C# (CSharp) XacmlTarget示例

示例#1

文件： XacmlPolicySet.cs 项目： abc-software/abc.xacml

        /// <summary>
        /// Initializes a new instance of the <see cref="XacmlPolicySet"/> class.
        /// </summary>
        /// <param name="policySetId">The policy set identifier.</param>
        /// <param name="policyCombiningAlgId">The policy combining alg identifier.</param>
        /// <param name="target">The target.</param>
        public XacmlPolicySet(Uri policySetId, Uri policyCombiningAlgId, XacmlTarget target) {
            Contract.Requires<ArgumentNullException>(policySetId != null);
            Contract.Requires<ArgumentNullException>(policyCombiningAlgId != null);
            Contract.Requires<ArgumentNullException>(target != null);

            this.policySetId = policySetId;
            this.policyCombiningAlgId = policyCombiningAlgId;
            this.target = target;
        }

示例#2

 private static void AssertTargetEqual(XacmlTarget expected, XacmlTarget actual)
 {
     if (expected == null)
     {
         Assert.Null(actual);
     }
     else
     {
         Assert.NotNull(actual);
         AssertCollections(expected.AnyOf, actual.AnyOf, AssertAnyOfEqual);
     }
 }

示例#3

 private static void AddAttributeMatchesToRule(XacmlTarget xacmlTarget, Rule rule)
 {
     foreach (XacmlAnyOf anyOf in xacmlTarget.AnyOf)
     {
         foreach (XacmlAllOf allOf in anyOf.AllOf)
         {
             foreach (XacmlMatch xacmlMatch in allOf.Matches)
             {
                 AddAttributeMatchToRule(xacmlMatch, rule);
             }
         }
     }
 }

示例#4

        private static void WriteTarget(XmlWriter writer, XacmlTarget xacmlTarget)
        {
            Guard.ArgumentNotNull(writer, nameof(writer));
            Guard.ArgumentNotNull(xacmlTarget, nameof(xacmlTarget));

            writer.WriteStartElement(XacmlConstants.Prefixes.Xacml, XacmlConstants.ElementNames.Target, Xacml30Constants.NameSpaces.Policy);

            foreach (XacmlAnyOf xacmlAnyOf in xacmlTarget.AnyOf)
            {
                WriteAnyOf(writer, xacmlAnyOf);
            }

            writer.WriteEndElement();
        }

示例#5

文件： XacmlProtocolSerializerFixture.cs 项目： ybohan/abc.xacml

        public void WritePolicy_11()
        {
            var subject = new XacmlSubject(
                new XacmlSubjectMatch[]
            {
                new XacmlSubjectMatch(
                    new Uri("http://www.MatchId.www"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www")),
                    new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
                })
            });

            var            target         = new XacmlTarget(subject, null, null);
            XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicySetId.www"), new Uri("http://www.PolicyCombiningAlgId.www"), target);

            xacmlPolicySet.Description  = "description string";
            xacmlPolicySet.XPathVersion = Xacml10Constants.XPathVersions.Xpath10;

            XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), new XacmlTarget())
            {
                Description  = "description string",
                XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
            };

            XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit)
            {
                Description = "xacmlRule description"
            };

            xacmlPolicy.Rules.Add(xacmlRule);
            XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
            XacmlObligation          xacmlObligation          = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });

            xacmlPolicy.Obligations.Add(xacmlObligation);

            xacmlPolicySet.Policies.Add(xacmlPolicy);

            StringBuilder builder = new StringBuilder();

            using (XmlWriter writer = XmlWriter.Create(builder)) {
                var serializer = new Xacml10ProtocolSerializer();
                serializer.WritePolicySet(writer, xacmlPolicySet);
            }

            string xml = builder.ToString();

            ValidateMessage(xml, Path.Combine(TestCasePath, "cs-xacml-schema-context-01.xsd"));
        }

示例#6

文件： XacmlProtocolSerializerFixture.cs 项目： abc-software/abc.xacml

        public void WritePolicy_11() {
            var subject = new XacmlSubject(
                new XacmlSubjectMatch[] 
                {  
                    new XacmlSubjectMatch(
                        new Uri("http://www.MatchId.www"),
                        new XacmlAttributeValue(new Uri("http://www.DataType.www")), 
                        new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www") })
                });

            var target = new XacmlTarget(subject, null, null);
            XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicySetId.www"), new Uri("http://www.PolicyCombiningAlgId.www"), target);
            xacmlPolicySet.Description = "description string";
            xacmlPolicySet.XPathVersion = Xacml10Constants.XPathVersions.Xpath10;
            
            XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), new XacmlTarget()) {
                Description = "description string",
                XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
            };

            XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit) {
                Description = "xacmlRule description"
            };

            xacmlPolicy.Rules.Add(xacmlRule);
            XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
            XacmlObligation xacmlObligation = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });
            xacmlPolicy.Obligations.Add(xacmlObligation);

            xacmlPolicySet.Policies.Add(xacmlPolicy);

            StringBuilder builder = new StringBuilder();
            using (XmlWriter writer = XmlWriter.Create(builder)) {
                var serializer = new Xacml10ProtocolSerializer();
                serializer.WritePolicySet(writer, xacmlPolicySet);
            }

            string xml = builder.ToString();
            ValidateMessage(xml, @"..\..\_Data\cs-xacml-schema-policy-01.xsd");
        }

示例#7

文件： XacmlProtocolSerializerFixture.cs 项目： abc-software/abc.xacml

        public void WritePolicy_20() {
            var subject = new XacmlSubject(
                new XacmlSubjectMatch[] 
                {  
                    new XacmlSubjectMatch(
                        new Uri("http://www.MatchId.www"),
                        new XacmlAttributeValue(new Uri("http://www.DataType.www")), 
                        new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")}
                        )
                });

            var resource = new XacmlResource(
            new XacmlResourceMatch[] 
                { 
                    new XacmlResourceMatch(
                        new Uri("http://www.MatchId.www"), 
                        new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */), 
                        new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false} 
                        )
                });

            var action = new XacmlAction(
                new XacmlActionMatch[] 
                { 
                    new XacmlActionMatch(
                        new Uri("http://www.MatchId.www"), 
                        new XacmlAttributeValue(new Uri("http://www.DataType.www")), 
                        new XacmlActionAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")){ Issuer = "String", MustBePresent = false} 
                        )
                });

            var target = new XacmlTarget(subject, resource, action, null);

