Back to index

nordugrid-arc-nox  1.1.0~rc6
Public Member Functions | Private Attributes
ArcSec::XACMLTargetMatch Class Reference

#include <XACMLTarget.h>

Collaboration diagram for ArcSec::XACMLTargetMatch:
Collaboration graph

List of all members.

Public Member Functions

 XACMLTargetMatch (Arc::XMLNode &node, EvaluatorContext *ctx)
virtual ~XACMLTargetMatch ()
virtual MatchResult match (EvaluationCtx *ctx)

Private Attributes

Arc::XMLNode matchnode
std::string matchId

Detailed Description

Definition at line 18 of file XACMLTarget.h.

Constructor & Destructor Documentation

Definition at line 20 of file XACMLTarget.cpp.

                                                                       : matchnode(node), 
  attrval(NULL), function(NULL), selector(NULL), designator(NULL){
  attrfactory = (AttributeFactory*)(*ctx);
  fnfactory = (FnFactory*)(*ctx); 

  matchId = (std::string)(node.Attribute("MatchId"));
  //get the suffix of xacml-formated matchId, like
  //and use it as the function name
  std::size_t found = matchId.find_last_of(":");
  std::string funcname = matchId.substr(found+1);

  //If matchId does not exist, compose the DataType and "equal" function
  //e.g. if the DataType of <AttributeValue> inside this <Match> is "string", then 
  //suppose the match function is "string-equal"
  std::string datatype = (std::string)(node["AttributeValue"].Attribute("DataType"));
  if(funcname.empty()) funcname = EqualFunction::getFunctionName(datatype); 
  //create the Function based on the function name
  function = fnfactory->createFn(funcname);
  if(!function) { logger.msg(ERROR, "Can not create function %s", funcname); return; }

  //create the AttributeValue, AttributeDesignator and AttributeSelector
  XMLNode cnd;

  XMLNode attrval_nd;
  std::string attrval_id;
  std::string attrval_type;
  for(int i = 0;;i++ ) {
    cnd = node.Child(i);
    if(!cnd) break;
    std::string name = cnd.Name();
    if(name.find("AttributeValue") != std::string::npos) {
       std::string data_type = cnd.Attribute("DataType");
       //<AttributeValue DataType="">
       attrval_nd = cnd;
       std::size_t f = data_type.find_last_of("#"); //
       if(f!=std::string::npos) {
         attrval_type = data_type.substr(f+1);
       else {
         f=data_type.find_last_of(":"); //urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name
         attrval_type = data_type.substr(f+1);
    else if(name.find("AttributeSelector") != std::string::npos) {
      selector = new AttributeSelector(cnd, attrfactory);
      attrval_id = (std::string)(cnd.Attribute("AttributeId"));   
    else if(name.find("AttributeDesignator") != std::string::npos) {
      designator = new AttributeDesignator(cnd, attrfactory);
      attrval_id = (std::string)(cnd.Attribute("AttributeId"));
  //kind of hack here. Because in xacml, <AttributeValue/> (the policy side)
  //normally xml attribute "AttributeId" is absent, but in our implementation 
  //about comparing two attribute, "AttributeId" is required.
  attrval_nd.NewAttribute("AttributeId") = attrval_id;
  attrval = attrfactory->createValue(attrval_nd, attrval_type);

Here is the call graph for this function:

Definition at line 83 of file XACMLTarget.cpp.

  if(attrval != NULL) delete attrval;
  if(selector != NULL) delete selector;
  if(designator != NULL) delete designator;

Member Function Documentation

Definition at line 89 of file XACMLTarget.cpp.

  std::list<AttributeValue*> attrlist;
  if(selector != NULL) attrlist = selector->evaluate(ctx);
  else if(designator != NULL) attrlist = designator->evaluate(ctx);

  AttributeValue* evalres = NULL;
  std::list<AttributeValue*>::iterator i;
  for(i = attrlist.begin(); i != attrlist.end(); i++) {
std::cout<<"Request side: "<<(*i)->encode()<<" Policy side:  "<<attrval->encode()<<std::endl;
    evalres = function->evaluate(attrval, (*i), false);
    BooleanAttribute bool_attr(true);
    if((evalres != NULL) && (evalres->equal(&bool_attr))) { 
      delete evalres; break; 
    if(evalres) delete evalres;
  while(!(attrlist.empty())) {
    AttributeValue* val = attrlist.back();
    delete val;
  if(evalres) return MATCH;
  else return NO_MATCH;

Here is the call graph for this function:

Member Data Documentation

Definition at line 25 of file XACMLTarget.h.

Definition at line 30 of file XACMLTarget.h.

Definition at line 32 of file XACMLTarget.h.

Definition at line 26 of file XACMLTarget.h.

Definition at line 31 of file XACMLTarget.h.

std::string ArcSec::XACMLTargetMatch::matchId [private]

Definition at line 28 of file XACMLTarget.h.

Definition at line 27 of file XACMLTarget.h.

Definition at line 33 of file XACMLTarget.h.

The documentation for this class was generated from the following files: