/// <summary>
/// Initializes a new instance of the <see cref="XacmlContextResponse"/> class.
/// </summary>
/// <param name="results">The result.</param>
public XacmlContextResponse(XacmlContextResult result)
: this(new XacmlContextResult[] { result })
{
}
protected virtual XacmlContextResult ReadContextResult(XmlReader reader) {
Contract.Requires<ArgumentNullException>(reader != null, "reader");
Contract.Requires<XmlException>(reader.IsStartElement(XacmlConstants.ElementNames.Result, this.version.NamespaceContext));
// Read attributes
string resourceId = this.ReadAttribute<string>(reader, XacmlConstants.AttributeNames.ResourceId, isRequered: false);
reader.ReadStartElement(XacmlConstants.ElementNames.Result, this.version.NamespaceContext);
// Read elements
XacmlContextResult result = new XacmlContextResult(
this.ReadRequired(XacmlConstants.ElementNames.Decision, this.version.NamespaceContext, ReadContextDecision, reader),
this.ReadRequired(XacmlConstants.ElementNames.Status, this.version.NamespaceContext, ReadContextStatus, reader)
) {
ResourceId = resourceId,
};
if (reader.IsStartElement(XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy)) {
reader.ReadStartElement(XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy);
this.ReadList<XacmlObligation>(result.Obligations, XacmlConstants.ElementNames.Obligation, this.version.NamespacePolicy, ReadObligation, reader, isRequired: false);
// end obligations
reader.ReadEndElement();
}
reader.ReadEndElement();
return result;
}
/// <summary>
/// Reads the context result.
/// </summary>
/// <param name="reader">The reader.</param>
/// <returns></returns>
protected override XacmlContextResult ReadContextResult(XmlReader reader) {
Contract.Requires<ArgumentNullException>(reader != null, "reader");
Contract.Requires<XmlException>(reader.IsStartElement(XacmlConstants.ElementNames.Result, this.version.NamespaceContext));
string resourceId = this.ReadAttribute<string>(reader, XacmlConstants.AttributeNames.ResourceId, isRequered: false);
reader.ReadStartElement(XacmlConstants.ElementNames.Result, this.version.NamespaceContext);
// Read elements
XacmlContextResult result = new XacmlContextResult(
this.ReadRequired(XacmlConstants.ElementNames.Decision, this.version.NamespaceContext, ReadContextDecision, reader)
) {
Status = this.ReadOptional(XacmlConstants.ElementNames.Status, this.version.NamespaceContext, ReadContextStatus, reader),
ResourceId = resourceId,
};
if (reader.IsStartElement(XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy)) {
reader.ReadStartElement(XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy);
this.ReadList<XacmlObligation>(result.Obligations, XacmlConstants.ElementNames.Obligation, this.version.NamespacePolicy, ReadObligation, reader, isRequired: true);
// end obligations
reader.ReadEndElement();
}
if (reader.IsStartElement(XacmlConstants.ElementNames.AssociatedAdvice, this.version.NamespacePolicy)) {
reader.ReadStartElement(XacmlConstants.ElementNames.AssociatedAdvice, this.version.NamespacePolicy);
this.ReadList<XacmlAdvice>(result.Advices, XacmlConstants.ElementNames.Advice, this.version.NamespacePolicy, this.ReadAdvice, reader, isRequired: true);
// end advice
reader.ReadEndElement();
}
this.ReadList<XacmlContextAttributes>(result.Attributes, XacmlConstants.ElementNames.Attributes, this.version.NamespaceContext, this.ReadContextAttributes, reader, isRequired: false);
if (reader.IsStartElement(XacmlConstants.ElementNames.PolicyIdentifierList, this.version.NamespacePolicy)) {
reader.ReadStartElement(XacmlConstants.ElementNames.PolicyIdentifierList, this.version.NamespacePolicy);
IDictionary<Tuple<string, string>, Action> dicts = new Dictionary<Tuple<string, string>, Action>()
{
{ new Tuple<string, string>(XacmlConstants.ElementNames.PolicyIdReference, this.version.NamespacePolicy), () => result.PolicyIdReferences.Add(this.ReadPolicyIdReference_3_0(reader)) },
{ new Tuple<string, string>(XacmlConstants.ElementNames.PolicySetIdReference, this.version.NamespacePolicy), () => result.PolicySetIdReferences.Add(this.ReadPolicySetIdReference_3_0(reader)) },
};
this.ReadChoiceMultiply(reader, dicts);
reader.ReadEndElement();
}
reader.ReadEndElement();
return result;
}
/// <summary>
/// Writes the context result.
