http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/VariableDefinition.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/VariableDefinition.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/VariableDefinition.java new file mode 100755 index 0000000..017dd12 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/VariableDefinition.java @@ -0,0 +1,106 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import com.att.research.xacml.api.StatusCode; +import com.att.research.xacml.std.StdStatusCode; + +/** + * VariableDefinition extends {@link PolicyComponent} to represent a XACML VariableDefinition element. + * + * @author car + * @version $Revision: 1.1 $ + */ +public class VariableDefinition extends PolicyComponent { + private String id; + private Expression expression; + + public VariableDefinition(StatusCode statusCodeIn, String statusMessageIn) { + super(statusCodeIn, statusMessageIn); + } + + public VariableDefinition(StatusCode statusCodeIn) { + super(statusCodeIn); + } + + public VariableDefinition() { + super(); + } + + /** + * Gets the id of the variable for this <code>VariableDefinition</code>. + * + * @return the <code>String</code> id for the variable for this <code>VariableDefinition</code>. + */ + public String getId() { + return this.id; + } + + /** + * Sets the id of the variable for this <code>VariableDefinition</code>. + * + * @param idIn the <code>String</code> id for the variable for this <code>VariableDefinition</code>. + */ + public void setId(String idIn) { + this.id = idIn; + } + + /** + * Gets the {@link Expression} for this <code>VariableDefinition</code>. + * + * @return the <code>Expression</code> for this <code>VariableDefinition</code>. + */ + public Expression getExpression() { + return this.expression; + } + + /** + * Sets the <code>Expression</code> for this <code>VariableDefinition</code>. + * + * @param expressionIn the <code>Expression</code> for this <code>VariableDefinition</code> + */ + public void setExpression(Expression expressionIn) { + this.expression = expressionIn; + } + + @Override + public String toString() { + StringBuilder stringBuilder = new StringBuilder("{"); + stringBuilder.append("super="); + stringBuilder.append(super.toString()); + + Object objectToDump; + if ((objectToDump = this.getId()) != null) { + stringBuilder.append(",id="); + stringBuilder.append((String)objectToDump); + } + if ((objectToDump = this.getExpression()) != null) { + stringBuilder.append(",expression="); + stringBuilder.append(objectToDump.toString()); + } + stringBuilder.append('}'); + return stringBuilder.toString(); + } + + @Override + protected boolean validateComponent() { + if (this.getId() == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing variable id"); + return false; + } else if (this.getExpression() == null) { + this.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, "Missing variable expression"); + return false; + } else { + this.setStatus(StdStatusCode.STATUS_CODE_OK, null); + return true; + } + } +}
http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/VariableMap.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/VariableMap.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/VariableMap.java new file mode 100755 index 0000000..4d55a9d --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/VariableMap.java @@ -0,0 +1,116 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import com.att.research.xacml.util.StringUtils; + +/** + * VariableMap is a collection of {@link com.att.research.xacmlatt.pdp.policy.VariableDefinition}s that are accessible by + * the variable identifier. + * + * @author car + * @version $Revision: 1.1 $ + */ +public class VariableMap { + private List<VariableDefinition> variableDefinitions; + private Map<String, VariableDefinition> mapVariableDefinitions; + + private void ensureVariableDefinitions() { + if (this.variableDefinitions == null) { + this.variableDefinitions = new ArrayList<VariableDefinition>(); + } + } + + private void ensureMap() { + if (this.mapVariableDefinitions == null) { + this.mapVariableDefinitions = new HashMap<String, VariableDefinition>(); + } + } + + public VariableMap() { + } + + /** + * Gets the <code>VariableDefinition</code> with the given <code>String</code> id. + * + * @param variableId the <code>String</code> identifier of the <code>VariableDefinition</code> to retrieve + * @return the <code>VariableDefinition</code> with the given <code>String</code> id or null if not found. + */ + public VariableDefinition getVariableDefinition(String variableId) { + return (this.mapVariableDefinitions == null ? null : this.mapVariableDefinitions.get(variableId)); + } + + /** + * Gets an <code>Iterator</code> over the <code>VariableDefinition</code>s in this <code>VariableMap</code> + * in the order they were added. + * + * @return an <code>Iterator</code> over the <code>VariableDefinition</code>s in this <code>VariableMap</code> + */ + public Iterator<VariableDefinition> getVariableDefinitions() { + return (this.variableDefinitions == null ? null : this.variableDefinitions.iterator()); + } + + /** + * Adds the given <code>VariableDefinition</code> to this <code>VariableMap</code>. + * + * @param variableDefinition the <code>VariableDefinition</code> to add + */ + public void add(VariableDefinition variableDefinition) { + this.ensureMap(); + this.ensureVariableDefinitions(); + this.variableDefinitions.add(variableDefinition); + this.mapVariableDefinitions.put(variableDefinition.getId(), variableDefinition); + } + + /** + * Adds the contents of the given <code>Collection</code> of <code>VariableDefinition</code>s to the set of + * <code>VariableDefinition</code>s in this <code>VariableMap</code>> + * + * @param listVariableDefinitions the <code>Collection</code> of <code>VariableDefinition</code>s to add + */ + public void addVariableDefinitions(Collection<VariableDefinition> listVariableDefinitions) { + for (VariableDefinition variableDefinition: listVariableDefinitions) { + this.add(variableDefinition); + } + } + + /** + * Sets the <code>VariableDefinition</code>s in this <code>VariableMap</code> to the contents of the given + * <code>Collection</code>. + * + * @param listVariableDefinitions the <code>Collection</code> of <code>VariableDefinition</code> to set + */ + public void setVariableDefinitions(Collection<VariableDefinition> listVariableDefinitions) { + this.variableDefinitions = null; + this.mapVariableDefinitions = null; + if (listVariableDefinitions != null) { + this.addVariableDefinitions(variableDefinitions); + } + } + + @Override + public String toString() { + StringBuilder stringBuilder = new StringBuilder("{"); + if (this.mapVariableDefinitions.size() > 0) { + stringBuilder.append("variableDefinitions="); + stringBuilder.append(StringUtils.toString(this.mapVariableDefinitions.values().iterator())); + } + stringBuilder.append('}'); + return stringBuilder.toString(); + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAdviceExpression.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAdviceExpression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAdviceExpression.java new file mode 100755 index 0000000..eda3962 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAdviceExpression.java @@ -0,0 +1,191 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.AdviceExpression; +import com.att.research.xacmlatt.pdp.policy.Policy; +import com.att.research.xacmlatt.pdp.policy.RuleEffect; + +/** + * DOMAdviceExpression extends {@link com.att.research.xacmlatt.pdp.policy.AdviceExpression} with methods for creation + * from {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.2 $ + */ +public class DOMAdviceExpression extends AdviceExpression { + private static final Log logger = LogFactory.getLog(DOMAdviceExpression.class); + + protected DOMAdviceExpression() { + } + + /** + * Creates a new <code>AdviceExpression</code> by parsing the given <code>Node</code> representing a XACML AdviceExpression element. + * + * @param nodeAdviceExpression the <code>Node</code> representing the XACML AdviceExpression element + * @param policy the {@link com.att.research.xacmlatt.pdp.policy.Policy} encompassing the AdviceExpression element + * @return a new <code>AdviceExpression</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static AdviceExpression newInstance(Node nodeAdviceExpression, Policy policy) throws DOMStructureException { + Element elementAdviceExpression = DOMUtil.getElement(nodeAdviceExpression); + boolean bLenient = DOMProperties.isLenient(); + + DOMAdviceExpression domAdviceExpression = new DOMAdviceExpression(); + + try { + NodeList children = elementAdviceExpression.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_ATTRIBUTEASSIGNMENTEXPRESSION.equals(child.getLocalName())) { + domAdviceExpression.addAttributeAssignmentExpression(DOMAttributeAssignmentExpression.newInstance(child, policy)); + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, nodeAdviceExpression); + } + } + } + } + + domAdviceExpression.setAdviceId(DOMUtil.getIdentifierAttribute(elementAdviceExpression, XACML3.ATTRIBUTE_ADVICEID, !bLenient)); + + String string = DOMUtil.getStringAttribute(elementAdviceExpression, XACML3.ATTRIBUTE_APPLIESTO, !bLenient); + RuleEffect ruleEffect = RuleEffect.getRuleEffect(string); + if (ruleEffect == null && !bLenient) { + throw new DOMStructureException(nodeAdviceExpression, "Unknown EffectType \"" + string + "\""); + } else { + domAdviceExpression.setAppliesTo(ruleEffect); + } + } catch (DOMStructureException ex) { + domAdviceExpression.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + + return domAdviceExpression; + } + + public static boolean repair(Node nodeAdviceExpression) throws DOMStructureException { + Element elementAdviceExpression = DOMUtil.getElement(nodeAdviceExpression); + boolean result = false; + + NodeList children = elementAdviceExpression.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_ATTRIBUTEASSIGNMENTEXPRESSION.equals(child.getLocalName())) { + result = DOMAttributeAssignmentExpression.repair(child) || result; + } else { + logger.warn("Unexpected element " + child.getNodeName()); + nodeAdviceExpression.removeChild(child); + result = true; + } + } + } + } + + result = DOMUtil.repairIdentifierAttribute(elementAdviceExpression, XACML3.ATTRIBUTE_ADVICEID, logger) || result; + result = DOMUtil.repairStringAttribute(elementAdviceExpression, XACML3.ATTRIBUTE_APPLIESTO, RuleEffect.DENY.getName(), logger) || result; + String stringRuleEffect = DOMUtil.getStringAttribute(elementAdviceExpression, XACML3.ATTRIBUTE_APPLIESTO); + RuleEffect ruleEffect = RuleEffect.getRuleEffect(stringRuleEffect); + if (ruleEffect == null) { + logger.warn("Setting invalid RuleEffect " + stringRuleEffect + " to " + RuleEffect.DENY.getName()); + elementAdviceExpression.setAttribute(XACML3.ATTRIBUTE_APPLIESTO, RuleEffect.DENY.getName()); + result = true; + } + return result; + } + + /** + * Creates a <code>List</code> of <code>AdviceExpression</code>s by parsing the given <code>Node</code> representing a + * XACML AdviceExpressions element. + * + * @param nodeAdviceExpressions the <code>Node</code> representing the XACML AdviceExpressions element + * @param policy the <code>Policy</code> encompassing the AdviceExpressions element + * @return a new <code>List</code> of <code>AdviceExpression</code>s parsed from the given <code>Node</code>. + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static List<AdviceExpression> newList(Node nodeAdviceExpressions, Policy policy) throws DOMStructureException { + Element elementAdviceExpressions = DOMUtil.getElement(nodeAdviceExpressions); + boolean bLenient = DOMProperties.isLenient(); + + List<AdviceExpression> listAdviceExpressions = new ArrayList<AdviceExpression>(); + + NodeList children = elementAdviceExpressions.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_ADVICEEXPRESSION.equals(child.getLocalName())) { + listAdviceExpressions.add(DOMAdviceExpression.newInstance(child, policy)); + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, nodeAdviceExpressions); + } + } + } + } + + if (listAdviceExpressions.size() == 0 && !bLenient) { + throw DOMUtil.newMissingElementException(nodeAdviceExpressions, XACML3.XMLNS, XACML3.ELEMENT_ADVICEEXPRESSION); + } + return listAdviceExpressions; + } + + public static boolean repairList(Node nodeAdviceExpressions) throws DOMStructureException { + Element elementAdviceExpressions = DOMUtil.getElement(nodeAdviceExpressions); + boolean result = false; + + boolean sawAdviceExpression = false; + NodeList children = elementAdviceExpressions.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_ADVICEEXPRESSION.equals(child.getLocalName())) { + sawAdviceExpression = true; + result = result || DOMAdviceExpression.repair(child); + } else { + logger.warn("Unexpected element " + child.getNodeName()); + nodeAdviceExpressions.removeChild(child); + result = true; + } + } + } + } + + if (!sawAdviceExpression) { + throw DOMUtil.newMissingElementException(nodeAdviceExpressions, XACML3.XMLNS, XACML3.ELEMENT_ADVICEEXPRESSION); + } + + return result; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAllOf.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAllOf.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAllOf.java new file mode 100755 index 0000000..c169bc7 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAllOf.java @@ -0,0 +1,109 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.AllOf; + +/** + * DOMAllOf extends {@link com.att.research.xacmlatt.pdp.policy.AllOf} with methods for creation from + * DOM {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.2 $ + */ +public class DOMAllOf extends AllOf { + private static final Log logger = LogFactory.getLog(DOMAllOf.class); + + protected DOMAllOf() { + } + + /** + * Creates a new <code>DOMAllOf</code> by parsing the given <code>Node</code> representing a XACML AllOf element. + * + * @param nodeAllOf the <code>Node</code> representing the XACML AllOf element + * @return a new <code>DOMAllOf</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the given <code>Node</code> + */ + public static AllOf newInstance(Node nodeAllOf) throws DOMStructureException { + Element elementAllOf = DOMUtil.getElement(nodeAllOf); + boolean bLenient = DOMProperties.isLenient(); + + DOMAllOf domAllOf = new DOMAllOf(); + + try { + NodeList children = elementAllOf.getChildNodes(); + int numChildren; + boolean sawMatch = false; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_MATCH.equals(child.getLocalName())) { + domAllOf.addMatch(DOMMatch.newInstance(child)); + sawMatch = true; + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, nodeAllOf); + } + } + } + } + if (!sawMatch && !bLenient) { + throw DOMUtil.newMissingElementException(nodeAllOf, XACML3.XMLNS, XACML3.ELEMENT_MATCH); + } + } catch (DOMStructureException ex) { + domAllOf.