private void CreateLDAPEnabledOfflinePreRoutingSet()
{
Append(new NxComment("Pre-routing offline enabled"));
NxObjectLookup isLdapEnabled = new NxObjectLookup(Guid.NewGuid().ToString(), "LDAPAnalyzer", "IsLdapEnabled");
NxLogic nxLogic = new NxLogic();
NxIf nxIf = new NxIf();
NxAnd nxAnd = new NxAnd();
NxIsTrue nxIsTrue = new NxIsTrue(isLdapEnabled.Identifier);
NxDo nxDo = new NxDo();
nxAnd.Append(nxIsTrue);
nxIf.Append(nxAnd);
nxDo.Append(new NxComment("Online routing"));
nxDo.Append(new NxEvaluate("RuleFired", BuildRuleFiredParameters()));
nxIf.Append(nxDo);
nxLogic.Append(nxIf);
NxElse nxElse = new NxElse();
nxElse.Append(new NxComment("Offline routing"));
nxElse.Append(new NxEvaluate("RuleFired", BuildOfflineRuleFiredParameters()));
nxLogic.Append(nxElse);
Append(isLdapEnabled);
AppendLogic(nxLogic);
}
private NxLogic BuildConditionGroupLogicBlock()
{
NxLogic ruleLogic = new NxLogic();
NxIf ruleIf = new NxIf();
NxDo ruleDo = new NxDo();
List<Guid> conditionGroups = GetListOfConditionGroups();
if (conditionGroups.Count == 0)
return null;
List<NxOperator> conditionGroupList = new List<NxOperator>();
foreach (Guid condtionGroup in conditionGroups)
{
List<IncrementConditionGroup> conditionGroup = GetConditionGroup(condtionGroup);
if (conditionGroup.Count == 0)
continue;
NxOperator nxAnd = new NxAnd();
foreach (IncrementConditionGroup icg in conditionGroup)
{
nxAnd.Append(icg.IncrementIdentifier, "0i", OperatorType.GreaterThan);
}
conditionGroupList.Add(nxAnd);
}
ConditionLogic conditionLogic = GetConditionGroup(conditionGroups[0])[0].ConditionLogic;
NxOperator nxOldOp = null;
for(int i = 0; i < conditionGroupList.Count; ++i)
{
NxOperator nxOp = null;
switch (conditionLogic)
{
case ConditionLogic.AND:
nxOp = new NxAnd();
break;
case ConditionLogic.OR:
nxOp = new NxOr();
break;
case ConditionLogic.NOT:
break;
}
nxOp.Append(conditionGroupList[i]);
if (i == 0)
{
ruleIf.Append(nxOp);
nxOldOp = nxOp;
}
else
{
nxOldOp.Append(nxOp);
}
}
ruleDo.Append(new NxComment("Pre-routing set id"));
ruleDo.Append(new NxInvokeSet(m_PreRoutingId));
ruleIf.Append(ruleDo);
ruleLogic.Append(ruleIf);
return ruleLogic;
}
public void TestCreate()
{
NxDo nxDo = new NxDo();
List<NxParameter> parameters = new List<NxParameter>();
parameters.Add(new NxParameter("param1", "value1", false));
nxDo.Append(new NxEvaluate("AA6EB470-AB00-4c1c-B4D4-5C66D859F7A4", parameters));
string actual = nxDo.Create().OuterXml;
string expected = string.Format("<Do><Evaluate id=\"{0}\"><Parameter name=\"{1}\" value=\"{2}\" /></Evaluate></Do>",
"AA6EB470-AB00-4c1c-B4D4-5C66D859F7A4", "param1", "value1");
Assert.AreEqual(expected, actual);
}
private void AddNonDefaultPrecedences(SortedList<int, NxElement> precedences, IRoutingTable routing)
{
foreach (IRoutingItemCollection source in routing.Sources)
{
if ("true" == source["DefaultGroup"].Value.ToLower(CultureInfo.InvariantCulture))
continue;
foreach (IRoutingItemCollection destination in routing.Destinations)
{
if ("true" == destination["DefaultGroup"].Value.ToLower(CultureInfo.InvariantCulture))
continue;
string destinationObjectId = GetRoutingItemCollectionObjectId(destination);
string sourceObjectId = GetRoutingItemCollectionObjectId(source);
string trustedSourceLookup = CreateIsThingMemberOfGroupLookupIfNecessary(sourceObjectId, m_currentUserId, source.Identifier.ToString());
string trustedDestinationLookup = CreateIsThingMemberOfGroupLookupIfNecessary(destinationObjectId, m_destinationListId, destination.Identifier.ToString());
string isSourceEnabledLookup = CreateIsRouterEnabledIfNecessary(sourceObjectId);
string isDestinationEnabledLookup = CreateIsRouterEnabledIfNecessary(destinationObjectId);
string sourceId = source.Identifier.ToString();
string destinationId = destination.Identifier.ToString();
