/// <summary> /// Creates a Result using an XmlReader instance provided. /// </summary> /// <param name="reader">The XmlReader positioned at the Result node.</param> /// <param name="schemaVersion">The version of the schema that was used to validate.</param> public ResultElement(XmlReader reader, XacmlVersion schemaVersion) : base(XacmlSchema.Context, schemaVersion) { if (reader == null) { throw new ArgumentNullException("reader"); } if (reader.LocalName == Consts.ContextSchema.ResultElement.Result) { while (reader.Read()) { switch (reader.LocalName) { case Consts.ContextSchema.ResultElement.Decision: // The parsing should be safe because the document was validated using a Xsd Shcema Decision = (Decision)Enum.Parse(typeof(Decision), reader.ReadElementString(), false); break; case Consts.ContextSchema.StatusElement.Status: Status = new StatusElement(reader, schemaVersion); break; case Consts.Schema1.ObligationsElement.Obligations: while (reader.Read()) { switch (reader.LocalName) { case Consts.Schema1.ObligationElement.Obligation: _obligations.Add(new ObligationElement(reader, schemaVersion)); break; } // Trick to support multiple nodes of the same name. if (reader.LocalName == Consts.Schema1.ObligationsElement.Obligations && reader.NodeType == XmlNodeType.EndElement) { reader.Read(); break; } } break; } if (reader.LocalName == Consts.ContextSchema.ResultElement.Result && reader.NodeType == XmlNodeType.EndElement) { break; } } } else { throw new Exception(string.Format(Properties.Resource.exc_invalid_node_name, reader.LocalName)); } }
/// <summary> /// Process the obligations for the policy. /// </summary> /// <param name="context">The evaluation context instance.</param> private void ProcessObligations(EvaluationContext context) { _obligations = new ObligationCollection(); if (_evaluationValue != Decision.Indeterminate && _evaluationValue != Decision.NotApplicable && _policySet.Obligations != null && _policySet.Obligations.Count != 0) { foreach (ObligationElement obl in _policySet.Obligations) { if ((obl.FulfillOn == Effect.Deny && _evaluationValue == Decision.Deny) || (obl.FulfillOn == Effect.Permit && _evaluationValue == Decision.Permit)) { context.Trace("Adding obligation: {0} ", obl.ObligationId); _obligations.Add(obl); } } // Get all obligations from child policies foreach (IMatchEvaluable child in _policies) { var oblig = child as IObligationsContainer; if (oblig != null && oblig.Obligations != null) { foreach (ObligationElement childObligation in oblig.Obligations) { if ((childObligation.FulfillOn == Effect.Deny && _evaluationValue == Decision.Deny) || (childObligation.FulfillOn == Effect.Permit && _evaluationValue == Decision.Permit)) { _obligations.Add(childObligation); } } } } } }
/// <summary> /// Process the obligations for the policy. /// </summary> /// <param name="context">The evaluation context instance.</param> private void ProcessObligations(EvaluationContext context) { _obligations = new ObligationCollection(); if (_evaluationValue != Decision.Indeterminate && _evaluationValue != Decision.NotApplicable && _policySet.Obligations != null && _policySet.Obligations.Count != 0) { foreach (ObligationElement obl in _policySet.Obligations) { if ((obl.FulfillOn == Effect.Deny && _evaluationValue == Decision.Deny) || (obl.FulfillOn == Effect.Permit && _evaluationValue == Decision.Permit)) { context.Trace("Adding obligation: {0} ", obl.ObligationId); _obligations.Add(obl); } } // Get all obligations from child policies foreach (IMatchEvaluable child in _policies) { var oblig = child as IObligationsContainer; if (oblig != null && oblig.Obligations != null) { foreach (ObligationElement childObligation in oblig.Obligations) { if ((childObligation.FulfillOn == Effect.Deny && _evaluationValue == Decision.Deny) || (childObligation.FulfillOn == Effect.Permit && _evaluationValue == Decision.Permit)) { _obligations.Add(childObligation); } } } } } }