nbi.xmlsec.xacml.profile.rbac
Class PolicyManager

java.lang.Object
  extended bynbi.xmlsec.xacml.profile.rbac.PolicyManager

public class PolicyManager
extends Object

This class is the main instance for policy management purposes. Starting on a policy base dir, it searches, writes, removes and checks the existance of policies using Identifiers, and retrieves Domains. The policy manager has to be configured using a PolicyManager part of the configuration file.

Since:
Version:
$Revision: 1.22 $
Author:
Lutz Suhrbier

Field Summary
private  Configuration configuration
          The PolicyManager's configuration
(package private) static Logger logger
           
(package private)  PolicyFinder policyFinder
          The PolicyManager's policy finder
 
Constructor Summary
PolicyManager(Configuration config)
          Inits the PolicyManager based on its configuration subset (PolicyManager).
 
Method Summary
 boolean exists(AbstractPolicy policy)
          Verifies the existence of the policy using its identifier in the file system.
 boolean exists(Identifier id)
          Verifies the existence of an identifier in the file system.
 PermissionPolicy findPermissionPolicy(String domain, String permPolicy)
          Retrieves the matching permission policy creating the given identifier.
 PermissionPolicySet findPermissionPolicySet(String domain, String role)
          Retrieves the matching permission policy set creating the given identifier.
 AbstractPolicy findPolicy(Identifier id)
          Retrieves the policy matching the given identifier.
 RoleAssignmentPolicy findRoleAssignmentPolicy(String domain, String label)
          Retrieves the matching RoleAssignmentPolicy creating the given identifier.
 RoleAssignmentPolicySet findRoleAssignmentPolicySet(String domain)
          Retrieves the matching RoleAssignmentPolicySet creating the given identifier.
 RolePolicySet findRolePolicySet(String domain, String role)
          Retrieves the matching role policy set creating the given identifier.
protected  File getDirectoryPath(String domain, String typeId)
          Retrieves the directory path for policies of a given domain and type.
 List getDomains()
          Gets a list of the domains in the current policy base directory.
 List getIdentifiers(String domain, String typeId)
          Gets a list of identifiers of the policies of the given type within the given domain.
 List getPolicies(String domain, String typeId)
          Gets a list policies of the given type within the given domain.
 String getPolicyBaseDir()
          Retrieves the policy base directory from the current configuration.
 IOFileFilter getPolicyFileFilter()
          Retrieves a FileFilter bases on the file suffixes of the configuration.
 PolicyFinder getPolicyFinder()
          Gets the current policy finder
 void initPolicyFinder()
          Inits the PolicyFinder.
 boolean remove(AbstractPolicy policy)
          Removes the file related to this policy.
 boolean remove(Identifier id)
          Removes the file related to this policy identifier.
 boolean removeDomain(String domain)
          Removes the whole domain directory from the file system.
 void setPolicyBaseDir(String policyBaseDir)
          Sets the policy base directory in the current configuration.
 void setPolicyFinder(PolicyFinder policyFinder)
          Sets a new policy finder
 void write(AbstractPolicy policy)
          Write a policy to a file.
 void write(Identifier id)
          Write the policy related to the identifier into a file.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

static Logger logger

configuration

private Configuration configuration
The PolicyManager's configuration


policyFinder

PolicyFinder policyFinder
The PolicyManager's policy finder

Constructor Detail

PolicyManager

public PolicyManager(Configuration config)
              throws Exception
Inits the PolicyManager based on its configuration subset (PolicyManager). Depending on the configuration this constructor sets up the PolicyFinder using the following parts of the configuration
  • PolicyFinderModules
  • ,
  • policy directories
  • policy file filters
  • .

    Parameters:
    config - RoleManager's configuration.
    Throws:
    Exception
    Method Detail

    write

    public void write(AbstractPolicy policy)
               throws ParsingException,
                      IOException
    Write a policy to a file. The file location is derived from the policy base directory and the path retrieved from the policy's identifier.

    Parameters:
    policy - The policy to write.
    Throws:
    ParsingException - Indicates a malformed policy identifier.
    IOException - If an I/O-problem occurs.

    write

    public void write(Identifier id)
               throws ParsingException,
                      IOException
    Write the policy related to the identifier into a file. The file location is derived from the policy base directory and the path retrieved from the identifier.

    Parameters:
    id - The identifier whose policy shall be written.
    Throws:
    ParsingException - Indicates a malformed policy identifier.
    IOException - If an I/O-problem occurs.

    exists

    public boolean exists(Identifier id)
    Verifies the existence of an identifier in the file system.

    Parameters:
    id - identifier to verify.
    Returns:
    true, if the related policy file exists, false otherwise.

    exists

    public boolean exists(AbstractPolicy policy)
                   throws ParsingException
    Verifies the existence of the policy using its identifier in the file system.

    Parameters:
    policy - polciy to verify.
    Returns:
    true, if the related policy file exists, false otherwise.
    Throws:
    ParsingException

    remove

    public boolean remove(AbstractPolicy policy)
                   throws ParsingException
    Removes the file related to this policy. The file location is derived from the policy base directory and the path retrieved from the policy's identifier.

    Parameters:
    policy - policy file to remove.
    Returns:
    true, if the related policy file exists, false otherwise.
    Throws:
    ParsingException

    remove

    public boolean remove(Identifier id)
                   throws ParsingException
    Removes the file related to this policy identifier. The file location is derived from the policy base directory and the path retrieved from the identifier.

