Interface for containing and processing different types of policy. More...
#include <Policy.h>
Public Member Functions | |
Policy (Arc::PluginArgument *parg) | |
Policy (const Arc::XMLNode, Arc::PluginArgument *parg) | |
Policy (const Arc::XMLNode, EvaluatorContext *, Arc::PluginArgument *parg) | |
virtual | operator bool (void) const =0 |
virtual MatchResult | match (EvaluationCtx *)=0 |
virtual Result | eval (EvaluationCtx *)=0 |
virtual void | addPolicy (Policy *pl) |
virtual void | setEvaluatorContext (EvaluatorContext *) |
virtual void | make_policy () |
virtual std::string | getEffect () const =0 |
virtual EvalResult & | getEvalResult ()=0 |
virtual void | setEvalResult (EvalResult &res)=0 |
virtual const char * | getEvalName () const =0 |
virtual const char * | getName () const =0 |
Interface for containing and processing different types of policy.
Basically, each policy object is a container which includes a few elements e.g., ArcPolicySet objects includes a few ArcPolicy objects; ArcPolicy object includes a few ArcRule objects. There is logical relationship between ArcRules or ArcPolicies, which is called combining algorithm. According to algorithm, evaluation results from the elements are combined, and then the combined evaluation result is returned to the up-level.
ArcSec::Policy::Policy | ( | const Arc::XMLNode | , | |
Arc::PluginArgument * | parg | |||
) | [inline] |
Template constructor - creates policy based on XML document.
If XML document is empty then empty policy is created. If it is not empty then it must be valid policy document - otherwise created object should be invalid.
ArcSec::Policy::Policy | ( | const Arc::XMLNode | , | |
EvaluatorContext * | , | |||
Arc::PluginArgument * | parg | |||
) | [inline] |
Template constructor - creates policy based on XML document.
If XML document is empty then empty policy is created. If it is not empty then it must be valid policy document - otherwise created object should be invalid. This constructor is based on the policy node and i the EvaluatorContext which includes the factory objects for combining algorithm and function
virtual void ArcSec::Policy::addPolicy | ( | Policy * | pl | ) | [inline, virtual] |
Add a policy element to into "this" object
virtual Result ArcSec::Policy::eval | ( | EvaluationCtx * | ) | [pure virtual] |
Evaluate policy For the <Rule> of Arc, only get the "Effect" from rules; For the <Policy> of Arc, combine the evaluation result from <Rule>; For the <Rule> of XACML, evaluate the <Condition> node by using information from request, and use the "Effect" attribute of <Rule>; For the <Policy> of XACML, combine the evaluation result from <Rule>
virtual std::string ArcSec::Policy::getEffect | ( | ) | const [pure virtual] |
Get the "Effect" attribute
virtual const char* ArcSec::Policy::getEvalName | ( | ) | const [pure virtual] |
Get the name of Evaluator which can evaluate this policy
virtual EvalResult& ArcSec::Policy::getEvalResult | ( | ) | [pure virtual] |
Get eveluation result
virtual const char* ArcSec::Policy::getName | ( | ) | const [pure virtual] |
Get the name of this policy
virtual void ArcSec::Policy::make_policy | ( | ) | [inline, virtual] |
Parse XMLNode, and construct the low-level Rule object
virtual void ArcSec::Policy::setEvalResult | ( | EvalResult & | res | ) | [pure virtual] |
Set eveluation result
virtual void ArcSec::Policy::setEvaluatorContext | ( | EvaluatorContext * | ) | [inline, virtual] |
Set Evaluator Context for the usage in creating low-level policy object