/// <summary> /// Evauluate the Apply. /// </summary> /// <param name="request">The context request.</param> /// <returns>The match result.</returns> public XacmlAttributeMatchResult Evalute(XacmlContextRequest request) { XacmlAttributeValue policyConditionAttributeValue = null; XacmlAttributeDesignator xacmlAttributeDesignator = null; XacmlApply xacmlApply = null; foreach (IXacmlExpression xacmlExpression in this.Parameters) { if (xacmlExpression.GetType() == typeof(XacmlAttributeValue)) { policyConditionAttributeValue = xacmlExpression as XacmlAttributeValue; } else if (xacmlExpression.GetType() == typeof(XacmlAttributeDesignator)) { xacmlAttributeDesignator = xacmlExpression as XacmlAttributeDesignator; } else if (xacmlExpression.GetType() == typeof(XacmlApply)) { xacmlApply = xacmlExpression as XacmlApply; } } if (xacmlAttributeDesignator == null && xacmlApply != null) { foreach (IXacmlExpression xacmlExpression in xacmlApply.Parameters) { if (xacmlExpression.GetType() == typeof(XacmlAttributeDesignator)) { xacmlAttributeDesignator = xacmlExpression as XacmlAttributeDesignator; } } } return(this.Evaluate(request, policyConditionAttributeValue, xacmlAttributeDesignator, xacmlApply)); }
/// <summary> /// Initializes a new instance of the <see cref="XacmlMatch"/> class. /// </summary> /// <param name="matchId">Specifies a matching function.The value of this attribute MUST be of type xs:anyURI with legal values documented in Section 7.6.</param> /// <param name="attributeValue">Embedded attribute value.</param> /// <param name="attributeDesignator">MAY be used to identify one or more attribute values in an<Attributes/> element of the request context.</param> public XacmlMatch(Uri matchId, XacmlAttributeValue attributeValue, XacmlAttributeDesignator attributeDesignator) { Guard.ArgumentNotNull(matchId, nameof(matchId)); Guard.ArgumentNotNull(attributeValue, nameof(attributeValue)); Guard.ArgumentNotNull(attributeDesignator, nameof(attributeDesignator)); this.matchId = matchId; this.attributeValue = attributeValue; this.attributeDesignator = attributeDesignator; }
private bool ValidateSingleElementInBagCondition(ICollection <XacmlContextAttributes> contextAttributes, XacmlAttributeValue policyConditionAttributeValue, XacmlApply xacmlApply, XacmlAttributeDesignator attributeDesignator) { bool isSingleFunction = false; string applyfunction = this.FunctionId.OriginalString; if (xacmlApply != null) { applyfunction = xacmlApply.FunctionId.OriginalString; } switch (applyfunction) { case XacmlConstants.AttributeMatchFunction.IntegerOneAndOnly: isSingleFunction = true; break; case XacmlConstants.AttributeMatchFunction.DateOneAndOnly: isSingleFunction = true; break; case XacmlConstants.AttributeMatchFunction.DateTimeOneAndOnly: isSingleFunction = true; break; default: break; } if (!isSingleFunction) { return(true); } int attributeCount = this.GetBagSize(contextAttributes, attributeDesignator); if (attributeCount > 1) { return(false); } return(true); }
private int GetBagSize(ICollection <XacmlContextAttributes> contextAttributes, XacmlAttributeDesignator attributeDesignator) { int attributeCount = 0; foreach (XacmlContextAttributes contextAttribute in contextAttributes) { foreach (XacmlAttribute contextAttributeValue in contextAttribute.Attributes) { if (contextAttributeValue.AttributeId.Equals(attributeDesignator.AttributeId)) { foreach (XacmlAttributeValue xacmlAttributeValue in contextAttributeValue.AttributeValues) { if (xacmlAttributeValue.DataType.OriginalString.Equals(attributeDesignator.DataType.OriginalString)) { attributeCount++; } } } } } return(attributeCount); }
private XacmlAttributeMatchResult EvaluateBagSize(ICollection <XacmlContextAttributes> contextAttributes, XacmlAttributeValue policyConditionAttributeValue, XacmlApply xacmlApply, XacmlAttributeDesignator attributeDesignator) { string applyfunction = xacmlApply.FunctionId.OriginalString; switch (applyfunction) { case XacmlConstants.AttributeBagFunction.TimeBagSize: case XacmlConstants.AttributeBagFunction.DateBagSize: case XacmlConstants.AttributeBagFunction.DateTimeBagSize: int bagSize = this.GetBagSize(contextAttributes, attributeDesignator); if (int.Parse(policyConditionAttributeValue.Value).Equals(bagSize)) { return(XacmlAttributeMatchResult.Match); } return(XacmlAttributeMatchResult.BagSizeConditionFailed); default: break; } return(XacmlAttributeMatchResult.BagSizeConditionFailed); }
private XacmlAttributeMatchResult Evalute(ICollection <XacmlContextAttributes> contextAttributes, XacmlAttributeValue policyConditionAttributeValue, XacmlAttributeDesignator attributeDesignator) { bool attributeWithCorrectAttributeIdFound = false; foreach (XacmlContextAttributes xacmlContextAttributes in contextAttributes) { foreach (XacmlAttribute attribute in xacmlContextAttributes.Attributes) { if (attribute.AttributeId.Equals(attributeDesignator.AttributeId)) { attributeWithCorrectAttributeIdFound = true; if (this.Match(this.FunctionId, attribute, policyConditionAttributeValue)) { return(XacmlAttributeMatchResult.Match); } } } } if (attributeWithCorrectAttributeIdFound) { return(XacmlAttributeMatchResult.NoMatch); } return(XacmlAttributeMatchResult.RequiredAttributeMissing); }
private XacmlAttributeMatchResult Evaluate(XacmlContextRequest contextRequest, XacmlAttributeValue policyConditionAttributeValue, XacmlAttributeDesignator attributeDesignator, XacmlApply xacmlApply) { ICollection <XacmlContextAttributes> xacmlContextAttributes = new Collection <XacmlContextAttributes>(); foreach (XacmlContextAttributes attributes in contextRequest.Attributes) { if (attributes.Category.Equals(attributeDesignator.Category)) { xacmlContextAttributes.Add(attributes); } } if (xacmlContextAttributes.Count == 0) { // No match for the condition in the attributes return(XacmlAttributeMatchResult.RequiredAttributeMissing); } if (!this.ValidateSingleElementInBagCondition(xacmlContextAttributes, policyConditionAttributeValue, xacmlApply, attributeDesignator)) { return(XacmlAttributeMatchResult.ToManyAttributes); } if (this.IsBagSizeCondition(xacmlApply)) { return(this.EvaluateBagSize(xacmlContextAttributes, policyConditionAttributeValue, xacmlApply, attributeDesignator)); } return(this.Evalute(xacmlContextAttributes, policyConditionAttributeValue, attributeDesignator)); }