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + return domAllOf; + } + + public static boolean repair(Node nodeAllOf) throws DOMStructureException { + Element elementAllOf = DOMUtil.getElement(nodeAllOf); + boolean result = false; + + NodeList children = elementAllOf.getChildNodes(); + int numChildren; + boolean sawMatch = false; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_MATCH.equals(child.getLocalName())) { + result = DOMMatch.repair(child) || result; + sawMatch = true; + } else { + logger.warn("Unexpected element " + child.getNodeName()); + elementAllOf.removeChild(child); + result = true; + } + } + } + } + if (!sawMatch) { + throw DOMUtil.newMissingElementException(nodeAllOf, XACML3.XMLNS, XACML3.ELEMENT_MATCH); + } + + return result; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAnyOf.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAnyOf.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAnyOf.java new file mode 100755 index 0000000..882ce67 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAnyOf.java @@ -0,0 +1,100 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.AnyOf; + +/** + * DOMAnyOf extends {@link com.att.research.xacmlatt.pdp.policy.AnyOf} with methods for creation + * from DOM {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.2 $ + */ +public class DOMAnyOf extends AnyOf { + private static final Log logger = LogFactory.getLog(DOMAnyOf.class); + + protected DOMAnyOf() { + } + + /** + * Creates a new <code>DOMAnyOf</code> by parsing the given <code>Node</code> representing a XACML AnyOf element. + * + * @param nodeAnyOf the <code>Node</code> representing the XACML AnyOf element + * @return a new <code>DOMAnyOf</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the given <code>Node</code>. + */ + public static AnyOf newInstance(Node nodeAnyOf) throws DOMStructureException { + Element elementAnyOf = DOMUtil.getElement(nodeAnyOf); + boolean bLenient = DOMProperties.isLenient(); + + DOMAnyOf domAnyOf = new DOMAnyOf(); + + try { + NodeList children = elementAnyOf.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && (XACML3.ELEMENT_ALLOF.equals(child.getLocalName()))) { + domAnyOf.addAllOf(DOMAllOf.newInstance(child)); + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, nodeAnyOf); + } + } + } + } + } catch (DOMStructureException ex) { + domAnyOf.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + + return domAnyOf; + } + + public static boolean repair(Node nodeAnyOf) throws DOMStructureException { + Element elementAnyOf = DOMUtil.getElement(nodeAnyOf); + boolean result = false; + + NodeList children = elementAnyOf.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && (XACML3.ELEMENT_ALLOF.equals(child.getLocalName()))) { + result = DOMAllOf.repair(child) || result; + } else { + logger.warn("Unexpected element " + child.getNodeName()); + elementAnyOf.removeChild(child); + result = true; + } + } + } + } + + return result; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMApply.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMApply.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMApply.java new file mode 100755 index 0000000..1ca3021 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMApply.java @@ -0,0 +1,111 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.Policy; +import com.att.research.xacmlatt.pdp.policy.expressions.Apply; + +/** + * DOMApply extends {@link com.att.research.xacmlatt.pdp.policy.expressions.Apply} with methods for creation from + * DOM {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.2 $ + */ +public class DOMApply extends Apply { + private static final Log logger = LogFactory.getLog(DOMApply.class); + + protected DOMApply() { + } + + /** + * Creates a new <code>Apply</code> by parsing the given <code>Node</core> representing a XACML Apply element. + * + * @param nodeApply the <code>Node</code> representing the XACML Apply element + * @param policy the <code>Policy</code> encompassing the Apply element + * @return a new <code>Apply</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static Apply newInstance(Node nodeApply, Policy policy) throws DOMStructureException { + Element elementApply = DOMUtil.getElement(nodeApply); + boolean bLenient = DOMProperties.isLenient(); + + DOMApply domApply = new DOMApply(); + + try { + NodeList children = nodeApply.getChildNodes(); + if (children != null) { + int numChildren = children.getLength(); + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (child.getNodeType() == Node.ELEMENT_NODE && XACML3.XMLNS.equals(child.getNamespaceURI())) { + String childName = child.getLocalName(); + if (XACML3.ELEMENT_DESCRIPTION.equals(childName)) { + domApply.setDescription(child.getTextContent()); + } else if (DOMExpression.isExpression(child)) { + domApply.addArgument(DOMExpression.newInstance(child, policy)); + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, nodeApply); + } + } + } + } + + domApply.setFunctionId(DOMUtil.getIdentifierAttribute(elementApply, XACML3.ATTRIBUTE_FUNCTIONID, !bLenient)); + } catch (DOMStructureException ex) { + domApply.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + + return domApply; + } + + public static boolean repair(Node nodeApply) throws DOMStructureException { + Element elementApply = DOMUtil.getElement(nodeApply); + boolean result = false; + + NodeList children = nodeApply.getChildNodes(); + if (children != null) { + int numChildren = children.getLength(); + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (child.getNodeType() == Node.ELEMENT_NODE && XACML3.XMLNS.equals(child.getNamespaceURI())) { + String childName = child.getLocalName(); + if (XACML3.ELEMENT_DESCRIPTION.equals(childName)) { + } else if (DOMExpression.isExpression(child)) { + result = DOMExpression.repair(child) || result; + } else { + logger.warn("Unexpected element " + child.getNodeName()); + elementApply.removeChild(child); + result = true; + } + } + } + } + + result = DOMUtil.repairIdentifierAttribute(elementApply, XACML3.ATTRIBUTE_FUNCTIONID, XACML3.ID_FUNCTION_STRING_EQUAL, logger) || result; + + return result; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeAssignmentExpression.