Class Policy

  • Direct Known Subclasses:
    Model

    public class Policy
    extends java.lang.Object
    Policy represents the whole access control policy user defined.
    • Field Summary

      Fields 
      Modifier and Type Field Description
      java.util.Map<java.lang.String,​java.util.Map<java.lang.String,​Assertion>> model  
    • Constructor Summary

      Constructors 
      Constructor Description
      Policy()  
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean addPolicies​(java.lang.String sec, java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)
      addPolicies adds policy rules to the model.
      boolean addPolicy​(java.lang.String sec, java.lang.String ptype, java.util.List<java.lang.String> rule)
      addPolicy adds a policy rule to the model.
      void buildConditionalRoleLinks​(java.util.Map<java.lang.String,​ConditionalRoleManager> condRmMap)
      buildConditionalRoleLinks initializes the roles in RBAC.
      void buildIncrementalConditionalRoleLinks​(java.util.Map<java.lang.String,​ConditionalRoleManager> condRmMap, Model.PolicyOperations op, java.lang.String sec, java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)
      buildIncrementalConditionalRoleLinks provides incremental build the role inheritance relations.
      void buildIncrementalRoleLinks​(java.util.Map<java.lang.String,​RoleManager> rmMap, Model.PolicyOperations op, java.lang.String sec, java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)  
      void buildRoleLinks​(java.util.Map<java.lang.String,​RoleManager> rmMap)
      buildRoleLinks initializes the roles in RBAC.
      void clearPolicy()
      clearPolicy clears all current policy.
      java.util.List<java.util.List<java.lang.String>> getFilteredPolicy​(java.lang.String sec, java.lang.String ptype, int fieldIndex, java.lang.String... fieldValues)
      getFilteredPolicy gets rules based on field filters from a policy.
      java.util.List<java.util.List<java.lang.String>> getPolicy​(java.lang.String sec, java.lang.String ptype)
      getPolicy gets all rules in a policy.
      java.util.List<java.lang.String> getValuesForFieldInPolicy​(java.lang.String sec, java.lang.String ptype, int fieldIndex)
      getValuesForFieldInPolicy gets all values for a field for all rules in a policy, duplicated values are removed.
      boolean hasPolicies​(java.lang.String sec, java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)  
      boolean hasPolicy​(java.lang.String sec, java.lang.String ptype, java.util.List<java.lang.String> rule)
      hasPolicy determines whether a model has the specified policy rule.
      void printPolicy()
      printPolicy prints the policy to log.
      boolean removeFilteredPolicy​(java.lang.String sec, java.lang.String ptype, int fieldIndex, java.lang.String... fieldValues)
      removeFilteredPolicy removes policy rules based on field filters from the model.
      java.util.List<java.util.List<java.lang.String>> removeFilteredPolicyReturnsEffects​(java.lang.String sec, java.lang.String ptype, int fieldIndex, java.lang.String... fieldValues)
      removeFilteredPolicyReturnsEffects removes policy rules based on field filters from the model.
      boolean removePolicies​(java.lang.String sec, java.lang.String ptype, java.util.List<java.util.List<java.lang.String>> rules)
      removePolicies removes rules from the current policy.
      boolean removePolicy​(java.lang.String sec, java.lang.String ptype, java.util.List<java.lang.String> rule)
      removePolicy removes a policy rule from the model.
      java.lang.String savePolicyToText()
      savePolicyToText saves the policy to the text.
      boolean updatePolicy​(java.lang.String sec, java.lang.String ptype, java.util.List<java.lang.String> oldRule, java.util.List<java.lang.String> newRule)
      UpdatePolicy updates a policy rule from the model.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • model

        public java.util.Map<java.lang.String,​java.util.Map<java.lang.String,​Assertion>> model
    • Constructor Detail

      • Policy

        public Policy()
    • Method Detail

      • buildRoleLinks

        public void buildRoleLinks​(java.util.Map<java.lang.String,​RoleManager> rmMap)
        buildRoleLinks initializes the roles in RBAC.
        Parameters:
        rmMap - the role manager map.
      • printPolicy

        public void printPolicy()
        printPolicy prints the policy to log.
      • savePolicyToText

        public java.lang.String savePolicyToText()
        savePolicyToText saves the policy to the text.
        Returns:
        the policy text.
      • clearPolicy

        public void clearPolicy()
        clearPolicy clears all current policy.
      • getPolicy

        public java.util.List<java.util.List<java.lang.String>> getPolicy​(java.lang.String sec,
                                                                          java.lang.String ptype)
        getPolicy gets all rules in a policy.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        Returns:
        the policy rules of section sec and policy type ptype.
      • getFilteredPolicy

        public java.util.List<java.util.List<java.lang.String>> getFilteredPolicy​(java.lang.String sec,
                                                                                  java.lang.String ptype,
                                                                                  int fieldIndex,
                                                                                  java.lang.String... fieldValues)
        getFilteredPolicy gets rules based on field filters from a policy.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        the filtered policy rules of section sec and policy type ptype.
      • hasPolicy

