Back to index

nordugrid-arc-nox  1.1.0~rc6
Public Member Functions | Protected Attributes | Static Protected Attributes
ArcSec::Policy Class Reference

Interface for containing and processing different types of policy. More...

#include <Policy.h>

Inheritance diagram for ArcSec::Policy:
Inheritance graph
[legend]
Collaboration diagram for ArcSec::Policy:
Collaboration graph
[legend]

List of all members.

Public Member Functions

 Policy ()
 Template constructor - creates empty policy.
 Policy (const Arc::XMLNode)
 Template constructor - creates policy based on XML document.
 Policy (const Arc::XMLNode, EvaluatorContext *)
 Template constructor - creates policy based on XML document.
virtual ~Policy ()
virtual operator bool (void) const =0
 Returns true is object is valid.
virtual MatchResult match (EvaluationCtx *)=0
 Evaluate whether the two targets to be evaluated match to each other.
virtual Result eval (EvaluationCtx *)=0
 Evaluate policy For the <Rule> of Arc, only get the "Effect" from rules; For the <Policy> of Arc, combine the evaluation result from <Rule>; For the <Rule> of XACML, evaluate the <Condition> node by using information from request, and use the "Effect" attribute of <Rule>; For the <Policy> of XACML, combine the evaluation result from <Rule>
virtual void addPolicy (Policy *pl)
 Add a policy element to into "this" object.
virtual void setEvaluatorContext (EvaluatorContext *)
 Set Evaluator Context for the usage in creating low-level policy object.
virtual void make_policy ()
 Parse XMLNode, and construct the low-level Rule object.
virtual std::string getEffect () const =0
 Get the "Effect" attribute.
virtual EvalResultgetEvalResult ()=0
 Get eveluation result.
virtual void setEvalResult (EvalResult &res)=0
 Set eveluation result.
virtual const char * getEvalName () const =0
 Get the name of Evaluator which can evaluate this policy.
virtual const char * getName () const =0
 Get the name of this policy.

Protected Attributes

std::list< Policy * > subelements

Static Protected Attributes

static Arc::Logger logger

Detailed Description

Interface for containing and processing different types of policy.

Basically, each policy object is a container which includes a few elements *e.g., ArcPolicySet objects includes a few ArcPolicy objects; ArcPolicy object *includes a few ArcRule objects. There is logical relationship between ArcRules *or ArcPolicies, which is called combining algorithm. According to algorithm, *evaluation results from the elements are combined, and then the combined *evaluation result is returned to the up-level.

Definition at line 24 of file Policy.h.


Constructor & Destructor Documentation

ArcSec::Policy::Policy ( ) [inline]

Template constructor - creates empty policy.

Definition at line 31 of file Policy.h.

{};
ArcSec::Policy::Policy ( const Arc::XMLNode  ) [inline]

Template constructor - creates policy based on XML document.

If XML document is empty then empty policy is created. If it is not empty then it must be valid policy document - otherwise created object should be invalid.

Definition at line 37 of file Policy.h.

{};  
ArcSec::Policy::Policy ( const Arc::XMLNode  ,
EvaluatorContext  
) [inline]

Template constructor - creates policy based on XML document.

If XML document is empty then empty policy is created. If it is not empty then it must be valid policy document - otherwise created object should be invalid. This constructor is based on the policy node and i the EvaluatorContext which includes the factory objects for combining algorithm and function

Definition at line 45 of file Policy.h.

{};
virtual ArcSec::Policy::~Policy ( ) [inline, virtual]

Definition at line 46 of file Policy.h.

{};

Member Function Documentation

virtual void ArcSec::Policy::addPolicy ( Policy pl) [inline, virtual]

Add a policy element to into "this" object.

Definition at line 64 of file Policy.h.

{subelements.push_back(pl);};
virtual Result ArcSec::Policy::eval ( EvaluationCtx ) [pure virtual]

Evaluate policy For the <Rule> of Arc, only get the "Effect" from rules; For the <Policy> of Arc, combine the evaluation result from <Rule>; For the <Rule> of XACML, evaluate the <Condition> node by using information from request, and use the "Effect" attribute of <Rule>; For the <Policy> of XACML, combine the evaluation result from <Rule>

Implemented in ArcSec::ArcRule, ArcSec::XACMLPolicy, ArcSec::ArcPolicy, ArcSec::XACMLRule, and ArcSec::GACLPolicy.

Here is the caller graph for this function:

virtual std::string ArcSec::Policy::getEffect ( ) const [pure virtual]

Get the "Effect" attribute.

Implemented in ArcSec::ArcRule, ArcSec::XACMLPolicy, ArcSec::ArcPolicy, ArcSec::XACMLRule, and ArcSec::GACLPolicy.

virtual const char* ArcSec::Policy::getEvalName ( ) const [pure virtual]

Get the name of Evaluator which can evaluate this policy.

Implemented in ArcSec::ArcRule, ArcSec::XACMLPolicy, ArcSec::ArcPolicy, ArcSec::XACMLRule, and ArcSec::GACLPolicy.

Here is the caller graph for this function:

virtual EvalResult& ArcSec::Policy::getEvalResult ( ) [pure virtual]
virtual const char* ArcSec::Policy::getName ( ) const [pure virtual]

Get the name of this policy.

Implemented in ArcSec::ArcRule, ArcSec::XACMLPolicy, ArcSec::ArcPolicy, ArcSec::XACMLRule, and ArcSec::GACLPolicy.

virtual void ArcSec::Policy::make_policy ( ) [inline, virtual]

Parse XMLNode, and construct the low-level Rule object.

Reimplemented in ArcSec::XACMLPolicy, and ArcSec::ArcPolicy.

Definition at line 70 of file Policy.h.

{};

Here is the caller graph for this function:

virtual MatchResult ArcSec::Policy::match ( EvaluationCtx ) [pure virtual]

Evaluate whether the two targets to be evaluated match to each other.

Implemented in ArcSec::ArcRule, ArcSec::XACMLPolicy, ArcSec::ArcPolicy, ArcSec::XACMLRule, and ArcSec::GACLPolicy.

virtual ArcSec::Policy::operator bool ( void  ) const [pure virtual]

Returns true is object is valid.

Implemented in ArcSec::ArcRule, ArcSec::XACMLRule, ArcSec::XACMLPolicy, ArcSec::ArcPolicy, and ArcSec::GACLPolicy.

virtual void ArcSec::Policy::setEvalResult ( EvalResult res) [pure virtual]
virtual void ArcSec::Policy::setEvaluatorContext ( EvaluatorContext ) [inline, virtual]

Set Evaluator Context for the usage in creating low-level policy object.

Reimplemented in ArcSec::XACMLPolicy, and ArcSec::ArcPolicy.

Definition at line 67 of file Policy.h.

{};

Here is the caller graph for this function:


Member Data Documentation

Arc::Logger ArcSec::Policy::logger [static, protected]
std::list<Policy*> ArcSec::Policy::subelements [protected]

Definition at line 26 of file Policy.h.


The documentation for this class was generated from the following files: