/// <summary> /// Evauluate the Apply. /// </summary> /// <param name="request">The context request.</param> /// <returns>The match result.</returns> public XacmlAttributeMatchResult Evalute(XacmlContextRequest request) { XacmlAttributeValue policyConditionAttributeValue = null; XacmlAttributeDesignator xacmlAttributeDesignator = null; XacmlApply xacmlApply = null; foreach (IXacmlExpression xacmlExpression in this.Parameters) { if (xacmlExpression.GetType() == typeof(XacmlAttributeValue)) { policyConditionAttributeValue = xacmlExpression as XacmlAttributeValue; } else if (xacmlExpression.GetType() == typeof(XacmlAttributeDesignator)) { xacmlAttributeDesignator = xacmlExpression as XacmlAttributeDesignator; } else if (xacmlExpression.GetType() == typeof(XacmlApply)) { xacmlApply = xacmlExpression as XacmlApply; } } if (xacmlAttributeDesignator == null && xacmlApply != null) { foreach (IXacmlExpression xacmlExpression in xacmlApply.Parameters) { if (xacmlExpression.GetType() == typeof(XacmlAttributeDesignator)) { xacmlAttributeDesignator = xacmlExpression as XacmlAttributeDesignator; } } } return(this.Evaluate(request, policyConditionAttributeValue, xacmlAttributeDesignator, xacmlApply)); }
/// <summary> /// Evauluat the condition. /// </summary> /// <param name="request">The xacml context request.</param> /// <returns>The match result.</returns> public XacmlAttributeMatchResult EvaluateCondition(XacmlContextRequest request) { Type conditionType = this.Condition.Property.GetType(); if (conditionType == typeof(XacmlFunction)) { return XacmlAttributeMatchResult.NoMatch; } else if (conditionType == typeof(XacmlApply)) { XacmlApply xacmlApply = this.Condition.Property as XacmlApply; return xacmlApply.Evalute(request); } return XacmlAttributeMatchResult.NoMatch; }
/// <summary> /// This verifies it the XacmlApply is only a bag size function and /// does not compare the attribute value only the attribute count. /// </summary> /// <param name="xacmlApply">The xacmlApply.</param> /// <returns>A boolean value telling if it is a baq size only function.</returns> private bool IsBagSizeCondition(XacmlApply xacmlApply) { if (xacmlApply == null) { return(false); } string applyfunction = xacmlApply.FunctionId.OriginalString; switch (applyfunction) { case XacmlConstants.AttributeBagFunction.TimeBagSize: case XacmlConstants.AttributeBagFunction.DateBagSize: case XacmlConstants.AttributeBagFunction.DateTimeBagSize: return(true); default: return(false); } }
private bool ValidateSingleElementInBagCondition(ICollection <XacmlContextAttributes> contextAttributes, XacmlAttributeValue policyConditionAttributeValue, XacmlApply xacmlApply, XacmlAttributeDesignator attributeDesignator) { bool isSingleFunction = false; string applyfunction = this.FunctionId.OriginalString; if (xacmlApply != null) { applyfunction = xacmlApply.FunctionId.OriginalString; } switch (applyfunction) { case XacmlConstants.AttributeMatchFunction.IntegerOneAndOnly: isSingleFunction = true; break; case XacmlConstants.AttributeMatchFunction.DateOneAndOnly: isSingleFunction = true; break; case XacmlConstants.AttributeMatchFunction.DateTimeOneAndOnly: isSingleFunction = true; break; default: break; } if (!isSingleFunction) { return(true); } int attributeCount = this.GetBagSize(contextAttributes, attributeDesignator); if (attributeCount > 1) { return(false); } return(true); }
private XacmlAttributeMatchResult EvaluateBagSize(ICollection <XacmlContextAttributes> contextAttributes, XacmlAttributeValue policyConditionAttributeValue, XacmlApply xacmlApply, XacmlAttributeDesignator attributeDesignator) { string applyfunction = xacmlApply.FunctionId.OriginalString; switch (applyfunction) { case XacmlConstants.AttributeBagFunction.TimeBagSize: case XacmlConstants.AttributeBagFunction.DateBagSize: case XacmlConstants.AttributeBagFunction.DateTimeBagSize: int bagSize = this.GetBagSize(contextAttributes, attributeDesignator); if (int.Parse(policyConditionAttributeValue.Value).Equals(bagSize)) { return(XacmlAttributeMatchResult.Match); } return(XacmlAttributeMatchResult.BagSizeConditionFailed); default: break; } return(XacmlAttributeMatchResult.BagSizeConditionFailed); }
private XacmlAttributeMatchResult Evaluate(XacmlContextRequest contextRequest, XacmlAttributeValue policyConditionAttributeValue, XacmlAttributeDesignator attributeDesignator, XacmlApply xacmlApply) { ICollection <XacmlContextAttributes> xacmlContextAttributes = new Collection <XacmlContextAttributes>(); foreach (XacmlContextAttributes attributes in contextRequest.Attributes) { if (attributes.Category.Equals(attributeDesignator.Category)) { xacmlContextAttributes.Add(attributes); } } if (xacmlContextAttributes.Count == 0) { // No match for the condition in the attributes return(XacmlAttributeMatchResult.RequiredAttributeMissing); } if (!this.ValidateSingleElementInBagCondition(xacmlContextAttributes, policyConditionAttributeValue, xacmlApply, attributeDesignator)) { return(XacmlAttributeMatchResult.ToManyAttributes); } if (this.IsBagSizeCondition(xacmlApply)) { return(this.EvaluateBagSize(xacmlContextAttributes, policyConditionAttributeValue, xacmlApply, attributeDesignator)); } return(this.Evalute(xacmlContextAttributes, policyConditionAttributeValue, attributeDesignator)); }