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeAssignmentExpression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeAssignmentExpression.java new file mode 100755 index 0000000..4e42751 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeAssignmentExpression.java @@ -0,0 +1,116 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import com.att.research.xacml.api.Identifier; +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.AttributeAssignmentExpression; +import com.att.research.xacmlatt.pdp.policy.Policy; + +/** + * DOMAttributeAssignmentExpression extends {@link com.att.research.xacmlatt.pdp.policy.AttributeAssignmentExpression} with + * methods for creation from {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.3 $ + */ +public class DOMAttributeAssignmentExpression extends AttributeAssignmentExpression { + private static final Log logger = LogFactory.getLog(DOMAttributeAssignmentExpression.class); + + protected DOMAttributeAssignmentExpression() { + } + + /** + * Creates a new <code>AttributeAssignmentExpression</code> by parsing the given <code>Node</code> representing + * a XACML AttributeAssignmentExpression element. + * + * @param nodeAttributeAssignmentExpression the <code>Node</code> representing the XACML AttributeAssignmentExpression element + * @return a new <code>AttributeAssignmentExpression</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static AttributeAssignmentExpression newInstance(Node nodeAttributeAssignmentExpression, Policy policy) throws DOMStructureException { + Element elementAttributeAssignmentExpression = DOMUtil.getElement(nodeAttributeAssignmentExpression); + boolean bLenient = DOMProperties.isLenient(); + + DOMAttributeAssignmentExpression domAttributeAssignmentExpression = new DOMAttributeAssignmentExpression(); + + try { + Node node = DOMUtil.getFirstChildElement(elementAttributeAssignmentExpression); + if (node == null) { + if (!bLenient) { + throw DOMUtil.newMissingElementException(elementAttributeAssignmentExpression, XACML3.XMLNS, XACML3.ELEMENT_EXPRESSION); + } + } else { + domAttributeAssignmentExpression.setExpression(DOMExpression.newInstance(node, policy)); + } + + Identifier identifier; + domAttributeAssignmentExpression.setAttributeId(DOMUtil.getIdentifierAttribute(elementAttributeAssignmentExpression, XACML3.ATTRIBUTE_ATTRIBUTEID, !bLenient));; + if ((identifier = DOMUtil.getIdentifierAttribute(elementAttributeAssignmentExpression, XACML3.ATTRIBUTE_CATEGORY)) != null) { + domAttributeAssignmentExpression.setCategory(identifier); + } + + String issuer = DOMUtil.getStringAttribute(elementAttributeAssignmentExpression, XACML3.ATTRIBUTE_ISSUER); + if (issuer != null) { + domAttributeAssignmentExpression.setIssuer(issuer); + } + } catch (DOMStructureException ex) { + domAttributeAssignmentExpression.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + + return domAttributeAssignmentExpression; + } + + public static boolean repair(Node nodeAttributeAssignmentExpression) throws DOMStructureException { + Element elementAttributeAssignmentExpression = DOMUtil.getElement(nodeAttributeAssignmentExpression); + boolean result = false; + + if (DOMUtil.getFirstChildElement(elementAttributeAssignmentExpression) == null) { + /* + * See if we can repair the <AttributeAssignmentExpression DataType="">string</AttributeAssignmentExpression> pattern + */ + Identifier identifier = DOMUtil.getIdentifierAttribute(elementAttributeAssignmentExpression, XACML3.ATTRIBUTE_DATATYPE); + String textContent = elementAttributeAssignmentExpression.getTextContent(); + if (textContent != null) { + textContent = textContent.trim(); + } + if (textContent != null && textContent.length() > 0 && identifier != null) { + Element attributeValue = elementAttributeAssignmentExpression.getOwnerDocument().createElementNS(XACML3.XMLNS, XACML3.ELEMENT_ATTRIBUTEVALUE); + attributeValue.setAttribute(XACML3.ATTRIBUTE_DATATYPE, identifier.stringValue()); + attributeValue.setTextContent(textContent); + logger.warn("Adding a new AttributeValue using the DataType from the AttributeAssignment"); + elementAttributeAssignmentExpression.removeAttribute(XACML3.ATTRIBUTE_DATATYPE); + while (elementAttributeAssignmentExpression.hasChildNodes()) { + elementAttributeAssignmentExpression.removeChild(elementAttributeAssignmentExpression.getFirstChild()); + } + elementAttributeAssignmentExpression.appendChild(attributeValue); + result = true; + } else { + throw DOMUtil.newMissingElementException(elementAttributeAssignmentExpression, XACML3.XMLNS, XACML3.ELEMENT_EXPRESSION); + } + } + result = DOMUtil.repairIdentifierAttribute(elementAttributeAssignmentExpression, XACML3.ATTRIBUTE_ATTRIBUTEID, logger) || result; + + return result; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeDesignator.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeDesignator.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeDesignator.java new file mode 100755 index 0000000..1d5936f --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeDesignator.java @@ -0,0 +1,87 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.expressions.AttributeDesignator; + +/** + * DOMAttributeDesignator extends {@link com.att.research.xacmlatt.pdp.policy.expressions.AttributeDesignator} with methods + * for creation from DOM {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.3 $ + */ +public class DOMAttributeDesignator extends AttributeDesignator { + private static final Log logger = LogFactory.getLog(DOMAttributeDesignator.class); + + protected DOMAttributeDesignator() { + } + + /** + * Creates a new <code>DOMAttributeDesignator</code> by parsing the given <code>Node</code> representing a XACML AttributeDesignator + * element. + * + * @param nodeAttributeDesignator the <code>Node</code> representing the XACML AttributeDesignator element + * @return a new <code>DOMAttributeDesignator</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static AttributeDesignator newInstance(Node nodeAttributeDesignator) throws DOMStructureException { + Element elementAttributeDesignator = DOMUtil.getElement(nodeAttributeDesignator); + boolean bLenient = DOMProperties.isLenient(); + + DOMAttributeDesignator domAttributeDesignator = new DOMAttributeDesignator(); + + try { + domAttributeDesignator.setCategory(DOMUtil.getIdentifierAttribute(elementAttributeDesignator, XACML3.ATTRIBUTE_CATEGORY, !bLenient)); + domAttributeDesignator.setAttributeId(DOMUtil.getIdentifierAttribute(elementAttributeDesignator, XACML3.ATTRIBUTE_ATTRIBUTEID, !bLenient)); + domAttributeDesignator.setDataTypeId(DOMUtil.getIdentifierAttribute(elementAttributeDesignator, XACML3.ATTRIBUTE_DATATYPE, !bLenient)); + + String string; + if ((string = DOMUtil.getStringAttribute(elementAttributeDesignator, XACML3.ATTRIBUTE_ISSUER)) != null) { + domAttributeDesignator.setIssuer(string); + } + Boolean mustBePresent = DOMUtil.getBooleanAttribute(elementAttributeDesignator, XACML3.ATTRIBUTE_MUSTBEPRESENT, !bLenient); + if (mustBePresent != null) { + domAttributeDesignator.setMustBePresent(mustBePresent); + } + } catch (DOMStructureException ex) { + domAttributeDesignator.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + + return domAttributeDesignator; + } + + public static boolean repair(Node nodeAttributeDesignator) throws DOMStructureException { + Element elementAttributeDesignator = DOMUtil.getElement(nodeAttributeDesignator); + boolean result = false; + + result = DOMUtil.repairIdentifierAttribute(elementAttributeDesignator, XACML3.ATTRIBUTE_CATEGORY, logger) || result; + result = DOMUtil.repairIdentifierAttribute(elementAttributeDesignator, XACML3.ATTRIBUTE_ATTRIBUTEID, logger) || result; + result = DOMUtil.repairIdentifierAttribute(elementAttributeDesignator, XACML3.ATTRIBUTE_DATATYPE, logger) || result; + result = DOMUtil.repairBooleanAttribute(elementAttributeDesignator, XACML3.ATTRIBUTE_MUSTBEPRESENT, false, logger) || result; + + return result; + } + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeSelector.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeSelector.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeSelector.java new file mode 100755 index 0000000..da1359b --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMAttributeSelector.java @@ -0,0 +1,87 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import com.att.research.xacml.api.Identifier; +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.expressions.AttributeSelector; + +/** + * DOMAttributeSelector extends {@link com.att.research.xacmlatt.pdp.policy.expressions.AttributeSelector} with methods + * for creation from DOM {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.3 $ + */ +public class DOMAttributeSelector extends AttributeSelector { + private static Log logger = LogFactory.getLog(DOMAttributeSelector.class); + + protected DOMAttributeSelector() { + } + + /** + * Creates a new <code>DOMAttributeSelector</code> by parsing the given <code>Node</code> representing a XACML AttributeSelector element. + * + * @param nodeAttributeSelector the <code>Node</code> representing the XACML AttributeSelector element + * @return a new <code>DOMAttributeSelector</code> parsed from the given <code>Node</code>. + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static AttributeSelector newInstance(Node nodeAttributeSelector) throws DOMStructureException { + Element elementAttributeSelector = DOMUtil.getElement(nodeAttributeSelector); + boolean bLenient = DOMProperties.isLenient(); + + DOMAttributeSelector domAttributeSelector = new DOMAttributeSelector(); + + try { + domAttributeSelector.setCategory(DOMUtil.getIdentifierAttribute(elementAttributeSelector, XACML3.ATTRIBUTE_CATEGORY, !bLenient)); + + Identifier identifier; + if ((identifier = DOMUtil.getIdentifierAttribute(elementAttributeSelector, XACML3.ATTRIBUTE_CONTEXTSELECTORID)) != null) { + domAttributeSelector.setContextSelectorId(identifier); + } + + domAttributeSelector.setPath(DOMUtil.getStringAttribute(elementAttributeSelector, XACML3.ATTRIBUTE_PATH, !bLenient)); + domAttributeSelector.setDataTypeId(DOMUtil.getIdentifierAttribute(elementAttributeSelector, XACML3.ATTRIBUTE_DATATYPE, !bLenient)); + Boolean mustBePresent = DOMUtil.getBooleanAttribute(elementAttributeSelector, XACML3.ATTRIBUTE_MUSTBEPRESENT, !bLenient); + if (mustBePresent != null) { + domAttributeSelector.setMustBePresent(mustBePresent); + } + } catch (DOMStructureException ex) { + domAttributeSelector.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + + return domAttributeSelector; + } + + public static boolean repair(Node nodeAttributeSelector) throws DOMStructureException { + Element elementAttributeSelector = DOMUtil.getElement(nodeAttributeSelector); + boolean result = false; + + result = DOMUtil.repairIdentifierAttribute(elementAttributeSelector, XACML3.ATTRIBUTE_CATEGORY, logger) || result; + result = DOMUtil.repairStringAttribute(elementAttributeSelector, XACML3.ATTRIBUTE_PATH, "/", logger) || result; + result = DOMUtil.repairIdentifierAttribute(elementAttributeSelector, XACML3.ATTRIBUTE_DATATYPE, logger) || result; + result = DOMUtil.repairBooleanAttribute(elementAttributeSelector, XACML3.ATTRIBUTE_MUSTBEPRESENT, false, logger) || result; + + return result; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMCombinerParameter.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMCombinerParameter.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMCombinerParameter.java new file mode 100755 index 0000000..b32a4c7 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMCombinerParameter.java @@ -0,0 +1,183 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMAttributeValue; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.CombinerParameter; + +/** + * DOMCombinerParameter extends {@link com.att.research.xacmlatt.pdp.policy.CombinerParameter} with methods for + * creation from DOM {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.2 $ + */ +public class DOMCombinerParameter extends CombinerParameter { + private static final Log logger = LogFactory.getLog(DOMCombinerParameter.class); + + protected DOMCombinerParameter() { + + } + + /** + * Creates a new <code>CombinerParameter</code> by parsing the given <code>Node</code> representing a XACML CombinerParameter element. + * + * @param nodeCombinerParameter the <code>Node</code> representing the XACML CombinerParameter element + * @return a new <code>CombinerParameter</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static CombinerParameter newInstance(Node nodeCombinerParameter) throws DOMStructureException { + Element elementCombinerParameter = DOMUtil.getElement(nodeCombinerParameter); + boolean bLenient = DOMProperties.isLenient(); + + DOMCombinerParameter combinerParameter = new DOMCombinerParameter(); + + try { + NodeList children = elementCombinerParameter.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_ATTRIBUTEVALUE.equals(child.getLocalName())) { + if (combinerParameter.getAttributeValue() != null && !bLenient) { + throw DOMUtil.newUnexpectedElementException(child, elementCombinerParameter); + } else { + combinerParameter.setAttributeValue(DOMAttributeValue.newInstance(child, null)); + } + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, elementCombinerParameter); + } + } + } + } + + if (combinerParameter.getAttributeValue() == null && !bLenient) { + throw DOMUtil.newMissingElementException(elementCombinerParameter, XACML3.XMLNS, XACML3.ELEMENT_ATTRIBUTEVALUE); + } + combinerParameter.setName(DOMUtil.getStringAttribute(elementCombinerParameter, XACML3.ATTRIBUTE_PARAMETERNAME, !bLenient)); + } catch (DOMStructureException ex) { + combinerParameter.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + + return combinerParameter; + } + + public static boolean repair(Node nodeCombinerParameter) throws DOMStructureException { + Element elementCombinerParameter = DOMUtil.getElement(nodeCombinerParameter); + boolean result = false; + + NodeList children = elementCombinerParameter.getChildNodes(); + int numChildren; + boolean sawAttributeValue = false; + + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_ATTRIBUTEVALUE.equals(child.getLocalName())) { + if (sawAttributeValue) { + logger.warn("Unexpected element " + child.getNodeName()); + elementCombinerParameter.removeChild(child); + result = true; + } else { + result = DOMAttributeValue.repair(child) || result; + sawAttributeValue = true; + } + } else { + logger.warn("Unexpected element " + child.getNodeName()); + elementCombinerParameter.removeChild(child); + result = true; + } + } + } + } + + if (!sawAttributeValue) { + throw DOMUtil.newMissingElementException(elementCombinerParameter, XACML3.XMLNS, XACML3.ELEMENT_ATTRIBUTEVALUE); + } + + result = DOMUtil.repairStringAttribute(elementCombinerParameter, XACML3.ATTRIBUTE_PARAMETERNAME, "parameter", logger) || result; + + return result; + } + + /** + * Creates a <code>List</code> of <code>CombinerParameter</code>s by parsing the given <code>Node</code> representing a + * XACML CombinerParameters element. + * + * @param nodeCombinerParameters the <code>Node</code> representing the XACML CombinerParameters element + * @return a <code>List</code> of <code>CombinerParameter</code>s parsed from the given <code>Node</code>. + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static List<CombinerParameter> newList(Node nodeCombinerParameters) throws DOMStructureException { + Element elementCombinerParameters = DOMUtil.getElement(nodeCombinerParameters); + boolean bLenient = DOMProperties.isLenient(); + + List<CombinerParameter> listCombinerParameters = new ArrayList<CombinerParameter>(); + + NodeList children = elementCombinerParameters.