本文整理汇总了Java中org.wso2.balana.ctx.AbstractResult.getDecision方法的典型用法代码示例。如果您正苦于以下问题:Java AbstractResult.getDecision方法的具体用法?Java AbstractResult.getDecision怎么用?Java AbstractResult.getDecision使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.wso2.balana.ctx.AbstractResult
的用法示例。
在下文中一共展示了AbstractResult.getDecision方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getResponse
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
/**
* Helper method to get XACML decision
*
* @param requestAttributes XACML request attributes
* @return whether permit or deny
*/
private boolean getResponse(List<AttributeDTO> requestAttributes) {
ResponseCtx responseCtx;
AbstractRequestCtx requestCtx = EntitlementUtil.createRequestContext(requestAttributes);
responseCtx = EntitlementEngine.getInstance().evaluateByContext(requestCtx);
if (responseCtx != null) {
Set<AbstractResult> results = responseCtx.getResults();
for (AbstractResult result : results) {
if (result.getDecision() == AbstractResult.DECISION_PERMIT) {
return true;
}
}
}
return false;
}
示例2: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
@Override
public AbstractResult combine(EvaluationCtx context, List parameters, List policyElements) {
List<ObligationResult> denyObligations = new ArrayList<ObligationResult>();
List<Advice> denyAdvices = new ArrayList<Advice>();
for (Object policyElement : policyElements) {
AbstractPolicy policy = ((PolicyCombinerElement) (policyElement)).getPolicy();
AbstractResult result = policy.evaluate(context);
int value = result.getDecision();
// if there was a value of PERMIT, then regardless of what else
// we've seen, we always return PERMIT
if (value == AbstractResult.DECISION_PERMIT) {
return result;
} else if(value == AbstractResult.DECISION_DENY){
denyObligations.addAll(result.getObligations());
denyAdvices.addAll(result.getAdvices());
}
}
// if there is not any value of PERMIT. The return DENY
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_DENY, denyObligations,
denyAdvices, context);
}
示例3: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
@Override
public AbstractResult combine(EvaluationCtx context, List parameters, List ruleElements) {
List<ObligationResult> permitObligations = new ArrayList<ObligationResult>();
List<Advice> permitAdvices= new ArrayList<Advice>();
for (Object ruleElement : ruleElements) {
Rule rule = ((RuleCombinerElement) (ruleElement)).getRule();
AbstractResult result = rule.evaluate(context);
int value = result.getDecision();
// if there was a value of DENY, then regardless of what else
// we've seen, we always return DENY
if (value == AbstractResult.DECISION_DENY) {
return result;
} else if(value == AbstractResult.DECISION_PERMIT){
permitObligations.addAll(result.getObligations());
permitAdvices.addAll(result.getAdvices());
}
}
// if there is not any value of DENY. The return PERMIT
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_PERMIT,
permitObligations, permitAdvices, context);
}
示例4: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
@Override
public AbstractResult combine(EvaluationCtx context, List parameters, List policyElements) {
List<ObligationResult> permitObligations = new ArrayList<ObligationResult>();
List<Advice> permitAdvices= new ArrayList<Advice>();
for (Object policyElement : policyElements) {
AbstractPolicy policy = ((PolicyCombinerElement) (policyElement)).getPolicy();
AbstractResult result = policy.evaluate(context);
int value = result.getDecision();
// if there was a value of DENY, then regardless of what else
// we've seen, we always return DENY
if (value == AbstractResult.DECISION_DENY) {
return result;
} else if(value == AbstractResult.DECISION_PERMIT){
permitObligations.addAll(result.getObligations());
permitAdvices.addAll(result.getAdvices());
}
}
// if there is not any value of DENY. The return PERMIT
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_PERMIT,
permitObligations, permitAdvices, context);
}
示例5: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
@Override
public AbstractResult combine(EvaluationCtx context, List parameters, List ruleElements) {
List<ObligationResult> denyObligations = new ArrayList<ObligationResult>();
List<Advice> denyAdvices = new ArrayList<Advice>();
for (Object ruleElement : ruleElements) {
Rule rule = ((RuleCombinerElement) (ruleElement)).getRule();
AbstractResult result = rule.evaluate(context);
int value = result.getDecision();
// if there was a value of PERMIT, then regardless of what else
// we've seen, we always return PERMIT
if (value == AbstractResult.DECISION_PERMIT) {
return result;
} else if(value == AbstractResult.DECISION_DENY){
denyObligations.addAll(result.getObligations());
denyAdvices.addAll(result.getAdvices());
}
}
// if there is not any value of PERMIT. The return DENY
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_DENY, denyObligations,
denyAdvices, context);
}
示例6: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
/**
* Applies the combining rule to the set of rules based on the evaluation context.
