitionMatch != null); + + AttributeValue<?> attributeValue = this.getAttributeValue(); + assert(attributeValue != null); + FunctionArgument functionArgument1 = new FunctionArgumentAttributeValue(attributeValue); + + AttributeRetrievalBase attributeRetrievalBase = this.getAttributeRetrievalBase(); + assert(attributeRetrievalBase != null); + + ExpressionResult expressionResult = attributeRetrievalBase.evaluate(evaluationContext, this.getPolicyDefaults()); + assert(expressionResult != null); + if (!expressionResult.isOk()) { + return new MatchResult(expressionResult.getStatus()); + } + + if (expressionResult.isBag()) { + MatchResult matchResult = MatchResult.MM_NOMATCH; + Bag bagAttributeValues = expressionResult.getBag(); + if (bagAttributeValues != null) { + Iterator<AttributeValue<?>> iterAttributeValues = bagAttributeValues.getAttributeValues(); + while (matchResult.getMatchCode() != MatchResult.MatchCode.MATCH && iterAttributeValues.hasNext()) { + MatchResult matchResultValue = match(evaluationContext, functionDefinitionMatch, functionArgument1, new FunctionArgumentAttributeValue(iterAttributeValues.next())); + switch(matchResultValue.getMatchCode()) { + case INDETERMINATE: + if (matchResult.getMatchCode() != MatchResult.MatchCode.INDETERMINATE) { + matchResult = matchResultValue; + } + break; + case MATCH: + matchResult = matchResultValue; + break; + case NOMATCH: + break; + } + } + } + return matchResult; + } else { + /* + * There is a single value, so add it as the second argument and do the one function evaluation + */ + AttributeValue<?> attributeValueExpressionResult = expressionResult.getValue(); + if (attributeValueExpressionResult == null) { + return new MatchResult(new StdStatus(StdStatusCode.STATUS_CODE_PROCESSING_ERROR, "Null AttributeValue")); + } + + return match(evaluationContext, functionDefinitionMatch, functionArgument1, new FunctionArgumentAttributeValue(attributeValueExpressionResult)); + } + } + + @Override + protected boolean validateComponent() { + FunctionDefinition functionDefinitionHere; + if (this.getAttributeValue() == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing AttributeValue"); + return false; + } else if (this.getMatchId() == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing MatchId"); + return false; + } else if ((functionDefinitionHere = this.getFunctionDefinition()) == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Unknown MatchId \"" + this.getMatchId().toString() + "\""); + return false; + } else if (functionDefinitionHere.returnsBag()) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "FunctionDefinition returns a bag"); + return false; + } else if (functionDefinitionHere.getDataTypeId() == null || !functionDefinitionHere.getDataTypeId().equals(XACML.ID_DATATYPE_BOOLEAN)) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Non-Boolean return type for FunctionDefinition"); + return false; + } else if (this.getAttributeRetrievalBase() == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing AttributeSelector or AttributeDesignator"); + return false; + } else { + this.setStatus(StdStatusCode.STATUS_CODE_OK, null); + return true; + } + } + + @Override + public String toString() { + StringBuilder stringBuilder = new StringBuilder("{"); + stringBuilder.append("super="); + stringBuilder.append(super.toString()); + + Object objectToDump; + if ((objectToDump = this.getMatchId()) != null) { + stringBuilder.append(",matchId="); + stringBuilder.append(objectToDump.toString()); + } + if ((objectToDump = this.getAttributeValue()) != null) { + stringBuilder.append(",attributeValue="); + stringBuilder.append(objectToDump.toString()); + } + if ((objectToDump = this.getAttributeRetrievalBase()) != null) { + stringBuilder.append(",attributeRetrieval="); + stringBuilder.append(objectToDump.toString()); + } + stringBuilder.append('}'); + return stringBuilder.toString(); + } + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ObligationExpression.