/** urn:oasis:names:tc:xacml:1.0:function:integer-greater-than-or-equal */ @Test public void testIntegerGreaterThanOrEqual() throws XACML3EntitlementException { IntegerGreaterThanOrEqual integerGreaterThanOrEqual = new IntegerGreaterThanOrEqual(); integerGreaterThanOrEqual.addArgument(integer1); integerGreaterThanOrEqual.addArgument(integer2); FunctionArgument result = integerGreaterThanOrEqual.evaluate(null); assertNotNull(result); assertTrue(result.isTrue()); integerGreaterThanOrEqual = new IntegerGreaterThanOrEqual(); integerGreaterThanOrEqual.addArgument(integer1); integerGreaterThanOrEqual.addArgument(integer3); result = integerGreaterThanOrEqual.evaluate(null); assertNotNull(result); assertTrue(result.isTrue()); integerGreaterThanOrEqual = new IntegerGreaterThanOrEqual(); integerGreaterThanOrEqual.addArgument(integer1); integerGreaterThanOrEqual.addArgument(integer4); result = integerGreaterThanOrEqual.evaluate(null); assertNotNull(result); assertTrue(result.isTrue()); }
/** urn:oasis:names:tc:xacml:1.0:function:double-less-than-or-equal */ @Test public void testDoubleLessThanOrEqual() throws XACML3EntitlementException { DoubleLessThanOrEqual doubleLessThanOrEqual = new DoubleLessThanOrEqual(); doubleLessThanOrEqual.addArgument(double1); doubleLessThanOrEqual.addArgument(double2); FunctionArgument result = doubleLessThanOrEqual.evaluate(null); assertNotNull(result); assertTrue(result.isFalse()); doubleLessThanOrEqual = new DoubleLessThanOrEqual(); doubleLessThanOrEqual.addArgument(double1); doubleLessThanOrEqual.addArgument(double3); result = doubleLessThanOrEqual.evaluate(null); assertNotNull(result); assertTrue(result.isTrue()); doubleLessThanOrEqual = new DoubleLessThanOrEqual(); doubleLessThanOrEqual.addArgument(double4); doubleLessThanOrEqual.addArgument(double1); result = doubleLessThanOrEqual.evaluate(null); assertNotNull(result); assertTrue(result.isTrue()); }
/** urn:oasis:names:tc:xacml:1.0:function:double-greater-than */ @Test public void testDoublerGreaterThan() throws XACML3EntitlementException { DoubleGreaterThan doubleGreaterThan = new DoubleGreaterThan(); doubleGreaterThan.addArgument(double1); doubleGreaterThan.addArgument(double2); FunctionArgument result = doubleGreaterThan.evaluate(null); assertNotNull(result); assertTrue(result.isTrue()); doubleGreaterThan = new DoubleGreaterThan(); doubleGreaterThan.addArgument(double1); doubleGreaterThan.addArgument(double3); result = doubleGreaterThan.evaluate(null); assertNotNull(result); assertTrue(result.isFalse()); doubleGreaterThan = new DoubleGreaterThan(); doubleGreaterThan.addArgument(double1); doubleGreaterThan.addArgument(double4); result = doubleGreaterThan.evaluate(null); assertNotNull(result); assertTrue(result.isTrue()); }
/** urn:oasis:names:tc:xacml:1.0:function:integer-less-than */ @Test public void testIntegerLessThan() throws XACML3EntitlementException { IntegerLessThan integerLessThan = new IntegerLessThan(); integerLessThan.addArgument(integer1); integerLessThan.addArgument(integer2); FunctionArgument result = integerLessThan.evaluate(null); assertNotNull(result); assertTrue(result.isFalse()); integerLessThan = new IntegerLessThan(); integerLessThan.addArgument(integer4); integerLessThan.addArgument(integer3); result = integerLessThan.evaluate(null); assertNotNull(result); assertTrue(result.isTrue()); integerLessThan = new IntegerLessThan(); integerLessThan.addArgument(integer4); integerLessThan.addArgument(integer2); result = integerLessThan.evaluate(null); assertNotNull(result); assertTrue(result.isTrue()); }
