/// <remarks> /// used only for XACML 3.0 /// </remarks> public IEnumerable <XmlNode> GetAttributeByXPath(Uri xpathVersion, string xpathExpression, Uri category, Uri contextSelectorId = null, IDictionary <string, string> namespaces = null) { if (xpathVersion == null) { throw new ArgumentNullException(nameof(xpathVersion)); } if (xpathExpression == null) { throw new ArgumentNullException(nameof(xpathExpression)); } if (xpathExpression.Length == 0) { throw new ArgumentException("Value cannot be empty.", nameof(xpathExpression)); } if (category == null) { throw new ArgumentNullException(nameof(category)); } var xpath = this.xpathProcessor[xpathVersion.ToString()]; if (contextSelectorId != null) { // PROFILE - Multiple Decision Profile - #POL01 - #SPEC2744 XacmlAttribute attribute = this.request.Attributes.First(o => string.Equals(o.Category.OriginalString, category.OriginalString)) .Attributes.FirstOrDefault(o => string.Equals(o.AttributeId.OriginalString, contextSelectorId.OriginalString)); if (attribute == null) { throw new XacmlIndeterminateException("Cannot find attribute with name: " + contextSelectorId); } XacmlAttributeValue xPathExpressionDataTypeAttribute = attribute.AttributeValues.FirstOrDefault(o => string.Equals(o.DataType.OriginalString, "urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression")); if (xPathExpressionDataTypeAttribute == null) { throw new XacmlIndeterminateException("Cannot find attribute with name: " + contextSelectorId); } // IEnumerable<XmlNode> nodes = XPathProcessor.Get().GetValue(this.requestDocument, string.Format(@"//*[local-name()='Attributes'][@Category='{0}']/*[local-name()='Content']/*", category), xPathExpressionDataTypeAttribute.Value, namespaces) IEnumerable <XmlNode> nodes = xpath.Invoke(this.requestDocument, string.Format(@"//*[local-name()='Attributes'][@Category='{0}']/*[local-name()='Content']/*", category), xPathExpressionDataTypeAttribute.Value, namespaces); List <XmlNode> result = new List <XmlNode>(); foreach (XmlNode node in nodes) { XmlDocument doc = new XmlDocument(); doc.LoadXml(node.OuterXml); result.AddRange(xpath.Invoke(doc, @"/*", xpathExpression, namespaces)); } return(result); } else { return(xpath.Invoke(this.requestDocument, string.Format(@"//*[local-name()='Attributes'][@Category='{0}']/*[local-name()='Content']/*", category), xpathExpression, namespaces)); } }
private static void ConvertCategoryAttributes(List <XacmlJsonCategory> categoryList, string categoryId, ICollection <XacmlContextAttributes> contextAttributes) { if (categoryList == null) { return; } foreach (XacmlJsonCategory subjectCategory in categoryList) { if (!string.IsNullOrEmpty(subjectCategory.CategoryId)) { categoryId = subjectCategory.CategoryId; } XacmlContextAttributes xacmlContextAttributes = new XacmlContextAttributes(new Uri(categoryId)); XacmlAttribute xacmlAttribute = null; ICollection <XacmlAttributeValue> attributeValues = new Collection <XacmlAttributeValue>(); foreach (XacmlJsonAttribute jsonAttribute in subjectCategory.Attribute) { if (xacmlAttribute == null) { xacmlAttribute = new XacmlAttribute(new Uri(jsonAttribute.AttributeId), jsonAttribute.IncludeInResult); } XacmlAttributeValue xacmlAttributeValue = new XacmlAttributeValue(new Uri(ConvertDataType(jsonAttribute)), jsonAttribute.Value); xacmlAttribute.AttributeValues.Add(xacmlAttributeValue); xacmlContextAttributes.Attributes.Add(xacmlAttribute); } contextAttributes.Add(xacmlContextAttributes); } }
/// <summary> /// protected virtual void WriteAttributeValue /// </summary> /// <param name="writer">XmlWriter writer</param> /// <param name="data">XacmlAttributeValue data</param> protected virtual void WriteAttributeValue(XmlWriter writer, XacmlAttributeValue data) { if (writer == null) { throw new ArgumentNullException(nameof(writer)); } if (data == null) { throw new ArgumentNullException(nameof(data)); } writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AttributeValue, this.Version.NamespacePolicy); writer.WriteAttributeString(XacmlConstants.AttributeNames.DataType, data.DataType.OriginalString); if (data.Value != null) { writer.WriteString(data.Value); } else { this.WriteOpenElement(writer, (XacmlOpenElement)data); } writer.WriteEndElement(); }
private static void AssertAttributeValueEqual(XacmlAttributeValue expected, XacmlAttributeValue actual) { Assert.NotNull(actual); Assert.NotNull(expected); Assert.Equal(expected.DataType.OriginalString, actual.DataType.OriginalString); Assert.Equal(expected.Value, actual.Value); AssertCollections(expected.Attributes, actual.Attributes, AssertXAttributeEqual); AssertCollections(expected.Elements, actual.Elements, AssertXElementEqual); }
