/// <summary>
/// Redosled navodjenja Apply elementa u XACML politici je bitan
/// 1. Apply koji definise tip (AttributeDesignator element)
/// 2. Donja granica
/// 3. Gordnja granica
/// </summary>
/// <param name="Item"> ApplyType element - Sadrzi listu Apply elemenata</param>
/// <param name="request"> Xacml zahtev </param>
/// <returns></returns>
public override bool EvaluateConditionFor(ApplyType Item, RequestType request)
{
bool TimeConditionResult = true;
ApplyType currentTimeItem = Item.Items[0] as ApplyType;
ApplyType lowerBoundItem = Item.Items[1] as ApplyType;
ApplyType upperBoundItem = Item.Items[2] as ApplyType;
// designator za def DataType, Category, AttributeId
AttributeDesignatorType attributeDesignator = currentTimeItem.Items[0] as AttributeDesignatorType;
// lower bound time
ExpressionType[] lowItems = lowerBoundItem.Items;
ApplyType lowItem = lowItems[0] as ApplyType;
AttributeValueType lowItemValue = lowItem.Items[0] as AttributeValueType;
XmlNode lowItemValueAny = lowItemValue.Any[0] as XmlNode;
string lowerBoundTime = lowItemValueAny.Value as string;
// upper bound time
ExpressionType[] uppItems = upperBoundItem.Items;
ApplyType uppItem = uppItems[0] as ApplyType;
AttributeValueType uppItemValue = uppItem.Items[0] as AttributeValueType;
XmlNode uppItemValueAny = uppItemValue.Any[0] as XmlNode;
string upperBoundTime = uppItemValueAny.Value as string;
// konverzija vremena - daylight saving time - +1 na vremensku zonu tako da je srbija na +2 po letnjem racunanju vremena
// preporuka da se vreme definise u UTC formatu
DateTime lowerBoundTimeValue = DateTime.Parse(lowerBoundTime, System.Globalization.CultureInfo.CurrentCulture);
DateTime upperBoundTimeValue = DateTime.Parse(upperBoundTime, System.Globalization.CultureInfo.CurrentCulture);
bool exists = false;
List <AttributeType> Attributes = new List <AttributeType>(2);
Attributes = AttributeDesignatorManager.RequestBagOfValues(attributeDesignator, request);
if (Attributes.Count == 0)
{
// Provera MustBePresented atributa
if (attributeDesignator.MustBePresent)
{
// PDP zahteva od PIP dobavljanje atributa koji su potrebni
ContextHandler ch = new ContextHandler();
Attributes = ch.RequestForEnvironmentAttribute(attributeDesignator);
}
else
{
return(TimeConditionResult);
}
}
TimeConditionResult = TimeConditionEvaluation(lowerBoundTimeValue, upperBoundTimeValue, Attributes, out exists);
return(TimeConditionResult);
}
public static TargetResult CheckTarget(TargetType Target, RequestType request)
{
MatchFunctions[XacmlFunctions.STRING_EQUAL] = new StringEqual();
ContextHandler ch = new ContextHandler();
int numberOfMatchAnyOf = 0;
int numberOfNoMatchAnyOf = 0;
int numberOfIndeterminateAnyOf = 0;
if (Target != null)
{
if (Target.AnyOf != null)
{
foreach (AnyOfType AnyOf in Target.AnyOf)
{
int numberOfMatchAllOf = 0;
int numberOfIndeterminateAllOf = 0;
int numberOfNoMatchAllOf = 0;
AllOfType[] AllOfs = AnyOf.AllOf;
foreach (AllOfType AllOf in AllOfs)
{
int numberOfFalseMatch = 0;
int numberOfIndeterminateMatch = 0;
MatchType[] Matches = AllOf.Match;
try
{
foreach (MatchType Match in Matches)
{
AttributeDesignatorType AttributeDesignator = Match.Item as AttributeDesignatorType;
AttributeValueType AttributeValue = Match.AttributeValue;
List <AttributeType> Attributes = AttributeDesignatorManager.RequestBagOfValues(AttributeDesignator, request);
int numberOfMatch = 0;
if (Attributes.Count == 0)
{
// bag of values je prazan, provera atributa MustBePresented
if (AttributeDesignator.MustBePresent)
{
// TODO zahteva dobavljanje atributa od PIP
if (AttributeDesignator.Category.Equals(XacmlSubject.CATEGORY))
{
string subjectId = SubjectIdResolver.SubjectId(request);
if (!(subjectId == null))
{
Attributes = ch.RequestForSubjectAttribute(AttributeDesignator, subjectId);
}
else
{
Attributes = null;
}
}
else
{
Attributes = ch.RequestForEnvironmentAttribute(AttributeDesignator);
}
// ako PIP ne vrati atribut - zbog true vrednosti MustBePresented
if (Attributes != null)
{
if (Attributes[0] == null)
{
numberOfIndeterminateMatch++;
continue;
}
}
else
{
numberOfIndeterminateMatch++;
continue;
}
if (Attributes.Count == 0)
{
numberOfIndeterminateMatch++;
continue;
}
}
}
string attributeValue = string.Empty;
foreach (AttributeType attr in Attributes)
{
AttributeValueType[] attrValues = attr.AttributeValue;
foreach (AttributeValueType attrValue in attrValues)
{
XmlNode node = attrValue.Any[0];
attributeValue = node.Value;
}
string value = AttributeValue.Any[0].Value.ToString();
// evaluacija prema funkciji definisanoj MatchId atributom
bool decision = MatchFunctions[Match.MatchId].CheckIfMatch(ref value, ref attributeValue);
if (decision)
{
numberOfMatch++;
}
}
if (numberOfMatch == 0)
{
numberOfFalseMatch++;
}
}
}
catch (Exception)
{
numberOfIndeterminateMatch++;
}
/// AllOf evaluacija
if (numberOfFalseMatch != 0)
{
numberOfNoMatchAllOf++;
}
else if (numberOfIndeterminateMatch > 0)
{
numberOfIndeterminateAllOf++;
}
else if (numberOfFalseMatch == 0 && numberOfIndeterminateMatch == 0)
{
numberOfMatchAllOf++;
}
}
/// AnyOf evaluacija
if (numberOfIndeterminateAllOf > 0 && numberOfMatchAllOf == 0)
{
numberOfIndeterminateAnyOf++;
}
else if (numberOfMatchAllOf > 0)
{
numberOfMatchAnyOf++;
}
else if (numberOfNoMatchAllOf > 0)
{
numberOfNoMatchAnyOf++;
}
}
}
else
{
// empty target
return(TargetResult.Match);
}
}
else
{
// empty target
return(TargetResult.Match);
}
if (numberOfNoMatchAnyOf > 0)
{
return(TargetResult.NoMatch);
}
else if (numberOfMatchAnyOf > 0 && numberOfIndeterminateAnyOf == 0)
{
return(TargetResult.Match);
}
else
{
return(TargetResult.Indeterminate);
}
}