            // new Uri("http://www.PolicySetId.www")
            XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicyCombiningAlgId.www"), target) {
                Description = "description string",
                XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
            };
            
            ////#region Policy
            XacmlEnvironment env = new XacmlEnvironment(
                new XacmlEnvironmentMatch[]
                {
                    new XacmlEnvironmentMatch(
                        new Uri("http://www.EnvironmentMatchIdId.www"), 
                        new XacmlAttributeValue(new Uri("http://www.AttributValue.www")), 
                        new XacmlEnvironmentAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")){ Issuer = "String", MustBePresent = false} 
                        )
                });

            XacmlTarget targetWithEnvironment = new XacmlTarget(null, null, null, new XacmlEnvironment[] { env });

            XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), targetWithEnvironment) {
                Description = "description string",
                XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
            };

            XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit) {
                Description = "xacmlRule description"
            };

            xacmlPolicy.Rules.Add(xacmlRule);

            XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
            XacmlObligation xacmlObligation = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });
            xacmlPolicy.Obligations.Add(xacmlObligation);

            xacmlPolicySet.Policies.Add(xacmlPolicy);

            StringBuilder builder = new StringBuilder();
            using (XmlWriter writer = XmlWriter.Create(builder)) {
                var serializer = new Xacml20ProtocolSerializer();
                serializer.WritePolicySet(writer, xacmlPolicySet);
            }

            string xml = builder.ToString();
            ValidateMessage(xml, @"..\..\_Data\access_control-xacml-2.0-policy-schema-os.xsd");
        }

示例#8

文件： XacmlProtocolSerializerFixture.cs 项目： ybohan/abc.xacml

        public void WritePolicy_20()
        {
            var subject = new XacmlSubject(
                new XacmlSubjectMatch[]
            {
                new XacmlSubjectMatch(
                    new Uri("http://www.MatchId.www"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www")),
                    new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
                }
                    )
            });

            var resource = new XacmlResource(
                new XacmlResourceMatch[]
            {
                new XacmlResourceMatch(
                    new Uri("http://www.MatchId.www"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */),
                    new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false
                }
                    )
            });

            var action = new XacmlAction(
                new XacmlActionMatch[]
            {
                new XacmlActionMatch(
                    new Uri("http://www.MatchId.www"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www")),
                    new XacmlActionAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false
                }
                    )
            });

            var target = new XacmlTarget(subject, resource, action, null);

            // new Uri("http://www.PolicySetId.www")
            XacmlPolicySet xacmlPolicySet = new XacmlPolicySet(new Uri("http://www.PolicyCombiningAlgId.www"), target)
            {
                Description  = "description string",
                XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
            };

            ////#region Policy
            XacmlEnvironment env = new XacmlEnvironment(
                new XacmlEnvironmentMatch[]
            {
                new XacmlEnvironmentMatch(
                    new Uri("http://www.EnvironmentMatchIdId.www"),
                    new XacmlAttributeValue(new Uri("http://www.AttributValue.www")),
                    new XacmlEnvironmentAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false
                }
                    )
            });

            XacmlTarget targetWithEnvironment = new XacmlTarget(null, null, null, new XacmlEnvironment[] { env });

            XacmlPolicy xacmlPolicy = new XacmlPolicy(new Uri("http://www.PolicyId.www"), new Uri("http://www.RuleCombiningAlgId.www"), targetWithEnvironment)
            {
                Description  = "description string",
                XPathVersion = Xacml10Constants.XPathVersions.Xpath10,
            };

            XacmlRule xacmlRule = new XacmlRule("http://www.RuleId.www", XacmlEffectType.Permit)
            {
                Description = "xacmlRule description"
            };

            xacmlPolicy.Rules.Add(xacmlRule);

            XacmlAttributeAssignment xacmlAttributeAssignment = new XacmlAttributeAssignment(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"));
            XacmlObligation          xacmlObligation          = new XacmlObligation(new Uri("http://www.ObligationId.www"), XacmlEffectType.Permit, new XacmlAttributeAssignment[] { xacmlAttributeAssignment });

            xacmlPolicy.Obligations.Add(xacmlObligation);

            xacmlPolicySet.Policies.Add(xacmlPolicy);

            StringBuilder builder = new StringBuilder();

            using (XmlWriter writer = XmlWriter.Create(builder)) {
                var serializer = new Xacml20ProtocolSerializer();
                serializer.WritePolicySet(writer, xacmlPolicySet);
            }

            string xml = builder.ToString();

            ValidateMessage(xml, Path.Combine(TestCasePath, "access_control-xacml-2.0-policy-schema-os.xsd"));
        }

示例#9

文件： XacmlProtocolSerializerRead.cs 项目： ybohan/abc.xacml

        /// <summary>
        /// Reads the policy set.
        /// </summary>
        /// <param name="reader">The reader.</param>
        /// <returns></returns>
        /// <exception cref="System.InvalidOperationException"></exception>
        public virtual XacmlPolicySet ReadPolicySet(XmlReader reader)
        {
            if (reader == null)
            {
                throw new ArgumentNullException(nameof(reader));
            }

            if (!this.CanRead(reader, XacmlConstants.ElementNames.PolicySet))
            {
                throw ThrowHelperXml(reader, "XML message is not valid.");
            }

            // Collect namespaces
            IDictionary <string, string> nsMgr = new Dictionary <string, string>();

            for (int i = 0; i < reader.AttributeCount; i++)
            {
                reader.MoveToAttribute(i);
                if (reader.Prefix == "xmlns")
                {
                    nsMgr.Add(reader.LocalName, reader.Value);
                }
            }

            Uri gaPolicySetId = this.ReadAttribute <Uri>(reader, XacmlConstants.AttributeNames.PolicySetId);

            Uri gaPolicyCombiningAlgId = this.ReadAttribute <Uri>(reader, XacmlConstants.AttributeNames.PolicyCombiningAlgId);

            reader.ReadStartElement(XacmlConstants.ElementNames.PolicySet, this.Version.NamespacePolicy);

            string description = null;

            if (reader.IsStartElement(XacmlConstants.ElementNames.Description, this.Version.NamespacePolicy))
            {
                description = reader.ReadElementContentAsString(XacmlConstants.ElementNames.Description, this.Version.NamespacePolicy);
            }

