コード例 #1
0
  /**
   * Create a PepRequest just using Strings
   *
   * <p>Note to developers: all the newPepRequest methods eventually call {@link
   * #newPEPRequest}({@link PepRequestOperation}), which
   *
   * @param subjectName String representing the name of the subject ex: Josh
   * @param actionId String representing the action ex: read
   * @param resourceId String representing the resource ex: file1234
   * @return a PepRequest populated with attributes mapped from the params
   * @throws PepException Indicates that there is some issue creating the <code>PEPRequest</code>
   */
  public PepRequest newPepRequest(String subjectName, String actionId, String resourceId)
      throws PepException {

    if (log.isTraceEnabled()) log.trace("Start Simple Decide");

    PepRequest request = this.newPEPRequest(PepRequestOperation.DECIDE);

    request.setAccessSubject(subjectName);
    request.setResourceAction(resourceId, actionId);
    // request.setEnvironment(new Date());

    return request;
  }
コード例 #2
0
  /**
   * Create a PepRequest using any set of objects for the Subject, Action, Resource, Environment
   * entities.
   *
   * <p>Note: for this PepRequest to work, the appropriate {@link JavaObjectMapper} classes must be
   * configured and set using {@link RequestAttributesFactoryImpl#setMappers(List)}
   *
   * @param subjectObj Object representing the Subject ex: javax.auth.security.Subject
   * @param actionObj Object representing the Action ex: String (read)
   * @param resourceObj Object representing the Resource ex: String (file) or File
   * @param environmentObj Object representing the Environment ex: Map containing attributes name
   *     and values
   * @return a PepRequest populated with attributes mapped from params
   * @throws PepException if there is no <code>JavObjectMapper</code> configured for the objects
   *     passed into the factory.
   * @see JavaObjectMapper
   */
  public PepRequest newPepRequest(
      Object subjectObj, Object actionObj, Object resourceObj, Object environmentObj)
      throws PepException {
    if (log.isTraceEnabled()) log.trace("\n\tBegin creation of Mapper-based PepRequest");
    PepRequest request = this.newPEPRequest(PepRequestOperation.DECIDE);

    request.setAccessSubject(subjectObj);

    request.setResourceAction(resourceObj, actionObj);

    request.setEnvironment(environmentObj);

    if (log.isTraceEnabled()) log.trace("\n\tCompleted creation of Mapper-based PepRequest");
    return request;
  }
コード例 #3
0
  /**
   * Create a PepRequest using objects, where a list of n action objects and a corresponding list of
   * n resource objects are provided to represent n resource-action pairs. A decision for each
   * resource-action pair will be returned, when PepRequest.decide() is invoked.
   *
   * @param subjectObj Object representing the Subject ex: javax.auth.security.Subject
   * @param actionObjects a list of length n, of actionObj Objects representing the Actions ex:
   *     String (read)
   * @param resourceObjects a list of length n, of resourceObj Objects representing the Resources
   *     ex: String (file) or File
   * @param environmentObj Object representing the Environment ex: Map containing attributes name
   *     and values
   * @return a PepRequest populated with mapped Attributes
   * @throws PepException
   */
  public PepRequest newBulkPepRequest(
      Object subjectObj, List actionObjects, List resourceObjects, Object environmentObj)
      throws PepException {

    if (log.isTraceEnabled()) log.trace("\n\tBegin creation of Bulk Mapper-based PepRequest");
    PepRequest request = (PepRequestImpl) this.newPEPRequest(PepRequestOperation.BULK_DECIDE);

    request.setAccessSubject(subjectObj);

    // This sets up the correlations
    request.setBulkResourceActions(resourceObjects, actionObjects);

    request.setEnvironment(environmentObj);

    if (log.isTraceEnabled()) log.trace("\n\tCompleted creation of Mapper-based PepRequest");
    return request;
  }
コード例 #4
0
  /**
   * Create a PepRequest using subject and environment objects, plus a "scope" String that
   * represents a PDP policy-specific resource representation.
   *
   * <p>When the PepRequest.decide() method is invoked, based on queryType it will return either
   *
   * <pre>
   * 		- a list of Allowed ResourceAction pairs within scope
   * 		- a list of Denied ResourceAction pairs within scope
   * 		- or a list of full detailed results for all
   * 			ResourceAction pairs within scope
   * </pre>
   *
   * @param subjectObj
   * @param environmentObj
   * @param scope a string containing a PDP policy-specific resource representation
   * @param queryType an enum containing a choice of allowed, denied, or full/verbose
   * @return a PepRequest populated with info mapper from the params
   * @throws PepException
   */
  public PepRequest newQueryPepRequest(
      Object subjectObj, Object environmentObj, String scope, PepRequestQueryType queryType)
      throws PepException {

    PepRequest request =
        (PepRequestImpl)
            this.newPEPRequest(
                queryType == PepRequestQueryType.VERBOSE
                    ? PepRequestOperation.QUERY_VERBOSE
                    : PepRequestOperation.QUERY);
    request.setAccessSubject(subjectObj);
    request.setEnvironment(environmentObj);

    request.setScope(scope);

    if (queryType != PepRequestQueryType.VERBOSE) {
      // Set to true if allowed results requested,
      // otherwise false.
      request.setQueryReturnAllowed(
          queryType.equals(PepRequestQueryType.RETURN_ONLY_ALLOWED_RESULTS));
    }
    return request;
  }