nbi.xmlsec.xacml.profile.rbac
Class RBACPolicy

java.lang.Object
  nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
      nbi.xmlsec.xacml.profile.rbac.RBACPolicy

Direct Known Subclasses:

PermissionPolicy, RBACPolicySet, RoleAssignmentPolicy

public class RBACPolicy

extends RBACPolicyElement

Base class for all RBACPolicies

Since:

Version:

$Revision: 1.12 $

Author:

Lutz Suhrbier

Field Summary

protected HashSet	elements Set of assigments administered in this role assignment policy
(package private) static Logger	logger
protected boolean	permitRule true sets the combining algorithm to PermitOverridesRuleAlg, false to DenyOverridesRuleAlg.

Fields inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement

Constructor Summary

protected	RBACPolicy()
	RBACPolicy(Identifier id) Create an RBACPolicy.
	RBACPolicy(URI id) Create an RBACPolicy.

Method Summary

boolean	add(RBACPolicyElement element) Adds an policy element to this policy.
void	encode(File path) Encodes this Policy into its XML representation and writes this encoding to the file path using the path parameter as parent directory and the identifier's file representation as file name.
void	encode(OutputStream out) Encodes this Policy into its XML representation and writes this encoding to the given OutputStream with no indentation
boolean	equals(Object obj) Compares the specified object with this RBAC policy.
Set	getElements() Gets the set of elements of this policy.
boolean	isPermitRule() Gets the default CombiningAlgorithm of this policy used within #toPolicyTreeElement().
void	parse(PolicyTreeElement element) Not implemented.
protected void	parse(PolicyTreeElement element, Class ruleClass) Default method to parse policies.
boolean	remove(RBACPolicyElement element) Removes an policy element from this policy.
RBACPolicyElement	search(Identifier id) Retrieves an element from this policy.
RBACPolicyElement	search(RBACPolicyElement element) Retrieves an element from this policy.
void	setPermitRule(boolean defaultPermit) Sets the default CombiningAlgorithm of this policy used within #toPolicyTreeElement().
PolicyReference	toPolicyRerence() Returns the PolicyReferencerepresentation of this policy element.
protected PolicyReference	toPolicyRerence(int type) Returns the PolicyReferencerepresentation of this policy element.
PolicyTreeElement	toPolicyTreeElement() Default implementation for RBACPolicies.
protected PolicyTreeElement	toPolicyTreeElement(CombiningAlgorithm combAlg) Returns the Policyrepresentation of this RBACPolicy.

Methods inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement

getIdentifier, getTarget, hashCode, parse, setIdentifier, setIdentifier, setTarget, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

logger

static Logger logger

elements

protected HashSet elements

Set of assigments administered in this role assignment policy

permitRule

protected boolean permitRule

true sets the combining algorithm to PermitOverridesRuleAlg, false to DenyOverridesRuleAlg.

Constructor Detail

RBACPolicy

protected RBACPolicy()

RBACPolicy

public RBACPolicy(Identifier id)

Create an RBACPolicy.

Parameters:

id - Identifier of this element (domain:assignment:label).

Throws:

ParsingException - Indicates a malformed identifier representation.

RBACPolicy

public RBACPolicy(URI id)
           throws ParsingException

Create an RBACPolicy.

Parameters:

id - Identifier of this element (domain:assignment:label).

Throws:

ParsingException - Indicates a malformed identifier representation.

Method Detail

parse

protected void parse(PolicyTreeElement element,
                     Class ruleClass)
              throws ParsingException

Default method to parse policies.

Verifies whether the parsed element is an policy or policy reference

Sets the identifier of the policy

Calls parse(Target).

Adds each child element of the policy according to the class type Rule.

According to the class type of the child element, an instance of the related class (ruleClass is created with the child element as single parameter. This instance is added to the set of policy elements. If the related class parameter is null, then a ParsingExceptionis thrown when the related child element type is parsed.

Parameters:

element - The policy (reference) to parse.

ruleClass - Class to be instantiated for child elements instances of the (@link Policy Policy} class.

Throws:

ParsingException - If some parsing error occurs.

parse

public void parse(PolicyTreeElement element)
           throws ParsingException

Not implemented. Must be overwritten in subclasses.

