Examples of com.sun.xacml.cond.EvaluationResult

• com.sun.xacml.cond.EvaluationResult
  This is used in cases where a normal result is some AttributeValue, but if an attribute couldn't be resolved (or some other problem occurred), then a Status object needs to be returned instead. This is used instead of throwing an exception for performance, but mainly because failure to resolve an attribute is not an error case for the code, merely for the evaluation, and represents normal operation. Separate exception types will be added later to represent errors in pdp operation. @since 1.0 @author Seth Proctor

    }

    public EvaluationResult evaluate(List<? extends Expression> inputs, EvaluationCtx context) {

        AttributeValue[] argValues = new AttributeValue[inputs.size()];
        EvaluationResult result = evalArgs(inputs, context, argValues);
        if (result != null)
            return result;

        GeometryAttribute[] geomAttrs = new GeometryAttribute[2];
        geomAttrs[0] = (GeometryAttribute) (argValues[0]);

     *
     * @return the result of trying to match the TargetMatch and the request
     */
    public MatchResult match(EvaluationCtx context) {
        // start by evaluating the AD/AS
        EvaluationResult result = eval.evaluate(context);

        if (result.indeterminate()) {
            // in this case, we don't ask the function for anything, and we
            // simply return INDETERMINATE
            return new MatchResult(MatchResult.INDETERMINATE, result.getStatus());
        }

        // an AD/AS will always return a bag
        BagAttribute bag = (BagAttribute) (result.getAttributeValue());

        if (!bag.isEmpty()) {
            // we got back a set of attributes, so we need to iterate through
            // them, seeing if at least one matches
            Iterator<AttributeValue> it = bag.iterator();

    /**
     * Private helper that evaluates an individual match.
     */
    private MatchResult evaluateMatch(List<AttributeValue> inputs, EvaluationCtx context) {
        // first off, evaluate the function
        EvaluationResult result = function.evaluate(inputs, context);

        // if it was indeterminate, then that's what we return immediately
        if (result.indeterminate())
            return new MatchResult(MatchResult.INDETERMINATE, result.getStatus());

        // otherwise, we figure out if it was a match
        BooleanAttribute bool = (BooleanAttribute) (result.getAttributeValue());

        if (bool.getValue())
            return new MatchResult(MatchResult.MATCH);
        else
            return new MatchResult(MatchResult.NO_MATCH);

     *
     * @return a result containing a bag either empty because no values were found or containing at
     *         least one value, or status associated with an Indeterminate result
     */
    public EvaluationResult evaluate(EvaluationCtx context) {
        EvaluationResult result = null;

        // look in the right section for some attribute values
        switch (target) {
        case SUBJECT_TARGET:
            result = context.getSubjectAttribute(type, id, issuer, subjectCategory);
            break;
        case RESOURCE_TARGET:
            result = context.getResourceAttribute(type, id, issuer);
            break;
        case ACTION_TARGET:
            result = context.getActionAttribute(type, id, issuer);
            break;
        case ENVIRONMENT_TARGET:
            result = context.getEnvironmentAttribute(type, id, issuer);
            break;
        }

        // if the lookup was indeterminate, then we return immediately
        if (result.indeterminate())
            return result;

        BagAttribute bag = (BagAttribute) (result.getAttributeValue());

        if (bag.isEmpty()) {
            // if it's empty, this may be an error
            if (mustBePresent) {
                if (logger.isLoggable(Level.INFO))
                    logger.info("AttributeDesignator failed to resolve a "
                            + "value for a required attribute: " + id.toString());

                ArrayList<String> code = new ArrayList<String>();
                code.add(Status.STATUS_MISSING_ATTRIBUTE);

                String message = "Couldn't find " + targetTypes[target]
                        + "AttributeDesignator attribute";

                // Note that there is a bug in the XACML spec. You can't
                // specify an identifier without specifying acceptable
                // values. Until this is fixed, this code will only
                // return the status code, and not any hints about what
                // was missing

                /*
                 * List attrs = new ArrayList(); attrs.add(new Attribute(id, ((issuer == null) ?
                 * null : issuer.toString()), null, null)); StatusDetail detail = new
                 * StatusDetail(attrs);
                 */

                return new EvaluationResult(new Status(code, message));
            }
        }

        // if we got here the bag wasn't empty, or mustBePresent was false,
        // so we just return the result

     *            the representation of the request
     *
     * @return a successful evaluation containing this value
     */
    public EvaluationResult evaluate(EvaluationCtx context) {
        return new EvaluationResult(this);
    }

        // if there's no condition, then we just return the effect...
        if (condition == null)
            return new Result(effectAttr, context.getResourceId().encode());

        // ...otherwise we evaluate the condition
        EvaluationResult result = condition.evaluate(context);

        if (result.indeterminate()) {
            // if it was INDETERMINATE, then that's what we return
            return new Result(Result.DECISION_INDETERMINATE, result.getStatus(), context
                    .getResourceId().encode());
        } else {
            // otherwise we return the effect on tue, and NA on false
            BooleanAttribute bool = (BooleanAttribute) (result.getAttributeValue());

            if (bool.getValue())
                return new Result(effectAttr, context.getResourceId().encode());
            else
                return new Result(Result.DECISION_NOT_APPLICABLE, context.getResourceId().encode());

            return callHelper(type, id, issuer, category, designatorType);
        }

        // if we got here, then we found at least one useful AttributeValue
        return new EvaluationResult(new BagAttribute(type, attributes));
    }

            return finder.findAttribute(type, id, issuer, category, this, adType);
        } else {
            logger.warning("Context tried to invoke AttributeFinder but was "
                    + "not configured with one");

            return new EvaluationResult(BagAttribute.createEmptyBag(type));
        }
    }

            return finder.findAttribute(contextPath, namespaceNode, type, this, xpathVersion);
        } else {
            logger.warning("Context tried to invoke AttributeFinder but was "
                    + "not configured with one");

            return new EvaluationResult(BagAttribute.createEmptyBag(type));
        }
    }

    public EvaluationResult evaluate(List<? extends Expression> inputs, EvaluationCtx context) {

        // Evaluate the arguments
        AttributeValue[] argValues = new AttributeValue[inputs.size()];
        EvaluationResult result = evalArgs(inputs, context, argValues);

        // make sure we didn't get an error in processing the args
        if (result != null)
            return result;