1 """NDG XACML Policy Decision Point type definition
2
3 NERC DataGrid
4 """
5 __author__ = "P J Kershaw"
6 __date__ = "25/02/10"
7 __copyright__ = "(C) 2010 Science and Technology Facilities Council"
8 __contact__ = "Philip.Kershaw@stfc.ac.uk"
9 __license__ = "BSD - see LICENSE file in top-level directory"
10 __contact__ = "Philip.Kershaw@stfc.ac.uk"
11 __revision__ = "$Id: pdp.py 7955 2011-12-21 18:29:45Z rwilkinson $"
12 import logging
13 log = logging.getLogger(__name__)
14
15 from ndg.xacml.core.context.pdpinterface import PDPInterface
16 from ndg.xacml.core.policybase import PolicyBase
17 from ndg.xacml.finder.defaultfinder import getDefaultPolicyFinder
18
19
20 -class PDP(PDPInterface):
21 """A XACML Policy Decision Point implementation. It supports the use of a
22 single policy but not policy sets
23
24 @ivar __policy: policy object for PDP to use to apply access control
25 decisions
26 @type policy: ndg.xacml.core.policy.Policy / None
27 """
28 __slots__ = ('__policy',)
29
31 """
32 @param policy: policy object for PDP to use to apply access control
33 decisions, may be omitted.
34 @type policy: ndg.xacml.core.policy.Policy / None
35 """
36 self.__policy = None
37 if policy is not None:
38 self.policy = policy
39
40 @classmethod
42 """Create a new PDP instance with a given policy
43 @param source: source for policy
44 @type source: type (dependent on the reader set, it could be for example
45 a file path string, file object, XML element instance)
46 @param readerFactory: reader factory returns the reader to use to read
47 this policy
48 @type readerFactory: ndg.xacml.parsers.AbstractReader derived type
49 @param finder: policy finder
50 @type finder: ndg.xacml.finder.PolicyFinderBase subclass
51 """
52 pdp = cls()
53 if not finder:
54
55 finder = getDefaultPolicyFinder(source)
56 pdp.setPolicyFromSource(source, readerFactory, finder)
57 return pdp
58
60 """initialise PDP with the given policy
61 @param source: source for policy
62 @type source: type (dependent on the reader set, it could be for example
63 a file path string, file object, XML element instance)
64 @param readerFactory: reader factory returns the reader to use to read
65 this policy
66 @type readerFactory: ndg.xacml.parsers.AbstractReader derived type
67 @param finder: policy finder
68 @type finder: ndg.xacml.finder.PolicyFinderBase subclass
69 """
70 self.policy = PolicyBase.fromSource(source, readerFactory, finder)
71
72 @property
74 """Get policy
75 @return: policy object for PDP to use to apply access control decisions
76 @rtype: ndg.xacml.core.policy.Policy
77 """
78 return self.__policy
79
80 @policy.setter
82 '''Set policy
83 @param value: policy object for PDP to use to apply access control
84 decisions
85 @type value: ndg.xacml.core.policy.Policy
86 '''
87 if not isinstance(value, PolicyBase):
88 raise TypeError('Expecting %r derived type for "policy" input; got '
89 '%r instead' % (PolicyBase, type(value)))
90 self.__policy = value
91
93 """Make an access control decision for the given request based on the
94 single policy provided
95
96 @param request: XACML request context
97 @type request: ndg.xacml.core.context.request.Request
98 @return: XACML response instance
99 @rtype: ndg.xacml.core.context.response.Response
100 """
101 response = self.policy.evaluateResponse(request)
102
103 return response
104