/** urn:oasis:names:tc:xacml:1.0:function:integer-greater-than-or-equal */
@Test
public void testIntegerGreaterThanOrEqual() throws XACML3EntitlementException {
IntegerGreaterThanOrEqual integerGreaterThanOrEqual = new IntegerGreaterThanOrEqual();
integerGreaterThanOrEqual.addArgument(integer1);
integerGreaterThanOrEqual.addArgument(integer2);
FunctionArgument result = integerGreaterThanOrEqual.evaluate(null);
assertNotNull(result);
assertTrue(result.isTrue());
integerGreaterThanOrEqual = new IntegerGreaterThanOrEqual();
integerGreaterThanOrEqual.addArgument(integer1);
integerGreaterThanOrEqual.addArgument(integer3);
result = integerGreaterThanOrEqual.evaluate(null);
assertNotNull(result);
assertTrue(result.isTrue());
integerGreaterThanOrEqual = new IntegerGreaterThanOrEqual();
integerGreaterThanOrEqual.addArgument(integer1);
integerGreaterThanOrEqual.addArgument(integer4);
result = integerGreaterThanOrEqual.evaluate(null);
assertNotNull(result);
assertTrue(result.isTrue());
}
/** urn:oasis:names:tc:xacml:1.0:function:double-less-than-or-equal */
@Test
public void testDoubleLessThanOrEqual() throws XACML3EntitlementException {
DoubleLessThanOrEqual doubleLessThanOrEqual = new DoubleLessThanOrEqual();
doubleLessThanOrEqual.addArgument(double1);
doubleLessThanOrEqual.addArgument(double2);
FunctionArgument result = doubleLessThanOrEqual.evaluate(null);
assertNotNull(result);
assertTrue(result.isFalse());
doubleLessThanOrEqual = new DoubleLessThanOrEqual();
doubleLessThanOrEqual.addArgument(double1);
doubleLessThanOrEqual.addArgument(double3);
result = doubleLessThanOrEqual.evaluate(null);
assertNotNull(result);
assertTrue(result.isTrue());
doubleLessThanOrEqual = new DoubleLessThanOrEqual();
doubleLessThanOrEqual.addArgument(double4);
doubleLessThanOrEqual.addArgument(double1);
result = doubleLessThanOrEqual.evaluate(null);
assertNotNull(result);
assertTrue(result.isTrue());
}
/** urn:oasis:names:tc:xacml:1.0:function:double-greater-than */
@Test
public void testDoublerGreaterThan() throws XACML3EntitlementException {
DoubleGreaterThan doubleGreaterThan = new DoubleGreaterThan();
doubleGreaterThan.addArgument(double1);
doubleGreaterThan.addArgument(double2);
FunctionArgument result = doubleGreaterThan.evaluate(null);
assertNotNull(result);
assertTrue(result.isTrue());
doubleGreaterThan = new DoubleGreaterThan();
doubleGreaterThan.addArgument(double1);
doubleGreaterThan.addArgument(double3);
result = doubleGreaterThan.evaluate(null);
assertNotNull(result);
assertTrue(result.isFalse());
doubleGreaterThan = new DoubleGreaterThan();
doubleGreaterThan.addArgument(double1);
doubleGreaterThan.addArgument(double4);
result = doubleGreaterThan.evaluate(null);
assertNotNull(result);
assertTrue(result.isTrue());
}
/** urn:oasis:names:tc:xacml:1.0:function:integer-less-than */
@Test
public void testIntegerLessThan() throws XACML3EntitlementException {
IntegerLessThan integerLessThan = new IntegerLessThan();
integerLessThan.addArgument(integer1);
integerLessThan.addArgument(integer2);
FunctionArgument result = integerLessThan.evaluate(null);
assertNotNull(result);
assertTrue(result.isFalse());
integerLessThan = new IntegerLessThan();
integerLessThan.addArgument(integer4);
integerLessThan.addArgument(integer3);
result = integerLessThan.evaluate(null);
assertNotNull(result);
assertTrue(result.isTrue());
integerLessThan = new IntegerLessThan();
integerLessThan.addArgument(integer4);
integerLessThan.addArgument(integer2);
result = integerLessThan.evaluate(null);
assertNotNull(result);
assertTrue(result.isTrue());
}
public EntitlementCombiner evaluate(XACMLEvalContext pip) {