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_COMBINERPARAMETER.equals(child.getLocalName())) { + listCombinerParameters.add(DOMCombinerParameter.newInstance(child)); + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, elementCombinerParameters); + } + } + } + } + return listCombinerParameters; + } + + public static boolean repairList(Node nodeCombinerParameters) throws DOMStructureException { + Element elementCombinerParameters = DOMUtil.getElement(nodeCombinerParameters); + boolean result = false; + + NodeList children = elementCombinerParameters.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_COMBINERPARAMETER.equals(child.getLocalName())) { + result = DOMCombinerParameter.repair(child) || result; + } else { + logger.warn("Unexpected element " + child.getNodeName()); + elementCombinerParameters.removeChild(child); + result = true; + } + } + } + } + return result; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMDocumentRepair.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMDocumentRepair.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMDocumentRepair.java new file mode 100755 index 0000000..f25e6cd --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMDocumentRepair.java @@ -0,0 +1,70 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import org.w3c.dom.Document; +import org.w3c.dom.Node; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; + +/** + * DOMDocumentRepair extends {@link com.att.research.xacml.std.dom.DOMDocumentRepair} to repair Policy documents as well as + * Request and Response documents. + * + * @author car + * @version $Revision: 1.1 $ + */ +public class DOMDocumentRepair extends com.att.research.xacml.std.dom.DOMDocumentRepair { + protected boolean repairPolicy(Node nodePolicy) throws DOMStructureException { + return DOMPolicy.repair(nodePolicy); + } + + protected boolean repairPolicySet(Node nodePolicySet) throws DOMStructureException { + return DOMPolicySet.repair(nodePolicySet); + } + + public DOMDocumentRepair() { + } + + /** + * Determines what kind of XACML document is represented by the given <code>Document</code> and + * attempts to repair it. + * + * @param document the <code>Document</code> to check + * @return true if any repairs were made in the <code>Document</code>, else false + * @throws DOMStructureException if there were unrecoverable errors found + * @throws UnsupportedDocumentTypeException if the root element is not a XACML Request or Response. + */ + public boolean repair(Document document) throws DOMStructureException, UnsupportedDocumentTypeException { + Node firstChild = DOMUtil.getFirstChildElement(document); + if (firstChild == null || !DOMUtil.isElement(firstChild)) { + return false; + } + + if (!DOMUtil.isInNamespace(firstChild, XACML3.XMLNS)) { + throw new UnsupportedDocumentTypeException("Not a XACML document: " + DOMUtil.getNodeLabel(firstChild)); + } + if (XACML3.ELEMENT_REQUEST.equals(firstChild.getLocalName())) { + return this.repairRequest(firstChild); + } else if (XACML3.ELEMENT_RESPONSE.equals(firstChild.getLocalName())) { + return this.repairResponse(firstChild); + } else if (XACML3.ELEMENT_POLICY.equals(firstChild.getLocalName())) { + return this.repairPolicy(firstChild); + } else if (XACML3.ELEMENT_POLICYSET.equals(firstChild.getLocalName())) { + return this.repairPolicySet(firstChild); + } else { + throw new UnsupportedDocumentTypeException("Not a XACML Request or Response: " + DOMUtil.getNodeLabel(firstChild)); + } + } + +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMExpression.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMExpression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMExpression.java new file mode 100755 index 0000000..b9b1ac7 --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMExpression.java @@ -0,0 +1,120 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import com.att.research.xacml.api.AttributeValue; +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMAttributeValue; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.Expression; +import com.att.research.xacmlatt.pdp.policy.Policy; +import com.att.research.xacmlatt.pdp.policy.expressions.AttributeValueExpression; +import com.att.research.xacmlatt.pdp.policy.expressions.Function; +import com.att.research.xacmlatt.pdp.policy.expressions.VariableReference; + +/** + * DOMExpression extends {@link com.att.research.xacmlatt.pdp.policy.Expression} with methods for creation + * from DOM {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.2 $ + */ +public abstract class DOMExpression extends Expression { + private static final Log logger = LogFactory.getLog(DOMExpression.class); + + protected DOMExpression() { + } + + public static boolean isExpression(Node nodeExpression) { + String nodeName = nodeExpression.getLocalName(); + return (XACML3.ELEMENT_APPLY.equals(nodeName) || + XACML3.ELEMENT_ATTRIBUTEDESIGNATOR.equals(nodeName) || + XACML3.ELEMENT_ATTRIBUTESELECTOR.equals(nodeName) || + XACML3.ELEMENT_ATTRIBUTEVALUE.equals(nodeName) || + XACML3.ELEMENT_FUNCTION.equals(nodeName) || + XACML3.ELEMENT_VARIABLEREFERENCE.equals(nodeName) + ); + } + + /** + * Creates a new <code>Expression</code> of the appropriate sub-type based on the name of the given <code>Node</code>. + * + * @param nodeExpression the <code>Node</code> to parse + * @param policy the {@link com.att.research.xacmlatt.pdp.policy.Policy} containing the Expression element + * @return a new <code>Expression</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static Expression newInstance(Node nodeExpression, Policy policy) throws DOMStructureException { + Element elementExpression = DOMUtil.getElement(nodeExpression); + boolean bLenient = DOMProperties.isLenient(); + + if (DOMUtil.isInNamespace(elementExpression, XACML3.XMLNS)) { + if (elementExpression.getLocalName().equals(XACML3.ELEMENT_APPLY)) { + return DOMApply.newInstance(elementExpression, policy); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_ATTRIBUTEDESIGNATOR)) { + return DOMAttributeDesignator.newInstance(elementExpression); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_ATTRIBUTESELECTOR)) { + return DOMAttributeSelector.newInstance(elementExpression); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_ATTRIBUTEVALUE)) { + AttributeValue<?