Back to index

nordugrid-arc-nox  1.1.0~rc6
ArcRule.h
Go to the documentation of this file.
00001 #ifndef __ARC_SEC_ARCRULE_H__
00002 #define __ARC_SEC_ARCRULE_H__
00003 
00004 #include <arc/XMLNode.h>
00005 #include <list>
00006 
00007 #include <arc/security/ArcPDP/policy/Policy.h>
00008 #include <arc/security/ArcPDP/fn/Function.h>
00009 #include <arc/security/ArcPDP/alg/CombiningAlg.h>
00010 #include <arc/security/ArcPDP/attr/AttributeFactory.h>
00011 #include <arc/security/ArcPDP/fn/FnFactory.h>
00012 #include <arc/security/ArcPDP/Evaluator.h>
00013 
00014 namespace ArcSec {
00018 typedef std::pair<AttributeValue*, Function*> Match;
00019  
00050 
00051 typedef std::list<Match> AndList;
00052 
00054 typedef std::list<AndList> OrList;
00055 
00056 
00057 enum Id_MatchResult {
00058   //The "id" of all the <Attribute>s under a <Subject> (or other type) is matched
00059   //by <Attribute>s under <Subject> in <RequestItem>
00060   ID_MATCH = 0,
00061   //Part "id" is matched
00062   ID_PARTIAL_MATCH = 1,
00063   //Any "id" of the <Attrubute>s is not matched
00064   ID_NO_MATCH = 2
00065 };
00066 
00068 class ArcRule : public Policy {
00069 public:
00070   ArcRule(const Arc::XMLNode node, EvaluatorContext* ctx);  
00071 
00072   virtual std::string getEffect() const;
00073 
00074   virtual Result eval(EvaluationCtx* ctx);
00075 
00076   virtual MatchResult match(EvaluationCtx* ctx);
00077 
00078   virtual ~ArcRule();
00079 
00080   virtual operator bool(void) const ;
00081 
00082   virtual EvalResult& getEvalResult();
00083 
00084   virtual void setEvalResult(EvalResult& res);
00085 
00086   const char* getEvalName() const;
00087 
00088   const char* getName() const;
00089 
00090 private:
00095   void getItemlist(Arc::XMLNode& nd, OrList& items, const std::string& itemtype, const std::string& type_attr, 
00096     const std::string& function_attr);
00097 
00098 private:
00099   std::string effect;
00100   std::string id;
00101   std::string version;
00102   std::string description;
00103  
00104   OrList subjects;
00105   OrList resources;
00106   OrList actions;
00107   OrList conditions;
00108 
00109   AttributeFactory* attrfactory;
00110   FnFactory* fnfactory;
00111 
00112   EvalResult evalres;
00113   Arc::XMLNode rulenode;
00114 
00115   Id_MatchResult sub_idmatched;
00116   Id_MatchResult res_idmatched;
00117   Id_MatchResult act_idmatched;
00118   Id_MatchResult ctx_idmatched; 
00119 
00120 protected:
00121   static Arc::Logger logger;
00122 };
00123 
00124 } // namespace ArcSec
00125 
00126 #endif /* __ARC_SEC_ARCRULE_H__ */
00127