/// <summary> /// Initializes a new instance of the <see cref="XacmlContextResponse"/> class. /// </summary> /// <param name="results">The result.</param> public XacmlContextResponse(XacmlContextResult result) : this(new XacmlContextResult[] { result }) { }
protected virtual XacmlContextResult ReadContextResult(XmlReader reader) { Contract.Requires<ArgumentNullException>(reader != null, "reader"); Contract.Requires<XmlException>(reader.IsStartElement(XacmlConstants.ElementNames.Result, this.version.NamespaceContext)); // Read attributes string resourceId = this.ReadAttribute<string>(reader, XacmlConstants.AttributeNames.ResourceId, isRequered: false); reader.ReadStartElement(XacmlConstants.ElementNames.Result, this.version.NamespaceContext); // Read elements XacmlContextResult result = new XacmlContextResult( this.ReadRequired(XacmlConstants.ElementNames.Decision, this.version.NamespaceContext, ReadContextDecision, reader), this.ReadRequired(XacmlConstants.ElementNames.Status, this.version.NamespaceContext, ReadContextStatus, reader) ) { ResourceId = resourceId, }; if (reader.IsStartElement(XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy)) { reader.ReadStartElement(XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy); this.ReadList<XacmlObligation>(result.Obligations, XacmlConstants.ElementNames.Obligation, this.version.NamespacePolicy, ReadObligation, reader, isRequired: false); // end obligations reader.ReadEndElement(); } reader.ReadEndElement(); return result; }
/// <summary> /// Reads the context result. /// </summary> /// <param name="reader">The reader.</param> /// <returns></returns> protected override XacmlContextResult ReadContextResult(XmlReader reader) { Contract.Requires<ArgumentNullException>(reader != null, "reader"); Contract.Requires<XmlException>(reader.IsStartElement(XacmlConstants.ElementNames.Result, this.version.NamespaceContext)); string resourceId = this.ReadAttribute<string>(reader, XacmlConstants.AttributeNames.ResourceId, isRequered: false); reader.ReadStartElement(XacmlConstants.ElementNames.Result, this.version.NamespaceContext); // Read elements XacmlContextResult result = new XacmlContextResult( this.ReadRequired(XacmlConstants.ElementNames.Decision, this.version.NamespaceContext, ReadContextDecision, reader) ) { Status = this.ReadOptional(XacmlConstants.ElementNames.Status, this.version.NamespaceContext, ReadContextStatus, reader), ResourceId = resourceId, }; if (reader.IsStartElement(XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy)) { reader.ReadStartElement(XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy); this.ReadList<XacmlObligation>(result.Obligations, XacmlConstants.ElementNames.Obligation, this.version.NamespacePolicy, ReadObligation, reader, isRequired: true); // end obligations reader.ReadEndElement(); } if (reader.IsStartElement(XacmlConstants.ElementNames.AssociatedAdvice, this.version.NamespacePolicy)) { reader.ReadStartElement(XacmlConstants.ElementNames.AssociatedAdvice, this.version.NamespacePolicy); this.ReadList<XacmlAdvice>(result.Advices, XacmlConstants.ElementNames.Advice, this.version.NamespacePolicy, this.ReadAdvice, reader, isRequired: true); // end advice reader.ReadEndElement(); } this.ReadList<XacmlContextAttributes>(result.Attributes, XacmlConstants.ElementNames.Attributes, this.version.NamespaceContext, this.ReadContextAttributes, reader, isRequired: false); if (reader.IsStartElement(XacmlConstants.ElementNames.PolicyIdentifierList, this.version.NamespacePolicy)) { reader.ReadStartElement(XacmlConstants.ElementNames.PolicyIdentifierList, this.version.NamespacePolicy); IDictionary<Tuple<string, string>, Action> dicts = new Dictionary<Tuple<string, string>, Action>() { { new Tuple<string, string>(XacmlConstants.ElementNames.PolicyIdReference, this.version.NamespacePolicy), () => result.PolicyIdReferences.Add(this.ReadPolicyIdReference_3_0(reader)) }, { new Tuple<string, string>(XacmlConstants.ElementNames.PolicySetIdReference, this.version.NamespacePolicy), () => result.PolicySetIdReferences.Add(this.ReadPolicySetIdReference_3_0(reader)) }, }; this.ReadChoiceMultiply(reader, dicts); reader.ReadEndElement(); } reader.ReadEndElement(); return result; }
