public static void main(String... args) {
try {
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder();
for (String fileName : args) {
File filePolicy = new File(fileName);
if (filePolicy.exists() && filePolicy.canRead()) {
try {
Document documentPolicy = documentBuilder.parse(filePolicy);
if (documentPolicy.getFirstChild() == null) {
System.err.println(fileName + ": Error: No PolicySet found");
} else if (!XACML3.ELEMENT_POLICYSET.equals(
documentPolicy.getFirstChild().getLocalName()))
System.err.println(fileName + ": Error: Not a PolicySet document");
else {
PolicySet policySet =
DOMPolicySet.newInstance(documentPolicy.getFirstChild(), null, null);
System.out.println(fileName + ": validate()=" + policySet.validate());
System.out.println(StringUtils.prettyPrint(policySet.toString()));
}
} catch (Exception ex) {
System.err.println("Exception processing policy set file \"" + fileName + "\"");
ex.printStackTrace(System.err);
}
} else {
System.err.println("Cannot read policy set file \"" + fileName + "\"");
}
}
} catch (Exception ex) {
ex.printStackTrace(System.err);
System.exit(1);
}
System.exit(0);
}
/**
* Creates a new <code>PolicySet</code> by parsing the given <code>Node</code> representing a
* XACML PolicySet element.
*
* @param nodePolicySet the <code>Node</code> representing the XACML PolicySetelement
* @param policyDefaultsParent the {@link com.att.research.xacmlatt.pdp.policy.PolicyDefaults}
* from the parent element
* @return a new <code>PolicySet</code> parsed from the given <code>Node</code>
* @throws DOMStructureException if there is an error parsing the <code>Node</code>
*/
public static PolicySet newInstance(
Node nodePolicySet, PolicySet policySetParent, PolicyDefaults policyDefaultsParent)
throws DOMStructureException {
Element elementPolicySet = DOMUtil.getElement(nodePolicySet);
boolean bLenient = DOMProperties.isLenient();
PolicySet domPolicySet = new PolicySet(policySetParent);
Iterator<?> iterator;
Identifier identifier;
Integer integer;
try {
NodeList children = elementPolicySet.getChildNodes();
int numChildren;
if (children != null && (numChildren = children.getLength()) > 0) {
/*
* Run through once, quickly, to set the PolicyDefaults for the new DOMPolicySet
*/
for (int i = 0; i < numChildren; i++) {
Node child = children.item(i);
if (DOMUtil.isNamespaceElement(child, XACML3.XMLNS)
&& XACML3.ELEMENT_POLICYDEFAULTS.equals(child.getLocalName())) {
if (domPolicySet.getPolicyDefaults() != null && !bLenient) {
throw DOMUtil.newUnexpectedElementException(child, nodePolicySet);
}
domPolicySet.setPolicyDefaults(
DOMPolicyDefaults.newInstance(child, policyDefaultsParent));
}
}
if (domPolicySet.getPolicyDefaults() == null) {
domPolicySet.setPolicyDefaults(policyDefaultsParent);
}
/*
* Now process the other elements so we can pull up the parent policy defaults
*/
for (int i = 0; i < numChildren; i++) {
Node child = children.item(i);
if (DOMUtil.isElement(child)) {
if (DOMUtil.isInNamespace(child, XACML3.XMLNS)) {
String childName = child.getLocalName();
if (XACML3.ELEMENT_DESCRIPTION.equals(childName)) {
if (domPolicySet.getDescription() != null && !bLenient) {
throw DOMUtil.newUnexpectedElementException(child, nodePolicySet);
}
domPolicySet.setDescription(child.getTextContent());
} else if (XACML3.ELEMENT_POLICYISSUER.equals(childName)) {
if (domPolicySet.getPolicyIssuer() != null && !bLenient) {
throw DOMUtil.newUnexpectedElementException(child, nodePolicySet);
}
domPolicySet.setPolicyIssuer(DOMPolicyIssuer.newInstance(child));
} else if (XACML3.ELEMENT_POLICYSETDEFAULTS.equals(childName)) {
