2 * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 // @ Project : Access Control Engine
20 // @ File Name : PolicyEvaluator.h
21 // @ Date : 2009-05-06
26 #ifndef _POLICY_EVALUATOR_H
27 #define _POLICY_EVALUATOR_H
33 #ifdef DBUS_CONNECTION
34 #include <dpl/event/event_listener.h>
36 #include <dpl/log/log.h>
37 #include <dpl/noncopyable.h>
39 #include <ace/AsyncVerdictResultListener.h>
40 #include <ace/Attribute.h>
41 #include <ace/ConfigurationManager.h>
42 #include <ace/Constants.h>
43 #include <ace/Effect.h>
44 #include <ace/Policy.h>
45 #include <ace/PolicyInformationPoint.h>
46 #include <ace/PolicyResult.h>
47 #include <ace/Request.h>
48 #include <ace/Subject.h>
49 #include <ace/Verdict.h>
50 #include <ace/UserDecision.h>
51 #include <ace/CombinerImpl.h>
54 class PolicyEvaluator : DPL::Noncopyable
59 * Internal method used to initiate policy evaluation. Called after attribute set has been fetched
61 * @param root root of the policies tree to be evaluated
63 virtual ExtendedEffect evaluatePolicies(const TreeNode * root);
68 POLICY_PARSING_SUCCESS = 0,
69 POLICY_FILE_ERROR = 1,
70 PARSER_CREATION_ERROR,
74 AttributeSet m_attributeSet;
76 TreeNode *m_uniform_policy, *m_wac_policy, *m_tizen_policy;
77 std::string m_currentPolicyFile;
78 PolicyType m_policy_to_use;
80 Combiner * m_combiner;
81 AsyncVerdictResultListener * m_verdictListener;
82 PolicyInformationPoint * m_pip;
85 * @return current policy Tree acc. to m_policy_to_use
87 TreeNode * getCurrentPolicyTree();
90 * Method used to extract attributes from subtree defined by PolicySet
91 * @param root original TreeStructure root node
92 * @param newRoot copy of TreeStructure containing only policies that matches current request
95 void extractAttributesFromSubtree(const TreeNode *root);
98 * Method used to extract attributes from Tree Structure
99 * @return pointer to set of attributes needed to evaluate current request
100 * @return if extraction has been successful
101 * TODO return reducte tree structure
102 * TODO change comments
104 bool extractAttributesFromRules(const TreeNode *);
107 * Extracts attributes from target of a given policy that are required to be fetched by PIP
109 void extractTargetAttributes(const Policy *policy);
110 bool extractAttributes(TreeNode*);
112 OptionalExtendedPolicyResult getPolicyForRequestInternal(bool fromCacheOnly);
113 PolicyResult effectToPolicyResult(Effect effect);
116 * Return safe policy tree in case of error with loading policy from file
118 TreeNode * getDefaultSafePolicyTree(void);
121 PolicyEvaluator(PolicyInformationPoint * pip);
123 bool extractAttributesTest()
125 m_attributeSet.clear();
126 if (!extractAttributes(m_uniform_policy)) {
127 LogInfo("Warnign attribute set cannot be extracted. Returning Deny");
131 return extractAttributes(m_uniform_policy);
134 AttributeSet * getAttributeSet()
136 return &m_attributeSet;
139 virtual bool initPDP();
140 virtual ~PolicyEvaluator();
141 virtual ExtendedPolicyResult getPolicyForRequest(const Request &request);
142 virtual OptionalExtendedPolicyResult getPolicyForRequestFromCache(
143 const Request &request);
144 virtual OptionalExtendedPolicyResult getPolicyForRequest(const Request &request,
146 bool fillAttributeWithPolicy();
148 virtual int updatePolicy(const char *);
149 // This function updates policy from well known locations
150 virtual void updatePolicy();
152 std::string getCurrentPolicy();
155 #endif //_POLICYEVALUATOR_H