private static void WriteAttributeAssignment(XmlWriter writer, XacmlAttributeAssignment xacmlAttributeAssignment) { Guard.ArgumentNotNull(writer, nameof(writer)); Guard.ArgumentNotNull(xacmlAttributeAssignment, nameof(xacmlAttributeAssignment)); writer.WriteStartElement(XacmlConstants.Prefixes.Xacml, XacmlConstants.ElementNames.AttributeAssignment, Xacml30Constants.NameSpaces.Policy); writer.WriteAttributeString(XacmlConstants.AttributeNames.DataType, xacmlAttributeAssignment.DataType.OriginalString); writer.WriteAttributeString(XacmlConstants.AttributeNames.AttributeId, xacmlAttributeAssignment.AttributeId.OriginalString); if (xacmlAttributeAssignment.Category != null) { writer.WriteAttributeString(XacmlConstants.AttributeNames.Category, xacmlAttributeAssignment.Category.OriginalString); } if (!string.IsNullOrEmpty(xacmlAttributeAssignment.Issuer)) { writer.WriteAttributeString(XacmlConstants.AttributeNames.Issuer, xacmlAttributeAssignment.Issuer); } if (xacmlAttributeAssignment.Value != null) { writer.WriteString(xacmlAttributeAssignment.Value); } else { WriteAnyElement(writer, (XacmlAnyElement)xacmlAttributeAssignment); } writer.WriteEndElement(); }
private static void AssertEqual(XacmlAttributeAssignment expected, XacmlAttributeAssignment actual) { Assert.Equal(expected.Value, actual.Value, ignoreCase: true); Assert.Equal(expected.Category, actual.Category); Assert.Equal(expected.AttributeId, actual.AttributeId); Assert.Equal(expected.DataType, actual.DataType); }
protected virtual void WriteAttributeAssignment(XmlWriter writer, XacmlAttributeAssignment data) { if (writer == null) { throw new ArgumentNullException(nameof(writer)); } if (data == null) { throw new ArgumentNullException(nameof(data)); } writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AttributeAssignment, this.Version.NamespacePolicy); writer.WriteAttributeString(XacmlConstants.AttributeNames.DataType, data.DataType.OriginalString); writer.WriteAttributeString(XacmlConstants.AttributeNames.AttributeId, data.AttributeId.OriginalString); if (data.Value != null) { writer.WriteString(data.Value); } else { this.WriteOpenElement(writer, (XacmlOpenElement)data); } writer.WriteEndElement(); }
public void WritePolicy_11() { var subject = new XacmlSubject( new XacmlSubjectMatch[] { new XacmlSubjectMatch( new Uri("http://www.MatchId.www"), new XacmlAttributeValue(new Uri("http://www.DataType.www")), new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www") }) }); var target = new XacmlTarget(subject, null, null); XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicySetId.www"), new Uri("http://www.PolicyCombiningAlgId.www"), target); xacmlPolicySet.Description = "description string"; xacmlPolicySet.XPathVersion = Xacml10Constants.XPathVersions.Xpath10; XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), new XacmlTarget()) { Description = "description string", XPathVersion = Xacml10Constants.XPathVersions.Xpath10, }; XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit) { Description = "xacmlRule description" }; xacmlPolicy.Rules.Add(xacmlRule); XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")); XacmlObligation xacmlObligation = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment }); xacmlPolicy.Obligations.Add(xacmlObligation); xacmlPolicySet.Policies.Add(xacmlPolicy); StringBuilder builder = new StringBuilder(); using (XmlWriter writer = XmlWriter.Create(builder)) { var serializer = new Xacml10ProtocolSerializer(); serializer.WritePolicySet(writer, xacmlPolicySet); } string xml = builder.ToString(); ValidateMessage(xml, Path.Combine(TestCasePath, "cs-xacml-schema-context-01.xsd")); }
private static XacmlJsonAttributeAssignment ConvertAttributeAssignment(XacmlAttributeAssignment attributeAssignment) { if (attributeAssignment == null) { return(null); } XacmlJsonAttributeAssignment xacmlJsonAttributeAssignment = new XacmlJsonAttributeAssignment() { AttributeId = attributeAssignment.AttributeId.OriginalString, Category = attributeAssignment.Category.OriginalString, DataType = attributeAssignment.DataType.OriginalString, Issuer = attributeAssignment.Issuer, Value = attributeAssignment.Value, }; return(xacmlJsonAttributeAssignment); }
private void AddObligations(XacmlPolicy policy, XacmlContextResult result) { if (result.Decision.Equals(XacmlContextDecision.Permit)) { if (policy.ObligationExpressions.Count > 0) { IEnumerable <XacmlObligationExpression> obligationsWithPermit = policy.ObligationExpressions.Where(o => o.FulfillOn == XacmlEffectType.Permit); foreach (XacmlObligationExpression expression in obligationsWithPermit) { List <XacmlAttributeAssignment> attributeAssignments = new List <XacmlAttributeAssignment>(); foreach (XacmlAttributeAssignmentExpression ex in expression.AttributeAssignmentExpressions) { Type applyElemType = ex.Property.GetType(); if (applyElemType == typeof(XacmlAttributeValue)) { XacmlAttributeValue attributeValue = ex.Property as XacmlAttributeValue; XacmlAttributeAssignment attributeAssignment = new XacmlAttributeAssignment(ex.AttributeId, attributeValue.DataType, attributeValue.Value) { Category = ex.Category, Issuer = ex.Issuer, }; attributeAssignments.Add(attributeAssignment); } } XacmlObligation obligation = new XacmlObligation(expression.ObligationId, attributeAssignments) { FulfillOn = XacmlEffectType.Permit, }; result.Obligations.Add(obligation); } } } }
public void WritePolicy_20() { var subject = new XacmlSubject( new XacmlSubjectMatch[] { new XacmlSubjectMatch( new Uri("http://www.MatchId.www"), new XacmlAttributeValue(new Uri("http://www.DataType.www")), new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www") } ) }); var resource = new XacmlResource( new XacmlResourceMatch[] { new XacmlResourceMatch( new Uri("http://www.MatchId.www"), new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */), new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false } ) }); var action = new XacmlAction( new XacmlActionMatch[] { new XacmlActionMatch( new Uri("http://www.MatchId.www"), new XacmlAttributeValue(new Uri("http://www.DataType.www")), new XacmlActionAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false } ) }); var target = new XacmlTarget(subject, resource, action, null); // new Uri("http://www.PolicySetId.www") XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicyCombiningAlgId.www"), target) { Description = "description string", XPathVersion = Xacml10Constants.XPathVersions.Xpath10, }; ////#region Policy XacmlEnvironment env = new XacmlEnvironment( new XacmlEnvironmentMatch[] { new XacmlEnvironmentMatch( new Uri("http://www.EnvironmentMatchIdId.www"), new XacmlAttributeValue(new Uri("http://www.AttributValue.www")), new XacmlEnvironmentAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false } ) }); XacmlTarget targetWithEnvironment = new XacmlTarget(null, null, null, new XacmlEnvironment[] { env }); XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), targetWithEnvironment) { Description = "description string", XPathVersion = Xacml10Constants.XPathVersions.Xpath10, }; XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit) { Description = "xacmlRule description" }; xacmlPolicy.Rules.Add(xacmlRule); XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")); XacmlObligation xacmlObligation = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment }); xacmlPolicy.Obligations.Add(xacmlObligation); xacmlPolicySet.Policies.Add(xacmlPolicy); StringBuilder builder = new StringBuilder(); using (XmlWriter writer = XmlWriter.Create(builder)) { var serializer = new Xacml20ProtocolSerializer(); serializer.WritePolicySet(writer, xacmlPolicySet); } string xml = builder.ToString(); ValidateMessage(xml, Path.Combine(TestCasePath, "access_control-xacml-2.0-policy-schema-os.xsd")); }