            // PolicySetDefault
            string xpathVersion = null;

            if (reader.IsStartElement(XacmlConstants.ElementNames.PolicySetDefaults, this.Version.NamespacePolicy))
            {
                reader.ReadStartElement(XacmlConstants.ElementNames.PolicySetDefaults, this.Version.NamespacePolicy);

                if (!reader.IsStartElement(XacmlConstants.ElementNames.XPathVersion, this.Version.NamespacePolicy))
                {
                    throw ThrowHelperXml(reader, "XPathVerison NotStartElement");
                }

                xpathVersion = reader.ReadElementContentAsString(XacmlConstants.ElementNames.XPathVersion, this.Version.NamespacePolicy);

                reader.ReadEndElement();
            }

            XacmlTarget target = null;

            if (reader.IsStartElement(XacmlConstants.ElementNames.Target, this.Version.NamespacePolicy))
            {
                target = ReadTarget(reader);
            }

            XacmlPolicySet policySet = new XacmlPolicySet(gaPolicySetId, gaPolicyCombiningAlgId, target)
            {
                Description  = description,
                XPathVersion = xpathVersion != null ? new Uri(xpathVersion) : null,
            };

            policySet.Namespaces = nsMgr;

            IDictionary <Tuple <string, string>, Action> dicts = new Dictionary <Tuple <string, string>, Action>()
            {
                { new Tuple <string, string>(XacmlConstants.ElementNames.PolicySet, this.Version.NamespacePolicy), () => policySet.PolicySets.Add(this.ReadPolicySet(reader)) },
                { new Tuple <string, string>(XacmlConstants.ElementNames.Policy, this.Version.NamespacePolicy), () => policySet.Policies.Add(this.ReadPolicy(reader)) },
                { new Tuple <string, string>(XacmlConstants.ElementNames.PolicySetIdReference, this.Version.NamespacePolicy), () => policySet.PolicySetIdReferences.Add(this.ReadPolicySetIdReference(reader)) },
                { new Tuple <string, string>(XacmlConstants.ElementNames.PolicyIdReference, this.Version.NamespacePolicy), () => policySet.PolicyIdReferences.Add(this.ReadPolicyIdReference(reader)) },
            };

            this.ReadChoiceMultiply(reader, dicts);

            if (reader.IsStartElement(XacmlConstants.ElementNames.Obligations, this.Version.NamespacePolicy))
            {
                reader.ReadStartElement(XacmlConstants.ElementNames.Obligations, this.Version.NamespacePolicy);

                this.ReadList(policySet.Obligations, XacmlConstants.ElementNames.Obligation, this.Version.NamespacePolicy, ReadObligation, reader);

                // end obligations
                reader.ReadEndElement();
            }

            return(policySet);
        }

示例#10

文件： XacmlTargetFixture.cs 项目： abc-software/abc.xacml

        public void Add() {
            var target = new XacmlTarget();

            var subject1 = new XacmlSubject(
                new XacmlSubjectMatch[] 
                {  
                    new XacmlSubjectMatch(
                        new Uri("http://subject1"),
                        new XacmlAttributeValue(new Uri("http://www.DataType.www")), 
                        new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www") })
                });

            var subject2 = new XacmlSubject(
                new XacmlSubjectMatch[] 
                {  
                    new XacmlSubjectMatch(
                        new Uri("http://subject2"),
                        new XacmlAttributeValue(new Uri("http://www.DataType.www")), 
                        new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www") })
                });

            var resource1 = new XacmlResource(
            new XacmlResourceMatch[] 
                { 
                    new XacmlResourceMatch(
                        new Uri("http://resource1"), 
                        new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */), 
                        new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false} 
                        )
                });

            var resource2 = new XacmlResource(
            new XacmlResourceMatch[] 
                { 
                    new XacmlResourceMatch(
                        new Uri("http://resource1"), 
                        new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */), 
                        new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www")) { Issuer = "String", MustBePresent = false} 
                        )
                });

            {
                target.AnyOf.Add(new XacmlAnyOf(new XacmlAllOf[] { subject1 }));

                Assert.AreEqual(1, target.AnyOf.Count);
                Assert.AreEqual(1, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(1, target.Subjects.Count);
                Assert.AreEqual(0, target.Resources.Count);
                Assert.AreEqual(new Uri("http://subject1"), target.Subjects.First().Matches.First().MatchId);
            }

            {
                target.Subjects.Add(subject2);

                Assert.AreEqual(1, target.AnyOf.Count);
                Assert.AreEqual(2, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(2, target.Subjects.Count);
                Assert.AreEqual(0, target.Resources.Count);
            }

            {
                target.AnyOf.Add(new XacmlAnyOf(new XacmlAllOf[] { resource1 }));

                Assert.AreEqual(2, target.AnyOf.Count);
                Assert.AreEqual(3, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(2, target.Subjects.Count);
                Assert.AreEqual(1, target.Resources.Count);
            }

            {
                target.Resources.Add(resource2);

                Assert.AreEqual(2, target.AnyOf.Count);
                Assert.AreEqual(4, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(2, target.Subjects.Count);
                Assert.AreEqual(2, target.Resources.Count);

                foreach (var res in target.Resources) {
                }

                Assert.AreEqual(true, target.Resources.Contains(resource1));
            }

            {
                target.Subjects.Remove(subject1);

                Assert.AreEqual(2, target.AnyOf.Count);
                Assert.AreEqual(3, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(1, target.Subjects.Count);
                Assert.AreEqual(2, target.Resources.Count);
            }

            {
                target.Resources.Clear();

                Assert.AreEqual(1, target.AnyOf.Count);
                Assert.AreEqual(1, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(1, target.Subjects.Count);
                Assert.AreEqual(0, target.Resources.Count);
            }
        }