    Parameters:
    id - policy file to remove.
    Returns:
    true, if the related policy file exists, false otherwise.
    Throws:
    ParsingException

    removeDomain

    public boolean removeDomain(String domain)
    Removes the whole domain directory from the file system.

    Parameters:
    domain - Domain to remove.
    Returns:
    true, if domain removed successfully, false otherwise.

    getDirectoryPath

    protected File getDirectoryPath(String domain,
                                    String typeId)
    Retrieves the directory path for policies of a given domain and type. The path location is derived from the policy base directory, the domain label and the policy type. If the domain is null or empty, then the path is generated from the typeId.

    Parameters:
    domain - The domain of the policy type, or null.
    typeId - The policy's typeId (e.g. RolePolicySetIdentifier.TYPEID).
    Returns:
    The directory path to the policy type.

    getDomains

    public List getDomains()
    Gets a list of the domains in the current policy base directory. Domains are assumed to be the top level directories within the policy base directory.

    Returns:
    List of domain names as Stringinstances.

    getPolicies

    public List getPolicies(String domain,
                            String typeId)
    Gets a list policies of the given type within the given domain. If the domain is null or empty, then the are searched based on the typeId.

    Returns:
    List of policies as AbstractPolicy instances.

    getIdentifiers

    public List getIdentifiers(String domain,
                               String typeId)
    Gets a list of identifiers of the policies of the given type within the given domain. If the domain is null or empty, then the are searched based on the typeId.

    Returns:
    List of policies as AbstractPolicy instances.

    findPolicy

    public AbstractPolicy findPolicy(Identifier id)
                              throws ParsingException
    Retrieves the policy matching the given identifier. To find the policy, the configured PolicyFinderis used

    Returns:
    The policy.
    Throws:
    ParsingException - If the policy could not be loaded.

    findRolePolicySet

    public RolePolicySet findRolePolicySet(String domain,
                                           String role)
                                    throws ParsingException
    Retrieves the matching role policy set creating the given identifier. To find the role policy set, the method findPolicy(Identifier)is used.

    Returns:
    The policy.
    Throws:
    ParsingException - If the policy could not be loaded.

    findRoleAssignmentPolicySet

    public RoleAssignmentPolicySet findRoleAssignmentPolicySet(String domain)
                                                        throws ParsingException
    Retrieves the matching RoleAssignmentPolicySet creating the given identifier. To find the role policy set, the method findPolicy(Identifier)is used.

    Parameters:
    domain - The domain to search for.
    Returns:
    The policy set.
    Throws:
    ParsingException - If the policy could not be loaded.

    findRoleAssignmentPolicy

    public RoleAssignmentPolicy findRoleAssignmentPolicy(String domain,
                                                         String label)
                                                  throws ParsingException
    Retrieves the matching RoleAssignmentPolicy creating the given identifier. To find the role policy set, the method findPolicy(Identifier)is used.

    Parameters:
    domain - The domain to search for.
    label - The label of the RoleAssignmentPolicy to search for.
    Returns:
    The policy.
    Throws:
    ParsingException - If the policy could not be loaded.

    findPermissionPolicySet

    public PermissionPolicySet findPermissionPolicySet(String domain,
                                                       String role)
                                                throws ParsingException
    Retrieves the matching permission policy set creating the given identifier. To find the permission policy set, the method findPolicy(Identifier)is used.

    Parameters:
    domain - The domain to search for.
    role - The label of the Role of the PermissionPolicySet to search for.
    Returns:
    The PermissionPolicySet.
    Throws:
    ParsingException - If the policy could not be loaded.

    findPermissionPolicy

    public PermissionPolicy findPermissionPolicy(String domain,
                                                 String permPolicy)
                                          throws ParsingException
    Retrieves the matching permission policy creating the given identifier. To find the policy, the method findPolicy(Identifier)is used.

    Parameters:
    domain - The domain to search for.
    permPolicy - The label of the Permission Policy to search for.
    Returns:
    The PermissionPolicy.
    Throws:
    ParsingException - If the policy could not be loaded.

    initPolicyFinder

    public void initPolicyFinder()
    Inits the PolicyFinder. Must be called from non PDP-instances, which are not initialising the policy finder itselfs, like the RoleManager.


    getPolicyFinder

    public PolicyFinder getPolicyFinder()
    Gets the current policy finder

    Returns:
    The current policy finder.

    setPolicyFinder

    public void setPolicyFinder(PolicyFinder policyFinder)
    Sets a new policy finder

    Parameters:
    policyFinder - The new policy finder.

    setPolicyBaseDir

    public void setPolicyBaseDir(String policyBaseDir)
    Sets the policy base directory in the current configuration.

    Returns:
    The base directory for all policies.

    getPolicyBaseDir

    public String getPolicyBaseDir()
    Retrieves the policy base directory from the current configuration.

    Returns:
    The base directory for all policies.

    getPolicyFileFilter

    public IOFileFilter getPolicyFileFilter()
    Retrieves a FileFilter bases on the file suffixes of the configuration.

    Returns:
    SuffixFileFilter, if suffixes are configured, otherwise TrueFileFilter.


    Copyright © 2006 Lutz Suhrbier, Freie Universität Berlin. All Rights Reserved.