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ObligationExpression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ObligationExpression.java new file mode 100755 index 0000000..3ef01ef --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/ObligationExpression.java @@ -0,0 +1,174 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.Iterator; +import java.util.List; + +import com.att.research.xacml.api.AttributeAssignment; +import com.att.research.xacml.api.Decision; +import com.att.research.xacml.api.Identifier; +import com.att.research.xacml.api.Obligation; +import com.att.research.xacml.api.StatusCode; +import com.att.research.xacml.std.StdMutableObligation; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacmlatt.pdp.eval.EvaluationContext; +import com.att.research.xacmlatt.pdp.eval.EvaluationException; + +/** + * ObligationExpression extends {@link PolicyComponent} to implement the XACML + * ObligationExpression element. + * + * @author car + * @version $Revision: 1.1 $ + */ +public class ObligationExpression extends PolicyComponent { + private Identifier obligationId; + private RuleEffect ruleEffect; + private List<AttributeAssignmentExpression> attributeAssignmentExpressions; + + protected List<AttributeAssignmentExpression> getAttributeAssignmentExpressionList(boolean bNoNull) { + if (this.attributeAssignmentExpressions == null && bNoNull) { + this.attributeAssignmentExpressions = new ArrayList<AttributeAssignmentExpression>(); + } + return this.attributeAssignmentExpressions; + } + + protected void clearAttributeAssignmentExpressions() { + if (this.attributeAssignmentExpressions != null) { + this.attributeAssignmentExpressions.clear(); + } + } + + public ObligationExpression(StatusCode statusCodeIn, String statusMessageIn) { + super(statusCodeIn, statusMessageIn); + } + + public ObligationExpression(StatusCode statusCodeIn) { + super(statusCodeIn); + } + + public ObligationExpression() { + } + + public Identifier getObligationId() { + return this.obligationId; + } + + public void setObligationId(Identifier identifier) { + this.obligationId = identifier; + } + + public RuleEffect getRuleEffect() { + return this.ruleEffect; + } + + public void setRuleEffect(RuleEffect ruleEffectIn) { + this.ruleEffect = ruleEffectIn; + } + + public Iterator<AttributeAssignmentExpression> getAttributeAssignmentExpressions() { + List<AttributeAssignmentExpression> listAttributeAssignmentExpressions = this.getAttributeAssignmentExpressionList(false); + return (listAttributeAssignmentExpressions == null ? null : listAttributeAssignmentExpressions.iterator()); + } + + public void setAttributeAssignmentExpressions(Collection<AttributeAssignmentExpression> attributeAssignmentExpressionsIn) { + this.clearAttributeAssignmentExpressions(); + if (attributeAssignmentExpressionsIn != null) { + this.addAttributeAssignmentExpressions(attributeAssignmentExpressionsIn); + } + } + + public void addAttributeAssignmentExpression(AttributeAssignmentExpression attributeAssignmentExpression) { + List<AttributeAssignmentExpression> listAttributeAssignmentExpressions = this.getAttributeAssignmentExpressionList(true); + listAttributeAssignmentExpressions.add(attributeAssignmentExpression); + } + + public void addAttributeAssignmentExpressions(Collection<AttributeAssignmentExpression> attributeAssignmentExpressionsIn) { + List<AttributeAssignmentExpression> listAttributeAssignmentExpressions = this.getAttributeAssignmentExpressionList(true); + listAttributeAssignmentExpressions.addAll(attributeAssignmentExpressionsIn); + } + + /** + * Evaluates this <code>ObligationExpression</code> in the given {@link com.att.research.xacmlatt.pdp.eval.EvaluationContext} + * to get an {@link com.att.research.xacml.api.Obligation} to include in a PDP result. + * + * @param evaluationContext the <code>EvaluationContext</code> in which to evaluate this <code>ObligationExpression</code> + * @param policyDefaults the <code>PolicyDefaults</code> to apply to the evaluation + * @return a new <code>Obliagion</code> from this <code>ObligationExpression</code> + * @throws com.att.research.xacmlatt.pdp.eval.EvaluationException if there is an error evaluating any of the <code>AttributeAssignmentExpression</code>s + */ + public Obligation evaluate(EvaluationContext evaluationContext, PolicyDefaults policyDefaults) throws EvaluationException { + if (!this.validate()) { + return null; + } + List<AttributeAssignment> listAttributeAssignments = new ArrayList<AttributeAssignment>(); + Iterator<AttributeAssignmentExpression> iterAttributeAssignmentExpressions = this.getAttributeAssignmentExpressions(); + if (iterAttributeAssignmentExpressions != null) { + while (iterAttributeAssignmentExpressions.hasNext()) { + AttributeAssignmentResult attributeAssignmentResult = iterAttributeAssignmentExpressions.next().evaluate(evaluationContext, policyDefaults); + if (attributeAssignmentResult.isOk() && attributeAssignmentResult.getNumAttributeAssignments() > 0) { + Iterator<AttributeAssignment> iterAttributeAssignments = attributeAssignmentResult.getAttributeAssignments(); + while (iterAttributeAssignments.hasNext()) { + listAttributeAssignments.add(iterAttributeAssignments.next()); + } + } + } + } + return new StdMutableObligation(this.getObligationId(), listAttributeAssignments); + } + + /** + * Evaluates a <code>Collection</code> of <code>ObligationExpression</code>s in the given <code>EvaluationContext</code> and returns + * a <code>List</code> of <code>Obligation</code>s. + * + * @param evaluationContext + * @param policyDefaults + * @param listObligationExpressions + * @return + * @throws com.att.research.xacmlatt.pdp.eval.EvaluationException + */ + public static List<Obligation> evaluate(EvaluationContext evaluationContext, PolicyDefaults policyDefaults, Decision decision, Collection<ObligationExpression> listObligationExpressions) throws EvaluationException { + List<Obligation> listObligations = new ArrayList<Obligation>(); + Iterator<ObligationExpression> iterObligationExpressions = listObligationExpressions.iterator(); + while (iterObligationExpressions.hasNext()) { + ObligationExpression obligationExpression = iterObligationExpressions.next(); + obligationExpression.validateComponent(); + if ( ! obligationExpression.isOk()) { + throw new EvaluationException(obligationExpression.getStatusMessage()); + } + if (decision == null || obligationExpression.getRuleEffect().getDecision().equals(decision)) { + Obligation obligation = obligationExpression.evaluate(evaluationContext, policyDefaults); + if (obligation != null) { + listObligations.add(obligation); + } + } + } + return listObligations; + } + + @Override + protected boolean validateComponent() { + if (this.getObligationId() == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing ObligationId attribute"); + return false; + } else if (this.getRuleEffect() == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing FulfillOn attribute"); + return false; + } else { + this.setStatus(StdStatusCode.STATUS_CODE_OK, null); + return true; + } + } + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Policy.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Policy.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Policy.java new file mode 100755 index 0000000..a7efaa5 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/Policy.java @@ -0,0 +1,323 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ + +package com.att.research.xacmlatt.pdp.policy; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.Iterator; +import java.util.List; + +import com.att.research.xacml.api.Decision; +import com.att.research.xacml.api.Result; +import com.att.research.xacml.api.StatusCode; +import com.att.research.xacml.std.StdStatus; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.trace.StdTraceEvent; +import com.att.research.xacml.util.StringUtils; +import com.att.research.xacmlatt.pdp.eval.EvaluationContext; +import com.att.research.xacmlatt.pdp.eval.EvaluationException; +import com.att.research.xacmlatt.pdp.eval.EvaluationResult; +import