if (m_policyChannel.Routing == null)
continue; // No routing
IRoutingMatrixCell routingMatrixCell = routing[sourceId, destinationId];
if (m_policyChannel.Actions == null)
continue; // No actions
IActionMatrixCell actionMatrixCell = m_policyChannel.Actions[sourceId, destinationId];
if (routingMatrixCell == null)
continue; // No routing for source/destination
NxIsTrue isTrueTrustedSource = new NxIsTrue(trustedSourceLookup);
NxIsTrue isTrueTrustedDestination = new NxIsTrue(trustedDestinationLookup);
NxIsTrue isTrueSourceEnabled = new NxIsTrue(isSourceEnabledLookup);
NxIsTrue isTrueDestinationEnabled = new NxIsTrue(isDestinationEnabledLookup);
NxAnd and = new NxAnd();
and.Append(isTrueSourceEnabled);
if (isDestinationEnabledLookup != isSourceEnabledLookup)
{
and.Append(isTrueDestinationEnabled);
}
and.Append(isTrueTrustedSource);
and.Append(isTrueTrustedDestination);
NxControl condStatement = CreateConditionalStatement(routingMatrixCell.Precedence);
condStatement.Append(and);
NxDo routingDo = new NxDo();
AddActionSetsForRoutingMatrixCell(routingDo, routingMatrixCell, actionMatrixCell);
condStatement.Append(routingDo);
precedences.Add(routingMatrixCell.Precedence, condStatement);
}
}
}
private SortedList<int, NxElement> CreateUntrustedRoutingPath()
{
SortedList<int, NxElement> untrusted = new SortedList<int, NxElement>();
IRoutingTable routing = m_policyChannel.Routing;
if (null == routing)
return untrusted;
if ((!routing.HasDefaultSources) && (!routing.HasDefaultDestinations))
return untrusted;
Guid unprivDestinationId = routing.DefaultDestination.Identifier;
Guid unprivSourceId = routing.DefaultSource.Identifier;
IRoutingMatrixCell routingMatrixCell = routing[unprivSourceId, unprivDestinationId];
if (routingMatrixCell == null)
return untrusted;
IActionMatrixCell actionMatrixCell = m_policyChannel.Actions[unprivSourceId, unprivDestinationId];
string actionSetId = NxUtils.ToNxBreGuid(actionMatrixCell == null ? Guid.NewGuid() : actionMatrixCell.Identifier);
List<NxParameter> routingParams = FilterRoutingMatrixCell(NxUtils.GetAttributes(routingMatrixCell));
routingParams.Add(new NxParameter("Name", routingMatrixCell.Name));
routingParams.Add(new NxParameter("ActionSetId", actionSetId, false));
NxEvaluate evaluate = new NxEvaluate("RoutingPath", routingParams);
m_actionSets.Add(new NxActionSet(actionSetId, actionMatrixCell, m_objectWriter, m_resourceManager));
NxAnd and = new NxAnd();
and.Append(new NxIsTrue(m_booleanForDummyTrue));
NxDo routingDo = new NxDo();
routingDo.Append(evaluate);
NxControl nxControl = CreateConditionalStatement(routingMatrixCell.Precedence);
nxControl.Append(and);
nxControl.Append(routingDo);
untrusted.Add(routingMatrixCell.Precedence, nxControl);
return untrusted;
}
private SortedList<int, NxElement> CreatePartiallyTrustedRoutingPath_UntrustedRecipients()
{
SortedList<int, NxElement> partiallyTrusted = new SortedList<int, NxElement>();
IRoutingTable routing = m_policyChannel.Routing;
if (null == routing)
return partiallyTrusted;
foreach (IRoutingItemCollection source in routing.Sources)
{
if ("true" == source["DefaultGroup"].Value.ToLower(CultureInfo.InvariantCulture))
continue;
if (!routing.HasDefaultDestinations)
continue;
Guid sourceId = source.Identifier;
Guid destinationId = routing.DefaultDestination.Identifier;
IRoutingMatrixCell routingMatrixCell = routing[sourceId, destinationId];
if (m_policyChannel.Actions == null)
continue; // No actions
IActionMatrixCell actionMatrixCell = m_policyChannel.Actions[sourceId, destinationId];
if (routingMatrixCell == null)
continue; // No routing for routingItem/destination
NxControl elseIf = CreateConditionalStatement(routingMatrixCell.Precedence);
string objectId = GetRoutingItemCollectionObjectId(source);