示例#11

文件： Xacml30ProtocolSerializer.cs 项目： abc-software/abc.xacml

        /// <summary>
        /// Writes the target.
        /// </summary>
        /// <param name="writer">The writer.</param>
        /// <param name="data">The data.</param>
        protected override void WriteTarget(XmlWriter writer, XacmlTarget data) {
            //// Start Target
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Target, this.version.NamespacePolicy);

            foreach (ICollection<ICollection<XacmlMatch>> anyOf in data.AnyOf) {
                writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AnyOf, this.version.NamespacePolicy);

                foreach (ICollection<XacmlMatch> allOf in anyOf) {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AllOf, this.version.NamespacePolicy);

                    foreach (XacmlMatch match in allOf) {
                        this.WriteMatch(writer, match);
                    }

                    writer.WriteEndElement();
                }

                writer.WriteEndElement();
            }

            //// End Target
            writer.WriteEndElement();
        }

示例#12

文件： Xacml30ProtocolSerializer.cs 项目： abc-software/abc.xacml

        /// <summary>
        /// Reads the target.
        /// </summary>
        /// <param name="reader">The reader.</param>
        /// <returns></returns>
        /// <exception cref="System.Xml.XmlException">Target should contain AnyOf or be empty</exception>
        protected override XacmlTarget ReadTarget(XmlReader reader) {
            Contract.Requires<ArgumentNullException>(reader != null, "reader");
            Contract.Requires<XmlException>(reader.IsStartElement(XacmlConstants.ElementNames.Target, this.version.NamespacePolicy));

            if (reader.IsEmptyElement) {
                reader.Read();
                return new XacmlTarget(null);
            }

            reader.ReadStartElement(XacmlConstants.ElementNames.Target, this.version.NamespacePolicy);

            XacmlTarget target = new XacmlTarget(null);

            // AnyOf
            if (!reader.IsStartElement(XacmlConstants.ElementNames.AnyOf, this.version.NamespacePolicy)) {
                throw Diagnostic.DiagnosticTools.ExceptionUtil.ThrowHelperError(new XmlException("Target should contain AnyOf or be empty"));
            }

            //this.ReadList<ICollection<ICollection<XacmlMatch>>>(target.AnyOf, XacmlConstants.ElementNames.AnyOf, this.version.NamespacePolicy,
            //    a => {
            //        a.ReadStartElement(XacmlConstants.ElementNames.AnyOf, this.version.NamespacePolicy);
            //        ICollection<ICollection<XacmlMatch>> am = new List<ICollection<XacmlMatch>>();
            //        this.ReadList<ICollection<XacmlMatch>>(am, XacmlConstants.ElementNames.AllOf, this.version.NamespacePolicy,
            //            o => {
            //                o.ReadStartElement(XacmlConstants.ElementNames.AllOf, this.version.NamespacePolicy);
            //                ICollection<XacmlMatch> m = new List<XacmlMatch>();
            //                this.ReadList<XacmlMatch>(m, XacmlConstants.ElementNames.Match, this.version.NamespacePolicy, this.ReadMatch, o, true);
            //                o.ReadEndElement();
            //                return m;
            //            }, a, true);
            //        a.ReadEndElement();
            //        return am;
            //    }, reader, false);

            this.ReadList<XacmlAnyOf>(target.AnyOf, XacmlConstants.ElementNames.AnyOf, this.version.NamespacePolicy,
                a => {
                    a.ReadStartElement(XacmlConstants.ElementNames.AnyOf, this.version.NamespacePolicy);
                    ICollection<XacmlAllOf> am = new List<XacmlAllOf>();
                    this.ReadList<XacmlAllOf>(am, XacmlConstants.ElementNames.AllOf, this.version.NamespacePolicy,
                        o => {
                            o.ReadStartElement(XacmlConstants.ElementNames.AllOf, this.version.NamespacePolicy);
                            ICollection<XacmlMatch> m = new List<XacmlMatch>();
                            this.ReadList<XacmlMatch>(m, XacmlConstants.ElementNames.Match, this.version.NamespacePolicy, this.ReadMatch, o, true);
                            o.ReadEndElement();
                            return new XacmlAllOf(m);
                        }, a, true);
                    a.ReadEndElement();
                    return new XacmlAnyOf(am);
                }, reader, false);


            reader.ReadEndElement();
            return target;
        }

示例#13

文件： XacmlPolicySet.cs 项目： abc-software/abc.xacml

 /// <summary>
 /// Initializes a new instance of the <see cref="XacmlPolicySet"/> class.
 /// </summary>
 /// <param name="policyCombiningAlgId">The policy combining alg identifier.</param>
 /// <param name="target">The target.</param>
 public XacmlPolicySet(Uri policyCombiningAlgId, XacmlTarget target)
     : this(XacmlUtils.GeneratePolicySetId(), policyCombiningAlgId, target) {
     Contract.Requires<ArgumentNullException>(policyCombiningAlgId != null);
     Contract.Requires<ArgumentNullException>(target != null);
 }

示例#14

文件： XacmlProtocolSerializerRead.cs 项目： ybohan/abc.xacml

        /// <summary>
        /// Reads the rule.
        /// </summary>
        /// <param name="reader">The reader.</param>
        /// <returns></returns>
        /// <exception cref="System.Xml.XmlException">
        /// Rule NotStartElement
        /// or
        /// RuleId IsNullOrEmpty
        /// or
        /// Effect IsNullEmpty
        /// </exception>
        /// <exception cref="XacmlSerializationException">Wrong XacmlEffectType value</exception>
        protected virtual XacmlRule ReadRule(XmlReader reader)
        {
            if (reader == null)
            {
                throw new ArgumentNullException(nameof(reader));
            }

            if (!reader.IsStartElement(XacmlConstants.ElementNames.Rule, this.Version.NamespacePolicy))
            {
                throw ThrowHelperXml(reader, "Rule NotStartElement");
            }

            var gaRuleId = reader.GetAttribute("RuleId");

            if (string.IsNullOrEmpty(gaRuleId))
            {
                throw ThrowHelperXml(reader, "RuleId IsNullOrEmpty");
            }

            var gaEffect = reader.GetAttribute("Effect");

            if (string.IsNullOrEmpty(gaEffect))
            {
                throw ThrowHelperXml(reader, "Effect IsNullEmpty");
            }

