public interface PolicyEvaluator extends Decidable
Modifier and Type | Method and Description |
---|---|
DecisionResult |
evaluate(EvaluationContext context,
boolean skipTarget)
Same as
Decidable.evaluate(EvaluationContext) except Target evaluation may be skipped. |
Set<PrimaryPolicyMetadata> |
getEnclosedPolicies()
Get metadata about the policies enclosed in the evaluated policy (including itself), i.e.
|
TopLevelPolicyElementType |
getPolicyElementType()
Get type of evaluated policy element (either XACML Policy or XACML PolicySet)
|
String |
getPolicyId()
Get policy ID, e.g.
|
Optional<PolicyRefsMetadata> |
getPolicyRefsMetadata(EvaluationContext evaluationCtx)
Get metadata about the child policy references of the evaluated policy, present iff there is any (e.g.
|
PolicyVersion |
getPolicyVersion(EvaluationContext evaluationCtx)
Get policy version, e.g.
|
boolean |
isApplicableByTarget(EvaluationContext context)
"isApplicable()" as defined by Only-one-applicable algorithm (section C.9), i.e.
|
boolean isApplicableByTarget(EvaluationContext context) throws IndeterminateEvaluationException
Decidable.evaluate(EvaluationContext)
already checks first if the policy Target matches, therefore you may call isApplicable() only if you only want to check if the policy is applicable by virtue of its Target. If you want to
evaluate the policy, call Decidable.evaluate(EvaluationContext)
right away. To be used by Only-one-applicable algorithm in particular.context
- evaluation context to matchIndeterminateEvaluationException
- if Target evaluation in this context is "Indeterminate"DecisionResult evaluate(EvaluationContext context, boolean skipTarget)
Decidable.evaluate(EvaluationContext)
except Target evaluation may be skipped. To be used by Only-one-applicable algorithm with skipTarget
=true, after calling
isApplicableByTarget(EvaluationContext)
in particular.context
- evaluation contextskipTarget
- whether to evaluate the Target. If false, this must be equivalent to Decidable.evaluate(EvaluationContext)
TopLevelPolicyElementType getPolicyElementType()
String getPolicyId()
PolicyVersion getPolicyVersion(EvaluationContext evaluationCtx) throws IndeterminateEvaluationException
PolicyProvider
that resolve policy references at evaluation time based on the context, especially if the policy reference does not specify the version or use non-literal version match rules (with wildcards).
Implementations must still guarantee that the result - once computed in a given request context - remains constant over the lifetime of this request context. This is required for consistent
evaluation. The result may only change from one request to the other. For that purpose, implementations may use EvaluationContext.putOther(String, Object)
to cache the result in the
request context and EvaluationContext.getOther(String)
to retrieve it later.
evaluationCtx
- request evaluation contextIndeterminateEvaluationException
- if the policy version could not be determined in evaluationCtx
Set<PrimaryPolicyMetadata> getEnclosedPolicies()
This allows to detect duplicates, i.e. when the same policy (ID and version) is re-used multiple times in the same enclosing policy.
Optional<PolicyRefsMetadata> getPolicyRefsMetadata(EvaluationContext evaluationCtx) throws IndeterminateEvaluationException
PolicyProvider
that resolve policy references at evaluation time based on the context,
especially if the policy reference does not specify the version or use non-literal version match rules (with wildcards).
Implementations must still guarantee that the result - once computed in a given request context - remains constant over the lifetime of this request context. This is required for consistent
evaluation. The result may only change from one request to the other. For that purpose, implementations may use EvaluationContext.putOther(String, Object)
to cache the result in the
request context and EvaluationContext.getOther(String)
to retrieve it later.
evaluationCtx
- request evaluation contextIndeterminateEvaluationException
- if the metadata could not be determined in evaluationCtx
Copyright © 2012–2020. All rights reserved.