/// <summary>
/// Initializes a new instance of the <see cref="XacmlContextResult"/> class.
/// </summary>
/// <param name="decision">The authorization decision.</param>
/// <param name="status">The status.</param>
public XacmlContextResult(XacmlContextDecision decision, XacmlContextStatus status)
{
if (status == null)
{
throw new ArgumentNullException(nameof(status));
}
this.decision = decision;
this.status = status;
}
/// <summary>
/// Initializes a new instance of the <see cref="XacmlContextResult"/> class.
/// </summary>
/// <param name="decision">The authorization decision.</param>
/// <param name="status">The status.</param>
public XacmlContextResult(XacmlContextDecision decision, XacmlContextStatus status) {
Contract.Requires<ArgumentNullException>(status != null);
this.decision = decision;
this.status = status;
}
protected virtual XacmlContextStatus ReadContextStatus(XmlReader reader) {
Contract.Requires<ArgumentNullException>(reader != null, "reader");
Contract.Requires<XmlException>(reader.IsStartElement(XacmlConstants.ElementNames.Status, this.version.NamespaceContext));
reader.ReadStartElement(XacmlConstants.ElementNames.Status, this.version.NamespaceContext);
// Read elements
XacmlContextStatus result = new XacmlContextStatus(this.ReadRequired(XacmlConstants.ElementNames.StatusCode, this.version.NamespaceContext, ReadContextStatusCode, reader));
result.StatusMessage = this.ReadOptional(XacmlConstants.ElementNames.StatusMessage, this.version.NamespaceContext, ReadContextStatusMessage, reader);
if (reader.IsStartElement(XacmlConstants.ElementNames.StatusDetail, this.version.NamespaceContext)) {
bool isEmptyElement = reader.IsEmptyElement;
// XmlUtil.ValidateXsiType(reader, XacmlConstants.XmlTypes.StatusDetailType, this.version.NamespaceContext);
if (isEmptyElement) {
reader.Read();
}
else {
XmlDocument document = new XmlDocument();
document.PreserveWhitespace = true;
document.Load(reader.ReadSubtree());
foreach (XmlElement element in document.DocumentElement.ChildNodes) {
result.StatusDetail.Add(element);
}
reader.ReadEndElement();
}
}
reader.ReadEndElement();
return result;
}
protected virtual XacmlContextResult MakeResult(XacmlDecisionResult decision, XacmlContextStatus status) {
XacmlContextDecision resultDecision = XacmlContextDecision.NotApplicable;
switch (decision) {
case XacmlDecisionResult.Deny:
resultDecision = XacmlContextDecision.Deny;
break;
case XacmlDecisionResult.Indeterminate:
case XacmlDecisionResult.IndeterminateD:
case XacmlDecisionResult.IndeterminateP:
case XacmlDecisionResult.IndeterminateDP:
resultDecision = XacmlContextDecision.Indeterminate;
break;
case XacmlDecisionResult.Permit:
resultDecision = XacmlContextDecision.Permit;
break;
}
var result = new XacmlContextResult(resultDecision) {
Status = status,
};
if (decision == XacmlDecisionResult.Permit) {
foreach (var obligation in this.obligations[XacmlEffectType.Permit]) {
result.Obligations.Add(obligation);
}
}
if (decision == XacmlDecisionResult.Deny) {
foreach (var obligation in this.obligations[XacmlEffectType.Deny]) {
result.Obligations.Add(obligation);
}
}
return result;
}
protected virtual void WriteContextStatus(XmlWriter writer, XacmlContextStatus xacmlContextStatus) {
Contract.Requires<ArgumentNullException>(writer != null);
Contract.Requires<ArgumentNullException>(xacmlContextStatus != null);
writer.WriteStartElement(XacmlConstants.Prefixes.Context, XacmlConstants.ElementNames.Status, this.version.NamespaceContext);
this.WriteContextStatusCode(writer, xacmlContextStatus.StatusCode);
if (!string.IsNullOrEmpty(xacmlContextStatus.StatusMessage)) {
writer.WriteElementString(XacmlConstants.Prefixes.Context, XacmlConstants.ElementNames.StatusMessage, this.version.NamespaceContext, xacmlContextStatus.StatusMessage);
}
if (xacmlContextStatus.StatusDetail.Count > 0) {
writer.WriteStartElement(XacmlConstants.Prefixes.Context, XacmlConstants.ElementNames.StatusDetail, this.version.NamespaceContext);
foreach (XmlElement element in xacmlContextStatus.StatusDetail) {
element.WriteTo(writer);
}
writer.WriteEndElement();
}
writer.WriteEndElement();
}
protected override XacmlContextResult MakeResult(XacmlDecisionResult decision, XacmlContextStatus status) {
XacmlContextDecision resultDecision = XacmlContextDecision.NotApplicable;
switch (decision) {
case XacmlDecisionResult.Deny:
resultDecision = XacmlContextDecision.Deny;
break;
case XacmlDecisionResult.Indeterminate:
case XacmlDecisionResult.IndeterminateD:
case XacmlDecisionResult.IndeterminateP:
case XacmlDecisionResult.IndeterminateDP:
resultDecision = XacmlContextDecision.Indeterminate;
break;
case XacmlDecisionResult.Permit:
resultDecision = XacmlContextDecision.Permit;
break;
}
//PROFILE - Multiple Decision Profile - #POL01 (Fists())
var result = new XacmlContextResult(resultDecision) {
Status = status,
};
foreach (var attribute in this.pip.GetAttributesWithIncludeInResult()) {
result.Attributes.Add(attribute);
};
if (decision == XacmlDecisionResult.Permit) {
foreach (var obligation in this.obligations[XacmlEffectType.Permit]) {
result.Obligations.Add(obligation);
}
foreach (var advice in this.advices[XacmlEffectType.Permit]) {
result.Advices.Add(advice);
}
if (pip.ReturnPolicyIdList()) {
foreach (var policyIdReferences in this.applicablePolicies[XacmlEffectType.Permit]) {
result.PolicyIdReferences.Add(policyIdReferences);
}
foreach (var policySetIdReferences in this.applicablePolicySets[XacmlEffectType.Permit]) {
result.PolicySetIdReferences.Add(policySetIdReferences);
}
}
}
if (decision == XacmlDecisionResult.Deny) {
foreach (var obligation in this.obligations[XacmlEffectType.Deny]) {
result.Obligations.Add(obligation);
}
foreach (var advice in this.advices[XacmlEffectType.Deny]) {
result.Advices.Add(advice);
}
if (pip.ReturnPolicyIdList()) {
foreach (var policyIdReferences in this.applicablePolicies[XacmlEffectType.Deny]) {
result.PolicyIdReferences.Add(policyIdReferences);
}
foreach (var policySetIdReferences in this.applicablePolicySets[XacmlEffectType.Deny]) {
result.PolicySetIdReferences.Add(policySetIdReferences);
}
}
}
return result;
}