            XacmlEffectType effectType = XacmlEffectType.Deny;

            if (string.Equals(gaEffect, "Deny", StringComparison.OrdinalIgnoreCase))
            {
                effectType = XacmlEffectType.Deny;
            }
            else if (string.Equals(gaEffect, "Permit", StringComparison.OrdinalIgnoreCase))
            {
                effectType = XacmlEffectType.Permit;
            }
            else
            {
                throw ThrowHelperXml(reader, "Wrong XacmlEffectType value");
            }

            reader.ReadStartElement(XacmlConstants.ElementNames.Rule, this.Version.NamespacePolicy);

            string description = null;

            if (reader.IsStartElement(XacmlConstants.ElementNames.Description, this.Version.NamespacePolicy))
            {
                description = reader.ReadElementContentAsString(XacmlConstants.ElementNames.Description, this.Version.NamespacePolicy);
            }

            XacmlTarget target = null;

            if (reader.IsStartElement(XacmlConstants.ElementNames.Target, this.Version.NamespacePolicy))
            {
                target = this.ReadTarget(reader);
            }

            XacmlExpression condition = null;

            if (reader.IsStartElement(XacmlConstants.ElementNames.Condition, this.Version.NamespacePolicy))
            {
                condition = this.ReadCondition(reader);
            }

            reader.ReadEndElement();
            return(new XacmlRule(gaRuleId, effectType)
            {
                Description = description, Target = target, Condition = condition
            });
        }

示例#15

文件： EvaluationEngine.cs 项目： abc-software/abc.xacml

        protected virtual XacmlMatchResult TargetEvaluate(XacmlTarget target) {
            Contract.Requires<ArgumentNullException>(target != null);

            //// Subjects
            ///// <Subject> values                <Subjects> Value
            ///// At least one “Match”            “Match”
            ///// None matches and at             “Indeterminate”
            ///// least one “Indeterminate”
            ///// All “No match”                  “No match”
            XacmlMatchResult subjectResult = XacmlMatchResult.NoMatch;
            if (target.Subjects.Count == 0)
                subjectResult = XacmlMatchResult.Match;

            foreach (XacmlSubject subj in target.Subjects) {
                ///// <SubjectMatch> values       <Subject> Value
                ///// All “True”                  “Match”
                ///// No “False” and at least     “Indeterminate”
                ///// one “Indeterminate”
                ///// At least one “False”        “No match”
                XacmlMatchResult matchResult = XacmlMatchResult.Match;
                foreach (XacmlSubjectMatch match in subj.Matches) {
                    bool? mres = this.SubjectMatchEvaluation(match);
                    if (!mres.HasValue) {
                        matchResult = XacmlMatchResult.Indeterminate;
                    }
                    else {
                        if (!mres.Value) {
                            matchResult = XacmlMatchResult.NoMatch;
                            break;
                        }
                    }
                }

                if (matchResult == XacmlMatchResult.Indeterminate) {
                    subjectResult = XacmlMatchResult.Indeterminate;
                }
                else {
                    if (matchResult == XacmlMatchResult.Match) {
                        subjectResult = XacmlMatchResult.Match;
                        break;
                    }
                }
            }

            // Resources
            ///// <Resource> values               <Resources> Value
            ///// At least one “Match”            “Match”
            ///// None matches and at             “Indeterminate”
            ///// least one “Indeterminate”
            ///// All “No match”                  “No match”
            XacmlMatchResult resourceResult = XacmlMatchResult.NoMatch;
            if (target.Resources.Count == 0)
                resourceResult = XacmlMatchResult.Match;

            foreach (XacmlResource res in target.Resources) {
                ///// <ResourceMatch> values      <Resource> Value
                ///// All “True”                  “Match”
                ///// No “False” and at least     “Indeterminate”
                ///// one “Indeterminate”
                ///// At least one “False”        “No match”
                XacmlMatchResult matchResult = XacmlMatchResult.Match;
                foreach (XacmlResourceMatch match in res.Matches) {
                    bool? mres = this.ResourceMatchEvaluation(match);
                    if (!mres.HasValue) {
                        matchResult = XacmlMatchResult.Indeterminate;
                    }
                    else {
                        if (!mres.Value) {
                            matchResult = XacmlMatchResult.NoMatch;
                            break;
                        }
                    }
                }

                if (matchResult == XacmlMatchResult.Indeterminate) {
                    resourceResult = XacmlMatchResult.Indeterminate;
                }
                else {
                    if (matchResult == XacmlMatchResult.Match) {
                        resourceResult = XacmlMatchResult.Match;
                        break;
                    }
                }
            }

            // Actions
            ///// <Action> values                 <Actions> Value
            ///// At least one “Match”            “Match”
            ///// None matches and at             “Indeterminate”
            ///// least one “Indeterminate”
            ///// All “No match”                  “No match”
            XacmlMatchResult actionsResult = XacmlMatchResult.NoMatch;
            if (target.Actions.Count == 0)
                actionsResult = XacmlMatchResult.Match;

            foreach (XacmlAction act in target.Actions) {
                ///// <ActionMatch> values        <Action> Value
                ///// All “True”                  “Match”
                ///// No “False” and at least     “Indeterminate”
                ///// one “Indeterminate”
                ///// At least one “False”        “No match”
                XacmlMatchResult matchResult = XacmlMatchResult.Match;
                foreach (XacmlActionMatch match in act.Matches) {
                    bool? mres = this.ActionMatchEvaluation(match);
                    if (!mres.HasValue) {
                        matchResult = XacmlMatchResult.Indeterminate;
                    }
                    else {
                        if (!mres.Value) {
                            matchResult = XacmlMatchResult.NoMatch;
                            break;
                        }
                    }
                }

                if (matchResult == XacmlMatchResult.Indeterminate) {
                    actionsResult = XacmlMatchResult.Indeterminate;
                }
                else {
                    if (matchResult == XacmlMatchResult.Match) {
                        actionsResult = XacmlMatchResult.Match;
                        break;
                    }
                }
            }

