1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
package org.openpermis.editor.policy.presenter; |
11 | |
|
12 | |
import java.awt.Color; |
13 | |
import java.net.URI; |
14 | |
import java.util.ArrayList; |
15 | |
import java.util.Date; |
16 | |
import java.util.HashSet; |
17 | |
import java.util.List; |
18 | |
import java.util.Set; |
19 | |
import java.util.TimeZone; |
20 | |
|
21 | |
import javax.swing.table.DefaultTableModel; |
22 | |
|
23 | |
import org.jdesktop.observablecollections.ObservableCollections; |
24 | |
import org.jdesktop.observablecollections.ObservableList; |
25 | |
|
26 | |
import org.openpermis.Subject; |
27 | |
import org.openpermis.basic.PartialTime; |
28 | |
import org.openpermis.basic.TimePeriod; |
29 | |
import org.openpermis.editor.policy.beans.PropertyChange; |
30 | |
import org.openpermis.editor.policy.gui.binding.ObservableListAdapter; |
31 | |
import org.openpermis.policy.AccessDecision; |
32 | |
import org.openpermis.policy.Action; |
33 | |
import org.openpermis.policy.Authority; |
34 | |
import org.openpermis.policy.Domain; |
35 | |
import org.openpermis.policy.Role; |
36 | |
import org.openpermis.policy.TimeStamp; |
37 | |
import org.openpermis.policy.ParameterList.Parameter; |
38 | |
import org.openpermis.policy.bean.ActionBean; |
39 | |
import org.openpermis.policy.bean.AuthorityBean; |
40 | |
import org.openpermis.policy.bean.PolicyBean; |
41 | |
import org.openpermis.policy.bean.TargetBean; |
42 | |
import org.openpermis.policy.predicate.TimeConstant; |
43 | |
|
44 | |
|
45 | |
|
46 | |
|
47 | |
|
48 | |
|
49 | 2 | public class DecisionPresenter |
50 | |
extends PartPresenter<PolicyBean> |
51 | |
implements Subject |
52 | |
{ |
53 | |
|
54 | |
|
55 | |
|
56 | |
|
57 | |
|
58 | |
|
59 | 120 | private static enum Decision { |
60 | 1 | INCOMPLETE(Color.YELLOW), |
61 | 1 | GRANTED(Color.GREEN), |
62 | 1 | DENIED(Color.RED), |
63 | 1 | INVALID(Color.MAGENTA); |
64 | |
|
65 | |
private Color color; |
66 | |
|
67 | 4 | private Decision (Color color) { |
68 | 4 | this.color = color; |
69 | 4 | } |
70 | |
} |
71 | |
|
72 | |
|
73 | |
|
74 | |
@SuppressWarnings("serial") |
75 | 9 | class ParameterTableModel extends DefaultTableModel { |
76 | |
|
77 | |
|
78 | |
|
79 | |
private static final int THREE = 3; |
80 | |
|
81 | |
|
82 | |
|
83 | 9 | private List<Object> parameters = new ArrayList<Object>(); |
84 | |
|
85 | 9 | private boolean triggeredByThis = false; |
86 | |
|
87 | |
|
88 | |
|
89 | |
public List<?> getParameters () { |
90 | 38 | return this.parameters; |
91 | |
} |
92 | |
|
93 | |
|
94 | |
|
95 | |
public void fireTableDataChanged () { |
96 | 59 | if (!this.triggeredByThis) { |
97 | 59 | if (getAction() == null) { |
98 | 21 | return; |
99 | |
} |
100 | 38 | this.parameters = new ArrayList<Object>(getRowCount()); |
101 | 38 | for (Parameter p : getAction().getParameters()) { |
102 | 0 | this.parameters.add(parseArgument(p.getType(), null)); |
103 | |
} |
104 | 38 | super.fireTableDataChanged(); |
105 | |
} |
106 | 38 | this.triggeredByThis = false; |
107 | 38 | } |
108 | |
|
109 | |
public int getRowCount () { |
110 | 56 | if (getAction() != null) { |
111 | 38 | return getAction().getParameters().getParameterCount(); |
112 | |
} |
113 | 18 | return 0; |
114 | |
} |
115 | |
|
116 | |
public int getColumnCount () { |
117 | 0 | return THREE; |
118 | |
} |
119 | |
|
120 | |