/// <summary> /// Reads the attribute value. /// </summary> /// <param name="reader">The reader.</param> /// <returns></returns> /// <exception cref="System.Xml.XmlException"> /// AttributeValue NotStartElement /// or /// DataType IsNullOrEmpty /// </exception> protected virtual XacmlAttributeValue ReadAttributeValue(XmlReader reader) { if (reader == null) { throw new ArgumentNullException(nameof(reader)); } if (!reader.IsStartElement(XacmlConstants.ElementNames.AttributeValue, this.Version.NamespacePolicy)) { throw ThrowHelperXml(reader, "AttributeValue NotStartElement"); } IDictionary <string, string> attributes = new Dictionary <string, string>(); var dataType = reader.GetAttribute(XacmlConstants.AttributeNames.DataType); if (string.IsNullOrEmpty(dataType)) { throw ThrowHelperXml(reader, "DataType IsNullOrEmpty"); } while (reader.MoveToNextAttribute()) { attributes.Add(reader.Name, reader.Value); } // Move the reader back to the element node. reader.MoveToElement(); string value = null; //Any if (dataType == "http://www.w3.org/2001/XMLSchema#string") { // Do not need to use Trim because it blank characters are important for Regular Expression value = reader.ReadElementContentAsString(); } else { value = reader.ReadInnerXml(); } var attribute = new XacmlAttributeValue(new Uri(dataType, UriKind.RelativeOrAbsolute), value); foreach (var item in attributes) { attribute.Attributes.Add(new System.Xml.Linq.XAttribute(item.Key, item.Value)); // UNDONE: namespace } return(attribute); }
private static void WriteAttributeValue(XmlWriter writer, XacmlAttributeValue xacmlAttributeValue) { Guard.ArgumentNotNull(writer, nameof(writer)); Guard.ArgumentNotNull(xacmlAttributeValue, nameof(xacmlAttributeValue)); writer.WriteStartElement(XacmlConstants.Prefixes.Xacml, XacmlConstants.ElementNames.AttributeValue, Xacml30Constants.NameSpaces.Policy); writer.WriteAttributeString(XacmlConstants.AttributeNames.DataType, xacmlAttributeValue.DataType.OriginalString); if (xacmlAttributeValue.Value != null) { writer.WriteString(xacmlAttributeValue.Value); } else { WriteAnyElement(writer, (XacmlAnyElement)xacmlAttributeValue); } writer.WriteEndElement(); }
private static void ConvertCategoryAttributes(List <XacmlJsonCategory> categoryList, string categoryId, ICollection <XacmlContextAttributes> contextAttributes) { if (categoryList == null) { return; } foreach (XacmlJsonCategory category in categoryList) { if (!string.IsNullOrEmpty(category.CategoryId)) { categoryId = category.CategoryId; } XacmlContextAttributes xacmlContextAttributes = new XacmlContextAttributes(new Uri(categoryId)); ICollection <XacmlAttributeValue> attributeValues = new Collection <XacmlAttributeValue>(); Dictionary <string, XacmlAttribute> attributeDictionary = new Dictionary <string, XacmlAttribute>(); foreach (XacmlJsonAttribute jsonAttribute in category.Attribute) { if (!attributeDictionary.ContainsKey(jsonAttribute.AttributeId)) { attributeDictionary.Add(jsonAttribute.AttributeId, new XacmlAttribute(new Uri(jsonAttribute.AttributeId), jsonAttribute.IncludeInResult)); } XacmlAttributeValue xacmlAttributeValue = new XacmlAttributeValue(new Uri(ConvertDataType(jsonAttribute)), jsonAttribute.Value); attributeDictionary[jsonAttribute.AttributeId].AttributeValues.Add(xacmlAttributeValue); } foreach (KeyValuePair <string, XacmlAttribute> kvp in attributeDictionary) { xacmlContextAttributes.Attributes.Add(kvp.Value); } contextAttributes.Add(xacmlContextAttributes); } }
private void AddObligations(XacmlPolicy policy, XacmlContextResult result) { if (result.Decision.Equals(XacmlContextDecision.Permit)) { if (policy.ObligationExpressions.Count > 0) { IEnumerable <XacmlObligationExpression> obligationsWithPermit = policy.ObligationExpressions.Where(o => o.FulfillOn == XacmlEffectType.Permit); foreach (XacmlObligationExpression expression in obligationsWithPermit) { List <XacmlAttributeAssignment> attributeAssignments = new List <XacmlAttributeAssignment>(); foreach (XacmlAttributeAssignmentExpression ex in expression.AttributeAssignmentExpressions) { Type applyElemType = ex.Property.GetType(); if (applyElemType == typeof(XacmlAttributeValue)) { XacmlAttributeValue attributeValue = ex.Property as XacmlAttributeValue; XacmlAttributeAssignment attributeAssignment = new XacmlAttributeAssignment(ex.AttributeId, attributeValue.DataType, attributeValue.Value) { Category = ex.Category, Issuer = ex.Issuer, }; attributeAssignments.Add(attributeAssignment); } } XacmlObligation obligation = new XacmlObligation(expression.ObligationId, attributeAssignments) { FulfillOn = XacmlEffectType.Permit, }; result.Obligations.Add(obligation); } } } }
private static void AssertEqual(XacmlAttributeValue expected, XacmlAttributeValue actual) { Assert.Equal(expected.DataType, actual.DataType); Assert.Equal(expected.Value, actual.Value, ignoreCase: true); }
private static void AssertEqual(XacmlAttributeValue expected, XacmlAttributeValue actual) { Assert.Equal(expected.DataType, actual.DataType); Assert.Equal(expected.Value.ToLower(), actual.Value.ToLower()); }