nbi.xmlsec.xacml.profile.rbac
Class Assignment

java.lang.Object
  nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
      nbi.xmlsec.xacml.profile.rbac.Assignment

public class Assignment

extends RBACPolicyElement

This class implements a role assignment rule according to the XACML RBAC Profile. It assigns subjects to a role. Currently, only subjects with X500 names are supported. The assignment may be represented as a Rule or parsed from a Rulerepresentation.

Since:

Version:

$Revision: 1.14 $

Author:

Lutz Suhrbier

Field Summary

static URI	enableRoleActionId This identifier MAY be used as the of the &action;action-identifier Attribute in a RolePolicySet Assignment .
(package private) static Logger	logger

Fields inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement

Constructor Summary

Assignment(Rule rule)
Create an Assigment instance from its Rulerepresentation.

Assignment(String domain, String label, RoleValueIdentifier roleId)
Create an Assigment instance.

Assignment(URI assignmentId, RoleValueIdentifier roleId)
Create an Assigment instance.

Method Summary

boolean	add(RBACPolicyElement element) Adds the subjects of another Assignment to the subjects of this assignment.
boolean	add(Set subjects) Adds a set of subjects to this assigment.
boolean	add(X500Principal subject) Adds an X500Principal subject to the subject set.
private void	checkTargetActions(List actions)
boolean	equals(Object obj) Compares the specified object with this assignment.
URI	getEnableRoleActionId() Gets the EnableRoelActionId from the target.
RoleValueIdentifier	getRoleIdentifier() Gets the role identifier of this assignment.
HashSet	getSubjects() Gets the assigned subjects of this this assignment.
void	parse(PolicyTreeElement element) Parses an assignment from its Rulerepresentation.
private void	parseTargetResources(List resources)
boolean	remove(RBACPolicyElement element) Removes the subjects of another Assignment from the subjects of this assignment.
boolean	remove(Set subjects) Removes a set of subjects from this assigment.
boolean	remove(X500Principal subject) Removes an X500Principal subject to the subject set.
protected void	setEnableRoleActionId() Sets the EnableRoelActionId on the target.
void	setRoleIdentifier(RoleValueIdentifier roleId) Sets the role identifier of this assignment.
void	setRoleIdentifier(URI roleId) Sets the role identifier of this assignment.
PolicyTreeElement	toPolicyTreeElement() Returns the Rulerepresentation of the assignment.

Methods inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement

getIdentifier, getTarget, hashCode, parse, setIdentifier, setIdentifier, setTarget, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

logger

static Logger logger

enableRoleActionId

public static final URI enableRoleActionId

This identifier MAY be used as the of the &action;action-identifier Attribute in a RolePolicySet Assignment .

Constructor Detail

Assignment

public Assignment(String domain,
                  String label,
                  RoleValueIdentifier roleId)

Create an Assigment instance.

Parameters:

domain - Domain of the assignment identifier.

label - Label of the assignment identifier.

roleId - RolePolicySet for this assignment.

Assignment

public Assignment(URI assignmentId,
                  RoleValueIdentifier roleId)
           throws ParsingException

Create an Assigment instance.

Parameters:

assignmentId - Assignment identifier (domain:assignment:label).

roleId - RolePolicySet for this assignment.

Assignment

public Assignment(Rule rule)
           throws ParsingException

Create an Assigment instance from its Rulerepresentation.

Parameters:

rule - Rulerepresentation.

Method Detail

add

public boolean add(Set subjects)

Adds a set of subjects to this assigment.

Parameters:

subjects - The subjects to add.

Returns:

true if the subjects has been added succesfully, false otherwise.

remove

public boolean remove(Set subjects)

Removes a set of subjects from this assigment.

Parameters:

subjects - The subjects to add.

Returns:

true if the subjects has been added succesfully, false otherwise.

add

public boolean add(X500Principal subject)

Adds an X500Principal subject to the subject set.

Parameters:

subject - The subject to add.

Returns:

true if the subject has been added succesfully, false otherwise.

remove

public boolean remove(X500Principal subject)

Removes an X500Principal subject to the subject set.

Parameters:

subject - The subject to remove.

Returns:

true if the subject has been removed succesfully, false otherwise.

add

public boolean add(RBACPolicyElement element)

Adds the subjects of another Assignment to the subjects of this assignment.

Specified by:

add in class RBACPolicyElement

Parameters:

element - The assignment to add.

Returns:

true if the assignment has been added succesfully, false otherwise.

See Also:

RBACPolicyElement.add(RBACPolicyElement)

remove

public boolean remove(RBACPolicyElement element)

Removes the subjects of another Assignment from the subjects of this assignment.

Specified by:

remove in class RBACPolicyElement

Parameters:

element - The assignment to remove.

Returns:

true if the assignment has been removed succesfully, false otherwise.

See Also:

RBACPolicyElement.remove(RBACPolicyElement)

toPolicyTreeElement

public PolicyTreeElement toPolicyTreeElement()

Returns the Rulerepresentation of the assignment.

Specified by:

toPolicyTreeElement in class RBACPolicyElement

Returns:

Assignment's rule representation.

parse

public void parse(PolicyTreeElement element)
           throws ParsingException

Parses an assignment from its Rulerepresentation.

Specified by:

parse in class RBACPolicyElement

Parameters:

element - The rule to parse.

Throws:

ParsingException - Indicates a malformed Rulerepresentation.

parseTargetResources

private void parseTargetResources(List resources)
                           throws ParsingException

Throws:

ParsingException

checkTargetActions

private void checkTargetActions(List actions)
                         throws ParsingException

Throws:

ParsingException

getEnableRoleActionId

public URI getEnableRoleActionId()

Gets the EnableRoelActionId from the target.

Returns:

The assignment's role identifier.

setEnableRoleActionId

protected void setEnableRoleActionId()

Sets the EnableRoelActionId on the target.

Returns:

The assignment's role identifier.

getRoleIdentifier

public RoleValueIdentifier getRoleIdentifier()

Gets the role identifier of this assignment.

Returns:

The assignment's role identifier.

setRoleIdentifier

public void setRoleIdentifier(RoleValueIdentifier roleId)

Sets the role identifier of this assignment.

Parameters:

roleId - The assignment's role identifier.

setRoleIdentifier

public void setRoleIdentifier(URI roleId)
                       throws ParsingException

Sets the role identifier of this assignment.

Parameters:

roleId - The assignment's role identifier.

Throws:

ParsingException - Indicates a malformed RoleValueIdentifier representation.

getSubjects

public HashSet getSubjects()

Gets the assigned subjects of this this assignment.

Returns:

The assignment's subjects.

equals

public boolean equals(Object obj)

Compares the specified object with this assignment. Returns true if the specified object is also an Assignment and the underlying policy element is also equal.

Overrides:

equals in class RBACPolicyElement

Parameters:

obj - Object to be compared for equality with this assignment.

Returns:

true if the specified Object is equal to this assignment.