Package org.ow2.authzforce.core.pdp.impl.policy

Interface RootPolicyEvaluator

  • All Superinterfaces:
    AutoCloseable, Closeable
    All Known Implementing Classes:
    RootPolicyEvaluators.Base
    public interface RootPolicyEvaluator
extends Closeable
    Root policy evaluator, used by the PDP to find and evaluate the root (a.k.a. top-level) policy matching a given request context.

    Implements Closeable because it may very likely hold resources such as network resources to get policies remotely, policy caches to speed up finding, etc. Therefore, you are required to call Closeable.close() when you no longer need an instance - especially before replacing with a new instance (with different modules) - in order to make sure these resources are released properly by each underlying module (e.g. invalidate the policy caches).

    Version:
    $Id: $

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      org.ow2.authzforce.core.pdp.api.DecisionResult findAndEvaluate​(org.ow2.authzforce.core.pdp.api.EvaluationContext context, Optional<org.ow2.authzforce.core.pdp.api.EvaluationContext> mdpContext)
      Finds one and only one policy applicable to the given request context and evaluates the request context against it.
      FlattenedPolicyTree getStaticApplicablePolicies()
      Get the statically applicable policies for this evaluator, i.e.

    • Method Detail

      • findAndEvaluate

        org.ow2.authzforce.core.pdp.api.DecisionResult findAndEvaluate​(org.ow2.authzforce.core.pdp.api.EvaluationContext context,
                                                               Optional<org.ow2.authzforce.core.pdp.api.EvaluationContext> mdpContext)
        Finds one and only one policy applicable to the given request context and evaluates the request context against it. This will always do a Target match to make sure that the given policy applies.
        Parameters:
        context - the representation of the Individual Decision request data
        mdpContext - the context of the Multiple Decision request that the context belongs to if the Multiple Decision Profile is used.
        Returns:
        the result of evaluating the request against the applicable policy; or NotApplicable if none is applicable; or Indeterminate if error determining an applicable policy or more than one applies or evaluation of the applicable policy returned Indeterminate Decision

      • getStaticApplicablePolicies

        FlattenedPolicyTree getStaticApplicablePolicies()
        Get the statically applicable policies for this evaluator, i.e. the root policy and (directly/indirectly) referenced policies, only if statically resolved
        Returns:
        the static root and referenced policies; null if any of these policies is not statically resolved (once and for all)