public boolean isCellEditable (int row, int column) { |
121 | 0 | if (column < 2) { |
122 | 0 | return false; |
123 | |
} |
124 | 0 | return true; |
125 | |
} |
126 | |
|
127 | |
public Object getValueAt (int row, int column) { |
128 | 0 | if (column == 0) { |
129 | 0 | return getAction().getParameters().getType(row).getSimpleName(); |
130 | 0 | } else if (column == 1) { |
131 | 0 | return getAction().getParameters().getName(row); |
132 | 0 | } else if (column == 2) { |
133 | 0 | return this.parameters.get(row).toString(); |
134 | |
} |
135 | 0 | return ""; |
136 | |
} |
137 | |
|
138 | |
public void setValueAt (Object aValue, int row, int column) { |
139 | 0 | if (column == 2) { |
140 | 0 | this.parameters.set( |
141 | |
row, |
142 | |
parseArgument( |
143 | |
getAction().getParameters().getType(row), |
144 | |
(String) aValue |
145 | |
) |
146 | |
); |
147 | 0 | this.triggeredByThis = true; |
148 | 0 | computeDecision(); |
149 | |
} |
150 | 0 | } |
151 | |
} |
152 | |
|
153 | |
|
154 | |
|
155 | |
|
156 | |
|
157 | |
|
158 | |
private Authority authority; |
159 | |
|
160 | |
|
161 | |
|
162 | |
|
163 | |
private Domain resourceDomain; |
164 | |
|
165 | |
|
166 | |
|
167 | |
|
168 | |
private ActionBean action; |
169 | |
|
170 | |
|
171 | |
|
172 | |
|
173 | |
private ObservableList<Role> selectedRoles; |
174 | |
|
175 | |
|
176 | |
|
177 | |
|
178 | |
private ObservableListAdapter<Role> selectedRolesListener; |
179 | |
|
180 | |
|
181 | |
|
182 | |
|
183 | |
private TimeStamp evaluationTimeStamp; |
184 | |
|
185 | |
|
186 | |
|
187 | |
|
188 | 9 | private Decision decision = Decision.INCOMPLETE; |
189 | |
|
190 | |
|
191 | |
|
192 | |
|
193 | 9 | private ParameterTableModel parameterTableModel = new ParameterTableModel(); |
194 | |
|
195 | |
|
196 | |
|
197 | |
|
198 | |
|
199 | |
|
200 | |
|
201 | |
public DecisionPresenter (PolicyBean policy, PolicyContext context) { |
202 | 9 | super(policy, context); |
203 | 9 | this.evaluationTimeStamp = new TimeStamp(new Date(), TimeZone.getDefault()); |
204 | 9 | createSelectedRoles(); |
205 | 9 | chooseDefaults(); |
206 | 9 | } |
207 | |
|
208 | |
|
209 | |
|
210 | |
|
211 | |
|
212 | |
|
213 | |
private void chooseDefaults () { |
214 | 9 | chooseDefaultAuthority(); |
215 | 9 | chooseDefaultResourceDomain(); |
216 | 9 | chooseDefaultAction(); |
217 | 9 | } |
218 | |
|
219 | |
|
220 | |
|
221 | |
|
222 | |
private void chooseDefaultAuthority () { |
223 | 9 | final List<AuthorityBean> authorityList = getModel().getPartsList(AuthorityBean.class); |
224 | 9 | if (!authorityList.isEmpty()) { |
225 | 9 | setAuthority(authorityList.get(0)); |
226 | |
} |
227 | 9 | } |
228 | |
|
229 | |
|
230 | |
|
231 | |
|
232 | |
private void chooseDefaultResourceDomain () { |
233 | 9 | final List<TargetBean> targetList = getModel().getPartsList(TargetBean.class); |
234 | 9 | if (!targetList.isEmpty()) { |
235 | 9 | setResourceDomain(targetList.get(0).getResourceDomain()); |
236 | |
} |
237 | 9 | } |
238 | |
|
239 | |
|
240 | |
|
241 | |
|
242 | |
private void chooseDefaultAction () { |
243 | 9 | final List<ActionBean> actionList = getModel().getPartsList(ActionBean.class); |
244 | 9 | if (!actionList.isEmpty()) { |
245 | 9 | setAction(actionList.get(0)); |
246 | |
} |
247 | 9 | } |
248 | |
|
249 | |
|
250 | |
|
251 | |
|
252 | |
|
253 | |
|
254 | |
public Authority getAuthority () { |
255 | 66 | return this.authority; |
