ArcSec::Policy Class Reference
Interface for containing and processing different types of policy. More...
#include <Policy.h>
Public Member Functions | |
| Policy (Arc::PluginArgument *parg) | |
| Policy (const Arc::XMLNode, Arc::PluginArgument *parg) | |
| Policy (const Arc::XMLNode, EvaluatorContext *, Arc::PluginArgument *parg) | |
| virtual | operator bool (void) const =0 |
| virtual MatchResult | match (EvaluationCtx *)=0 |
| virtual Result | eval (EvaluationCtx *)=0 |
| virtual void | addPolicy (Policy *pl) |
| virtual void | setEvaluatorContext (EvaluatorContext *) |
| virtual void | make_policy () |
| virtual std::string | getEffect () const =0 |
| virtual EvalResult & | getEvalResult ()=0 |
| virtual void | setEvalResult (EvalResult &res)=0 |
| virtual const char * | getEvalName () const =0 |
| virtual const char * | getName () const =0 |
Detailed Description
Interface for containing and processing different types of policy.
Basically, each policy object is a container which includes a few elements e.g., ArcPolicySet objects includes a few ArcPolicy objects; ArcPolicy object includes a few ArcRule objects. There is logical relationship between ArcRules or ArcPolicies, which is called combining algorithm. According to algorithm, evaluation results from the elements are combined, and then the combined evaluation result is returned to the up-level.
Constructor & Destructor Documentation
| ArcSec::Policy::Policy | ( | const Arc::XMLNode | , | |
| Arc::PluginArgument * | parg | |||
| ) | [inline] |
Template constructor - creates policy based on XML document.
If XML document is empty then empty policy is created. If it is not empty then it must be valid policy document - otherwise created object should be invalid.
| ArcSec::Policy::Policy | ( | const Arc::XMLNode | , | |
| EvaluatorContext * | , | |||
| Arc::PluginArgument * | parg | |||
| ) | [inline] |
Template constructor - creates policy based on XML document.
If XML document is empty then empty policy is created. If it is not empty then it must be valid policy document - otherwise created object should be invalid. This constructor is based on the policy node and i the EvaluatorContext which includes the factory objects for combining algorithm and function
Member Function Documentation
| virtual void ArcSec::Policy::addPolicy | ( | Policy * | pl | ) | [inline, virtual] |
Add a policy element to into "this" object
| virtual Result ArcSec::Policy::eval | ( | EvaluationCtx * | ) | [pure virtual] |
Evaluate policy For the <Rule> of Arc, only get the "Effect" from rules; For the <Policy> of Arc, combine the evaluation result from <Rule>; For the <Rule> of XACML, evaluate the <Condition> node by using information from request, and use the "Effect" attribute of <Rule>; For the <Policy> of XACML, combine the evaluation result from <Rule>
| virtual std::string ArcSec::Policy::getEffect | ( | ) | const [pure virtual] |
Get the "Effect" attribute
| virtual const char* ArcSec::Policy::getEvalName | ( | ) | const [pure virtual] |
Get the name of Evaluator which can evaluate this policy
| virtual EvalResult& ArcSec::Policy::getEvalResult | ( | ) | [pure virtual] |
Get eveluation result
| virtual const char* ArcSec::Policy::getName | ( | ) | const [pure virtual] |
Get the name of this policy
| virtual void ArcSec::Policy::make_policy | ( | ) | [inline, virtual] |
Parse XMLNode, and construct the low-level Rule object
| virtual void ArcSec::Policy::setEvalResult | ( | EvalResult & | res | ) | [pure virtual] |
Set eveluation result
| virtual void ArcSec::Policy::setEvaluatorContext | ( | EvaluatorContext * | ) | [inline, virtual] |
Set Evaluator Context for the usage in creating low-level policy object
The documentation for this class was generated from the following file:
