/// <summary> /// Visits the custom attributes. /// </summary> /// <param name="customAttributes">The custom attributes.</param> /// <returns></returns> private static List <AttributeElement> ExtractCustomAttributes(CustomAttributeCollection customAttributes) { List <AttributeElement> ret = new List <AttributeElement>(); if (customAttributes == null || customAttributes.Count == 0) { return(ret); } foreach (CustomAttribute ca in customAttributes) { AttributeElement ae = new AttributeElement(); if (ca.Constructor.DeclaringType == null) { continue; } ae.AttributeType = ca.Constructor.DeclaringType.ToString(); for (int i = 0; i < ca.ConstructorParameters.Count; i++) { AttributeValueElement ave = new AttributeValueElement(); ave.Name = ca.Constructor.Parameters[i].Name; if (ca.ConstructorParameters[i] == null) { ave.Value = null; } else { ave.Value = ca.ConstructorParameters[i].ToString().Replace("\0", ""); } ae.Values.Add(ave); } foreach (object propKey in ca.Properties.Keys) { AttributeValueElement ave = new AttributeValueElement(); ave.Name = Convert.ToString(propKey, CultureInfo.InvariantCulture); if (ca.Properties[propKey] == null) { ave.Value = null; } else { ave.Value = ca.Properties[propKey].ToString(); } ae.Values.Add(ave); } ret.Add(ae); } return(ret); }
/// <summary> /// Evaluates the variable into a value. /// </summary> /// <param name="context">The contex of the evaluation.</param> /// <returns>The value of the function.</returns> public EvaluationValue Evaluate(EvaluationContext context) { if (context == null) { throw new ArgumentNullException("context"); } context.Trace("Evaluating variable"); context.AddIndent(); try { if (_variableDefinition.Expression is ApplyElement) { context.Trace("Apply within condition."); // There is a nested apply un this policy a new Apply will be created and also // evaluated. It's return value will be used as the processed argument. Apply childApply = new Apply((ApplyElement)_variableDefinition.Expression); // Evaluate the Apply _value = childApply.Evaluate(context); context.TraceContextValues(); return(_value); } else if (_variableDefinition.Expression is FunctionElement) { throw new NotImplementedException("FunctionElement"); //TODO: } else if (_variableDefinition.Expression is VariableReferenceElement) { var variableRef = _variableDefinition.Expression as VariableReferenceElement; var variableDef = context.CurrentPolicy.VariableDefinition[variableRef.VariableId] as VariableDefinition; context.TraceContextValues(); if (!variableDef.IsEvaluated) { return(variableDef.Evaluate(context)); } else { return(variableDef.Value); } } else if (_variableDefinition.Expression is AttributeValueElementReadWrite) { // The AttributeValue does not need to be processed context.Trace("Attribute value {0}", _variableDefinition.Expression.ToString()); var att = (AttributeValueElementReadWrite)_variableDefinition.Expression; var attributeValue = new AttributeValueElement(att.DataType, att.Contents, att.SchemaVersion); _value = new EvaluationValue( attributeValue.GetTypedValue(attributeValue.GetType(context), 0), attributeValue.GetType(context)); return(_value); } else if (_variableDefinition.Expression is AttributeDesignatorBase) { // Resolve the AttributeDesignator using the EvaluationEngine public methods. context.Trace("Processing attribute designator: {0}", _variableDefinition.Expression.ToString()); var attrDes = (AttributeDesignatorBase)_variableDefinition.Expression; BagValue bag = EvaluationEngine.Resolve(context, attrDes); // If the attribute was not resolved by the EvaluationEngine search the // attribute in the context document, also using the EvaluationEngine public // methods. if (bag.BagSize == 0) { if (_variableDefinition.Expression is SubjectAttributeDesignatorElement) { ctx.AttributeElement attrib = EvaluationEngine.GetAttribute(context, attrDes); if (attrib != null) { context.Trace("Adding subject attribute designator: {0}", attrib.ToString()); bag.Add(attrib); } } else if (_variableDefinition.Expression is ResourceAttributeDesignatorElement) { ctx.AttributeElement attrib = EvaluationEngine.GetAttribute(context, attrDes); if (attrib != null) { context.Trace("Adding resource attribute designator {0}", attrib.ToString()); bag.Add(attrib); } } else if (_variableDefinition.Expression is ActionAttributeDesignatorElement) { ctx.AttributeElement attrib = EvaluationEngine.GetAttribute(context, attrDes); if (attrib != null) { context.Trace("Adding action attribute designator {0}", attrib.ToString()); bag.Add(attrib); } } else if (_variableDefinition.Expression is EnvironmentAttributeDesignatorElement) { ctx.AttributeElement attrib = EvaluationEngine.GetAttribute(context, attrDes); if (attrib != null) { context.Trace("Adding environment attribute designator {0}", attrib.ToString()); bag.Add(attrib); } } } // If the argument was not found and the attribute must be present this is // a MissingAttribute situation so set the flag. Otherwise add the attribute // to the processed arguments. if (bag.BagSize == 0 && attrDes.MustBePresent) { context.Trace("Attribute is missing"); context.IsMissingAttribute = true; context.AddMissingAttribute(attrDes); _value = EvaluationValue.Indeterminate; } else { _value = new EvaluationValue(bag, bag.GetType(context)); } return(_value); } else if (_variableDefinition.Expression is AttributeSelectorElement) { // Resolve the XPath query using the EvaluationEngine public methods. context.Trace("Attribute selector"); try { var attributeSelector = (AttributeSelectorElement)_variableDefinition.Expression; BagValue bag = EvaluationEngine.Resolve(context, attributeSelector); if (bag.Elements.Count == 0 && attributeSelector.MustBePresent) { context.Trace("Attribute is missing"); context.IsMissingAttribute = true; context.AddMissingAttribute(attributeSelector); _value = EvaluationValue.Indeterminate; } else { _value = new EvaluationValue(bag, bag.GetType(context)); } } catch (EvaluationException e) { context.Trace("ERR: {0}", e.Message); context.ProcessingError = true; _value = EvaluationValue.Indeterminate; } return(_value); } throw new NotSupportedException("internal error"); } finally { _isEvaluated = true; context.RemoveIndent(); } }
/// <summary> /// Creates a new PolicyCombinerParameter using the provided argument values. /// </summary> /// <param name="parameterName">The parameter name.</param> /// <param name="attributeValue">The attribute value.</param> /// <param name="policyIdRef">The policy Id reference.</param> /// <param name="version">The version of the schema that was used to validate.</param> public PolicyCombinerParameterElement( string parameterName, AttributeValueElement attributeValue, Uri policyIdRef, XacmlVersion version ) : base( parameterName, attributeValue, version ) { _policyIdRef = policyIdRef; }
/// <summary> /// Clones an attribute value element into a new element. /// </summary> /// <param name="attributeValueElement">The value element to clone.</param> public AttributeValueElement( AttributeValueElement attributeValueElement ) : base( attributeValueElement ) { }
/// <summary> /// This method overrides the ApplyBase method in order to provide extra validations /// required in the condition evaluation, for example the final return value should be a /// boolean value. /// </summary> /// <param name="context">The evaluation context instance.</param> /// <returns>The EvaluationValue with the results of the condition evaluation.</returns> public override EvaluationValue Evaluate(EvaluationContext context) { if (context == null) { throw new ArgumentNullException("context"); } context.Trace("Evaluating condition"); context.AddIndent(); try { // Iterate through the arguments, the IExpressionType is a mark interface foreach (IExpression arg in ApplyDefinition.Arguments) { if (arg is ApplyElement) { context.Trace("Apply within condition."); // There is a nested apply un this policy a new Apply will be created and also // evaluated. It's return value will be used as the processed argument. var childApply = new Apply((ApplyElement)arg); // Evaluate the Apply EvaluationValue retVal = childApply.Evaluate(context); return(retVal); } else if (arg is FunctionElementReadWrite) { throw new NotImplementedException("FunctionElement"); //TODO: } else if (arg is VariableReferenceElement) { var variableRef = arg as VariableReferenceElement; var variableDef = context.CurrentPolicy.VariableDefinition[variableRef.VariableId] as VariableDefinition; Debug.Assert(variableDef != null, "variableDef != null"); if (!variableDef.IsEvaluated) { return(variableDef.Evaluate(context)); } else { return(variableDef.Value); } } else if (arg is AttributeValueElementReadWrite) { // The AttributeValue does not need to be processed context.Trace("Attribute value {0}", arg.ToString()); var attributeValue = new AttributeValueElement(((AttributeValueElementReadWrite)arg).DataType, ((AttributeValueElementReadWrite)arg).Contents, ((AttributeValueElementReadWrite)arg).SchemaVersion); return(new EvaluationValue( attributeValue.GetTypedValue(attributeValue.GetType(context), 0), attributeValue.GetType(context))); } else if (arg is AttributeDesignatorBase) { // Returning an empty bag, since the condition is not supposed to work with a bag context.Trace("Processing attribute designator: {0}", arg.ToString()); var attrDes = (AttributeDesignatorBase)arg; var bag = new BagValue(EvaluationEngine.GetDataType(attrDes.DataType)); return(new EvaluationValue(bag, bag.GetType(context))); } else if (arg is AttributeSelectorElement) { // Returning an empty bag, since the condition is not supposed to work with a bag context.Trace("Attribute selector"); var attrSel = (AttributeSelectorElement)arg; var bag = new BagValue(EvaluationEngine.GetDataType(attrSel.DataType)); return(new EvaluationValue(bag, bag.GetType(context))); } } throw new NotSupportedException("internal error"); } finally { context.TraceContextValues(); context.RemoveIndent(); } }
/// <summary> /// Creates a new CombinerParameterElement using the XmlReader instance provided. /// </summary> /// <param name="reader">The XmlReader instance positioned at the CombinerParameterElement node.</param> /// <param name="nodeName">The name of the node for this combiner parameter item.</param> /// <param name="schemaVersion">The version of the schema that was used to validate.</param> protected CombinerParameterElement( XmlReader reader, string nodeName, XacmlVersion schemaVersion ) : base( XacmlSchema.Policy, schemaVersion ) { if (reader == null) throw new ArgumentNullException("reader"); if( reader.LocalName == nodeName && ValidateSchema( reader, schemaVersion ) ) { // Read the attributes if( reader.HasAttributes ) { // Load all the attributes while( reader.MoveToNextAttribute() ) { if( reader.LocalName == PolicySchema2.CombinerParameterElement.ParameterName ) { _parameterName = reader.GetAttribute( PolicySchema2.CombinerParameterElement.ParameterName ); } else { AttributeFound( reader ); } } reader.MoveToElement(); } // Read the rule contents. while( reader.Read() ) { switch( reader.LocalName ) { case PolicySchema2.CombinerParameterElement.AttributeValue: _attributeValue = new AttributeValueElement( reader, schemaVersion ); break; } if( reader.LocalName == PolicySchema2.CombinerParameterElement.CombinerParameter && reader.NodeType == XmlNodeType.EndElement ) { break; } } } else { throw new Exception( Resource.ResourceManager[ Resource.MessageKey.exc_invalid_node_name, reader.LocalName ] ); } }
/// <summary> /// Creates a new CombinerParameter using the provided argument values. /// </summary> /// <param name="parameterName">The parameter name.</param> /// <param name="attributeValue">The attribute value.</param> /// <param name="schemaVersion">The version of the schema that was used to validate.</param> public CombinerParameterElement( string parameterName, AttributeValueElement attributeValue, XacmlVersion schemaVersion ) : base( XacmlSchema.Policy, schemaVersion ) { _parameterName = parameterName; _attributeValue = attributeValue; }
/// <summary> /// Creates a new RuleCombinerParameter using the provided argument values. /// </summary> /// <param name="parameterName">The parameter name.</param> /// <param name="attributeValue">The attribute value.</param> /// <param name="ruleIdRef">The rule Id reference.</param> /// <param name="version">The version of the schema that was used to validate.</param> public RuleCombinerParameterElement( string parameterName, AttributeValueElement attributeValue, Uri ruleIdRef, XacmlVersion version ) : base( parameterName, attributeValue, version ) { _ruleIdRef = ruleIdRef; }
/// <summary> /// Evaluates the variable into a value. /// </summary> /// <param name="context">The contex of the evaluation.</param> /// <returns>The value of the function.</returns> public EvaluationValue Evaluate(EvaluationContext context) { if (context == null) throw new ArgumentNullException("context"); context.Trace("Evaluating variable"); context.AddIndent(); try { if (_variableDefinition.Expression is ApplyElement) { context.Trace("Apply within condition."); // There is a nested apply un this policy a new Apply will be created and also // evaluated. It's return value will be used as the processed argument. Apply childApply = new Apply((ApplyElement)_variableDefinition.Expression); // Evaluate the Apply _value = childApply.Evaluate(context); context.TraceContextValues(); return _value; } else if (_variableDefinition.Expression is FunctionElement) { throw new NotImplementedException("FunctionElement"); //TODO: } else if (_variableDefinition.Expression is VariableReferenceElement) { var variableRef = _variableDefinition.Expression as VariableReferenceElement; var variableDef = context.CurrentPolicy.VariableDefinition[variableRef.VariableId] as VariableDefinition; context.TraceContextValues(); if (!variableDef.IsEvaluated) { return variableDef.Evaluate(context); } else { return variableDef.Value; } } else if (_variableDefinition.Expression is AttributeValueElementReadWrite) { // The AttributeValue does not need to be processed context.Trace("Attribute value {0}", _variableDefinition.Expression.ToString()); var att = (AttributeValueElementReadWrite)_variableDefinition.Expression; var attributeValue = new AttributeValueElement(att.DataType, att.Contents, att.SchemaVersion); _value = new EvaluationValue( attributeValue.GetTypedValue(attributeValue.GetType(context), 0), attributeValue.GetType(context)); return _value; } else if (_variableDefinition.Expression is AttributeDesignatorBase) { // Resolve the AttributeDesignator using the EvaluationEngine public methods. context.Trace("Processing attribute designator: {0}", _variableDefinition.Expression.ToString()); var attrDes = (AttributeDesignatorBase)_variableDefinition.Expression; BagValue bag = EvaluationEngine.Resolve(context, attrDes); // If the attribute was not resolved by the EvaluationEngine search the // attribute in the context document, also using the EvaluationEngine public // methods. if (bag.BagSize == 0) { if (_variableDefinition.Expression is SubjectAttributeDesignatorElement) { ctx.AttributeElement attrib = EvaluationEngine.GetAttribute(context, attrDes); if (attrib != null) { context.Trace("Adding subject attribute designator: {0}", attrib.ToString()); bag.Add(attrib); } } else if (_variableDefinition.Expression is ResourceAttributeDesignatorElement) { ctx.AttributeElement attrib = EvaluationEngine.GetAttribute(context, attrDes); if (attrib != null) { context.Trace("Adding resource attribute designator {0}", attrib.ToString()); bag.Add(attrib); } } else if (_variableDefinition.Expression is ActionAttributeDesignatorElement) { ctx.AttributeElement attrib = EvaluationEngine.GetAttribute(context, attrDes); if (attrib != null) { context.Trace("Adding action attribute designator {0}", attrib.ToString()); bag.Add(attrib); } } else if (_variableDefinition.Expression is EnvironmentAttributeDesignatorElement) { ctx.AttributeElement attrib = EvaluationEngine.GetAttribute(context, attrDes); if (attrib != null) { context.Trace("Adding environment attribute designator {0}", attrib.ToString()); bag.Add(attrib); } } } // If the argument was not found and the attribute must be present this is // a MissingAttribute situation so set the flag. Otherwise add the attribute // to the processed arguments. if (bag.BagSize == 0 && attrDes.MustBePresent) { context.Trace("Attribute is missing"); context.IsMissingAttribute = true; context.AddMissingAttribute(attrDes); _value = EvaluationValue.Indeterminate; } else { _value = new EvaluationValue(bag, bag.GetType(context)); } return _value; } else if (_variableDefinition.Expression is AttributeSelectorElement) { // Resolve the XPath query using the EvaluationEngine public methods. context.Trace("Attribute selector"); try { var attributeSelector = (AttributeSelectorElement)_variableDefinition.Expression; BagValue bag = EvaluationEngine.Resolve(context, attributeSelector); if (bag.Elements.Count == 0 && attributeSelector.MustBePresent) { context.Trace("Attribute is missing"); context.IsMissingAttribute = true; context.AddMissingAttribute(attributeSelector); _value = EvaluationValue.Indeterminate; } else { _value = new EvaluationValue(bag, bag.GetType(context)); } } catch (EvaluationException e) { context.Trace("ERR: {0}", e.Message); context.ProcessingError = true; _value = EvaluationValue.Indeterminate; } return _value; } throw new NotSupportedException("internal error"); } finally { _isEvaluated = true; context.RemoveIndent(); } }