256 | |
} |
257 | |
|
258 | |
|
259 | |
|
260 | |
|
261 | |
|
262 | |
|
263 | |
public void setAuthority (Authority authority) { |
264 | 19 | final Authority oldValue = this.authority; |
265 | 19 | this.authority = authority; |
266 | 19 | firePropertyChange("authority", oldValue, this.authority); |
267 | 19 | computeDecision(); |
268 | 19 | } |
269 | |
|
270 | |
|
271 | |
|
272 | |
|
273 | |
|
274 | |
|
275 | |
public Domain getResourceDomain () { |
276 | 98 | return this.resourceDomain; |
277 | |
} |
278 | |
|
279 | |
|
280 | |
|
281 | |
|
282 | |
|
283 | |
|
284 | |
public void setResourceDomain (Domain domain) { |
285 | 19 | final Domain oldValue = this.resourceDomain; |
286 | 19 | this.resourceDomain = domain; |
287 | 19 | firePropertyChange("resourceDomain", oldValue, this.resourceDomain); |
288 | 19 | computeDecision(); |
289 | 19 | } |
290 | |
|
291 | |
|
292 | |
|
293 | |
|
294 | |
|
295 | |
|
296 | |
public ActionBean getAction () { |
297 | 280 | return this.action; |
298 | |
} |
299 | |
|
300 | |
|
301 | |
|
302 | |
|
303 | |
|
304 | |
|
305 | |
public void setAction (ActionBean action) { |
306 | 17 | final Action oldValue = this.action; |
307 | 17 | this.action = action; |
308 | 17 | firePropertyChange("action", oldValue, this.action); |
309 | 17 | computeDecision(); |
310 | 17 | } |
311 | |
|
312 | |
|
313 | |
|
314 | |
|
315 | |
private void createSelectedRoles () { |
316 | 9 | this.selectedRoles = ObservableCollections.observableList(new ArrayList<Role>()); |
317 | 9 | this.selectedRolesListener = new ObservableListAdapter<Role>() { |
318 | |
@Override |
319 | 9 | protected void listChanged (ObservableList<Role> list) { |
320 | 2 | computeDecision(); |
321 | 2 | } |
322 | |
}; |
323 | 9 | this.selectedRoles.addObservableListListener(this.selectedRolesListener); |
324 | 9 | } |
325 | |
|
326 | |
|
327 | |
|
328 | |
|
329 | |
|
330 | |
|
331 | |
public ObservableList<Role> getSelectedRoles () { |
332 | 39 | return this.selectedRoles; |
333 | |
} |
334 | |
|
335 | |
|
336 | |
|
337 | |
|
338 | |
|
339 | |
|
340 | |
public TimeStamp getEvaluationTimeStamp () { |
341 | 1 | return this.evaluationTimeStamp; |
342 | |
} |
343 | |
|
344 | |
|
345 | |
|
346 | |
|
347 | |
|
348 | |
|
349 | |
public void setEvaluationTimeStamp (TimeStamp timeStamp) { |
350 | 2 | final TimeStamp old = this.evaluationTimeStamp; |
351 | 2 | this.evaluationTimeStamp = timeStamp; |
352 | 2 | firePropertyChange("evaluationTimeStamp", old, timeStamp); |
353 | 2 | computeDecision(); |
354 | 2 | } |
355 | |
|
356 | |
|
357 | |
|
358 | |
|
359 | |
|
360 | |
|
361 | |
public String getDecisionText () { |
362 | 1 | return this.decision.name(); |
363 | |
} |
364 | |
|
365 | |
|
366 | |
|
367 | |
|
368 | |
|
369 | |
|
370 | |
public Color getDecisionColor () { |
371 | 1 | return this.decision.color; |
372 | |
} |
373 | |
|
374 | |
|
375 | |
|
376 | |
|
377 | |
private void computeDecision () { |
378 | 59 | final Decision oldValue = this.decision; |
379 | 59 | Decision newValue = Decision.INCOMPLETE; |
380 | 59 | if (!getModel().isValid(null)) { |
381 | 0 | newValue = Decision.INVALID; |
382 | 59 | } else if ( |
383 | |
getAuthority() != null && |
384 | |
getResourceDomain() != null && |
385 | |
getAction() != null |
386 | |
) { |
387 | 38 | final URI resourceUri = getResourceDomain().getIdentity(); |
388 | 38 | final String actionName = getAction().getName(); |