} else if (XACML3.ELEMENT_TARGET.equals(childName)) {
if (domPolicySet.getTarget() != null && !bLenient) {
throw DOMUtil.newUnexpectedElementException(child, nodePolicySet);
}
domPolicySet.setTarget(DOMTarget.newInstance(child));
} else if (XACML3.ELEMENT_POLICYSET.equals(childName)) {
domPolicySet.addChild(
DOMPolicySet.newInstance(
child, domPolicySet, domPolicySet.getPolicyDefaults()));
} else if (XACML3.ELEMENT_POLICY.equals(childName)) {
domPolicySet.addChild(
DOMPolicy.newInstance(child, domPolicySet, domPolicySet.getPolicyDefaults()));
} else if (XACML3.ELEMENT_POLICYIDREFERENCE.equals(childName)) {
domPolicySet.addChild(DOMPolicyIdReference.newInstance(child, domPolicySet));
} else if (XACML3.ELEMENT_POLICYSETIDREFERENCE.equals(childName)) {
domPolicySet.addChild(DOMPolicySetIdReference.newInstance(child, domPolicySet));
} else if (XACML3.ELEMENT_COMBINERPARAMETERS.equals(childName)) {
domPolicySet.addCombinerParameters(DOMCombinerParameter.newList(child));
} else if (XACML3.ELEMENT_POLICYCOMBINERPARAMETERS.equals(childName)) {
domPolicySet.addPolicyCombinerParameter(
DOMPolicyCombinerParameter.newInstance(child));
} else if (XACML3.ELEMENT_POLICYSETCOMBINERPARAMETERS.equals(childName)) {
domPolicySet.addPolicyCombinerParameter(
DOMPolicySetCombinerParameter.newInstance(child));
} else if (XACML3.ELEMENT_OBLIGATIONEXPRESSIONS.equals(childName)) {
if ((iterator = domPolicySet.getObligationExpressions()) != null
&& iterator.hasNext()
&& !bLenient) {
throw DOMUtil.newUnexpectedElementException(child, nodePolicySet);
}
domPolicySet.setObligationExpressions(DOMObligationExpression.newList(child, null));
} else if (XACML3.ELEMENT_ADVICEEXPRESSIONS.equals(childName)) {
if ((iterator = domPolicySet.getAdviceExpressions()) != null
&& iterator.hasNext()
&& !bLenient) {
throw DOMUtil.newUnexpectedElementException(child, nodePolicySet);
}
domPolicySet.setAdviceExpressions(DOMAdviceExpression.newList(child, null));
} else if (!bLenient) {
throw DOMUtil.newUnexpectedElementException(child, nodePolicySet);
}
} else if (!bLenient) {
throw DOMUtil.newUnexpectedElementException(child, nodePolicySet);
}
}
}
}
if (domPolicySet.getTarget() == null && !bLenient) {
throw DOMUtil.newMissingElementException(
nodePolicySet, XACML3.XMLNS, XACML3.ELEMENT_TARGET);
}
/*
* Get the attributes
*/
domPolicySet.setIdentifier(
DOMUtil.getIdentifierAttribute(
elementPolicySet, XACML3.ATTRIBUTE_POLICYSETID, !bLenient));
domPolicySet.setVersion(
DOMUtil.getVersionAttribute(elementPolicySet, XACML3.ATTRIBUTE_VERSION, !bLenient));
identifier =
DOMUtil.getIdentifierAttribute(
elementPolicySet, XACML3.ATTRIBUTE_POLICYCOMBININGALGID, !bLenient);
CombiningAlgorithm<PolicySetChild> combiningAlgorithm = null;
try {
combiningAlgorithm =
CombiningAlgorithmFactory.newInstance().getPolicyCombiningAlgorithm(identifier);
} catch (FactoryException ex) {
if (!bLenient) {
throw new DOMStructureException("Failed to get CombinginAlgorithm", ex);
}
}
if (combiningAlgorithm == null && !bLenient) {
throw new DOMStructureException(
elementPolicySet,
"Unknown policy combining algorithm \""
+ identifier
+ "\" in \""
+ DOMUtil.getNodeLabel(nodePolicySet));
} else {
domPolicySet.setPolicyCombiningAlgorithm(combiningAlgorithm);
}
if ((integer =
DOMUtil.getIntegerAttribute(elementPolicySet, XACML3.ATTRIBUTE_MAXDELEGATIONDEPTH))
!= null) {
domPolicySet.setMaxDelegationDepth(integer);
}
} catch (DOMStructureException ex) {
domPolicySet.setStatus(StdStatusCode.STATUS_CODE_SYNTAX_ERROR, ex.getMessage());
if (DOMProperties.throwsExceptions()) {
throw ex;
}
}
return domPolicySet;
}