Back to index

nordugrid-arc-nox  1.1.0~rc6
XACMLEvaluationCtx.cpp
Go to the documentation of this file.
00001 #ifdef HAVE_CONFIG_H
00002 #include <config.h>
00003 #endif
00004 
00005 #include <arc/security/ArcPDP/attr/AttributeValue.h>
00006 
00007 #include "XACMLEvaluationCtx.h"
00008 
00009 using namespace Arc;
00010 using namespace ArcSec;
00011 
00012 Logger XACMLEvaluationCtx::logger(Arc::Logger::rootLogger, "XACMLEvaluationCtx");
00013 
00014 XACMLEvaluationCtx::XACMLEvaluationCtx(Request* request) : req(NULL), EvaluationCtx(request) {
00015   req = request;
00016   XMLNode req_node = req->getReqNode();
00017 }
00018 
00019 XACMLEvaluationCtx::~XACMLEvaluationCtx(){
00020 
00021 }
00022 
00023 Request* XACMLEvaluationCtx::getRequest () const{
00024   return req;
00025 }
00026 
00027 std::list<AttributeValue*> XACMLEvaluationCtx::getAttributes(std::string& reqctxpath, 
00028        Arc::XMLNode& namespaceNode, std::string& data_type, AttributeFactory* attrfactory)  { 
00029   std::list<AttributeValue*> attrlist; 
00030 
00031   XMLNode req_node = req->getReqNode();
00032   NS nsList;
00033   nsList = namespaceNode.Namespaces();
00034   
00035   std::string path;
00036   //If the xPath string is a relative one
00037   if(reqctxpath.find_first_of("/") != 0) {
00038     std::string name = req_node.Name();
00039     std::string name_space = req_node.Namespace();
00040     if(name_space.empty())
00041       //no namespace in the request 
00042       path = "//" + name + "/";
00043     else {
00044       //namespaces are used in the request. lookup the correct prefix 
00045       //for using in the search string
00046       for (NS::const_iterator ns = nsList.begin(); ns != nsList.end(); ++ns) {
00047         std::string ns_val = ns->second;
00048         if(ns_val == name_space) {
00049           std::string ns_name = ns->first;
00050           if(ns_name.empty()) path = "//";
00051           else path = "//" + ns_name;
00052           path  = path + ":" + name + "/";
00053           break;
00054         }
00055       }
00056       if(path.empty()) std::cout<<"Failed to map a namespace into an XPath expression"<<std::endl;
00057     }
00058   }
00059 
00060   path = path + reqctxpath;
00061 
00062   std::size_t pos = path.rfind("/text()");
00063   if(pos!=std::string::npos)
00064     path = path.substr(0, pos);
00065 
00066   std::list<Arc::XMLNode> list = req_node.XPathLookup(path, nsList);
00067   std::list<Arc::XMLNode>::iterator it;
00068 
00069   for (it = list.begin(); it != list.end(); it++) {
00070     std::cout << (*it).FullName() << ":" << (std::string)(*it) << std::endl;
00071     AttributeValue* attr = NULL;
00072     std::string type;
00073     std::size_t f = data_type.find_last_of("#"); //http://www.w3.org/2001/XMLSchema#string
00074     if(f!=std::string::npos) {
00075       type = data_type.substr(f+1);
00076     }
00077     else {
00078       f=data_type.find_last_of(":"); //urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name
00079       type = data_type.substr(f+1);
00080     }
00081     attr = attrfactory->createValue((*it), type);
00082     attrlist.push_back(attr);
00083   }
00084 
00085   return attrlist; 
00086 }
00087 
00088 std::list<AttributeValue*> XACMLEvaluationCtx::getSubjectAttributes(std::string& id, 
00089        std::string& type, std::string& issuer, std::string& category, AttributeFactory* attrfactory) {
00090   std::list<AttributeValue*> attrlist;
00091   XMLNode req_node = req->getReqNode();
00092   for(int i = 0;; i++) {
00093     XMLNode attr_nd = req_node["Subject"]["Attribute"][i];
00094     std::string sub_category = req_node["Subject"].Attribute("SubjectCategory");
00095     if(sub_category.empty()) sub_category = "urn:oasis:names:tc:xacml:1.0:subject-category:access-subject";
