Exemple #1
0
        private static XacmlJsonObligationOrAdvice ConvertObligation(XacmlObligation obligation)
        {
            XacmlJsonObligationOrAdvice xacmlJsonObligationOrAdvice = new XacmlJsonObligationOrAdvice();

            xacmlJsonObligationOrAdvice.Id = obligation.ObligationId.OriginalString;
            xacmlJsonObligationOrAdvice.AttributeAssignment = ConvertToAttributeAssignments(obligation.AttributeAssignment);

            return(xacmlJsonObligationOrAdvice);
        }
 private static void AssertEqual(XacmlObligation expected, XacmlObligation actual)
 {
     Assert.Equal(expected.FulfillOn, actual.FulfillOn);
     Assert.Equal(expected.ObligationId, actual.ObligationId);
     Assert.Equal(expected.AttributeAssignment.Count, expected.AttributeAssignment.Count);
     if (expected.AttributeAssignment.Count > 0)
     {
         AssertEqual(expected.AttributeAssignment.First(), actual.AttributeAssignment.First());
     }
 }
        public void WritePolicy_11()
        {
            var subject = new XacmlSubject(
                new XacmlSubjectMatch[]
            {
                new XacmlSubjectMatch(
                    new Uri("http://www.MatchId.www"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www")),
                    new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
                })
            });

            var            target         = new XacmlTarget(subject, null, null);
            XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicySetId.www"), new Uri("http://www.PolicyCombiningAlgId.www"), target);

            xacmlPolicySet.Description  = "description string";
            xacmlPolicySet.XPathVersion = Xacml10Constants.XPathVersions.Xpath10;

            XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), new XacmlTarget())
            {
                Description  = "description string",
                XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
            };

            XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit)
            {
                Description = "xacmlRule description"
            };

            xacmlPolicy.Rules.Add(xacmlRule);
            XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
            XacmlObligation          xacmlObligation          = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });

            xacmlPolicy.Obligations.Add(xacmlObligation);

            xacmlPolicySet.Policies.Add(xacmlPolicy);

            StringBuilder builder = new StringBuilder();

            using (XmlWriter writer = XmlWriter.Create(builder)) {
                var serializer = new Xacml10ProtocolSerializer();
                serializer.WritePolicySet(writer, xacmlPolicySet);
            }

            string xml = builder.ToString();

            ValidateMessage(xml, Path.Combine(TestCasePath, "cs-xacml-schema-context-01.xsd"));
        }
Exemple #4
0
        private static void WriteObligation(XmlWriter writer, XacmlObligation xacmlObligation)
        {
            Guard.ArgumentNotNull(writer, nameof(writer));
            Guard.ArgumentNotNull(xacmlObligation, nameof(xacmlObligation));

            writer.WriteStartElement(XacmlConstants.Prefixes.Xacml, XacmlConstants.ElementNames.Obligation, Xacml30Constants.NameSpaces.Policy);
            writer.WriteAttributeString(XacmlConstants.AttributeNames.ObligationId, xacmlObligation.ObligationId.OriginalString);
            writer.WriteAttributeString(XacmlConstants.AttributeNames.FulfillOn, xacmlObligation.FulfillOn.ToString());

            foreach (XacmlAttributeAssignment attributeAssigment in xacmlObligation.AttributeAssignment)
            {
                WriteAttributeAssignment(writer, attributeAssigment);
            }

            writer.WriteEndElement();
        }
        private void AddObligations(XacmlPolicy policy, XacmlContextResult result)
        {
            if (result.Decision.Equals(XacmlContextDecision.Permit))
            {
                if (policy.ObligationExpressions.Count > 0)
                {
                    IEnumerable <XacmlObligationExpression> obligationsWithPermit = policy.ObligationExpressions.Where(o => o.FulfillOn == XacmlEffectType.Permit);
                    foreach (XacmlObligationExpression expression in obligationsWithPermit)
                    {
                        List <XacmlAttributeAssignment> attributeAssignments = new List <XacmlAttributeAssignment>();
                        foreach (XacmlAttributeAssignmentExpression ex in expression.AttributeAssignmentExpressions)
                        {
                            Type applyElemType = ex.Property.GetType();

