modules/ace/engine/PolicyInformationPoint.cpp

   1 /*
   2  * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *    Licensed under the Apache License, Version 2.0 (the "License");
   5  *    you may not use this file except in compliance with the License.
   6  *    You may obtain a copy of the License at
   7  *
   8  *        http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *    Unless required by applicable law or agreed to in writing, software
  11  *    distributed under the License is distributed on an "AS IS" BASIS,
  12  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *    See the License for the specific language governing permissions and
  14  *    limitations under the License.
  15  */
  16 //
  17 //
  18 //
  19 //
  20 //  @ Project : Access Control Engine
  21 //  @ File Name : PolicyInformationPoint.cpp
  22 //  @ Date : 2009-05-06
  23 //  @ Author : Samsung
  24 //
  25 //
  26 #include <dpl/ace/PolicyInformationPoint.h>
  27
  28 #include <map>
  29 #include <dpl/log/log.h>
  30
  31 #include <dpl/assert.h>
  32 #include <dpl/foreach.h>
  33
  34 #include <dpl/ace/Attribute.h>
  35 #include <dpl/ace-dao-ro/BaseAttribute.h>
  36
  37 using namespace AceDB;
  38
  39 PolicyInformationPoint::~PolicyInformationPoint()
  40 {
  41 }
  42
  43 /* gather attributes values from adequate interfaces */
  44 PipResponse PolicyInformationPoint::getAttributesValues(const Request* request,
  45         AttributeSet* attributes)
  46 {
  47     int subjectReturn = 0;
  48     int resourceReturn = 0;
  49     int operationReturn = 0;
  50     int functionReturn = 0;
  51     /* create query lists  */
  52     createQueries(attributes);
  53
  54     /* check if subject attributes query has any elements*/
  55     if (!subjectAttributesQuery.empty()) {
  56         /* get Subject Attributes */
  57         subjectReturn = wrtInterface->getAttributesValues(
  58                 *request,
  59                 &subjectAttributesQuery);
  60     }
  61
  62     AttributeSet::const_iterator iter2;
  63     FOREACH(iter, subjectAttributesQuery)
  64     {
  65         if (iter->second == NULL) {
  66             Attribute attr(*(iter->first));
  67             attr.setType(Attribute::Type::Subject);
  68             iter2 = std::find_if(attributes->begin(),
  69                                  attributes->end(),
  70                                  BaseAttribute::UnaryPredicate(&attr));
  71             Assert(iter2 != attributes->end() && "This should not happen, "
  72                    "the attribute MUST be in attribute set");
  73             (*iter2)->setUndetermind(true);
  74         }
  75     }
  76
  77     /* check if resource  attributes query has any elements*/
  78     if (!resourceAttributesQuery.empty()) {
  79         /* get Resource Attributes */
  80         resourceReturn = resourceInformation->getAttributesValues(
  81                 *request,
  82                 &resourceAttributesQuery);
  83         /* error analyzys*/
  84         resourceReturn <<= ERROR_SHIFT_RESOURCE;
  85     }
  86
  87     FOREACH(iter, resourceAttributesQuery)
  88     {
  89         if (iter->second == NULL) {
  90             LogInfo("Found undetermined attribute");
  91             Attribute attr(*(iter->first));
  92             attr.setType(Attribute::Type::Resource);
  93             iter2 = std::find_if(attributes->begin(),
  94                                  attributes->end(),
  95                                  BaseAttribute::UnaryPredicate(&attr));
  96             Assert(iter2 != attributes->end() && "This should not happen, "
  97                    "the attribute MUST be in attribute set");
  98             (*iter2)->setUndetermind(true);
  99         }
 100     }
 101
 102     /* check if resource  attributes query has any elements*/
 103     if (!environmentAttributesQuery.empty()) {
 104         /* get enviroment attributes  */
 105         operationReturn = operationSystem->getAttributesValues(
 106                 *request,
 107                 &environmentAttributesQuery);
 108         /* error analyzys*/
 109         operationReturn <<= ERROR_SHIFT_OS;
 110     }
 111
 112     FOREACH(iter, environmentAttributesQuery)
 113     {
 114         if (iter->second == NULL) {
 115             //it doesnt change uniqueness of a set element so we can const_cast
 116             Attribute attr(*(iter->first));
 117             attr.setType(Attribute::Type::Environment);
 118             iter2 = find_if(attributes->begin(),
 119                             attributes->end(),
 120                             BaseAttribute::UnaryPredicate(&attr));
 121             Assert(iter2 != attributes->end() && "This should not happen, "
 122                    "the attribute MUST be in attribute set");
 123             (*iter2)->setUndetermind(true);
 124         }
 125     }
 126
 127     /* check if functionParam attributes query has any elements*/
 128     if (!functionParamAttributesQuery.empty() && request->getFunctionParam()) {
 129         /* get params attributes  */
 130         functionReturn = request->getFunctionParam()->getAttributesValues(
 131                 *request,
 132                 &functionParamAttributesQuery);
 133         /* error analyzys*/
 134         functionReturn <<= ERROR_SHIFT_FP;
 135     }
 136
 137     FOREACH(iter, functionParamAttributesQuery)
 138     {
 139         if (iter->second == NULL) {
 140             //it doesnt change uniqueness of a set element so we can const_cast
 141             Attribute attr(*(iter->first));
 142             attr.setType(Attribute::Type::FunctionParam);
 143             iter2 = find_if(attributes->begin(),
 144                             attributes->end(),
 145                             BaseAttribute::UnaryPredicate(&attr));
 146             Assert(iter2 != attributes->end() && "This should not happen, "
 147                    "the attribute MUST be in attribute set");
 148             (*iter2)->setUndetermind(true);
 149         }
 150     }
 151
 152     /** clear query lists*/
 153     resourceAttributesQuery.clear();
 154     environmentAttributesQuery.clear();
 155     subjectAttributesQuery.clear();
 156     functionParamAttributesQuery.clear();
 157
 158     return subjectReturn | resourceReturn | operationReturn | functionReturn;
 159 }
 160
 161 /** create query lists */
 162 void PolicyInformationPoint::createQueries(AttributeSet* attributes)
 163 {
 164     AttributeSet::const_iterator it;
 165
 166     enum Attribute::Type type;
 167
 168     /**iterate  all attributes and split them into adequate query  */
 169     FOREACH (it, *attributes) {
 170         type = (*it)->getType();
 171
 172         switch (type) {
 173         case Attribute::Type::Subject:
 174             subjectAttributesQuery.push_back(ATTRIBUTE((*it)->getName(),
 175                                                        (*it)->getValue()));
 176             break;
 177
 178         case Attribute::Type::Environment:
 179             environmentAttributesQuery.push_back(ATTRIBUTE((*it)->getName(),
 180                                                            (*it)->getValue()));
 181             break;
 182
 183         case Attribute::Type::Resource:
 184             resourceAttributesQuery.push_back(ATTRIBUTE((*it)->getName(),
 185                                                         (*it)->getValue()));
 186             break;
 187
 188         case Attribute::Type::FunctionParam:
 189             functionParamAttributesQuery.push_back(ATTRIBUTE((*it)->getName(),
 190                                                              (*it)->getValue()));
 191             break;
 192
 193         default:
 194             break;
 195         }
 196     }
 197 }
 198