Back to index

nordugrid-arc-nox  1.1.0~rc6
GACLEvaluator.cpp
Go to the documentation of this file.
00001 #ifdef HAVE_CONFIG_H
00002 #include <config.h>
00003 #endif
00004 
00005 //#include <arc/loader/ClassLoader.h>
00006 
00007 #include "GACLPolicy.h"
00008 #include "GACLRequest.h"
00009 
00010 #include "GACLEvaluator.h"
00011 
00012 Arc::Plugin* ArcSec::GACLEvaluator::get_evaluator(Arc::PluginArgument* arg) {
00013     Arc::ClassLoaderPluginArgument* clarg =
00014             arg?dynamic_cast<Arc::ClassLoaderPluginArgument*>(arg):NULL;
00015     if(!clarg) return NULL;
00016     return new ArcSec::GACLEvaluator((Arc::XMLNode*)(*clarg));
00017 }
00018 
00019 //loader_descriptors __arc_evaluator_modules__  = {
00020 //    { "gacl.evaluator", 0, &ArcSec::GACLEvaluator::get_evaluator },
00021 //    { NULL, 0, NULL }
00022 //};
00023 
00024 using namespace Arc;
00025 using namespace ArcSec;
00026 
00027 Arc::Logger ArcSec::GACLEvaluator::logger(Arc::Logger::rootLogger, "GACLEvaluator");
00028 
00029 GACLEvaluator::GACLEvaluator(Arc::XMLNode* cfg) : Evaluator(cfg), plstore(NULL)  {
00030   plstore = new PolicyStore("", "gacl.policy", NULL);
00031   if(!plstore) logger.msg(ERROR, "Can not create PolicyStore object");
00032   combining_alg = EvaluatorFailsOnDeny;
00033 }
00034 
00035 GACLEvaluator::GACLEvaluator(const char * cfgfile) : Evaluator(cfgfile){
00036   plstore = new PolicyStore("", "gacl.policy", NULL);
00037   if(!plstore) logger.msg(ERROR, "Can not create PolicyStore object");
00038   combining_alg = EvaluatorFailsOnDeny;
00039 }
00040 
00041 Response* GACLEvaluator::evaluate(Request* request, Policy* policyobj) {
00042   GACLPolicy* gpol = dynamic_cast<GACLPolicy*>(policyobj);
00043   if(!gpol) return NULL;
00044   GACLRequest* greq = dynamic_cast<GACLRequest*>(request);
00045   if(!greq) return NULL;
00046   EvaluationCtx ctx(greq);
00047   ResponseItem* ritem = new ResponseItem;
00048   if(!ritem) return NULL;
00049   Response* resp = new Response();
00050   if(!resp) { delete ritem; return NULL; };
00051   resp->setRequestSize(0);
00052   ritem->reqtp = NULL;
00053   ritem->res = gpol->eval(&ctx);
00054   //greq->getXML().New(ritem->reqxml);
00055   //ritem->plsxml.push_back(gpol->getXML());
00056   //ritem->pls.push_back(gpol);
00057   resp->addResponseItem(ritem);
00058   return resp;
00059 }
00060 
00061 Response* GACLEvaluator::evaluate(const Source& request, const Source& policy) {
00062   GACLRequest greq(request);
00063   GACLPolicy* gpol = new GACLPolicy(policy);
00064   return evaluate(&greq,gpol);
00065 }
00066 
00067 Response* GACLEvaluator::evaluate(Request* request, const Source& policy) {
00068   GACLPolicy* gpol = new GACLPolicy(policy);
00069   return evaluate(request,gpol);
00070 }
00071 
00072 Response* GACLEvaluator::evaluate(const Source& request, Policy* policyobj) {
00073   GACLRequest greq(request);
00074   return evaluate(&greq,policyobj);
00075 }
00076 
00077 Response* GACLEvaluator::evaluate(Request* request) {
00078   if(!plstore) return NULL;
00079   GACLRequest* greq = dynamic_cast<GACLRequest*>(request);
00080   if(!greq) return NULL;
00081   EvaluationCtx ctx(greq);
00082   ResponseItem* ritem = new ResponseItem;
00083   if(!ritem) return NULL;
00084   Response* resp = new Response();
00085   if(!resp) { delete ritem; return NULL; };
00086   Result result = DECISION_DENY;
00087   std::list<PolicyStore::PolicyElement> policies = plstore->findPolicy(&ctx);
00088   std::list<PolicyStore::PolicyElement>::iterator policyit;
00089   bool have_permit = false;
00090   bool have_deny = false;
00091   bool have_indeterminate = false;
00092   bool have_notapplicable = false;
00093   for(policyit = policies.begin(); policyit != policies.end(); policyit++){
00094     Result res = ((Policy*)(*policyit))->eval(&ctx);
00095     if(res == DECISION_PERMIT){
00096       have_permit=true;
00097       if(combining_alg == EvaluatorStopsOnPermit) break;
00098     } else if(res == DECISION_DENY) {
00099       have_deny=true;
00100       if(combining_alg == EvaluatorStopsOnDeny) break;
00101       if(combining_alg == EvaluatorFailsOnDeny) break;
00102     } else if(res == DECISION_INDETERMINATE) {
00103       have_indeterminate=true;
00104     } else if(res == DECISION_NOT_APPLICABLE) {
00105       have_notapplicable=true;
00106     };
00107   };
00108   if(have_permit) { result = DECISION_PERMIT; }
00109   else if(have_deny) { result = DECISION_DENY; }
00110   else if(have_indeterminate) { result = DECISION_INDETERMINATE; }
00111   else if(have_notapplicable) { result = DECISION_NOT_APPLICABLE; };
00112   resp->setRequestSize(0);
00113   ritem->reqtp = NULL;
00114   ritem->res = result;
00115   //greq->getXML().New(ritem->reqxml);
00116   //ritem->plsxml.push_back(gpol->getXML());
00117   //ritem->pls.push_back(gpol);
00118   resp->addResponseItem(ritem);
00119   return resp;
00120 }
00121 
00122 Response* GACLEvaluator::evaluate(const Source& request) {
00123   GACLRequest greq(request);
00124   return evaluate(&greq);
00125 }
00126 
00127 GACLEvaluator::~GACLEvaluator(){
00128   if(plstore) delete plstore;
00129 }
00130