            // Environments
            ///// <Environment> values            <Environments> Value
            ///// At least one “Match”            “Match”
            ///// None matches and at             “Indeterminate”
            ///// least one “Indeterminate”
            ///// All “No match”                  “No match”
            XacmlMatchResult environmentResult = XacmlMatchResult.NoMatch;
            if (target.Environments.Count == 0)
                environmentResult = XacmlMatchResult.Match;

            foreach (XacmlEnvironment env in target.Environments) {
                ///// <EnvironmentMatch> values   <Environment> Value
                ///// All “True”                  “Match”
                ///// No “False” and at least     “Indeterminate”
                ///// one “Indeterminate”
                ///// At least one “False”        “No match”
                XacmlMatchResult matchResult = XacmlMatchResult.Match;
                foreach (XacmlEnvironmentMatch match in env.Matches) {
                    bool? mres = this.EnvironmentMatchEvaluation(match);
                    if (!mres.HasValue) {
                        matchResult = XacmlMatchResult.Indeterminate;
                    }
                    else {
                        if (!mres.Value) {
                            matchResult = XacmlMatchResult.NoMatch;
                            break;
                        }
                    }
                }

                if (matchResult == XacmlMatchResult.Indeterminate) {
                    environmentResult = XacmlMatchResult.Indeterminate;
                }
                else {
                    if (matchResult == XacmlMatchResult.Match) {
                        environmentResult = XacmlMatchResult.Match;
                        break;
                    }
                }
            }

            ///// Any "Indeterminate"         "Indeterminate"
            ///// Any "No Match"              "No Match"
            ///// All Match                   "Match"
            XacmlMatchResult targetMatchResult;
            if (subjectResult == XacmlMatchResult.Indeterminate
                || resourceResult == XacmlMatchResult.Indeterminate
                || actionsResult == XacmlMatchResult.Indeterminate
                || environmentResult == XacmlMatchResult.Indeterminate) {
                targetMatchResult = XacmlMatchResult.Indeterminate;
            }
            else if (subjectResult == XacmlMatchResult.NoMatch
                || resourceResult == XacmlMatchResult.NoMatch
                || actionsResult == XacmlMatchResult.NoMatch
                || environmentResult == XacmlMatchResult.NoMatch) {
                targetMatchResult = XacmlMatchResult.NoMatch;
            }
            else {
                targetMatchResult = XacmlMatchResult.Match;
            }

            return targetMatchResult;
        }

示例#16

        /// <summary>
        /// protected virtual void WriteTarget
        /// </summary>
        /// <param name="writer">XmlWriter writer</param>
        /// <param name="data">XacmlTarget data</param>
        protected virtual void WriteTarget(XmlWriter writer, XacmlTarget data)
        {
            if (writer == null)
            {
                throw new ArgumentNullException(nameof(writer));
            }

            if (data == null)
            {
                throw new ArgumentNullException(nameof(data));
            }

            //// Start Target
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Target, this.Version.NamespacePolicy);
            //// Start Subjects
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Subjects, this.Version.NamespacePolicy);
            if (data.Subjects.Count == 0)
            {
                writer.WriteElementString(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AnySubject, this.Version.NamespacePolicy, string.Empty);
            }
            else
            {
                foreach (var subject in data.Subjects)
                {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Subject, this.Version.NamespacePolicy);

                    foreach (var subjectMatch in subject.Matches)
                    {
                        this.WriteMatch(writer, subjectMatch);
                    }

                    writer.WriteEndElement();
                }
            }

            //// End Subjects
            writer.WriteEndElement();

            //// Start Resources
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Resources, this.Version.NamespacePolicy);
            if (data.Resources.Count == 0)
            {
                writer.WriteElementString(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AnyResource, this.Version.NamespacePolicy, string.Empty);
            }
            else
            {
                foreach (var resource in data.Resources)
                {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Resource, this.Version.NamespacePolicy);

                    foreach (var resourceMatch in resource.Matches)
                    {
                        this.WriteMatch(writer, resourceMatch);
                    }

                    writer.WriteEndElement();
                }
            }

            //// End Resources
            writer.WriteEndElement();

            //// Start Actions
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Actions, this.Version.NamespacePolicy);
            if (data.Actions.Count == 0)
            {
                writer.WriteElementString(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AnyAction, this.Version.NamespacePolicy, string.Empty);
            }
            else
            {
                foreach (var action in data.Actions)
                {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Action, this.Version.NamespacePolicy);

                    foreach (var actionMatch in action.Matches)
                    {
                        this.WriteMatch(writer, actionMatch);
                    }

                    writer.WriteEndElement();
                }
            }

            //// End Actions
            writer.WriteEndElement();

            if (data.Environments != null && data.Environments.Count > 0)
            {
                throw new InvalidOperationException("Environments property just for version 2.0 or higher");
            }

            //// End Target
            writer.WriteEndElement();
        }

示例#17

文件： EvaluationEngine30.cs 项目： abc-software/abc.xacml

        protected override XacmlMatchResult TargetEvaluate(XacmlTarget target) {
            if (target.AnyOf.Count == 0) {
                return XacmlMatchResult.Match;
            }

            //// <AnyOf> values                   Target value
            //// All “Match”                      “Match”
            //// At least one “No Match”          "No Match"
            //// Otherwise                        “Indeterminate”
            XacmlMatchResult result = XacmlMatchResult.Match;
            foreach (XacmlAnyOf anyOf in target.AnyOf) {
                //// <AllOf> values                                   <AnyOf> Value
                //// At least one “Match”                             “Match”
                //// None matches and at least one “Indeterminate”    “Indeterminate”
                //// All “No match”                                   “No match”
                XacmlMatchResult anyOfResult = XacmlMatchResult.NoMatch;
                foreach (XacmlAllOf allOf in anyOf.AllOf) {
                    //// <Match> values                               <AllOf> Value
                    //// All “True”                                   “Match”
                    //// No “False” and at least one “Indeterminate”  “Indeterminate”
                    //// At least one “False”                         “No match”
                    XacmlMatchResult allOfResult = XacmlMatchResult.Match;
                    foreach (XacmlMatch match in allOf.Matches) {
                        bool? matchResult = this.MatchEvaluation(match);