com.att.research.xacmlatt.pdp.eval.MatchResult; + +/** + * Policy extends {@link com.att.research.xacmlatt.pdp.policy.PolicyDef} to represent a XACML 3.0 Policy element. + * + * @author car + * @version $Revision: 1.2 $ + */ +public class Policy extends PolicyDef { + private TargetedCombinerParameterMap<String,Rule> ruleCombinerParameters = new TargetedCombinerParameterMap<String,Rule>(); + private VariableMap variableMap = new VariableMap(); + private List<Rule> rules = new ArrayList<Rule>(); + private List<CombiningElement<Rule>> combiningRules; + private CombiningAlgorithm<Rule> ruleCombiningAlgorithm; + + @Override + protected boolean validateComponent() { + if (super.validateComponent()) { + if (this.getRuleCombiningAlgorithm() == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing rule combining algorithm"); + return false; + } else { + return true; + } + } else { + return false; + } + } + + /** + * Performs lazy evaluation of the combining parameters from this <code>Policy</code>. + * + * @return the <code>List</code> of <code>CombiningElement</code>s for all of the <code>Rule</code>s + */ + protected List<CombiningElement<Rule>> getCombiningRules() { + if (this.combiningRules == null) { + this.combiningRules = new ArrayList<CombiningElement<Rule>>(); + Iterator<Rule> iterRules = this.getRules(); + while (iterRules.hasNext()) { + Rule rule = iterRules.next(); + this.combiningRules.add(new CombiningElement<Rule>(rule, this.ruleCombinerParameters.getCombinerParameters(rule))); + } + } + return this.combiningRules; + } + + public Policy(PolicySet policySetParent, StatusCode statusCodeIn, String statusMessageIn) { + super(policySetParent, statusCodeIn, statusMessageIn); + } + + public Policy(StatusCode statusCodeIn, String statusMessageIn) { + super(statusCodeIn, statusMessageIn); + } + + public Policy(StatusCode statusCodeIn) { + super(statusCodeIn); + } + + public Policy(PolicySet policySetParent) { + super(policySetParent); + } + + public Policy() { + super(); + ruleCombinerParameters.getTargetedCombinerParameters(); + } + + /** + * Gets an <code>Iterator</code> over the {@link com.att.research.xacmlatt.pdp.policy.TargetedCombinerParameter}s for + * the {@link Rule}s in this <code>Policy</code>. + * + * @return an <code>Iterator</code> over the <code>TargetedCombinerParameter</code>s for this <code>Policy</code>. + */ + public Iterator<TargetedCombinerParameter<String,Rule>> getRuleCombinerParameters() { + return this.ruleCombinerParameters.getTargetedCombinerParameters(); + } + + /** + * Sets the Rule combiner parameters for this <code>Policy</code> to the contents of the given <code>Collection</code> of + * <code>TargetedCombinerParameter</code>s. + * + * @param ruleCombinerParameters the <code>Collection</code> of <code>TargetedCombinerParameter</code>s to set + */ + public void setRuleCombinerParameters(Collection<TargetedCombinerParameter<String,Rule>> ruleCombinerParameters) { + this.ruleCombinerParameters.setCombinerParameters(ruleCombinerParameters); + } + + /** + * Adds the given <code>TargetedCombinerParameter</code> to the set of Rule combiner parameters for this <code>Policy</code>. + * @param ruleCombinerParameter the <code>TargetedCombinerParameter</code> for <code>Rule</code>s to add. + */ + public void addRuleCombinerParameter(TargetedCombinerParameter<String,Rule> ruleCombinerParameter) { + this.ruleCombinerParameters.addCombinerParameter(ruleCombinerParameter); + } + + /** + * Adds the contents of the given <code>Collection</code> of <code>TargetedCombinerParameter</code>s to the set of Rule combiner parameters + * for this <code>Policy</code>. + * + * @param ruleCombinerParameters the <code>Collection</code> of <code>TargetedCombinerParameter</code>s to add + */ + public void addRuleCombinerParameters(Collection<TargetedCombinerParameter<String,Rule>> ruleCombinerParameters) { + this.ruleCombinerParameters.addCombinerParameters(ruleCombinerParameters); + } + + /** + * Gets an <code>Iterator</code> over the {@link