nbi.xmlsec.xacml.profile.rbac
Class Assignment

java.lang.Object
  extended bynbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
      extended bynbi.xmlsec.xacml.profile.rbac.Assignment

public class Assignment
extends RBACPolicyElement

This class implements a role assignment rule according to the XACML RBAC Profile. It assigns subjects to a role. Currently, only subjects with X500 names are supported. The assignment may be represented as a Rule or parsed from a Rulerepresentation.

Since:
Version:
$Revision: 1.14 $
Author:
Lutz Suhrbier

Field Summary
static URI enableRoleActionId
          This identifier MAY be used as the of the &action;action-identifier Attribute in a RolePolicySet Assignment .
(package private) static Logger logger
           
 
Fields inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
 
Constructor Summary
Assignment(Rule rule)
          Create an Assigment instance from its Rulerepresentation.
Assignment(String domain, String label, RoleValueIdentifier roleId)
          Create an Assigment instance.
Assignment(URI assignmentId, RoleValueIdentifier roleId)
          Create an Assigment instance.
 
Method Summary
 boolean add(RBACPolicyElement element)
          Adds the subjects of another Assignment to the subjects of this assignment.
 boolean add(Set subjects)
          Adds a set of subjects to this assigment.
 boolean add(X500Principal subject)
          Adds an X500Principal subject to the subject set.
private  void checkTargetActions(List actions)
           
 boolean equals(Object obj)
          Compares the specified object with this assignment.
 URI getEnableRoleActionId()
          Gets the EnableRoelActionId from the target.
 RoleValueIdentifier getRoleIdentifier()
          Gets the role identifier of this assignment.
 HashSet getSubjects()
          Gets the assigned subjects of this this assignment.
 void parse(PolicyTreeElement element)
          Parses an assignment from its Rulerepresentation.
private  void parseTargetResources(List resources)
           
 boolean remove(RBACPolicyElement element)
          Removes the subjects of another Assignment from the subjects of this assignment.
 boolean remove(Set subjects)
          Removes a set of subjects from this assigment.
 boolean remove(X500Principal subject)
          Removes an X500Principal subject to the subject set.
protected  void setEnableRoleActionId()
          Sets the EnableRoelActionId on the target.
 void setRoleIdentifier(RoleValueIdentifier roleId)
          Sets the role identifier of this assignment.
 void setRoleIdentifier(URI roleId)
          Sets the role identifier of this assignment.
 PolicyTreeElement toPolicyTreeElement()
          Returns the Rulerepresentation of the assignment.
 
Methods inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
getIdentifier, getTarget, hashCode, parse, setIdentifier, setIdentifier, setTarget, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

logger

static Logger logger

enableRoleActionId

public static final URI enableRoleActionId
This identifier MAY be used as the of the &action;action-identifier Attribute in a RolePolicySet Assignment .

Constructor Detail

Assignment

public Assignment(String domain,
                  String label,
                  RoleValueIdentifier roleId)
Create an Assigment instance.

Parameters:
domain - Domain of the assignment identifier.
label - Label of the assignment identifier.
roleId - RolePolicySet for this assignment.

Assignment

public Assignment(URI assignmentId,
                  RoleValueIdentifier roleId)
           throws ParsingException
Create an Assigment instance.

Parameters:
assignmentId - Assignment identifier (domain:assignment:label).
roleId - RolePolicySet for this assignment.

Assignment

public Assignment(Rule rule)
           throws ParsingException
Create an Assigment instance from its Rulerepresentation.

Parameters:
rule - Rulerepresentation.
Method Detail

add

public boolean add(Set subjects)
Adds a set of subjects to this assigment.

Parameters:
subjects - The subjects to add.
Returns:
true if the subjects has been added succesfully, false otherwise.

remove

public boolean remove(Set subjects)
Removes a set of subjects from this assigment.

Parameters:
subjects - The subjects to add.
Returns:
true if the subjects has been added succesfully, false otherwise.

add

public boolean add(X500Principal subject)
Adds an X500Principal subject to the subject set.

Parameters:
subject - The subject to add.
Returns:
true if the subject has been added succesfully, false otherwise.

remove

public boolean remove(X500Principal subject)
Removes an X500Principal subject to the subject set.

Parameters:
subject - The subject to remove.
Returns:
true if the subject has been removed succesfully, false otherwise.

add

public boolean add(RBACPolicyElement element)
Adds the subjects of another Assignment to the subjects of this assignment.

Specified by:
add in class RBACPolicyElement
Parameters:
element - The assignment to add.
Returns:
true if the assignment has been added succesfully, false otherwise.
See Also:
RBACPolicyElement.add(RBACPolicyElement)

remove

public boolean remove(RBACPolicyElement element)
Removes the subjects of another Assignment from the subjects of this assignment.

Specified by:
remove in class RBACPolicyElement
Parameters:
element - The assignment to remove.
Returns:
true if the assignment has been removed succesfully, false otherwise.
See Also:
RBACPolicyElement.remove(RBACPolicyElement)

toPolicyTreeElement

public PolicyTreeElement toPolicyTreeElement()
Returns the Rulerepresentation of the assignment.

Specified by:
toPolicyTreeElement in class RBACPolicyElement
Returns:
Assignment's rule representation.

parse

public void parse(PolicyTreeElement element)
           throws ParsingException
Parses an assignment from its Rulerepresentation.

Specified by:
parse in class RBACPolicyElement
Parameters:
element - The rule to parse.
Throws:
ParsingException - Indicates a malformed Rulerepresentation.

parseTargetResources

private void parseTargetResources(List resources)
                           throws ParsingException
Throws:
ParsingException

checkTargetActions

private void checkTargetActions(List actions)
                         throws ParsingException
Throws:
ParsingException

getEnableRoleActionId

public URI getEnableRoleActionId()
Gets the EnableRoelActionId from the target.

Returns:
The assignment's role identifier.

setEnableRoleActionId

protected void setEnableRoleActionId()
Sets the EnableRoelActionId on the target.

Returns:
The assignment's role identifier.

getRoleIdentifier

public RoleValueIdentifier getRoleIdentifier()
Gets the role identifier of this assignment.

Returns:
The assignment's role identifier.

setRoleIdentifier

public void setRoleIdentifier(RoleValueIdentifier roleId)
Sets the role identifier of this assignment.

Parameters:
roleId - The assignment's role identifier.

setRoleIdentifier

public void setRoleIdentifier(URI roleId)
                       throws ParsingException
Sets the role identifier of this assignment.

Parameters:
roleId - The assignment's role identifier.
Throws:
ParsingException - Indicates a malformed RoleValueIdentifier representation.

getSubjects

public HashSet getSubjects()
Gets the assigned subjects of this this assignment.

Returns:
The assignment's subjects.

equals

public boolean equals(Object obj)
Compares the specified object with this assignment. Returns true if the specified object is also an Assignment and the underlying policy element is also equal.

Overrides:
equals in class RBACPolicyElement
Parameters:
obj - Object to be compared for equality with this assignment.
Returns:
true if the specified Object is equal to this assignment.


Copyright © 2006 Lutz Suhrbier, Freie Universität Berlin. All Rights Reserved.