/// <summary>
/// Evauluate the Apply.
/// </summary>
/// <param name="request">The context request.</param>
/// <returns>The match result.</returns>
public XacmlAttributeMatchResult Evalute(XacmlContextRequest request)
{
XacmlAttributeValue policyConditionAttributeValue = null;
XacmlAttributeDesignator xacmlAttributeDesignator = null;
XacmlApply xacmlApply = null;
foreach (IXacmlExpression xacmlExpression in this.Parameters)
{
if (xacmlExpression.GetType() == typeof(XacmlAttributeValue))
{
policyConditionAttributeValue = xacmlExpression as XacmlAttributeValue;
}
else if (xacmlExpression.GetType() == typeof(XacmlAttributeDesignator))
{
xacmlAttributeDesignator = xacmlExpression as XacmlAttributeDesignator;
}
else if (xacmlExpression.GetType() == typeof(XacmlApply))
{
xacmlApply = xacmlExpression as XacmlApply;
}
}
if (xacmlAttributeDesignator == null && xacmlApply != null)
{
foreach (IXacmlExpression xacmlExpression in xacmlApply.Parameters)
{
if (xacmlExpression.GetType() == typeof(XacmlAttributeDesignator))
{
xacmlAttributeDesignator = xacmlExpression as XacmlAttributeDesignator;
}
}
}
return(this.Evaluate(request, policyConditionAttributeValue, xacmlAttributeDesignator, xacmlApply));
}
/// <summary>
/// Evauluat the condition.
/// </summary>
/// <param name="request">The xacml context request.</param>
/// <returns>The match result.</returns>
public XacmlAttributeMatchResult EvaluateCondition(XacmlContextRequest request)
{
Type conditionType = this.Condition.Property.GetType();
if (conditionType == typeof(XacmlFunction))
{
return XacmlAttributeMatchResult.NoMatch;
}
else if (conditionType == typeof(XacmlApply))
{
XacmlApply xacmlApply = this.Condition.Property as XacmlApply;
return xacmlApply.Evalute(request);
}
return XacmlAttributeMatchResult.NoMatch;
}
/// <summary>
/// This verifies it the XacmlApply is only a bag size function and
/// does not compare the attribute value only the attribute count.
/// </summary>
/// <param name="xacmlApply">The xacmlApply.</param>
/// <returns>A boolean value telling if it is a baq size only function.</returns>
private bool IsBagSizeCondition(XacmlApply xacmlApply)
{
if (xacmlApply == null)
{
return(false);
}
string applyfunction = xacmlApply.FunctionId.OriginalString;
switch (applyfunction)
{
case XacmlConstants.AttributeBagFunction.TimeBagSize:
case XacmlConstants.AttributeBagFunction.DateBagSize:
case XacmlConstants.AttributeBagFunction.DateTimeBagSize:
return(true);
default:
return(false);
}
}
private bool ValidateSingleElementInBagCondition(ICollection <XacmlContextAttributes> contextAttributes, XacmlAttributeValue policyConditionAttributeValue, XacmlApply xacmlApply, XacmlAttributeDesignator attributeDesignator)
{
bool isSingleFunction = false;
string applyfunction = this.FunctionId.OriginalString;
if (xacmlApply != null)
{
applyfunction = xacmlApply.FunctionId.OriginalString;
}
switch (applyfunction)
{
case XacmlConstants.AttributeMatchFunction.IntegerOneAndOnly:
isSingleFunction = true;
break;
case XacmlConstants.AttributeMatchFunction.DateOneAndOnly:
isSingleFunction = true;
break;
case XacmlConstants.AttributeMatchFunction.DateTimeOneAndOnly:
isSingleFunction = true;
break;
default:
break;
}
if (!isSingleFunction)
{
return(true);
}
int attributeCount = this.GetBagSize(contextAttributes, attributeDesignator);
if (attributeCount > 1)
{
return(false);
}
return(true);
}
private XacmlAttributeMatchResult EvaluateBagSize(ICollection <XacmlContextAttributes> contextAttributes, XacmlAttributeValue policyConditionAttributeValue, XacmlApply xacmlApply, XacmlAttributeDesignator attributeDesignator)
{
string applyfunction = xacmlApply.FunctionId.OriginalString;
switch (applyfunction)
{
case XacmlConstants.AttributeBagFunction.TimeBagSize:
case XacmlConstants.AttributeBagFunction.DateBagSize:
case XacmlConstants.AttributeBagFunction.DateTimeBagSize:
int bagSize = this.GetBagSize(contextAttributes, attributeDesignator);
if (int.Parse(policyConditionAttributeValue.Value).Equals(bagSize))
{
return(XacmlAttributeMatchResult.Match);
}
return(XacmlAttributeMatchResult.BagSizeConditionFailed);
default:
break;
}
return(XacmlAttributeMatchResult.BagSizeConditionFailed);
}
private XacmlAttributeMatchResult Evaluate(XacmlContextRequest contextRequest, XacmlAttributeValue policyConditionAttributeValue, XacmlAttributeDesignator attributeDesignator, XacmlApply xacmlApply)
{
ICollection <XacmlContextAttributes> xacmlContextAttributes = new Collection <XacmlContextAttributes>();
foreach (XacmlContextAttributes attributes in contextRequest.Attributes)
{
if (attributes.Category.Equals(attributeDesignator.Category))
{
xacmlContextAttributes.Add(attributes);
}
}
if (xacmlContextAttributes.Count == 0)
{
// No match for the condition in the attributes
return(XacmlAttributeMatchResult.RequiredAttributeMissing);
}
if (!this.ValidateSingleElementInBagCondition(xacmlContextAttributes, policyConditionAttributeValue, xacmlApply, attributeDesignator))
{
return(XacmlAttributeMatchResult.ToManyAttributes);
}
if (this.IsBagSizeCondition(xacmlApply))
{
return(this.EvaluateBagSize(xacmlContextAttributes, policyConditionAttributeValue, xacmlApply, attributeDesignator));
}
return(this.Evalute(xacmlContextAttributes, policyConditionAttributeValue, attributeDesignator));
}