com.att.research.xacmlatt.pdp.policy.VariableDefinition}s in this <code>Policy</code>. + * + * @return an <code>Iterator</code> over the <code>VariableDefinition</code>s in this <code>Policy</code> + */ + public Iterator<VariableDefinition> getVariableDefinitions() { + return this.variableMap.getVariableDefinitions(); + } + + /** + * Gets the <code>VariableDefinition</code> for the given <code>String</code> variable identifier. + * + * @param variableId the <code>String</code> variable identifier + * @return the <code>VariableDefinition</code> with the given <code>String</code> identifier or null if not found + */ + public VariableDefinition getVariableDefinition(String variableId) { + return this.variableMap.getVariableDefinition(variableId); + } + + /** + * Sets the <code>VariableDefinition</code>s in this <code>Policy</code> to the contents of the given <code>Collection</code>. + * + * @param listVariableDefinitions the <code>Collection</code> of <code>VariableDefinition</code>s to set + */ + public void setVariableDefinitions(Collection<VariableDefinition> listVariableDefinitions) { + this.variableMap.setVariableDefinitions(listVariableDefinitions); + } + + /** + * Adds the given <code>VariableDefinition</code> to the set of <code>VariableDefinition</code>s for this <code>Policy</code>. + * + * @param variableDefinition the <code>VariableDefinition</code> to add + */ + public void addVariableDefinition(VariableDefinition variableDefinition) { + this.variableMap.add(variableDefinition); + } + + /** + * Adds the contents of the given <code>Collection</code> of <code>VariableDefinition</code>s to this <code>Policy</code>. + * + * @param variableDefinitions the <code>Collection</code> of <code>VariableDefinition</code>s to add. + */ + public void addVariableDefinitions(Collection<VariableDefinition> variableDefinitions) { + this.variableMap.addVariableDefinitions(variableDefinitions); + } + + /** + * Gets an <code>Iterator</code> over the <code>Rule</code>s in this <code>Policy</code> or null if there are none. + * + * @return an <code>Iterator</code> over the <code>Rule</code>s in this <code>Policy</code> or null if there are none. + */ + public Iterator<Rule> getRules() { + return this.rules.iterator(); + } + + /** + * Sets the <code>Rule</code>s for this <code>Policy</code> to the contents of the given <code>Collection</code> of + * <code>Rule</code>s. If the <code>Collection</code> is null, the set of <code>Rule</code>s for this <code>Policy</code> is set to null. + * + * @param listRules the <code>Collection</code> of <code>Rule</code>s or null + */ + public void setRules(Collection<Rule> listRules) { + this.rules.clear(); + if (listRules != null) { + this.addRules(listRules); + } + } + + /** + * Adds the given <code>Rule</code> to the set of <code>Rule</code>s for this <code>Policy</code>. + * + * @param rule the <code>Rule</code> to add + */ + public void addRule(Rule rule) { + this.rules.add(rule); + } + + /** + * Adds the contents of the given <code>Collection</code> of <code>Rule</code>s to the set of <code>Rule</code>s for + * this <code>Policy</code>. + * + * @param listRules the <code>Collection</code> of <code>Rule</code>s to add + */ + public void addRules(Collection<Rule> listRules) { + this.rules.addAll(listRules); + } + + /** + * Gets the <code>CombiningAlgorithm</code> for <code>Rule</code>s for this <code>Policy</code>. + * + * @return the <code>CombiningAlgorithm</code> for <code>Rule</code>s for this <code>Policy</code>. + */ + public CombiningAlgorithm<Rule> getRuleCombiningAlgorithm() { + return this.ruleCombiningAlgorithm; + } + + /** + * Sets the <code>CombiningAlgorithm</code> for <code>Rule</code>s for this <code>Policy</code>> + * + * @param ruleCombiningAlgorithmIn the <code>CombiningAlgorithm</code> for <code>Rule</code>s for this <code>Policy</code> + */ + public void setRuleCombiningAlgorithm(CombiningAlgorithm<Rule> ruleCombiningAlgorithmIn) { + this.ruleCombiningAlgorithm = ruleCombiningAlgorithmIn; + } + + @Override + public EvaluationResult evaluate(EvaluationContext evaluationContext) throws EvaluationException { + /* + * First check to see if we are valid. If not, return an error status immediately + */ + if (!this.validate()) { + return new EvaluationResult(new StdStatus(this.getStatusCode(), this.getStatusMessage())); + } + + /* + * See if we match + */ + MatchResult thisMatchResult = this.match(evaluationContext); + assert(thisMatchResult != null); + if (evaluationContext.isTracing()) { + evaluationContext.trace(new StdTraceEvent<MatchResult>("Match", this, thisMatchResult)); + } + switch(thisMatchResult.getMatchCode()) { + case INDETERMINATE: + return new EvaluationResult(Decision.INDETERMINATE, thisMatchResult.getStatus()); + case MATCH: + break; + case NOMATCH: + return new EvaluationResult(Decision.NOTAPPLICABLE); + } + + /* + * Get the combining elements + */ + List<CombiningElement<Rule>> ruleCombiningElements = this.getCombiningRules(); + assert(ruleCombiningElements != null); + + /* + * Run the combining algorithm + */ + assert(this.getRuleCombiningAlgorithm() != null); + EvaluationResult evaluationResultCombined = this.getRuleCombiningAlgorithm().combine(evaluationContext, ruleCombiningElements, this.getCombinerParameterList()); + assert(evaluationResultCombined != null); + + if (evaluationResultCombined.getDecision() == Decision.DENY || evaluationResultCombined.getDecision() == Decision.PERMIT) { + this.updateResult(evaluationResultCombined, evaluationContext); + + /* + * Add my id to the policy identifiers + */ + if (evaluationContext.getRequest().getReturnPolicyIdList()) { + evaluationResultCombined.addPolicyIdentifier(this.getIdReference()); + } + } + if (evaluationContext.isTracing()) { + evaluationContext.trace(new StdTraceEvent<Result>("Result", this, evaluationResultCombined)); + } + return evaluationResultCombined; + } + + @Override + public String toString() { + StringBuilder stringBuilder = new StringBuilder("{"); + stringBuilder.append("super="); + stringBuilder.append(super.toString()); + + String iteratorToDump; + if ((iteratorToDump = StringUtils.toString(this.getRuleCombinerParameters())) != null) { + stringBuilder.append(",ruleCombinerParameters="); + stringBuilder.append(iteratorToDump); + } + if ((iteratorToDump = StringUtils.toString(this.getVariableDefinitions())) != null) { + stringBuilder.append(",variableDefinitions="); + stringBuilder.append(iteratorToDump); + } + if ((iteratorToDump = StringUtils.toString(this.getRules())) != null) { + stringBuilder.append(",rules="); + stringBuilder.append(iteratorToDump); + } + + Object objectToDump; + if ((objectToDump = this.getRuleCombiningAlgorithm()) != null) { + stringBuilder.append(",ruleCombiningAlgorithm="); + stringBuilder.append(objectToDump.toString()); + } + stringBuilder.append('}'); + return stringBuilder.toString(); + } + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/PolicyComponent.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/PolicyComponent.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/PolicyComponent.java new file mode 100755 index 0000000..9195249 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/PolicyComponent.java @@ -0,0 +1,144 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import com.att.research.xacml.api.StatusCode; +import com.att.research.xacml.std.StdStatusCode; + +/** + * PolicyComponent is the base class for all pieces of a XACML Policy or PolicySet that could potentially have errors associated + * with them by the policy loader. + * + * @author car + * @version $Revision: 1.1 $ + */ +abstract class PolicyComponent { + private StatusCode statusCode; + private String statusMessage; + + /** + * Creates a new <code>PolicyComponent</code> with the given {@link com.att.research.xacml.api.StatusCode} and + * <code>String</code> detailed message. If the <code>StatusCode</code> is null, a default OK status code is used. + * + * @param statusCodeIn the <code>StatusCode</code> for the new <code>PolicyComponent</code> + * @param