00096     if(!attr_nd) break;
00097     std::string attr_id = attr_nd.Attribute("AttributeId");
00098     std::string attr_type = attr_nd.Attribute("DataType");
00099     std::string attr_issuer = attr_nd.Attribute("Issuer");
00100 
00101 std::cout<<attr_id<<"  "<<attr_type<<"  "<<attr_issuer<<std::endl;
00102 std::cout<<id<<"  "<<type<<"  "<<issuer<<std::endl;
00103 
00104     if(attr_id.empty()) continue;
00105     if(attr_type.empty()) attr_type = "xs:string";
00106     if((id == attr_id) && (issuer.empty() || 
00107       (!attr_issuer.empty() && (attr_issuer==issuer)))) {
00108       //If category does not match
00109       if(!category.empty() && sub_category!=category) continue;
00110       //Create the object for attribute
00111       AttributeValue* attr = NULL;
00112       std::string tp;
00113       std::size_t f = attr_type.find_last_of("#"); //http://www.w3.org/2001/XMLSchema#string
00114       if(f!=std::string::npos) {
00115         tp = attr_type.substr(f+1);
00116       }
00117       else {
00118         f=attr_type.find_last_of(":"); //urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name
00119         tp = attr_type.substr(f+1);
00120       }
00121       attr = attrfactory->createValue(attr_nd, tp);
00122       attrlist.push_back(attr);
00123     }
00124   }
00125   return attrlist;
00126 }
00127 
00128 std::list<AttributeValue*> XACMLEvaluationCtx::getAttributesHelper(std::string& id,
00129        std::string& type, std::string& issuer, AttributeFactory* attrfactory, const std::string& target_class) {
00130   std::list<AttributeValue*> attrlist;
00131   XMLNode req_node = req->getReqNode();
00132   for(int i = 0;; i++) {
00133     XMLNode attr_nd = req_node[target_class]["Attribute"][i];
00134     if(!attr_nd) break;
00135     std::string attr_id = attr_nd.Attribute("AttributeId");
00136     std::string attr_type = attr_nd.Attribute("DataType");
00137     std::string attr_issuer = attr_nd.Attribute("Issuer");
00138 
00139 std::cout<<attr_id<<"  "<<attr_type<<"  "<<attr_issuer<<std::endl;
00140 std::cout<<id<<"  "<<type<<"  "<<issuer<<std::endl;
00141 
00142     if(attr_id.empty()) continue;
00143     if(attr_type.empty()) attr_type = "xs:string";
00144     if((id == attr_id) && (issuer.empty() ||
00145       (!attr_issuer.empty() && (attr_issuer==issuer)))) {
00146       AttributeValue* attr = NULL;
00147       std::string tp;
00148       std::size_t f = attr_type.find_last_of("#"); //http://www.w3.org/2001/XMLSchema#string
00149       if(f!=std::string::npos) {
00150         tp = attr_type.substr(f+1);
00151       }
00152       else {
00153         f=attr_type.find_last_of(":"); //urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name
00154         tp = attr_type.substr(f+1);
00155       }
00156       attr = attrfactory->createValue(attr_nd, tp);
00157       attrlist.push_back(attr);
00158     }
00159   }
00160   return attrlist;
00161 }
00162 
00163 std::list<AttributeValue*> XACMLEvaluationCtx::getResourceAttributes(std::string& id, 
00164        std::string& type, std::string& issuer, AttributeFactory* attrfactory) {
00165   return getAttributesHelper(id, type, issuer, attrfactory, std::string("Resource"));
00166 }
00167 
00168 std::list<AttributeValue*> XACMLEvaluationCtx::getActionAttributes(std::string& id, 
00169        std::string& type, std::string& issuer, AttributeFactory* attrfactory) {
00170   return getAttributesHelper(id, type, issuer, attrfactory, std::string("Action"));
00171 }
00172 
00173 std::list<AttributeValue*> XACMLEvaluationCtx::getContextAttributes(std::string& id, 
00174        std::string& type, std::string& issuer, AttributeFactory* attrfactory) {
00175   return getAttributesHelper(id, type, issuer, attrfactory, std::string("Environment"));
00176 }
00177