private static void WriteAttributeAssignment(XmlWriter writer, XacmlAttributeAssignment xacmlAttributeAssignment)
{
Guard.ArgumentNotNull(writer, nameof(writer));
Guard.ArgumentNotNull(xacmlAttributeAssignment, nameof(xacmlAttributeAssignment));
writer.WriteStartElement(XacmlConstants.Prefixes.Xacml, XacmlConstants.ElementNames.AttributeAssignment, Xacml30Constants.NameSpaces.Policy);
writer.WriteAttributeString(XacmlConstants.AttributeNames.DataType, xacmlAttributeAssignment.DataType.OriginalString);
writer.WriteAttributeString(XacmlConstants.AttributeNames.AttributeId, xacmlAttributeAssignment.AttributeId.OriginalString);
if (xacmlAttributeAssignment.Category != null)
{
writer.WriteAttributeString(XacmlConstants.AttributeNames.Category, xacmlAttributeAssignment.Category.OriginalString);
}
if (!string.IsNullOrEmpty(xacmlAttributeAssignment.Issuer))
{
writer.WriteAttributeString(XacmlConstants.AttributeNames.Issuer, xacmlAttributeAssignment.Issuer);
}
if (xacmlAttributeAssignment.Value != null)
{
writer.WriteString(xacmlAttributeAssignment.Value);
}
else
{
WriteAnyElement(writer, (XacmlAnyElement)xacmlAttributeAssignment);
}
writer.WriteEndElement();
}
private static void AssertEqual(XacmlAttributeAssignment expected, XacmlAttributeAssignment actual)
{
Assert.Equal(expected.Value, actual.Value, ignoreCase: true);
Assert.Equal(expected.Category, actual.Category);
Assert.Equal(expected.AttributeId, actual.AttributeId);
Assert.Equal(expected.DataType, actual.DataType);
}
protected virtual void WriteAttributeAssignment(XmlWriter writer, XacmlAttributeAssignment data)
{
if (writer == null)
{
throw new ArgumentNullException(nameof(writer));
}
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AttributeAssignment, this.Version.NamespacePolicy);
writer.WriteAttributeString(XacmlConstants.AttributeNames.DataType, data.DataType.OriginalString);
writer.WriteAttributeString(XacmlConstants.AttributeNames.AttributeId, data.AttributeId.OriginalString);
if (data.Value != null)
{
writer.WriteString(data.Value);
}
else
{
this.WriteOpenElement(writer, (XacmlOpenElement)data);
}
writer.WriteEndElement();
}
public void WritePolicy_11()
{
var subject = new XacmlSubject(
new XacmlSubjectMatch[]
{
new XacmlSubjectMatch(
new Uri("http://www.MatchId.www"),
new XacmlAttributeValue(new Uri("http://www.DataType.www")),
new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
})
});
var target = new XacmlTarget(subject, null, null);
XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicySetId.www"), new Uri("http://www.PolicyCombiningAlgId.www"), target);
xacmlPolicySet.Description = "description string";
xacmlPolicySet.XPathVersion = Xacml10Constants.XPathVersions.Xpath10;
XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), new XacmlTarget())
{
Description = "description string",
XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
};
XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit)
{
Description = "xacmlRule description"
};
xacmlPolicy.Rules.Add(xacmlRule);
XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
XacmlObligation xacmlObligation = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });
xacmlPolicy.Obligations.Add(xacmlObligation);
xacmlPolicySet.Policies.Add(xacmlPolicy);
StringBuilder builder = new StringBuilder();
using (XmlWriter writer = XmlWriter.Create(builder)) {
var serializer = new Xacml10ProtocolSerializer();
serializer.WritePolicySet(writer, xacmlPolicySet);
}
string xml = builder.ToString();
ValidateMessage(xml, Path.Combine(TestCasePath, "cs-xacml-schema-context-01.xsd"));
}
private static XacmlJsonAttributeAssignment ConvertAttributeAssignment(XacmlAttributeAssignment attributeAssignment)
{
if (attributeAssignment == null)
{
return(null);
}
XacmlJsonAttributeAssignment xacmlJsonAttributeAssignment = new XacmlJsonAttributeAssignment()
{