                        // indeterminate
                        if (!matchResult.HasValue) {
                            allOfResult = XacmlMatchResult.Indeterminate;
                        }
                        else if (!matchResult.Value) {
                            allOfResult = XacmlMatchResult.NoMatch;
                            break;
                        }
                    }

                    if (allOfResult == XacmlMatchResult.Match) {
                        anyOfResult = XacmlMatchResult.Match;
                        break;
                    }

                    if (allOfResult == XacmlMatchResult.Indeterminate) {
                        anyOfResult = XacmlMatchResult.Indeterminate;
                    }
                }

                if (anyOfResult == XacmlMatchResult.NoMatch) {
                    result = XacmlMatchResult.NoMatch;
                    break;
                }

                if (anyOfResult == XacmlMatchResult.Indeterminate) {
                    result = XacmlMatchResult.Indeterminate;
                }
            }

            return result;
        }

示例#18

文件： XacmlProtocolSerializerWrite.cs 项目： abc-software/abc.xacml

        /// <summary>
        /// protected virtual void WriteTarget
        /// </summary>
        /// <param name="writer">XmlWriter writer</param>
        /// <param name="data">XacmlTarget data</param>
        protected virtual void WriteTarget(XmlWriter writer, XacmlTarget data) {
            Contract.Requires<ArgumentNullException>(writer != null);
            Contract.Requires<ArgumentNullException>(data != null);

            //// Start Target
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Target, this.version.NamespacePolicy);
            //// Start Subjects
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Subjects, this.version.NamespacePolicy);
            if (data.Subjects.Count == 0) {
                writer.WriteElementString(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AnySubject, this.version.NamespacePolicy, string.Empty);
            }
            else {
                foreach (var subject in data.Subjects) {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Subject, this.version.NamespacePolicy);

                    foreach (var subjectMatch in subject.Matches) {
                        this.WriteMatch(writer, subjectMatch);
                    }

                    writer.WriteEndElement();
                }
            }

            //// End Subjects
            writer.WriteEndElement();

            //// Start Resources
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Resources, this.version.NamespacePolicy);
            if (data.Resources.Count == 0) {
                writer.WriteElementString(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AnyResource, this.version.NamespacePolicy, string.Empty);
            }
            else {
                foreach (var resource in data.Resources) {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Resource, this.version.NamespacePolicy);

                    foreach (var resourceMatch in resource.Matches) {
                        this.WriteMatch(writer, resourceMatch);
                    }

                    writer.WriteEndElement();
                }
            }

            //// End Resources
            writer.WriteEndElement();

            //// Start Actions
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Actions, this.version.NamespacePolicy);
            if (data.Actions.Count == 0) {
                writer.WriteElementString(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.AnyAction, this.version.NamespacePolicy, string.Empty);
            }
            else {
                foreach (var action in data.Actions) {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Action, this.version.NamespacePolicy);

                    foreach (var actionMatch in action.Matches) {
                        this.WriteMatch(writer, actionMatch);
                    }

                    writer.WriteEndElement();
                }
            }

            //// End Actions
            writer.WriteEndElement();

            if (data.Environments != null && data.Environments.Count > 0) {
                throw Diagnostic.DiagnosticTools.ExceptionUtil.ThrowHelperError(new XacmlSerializationException("Environments property just for version 2.0 or higher"));
            }

            //// End Target
            writer.WriteEndElement();
        }

示例#19

文件： Xacml20ProtocolSerializer.cs 项目： abc-software/abc.xacml

        /// <summary>
        /// Writes the target.
        /// </summary>
        /// <param name="writer">The writer.</param>
        /// <param name="data">The data.</param>
        protected override void WriteTarget(XmlWriter writer, XacmlTarget data) {
            Contract.Requires<ArgumentNullException>(writer != null);
            Contract.Requires<ArgumentNullException>(data != null);

            //// Start Target
            writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Target, this.version.NamespacePolicy);

            if (data.Subjects.Count() > 0) {
                //// Start Subjects
                writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Subjects, this.version.NamespacePolicy);
                foreach (var subject in data.Subjects) {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Subject, this.version.NamespacePolicy);

                    foreach (XacmlSubjectMatch subjectMatch in subject.Matches) {
                        this.WriteMatch(writer, subjectMatch);
                    }

                    writer.WriteEndElement();
                }

                //// End Subjects
                writer.WriteEndElement();
            }

            if (data.Resources.Count() > 0) {
                //// Start Resources
                writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Resources, this.version.NamespacePolicy);

                foreach (var resource in data.Resources) {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Resource, this.version.NamespacePolicy);

                    foreach (var resourceMatch in resource.Matches) {
                        this.WriteMatch(writer, resourceMatch);
                    }

                    writer.WriteEndElement();
                }

                //// End Resources
                writer.WriteEndElement();
            }

            if (data.Actions.Count() > 0) {
                //// Start Actions
                writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Actions, this.version.NamespacePolicy);
                foreach (var action in data.Actions) {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Action, this.version.NamespacePolicy);

                    foreach (var actionMatch in action.Matches) {
                        this.WriteMatch(writer, actionMatch);
                    }

                    writer.WriteEndElement();
                }

                //// End Actions
                writer.WriteEndElement();
            }

            if (data.Environments.Count() > 0) {

                //// Start Environment
                writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Environments, this.version.NamespacePolicy);
                foreach (var environment in data.Environments) {
                    writer.WriteStartElement(XacmlConstants.Prefixes.Policy, XacmlConstants.ElementNames.Environment, this.version.NamespacePolicy);

                    foreach (var environmentMatch in environment.Matches) {
                        this.WriteMatch(writer, environmentMatch);
                    }

                    writer.WriteEndElement();
                }

                //// End Actions
                writer.WriteEndElement();
            }

            //// End Target
            writer.WriteEndElement();
        }

示例#20

文件： XacmlTargetFixture.cs 项目： ybohan/abc.xacml

        public void Add()
        {
            var target = new XacmlTarget();

            var subject1 = new XacmlSubject(
                new XacmlSubjectMatch[]
            {
                new XacmlSubjectMatch(
                    new Uri("http://subject1"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www")),
                    new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
                })
            });

            var subject2 = new XacmlSubject(
                new XacmlSubjectMatch[]
            {
                new XacmlSubjectMatch(
                    new Uri("http://subject2"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www")),
                    new XacmlSubjectAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false, Category = new Uri("http://www.subjectCategory.www")
                })
            });

            var resource1 = new XacmlResource(
                new XacmlResourceMatch[]
            {
                new XacmlResourceMatch(
                    new Uri("http://resource1"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */),
                    new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false
                }
                    )
            });

            var resource2 = new XacmlResource(
                new XacmlResourceMatch[]
            {
                new XacmlResourceMatch(
                    new Uri("http://resource1"),
                    new XacmlAttributeValue(new Uri("http://www.DataType.www") /*, "xxxx" */),
                    new XacmlResourceAttributeDesignator(new Uri("http://www.AttributeId.www"), new Uri("http://www.DataType.www"))
                {
                    Issuer = "String", MustBePresent = false
                }
                    )
            });