/// <summary> /// Writes the context result. /// </summary> /// <param name="writer">The writer.</param> /// <param name="result">The result.</param> protected override void WriteContextResult(XmlWriter writer, XacmlContextResult result) { writer.WriteStartElement(XacmlConstants.Prefixes.Context, XacmlConstants.ElementNames.Result, this.version.NamespaceContext); this.WriteContextDecision(writer, result.Decision); if (result.Status != null) { this.WriteContextStatus(writer, result.Status); } if (result.Obligations.Count > 0) { writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy); foreach (XacmlObligation val in result.Obligations) { this.WriteObligation(writer, val); } writer.WriteEndElement(); } if (result.Advices.Count > 0) { writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AssociatedAdvice, this.version.NamespacePolicy); foreach (XacmlAdvice val in result.Advices) { this.WriteAdvice(writer, val); } writer.WriteEndElement(); } if (result.Attributes.Count > 0) { foreach (XacmlContextAttributes attr in result.Attributes) { this.WriteContextAttributes(writer, attr); } } if (result.PolicyIdReferences.Count > 0 || result.PolicySetIdReferences.Count > 0) { writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.PolicyIdentifierList, this.version.NamespacePolicy); foreach (XacmlContextPolicyIdReference pref in result.PolicyIdReferences) { this.WritePolicyIdReference(writer, pref); } foreach (XacmlContextPolicySetIdReference psref in result.PolicySetIdReferences) { this.WritePolicySetIdReference(writer, psref); } writer.WriteEndElement(); } writer.WriteEndElement(); }
protected virtual XacmlContextResult MakeResult(XacmlDecisionResult decision, XacmlContextStatus status) { XacmlContextDecision resultDecision = XacmlContextDecision.NotApplicable; switch (decision) { case XacmlDecisionResult.Deny: resultDecision = XacmlContextDecision.Deny; break; case XacmlDecisionResult.Indeterminate: case XacmlDecisionResult.IndeterminateD: case XacmlDecisionResult.IndeterminateP: case XacmlDecisionResult.IndeterminateDP: resultDecision = XacmlContextDecision.Indeterminate; break; case XacmlDecisionResult.Permit: resultDecision = XacmlContextDecision.Permit; break; } var result = new XacmlContextResult(resultDecision) { Status = status, }; if (decision == XacmlDecisionResult.Permit) { foreach (var obligation in this.obligations[XacmlEffectType.Permit]) { result.Obligations.Add(obligation); } } if (decision == XacmlDecisionResult.Deny) { foreach (var obligation in this.obligations[XacmlEffectType.Deny]) { result.Obligations.Add(obligation); } } return result; }
protected virtual void WriteContextResult(XmlWriter writer, XacmlContextResult result) { Contract.Requires<ArgumentNullException>(writer != null); Contract.Requires<ArgumentNullException>(result != null); writer.WriteStartElement(XacmlConstants.Prefixes.Context, XacmlConstants.ElementNames.Result, this.version.NamespaceContext); if (!string.IsNullOrEmpty(result.ResourceId)) { writer.WriteAttributeString(XacmlConstants.AttributeNames.ResourceId, result.ResourceId); } this.WriteContextDecision(writer, result.Decision); if (result.Status == null) { throw Diagnostic.DiagnosticTools.ExceptionUtil.ThrowHelperError(new XacmlSerializationException("status must be set for XACML 1.0/1.1")); } this.WriteContextStatus(writer, result.Status); if (result.Obligations.Count > 1) { throw Diagnostic.DiagnosticTools.ExceptionUtil.ThrowHelperError(new XacmlSerializationException("Obligations should be < 2 until version 2.0")); } if (result.Obligations.Count > 0) { this.WriteObligation(writer, result.Obligations.First()); } writer.WriteEndElement(); }
