private static XacmlJsonObligationOrAdvice ConvertObligation(XacmlObligation obligation)
{
XacmlJsonObligationOrAdvice xacmlJsonObligationOrAdvice = new XacmlJsonObligationOrAdvice();
xacmlJsonObligationOrAdvice.Id = obligation.ObligationId.OriginalString;
xacmlJsonObligationOrAdvice.AttributeAssignment = ConvertToAttributeAssignments(obligation.AttributeAssignment);
return(xacmlJsonObligationOrAdvice);
}
private static void AssertEqual(XacmlObligation expected, XacmlObligation actual)
{
Assert.Equal(expected.FulfillOn, actual.FulfillOn);
Assert.Equal(expected.ObligationId, actual.ObligationId);
Assert.Equal(expected.AttributeAssignment.Count, expected.AttributeAssignment.Count);
if (expected.AttributeAssignment.Count > 0)
{
AssertEqual(expected.AttributeAssignment.First(), actual.AttributeAssignment.First());
}
}
public void WritePolicy_11()
{
var subject = new XacmlSubject(
new XacmlSubjectMatch[]
{
new XacmlSubjectMatch(
new Uri("http://www.MatchId.www"),
new XacmlAttributeValue(new Uri("http://www.DataType.www")),
new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
})
});
var target = new XacmlTarget(subject, null, null);
XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicySetId.www"), new Uri("http://www.PolicyCombiningAlgId.www"), target);
xacmlPolicySet.Description = "description string";
xacmlPolicySet.XPathVersion = Xacml10Constants.XPathVersions.Xpath10;
XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), new XacmlTarget())
{
Description = "description string",
XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
};
XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit)
{
Description = "xacmlRule description"
};
xacmlPolicy.Rules.Add(xacmlRule);
XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
XacmlObligation xacmlObligation = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });
xacmlPolicy.Obligations.Add(xacmlObligation);
xacmlPolicySet.Policies.Add(xacmlPolicy);
StringBuilder builder = new StringBuilder();
using (XmlWriter writer = XmlWriter.Create(builder)) {
var serializer = new Xacml10ProtocolSerializer();
serializer.WritePolicySet(writer, xacmlPolicySet);
}
string xml = builder.ToString();
ValidateMessage(xml, Path.Combine(TestCasePath, "cs-xacml-schema-context-01.xsd"));
}
private static void WriteObligation(XmlWriter writer, XacmlObligation xacmlObligation)
{
Guard.ArgumentNotNull(writer, nameof(writer));
Guard.ArgumentNotNull(xacmlObligation, nameof(xacmlObligation));
writer.WriteStartElement(XacmlConstants.Prefixes.Xacml, XacmlConstants.ElementNames.Obligation, Xacml30Constants.NameSpaces.Policy);
writer.WriteAttributeString(XacmlConstants.AttributeNames.ObligationId, xacmlObligation.ObligationId.OriginalString);
writer.WriteAttributeString(XacmlConstants.AttributeNames.FulfillOn, xacmlObligation.FulfillOn.ToString());
foreach (XacmlAttributeAssignment attributeAssigment in xacmlObligation.AttributeAssignment)
{
WriteAttributeAssignment(writer, attributeAssigment);
}
writer.WriteEndElement();
}
private void AddObligations(XacmlPolicy policy, XacmlContextResult result)
{
if (result.Decision.Equals(XacmlContextDecision.Permit))
{
if (policy.ObligationExpressions.Count > 0)
{
IEnumerable <XacmlObligationExpression> obligationsWithPermit = policy.ObligationExpressions.Where(o => o.FulfillOn == XacmlEffectType.Permit);
foreach (XacmlObligationExpression expression in obligationsWithPermit)
{
List <XacmlAttributeAssignment> attributeAssignments = new List <XacmlAttributeAssignment>();
foreach (XacmlAttributeAssignmentExpression ex in expression.AttributeAssignmentExpressions)
{
Type applyElemType = ex.Property.GetType();
if (applyElemType == typeof(XacmlAttributeValue))
{
XacmlAttributeValue attributeValue = ex.Property as XacmlAttributeValue;
XacmlAttributeAssignment attributeAssignment = new XacmlAttributeAssignment(ex.AttributeId, attributeValue.DataType, attributeValue.Value)
{
Category = ex.Category,
Issuer = ex.Issuer,
};
attributeAssignments.Add(attributeAssignment);
}
}
XacmlObligation obligation = new XacmlObligation(expression.ObligationId, attributeAssignments)
{
FulfillOn = XacmlEffectType.Permit,
};
result.Obligations.Add(obligation);
}
}
}
}
/// <summary>
/// protected virtual void WriteObligation
/// </summary>
/// <param name="writer">XmlWriter writer</param>
/// <param name="data">XacmlObligation data</param>
protected virtual void WriteObligation(XmlWriter writer, XacmlObligation data)
{
if (writer == null)
{
throw new ArgumentNullException(nameof(writer));
}
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Obligation, this.Version.NamespacePolicy);
writer.WriteAttributeString(XacmlConstants.AttributeNames.ObligationId, data.ObligationId.OriginalString);
writer.WriteAttributeString(XacmlConstants.AttributeNames.FulfillOn, data.FulfillOn.ToString());
foreach (XacmlAttributeAssignment attributeAssigment in data.AttributeAssignment)
{
this.WriteAttributeAssignment(writer, attributeAssigment);
}
writer.WriteEndElement();
}
public void WritePolicy_20()
{
var subject = new XacmlSubject(
new XacmlSubjectMatch[]
{
new XacmlSubjectMatch(
new Uri("http://www.MatchId.www"),
new XacmlAttributeValue(new Uri("http://www.DataType.www")),
new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
}
)
});
var resource = new XacmlResource(
new XacmlResourceMatch[]
{
new XacmlResourceMatch(
new Uri("http://www.MatchId.www"),
new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */),
new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false
}
)
});
var action = new XacmlAction(
new XacmlActionMatch[]
{
new XacmlActionMatch(
new Uri("http://www.MatchId.www"),
new XacmlAttributeValue(new Uri("http://www.DataType.www")),
new XacmlActionAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false
}
)
});
var target = new XacmlTarget(subject, resource, action, null);
// new Uri("http://www.PolicySetId.www")
XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicyCombiningAlgId.www"), target)
{
Description = "description string",
XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
};
////#region Policy
XacmlEnvironment env = new XacmlEnvironment(
new XacmlEnvironmentMatch[]
{
new XacmlEnvironmentMatch(
new Uri("http://www.EnvironmentMatchIdId.www"),
new XacmlAttributeValue(new Uri("http://www.AttributValue.www")),
new XacmlEnvironmentAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false
}
)
});
XacmlTarget targetWithEnvironment = new XacmlTarget(null, null, null, new XacmlEnvironment[] { env });
XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), targetWithEnvironment)
{
Description = "description string",
XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
};
XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit)
{
Description = "xacmlRule description"
};
xacmlPolicy.Rules.Add(xacmlRule);
XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
XacmlObligation xacmlObligation = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });
xacmlPolicy.Obligations.Add(xacmlObligation);
xacmlPolicySet.Policies.Add(xacmlPolicy);
StringBuilder builder = new StringBuilder();
using (XmlWriter writer = XmlWriter.Create(builder)) {
var serializer = new Xacml20ProtocolSerializer();
serializer.WritePolicySet(writer, xacmlPolicySet);
}
string xml = builder.ToString();
ValidateMessage(xml, Path.Combine(TestCasePath, "access_control-xacml-2.0-policy-schema-os.xsd"));
}
