private boolean checkPolicy(Notify notify, AssertionType assertion) {
log.debug("In NhinHiemNotifyWebServiceProxy.checkPolicy");
boolean policyIsValid = false;
NotifyEventType policyCheckReq = new NotifyEventType();
policyCheckReq.setDirection(NhincConstants.POLICYENGINE_OUTBOUND_DIRECTION);
gov.hhs.fha.nhinc.common.eventcommon.NotifyMessageType request =
new gov.hhs.fha.nhinc.common.eventcommon.NotifyMessageType();
request.setAssertion(assertion);
request.setNotify(notify);
policyCheckReq.setMessage(request);
PolicyEngineChecker policyChecker = new PolicyEngineChecker();
CheckPolicyRequestType policyReq = policyChecker.checkPolicyNotify(policyCheckReq);
policyReq.setAssertion(assertion);
PolicyEngineProxyObjectFactory policyEngFactory = new PolicyEngineProxyObjectFactory();
PolicyEngineProxy policyProxy = policyEngFactory.getPolicyEngineProxy();
CheckPolicyResponseType policyResp = policyProxy.checkPolicy(policyReq, assertion);
if (policyResp.getResponse() != null
&& NullChecker.isNotNullish(policyResp.getResponse().getResult())
&& policyResp.getResponse().getResult().get(0).getDecision() == DecisionType.PERMIT) {
policyIsValid = true;
}
log.debug("Finished NhinHiemNotifyWebServiceProxy.checkPolicy - valid: " + policyIsValid);
return policyIsValid;
}
public static CheckPolicyRequestType transformSubscribeToCheckPolicy(SubscribeEventType event) {
CheckPolicyRequestType genericPolicyRequest = new CheckPolicyRequestType();
RequestType request = new RequestType();
if (InboundOutboundChecker.isInbound(event.getDirection())) {
request.setAction(ActionHelper.actionFactory(ActionInValue));
}
if (InboundOutboundChecker.isOutbound(event.getDirection())) {
request.setAction(ActionHelper.actionFactory(ActionOutValue));
}
SubjectHelper subjHelp = new SubjectHelper();
SubjectType subject =
subjHelp.subjectFactory(event.getSendingHomeCommunity(), event.getMessage().getAssertion());
request.getSubject().add(subject);
AdhocQueryRequest adhocReq = new AdhocQueryRequest();
AdhocQueryType adhocQuery = null;
adhocQuery = getAdhocQuery(event.getMessage().getSubscribe());
adhocReq.setAdhocQuery(adhocQuery);
String patId = AdhocQueryTransformHelper.extractPatientIdentifierId(adhocReq);
String assignAuth =
AdhocQueryTransformHelper.extractPatientIdentifierAssigningAuthority(adhocReq);
ResourceType resource = new ResourceType();
AttributeHelper attrHelper = new AttributeHelper();
if (NullChecker.isNotNullish(assignAuth)) {
resource
.getAttribute()
.add(
attrHelper.attributeFactory(
PatientAssigningAuthorityAttributeId, Constants.DataTypeString, assignAuth));
}
if (NullChecker.isNotNullish(patId)) {
String sStrippedPatientId = PatientIdFormatUtil.parsePatientId(patId);
LOG.debug("transformSubscribeToCheckPolicy: sStrippedPatientId = " + sStrippedPatientId);
resource
.getAttribute()
.add(
attrHelper.attributeFactory(
PatientIdAttributeId, Constants.DataTypeString, sStrippedPatientId));
}
setTopic(event, resource);
request.getResource().add(resource);
AssertionHelper assertHelp = new AssertionHelper();
assertHelp.appendAssertionDataToRequest(request, event.getMessage().getAssertion());
genericPolicyRequest.setRequest(request);
genericPolicyRequest.setAssertion(event.getMessage().getAssertion());
return genericPolicyRequest;
}
/**
* Given a request to check the access policy, this service will interface with the PDP to
* determine if access is to be granted or denied.
*
* @param checkPolicyRequest The xacml request to check defined policy
* @return The xacml response which contains the access decision
*/
public gov.hhs.fha.nhinc.common.nhinccommonadapter.CheckPolicyResponseType checkPolicy(
gov.hhs.fha.nhinc.common.nhinccommonadapter.CheckPolicyRequestType checkPolicyRequest,
WebServiceContext context) {
CheckPolicyResponseType checkPolicyResp = null;
AdapterPEPImpl adapterPEPImpl = getAdapterPEPImpl();
try {
AssertionType assertion = checkPolicyRequest.getAssertion();
loadAssertion(assertion, context);
checkPolicyResp = adapterPEPImpl.checkPolicy(checkPolicyRequest, assertion);
} catch (Exception ex) {
String message =
"Error occurred calling AdapterPEPImpl.checkPolicy. Error: " + ex.getMessage();
LOG.error(message, ex);
throw new RuntimeException(message, ex);
}
return checkPolicyResp;
}