/// <inheritdoc/>
public async Task <XacmlPolicy> GetPolicyAsync(XacmlContextRequest request)
{
var app = request.GetResourceAttributes().Attributes.Where(a => a.AttributeId.ToString() == XacmlRequestAttribute.AppAttribute).Select(a => a.AttributeValues.FirstOrDefault()).FirstOrDefault().Value;
var org = request.GetResourceAttributes().Attributes.Where(a => a.AttributeId.ToString() == XacmlRequestAttribute.OrgAttribute).Select(a => a.AttributeValues.FirstOrDefault()).FirstOrDefault().Value;
string policyString = await _localApp.GetXACMLPolicy($"{org}/{app}");
return(ParsePolicyContent(policyString));
}
/// <summary>
/// Assert that two <see cref="XacmlContextRequest"/> have the same property values.
/// </summary>
/// <param name="expected">An instance with the expected values.</param>
/// <param name="actual">The instance to verify.</param>
public static void AssertEqual(XacmlContextRequest expected, XacmlContextRequest actual)
{
Assert.Equal(expected.Attributes.Count, actual.Attributes.Count);
Assert.Equal(expected.GetResourceAttributes().Attributes.Count, actual.GetResourceAttributes().Attributes.Count);
Assert.Equal(expected.GetSubjectAttributes().Attributes.Count, actual.GetSubjectAttributes().Attributes.Count);
AssertEqual(expected.Attributes, actual.Attributes);
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
XacmlResourceAttributes resourceAttributes = GetResourceAttributeValues(resourceContextAttributes);
await EnrichSubjectAttributes(request, resourceAttributes.ResourcePartyValue);
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
XacmlResourceAttributes resourceAttributes = GetResourceAttributeValues(resourceContextAttributes);
bool resourceAttributeComplete = false;
if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
!string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
!string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
else if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
if (!resourceAttributeComplete)
{
Instance instanceData = await _instanceService.GetInstance(resourceAttributes.AppValue, resourceAttributes.OrgValue, Convert.ToInt32(resourceAttributes.InstanceValue.Split('/')[0]), new Guid(resourceAttributes.InstanceValue.Split('/')[1]));
if (instanceData != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.OrgAttribute, resourceAttributes.OrgValue, instanceData.Org);
string app = instanceData.AppId.Split("/")[1];
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.AppAttribute, resourceAttributes.AppValue, app);
if (instanceData.Process?.CurrentTask != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.TaskAttribute, resourceAttributes.TaskValue, instanceData.Process.CurrentTask.ElementId);
}
else if (instanceData.Process?.EndEvent != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.EndEventAttribute, null, instanceData.Process.EndEvent);
}
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.PartyAttribute, resourceAttributes.ResourcePartyValue, instanceData.InstanceOwner.PartyId);
resourceAttributes.ResourcePartyValue = instanceData.InstanceOwner.PartyId;
}
}
await EnrichSubjectAttributes(request, resourceAttributes.ResourcePartyValue);
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
XacmlResourceAttributes resourceAttributes = GetResourceAttributeValues(resourceContextAttributes);
bool resourceAttributeComplete = false;
if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
!string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
!string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
else if (!string.IsNullOrEmpty(resourceAttributes.OrgValue) &&
!string.IsNullOrEmpty(resourceAttributes.AppValue) &&
string.IsNullOrEmpty(resourceAttributes.InstanceValue) &&
!string.IsNullOrEmpty(resourceAttributes.ResourcePartyValue) &&
string.IsNullOrEmpty(resourceAttributes.TaskValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
if (!resourceAttributeComplete && !string.IsNullOrEmpty(resourceAttributes.InstanceValue))
{
Instance instanceData = await _policyInformationRepository.GetInstance(resourceAttributes.InstanceValue);
if (instanceData != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.OrgAttribute, resourceAttributes.OrgValue, instanceData.Org);
string app = instanceData.AppId.Split("/")[1];
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.AppAttribute, resourceAttributes.AppValue, app);
if (instanceData.Process?.CurrentTask != null)
{
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.TaskAttribute, resourceAttributes.TaskValue, instanceData.Process.CurrentTask.ElementId);
}
AddIfValueDoesNotExist(resourceContextAttributes, XacmlRequestAttribute.PartyAttribute, resourceAttributes.ResourcePartyValue, instanceData.InstanceOwner.PartyId);
resourceAttributes.ResourcePartyValue = instanceData.InstanceOwner.PartyId;
}
}
await EnrichSubjectAttributes(request, resourceAttributes.ResourcePartyValue);
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
string orgAttributeValue = string.Empty;
string appAttributeValue = string.Empty;
string instanceAttributeValue = string.Empty;
string resourcePartyAttributeValue = string.Empty;
string taskAttributeValue = string.Empty;
string endEventAttribute = string.Empty;
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
foreach (XacmlAttribute attribute in resourceContextAttributes.Attributes)
{
if (attribute.AttributeId.OriginalString.Equals(OrgAttributeId))
{
orgAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(AppAttributeId))
{
appAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(InstanceAttributeId))
{
instanceAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(TaskAttributeId))
{
taskAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(PartyAttributeId))
{
resourcePartyAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(endEventAttribute))
{
endEventAttribute = attribute.AttributeValues.First().Value;
}
}
bool resourceAttributeComplete = false;
if (!string.IsNullOrEmpty(orgAttributeValue) &&
!string.IsNullOrEmpty(appAttributeValue) &&
!string.IsNullOrEmpty(instanceAttributeValue) &&
!string.IsNullOrEmpty(resourcePartyAttributeValue) &&
(!string.IsNullOrEmpty(taskAttributeValue) ||
!string.IsNullOrEmpty(endEventAttribute)))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
else if (!string.IsNullOrEmpty(orgAttributeValue) &&
!string.IsNullOrEmpty(appAttributeValue) &&
string.IsNullOrEmpty(instanceAttributeValue) &&
!string.IsNullOrEmpty(resourcePartyAttributeValue) &&
(!string.IsNullOrEmpty(taskAttributeValue) ||
!string.IsNullOrEmpty(endEventAttribute)))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
if (!resourceAttributeComplete)
{
Instance instanceData = await _instanceService.GetInstance(appAttributeValue, orgAttributeValue, Convert.ToInt32(instanceAttributeValue.Split('/')[0]), new Guid(instanceAttributeValue.Split('/')[1]));
if (string.IsNullOrEmpty(orgAttributeValue) && instanceData != null)
{
resourceContextAttributes.Attributes.Add(GetOrgAttribute(instanceData));
}
if (string.IsNullOrEmpty(appAttributeValue) && instanceData != null)
{
resourceContextAttributes.Attributes.Add(GetAppAttribute(instanceData));
}
if (string.IsNullOrEmpty(taskAttributeValue) && instanceData?.Process?.CurrentTask != null)
{
resourceContextAttributes.Attributes.Add(GetProcessElementAttribute(instanceData));
}
else if (string.IsNullOrEmpty(endEventAttribute) && instanceData?.Process?.EndEvent != null)
{
resourceContextAttributes.Attributes.Add(GetEndEventAttribute(instanceData));
}
if (string.IsNullOrEmpty(resourcePartyAttributeValue) && instanceData != null)
{
resourceContextAttributes.Attributes.Add(GetPartyAttribute(instanceData));
}
if (instanceData != null)
{
resourcePartyAttributeValue = instanceData.InstanceOwner.PartyId;
}
}
await EnrichSubjectAttributes(request, resourcePartyAttributeValue);
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
string orgAttributeValue = string.Empty;
string appAttributeValue = string.Empty;
string instanceAttributeValue = string.Empty;
string resourcePartyAttributeValue = string.Empty;
string taskAttributeValue = string.Empty;
string appresourceAttributeValue = string.Empty;
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
foreach (XacmlAttribute attribute in resourceContextAttributes.Attributes)
{
if (attribute.AttributeId.OriginalString.Equals(_orgAttributeId))
{
orgAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(_appAttributeId))
{
appAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(_instanceAttributeId))
{
instanceAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(_taskAttributeId))
{
taskAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(_partyAttributeId))
{
resourcePartyAttributeValue = attribute.AttributeValues.First().Value;
}
if (attribute.AttributeId.OriginalString.Equals(_appresourceAttributeId))
{
appresourceAttributeValue = attribute.AttributeValues.First().Value;
}
}
bool resourceAttributeComplete = false;
if (!string.IsNullOrEmpty(orgAttributeValue) &&
!string.IsNullOrEmpty(appAttributeValue) &&
!string.IsNullOrEmpty(instanceAttributeValue) &&
!string.IsNullOrEmpty(resourcePartyAttributeValue) &&
!string.IsNullOrEmpty(taskAttributeValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
else if (!string.IsNullOrEmpty(orgAttributeValue) &&
!string.IsNullOrEmpty(appAttributeValue) &&
string.IsNullOrEmpty(instanceAttributeValue) &&
!string.IsNullOrEmpty(resourcePartyAttributeValue) &&
string.IsNullOrEmpty(taskAttributeValue))
{
// The resource attributes are complete
resourceAttributeComplete = true;
}
else if (!string.IsNullOrEmpty(orgAttributeValue) &&
!string.IsNullOrEmpty(appAttributeValue) &&
!string.IsNullOrEmpty(instanceAttributeValue) &&
!string.IsNullOrEmpty(resourcePartyAttributeValue) &&
!string.IsNullOrEmpty(appresourceAttributeValue) &&
appresourceAttributeValue.Equals("events"))
{
// Events scenario The resource attributes are complete
resourceAttributeComplete = true;
}
if (!resourceAttributeComplete)
{
Instance instanceData = GetTestInstance(instanceAttributeValue);
if (string.IsNullOrEmpty(orgAttributeValue))
{
resourceContextAttributes.Attributes.Add(GetOrgAttribute(instanceData));
}
if (string.IsNullOrEmpty(appAttributeValue))
{
resourceContextAttributes.Attributes.Add(GetAppAttribute(instanceData));
}
if (string.IsNullOrEmpty(taskAttributeValue))
{
resourceContextAttributes.Attributes.Add(GetProcessElementAttribute(instanceData));
}
if (string.IsNullOrEmpty(resourcePartyAttributeValue))
{
resourceContextAttributes.Attributes.Add(GetPartyAttribute(instanceData));
}
resourcePartyAttributeValue = instanceData.InstanceOwner.PartyId;
}
await EnrichSubjectAttributes(request, resourcePartyAttributeValue);
}
private async Task EnrichResourceAttributes(XacmlContextRequest request)
{
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
await EnrichSubjectAttributes(request, "hap");
}
/// <summary>
/// Gets a XacmlResourceAttributes model from the XacmlContextRequest
/// </summary>
/// <param name="request">The Xacml Context Request</param>
/// <returns>XacmlResourceAttributes model</returns>
public XacmlResourceAttributes GetResourceAttributes(XacmlContextRequest request)
{
XacmlContextAttributes resourceContextAttributes = request.GetResourceAttributes();
return(GetResourceAttributeValues(resourceContextAttributes));
}