                            if (applyElemType == typeof(XacmlAttributeValue))
                            {
                                XacmlAttributeValue attributeValue = ex.Property as XacmlAttributeValue;

                                XacmlAttributeAssignment attributeAssignment = new XacmlAttributeAssignment(ex.AttributeId, attributeValue.DataType, attributeValue.Value)
                                {
                                    Category = ex.Category,
                                    Issuer   = ex.Issuer,
                                };

                                attributeAssignments.Add(attributeAssignment);
                            }
                        }

                        XacmlObligation obligation = new XacmlObligation(expression.ObligationId, attributeAssignments)
                        {
                            FulfillOn = XacmlEffectType.Permit,
                        };

                        result.Obligations.Add(obligation);
                    }
                }
            }
        }
Exemple #6
0
        /// <summary>
        /// protected virtual void WriteObligation
        /// </summary>
        /// <param name="writer">XmlWriter writer</param>
        /// <param name="data">XacmlObligation data</param>
        protected virtual void WriteObligation(XmlWriter writer, XacmlObligation data)
        {
            if (writer == null)
            {
                throw new ArgumentNullException(nameof(writer));
            }

            if (data == null)
            {
                throw new ArgumentNullException(nameof(data));
            }

            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Obligation, this.Version.NamespacePolicy);
            writer.WriteAttributeString(XacmlConstants.AttributeNames.ObligationId, data.ObligationId.OriginalString);
            writer.WriteAttributeString(XacmlConstants.AttributeNames.FulfillOn, data.FulfillOn.ToString());

            foreach (XacmlAttributeAssignment attributeAssigment in data.AttributeAssignment)
            {
                this.WriteAttributeAssignment(writer, attributeAssigment);
            }

            writer.WriteEndElement();
        }
        public void WritePolicy_20()
        {
            var subject = new XacmlSubject(
                new XacmlSubjectMatch[]
            {
                new XacmlSubjectMatch(
                    new Uri("http://www.MatchId.www"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www")),
                    new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
                }
                    )
            });

            var resource = new XacmlResource(
                new XacmlResourceMatch[]
            {
                new XacmlResourceMatch(
                    new Uri("http://www.MatchId.www"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */),
                    new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false
                }
                    )
            });

            var action = new XacmlAction(
                new XacmlActionMatch[]
            {
                new XacmlActionMatch(
                    new Uri("http://www.MatchId.www"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www")),
                    new XacmlActionAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false
                }
                    )
            });

            var target = new XacmlTarget(subject, resource, action, null);

            // new Uri("http://www.PolicySetId.www")
            XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicyCombiningAlgId.www"), target)
            {
                Description  = "description string",
                XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
            };

            ////#region Policy
            XacmlEnvironment env = new XacmlEnvironment(
                new XacmlEnvironmentMatch[]
            {
                new XacmlEnvironmentMatch(
                    new Uri("http://www.EnvironmentMatchIdId.www"),
                    new XacmlAttributeValue(new Uri("http://www.AttributValue.www")),
                    new XacmlEnvironmentAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false
                }
                    )
            });

            XacmlTarget targetWithEnvironment = new XacmlTarget(null, null, null, new XacmlEnvironment[] { env });

            XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), targetWithEnvironment)
            {
                Description  = "description string",
                XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
            };

            XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit)
            {
                Description = "xacmlRule description"
            };

            xacmlPolicy.Rules.Add(xacmlRule);

            XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
            XacmlObligation          xacmlObligation          = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });

            xacmlPolicy.Obligations.Add(xacmlObligation);

            xacmlPolicySet.Policies.Add(xacmlPolicy);

            StringBuilder builder = new StringBuilder();

            using (XmlWriter writer = XmlWriter.Create(builder)) {
                var serializer = new Xacml20ProtocolSerializer();
                serializer.WritePolicySet(writer, xacmlPolicySet);
            }

            string xml = builder.ToString();

            ValidateMessage(xml, Path.Combine(TestCasePath, "access_control-xacml-2.0-policy-schema-os.xsd"));
        }