Specified by:

parse in class RBACPolicyElement

Throws:

ParsingException

toPolicyTreeElement

protected PolicyTreeElement toPolicyTreeElement(CombiningAlgorithm combAlg)

Returns the Policyrepresentation of this RBACPolicy. It generates a policy consisting of the rule representation of all elements of this policy and the given RuleCombiningAlgorithm.

Parameters:

combAlg - The RuleCombiningAlgorithmof this policy.

Returns:

The Policyrepresentation of this RBACPolicy.

See Also:

RBACPolicyElement.toPolicyTreeElement()

toPolicyTreeElement

public PolicyTreeElement toPolicyTreeElement()

Default implementation for RBACPolicies. It generates a policy consisting of the rule representation of all elements of this policy and according to the combining rule depending on isDefaultPermit().

Specified by:

toPolicyTreeElement in class RBACPolicyElement

Returns:

The Policyrepresentation of this RBACPolicy.

See Also:

RBACPolicyElement.toPolicyTreeElement()

toPolicyRerence

protected PolicyReference toPolicyRerence(int type)

Returns the PolicyReferencerepresentation of this policy element.

Parameters:

type - type of the policy reference ( PolicyReference.POLICYSET_REFERENCE or PolicyReference.POLICY_REFERENCE).

Returns:

The policy element's PolicyReference representation.

toPolicyRerence

public PolicyReference toPolicyRerence()

Returns the PolicyReferencerepresentation of this policy element. The default type of the policy reference is set to PolicyReference.POLICY_REFERENCE). Overwrite this method to set another reference type.

Returns:

The policy element's PolicyReference representation with type set to PolicyReference.POLICY_REFERENCE).

encode

public void encode(File path)
            throws IOException

Encodes this Policy into its XML representation and writes this encoding to the file path using the path parameter as parent directory and the identifier's file representation as file name. Creates directories if missing.

Parameters:

path - Base directory path to the policies.

Throws:

IOException

encode

public void encode(OutputStream out)
            throws IOException

Encodes this Policy into its XML representation and writes this encoding to the given OutputStream with no indentation. *

Parameters:

out - a stream into which the XML-encoded data is written.

Throws:

IOException

search

public RBACPolicyElement search(RBACPolicyElement element)

Retrieves an element from this policy.

Parameters:

element - The element to search for.

Returns:

The element from the policy or null.

See Also:

CollectionUtil.search(Collection, Object)

search

public RBACPolicyElement search(Identifier id)

Retrieves an element from this policy.

Parameters:

id - The identifier of the element to search for.

Returns:

The element from this policy or null.

add

public boolean add(RBACPolicyElement element)

Adds an policy element to this policy. If this policy element already exists in the policy, this policy element may be updated by the RBACPolicyElement.add(RBACPolicyElement) method of the current element.

Specified by:

add in class RBACPolicyElement

Parameters:

element - The element to be added.

Returns:

true, if the element was succesfully added or successfully updates an existing element, false otherwise.

remove

public boolean remove(RBACPolicyElement element)

Removes an policy element from this policy.

Specified by:

remove in class RBACPolicyElement

Parameters:

element - The element to remove.

Returns:

true, if the element was succesfully removed , false otherwise.

equals

public boolean equals(Object obj)

Compares the specified object with this RBAC policy. Returns true if the specified object is also an RBACPolicy and the included policy tree elements is also equal.

Overrides:

equals in class RBACPolicyElement

Parameters:

obj - Object to be compared for equality with this RBACPolicy.

Returns:

true if the specified Object is equal to this RBACPolicy.

getElements

public Set getElements()

Gets the set of elements of this policy.

Returns:

The set of elements.

isPermitRule

public boolean isPermitRule()

Gets the default CombiningAlgorithm of this policy used within #toPolicyTreeElement().

Returns:

true the combining algorithm is set to PermitOverridesRuleAlg, if false it is set to DenyOverridesRuleAlg..

setPermitRule

public void setPermitRule(boolean defaultPermit)

Sets the default CombiningAlgorithm of this policy used within #toPolicyTreeElement().

Parameters:

defaultPermit - true sets the combining algorithm to PermitOverridesRuleAlg, false to DenyOverridesRuleAlg.