public final class DecisionResults extends Object
DecisionResult
sModifier and Type | Field and Description |
---|---|
static DecisionResult |
SIMPLE_DENY
Simple immutable Deny Decision result (no status, no obligation/advice)
|
static DecisionResult |
SIMPLE_NOT_APPLICABLE
Simple immutable NotApplicable Decision result (no status)
|
static DecisionResult |
SIMPLE_PERMIT
Simple immutable Permit Decision result (no status, no obligation/advice)
|
Modifier and Type | Method and Description |
---|---|
static DecisionResult |
getDeny(oasis.names.tc.xacml._3_0.core.schema.wd_17.Status status,
com.google.common.collect.ImmutableList<PepAction> pepActions,
com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Instantiates a Deny decision with optional PEP actions (obligations and advice).
|
static DecisionResult |
getInstance(ExtendedDecision extendedDecision,
com.google.common.collect.ImmutableList<PepAction> pepActions,
com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Get immutable decision result from extended decision and obligations/advice elements
|
static DecisionResult |
getNotApplicable(oasis.names.tc.xacml._3_0.core.schema.wd_17.Status status)
Instantiates a NotApplicable decision with optional status.
|
static DecisionResult |
getPermit(oasis.names.tc.xacml._3_0.core.schema.wd_17.Status status,
com.google.common.collect.ImmutableList<PepAction> pepActions,
com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Instantiates a Permit decision with optional PEP actions (obligations and advice).
|
static DecisionResult |
newIndeterminate(oasis.names.tc.xacml._3_0.core.schema.wd_17.DecisionType extendedIndeterminate,
IndeterminateEvaluationException cause,
com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Instantiates a Indeterminate Decision result with a given error status
|
public static final DecisionResult SIMPLE_PERMIT
public static final DecisionResult SIMPLE_DENY
public static final DecisionResult SIMPLE_NOT_APPLICABLE
public static DecisionResult getPermit(oasis.names.tc.xacml._3_0.core.schema.wd_17.Status status, com.google.common.collect.ImmutableList<PepAction> pepActions, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
status
- status; even if decision is Permit/Deny, there may be a status "ok" (standard status in XACML 3.0) or internal error on attribute resolution but not resulting in Indeterminate
because of special combining algorithm ignoring such results (like deny-unless-permit) or MustBePresent="false"pepActions
- PEP actions (obligations/advices)applicablePolicyIdList
- list of identifiers of applicable policies that contributed to this result. If not null, the created instance uses only an immutable copy of this list.SIMPLE_PERMIT
iff status == null && pepActions == null
.public static DecisionResult getDeny(oasis.names.tc.xacml._3_0.core.schema.wd_17.Status status, com.google.common.collect.ImmutableList<PepAction> pepActions, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
status
- status; even if decision is Permit/Deny, there may be a status "ok" (standard status in XACML 3.0) or internal error on attribute resolution but not resulting in Indeterminate
because of special combining algorithm ignoring such results (like deny-unless-permit) or MustBePresent="false"pepActions
- PEP actions (obligations/advices)applicablePolicyIdList
- list of identifiers of applicable policies that contributed to this result. If not null, the created instance uses only an immutable copy of this list.SIMPLE_DENY
iff status == null && pepActions == null
.public static DecisionResult getNotApplicable(oasis.names.tc.xacml._3_0.core.schema.wd_17.Status status)
status
- status; even if decision is NotApplicable, there may be a status "ok" (standard status in XACML 3.0) or internal error on attribute resolution but not resulting in Indeterminate
because of special combining algorithm ignoring such results (like deny-unless-permit) or MustBePresent="false"SIMPLE_DENY
iff status == null && pepActions == null
.public static DecisionResult newIndeterminate(oasis.names.tc.xacml._3_0.core.schema.wd_17.DecisionType extendedIndeterminate, IndeterminateEvaluationException cause, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList) throws IllegalArgumentException
extendedIndeterminate
- Extended Indeterminate value (XACML 3.0 Core, section 7.10). We use the following convention:
DecisionType.DENY
means "Indeterminate{D}"DecisionType.PERMIT
means "Indeterminate{P}"DecisionType.INDETERMINATE
or null means "Indeterminate{DP}"DecisionType.NOT_APPLICABLE
is the default value and means the decision is not Indeterminate, and therefore any extended Indeterminate value should be ignoredapplicablePolicyIdList
- list of identifiers of applicable policies that contributed to this result. If not null, the created instance uses only an immutable copy of this list.cause
- cause of the Indeterminate resultIllegalArgumentException
- if cause == null
public static DecisionResult getInstance(ExtendedDecision extendedDecision, com.google.common.collect.ImmutableList<PepAction> pepActions, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList) throws IllegalArgumentException
extendedDecision
- extended decisionpepActions
- obligations/advice elementsapplicablePolicyIdList
- list of identifiers of applicable policies that contributed to this result. If not null, the created instance uses only an immutable copy of this list.IllegalArgumentException
- if
extendedDecision == null || extendedDecision.getDecision() ==null || (extendedDecision.getDecision() == INDETERMINATE && !extendedDecision.getCauseForIndeterminate().isPresent())
Copyright © 2012–2020. All rights reserved.