/// </summary>
/// <param name="writer">The writer.</param>
/// <param name="result">The result.</param>
protected override void WriteContextResult(XmlWriter writer, XacmlContextResult result) {
writer.WriteStartElement(XacmlConstants.Prefixes.Context, XacmlConstants.ElementNames.Result, this.version.NamespaceContext);
this.WriteContextDecision(writer, result.Decision);
if (result.Status != null) {
this.WriteContextStatus(writer, result.Status);
}
if (result.Obligations.Count > 0) {
writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Obligations, this.version.NamespacePolicy);
foreach (XacmlObligation val in result.Obligations) {
this.WriteObligation(writer, val);
}
writer.WriteEndElement();
}
if (result.Advices.Count > 0) {
writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AssociatedAdvice, this.version.NamespacePolicy);
foreach (XacmlAdvice val in result.Advices) {
this.WriteAdvice(writer, val);
}
writer.WriteEndElement();
}
if (result.Attributes.Count > 0) {
foreach (XacmlContextAttributes attr in result.Attributes) {
this.WriteContextAttributes(writer, attr);
}
}
if (result.PolicyIdReferences.Count > 0 || result.PolicySetIdReferences.Count > 0) {
writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.PolicyIdentifierList, this.version.NamespacePolicy);
foreach (XacmlContextPolicyIdReference pref in result.PolicyIdReferences) {
this.WritePolicyIdReference(writer, pref);
}
foreach (XacmlContextPolicySetIdReference psref in result.PolicySetIdReferences) {
this.WritePolicySetIdReference(writer, psref);
}
writer.WriteEndElement();
}
writer.WriteEndElement();
}
protected virtual XacmlContextResult MakeResult(XacmlDecisionResult decision, XacmlContextStatus status) {
XacmlContextDecision resultDecision = XacmlContextDecision.NotApplicable;
switch (decision) {
case XacmlDecisionResult.Deny:
resultDecision = XacmlContextDecision.Deny;
break;
case XacmlDecisionResult.Indeterminate:
case XacmlDecisionResult.IndeterminateD:
case XacmlDecisionResult.IndeterminateP:
case XacmlDecisionResult.IndeterminateDP:
resultDecision = XacmlContextDecision.Indeterminate;
break;
case XacmlDecisionResult.Permit:
resultDecision = XacmlContextDecision.Permit;
break;
}
var result = new XacmlContextResult(resultDecision) {
Status = status,
};
if (decision == XacmlDecisionResult.Permit) {
foreach (var obligation in this.obligations[XacmlEffectType.Permit]) {
result.Obligations.Add(obligation);
}
}
if (decision == XacmlDecisionResult.Deny) {
foreach (var obligation in this.obligations[XacmlEffectType.Deny]) {
result.Obligations.Add(obligation);
}
}
return result;
}
protected virtual void WriteContextResult(XmlWriter writer, XacmlContextResult result) {
Contract.Requires<ArgumentNullException>(writer != null);
Contract.Requires<ArgumentNullException>(result != null);
writer.WriteStartElement(XacmlConstants.Prefixes.Context, XacmlConstants.ElementNames.Result, this.version.NamespaceContext);
if (!string.IsNullOrEmpty(result.ResourceId)) {
writer.WriteAttributeString(XacmlConstants.AttributeNames.ResourceId, result.ResourceId);
}
this.WriteContextDecision(writer, result.Decision);
if (result.Status == null) {
throw Diagnostic.DiagnosticTools.ExceptionUtil.ThrowHelperError(new XacmlSerializationException("status must be set for XACML 1.0/1.1"));
}
this.WriteContextStatus(writer, result.Status);
if (result.Obligations.Count > 1) {
throw Diagnostic.DiagnosticTools.ExceptionUtil.ThrowHelperError(new XacmlSerializationException("Obligations should be < 2 until version 2.0"));
}
if (result.Obligations.Count > 0) {
this.WriteObligation(writer, result.Obligations.First());
}
writer.WriteEndElement();
}
/// <summary>
/// Initializes a new instance of the <see cref="XacmlContextResponse"/> class.