public EntitlementCombiner evaluate(XACMLEvalContext pip) { boolean indeterminate = true; FunctionArgument evalResult = null; EntitlementCombiner results = CombinerManager.getInstance(ruleCombiner); pip.setPolicyRef(this); System.out.println("Evaluating Policy " + policyName); try { evalResult = target.evaluate(pip); } catch (XACML3EntitlementException ex) { XACML3Decision result = new XACML3Decision(policyName, pip.getRequest().getContextID(), "Indeterminate"); results.add(result); return results; } if (evalResult.isTrue()) { // we match, so evaluate System.out.println("Target true, evaluating rules "); for (XACML3PolicyRule r : rules) { XACML3Decision decision = r.evaluate(pip); results.add(decision); } } else { XACML3Decision result = new XACML3Decision(policyName, pip.getRequest().getContextID(), "NotApplicable"); results.add(result); } return results; }
public FunctionArgument evaluate(XACMLEvalContext pip) throws XACML3EntitlementException { int args = getArgCount(); if (args < 2) { throw new IndeterminateException( "Function Requires at least 2 arguments, " + "however " + getArgCount() + " in stack."); } // Create our union DataBag from other Bags. DataBag unionBag = new DataBag(); // Iterate Over All DataBag's in Stack, Evaluate and create a Union of all Bags with Unique // Objects. try { for (int i = 0; i < args; i++) { DataBag bag = (DataBag) getArg(i).doEvaluate(pip); if (bag == null) { continue; } // Set our Union Data Bag with First Bag's Data Type and check subsequent Bags. if (i == 0) { unionBag.setType(bag.getType()); } else { // Verify our Data Type with First Data Bag's Data Type. if (bag.getType().getIndex() != unionBag.getType().getIndex()) { throw new IndeterminateException( "First Bag Type: " + unionBag.getType().getTypeName() + ", however a subsequent Bag Type was " + bag.getType().getTypeName()); } } // Iterate over the current Bag. for (int b = 0; b < bag.size(); b++) { DataValue dataValue = (DataValue) bag.get(b).doEvaluate(pip); boolean contained = false; for (int z = 0; z < unionBag.size(); z++) { // Apply the Typed Equal Function to determine if // the object already exists in the Union Bag. TimeEqual fEquals = new TimeEqual(); fEquals.addArgument(unionBag.get(z)); fEquals.addArgument(dataValue); FunctionArgument result = fEquals.doEvaluate(pip); if (result.isTrue()) { contained = true; break; } } // Add the Object if not contained. if (!contained) { // Add the Unique DataValue Element into the Union Bag. unionBag.add(dataValue); } } // End of Inner For Loop. } // End of Outer For Loop. } catch (Exception e) { throw new IndeterminateException("Iterating over Arguments Exception: " + e.getMessage()); } // Return our UnionBag Value. return unionBag; }
/** * Perform a SubSet function against two defined Bags. * * @param firstBag * @param secondBag * @param pip * @return * @throws XACML3EntitlementException */ private boolean SubSet(DataBag firstBag, DataBag secondBag, XACMLEvalContext pip) throws XACML3EntitlementException { int subSetCount = 0; // Iterate over the First Bag. for (int b = 0; b < firstBag.size(); b++) { DataValue dataValue1 = (DataValue) firstBag.get(b).doEvaluate(pip); for (int z = 0; z < secondBag.size(); z++) { DataValue dataValue2 = (DataValue) secondBag.get(z).doEvaluate(pip); // Check Equality by using this Types Equality Function. AnyuriEqual fEquals = new AnyuriEqual(); fEquals.addArgument(dataValue2); fEquals.addArgument(dataValue1); FunctionArgument result = fEquals.doEvaluate(pip); if (result.isTrue()) { subSetCount++; break; } } // End of Inner Loop. } // End of Outer For Loop. // Determine if we have in-fact a subSet. return (subSetCount == firstBag.size()); }