nbi.xmlsec.xacml.profile.rbac
Class RBACPolicy

java.lang.Object
  extended bynbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
      extended bynbi.xmlsec.xacml.profile.rbac.RBACPolicy
Direct Known Subclasses:
PermissionPolicy, RBACPolicySet, RoleAssignmentPolicy

public class RBACPolicy
extends RBACPolicyElement

Base class for all RBACPolicies

Since:
Version:
$Revision: 1.12 $
Author:
Lutz Suhrbier

Field Summary
protected  HashSet elements
          Set of assigments administered in this role assignment policy
(package private) static Logger logger
           
protected  boolean permitRule
          true sets the combining algorithm to PermitOverridesRuleAlg, false to DenyOverridesRuleAlg.
 
Fields inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
 
Constructor Summary
protected RBACPolicy()
           
  RBACPolicy(Identifier id)
          Create an RBACPolicy.
  RBACPolicy(URI id)
          Create an RBACPolicy.
 
Method Summary
 boolean add(RBACPolicyElement element)
          Adds an policy element to this policy.
 void encode(File path)
          Encodes this Policy into its XML representation and writes this encoding to the file path using the path parameter as parent directory and the identifier's file representation as file name.
 void encode(OutputStream out)
          Encodes this Policy into its XML representation and writes this encoding to the given OutputStream with no indentation
 boolean equals(Object obj)
          Compares the specified object with this RBAC policy.
 Set getElements()
          Gets the set of elements of this policy.
 boolean isPermitRule()
          Gets the default CombiningAlgorithm of this policy used within #toPolicyTreeElement().
 void parse(PolicyTreeElement element)
          Not implemented.
protected  void parse(PolicyTreeElement element, Class ruleClass)
          Default method to parse policies.
 boolean remove(RBACPolicyElement element)
          Removes an policy element from this policy.
 RBACPolicyElement search(Identifier id)
          Retrieves an element from this policy.
 RBACPolicyElement search(RBACPolicyElement element)
          Retrieves an element from this policy.
 void setPermitRule(boolean defaultPermit)
          Sets the default CombiningAlgorithm of this policy used within #toPolicyTreeElement().
 PolicyReference toPolicyRerence()
          Returns the PolicyReferencerepresentation of this policy element.
protected  PolicyReference toPolicyRerence(int type)
          Returns the PolicyReferencerepresentation of this policy element.
 PolicyTreeElement toPolicyTreeElement()
          Default implementation for RBACPolicies.
protected  PolicyTreeElement toPolicyTreeElement(CombiningAlgorithm combAlg)
          Returns the Policyrepresentation of this RBACPolicy.
 
Methods inherited from class nbi.xmlsec.xacml.profile.rbac.RBACPolicyElement
getIdentifier, getTarget, hashCode, parse, setIdentifier, setIdentifier, setTarget, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

logger

static Logger logger

elements

protected HashSet elements
Set of assigments administered in this role assignment policy


permitRule

protected boolean permitRule
true sets the combining algorithm to PermitOverridesRuleAlg, false to DenyOverridesRuleAlg.

Constructor Detail

RBACPolicy

protected RBACPolicy()

RBACPolicy

public RBACPolicy(Identifier id)
Create an RBACPolicy.

Parameters:
id - Identifier of this element (domain:assignment:label).
Throws:
ParsingException - Indicates a malformed identifier representation.

RBACPolicy

public RBACPolicy(URI id)
           throws ParsingException
Create an RBACPolicy.

Parameters:
id - Identifier of this element (domain:assignment:label).
Throws:
ParsingException - Indicates a malformed identifier representation.
Method Detail

parse

protected void parse(PolicyTreeElement element,
                     Class ruleClass)
              throws ParsingException
Default method to parse policies.
  • Verifies whether the parsed element is an policy or policy reference
  • Sets the identifier of the policy
  • Calls parse(Target).
  • Adds each child element of the policy according to the class type Rule.
  • According to the class type of the child element, an instance of the related class (ruleClass is created with the child element as single parameter. This instance is added to the set of policy elements. If the related class parameter is null, then a ParsingExceptionis thrown when the related child element type is parsed.

    Parameters:
    element - The policy (reference) to parse.
    ruleClass - Class to be instantiated for child elements instances of the (@link Policy Policy} class.
    Throws:
    ParsingException - If some parsing error occurs.

    parse

    public void parse(PolicyTreeElement element)
               throws ParsingException
    Not implemented. Must be overwritten in subclasses.