statusMessageIn the <code>String</code> detailed status message for the new <code>PolicyComponent</code> + */ + public PolicyComponent(StatusCode statusCodeIn, String statusMessageIn) { + this.statusCode = statusCodeIn; + this.statusMessage = statusMessageIn; + } + + /** + * Creates a new <code>PolicyComponent</code> with the given <code>StatusCode</code> and no status message. + * + * @param statusCodeIn the <code>StatusCode</code> for the new <code>PolicyComponent</code> + */ + public PolicyComponent(StatusCode statusCodeIn) { + this(statusCodeIn, null); + } + + /** + * Creates a new <code>PolicyCOmponent</code> with no <code>StatusCode</code> or status message. + */ + public PolicyComponent() { + this(null, null); + } + + /** + * Gets the <code>StatusCode</code> associated with this <code>PolicyComponent</code>. + * + * @return the <code>StatusCode</code> associated with this <code>PolicyComponent</code> + */ + public StatusCode getStatusCode() { + return this.statusCode; + } + + /** + * Gets the <code>String</code> status message associated with this <code>PolicyComponent</code>. + * + * @return the <code>String</code> status message associated with this <code>PolicyComponent</code> or null if none + */ + public String getStatusMessage() { + return this.statusMessage; + } + + /** + * Sets the <code>StatusCode</code> and <code>String</code> status message for this <code>PolicyComponent</code>. + * This method is mainly provided for objects that may have lazy evaluations performed on them, in which case the + * status is not determined until the object is actually used. + * + * @param statusCodeIn the <code>StatusCode</code> for this <code>PolicyComponent</code> + * @param messageIn the <code>String</code> status message for this <code>PolicyComponent</code> + */ + public void setStatus(StatusCode statusCodeIn, String messageIn) { + this.statusCode = statusCodeIn; + this.statusMessage = messageIn; + } + + /** + * Does a check on the <code>StatusCode</code> for this element to determine if it is equivalent to the + * OK status code. + * + * @return true if the <code>StatusCode</code> is equivalent to OK, otherwise false + */ + public boolean isOk() { + return StdStatusCode.STATUS_CODE_OK.equals(this.getStatusCode()); + } + + /** + * Validates that this <code>PolicyComponent</code> has all of the required elements according to the XACML 3.0 + * specification. If the component is not valid, this method should set the <code>StatusCode</code> to reflect a + * syntax error, and should set the status message to reflect the invalid piece(s). + * + * <code>PolicyComponent</code>s that implement this method should only validate their immediate elements and not perform + * a deep validation of descendents. + * + * @return true if the resulting status code is OK, otherwise false + */ + abstract protected boolean validateComponent(); + + /** + * If a <code>StatusCode</code> has not been set, ask this <code>PolicyComponent</code> to validate itself and return + * the value from the validation. Otherwise, check to see if the cached <code>StatusCode</code> indicates this <code>PolicyComponent</code> is valid. + * + * @return true if this <code>PolicyComponent</code> is valid, else false. + */ + public boolean validate() { + if (this.getStatusCode() == null) { + return this.validateComponent(); + } else { + return this.isOk(); + } + } + + @Override + public String toString() { + StringBuilder stringBuilder = new StringBuilder("{"); + Object objectToDump; + boolean needsComma = false; + if ((objectToDump = this.getStatusCode()) != null) { + stringBuilder.append("statusCode="); + stringBuilder.append(objectToDump.toString()); + needsComma = true; + } + if ((objectToDump = this.getStatusMessage()) != null) { + if (needsComma) { + stringBuilder.append(','); + } + stringBuilder.append("statusMessage="); + stringBuilder.append((String)objectToDump); + needsComma = true; + } + stringBuilder.append('}'); + return stringBuilder.toString(); + } + +}