            {
                target.AnyOf.Add(new XacmlAnyOf(new XacmlAllOf[] { subject1 }));

                Assert.AreEqual(1, target.AnyOf.Count);
                Assert.AreEqual(1, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(1, target.Subjects.Count);
                Assert.AreEqual(0, target.Resources.Count);
                Assert.AreEqual(new Uri("http://subject1"), target.Subjects.First().Matches.First().MatchId);
            }

            {
                target.Subjects.Add(subject2);

                Assert.AreEqual(1, target.AnyOf.Count);
                Assert.AreEqual(2, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(2, target.Subjects.Count);
                Assert.AreEqual(0, target.Resources.Count);
            }

            {
                target.AnyOf.Add(new XacmlAnyOf(new XacmlAllOf[] { resource1 }));

                Assert.AreEqual(2, target.AnyOf.Count);
                Assert.AreEqual(3, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(2, target.Subjects.Count);
                Assert.AreEqual(1, target.Resources.Count);
            }

            {
                target.Resources.Add(resource2);

                Assert.AreEqual(2, target.AnyOf.Count);
                Assert.AreEqual(4, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(2, target.Subjects.Count);
                Assert.AreEqual(2, target.Resources.Count);

                foreach (var res in target.Resources)
                {
                }

                Assert.AreEqual(true, target.Resources.Contains(resource1));
            }

            {
                target.Subjects.Remove(subject1);

                Assert.AreEqual(2, target.AnyOf.Count);
                Assert.AreEqual(3, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(1, target.Subjects.Count);
                Assert.AreEqual(2, target.Resources.Count);
            }

            {
                target.Resources.Clear();

                Assert.AreEqual(1, target.AnyOf.Count);
                Assert.AreEqual(1, target.AnyOf.SelectMany(x => x.AllOf).Count());
                Assert.AreEqual(1, target.Subjects.Count);
                Assert.AreEqual(0, target.Resources.Count);
            }
        }

示例#21

文件： XacmlProtocolSerializerRead.cs 项目： ybohan/abc.xacml

        /// <summary>
        /// Reads the policy.
        /// </summary>
        /// <param name="reader">The reader.</param>
        /// <returns></returns>
        /// <exception cref="System.InvalidOperationException"></exception>
        /// <exception cref="System.Xml.XmlException">
        /// PolicyId IsNullOrEmpty
        /// or
        /// RuleCombiningAlgId IsNullOrEmpty
        /// </exception>
        public virtual XacmlPolicy ReadPolicy(XmlReader reader)
        {
            if (reader == null)
            {
                throw new ArgumentNullException(nameof(reader));
            }

            IDictionary <string, string> nsMgr = new Dictionary <string, string>();

            for (int i = 0; i < reader.AttributeCount; i++)
            {
                reader.MoveToAttribute(i);
                if (reader.Prefix == "xmlns")
                {
                    nsMgr.Add(reader.LocalName, reader.Value);
                }
            }

            if (!this.CanRead(reader, XacmlConstants.ElementNames.Policy))
            {
                throw ThrowHelperXml(reader, "XML message is not valid.");
            }

            var gaPolicyId = reader.GetAttribute("PolicyId");

            if (string.IsNullOrEmpty(gaPolicyId))
            {
                throw ThrowHelperXml(reader, "PolicyId IsNullOrEmpty");
            }

            var gaRuleCombiningAlgId = reader.GetAttribute("RuleCombiningAlgId");

            if (string.IsNullOrEmpty(gaRuleCombiningAlgId))
            {
                throw ThrowHelperXml(reader, "RuleCombiningAlgId IsNullOrEmpty");
            }

            reader.ReadStartElement(XacmlConstants.ElementNames.Policy, this.Version.NamespacePolicy);

            string description = null;

            if (reader.IsStartElement(XacmlConstants.ElementNames.Description, this.Version.NamespacePolicy))
            {
                description = reader.ReadElementContentAsString(XacmlConstants.ElementNames.Description, this.Version.NamespacePolicy);
            }

            // PolicySetDefault
            string xpathVersion = null;

            if (reader.IsStartElement(XacmlConstants.ElementNames.PolicyDefaults, this.Version.NamespacePolicy))
            {
                reader.ReadStartElement(XacmlConstants.ElementNames.PolicyDefaults, this.Version.NamespacePolicy);

                if (!reader.IsStartElement(XacmlConstants.ElementNames.XPathVersion, this.Version.NamespacePolicy))
                {
                    throw ThrowHelperXml(reader, "XPathVerison NotStartElement");
                }

                xpathVersion = reader.ReadElementContentAsString(XacmlConstants.ElementNames.XPathVersion, this.Version.NamespacePolicy);

                reader.ReadEndElement();
            }

            XacmlTarget target = null;

            if (reader.IsStartElement(XacmlConstants.ElementNames.Target, this.Version.NamespacePolicy))
            {
                target = ReadTarget(reader);
            }

            XacmlPolicy policy = new XacmlPolicy(new Uri(gaPolicyId, UriKind.RelativeOrAbsolute), new Uri(gaRuleCombiningAlgId, UriKind.RelativeOrAbsolute), target)
            {
                Description  = description,
                XPathVersion = xpathVersion != null ? new Uri(xpathVersion) : null,
            };

            policy.Namespaces = nsMgr;

            XacmlRule rule = null;

            while (reader.IsStartElement(XacmlConstants.ElementNames.Rule, this.Version.NamespacePolicy))
            {
                rule = ReadRule(reader);
                policy.Rules.Add(rule);
            }

            if (reader.IsStartElement(XacmlConstants.ElementNames.Obligations, this.Version.NamespacePolicy))
            {
                reader.ReadStartElement(XacmlConstants.ElementNames.Obligations, this.Version.NamespacePolicy);

                this.ReadList(policy.Obligations, XacmlConstants.ElementNames.Obligation, this.Version.NamespacePolicy, ReadObligation, reader, isRequired: true);

                // end obligations
                reader.ReadEndElement();
            }

            // end policy
            reader.ReadEndElement();

            return(policy);
        }