Java Code Examples for org.wso2.balana.AbstractPolicy#evaluate()
The following examples show how to use
org.wso2.balana.AbstractPolicy#evaluate() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DenyUnlessPermitPolicyAlg.java From balana with Apache License 2.0 | 5 votes |
|
@Override
public AbstractResult combine(EvaluationCtx context, List parameters, List policyElements) {
List<ObligationResult> denyObligations = new ArrayList<ObligationResult>();
List<Advice> denyAdvices = new ArrayList<Advice>();
for (Object policyElement : policyElements) {
AbstractPolicy policy = ((PolicyCombinerElement) (policyElement)).getPolicy();
MatchResult match = policy.match(context);
if (match.getResult() == MatchResult.MATCH) {
AbstractResult result = policy.evaluate(context);
int value = result.getDecision();
// if there was a value of PERMIT, then regardless of what else
// we've seen, we always return PERMIT
if (value == AbstractResult.DECISION_PERMIT) {
return result;
} else if(value == AbstractResult.DECISION_DENY){
denyObligations.addAll(result.getObligations());
denyAdvices.addAll(result.getAdvices());
}
}
}
// if there is not any value of PERMIT. The return DENY
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_DENY, denyObligations,
denyAdvices, context);
}
Example 2
| Source File: PermitUnlessDenyPolicyAlg.java From balana with Apache License 2.0 | 5 votes |
|
@Override
public AbstractResult combine(EvaluationCtx context, List parameters, List policyElements) {
List<ObligationResult> permitObligations = new ArrayList<ObligationResult>();
List<Advice> permitAdvices= new ArrayList<Advice>();
for (Object policyElement : policyElements) {
AbstractPolicy policy = ((PolicyCombinerElement) (policyElement)).getPolicy();
MatchResult match = policy.match(context);
if (match.getResult() == MatchResult.MATCH) {
AbstractResult result = policy.evaluate(context);
int value = result.getDecision();
// if there was a value of DENY, then regardless of what else
// we've seen, we always return DENY
if (value == AbstractResult.DECISION_DENY) {
return result;
} else if (value == AbstractResult.DECISION_PERMIT) {
permitObligations.addAll(result.getObligations());
permitAdvices.addAll(result.getAdvices());
}
}
}
// if there is not any value of DENY. The return PERMIT
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_PERMIT,
permitObligations, permitAdvices, context);
}
Example 3
| Source File: FirstApplicablePolicyAlg.java From balana with Apache License 2.0 | 5 votes |
|
/**
* Applies the combining rule to the set of policies based on the evaluation context.
*
* @param context the context from the request
* @param parameters a (possibly empty) non-null <code>List</code> of
* <code>CombinerParameter<code>s
* @param policyElements the policies to combine
*
* @return the result of running the combining algorithm
*/
public AbstractResult combine(EvaluationCtx context, List parameters, List policyElements) {
Iterator it = policyElements.iterator();
while (it.hasNext()) {
AbstractPolicy policy = ((PolicyCombinerElement) (it.next())).getPolicy();
// make sure that the policy matches the context
MatchResult match = policy.match(context);
if (match.getResult() == MatchResult.INDETERMINATE)
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_INDETERMINATE,
match.getStatus(), context);
if (match.getResult() == MatchResult.MATCH) {
// evaluate the policy
AbstractResult result = policy.evaluate(context);
int effect = result.getDecision();
// in the case of PERMIT, DENY, or INDETERMINATE, we always
// just return that result, so only on a rule that doesn't
// apply do we keep going...
if (effect != Result.DECISION_NOT_APPLICABLE && !context.isSearching()) {
return result;
}
}
}
// if we got here, then none of the rules applied
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_NOT_APPLICABLE, context);
}
Example 4
| Source File: OnlyOneApplicablePolicyAlg.java From balana with Apache License 2.0 | 4 votes |
|
/**
* Applies the combining rule to the set of policies based on the evaluation context.
*
* @param context the context from the request
* @param parameters a (possibly empty) non-null <code>List</code> of
* <code>CombinerParameter<code>s
* @param policyElements the policies to combine
*
* @return the result of running the combining algorithm
*/
public AbstractResult combine(EvaluationCtx context, List parameters, List policyElements) {
boolean atLeastOne = false;
AbstractPolicy selectedPolicy = null;
Iterator it = policyElements.iterator();
while (it.hasNext()) {
AbstractPolicy policy = ((PolicyCombinerElement) (it.next())).getPolicy();
// see if the policy matches the context
MatchResult match = policy.match(context);
int result = match.getResult();
// if there is an error in trying to match any of the targets,
// we always return INDETERMINATE immediately
if (result == MatchResult.INDETERMINATE){
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_INDETERMINATE,
match.getStatus(),context);
}
if (result == MatchResult.MATCH) {
// if this isn't the first match, then this is an error
if (atLeastOne) {
List code = new ArrayList();
code.add(Status.STATUS_PROCESSING_ERROR);
String message = "Too many applicable policies";
return ResultFactory.getFactory().
getResult(AbstractResult.DECISION_INDETERMINATE,
new Status(code, message), context);
}
// if this was the first applicable policy in the set, then
// remember it for later
atLeastOne = true;
selectedPolicy = policy;
}
}
// if we got through the loop and found exactly one match, then
// we return the evaluation result of that policy
if (atLeastOne){
return selectedPolicy.evaluate(context);
}
// if we didn't find a matching policy, then we don't apply
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_NOT_APPLICABLE, context);
}