boolean indeterminate = true;
FunctionArgument evalResult = null;
EntitlementCombiner results = CombinerManager.getInstance(ruleCombiner);
pip.setPolicyRef(this);
System.out.println("Evaluating Policy " + policyName);
try {
evalResult = target.evaluate(pip);
} catch (XACML3EntitlementException ex) {
XACML3Decision result =
new XACML3Decision(policyName, pip.getRequest().getContextID(), "Indeterminate");
results.add(result);
return results;
}
if (evalResult.isTrue()) { // we match, so evaluate
System.out.println("Target true, evaluating rules ");
for (XACML3PolicyRule r : rules) {
XACML3Decision decision = r.evaluate(pip);
results.add(decision);
}
} else {
XACML3Decision result =
new XACML3Decision(policyName, pip.getRequest().getContextID(), "NotApplicable");
results.add(result);
}
return results;
}
public FunctionArgument evaluate(XACMLEvalContext pip) throws XACML3EntitlementException {
int args = getArgCount();
if (args < 2) {
throw new IndeterminateException(
"Function Requires at least 2 arguments, " + "however " + getArgCount() + " in stack.");
}
// Create our union DataBag from other Bags.
DataBag unionBag = new DataBag();
// Iterate Over All DataBag's in Stack, Evaluate and create a Union of all Bags with Unique
// Objects.
try {
for (int i = 0; i < args; i++) {
DataBag bag = (DataBag) getArg(i).doEvaluate(pip);
if (bag == null) {
continue;
}
// Set our Union Data Bag with First Bag's Data Type and check subsequent Bags.
if (i == 0) {
unionBag.setType(bag.getType());
} else {
// Verify our Data Type with First Data Bag's Data Type.
if (bag.getType().getIndex() != unionBag.getType().getIndex()) {
throw new IndeterminateException(
"First Bag Type: "
+ unionBag.getType().getTypeName()
+ ", however a subsequent Bag Type was "
+ bag.getType().getTypeName());
}
}
// Iterate over the current Bag.
for (int b = 0; b < bag.size(); b++) {
DataValue dataValue = (DataValue) bag.get(b).doEvaluate(pip);
boolean contained = false;
for (int z = 0; z < unionBag.size(); z++) {
// Apply the Typed Equal Function to determine if
// the object already exists in the Union Bag.
TimeEqual fEquals = new TimeEqual();
fEquals.addArgument(unionBag.get(z));
fEquals.addArgument(dataValue);
FunctionArgument result = fEquals.doEvaluate(pip);
if (result.isTrue()) {
contained = true;
break;
}
}
// Add the Object if not contained.
if (!contained) {
// Add the Unique DataValue Element into the Union Bag.
unionBag.add(dataValue);
}
} // End of Inner For Loop.
} // End of Outer For Loop.
} catch (Exception e) {
throw new IndeterminateException("Iterating over Arguments Exception: " + e.getMessage());
}
// Return our UnionBag Value.
return unionBag;
}
/**
* Perform a SubSet function against two defined Bags.
*
* @param firstBag
* @param secondBag
* @param pip
* @return
* @throws XACML3EntitlementException
*/
private boolean SubSet(DataBag firstBag, DataBag secondBag, XACMLEvalContext pip)
throws XACML3EntitlementException {
int subSetCount = 0;
// Iterate over the First Bag.
for (int b = 0; b < firstBag.size(); b++) {
DataValue dataValue1 = (DataValue) firstBag.get(b).doEvaluate(pip);
for (int z = 0; z < secondBag.size(); z++) {
DataValue dataValue2 = (DataValue) secondBag.get(z).doEvaluate(pip);
// Check Equality by using this Types Equality Function.
AnyuriEqual fEquals = new AnyuriEqual();
fEquals.addArgument(dataValue2);
fEquals.addArgument(dataValue1);
FunctionArgument result = fEquals.doEvaluate(pip);
if (result.isTrue()) {
subSetCount++;
break;
}
} // End of Inner Loop.
} // End of Outer For Loop.
// Determine if we have in-fact a subSet.
return (subSetCount == firstBag.size());
}