389 | 38 | final AccessDecision ad = getModel().getAccessDecision( |
390 | |
this, |
391 | |
resourceUri, |
392 | |
actionName, |
393 | |
this.parameterTableModel.getParameters(), |
394 | |
this.evaluationTimeStamp |
395 | |
); |
396 | 38 | newValue = ad.isAccessGranted() ? Decision.GRANTED : Decision.DENIED; |
397 | |
} |
398 | 59 | this.decision = newValue; |
399 | 59 | firePropertyChange("decisionText", oldValue.name(), newValue.name()); |
400 | 59 | firePropertyChange("decisionColor", oldValue.color, newValue.color); |
401 | 59 | this.parameterTableModel.fireTableDataChanged(); |
402 | 59 | } |
403 | |
|
404 | |
|
405 | |
|
406 | |
|
407 | |
public ParameterTableModel getParameterTableModel () { |
408 | 0 | return this.parameterTableModel; |
409 | |
} |
410 | |
|
411 | |
|
412 | |
|
413 | |
|
414 | |
private Object parseArgument (Class<?> type, String valueAsString) { |
415 | |
try { |
416 | 0 | if (valueAsString != null) { |
417 | 0 | if (type == Boolean.class) { |
418 | 0 | return Boolean.valueOf(valueAsString); |
419 | 0 | } else if (type == Double.class) { |
420 | 0 | return Double.valueOf(valueAsString); |
421 | 0 | } else if (type == Integer.class) { |
422 | 0 | return Integer.valueOf(valueAsString); |
423 | 0 | } else if (type == String.class) { |
424 | 0 | return valueAsString; |
425 | 0 | } else if (type == Object.class) { |
426 | 0 | return new Object(); |
427 | 0 | } else if (type == TimeConstant.class) { |
428 | 0 | return new TimeConstant(new PartialTime(new Date())); |
429 | |
} |
430 | |
} |
431 | 0 | } catch (Exception e) { |
432 | |
|
433 | |
|
434 | 0 | } |
435 | 0 | if (type == Boolean.class) { |
436 | 0 | return Boolean.FALSE; |
437 | 0 | } else if (type == Double.class) { |
438 | 0 | return Double.valueOf(0.0); |
439 | 0 | } else if (type == Integer.class) { |
440 | 0 | return Integer.valueOf(0); |
441 | 0 | } else if (type == String.class) { |
442 | 0 | return ""; |
443 | 0 | } else if (type == Object.class) { |
444 | 0 | return new Object(); |
445 | 0 | } else if (type == TimeConstant.class) { |
446 | 0 | return new TimeConstant(new PartialTime(new Date())); |
447 | |
} |
448 | 0 | throw new IllegalStateException("Unknown argument type: " + type); |
449 | |
} |
450 | |
|
451 | |
|
452 | |
|
453 | |
|
454 | |
@PropertyChange(bean = PolicyBean.class) |
455 | |
public void policyChanged () { |
456 | 0 | computeDecision(); |
457 | 0 | } |
458 | |
|
459 | |
|
460 | |
|
461 | |
|
462 | |
|
463 | |
|
464 | |
public Set<Role> getAssignedRoles (TimeStamp timeStamp, Set<Role> roles) { |
465 | 37 | final Set<Role> result = new HashSet<Role>(getSelectedRoles()); |
466 | 37 | result.retainAll(roles); |
467 | 37 | return result; |
468 | |
} |
469 | |
|
470 | |
|
471 | |
|
472 | |
|
473 | |
public Set<Subject> getIssuersOf (Role role) { |
474 | 4 | final Set<Subject> result = new HashSet<Subject>(); |
475 | 4 | result.add(getAuthority()); |
476 | 4 | return result; |
477 | |
} |
478 | |
|
479 | |
|
480 | |
|
481 | |
|
482 | |
public TimePeriod getValidityOf (Role role, Subject issuer) { |
483 | 2 | return TimePeriod.INFINITE; |
484 | |
} |
485 | |
|
486 | |
|
487 | |
|
488 | |
|
489 | |
public URI getIdentity () { |
490 | 2 | return getAuthority().getIdentity(); |
491 | |
} |
492 | |
|
493 | |
|
494 | |
|
495 | |
|
496 | |
public boolean identityMandatory () { |
497 | 0 | return false; |
498 | |
} |
499 | |
|
500 | |
} |