AttributeId = attributeAssignment.AttributeId.OriginalString,
Category = attributeAssignment.Category.OriginalString,
DataType = attributeAssignment.DataType.OriginalString,
Issuer = attributeAssignment.Issuer,
Value = attributeAssignment.Value,
};
return(xacmlJsonAttributeAssignment);
}
private void AddObligations(XacmlPolicy policy, XacmlContextResult result)
{
if (result.Decision.Equals(XacmlContextDecision.Permit))
{
if (policy.ObligationExpressions.Count > 0)
{
IEnumerable <XacmlObligationExpression> obligationsWithPermit = policy.ObligationExpressions.Where(o => o.FulfillOn == XacmlEffectType.Permit);
foreach (XacmlObligationExpression expression in obligationsWithPermit)
{
List <XacmlAttributeAssignment> attributeAssignments = new List <XacmlAttributeAssignment>();
foreach (XacmlAttributeAssignmentExpression ex in expression.AttributeAssignmentExpressions)
{
Type applyElemType = ex.Property.GetType();
if (applyElemType == typeof(XacmlAttributeValue))
{
XacmlAttributeValue attributeValue = ex.Property as XacmlAttributeValue;
XacmlAttributeAssignment attributeAssignment = new XacmlAttributeAssignment(ex.AttributeId, attributeValue.DataType, attributeValue.Value)
{
Category = ex.Category,
Issuer = ex.Issuer,
};
attributeAssignments.Add(attributeAssignment);
}
}
XacmlObligation obligation = new XacmlObligation(expression.ObligationId, attributeAssignments)
{
FulfillOn = XacmlEffectType.Permit,
};
result.Obligations.Add(obligation);
}
}
}
}
public void WritePolicy_20()
{
var subject = new XacmlSubject(
new XacmlSubjectMatch[]
{
new XacmlSubjectMatch(
new Uri("http://www.MatchId.www"),
new XacmlAttributeValue(new Uri("http://www.DataType.www")),
new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
}
)
});
var resource = new XacmlResource(
new XacmlResourceMatch[]
{
new XacmlResourceMatch(
new Uri("http://www.MatchId.www"),
new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */),
new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false
}
)
});
var action = new XacmlAction(
new XacmlActionMatch[]
{
new XacmlActionMatch(
new Uri("http://www.MatchId.www"),
new XacmlAttributeValue(new Uri("http://www.DataType.www")),
new XacmlActionAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false
}
)
});
var target = new XacmlTarget(subject, resource, action, null);
// new Uri("http://www.PolicySetId.www")
XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicyCombiningAlgId.www"), target)
{
Description = "description string",
XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
};
////#region Policy
XacmlEnvironment env = new XacmlEnvironment(
new XacmlEnvironmentMatch[]
{
new XacmlEnvironmentMatch(
new Uri("http://www.EnvironmentMatchIdId.www"),
new XacmlAttributeValue(new Uri("http://www.AttributValue.www")),
new XacmlEnvironmentAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
{
Issuer = "String", MustBePresent = false
}
)
});
XacmlTarget targetWithEnvironment = new XacmlTarget(null, null, null, new XacmlEnvironment[] { env });
XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), targetWithEnvironment)
{
Description = "description string",
XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
};
XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit)
{
Description = "xacmlRule description"
};
xacmlPolicy.Rules.Add(xacmlRule);
XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
XacmlObligation xacmlObligation = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });
xacmlPolicy.Obligations.Add(xacmlObligation);
xacmlPolicySet.Policies.Add(xacmlPolicy);
StringBuilder builder = new StringBuilder();
using (XmlWriter writer = XmlWriter.Create(builder)) {
var serializer = new Xacml20ProtocolSerializer();
serializer.WritePolicySet(writer, xacmlPolicySet);
}
string xml = builder.ToString();
ValidateMessage(xml, Path.Combine(TestCasePath, "access_control-xacml-2.0-policy-schema-os.xsd"));
}