*
* @param context the context from the request
* @param parameters a (possibly empty) non-null <code>List</code> of
* <code>CombinerParameter<code>s
* @param ruleElements the rules to combine
*
* @return the result of running the combining algorithm
*/
public AbstractResult combine(EvaluationCtx context, List parameters, List ruleElements) {
Iterator it = ruleElements.iterator();
while (it.hasNext()) {
Rule rule = ((RuleCombinerElement) (it.next())).getRule();
AbstractResult result = rule.evaluate(context);
int value = result.getDecision();
// in the case of PERMIT, DENY, or INDETERMINATE, we always
// just return that result, so only on a rule that doesn't
// apply do we keep going...
if (value != Result.DECISION_NOT_APPLICABLE) {
return result;
}
}
// if we got here, then none of the rules applied
return ResultFactory.getFactory().getResult(Result.DECISION_NOT_APPLICABLE, context);
}
示例7: evaluate
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
/**
* Tries to evaluate the policy by calling the combining algorithm on the given policies or
* rules. The <code>match</code> method must always be called first, and must always return
* MATCH, before this method is called.
*
* @param context the representation of the request
*
* @return the result of evaluation
*/
public AbstractResult evaluate(EvaluationCtx context) {
// evaluate
AbstractResult result = combiningAlg.combine(context, parameters, childElements);
// if we have no obligation expressions or advice expressions, we're done
if (obligationExpressions.size() < 1 && adviceExpressions.size() < 1){
return result;
}
// if we have obligations,
// now, see if we should add any obligations to the set
int effect = result.getDecision();
if ((effect == Result.DECISION_INDETERMINATE) || (effect == Result.DECISION_NOT_APPLICABLE)) {
// we didn't permit/deny, so we never return obligations
return result;
}
// if any obligations or advices are defined, evaluates them and return
processObligationAndAdvices(context, effect, result);
return result;
}
示例8: checkAccessByRequest
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
public static boolean checkAccessByRequest(String request){
boolean access = false;
PDP pdp = PDPHelper.getPDPNewInstance();
String response = pdp.evaluate(request);
if (debug) {
System.out
.println("XACML Response:");
System.out.println(response);
}
try {
ResponseCtx responseCtx = ResponseCtx
.getInstance(XACMLHelper.getXacmlResponse(response));
AbstractResult result = responseCtx.getResults().iterator().next();
if (AbstractResult.DECISION_PERMIT == result.getDecision()) {
access = true;
}
} catch (ParsingException e) {
e.printStackTrace();
}
return access;
}
示例9: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
@Override
public AbstractResult combine(EvaluationCtx context, List parameters, List ruleElements) {
int noOfDenyRules = 0;
int noOfPermitRules = 0;
for (Object ruleElement : ruleElements) {
Rule rule = ((RuleCombinerElement) (ruleElement)).getRule();
AbstractResult result = rule.evaluate(context);
int value = result.getDecision();
if (value == Result.DECISION_DENY) {
noOfDenyRules++;
} else if (value == Result.DECISION_PERMIT) {
noOfPermitRules++;
}
}
if(noOfPermitRules > noOfDenyRules){
return ResultFactory.getFactory().getResult(Result.DECISION_PERMIT, context);
} else {
return ResultFactory.getFactory().getResult(Result.DECISION_DENY, context);
}
}
示例10: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
/**
* Applies the combining rule to the set of policies based on the evaluation context.
*
* @param context the context from the request
* @param parameters a (possibly empty) non-null <code>List</code> of
* <code>CombinerParameter<code>s
* @param policyElements the policies to combine
*
* @return the result of running the combining algorithm
*/
public AbstractResult combine(EvaluationCtx context, List parameters, List policyElements) {
Iterator it = policyElements.iterator();
while (it.hasNext()) {
AbstractPolicy policy = ((PolicyCombinerElement) (it.next())).getPolicy();
// make sure that the policy matches the context
MatchResult match = policy.match(context);
if (match.getResult() == MatchResult.INDETERMINATE)
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_INDETERMINATE,
match.getStatus(), context);
if (match.getResult() == MatchResult.MATCH) {
// evaluate the policy
AbstractResult result = policy.evaluate(context);
int effect = result.getDecision();
// in the case of PERMIT, DENY, or INDETERMINATE, we always
// just return that result, so only on a rule that doesn't
// apply do we keep going...