        public boolean hasPolicy​(java.lang.String sec,
                                 java.lang.String ptype,
                                 java.util.List<java.lang.String> rule)
        hasPolicy determines whether a model has the specified policy rule.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        rule - the policy rule.
        Returns:
        whether the rule exists.
      • addPolicy

        public boolean addPolicy​(java.lang.String sec,
                                 java.lang.String ptype,
                                 java.util.List<java.lang.String> rule)
        addPolicy adds a policy rule to the model.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        rule - the policy rule.
        Returns:
        succeeds or not.
      • addPolicies

        public boolean addPolicies​(java.lang.String sec,
                                   java.lang.String ptype,
                                   java.util.List<java.util.List<java.lang.String>> rules)
        addPolicies adds policy rules to the model.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        rules - the policy rules.
        Returns:
        succeeds or not.
      • updatePolicy

        public boolean updatePolicy​(java.lang.String sec,
                                    java.lang.String ptype,
                                    java.util.List<java.lang.String> oldRule,
                                    java.util.List<java.lang.String> newRule)
        UpdatePolicy updates a policy rule from the model.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        oldRule - the old rule.
        newRule - the new rule.
        Returns:
        succeeds or not.
      • removePolicy

        public boolean removePolicy​(java.lang.String sec,
                                    java.lang.String ptype,
                                    java.util.List<java.lang.String> rule)
        removePolicy removes a policy rule from the model.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        rule - the policy rule.
        Returns:
        succeeds or not.
      • removePolicies

        public boolean removePolicies​(java.lang.String sec,
                                      java.lang.String ptype,
                                      java.util.List<java.util.List<java.lang.String>> rules)
        removePolicies removes rules from the current policy.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        rules - the policy rules.
        Returns:
        succeeds or not.
      • removeFilteredPolicyReturnsEffects

        public java.util.List<java.util.List<java.lang.String>> removeFilteredPolicyReturnsEffects​(java.lang.String sec,
                                                                                                   java.lang.String ptype,
                                                                                                   int fieldIndex,
                                                                                                   java.lang.String... fieldValues)
        removeFilteredPolicyReturnsEffects removes policy rules based on field filters from the model.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        succeeds(effects.size () > 0) or not.
      • removeFilteredPolicy

        public boolean removeFilteredPolicy​(java.lang.String sec,
                                            java.lang.String ptype,
                                            int fieldIndex,
                                            java.lang.String... fieldValues)
        removeFilteredPolicy removes policy rules based on field filters from the model.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        fieldIndex - the policy rule's start index to be matched.
        fieldValues - the field values to be matched, value "" means not to match this field.
        Returns:
        succeeds or not.
      • getValuesForFieldInPolicy

        public java.util.List<java.lang.String> getValuesForFieldInPolicy​(java.lang.String sec,
                                                                          java.lang.String ptype,
                                                                          int fieldIndex)
        getValuesForFieldInPolicy gets all values for a field for all rules in a policy, duplicated values are removed.
        Parameters:
        sec - the section, "p" or "g".
        ptype - the policy type, "p", "p2", .. or "g", "g2", ..
        fieldIndex - the policy rule's index.
        Returns:
        the field values specified by fieldIndex.
      • buildIncrementalRoleLinks

        public void buildIncrementalRoleLinks​(java.util.Map<java.lang.String,​RoleManager> rmMap,
                                              Model.PolicyOperations op,
                                              java.lang.String sec,
                                              java.lang.String ptype,
                                              java.util.List<java.util.List<java.lang.String>> rules)
      • hasPolicies

        public boolean hasPolicies​(java.lang.String sec,
                                   java.lang.String ptype,
                                   java.util.List<java.util.List<java.lang.String>> rules)
      • buildIncrementalConditionalRoleLinks

        public void buildIncrementalConditionalRoleLinks​(java.util.Map<java.lang.String,​ConditionalRoleManager> condRmMap,
                                                         Model.PolicyOperations op,
                                                         java.lang.String sec,
                                                         java.lang.String ptype,
                                                         java.util.List<java.util.List<java.lang.String>> rules)
        buildIncrementalConditionalRoleLinks provides incremental build the role inheritance relations.
        Parameters:
        condRmMap - a map of conditional role managers used for role link management.
        op - the operation to perform, such as adding or removing role links.
        sec - the section of the policy, typically "g" for role inheritance.
        ptype - the policy type, which specifies the kind of roles being managed.
        rules - the rules that define the role links to be built.
      • buildConditionalRoleLinks

        public void buildConditionalRoleLinks​(java.util.Map<java.lang.String,​ConditionalRoleManager> condRmMap)
        buildConditionalRoleLinks initializes the roles in RBAC.
        Parameters:
        condRmMap - a map of conditional role managers that manage the role links and their conditions.