Package org.ow2.authzforce.core.pdp.impl.policy

Class RootPolicyEvaluators.Base

java.lang.Object

org.ow2.authzforce.core.pdp.impl.policy.RootPolicyEvaluators.Base

All Implemented Interfaces:

Closeable, AutoCloseable, RootPolicyEvaluator

Enclosing class:

RootPolicyEvaluators

public static class RootPolicyEvaluators.Base
extends Object
implements RootPolicyEvaluator

Root Policy Evaluator base implementation.

Constructor Summary

Constructors

Constructor	Description
Base(org.ow2.authzforce.core.pdp.api.policy.CloseablePolicyProvider<?> policyProvider, Optional<org.ow2.authzforce.core.pdp.api.policy.TopLevelPolicyElementType> rootPolicyElementType, String rootPolicyId, Optional<org.ow2.authzforce.core.pdp.api.policy.PolicyVersionPatterns> optRootPolicyVersionPatterns)	Creates a root policy evaluator.

Method Summary

Modifier and Type	Method	Description
void	close()
org.ow2.authzforce.core.pdp.api.DecisionResult	findAndEvaluate(org.ow2.authzforce.core.pdp.api.EvaluationContext context, Optional<org.ow2.authzforce.core.pdp.api.EvaluationContext> mdpContext)	Finds one and only one policy applicable to the given request context and evaluates the request context against it.
FlattenedPolicyTree	getStaticApplicablePolicies()	Get the statically applicable policies for this evaluator, i.e.
RootPolicyEvaluator	toStatic()	Gets the static version of this policy evaluator, i.e.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Base

public Base(org.ow2.authzforce.core.pdp.api.policy.CloseablePolicyProvider<?> policyProvider,
            Optional<org.ow2.authzforce.core.pdp.api.policy.TopLevelPolicyElementType> rootPolicyElementType,
            String rootPolicyId,
            Optional<org.ow2.authzforce.core.pdp.api.policy.PolicyVersionPatterns> optRootPolicyVersionPatterns)
     throws IllegalArgumentException

Creates a root policy evaluator. If you want static resolution, i.e. use the same constant root policy (resolved at initialization time) for all evaluations, use the static root policy Provider provided by toStatic() after calling this constructor; then close() this instance.

Parameters:

policyProvider - Root Policy Provider - mandatory

rootPolicyElementType - type of root policy element (XACML Policy or XACML PolicySet). If undefined, try with XACML Policy, and else (if it fails) with XACML PolicySet.

rootPolicyId - root Policy(Set) ID

optRootPolicyVersionPatterns - root policy version patterns to be matched

Throws:

IllegalArgumentException - If expressionFactory == null || rootPolicyProvider == null

Method Detail

close

public void close()
           throws IOException

Specified by:

close in interface AutoCloseable

Specified by:

close in interface Closeable

Throws:

IOException

findAndEvaluate

public org.ow2.authzforce.core.pdp.api.DecisionResult findAndEvaluate(org.ow2.authzforce.core.pdp.api.EvaluationContext context,
                                                                      Optional<org.ow2.authzforce.core.pdp.api.EvaluationContext> mdpContext)

Description copied from interface: RootPolicyEvaluator

Finds one and only one policy applicable to the given request context and evaluates the request context against it. This will always do a Target match to make sure that the given policy applies.

Specified by:

findAndEvaluate in interface RootPolicyEvaluator

Parameters:

context - the representation of the Individual Decision request data

mdpContext - the context of the Multiple Decision request that the context belongs to if the Multiple Decision Profile is used.

Returns:

the result of evaluating the request against the applicable policy; or NotApplicable if none is applicable; or Indeterminate if error determining an applicable policy or more than one applies or evaluation of the applicable policy returned Indeterminate Decision

getStaticApplicablePolicies

public FlattenedPolicyTree getStaticApplicablePolicies()

Description copied from interface: RootPolicyEvaluator

Get the statically applicable policies for this evaluator, i.e. the root policy and (directly/indirectly) referenced policies, only if statically resolved

Specified by:

getStaticApplicablePolicies in interface RootPolicyEvaluator

Returns:

the static root and referenced policies; null if any of these policies is not statically resolved (once and for all)

toStatic

public RootPolicyEvaluator toStatic()
                             throws IOException,
                                    org.ow2.authzforce.core.pdp.api.IndeterminateEvaluationException

Gets the static version of this policy evaluator, i.e. a policy evaluator using the same constant root policy resolved by the internal root policy provider (once and for all) when calling this method. This root policy will be used for all evaluations. This is possible only if the root policy provider is static, i.e. independent of the evaluation context (static resolution).

Returns:

static view of this policy evaluator; or null if none could be created because the internal root policy provider depends on the evaluation context to find the root policy (no static resolution is possible). If not null, this evaluator's policy provider responsible for finding the policy in findAndEvaluate(EvaluationContext, Optional) is closed (calling Closeable.close() ) and therefore not usable anymore. The resulting static view must be used instead.

Throws:

IOException - error closing the evaluator's policy provider responsible for finding the policy in findAndEvaluate(EvaluationContext, Optional)

org.ow2.authzforce.core.pdp.api.IndeterminateEvaluationException - if error resolving the policy