/// </summary>
/// <param name="results">The result.</param>
public XacmlContextResponse(XacmlContextResult result)
: this(new XacmlContextResult[] { result }) {
Contract.Requires<ArgumentNullException>(result != null);
}
protected override XacmlContextResult MakeResult(XacmlDecisionResult decision, XacmlContextStatus status) {
XacmlContextDecision resultDecision = XacmlContextDecision.NotApplicable;
switch (decision) {
case XacmlDecisionResult.Deny:
resultDecision = XacmlContextDecision.Deny;
break;
case XacmlDecisionResult.Indeterminate:
case XacmlDecisionResult.IndeterminateD:
case XacmlDecisionResult.IndeterminateP:
case XacmlDecisionResult.IndeterminateDP:
resultDecision = XacmlContextDecision.Indeterminate;
break;
case XacmlDecisionResult.Permit:
resultDecision = XacmlContextDecision.Permit;
break;
}
//PROFILE - Multiple Decision Profile - #POL01 (Fists())
var result = new XacmlContextResult(resultDecision) {
Status = status,
};
foreach (var attribute in this.pip.GetAttributesWithIncludeInResult()) {
result.Attributes.Add(attribute);
};
if (decision == XacmlDecisionResult.Permit) {
foreach (var obligation in this.obligations[XacmlEffectType.Permit]) {
result.Obligations.Add(obligation);
}
foreach (var advice in this.advices[XacmlEffectType.Permit]) {
result.Advices.Add(advice);
}
if (pip.ReturnPolicyIdList()) {
foreach (var policyIdReferences in this.applicablePolicies[XacmlEffectType.Permit]) {
result.PolicyIdReferences.Add(policyIdReferences);
}
foreach (var policySetIdReferences in this.applicablePolicySets[XacmlEffectType.Permit]) {
result.PolicySetIdReferences.Add(policySetIdReferences);
}
}
}
if (decision == XacmlDecisionResult.Deny) {
foreach (var obligation in this.obligations[XacmlEffectType.Deny]) {
result.Obligations.Add(obligation);
}
foreach (var advice in this.advices[XacmlEffectType.Deny]) {
result.Advices.Add(advice);
}
if (pip.ReturnPolicyIdList()) {
foreach (var policyIdReferences in this.applicablePolicies[XacmlEffectType.Deny]) {
result.PolicyIdReferences.Add(policyIdReferences);
}
foreach (var policySetIdReferences in this.applicablePolicySets[XacmlEffectType.Deny]) {
result.PolicySetIdReferences.Add(policySetIdReferences);
}
}
}
return result;
}
/// <summary>
/// Writes the context result.
/// </summary>
/// <param name="writer">The writer.</param>
/// <param name="result">The result.</param>
/// <exception cref="XacmlSerializationException">Obligations should be < 2 until version 2.0</exception>
protected override void WriteContextResult(XmlWriter writer, XacmlContextResult result) {
writer.WriteStartElement(XacmlConstants.Prefixes.Context, XacmlConstants.ElementNames.Result, this.version.NamespaceContext);
if (!string.IsNullOrEmpty(result.ResourceId)) {
writer.WriteAttributeString(XacmlConstants.AttributeNames.ResourceId, result.ResourceId);
}
this.WriteContextDecision(writer, result.Decision);
if (result.Status != null) {
this.WriteContextStatus(writer, result.Status);
}
if (result.Obligations.Count > 1) {
throw Diagnostic.DiagnosticTools.ExceptionUtil.ThrowHelperError(new XacmlSerializationException("Obligations should be < 2 until version 2.0"));
}
if (result.Obligations.Count > 0) {
this.WriteObligation(writer, result.Obligations.First<XacmlObligation>());
}
writer.WriteEndElement();
}
