/// <summary>
/// The evaluation implementation in the pseudo-code described in the specification.
/// </summary>
/// <param name="context">The evaluation context instance.</param>
/// <param name="policies">The policies that must be evaluated.</param>
/// <returns>The final decission for the combination of the policy evaluation.</returns>
public Decision Evaluate(EvaluationContext context, IMatchEvaluableCollection policies)
{
Boolean atLeastOne = false;
Policy selectedPolicy = null;
TargetEvaluationValue appResult;
for (int i = 0; i < policies.Count; i++)
{
Policy tempPolicy = (Policy)policies[i];
appResult = appResult = tempPolicy.Match(context);
if (appResult == TargetEvaluationValue.Indeterminate)
{
context.ProcessingError = true;
context.TraceContextValues();
return(Decision.Indeterminate);
}
if (appResult == TargetEvaluationValue.Match)
{
if (atLeastOne)
{
context.ProcessingError = true;
context.TraceContextValues();
return(Decision.Indeterminate);
}
else
{
atLeastOne = true;
selectedPolicy = (Policy)policies[i];
}
}
if (appResult == TargetEvaluationValue.NoMatch)
{
continue;
}
}
if (atLeastOne)
{
Decision retValue = selectedPolicy.Evaluate(context);
context.TraceContextValues();
if (retValue == Decision.Deny || retValue == Decision.Permit)
{
context.ProcessingError = false;
context.IsMissingAttribute = false;
}
return(retValue);
}
else
{
return(Decision.NotApplicable);
}
}
/// <summary>
/// Method called by the EvaluationEngine when the evaluation is executed without a policy document, this
/// method search in the policy repository and return the first policy that matches its target with the
/// context document specified.
/// </summary>
/// <param name="context">The evaluation context instance.</param>
/// <returns>The policy document ready to be used by the evaluation engine.</returns>
public pol.PolicyDocument Match(rtm.EvaluationContext context)
{
if (context == null)
{
throw new ArgumentNullException("context");
}
pol.PolicyDocument polEv = null;
//Search if there is a policySet which target matches the context document
foreach (pol.PolicyDocument policy in _policySets.Values)
{
rtm.PolicySet tempPolicy = new rtm.PolicySet(context.Engine, (pol.PolicySetElement)policy.PolicySet);
rtm.EvaluationContext tempContext = new rtm.EvaluationContext(context.Engine, policy, context.ContextDocument);
// Match the policy set target with the context document
if (tempPolicy.Match(tempContext) == rtm.TargetEvaluationValue.Match)
{
if (polEv == null)
{
polEv = policy;
}
else
{
throw new EvaluationException(Resource.ResourceManager[Resource.MessageKey.exc_duplicated_policy_in_repository]);
}
}
}
//Search if there is a policy which target matches the context document
foreach (pol.PolicyDocument policy in _policies.Values)
{
rtm.Policy tempPolicy = new rtm.Policy((pol.PolicyElement)policy.Policy);
rtm.EvaluationContext tempContext = new rtm.EvaluationContext(context.Engine, policy, context.ContextDocument);
// Match the policy target with the context document
if (tempPolicy.Match(tempContext) == rtm.TargetEvaluationValue.Match)
{
if (polEv == null)
{
polEv = policy;
}
else
{
throw new EvaluationException(Resource.ResourceManager[Resource.MessageKey.exc_duplicated_policy_in_repository]);
}
}
}
return(polEv);
}
/// <summary>
/// Method called by the EvaluationEngine when the evaluation is executed without a policy document, this
/// method search in the policy repository and return the first policy that matches its target with the
/// context document specified.
/// </summary>
/// <param name="context">The evaluation context instance.</param>
/// <returns>The policy document ready to be used by the evaluation engine.</returns>
public pol.PolicyDocument Match( rtm.EvaluationContext context )
{
if (context == null) throw new ArgumentNullException("context");
pol.PolicyDocument polEv = null;
//Search if there is a policySet which target matches the context document
foreach( pol.PolicyDocument policy in _policySets.Values )
{
rtm.PolicySet tempPolicy = new rtm.PolicySet( context.Engine, (pol.PolicySetElement)policy.PolicySet );
rtm.EvaluationContext tempContext = new rtm.EvaluationContext( context.Engine, policy, context.ContextDocument );
// Match the policy set target with the context document
if( tempPolicy.Match( tempContext ) == rtm.TargetEvaluationValue.Match )
{
if( polEv == null )
{
polEv = policy;
}
else
{
throw new EvaluationException( Resource.ResourceManager[ Resource.MessageKey.exc_duplicated_policy_in_repository ] );
}
}
}
//Search if there is a policy which target matches the context document
foreach( pol.PolicyDocument policy in _policies.Values )
{
rtm.Policy tempPolicy = new rtm.Policy( (pol.PolicyElement)policy.Policy );
rtm.EvaluationContext tempContext = new rtm.EvaluationContext( context.Engine, policy, context.ContextDocument );
// Match the policy target with the context document
if( tempPolicy.Match( tempContext ) == rtm.TargetEvaluationValue.Match )
{
if( polEv == null )
{
polEv = policy;
}
else
{
throw new EvaluationException( Resource.ResourceManager[ Resource.MessageKey.exc_duplicated_policy_in_repository ] );
}
}
}
return polEv;
}