/// <summary>
/// Creates a new instance of the Rule using the rule defined in the policy document.
/// </summary>
/// <param name="rule">The rule defined in the policy document.</param>
public Rule(RuleElement rule)
{
if (rule == null) throw new ArgumentNullException("rule");
_rule = rule;
if (_rule.SchemaVersion == XacmlVersion.Version10 || _rule.SchemaVersion == XacmlVersion.Version11)
{
_condition = new Condition((ConditionElement)_rule.Condition);
}
else if (_rule.SchemaVersion == XacmlVersion.Version20)
{
_condition = new Condition2((ConditionElement)_rule.Condition);
}
if (rule.Target != null)
{
_target = new Target((TargetElement)rule.Target);
// Load all the resources for the elements within this rule.
foreach (ResourceElement resource in rule.Target.Resources.ItemsList)
{
foreach (ResourceMatchElement rmatch in resource.Match)
{
if (!_allResources.Contains(rmatch.AttributeValue.Contents))
{
_allResources.Add(rmatch.AttributeValue.Contents);
}
}
}
}
}
/// <summary>
/// Creates a new runtime policy evaluation.
/// </summary>
/// <param name="policy">The policy document.</param>
public Policy(pol.PolicyElement policy)
{
if (policy == null) throw new ArgumentNullException("policy");
_policy = policy;
// Chechs the target for this policy.
if (policy.Target != null)
{
_target = new Target((pol.TargetElement)policy.Target);
// Load all the resources for this policy.
foreach (ResourceElement resource in policy.Target.Resources.ItemsList)
{
foreach (ResourceMatchElement rmatch in resource.Match)
{
if (!_allResources.Contains(rmatch.AttributeValue.Contents))
{
_allResources.Add(rmatch.AttributeValue.Contents);
}
}
}
}
// Load all the Rules and creates a new runtime rule.
foreach (pol.RuleElement rule in policy.Rules)
{
var ruleEv = new Rule(rule);
_rules.Add(ruleEv);
foreach (string rName in ruleEv.AllResources)
{
if (!_allResources.Contains(rName))
{
_allResources.Add(rName);
}
}
}
}
/// <summary>
/// Creates a new runtime policy set evaluation.
/// </summary>
/// <param name="engine">The evaluation engine.</param>
/// <param name="policySet">The policy set defined in the policy document.</param>
public PolicySet(EvaluationEngine engine, PolicySetElement policySet)
{
if (engine == null) throw new ArgumentNullException("engine");
if (policySet == null) throw new ArgumentNullException("policySet");
_policySet = policySet;
// Create a runtime target of this policy set.
if (policySet.Target != null)
{
_target = new Target((TargetElement)policySet.Target);
foreach (ResourceElement resource in policySet.Target.Resources.ItemsList)
{
foreach (ResourceMatchElement rmatch in resource.Match)
{
if (!_allResources.Contains(rmatch.AttributeValue.Contents))
{
_allResources.Add(rmatch.AttributeValue.Contents);
}
}
}
}
// Add all the policies (or policy set) inside this policy set.
foreach (object child in policySet.Policies)
{
var childPolicySet = child as PolicySetElement;
var childPolicyElement = child as PolicyElement;
var childPolicySetIdReference = child as PolicySetIdReferenceElement;
var childPolicyIdReferenceElement = child as PolicyIdReferenceElement;
if (childPolicySet != null)
{
var policySetEv = new PolicySet(engine, childPolicySet);
foreach (string rName in policySetEv.AllResources)
{
if (!_allResources.Contains(rName))
{
_allResources.Add(rName);
}
}
_policies.Add(policySetEv);
}
else if (childPolicyElement != null)
{
var policyEv = new Policy(childPolicyElement);
foreach (string rName in policyEv.AllResources)
{
if (!_allResources.Contains(rName))
{
_allResources.Add(rName);
}
}
_policies.Add(policyEv);
}
else if (childPolicySetIdReference != null)
{
PolicySetElement policySetDefinition = EvaluationEngine.Resolve(childPolicySetIdReference);
if (policySetDefinition != null)
{
var policySetEv = new PolicySet(engine, policySetDefinition);
foreach (string rName in policySetEv.AllResources)
{
if (!_allResources.Contains(rName))
{
_allResources.Add(rName);
}
}
_policies.Add(policySetEv);
}
else
{
throw new EvaluationException(string.Format(Properties.Resource.exc_policyset_reference_not_resolved, ((PolicySetIdReferenceElement)child).PolicySetId));
}
}
else if (childPolicyIdReferenceElement != null)
{
PolicyElement policyDefinition = EvaluationEngine.Resolve(childPolicyIdReferenceElement);
if (policyDefinition != null)
{
var policyEv = new Policy(policyDefinition);
foreach (string rName in policyEv.AllResources)
{
if (!_allResources.Contains(rName))
{
_allResources.Add(rName);
}
}
_policies.Add(policyEv);
}
else
{
throw new EvaluationException(string.Format(Properties.Resource.exc_policy_reference_not_resolved, ((PolicyIdReferenceElement)child).PolicyId));
}
}
}
}