if (effect != Result.DECISION_NOT_APPLICABLE && !context.isSearching()) {
return result;
}
}
}
// if we got here, then none of the rules applied
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_NOT_APPLICABLE, context);
}
示例11: main
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
public static void main(String[] args){
Console console;
String userName = "none";
String content = "foo";
initBalana();
if ((console = System.console()) != null){
userName = console.readLine("Enter User name [bob, peter, alice] : ");
if(userName == null || userName.trim().length() < 1 ){
System.err.println("\nUser name can not be empty\n");
return;
}
}
String request = createXACMLRequest(userName, content);
PDP pdp = getPDPNewInstance();
System.out.println("\n======================== XACML Request ====================");
System.out.println(request);
System.out.println("===========================================================");
String response = pdp.evaluate(request);
System.out.println("\n======================== XACML Response ===================");
System.out.println(response);
System.out.println("===========================================================");
try {
ResponseCtx responseCtx = ResponseCtx.getInstance(getXacmlResponse(response));
AbstractResult result = responseCtx.getResults().iterator().next();
if(AbstractResult.DECISION_PERMIT == result.getDecision()){
System.out.println("\n" + userName + " is authorized to perform this access\n\n");
} else {
System.out.println("\n" + userName + " is NOT authorized to perform this access\n");
}
} catch (ParsingException e) {
e.printStackTrace();
}
}
示例12: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
@Override
public AbstractResult combine(EvaluationCtx context, List parameters, List policyElements) {
List<ObligationResult> denyObligations = new ArrayList<ObligationResult>();
List<Advice> denyAdvices = new ArrayList<Advice>();
for (Object policyElement : policyElements) {
AbstractPolicy policy = ((PolicyCombinerElement) (policyElement)).getPolicy();
MatchResult match = policy.match(context);
if (match.getResult() == MatchResult.MATCH) {
AbstractResult result = policy.evaluate(context);
int value = result.getDecision();
// if there was a value of PERMIT, then regardless of what else
// we've seen, we always return PERMIT
if (value == AbstractResult.DECISION_PERMIT) {
return result;
} else if(value == AbstractResult.DECISION_DENY){
denyObligations.addAll(result.getObligations());
denyAdvices.addAll(result.getAdvices());
}
}
}
// if there is not any value of PERMIT. The return DENY
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_DENY, denyObligations,
denyAdvices, context);
}
示例13: abstractResultToJSONObject
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
/**
* Private method to convert a given Balana <code>{@link AbstractResult}</code> to a <code>{@link JsonObject}</code>
*
* @param result <code>{@link AbstractResult}</code>
* @return <code>{@link JsonObject}</code>
* @throws ResponseWriteException <code>{@link ResponseWriteException}</code>
*/
private static JsonObject abstractResultToJSONObject(AbstractResult result) throws ResponseWriteException {
JsonObject jsonResult = new JsonObject();
//Decision property is mandatory, if not set throw error
if (result.getDecision() == -1) {
throw new ResponseWriteException(40031, "XACML Result should contain the Decision");
}
jsonResult.addProperty(EntitlementEndpointConstants.DECISION,
AbstractResult.DECISIONS[result.getDecision()]);
//If Status object is present, convert it
if (result.getStatus() != null) {
jsonResult.add(EntitlementEndpointConstants.STATUS, statusToJSONObject(result.getStatus()));
}
//If Obligations are present
if (result.getObligations() != null && !result.getObligations().isEmpty()) {
//can only get ObligationResult objects from balana
JsonArray obligations = new JsonArray();
for (ObligationResult obligation : result.getObligations()) {
if (obligation instanceof Obligation) {
obligations.add(obligationToJsonObject((Obligation) obligation));
} else {
obligations.add(new JsonPrimitive(obligation.encode()));
}
}
jsonResult.add(EntitlementEndpointConstants.OBLIGATIONS, obligations);
}
//Do the same with attributes
if (result.getAdvices() != null && !result.getAdvices().isEmpty()) {
//can only get ObligationResult objects from balana
JsonArray advices = new JsonArray();
for (Advice advice : result.getAdvices()) {
advices.add(adviceToJsonObject(advice));
}
jsonResult.add(EntitlementEndpointConstants.ASSOCIATED_ADVICE, advices);
}
/**
* Todo: Category, PolicyIdentifierList
*/
return jsonResult;
}
示例14: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
/**
* Applies the combining rule to the set of policies based on the evaluation context.
*
* @param context the context from the request
* @param parameters a (possibly empty) non-null <code>List</code> of
* <code>CombinerParameter<code>s
* @param policyElements the policies to combine
*
* @return the result of running the combining algorithm
*/
public AbstractResult combine(EvaluationCtx context, List parameters, List policyElements) {
boolean atLeastOnePermit = false;
List<ObligationResult> permitObligations = new ArrayList<ObligationResult>();
List<Advice> permitAdvices= new ArrayList<Advice>();
Iterator it = policyElements.iterator();
while (it.hasNext()) {
AbstractPolicy policy = ((PolicyCombinerElement) (it.next())).getPolicy();
// make sure that the policy matches the context
MatchResult match = policy.match(context);
if (match.getResult() == MatchResult.INDETERMINATE){ //TODO do we really want this?
