Package org.ow2.authzforce.core.pdp.api
Class DecisionResults
- java.lang.Object
-
- org.ow2.authzforce.core.pdp.api.DecisionResults
-
public final class DecisionResults extends Object
Factory for creating immutableDecisionResult
s
-
-
Field Summary
Fields Modifier and Type Field Description static DecisionResult
SIMPLE_DENY
Simple immutable Deny Decision result (no status, no obligation/advice)static DecisionResult
SIMPLE_NOT_APPLICABLE
Simple immutable NotApplicable Decision result (no status)static DecisionResult
SIMPLE_PERMIT
Simple immutable Permit Decision result (no status, no obligation/advice)
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static DecisionResult
getDeny(Optional<ImmutableXacmlStatus> status, com.google.common.collect.ImmutableList<PepAction> pepActions, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Instantiates a Deny decision with optional PEP actions (obligations and advice).static DecisionResult
getInstance(ExtendedDecision extendedDecision, com.google.common.collect.ImmutableList<PepAction> pepActions, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Get immutable decision result from extended decision and obligations/advice elementsstatic DecisionResult
getNotApplicable(Optional<ImmutableXacmlStatus> status)
Instantiates a NotApplicable decision with optional status.static DecisionResult
getPermit(Optional<ImmutableXacmlStatus> status, com.google.common.collect.ImmutableList<PepAction> pepActions, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Instantiates a Permit decision with optional PEP actions (obligations and advice).static DecisionResult
newIndeterminate(oasis.names.tc.xacml._3_0.core.schema.wd_17.DecisionType extendedIndeterminate, IndeterminateEvaluationException cause, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Instantiates an Indeterminate Decision result with a given error status
-
-
-
Field Detail
-
SIMPLE_PERMIT
public static final DecisionResult SIMPLE_PERMIT
Simple immutable Permit Decision result (no status, no obligation/advice)
-
SIMPLE_DENY
public static final DecisionResult SIMPLE_DENY
Simple immutable Deny Decision result (no status, no obligation/advice)
-
SIMPLE_NOT_APPLICABLE
public static final DecisionResult SIMPLE_NOT_APPLICABLE
Simple immutable NotApplicable Decision result (no status)
-
-
Method Detail
-
getPermit
public static DecisionResult getPermit(Optional<ImmutableXacmlStatus> status, com.google.common.collect.ImmutableList<PepAction> pepActions, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Instantiates a Permit decision with optional PEP actions (obligations and advice).- Parameters:
status
- status; even if decision is Permit/Deny, there may be a status "ok" (standard status in XACML 3.0) or internal error on attribute resolution but not resulting in Indeterminate because of special combining algorithm ignoring such results (like deny-unless-permit) or MustBePresent="false"pepActions
- PEP actions (obligations/advices)applicablePolicyIdList
- list of identifiers of applicable policies that contributed to this result. If not null, the created instance uses only an immutable copy of this list.- Returns:
- permit result, more particularly
SIMPLE_PERMIT
iffstatus == null && pepActions == null
.
-
getDeny
public static DecisionResult getDeny(Optional<ImmutableXacmlStatus> status, com.google.common.collect.ImmutableList<PepAction> pepActions, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList)
Instantiates a Deny decision with optional PEP actions (obligations and advice).- Parameters:
status
- status; even if decision is Permit/Deny, there may be a status "ok" (standard status in XACML 3.0) or internal error on attribute resolution but not resulting in Indeterminate because of special combining algorithm ignoring such results (like deny-unless-permit) or MustBePresent="false"pepActions
- PEP actions (obligations/advices)applicablePolicyIdList
- list of identifiers of applicable policies that contributed to this result. If not null, the created instance uses only an immutable copy of this list.- Returns:
- deny result, more particularly
SIMPLE_DENY
iffstatus == null && pepActions == null
.
-
getNotApplicable
public static DecisionResult getNotApplicable(Optional<ImmutableXacmlStatus> status)
Instantiates a NotApplicable decision with optional status.- Parameters:
status
- status; even if decision is NotApplicable, there may be a status "ok" (standard status in XACML 3.0) or internal error on attribute resolution but not resulting in Indeterminate because of special combining algorithm ignoring such results (like deny-unless-permit) or MustBePresent="false"- Returns:
- deny result, more particularly
SIMPLE_DENY
iffstatus == null && pepActions == null
.
-
newIndeterminate
public static DecisionResult newIndeterminate(oasis.names.tc.xacml._3_0.core.schema.wd_17.DecisionType extendedIndeterminate, IndeterminateEvaluationException cause, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList) throws IllegalArgumentException
Instantiates an Indeterminate Decision result with a given error status- Parameters:
extendedIndeterminate
- Extended Indeterminate value (XACML 3.0 Core, section 7.10). We use the following convention:DecisionType.DENY
means "Indeterminate{D}"DecisionType.PERMIT
means "Indeterminate{P}"DecisionType.INDETERMINATE
or null means "Indeterminate{DP}"DecisionType.NOT_APPLICABLE
is the default value and means the decision is not Indeterminate, and therefore any extended Indeterminate value should be ignored
applicablePolicyIdList
- list of identifiers of applicable policies that contributed to this result. If not null, the created instance uses only an immutable copy of this list.cause
- cause of the Indeterminate result- Returns:
- Indeterminate result
- Throws:
IllegalArgumentException
- ifcause == null
-
getInstance
public static DecisionResult getInstance(ExtendedDecision extendedDecision, com.google.common.collect.ImmutableList<PepAction> pepActions, com.google.common.collect.ImmutableList<PrimaryPolicyMetadata> applicablePolicyIdList) throws IllegalArgumentException
Get immutable decision result from extended decision and obligations/advice elements- Parameters:
extendedDecision
- extended decisionpepActions
- obligations/advice elementsapplicablePolicyIdList
- list of identifiers of applicable policies that contributed to this result. If not null, the created instance uses only an immutable copy of this list.- Returns:
- decision result
- Throws:
IllegalArgumentException
- ifextendedDecision == null || extendedDecision.getDecision() ==null || (extendedDecision.getDecision() == INDETERMINATE && !extendedDecision.getCauseForIndeterminate().isPresent())
-
-