public static void addSamplePolicies(Registry registry) { File policyFolder = new File( CarbonUtils.getCarbonHome() + File.separator + "repository" + File.separator + "resources" + File.separator + "security" + File.separator + "policies" + File.separator + "xacml" + File.separator + "default"); if (policyFolder.exists()) { for (File policyFile : policyFolder.listFiles()) { if (policyFile.isFile()) { PolicyDTO policyDTO = new PolicyDTO(); try { policyDTO.setPolicy(FileUtils.readFileToString(policyFile)); EntitlementUtil.addFilesystemPolicy(policyDTO, registry, false); } catch (Exception e) { // log and ignore log.error("Error while adding sample XACML policies", e); } } } } }
/** * This method persists a new XACML policy, which was read from filesystem, in the registry * * @param policyDTO PolicyDTO object * @param registry Registry * @param promote where policy must be promote PDP or not * @return returns whether True/False * @throws org.wso2.carbon.identity.entitlement.EntitlementException throws if policy with same id * is exist */ public static boolean addFilesystemPolicy(PolicyDTO policyDTO, Registry registry, boolean promote) throws EntitlementException { PAPPolicyStoreManager policyAdmin; AbstractPolicy policyObj; if (policyDTO.getPolicy() != null) { policyDTO.setPolicy(policyDTO.getPolicy().replaceAll(">\\s+<", "><")); } policyObj = getPolicy(policyDTO.getPolicy()); if (policyObj != null) { PAPPolicyStore policyStore = new PAPPolicyStore(registry); policyAdmin = new PAPPolicyStoreManager(); policyDTO.setPolicyId(policyObj.getId().toASCIIString()); policyDTO.setActive(true); if (isPolicyExists(policyDTO.getPolicyId(), registry)) { throw new EntitlementException("An Entitlement Policy with the given ID already exists"); } policyDTO.setPromote(true); policyAdmin.addOrUpdatePolicy(policyDTO); PAPPolicyStoreReader reader = new PAPPolicyStoreReader(policyStore); policyDTO = reader.readPolicyDTO(policyDTO.getPolicyId()); PolicyStoreDTO policyStoreDTO = new PolicyStoreDTO(); policyStoreDTO.setPolicyId(policyDTO.getPolicyId()); policyStoreDTO.setPolicy(policyDTO.getPolicy()); policyStoreDTO.setPolicyOrder(policyDTO.getPolicyOrder()); policyStoreDTO.setAttributeDTOs(policyDTO.getAttributeDTOs()); if (promote) { addPolicyToPDP(policyStoreDTO); } policyAdmin.addOrUpdatePolicy(policyDTO); return true; } else { throw new EntitlementException("Invalid Entitlement Policy"); } }