> attributeValue = null; + try { + attributeValue = DOMAttributeValue.newInstance(elementExpression, null); + } catch (DOMStructureException ex) { + return new AttributeValueExpression(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + } + return new AttributeValueExpression(attributeValue); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_FUNCTION)) { + return new Function(DOMUtil.getIdentifierAttribute(elementExpression, XACML3.ATTRIBUTE_FUNCTIONID)); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_VARIABLEREFERENCE)) { + return new VariableReference(policy, DOMUtil.getStringAttribute(elementExpression, XACML3.ATTRIBUTE_VARIABLEID)); + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(nodeExpression); + } else { + return null; + } + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(nodeExpression); + } else { + return null; + } + } + + public static boolean repair(Node nodeExpression) throws DOMStructureException { + Element elementExpression = DOMUtil.getElement(nodeExpression); + if (DOMUtil.isInNamespace(elementExpression, XACML3.XMLNS)) { + if (elementExpression.getLocalName().equals(XACML3.ELEMENT_APPLY)) { + return DOMApply.repair(elementExpression); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_ATTRIBUTEDESIGNATOR)) { + return DOMAttributeDesignator.repair(elementExpression); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_ATTRIBUTESELECTOR)) { + return DOMAttributeSelector.repair(elementExpression); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_ATTRIBUTEVALUE)) { + return DOMAttributeValue.repair(elementExpression); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_FUNCTION)) { + return DOMUtil.repairIdentifierAttribute(elementExpression, XACML3.ATTRIBUTE_FUNCTIONID, XACML3.ID_FUNCTION_STRING_EQUAL, logger); + } else if (elementExpression.getLocalName().equals(XACML3.ELEMENT_VARIABLEREFERENCE)) { + return DOMUtil.repairStringAttribute(elementExpression, XACML3.ATTRIBUTE_VARIABLEID, "variableId", logger); + } else { + throw DOMUtil.newUnexpectedElementException(nodeExpression); + } + } else { + throw DOMUtil.newUnexpectedElementException(nodeExpression); + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMMatch.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMMatch.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMMatch.java new file mode 100755 index 0000000..756750a --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMMatch.java @@ -0,0 +1,173 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMAttributeValue; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.Match; + +/** + * DOMMatch extends {@link com.att.research.xacmlatt.pdp.policy.Match} with methods for creation from + * DOM {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.3 $ + */ +public class DOMMatch extends Match { + private static Log logger = LogFactory.getLog(DOMMatch.class); + + protected DOMMatch() { + } + + /** + * Creates a new <code>DOMMatch</code> by parsing the given <code>Node</code> representing a XACML Match element. + * + * @param nodeMatch the <code>Node</code> representing the XACML Match element + * @return a new <code>DOMMatch</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the given <code>Node</code> + */ + public static Match newInstance(Node nodeMatch) throws DOMStructureException { + Element elementMatch = DOMUtil.getElement(nodeMatch); + boolean bLenient = DOMProperties.isLenient(); + + DOMMatch domMatch = new DOMMatch(); + + try { + NodeList children = elementMatch.getChildNodes(); + int numChildren; + + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS)) { + String childName = child.getLocalName(); + if (XACML3.ELEMENT_ATTRIBUTEVALUE.equals(childName)) { + domMatch.setAttributeValue(DOMAttributeValue.newInstance(child, null)); + } else if (XACML3.ELEMENT_ATTRIBUTEDESIGNATOR.equals(childName)) { + if (domMatch.getAttributeRetrievalBase() != null && !bLenient) { + throw DOMUtil.newUnexpectedElementException(child, nodeMatch); + } + domMatch.setAttributeRetrievalBase(DOMAttributeDesignator.newInstance(child)); + } else if (XACML3.ELEMENT_ATTRIBUTESELECTOR.equals(childName)) { + if (domMatch.getAttributeRetrievalBase() != null) { + throw DOMUtil.newUnexpectedElementException(child, nodeMatch); + } + domMatch.setAttributeRetrievalBase(DOMAttributeSelector.newInstance(child)); + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, nodeMatch); + } + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, nodeMatch); + } + } + } + } + + /* + * We have to see exactly one of these + */ + if (domMatch.getAttributeRetrievalBase() == null && !bLenient) { + throw DOMUtil.newMissingElementException(nodeMatch, XACML3.XMLNS, XACML3.ELEMENT_ATTRIBUTEDESIGNATOR + " or " + XACML3.ELEMENT_ATTRIBUTESELECTOR); + } else if (domMatch.getAttributeValue() == null && !bLenient) { + throw DOMUtil.newMissingElementException(nodeMatch, XACML3.XMLNS, XACML3.ELEMENT_ATTRIBUTEVALUE); + } + + domMatch.setMatchId(DOMUtil.getIdentifierAttribute(elementMatch, XACML3.ATTRIBUTE_MATCHID, !bLenient)); + + } catch (DOMStructureException ex) { + domMatch.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + return domMatch; + } + + public static boolean repair(Node nodeMatch) throws DOMStructureException { + Element elementMatch = DOMUtil.getElement(nodeMatch); + boolean result = false; + + NodeList children = elementMatch.getChildNodes(); + int numChildren; + boolean sawAttributeRetrievalBase = false; + boolean sawAttributeValue = false; + + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS)) { + String childName = child.getLocalName(); + if (XACML3.ELEMENT_ATTRIBUTEVALUE.equals(childName)) { + if (sawAttributeValue) { + logger.warn("Unexpected element " + child.getNodeName()); + elementMatch.removeChild(child); + result = true; + } else { + result = DOMAttributeValue.repair(child) || result; + sawAttributeValue = true; + } + } else if (XACML3.ELEMENT_ATTRIBUTEDESIGNATOR.equals(childName)) { + if (sawAttributeRetrievalBase) { + logger.warn("Unexpected element " + child.getNodeName()); + elementMatch.removeChild(child); + result = true; + } else { + result = DOMAttributeDesignator.repair(child) || result; + sawAttributeRetrievalBase = true; + } + } else if (XACML3.ELEMENT_ATTRIBUTESELECTOR.equals(childName)) { + if (sawAttributeRetrievalBase) { + logger.warn("Unexpected element " + child.getNodeName()); + elementMatch.removeChild(child); + result = true; + } else { + result = DOMAttributeSelector.repair(child) || result; + sawAttributeRetrievalBase = true; + } + } else { + logger.warn("Unexpected element " + child.getNodeName()); + elementMatch.removeChild(child); + result = true; + } + } else { + logger.warn("Unexpected element " + child.getNodeName()); + elementMatch.removeChild(child); + result = true; + } + } + } + } + + /* + * We have to see exactly one of these + */ + if (!sawAttributeRetrievalBase) { + throw DOMUtil.newMissingElementException(nodeMatch, XACML3.XMLNS, XACML3.ELEMENT_ATTRIBUTEDESIGNATOR + " or " + XACML3.ELEMENT_ATTRIBUTESELECTOR); + } else if (!sawAttributeValue) { + throw DOMUtil.newMissingElementException(nodeMatch, XACML3.XMLNS, XACML3.ELEMENT_ATTRIBUTEVALUE); + } + result = DOMUtil.repairIdentifierAttribute(elementMatch, XACML3.ATTRIBUTE_MATCHID, logger) || result; + + return result; + } +} http://git-wip-us.apache.org/repos/asf/incubator-openaz/blob/94fcdd90/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMObligationExpression.java ---------------------------------------------------------------------- diff --git a/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMObligationExpression.java b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMObligationExpression.java new file mode 100755 index 0000000..7f5832c --- /dev/null +++ b/openaz-xacml-pdp/src/main/java/com/att/research/xacmlatt/pdp/policy/dom/DOMObligationExpression.java @@ -0,0 +1,195 @@ +/* + * AT&T - PROPRIETARY + * THIS FILE CONTAINS PROPRIETARY INFORMATION OF + * AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN + * ACCORDANCE WITH APPLICABLE AGREEMENTS. + * + * Copyright (c) 2013 AT&T Knowledge Ventures + * Unpublished and Not for Publication + * All Rights Reserved + */ +package com.att.research.xacmlatt.pdp.policy.dom; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.w3c.dom.Element; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.StdStatusCode; +import com.att.research.xacml.std.dom.DOMProperties; +import com.att.research.xacml.std.dom.DOMStructureException; +import com.att.research.xacml.std.dom.DOMUtil; +import com.att.research.xacmlatt.pdp.policy.ObligationExpression; +import com.att.research.xacmlatt.pdp.policy.Policy; +import com.att.research.xacmlatt.pdp.policy.RuleEffect; + +/** + * DOMObligationExpression extends {@link com.att.research.xacmlatt.pdp.policy.ObligationExpression} with methods + * for creation from {@link org.w3c.dom.Node}s. + * + * @author car + * @version $Revision: 1.3 $ + */ +public class DOMObligationExpression extends ObligationExpression { + private static final Log logger = LogFactory.getLog(DOMObligationExpression.class); + + protected DOMObligationExpression() { + } + + /** + * Creates a new <code>ObligationExpression</code> by parsing the given <code>Node</code> representing a XACML ObligationExpression element. + * + * @param nodeObligationExpression the <code>Node</code> representing the XACML ObligationExpression element + * @param policy the {@link com.att.research.xacmlatt.pdp.policy.Policy} encompassing the ObligationExpression element + * @return a new <code>ObligationExpression</code> parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static ObligationExpression newInstance(Node nodeObligationExpression, Policy policy) throws DOMStructureException { + Element elementObligationExpression = DOMUtil.getElement(nodeObligationExpression); + boolean bLenient = DOMProperties.isLenient(); + + DOMObligationExpression domObligationExpression = new DOMObligationExpression(); + + try { + NodeList children = elementObligationExpression.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_ATTRIBUTEASSIGNMENTEXPRESSION.equals(child.getLocalName())) { + domObligationExpression.addAttributeAssignmentExpression(DOMAttributeAssignmentExpression.newInstance(child, policy)); + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, nodeObligationExpression); + } + } + } + } + + domObligationExpression.setObligationId(DOMUtil.getIdentifierAttribute(elementObligationExpression, XACML3.ATTRIBUTE_OBLIGATIONID, !bLenient)); + + String string = DOMUtil.getStringAttribute(elementObligationExpression, XACML3.ATTRIBUTE_FULFILLON, !bLenient); + RuleEffect ruleEffectType = RuleEffect.getRuleEffect(string); + if (ruleEffectType == null) { + if (!bLenient) { + throw new DOMStructureException(nodeObligationExpression, "Invalid EffectType \"" + string + "\" in \"" + DOMUtil.getNodeLabel(nodeObligationExpression) + "\""); + } + } else { + domObligationExpression.setRuleEffect(ruleEffectType); + } + } catch (DOMStructureException ex) { + domObligationExpression.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage()); + if (DOMProperties.throwsExceptions()) { + throw ex; + } + } + return domObligationExpression; + } + + public static boolean repair(Node nodeObligationExpression) throws DOMStructureException { + Element elementObligationExpression = DOMUtil.getElement(nodeObligationExpression); + boolean result = false; + + NodeList children = elementObligationExpression.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_ATTRIBUTEASSIGNMENTEXPRESSION.equals(child.getLocalName())) { + result = DOMAttributeAssignmentExpression.repair(child) || result; + } else { + logger.warn("Unexpected element " + child.getNodeName()); + elementObligationExpression.removeChild(child); + result = true; + } + } + } + } + + result = DOMUtil.repairIdentifierAttribute(elementObligationExpression, XACML3.ATTRIBUTE_OBLIGATIONID, logger) || result; + result = DOMUtil.repairStringAttribute(elementObligationExpression, XACML3.ATTRIBUTE_FULFILLON, RuleEffect.DENY.getName(), logger) || result; + + String string = DOMUtil.getStringAttribute(elementObligationExpression, XACML3.ATTRIBUTE_FULFILLON); + RuleEffect ruleEffectType = RuleEffect.getRuleEffect(string); + if (ruleEffectType == null) { + logger.warn("Setting invalid RuleEffect " + string + " to " + RuleEffect.DENY.getName()); + elementObligationExpression.setAttribute(XACML3.ATTRIBUTE_FULFILLON, RuleEffect.DENY.getName()); + result = true; + } + + return result; + } + + /** + * Creates a <code>List</code> of <code>ObligationExpression</code>s by parsing the given <code>Node</code> + * representing a XACML ObligationExpressions element. + * + * @param nodeObligationExpressions the <code>Node</code> representing the XACML ObligationExpressions element + * @param policy the <code>Policy</code> encompassing the ObligationExpressions element + * @return a new <code>List</code> of <code>ObligationExpression</code>s parsed from the given <code>Node</code> + * @throws DOMStructureException if there is an error parsing the <code>Node</code> + */ + public static List<ObligationExpression> newList(Node nodeObligationExpressions, Policy policy) throws DOMStructureException { + Element elementObligationExpressions = DOMUtil.getElement(nodeObligationExpressions); + boolean bLenient = DOMProperties.isLenient(); + + List<ObligationExpression> listObligationExpressions = new ArrayList<ObligationExpression>(); + + NodeList children = elementObligationExpressions.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_OBLIGATIONEXPRESSION.equals(child.getLocalName())) { + listObligationExpressions.add(DOMObligationExpression.newInstance(child, policy)); + } else if (!bLenient) { + throw DOMUtil.newUnexpectedElementException(child, elementObligationExpressions); + } + } + } + } + + if (listObligationExpressions.size() == 0 && !bLenient) { + throw DOMUtil.newMissingElementException(elementObligationExpressions, XACML3.XMLNS, XACML3.ELEMENT_OBLIGATIONEXPRESSION); + } + + return listObligationExpressions; + } + + public static boolean repairList(Node nodeObligationExpressions) throws DOMStructureException { + Element elementObligationExpressions = DOMUtil.getElement(nodeObligationExpressions); + boolean result = false; + + boolean sawObligationExpression = false; + NodeList children = elementObligationExpressions.getChildNodes(); + int numChildren; + if (children != null && (numChildren = children.getLength()) > 0) { + for (int i = 0 ; i < numChildren ; i++) { + Node child = children.item(i); + if (DOMUtil.isElement(child)) { + if (DOMUtil.isInNamespace(child, XACML3.XMLNS) && XACML3.ELEMENT_OBLIGATIONEXPRESSION.equals(child.getLocalName())) { + result = DOMObligationExpression.repair(child) || result; + sawObligationExpression = true; + } else { + logger.warn("Unexpected element " + child.getNodeName()); + elementObligationExpressions.removeChild(child); + result = true; + } + } + } + } + if (!sawObligationExpression) { + throw DOMUtil.newMissingElementException(elementObligationExpressions, XACML3.XMLNS, XACML3.ELEMENT_OBLIGATIONEXPRESSION); + } + + return result; + } + +}