string senderIsInGroupId = CreateIsThingMemberOfGroupLookupIfNecessary(objectId, m_currentUserId, sourceId.ToString());
string isEnabledId = CreateIsRouterEnabledIfNecessary(objectId);
NxIsTrue senderIsInGroup = new NxIsTrue(senderIsInGroupId);
NxIsTrue isEnabled = new NxIsTrue(isEnabledId);
NxAnd and = new NxAnd();
and.Append(isEnabled);
and.Append(senderIsInGroup);
if (routing.HasDefaultSources)
{
elseIf.Append(and);
NxDo routingDo = new NxDo();
AddActionSetsForRoutingMatrixCell(routingDo, routingMatrixCell, actionMatrixCell);
elseIf.Append(routingDo);
}
partiallyTrusted.Add(routingMatrixCell.Precedence, elseIf);
}
return partiallyTrusted;
}
private void AddActionSetsForRoutingMatrixCell(NxDo routingDo, IRoutingMatrixCell routingMatrixCell, IActionMatrixCell actionMatrixCell)
{
if (actionMatrixCell == null)
return;
List<NxParameter> actionParams = NxUtils.GetAttributes(actionMatrixCell);
string actionSetId = NxUtils.ToNxBreGuid(actionMatrixCell.Identifier);
List<NxParameter> routingParams = FilterRoutingMatrixCell(NxUtils.GetAttributes(routingMatrixCell));
routingParams.Add(new NxParameter("Name", routingMatrixCell.Name));
routingParams.Add(new NxParameter("ActionSetId", actionSetId, false));
routingDo.Append(new NxEvaluate("RoutingPath", routingParams));
m_actionSets.Add(new NxActionSet(actionSetId, actionMatrixCell, m_objectWriter, m_resourceManager));
}
public void WriteCondition(IPolicySet policySet, IPolicyObject parent, ICondition condition, ConditionLogic cdnlogic)
{
NxLogic logic = new NxLogic();
NxIf iF = new NxIf();
NxOperator conditionTest = null;
if (condition.IsNegated)
conditionTest = new NxNot();
else
conditionTest = new NxAnd();
IDataElement lhs = condition.DataLeft;
IDataElement rhs = condition.DataRight;
WriteDataElement(lhs);
WriteDataElement(rhs);
string incrementId = Guid.NewGuid().ToString();
List<NxParameter> parameters = NxUtils.GetAttributes(condition);
NxSet currentPolicy = m_policysets.PolicySets[0].CurrentPolicy;
string lhsId = lhs.Identifier.ToString();
string rhsId = rhs.Identifier.ToString();
if (condition.Class == "IDataLengthComparer")
{
if ((lhs.Type == DataType.Object) || (NxUtils.IsArray(lhs.Type)))
{
lhsId = Guid.NewGuid().ToString();
foreach (NxPolicySet policyset in m_policysets.PolicySets)
{
policyset.CurrentPolicy.Append(new NxObjectLookup(lhsId, lhs.Identifier.ToString(), "Length"));
}
parameters.Add(new NxParameter("Properties", lhs.Identifier.ToString(), true));
}
if ((rhs.Type == DataType.Object) || (NxUtils.IsArray(rhs.Type)))
{
rhsId = Guid.NewGuid().ToString();
foreach (NxPolicySet policyset in m_policysets.PolicySets)
{
policyset.CurrentPolicy.Append(new NxObjectLookup(rhsId, rhs.Identifier.ToString(), "Length"));
}
parameters.Add(new NxParameter("Properties", rhs.Identifier.ToString(), true));
}
}
conditionTest.Append(lhsId, rhsId, condition.Operator);
NxDo dO = new NxDo();
foreach (NxPolicySet policyset in m_policysets.PolicySets)
{
policyset.AppendIncrementer(new NxIncrement(incrementId));
policyset.AppendIncrementer(new NxIncrementStep(incrementId));
}
dO.Append(new NxIncrementStep(incrementId));
bool ignored = NxUtils.IsIgnored(condition);
iF.Append(conditionTest);
iF.Append(dO);
logic.Append(iF);
if (!ignored)
{
parameters.Add(new NxParameter("Name", condition));
dO.Append(new NxEvaluate("ConditionLineFired", new List<NxParameter>(parameters.ToArray())));
NxElse eLse = new NxElse();
eLse.Append(new NxEvaluate("ConditionLinePassed", new List<NxParameter>(parameters.ToArray())));
logic.Append(eLse);
}
foreach (NxPolicySet policyset in m_policysets.PolicySets)
{
policyset.Policies[policyset.Policies.Count - 1].AppendLogic(logic);
policyset.Policies[policyset.Policies.Count - 1].AppendIncrementId(incrementId, parent.Identifier, cdnlogic); //IConditionGroup
}
}
