public void SerializedXACMLPolicy_ShouldBeEqual()
{
XmlDocument policyDocument = new XmlDocument();
policyDocument.Load(Path.Combine(GetAltinnAppsPath(), "AltinnApps0001Policy.xml"));
XacmlPolicy originalPolicy;
using (XmlReader reader = XmlReader.Create(new StringReader(policyDocument.OuterXml)))
{
originalPolicy = XacmlParser.ParseXacmlPolicy(reader);
}
MemoryStream dataStream = new MemoryStream();
XmlWriter writer = XmlWriter.Create(dataStream);
XacmlSerializer.WritePolicy(writer, originalPolicy);
writer.Flush();
dataStream.Position = 0;
XacmlPolicy serializedPolicy;
using (XmlReader reader = XmlReader.Create(dataStream))
{
serializedPolicy = XacmlParser.ParseXacmlPolicy(reader);
}
AssertionUtil.AssertPolicyEqual(originalPolicy, serializedPolicy);
}
/// <summary>
/// Serializes the XacmlPolicy <see cref="XacmlPolicy"/> to Xml and returns it as a Memory stream
/// </summary>
/// <param name="policy">The XacmlPolicy model to serialize to a memory stream</param>
/// <returns>MemoryStream of the Xml serialized policy</returns>
public static MemoryStream GetXmlMemoryStreamFromXacmlPolicy(XacmlPolicy policy)
{
MemoryStream stream = new MemoryStream();
XmlWriter writer = XmlWriter.Create(stream);
XacmlSerializer.WritePolicy(writer, policy);
writer.Flush();
stream.Position = 0;
return(stream);
}
private ActionResult CreateResponse(XacmlContextResponse xacmlContextResponse)
{
StringBuilder builder = new StringBuilder();
using (XmlWriter writer = XmlWriter.Create(builder))
{
XacmlSerializer.WriteContextResponse(writer, xacmlContextResponse);
}
string xml = builder.ToString();
return(Content(xml));
}
public void SerializeXACMLPolicy_ShouldBeUnequal()
{
XmlDocument policyDocument = new XmlDocument();
policyDocument.Load(Path.Combine(GetAltinnAppsPath(), "AltinnApps0001Policy.xml"));
XacmlPolicy originalPolicy;
using (XmlReader reader = XmlReader.Create(new StringReader(policyDocument.OuterXml)))
{
originalPolicy = XacmlParser.ParseXacmlPolicy(reader);
}
MemoryStream dataStream = new MemoryStream();
XmlWriter writer = XmlWriter.Create(dataStream);
XacmlSerializer.WritePolicy(writer, originalPolicy);
writer.Flush();
dataStream.Position = 0;
XacmlPolicy serializedPolicy;
using (XmlReader reader = XmlReader.Create(dataStream))
{
serializedPolicy = XacmlParser.ParseXacmlPolicy(reader);
}
// Change a bottom node value on serialized policy model to verify that Assertion should fail
string originalAttributeValue = originalPolicy.Rules.First().Target.AnyOf.First().AllOf.First().Matches.First().AttributeValue.Value;
string actualAttributeValue = "THIS IS NOT THE VALUE YOU ARE LOOKING FOR";
serializedPolicy.Rules.First().Target.AnyOf.First().AllOf.First().Matches.First().AttributeValue.Value = actualAttributeValue;
try
{
AssertionUtil.AssertPolicyEqual(originalPolicy, serializedPolicy);
}
catch (EqualException e)
{
Assert.Equal(e.Expected, originalAttributeValue);
Assert.Equal(e.Actual, actualAttributeValue);
}
}
public ActionResult Post([FromBody] XacmlRequestApiModel model)
{
XacmlContextRequest request = null;
XacmlContextResponse xacmlContextResponse = null;
try
{
request = ParseApiBody(model);
}
catch (Exception)
{
XacmlContextResult result = new XacmlContextResult(XacmlContextDecision.Indeterminate)
{
Status = new XacmlContextStatus(XacmlContextStatusCode.SyntaxError)
};
xacmlContextResponse = new XacmlContextResponse(result);
}
if (request != null)
{
PolicyDecisionPoint pdp = new PolicyDecisionPoint(_contextHandler, _prp);
xacmlContextResponse = pdp.Authorize(request);
}
string accept = HttpContext.Request.Headers["Accept"];
if (!string.IsNullOrEmpty(accept) && accept.Equals("application/json"))
{
XacmlJsonResponse jsonReponse = XacmlJsonXmlConverter.ConvertResponse(xacmlContextResponse);
return(Ok(jsonReponse));
}
StringBuilder builder = new StringBuilder();
using (XmlWriter writer = XmlWriter.Create(builder))
{
XacmlSerializer.WriteContextResponse(writer, xacmlContextResponse);
}
string xml = builder.ToString();
return(Content(xml));
}