    Specified by:
    parse in class RBACPolicyElement
    Throws:
    ParsingException

    toPolicyTreeElement

    protected PolicyTreeElement toPolicyTreeElement(CombiningAlgorithm combAlg)
    Returns the Policyrepresentation of this RBACPolicy. It generates a policy consisting of the rule representation of all elements of this policy and the given RuleCombiningAlgorithm.

    Parameters:
    combAlg - The RuleCombiningAlgorithmof this policy.
    Returns:
    The Policyrepresentation of this RBACPolicy.
    See Also:
    RBACPolicyElement.toPolicyTreeElement()

    toPolicyTreeElement

    public PolicyTreeElement toPolicyTreeElement()
    Default implementation for RBACPolicies. It generates a policy consisting of the rule representation of all elements of this policy and according to the combining rule depending on isDefaultPermit().

    Specified by:
    toPolicyTreeElement in class RBACPolicyElement
    Returns:
    The Policyrepresentation of this RBACPolicy.
    See Also:
    RBACPolicyElement.toPolicyTreeElement()

    toPolicyRerence

    protected PolicyReference toPolicyRerence(int type)
    Returns the PolicyReferencerepresentation of this policy element.

    Parameters:
    type - type of the policy reference ( PolicyReference.POLICYSET_REFERENCE or PolicyReference.POLICY_REFERENCE).
    Returns:
    The policy element's PolicyReference representation.

    toPolicyRerence

    public PolicyReference toPolicyRerence()
    Returns the PolicyReferencerepresentation of this policy element. The default type of the policy reference is set to PolicyReference.POLICY_REFERENCE). Overwrite this method to set another reference type.

    Returns:
    The policy element's PolicyReference representation with type set to PolicyReference.POLICY_REFERENCE).

    encode

    public void encode(File path)
                throws IOException
    Encodes this Policy into its XML representation and writes this encoding to the file path using the path parameter as parent directory and the identifier's file representation as file name. Creates directories if missing.

    Parameters:
    path - Base directory path to the policies.
    Throws:
    IOException

    encode

    public void encode(OutputStream out)
                throws IOException
    Encodes this Policy into its XML representation and writes this encoding to the given OutputStream with no indentation. *

    Parameters:
    out - a stream into which the XML-encoded data is written.
    Throws:
    IOException

    search

    public RBACPolicyElement search(RBACPolicyElement element)
    Retrieves an element from this policy.

    Parameters:
    element - The element to search for.
    Returns:
    The element from the policy or null.
    See Also:
    CollectionUtil.search(Collection, Object)

    search

    public RBACPolicyElement search(Identifier id)
    Retrieves an element from this policy.

    Parameters:
    id - The identifier of the element to search for.
    Returns:
    The element from this policy or null.

    add

    public boolean add(RBACPolicyElement element)
    Adds an policy element to this policy. If this policy element already exists in the policy, this policy element may be updated by the RBACPolicyElement.add(RBACPolicyElement) method of the current element.

    Specified by:
    add in class RBACPolicyElement
    Parameters:
    element - The element to be added.
    Returns:
    true, if the element was succesfully added or successfully updates an existing element, false otherwise.

    remove

    public boolean remove(RBACPolicyElement element)
    Removes an policy element from this policy.

    Specified by:
    remove in class RBACPolicyElement
    Parameters:
    element - The element to remove.
    Returns:
    true, if the element was succesfully removed , false otherwise.

    equals

    public boolean equals(Object obj)
    Compares the specified object with this RBAC policy. Returns true if the specified object is also an RBACPolicy and the included policy tree elements is also equal.

    Overrides:
    equals in class RBACPolicyElement
    Parameters:
    obj - Object to be compared for equality with this RBACPolicy.
    Returns:
    true if the specified Object is equal to this RBACPolicy.

    getElements

    public Set getElements()
    Gets the set of elements of this policy.

    Returns:
    The set of elements.

    isPermitRule

    public boolean isPermitRule()
    Gets the default CombiningAlgorithm of this policy used within #toPolicyTreeElement().

    Returns:
    true the combining algorithm is set to PermitOverridesRuleAlg, if false it is set to DenyOverridesRuleAlg..

    setPermitRule

    public void setPermitRule(boolean defaultPermit)
    Sets the default CombiningAlgorithm of this policy used within #toPolicyTreeElement().

    Parameters:
    defaultPermit - true sets the combining algorithm to PermitOverridesRuleAlg, false to DenyOverridesRuleAlg.


    Copyright © 2006 Lutz Suhrbier, Freie Universität Berlin. All Rights Reserved.