/// <summary> /// Initializes a new instance of the <see cref="XacmlContextResponse"/> class. /// </summary> /// <param name="results">The result.</param> public XacmlContextResponse(XacmlContextResult result) : this(new XacmlContextResult[] { result }) { Contract.Requires<ArgumentNullException>(result != null); }
protected override XacmlContextResult MakeResult(XacmlDecisionResult decision, XacmlContextStatus status) { XacmlContextDecision resultDecision = XacmlContextDecision.NotApplicable; switch (decision) { case XacmlDecisionResult.Deny: resultDecision = XacmlContextDecision.Deny; break; case XacmlDecisionResult.Indeterminate: case XacmlDecisionResult.IndeterminateD: case XacmlDecisionResult.IndeterminateP: case XacmlDecisionResult.IndeterminateDP: resultDecision = XacmlContextDecision.Indeterminate; break; case XacmlDecisionResult.Permit: resultDecision = XacmlContextDecision.Permit; break; } //PROFILE - Multiple Decision Profile - #POL01 (Fists()) var result = new XacmlContextResult(resultDecision) { Status = status, }; foreach (var attribute in this.pip.GetAttributesWithIncludeInResult()) { result.Attributes.Add(attribute); }; if (decision == XacmlDecisionResult.Permit) { foreach (var obligation in this.obligations[XacmlEffectType.Permit]) { result.Obligations.Add(obligation); } foreach (var advice in this.advices[XacmlEffectType.Permit]) { result.Advices.Add(advice); } if (pip.ReturnPolicyIdList()) { foreach (var policyIdReferences in this.applicablePolicies[XacmlEffectType.Permit]) { result.PolicyIdReferences.Add(policyIdReferences); } foreach (var policySetIdReferences in this.applicablePolicySets[XacmlEffectType.Permit]) { result.PolicySetIdReferences.Add(policySetIdReferences); } } } if (decision == XacmlDecisionResult.Deny) { foreach (var obligation in this.obligations[XacmlEffectType.Deny]) { result.Obligations.Add(obligation); } foreach (var advice in this.advices[XacmlEffectType.Deny]) { result.Advices.Add(advice); } if (pip.ReturnPolicyIdList()) { foreach (var policyIdReferences in this.applicablePolicies[XacmlEffectType.Deny]) { result.PolicyIdReferences.Add(policyIdReferences); } foreach (var policySetIdReferences in this.applicablePolicySets[XacmlEffectType.Deny]) { result.PolicySetIdReferences.Add(policySetIdReferences); } } } return result; }
/// <summary> /// Writes the context result. /// </summary> /// <param name="writer">The writer.</param> /// <param name="result">The result.</param> /// <exception cref="XacmlSerializationException">Obligations should be < 2 until version 2.0</exception> protected override void WriteContextResult(XmlWriter writer, XacmlContextResult result) { writer.WriteStartElement(XacmlConstants.Prefixes.Context, XacmlConstants.ElementNames.Result, this.version.NamespaceContext); if (!string.IsNullOrEmpty(result.ResourceId)) { writer.WriteAttributeString(XacmlConstants.AttributeNames.ResourceId, result.ResourceId); } this.WriteContextDecision(writer, result.Decision); if (result.Status != null) { this.WriteContextStatus(writer, result.Status); } if (result.Obligations.Count > 1) { throw Diagnostic.DiagnosticTools.ExceptionUtil.ThrowHelperError(new XacmlSerializationException("Obligations should be < 2 until version 2.0")); } if (result.Obligations.Count > 0) { this.WriteObligation(writer, result.Obligations.First<XacmlObligation>()); } writer.WriteEndElement(); }