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_DENY, context);
}
if (match.getResult() == MatchResult.MATCH) {
// evaluate the policy
AbstractResult result = policy.evaluate(context);
int effect = result.getDecision();
// unlike in the RuleCombining version of this alg, we always
// return DENY if any Policy returns DENY or INDETERMINATE
if (effect == AbstractResult.DECISION_DENY){
return result;
}
if (effect == AbstractResult.DECISION_INDETERMINATE ||
effect == AbstractResult.DECISION_INDETERMINATE_DENY ||
effect == AbstractResult.DECISION_INDETERMINATE_PERMIT ||
effect == AbstractResult.DECISION_INDETERMINATE_DENY_OR_PERMIT) {
return ResultFactory.getFactory().getResult(Result.DECISION_DENY, context);
}
// remember if at least one Policy said PERMIT
if (effect == Result.DECISION_PERMIT) {
atLeastOnePermit = true;
permitAdvices.addAll(result.getAdvices());
permitObligations.addAll(result.getObligations());
}
}
}
// if we got a PERMIT, return it, otherwise it's NOT_APPLICABLE
if (atLeastOnePermit) {
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_PERMIT,
permitObligations, permitAdvices, context);
} else {
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_NOT_APPLICABLE, context);
}
}
示例15: combine
import org.wso2.balana.ctx.AbstractResult; //导入方法依赖的package包/类
/**
* Applies the combining rule to the set of rules based on the evaluation context.
*
* @param context the context from the request
* @param parameters a (possibly empty) non-null <code>List</code> of
* <code>CombinerParameter<code>s
* @param ruleElements the rules to combine
*
* @return the result of running the combining algorithm
*/
public AbstractResult combine(EvaluationCtx context, List parameters, List ruleElements) {
boolean atLeastOneError = false;
boolean potentialPermit = false;
boolean atLeastOneDeny = false;
AbstractResult firstIndeterminateResult = null;
List<ObligationResult> denyObligations = new ArrayList<ObligationResult>();
List<Advice> denyAdvices = new ArrayList<Advice>();
Iterator it = ruleElements.iterator();
while (it.hasNext()) {
Rule rule = ((RuleCombinerElement) (it.next())).getRule();
AbstractResult result = rule.evaluate(context);
int value = result.getDecision();
// if there was a value of PERMIT, then regardless of what
// else we've seen, we always return PERMIT
if (value == AbstractResult.DECISION_PERMIT){
return result;
}
// if it was INDETERMINATE, then we couldn't figure something
// out, so we keep track of these cases...
if (value == AbstractResult.DECISION_INDETERMINATE ||
value == AbstractResult.DECISION_INDETERMINATE_DENY ||
value == AbstractResult.DECISION_INDETERMINATE_PERMIT ||
value == AbstractResult.DECISION_INDETERMINATE_DENY_OR_PERMIT) {
atLeastOneError = true;
// there are no rules about what to do if multiple cases
// cause errors, so we'll just return the first one
if (firstIndeterminateResult == null){
firstIndeterminateResult = result;
}
// if the Rule's effect is PERMIT, then we can't let this
// alg return DENY, since this Rule might have permitted
// if it could do its stuff
if (rule.getEffect() == AbstractResult.DECISION_PERMIT){
potentialPermit = true;
}
} else {
// keep track of whether we had at least one rule that
// actually pertained to the request
if (value == AbstractResult.DECISION_DENY)
atLeastOneDeny = true;
denyAdvices.addAll(result.getAdvices());
denyObligations.addAll(result.getObligations());
}
}
// we didn't explicitly PERMIT, but we might have had some Rule
// been evaluated, so we have to return INDETERMINATE
if (potentialPermit){
return firstIndeterminateResult;
}
// some Rule said DENY, so since nothing could have permitted,
// we return DENY
if (atLeastOneDeny){
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_DENY, denyObligations,
denyAdvices, context);
}
// we didn't find anything that said DENY, but if we had a
// problem with one of the Rules, then we're INDETERMINATE
if (atLeastOneError){
return firstIndeterminateResult;
}
// if we hit this point, then none of the rules actually applied
// to us, so we return NOT_APPLICABLE
return ResultFactory.getFactory().getResult(AbstractResult.DECISION_NOT_APPLICABLE, context);
}