1 """NDG Security Policy Set type definition
2
3 NERC DataGrid
4 """
5 __author__ = "R B Wilkinson"
6 __date__ = "01/11/11"
7 __copyright__ = "(C) 2011 Science and Technology Facilities Council"
8 __contact__ = "Philip.Kershaw@stfc.ac.uk"
9 __license__ = "BSD - see LICENSE file in top-level directory"
10 __contact__ = "Philip.Kershaw@stfc.ac.uk"
11 __revision__ = "$Id$"
12
13 import logging
14 log = logging.getLogger(__name__)
15
16 from ndg.xacml.utils import TypedList
17 from ndg.xacml.parsers import AbstractReaderFactory, AbstractReader
18 from ndg.xacml.core.policybase import PolicyBase
19 from ndg.xacml.core.policydefaults import PolicyDefaults
20 from ndg.xacml.core.target import Target
21 from ndg.xacml.core.obligation import Obligation
22 from ndg.xacml.core.policy_combining_alg import (PolicyCombiningAlgClassFactory,
23 PolicyCombiningAlgInterface)
24 from ndg.xacml.core.functions import (UnsupportedStdFunctionError,
25 UnsupportedFunctionError)
29 """XACML Policy Set
30
31 @cvar DEFAULT_XACML_VERSION: default is 2.0
32 @type DEFAULT_XACML_VERSION: string
33 @cvar ELEMENT_LOCAL_NAME: XML local name for this element
34 @type ELEMENT_LOCAL_NAME: string
35 @cvar POLICY_SET_ID_ATTRIB_NAME: policy set id XML attribute name
36 @type POLICY_SET_ID_ATTRIB_NAME: string
37 @cvar POLICY_COMBINING_ALG_ID_ATTRIB_NAME: policy combining algorithm id
38 XML attribute name
39 @type POLICY_COMBINING_ALG_ID_ATTRIB_NAME: string
40 @cvar VERSION_ATTRIB_NAME: version XML attribute name
41 @type VERSION_ATTRIB_NAME: string
42 @cvar DESCRIPTION_LOCAL_NAME: description XML element local name
43 @type DESCRIPTION_LOCAL_NAME: string
44 @cvar POLICY_SET_DEFAULTS_LOCAL_NAME: policy set defaults XML element local
45 name
46 @type POLICY_SET_DEFAULTS_LOCAL_NAME: string
47 @cvar COMBINER_PARAMETERS_LOCAL_NAME: combiner parameter XML element local
48 name
49 @type COMBINER_PARAMETERS_LOCAL_NAME: string
50 @cvar POLICY_COMBINER_PARAMETERS_LOCAL_NAME: policy combiner parameter XML
51 element local name
52 @type POLICY_COMBINER_PARAMETERS_LOCAL_NAME: string
53 @cvar POLICY_SET_COMBINER_PARAMETERS_LOCAL_NAME: policy set combiner
54 parameter XML element local name
55 @type POLICY_SET_COMBINER_PARAMETERS_LOCAL_NAME: string
56 @cvar OBLIGATIONS_LOCAL_NAME: obligations XML element local name
57 @type OBLIGATIONS_LOCAL_NAME: string
58
59 @ivar __policySetId: policy set id
60 @type __policySetId: NoneType / basestring
61 @ivar __version: policy version
62 @type __version: NoneType / basestring
63 @ivar __policyCombiningAlgId: policy combining algorithm ID
64 @type __policyCombiningAlgId: NoneType / basestring
65 @ivar __description: policy decription text
66 @type __description: NoneType / basestring
67 @ivar __target: target element
68 @type __target: NoneType / ndg.xacml.core.target.Target
69 @ivar __policies: list of policies and/or policy sets
70 @type __policies: ndg.xacml.utils.TypedList
71 @ivar __obligations: obligations
72 @type __obligations: ndg.xacml.utils.TypedList
73 @ivar __policyCombiningAlgFactory: policy combining algorithm factory
74 @type __policyCombiningAlgFactory: ndg.xacml.core.policy_combining_alg.PolicyCombiningAlgClassFactory
75 @ivar __policyCombiningAlg: policy combining algorithm
76 @type __policyCombiningAlg: NoneType / ndg.xacml.core.policy_combining_alg.PolicyCombiningAlgInterface
77 """
78
79 DEFAULT_XACML_VERSION = "2.0"
80 ELEMENT_LOCAL_NAME = "PolicySet"
81 POLICY_SET_ID_ATTRIB_NAME = "PolicySetId"
82 POLICY_COMBINING_ALG_ID_ATTRIB_NAME = "PolicyCombiningAlgId"
83 VERSION_ATTRIB_NAME = "Version"
84
85 DESCRIPTION_LOCAL_NAME = "Description"
86 POLICY_SET_DEFAULTS_LOCAL_NAME = "PolicySetDefaults"
87 COMBINER_PARAMETERS_LOCAL_NAME = "CombinerParameters"
88 POLICY_COMBINER_PARAMETERS_LOCAL_NAME = "PolicyCombinerParameters"
89 POLICY_SET_COMBINER_PARAMETERS_LOCAL_NAME = "PolicySetCombinerParameters"
90 OBLIGATIONS_LOCAL_NAME = "Obligations"
91 POLICY_SET_ID_REFERENCE = "PolicySetIdReference"
92
93 __slots__ = (
94 '__policySetId',
95 '__version',
96 '__policyCombiningAlgId',
97 '__description',
98 '__policySetDefaults',
99 '__target',
100 '__policies',
101 '__obligations',
102 '__policyCombiningAlgFactory',
103 '__policyCombiningAlg'
104 )
105
106 - def __init__(self, policyCombiningAlgFactory=None):
132
133 @classmethod
135 """Create a new policy from the input source parsing it using a
136 reader from the required reader factory e.g. ETreeReaderFactory to use
137 ElementTree based parsing
138
139 @param source: source from which to read the policy - file path,
140 file object, XML node or other dependent on the reader factory selected
141 @type source: string, file, XML node type
142 @param readerFactory: factory class returns reader class used to parse
143 the policy
144 @type readerFactory: ndg.xacml.parsers.AbstractReaderFactory
145 @return: new policy instance
146 @rtype: ndg.xacml.core.policy.Policy
147 """
148 if not issubclass(readerFactory, AbstractReaderFactory):
149 raise TypeError('Expecting %r derived class for reader factory '
150 'method; got %r' % (AbstractReaderFactory,
151 readerFactory))
152
153 reader = readerFactory.getReader(cls)
154 if not issubclass(reader, AbstractReader):
155 raise TypeError('Expecting %r derived class for reader class; '
156 'got %r' % (AbstractReader, reader))
157
158 return reader.parse(source)
159
161 """
162 @return: policy combining algorithm factory
163 @rtype: NoneType / ndg.xacml.core.policy_combining_alg.PolicyCombiningAlgClassFactory
164 """
165 return self.__policyCombiningAlgFactory
166
179
180 policyCombiningAlgFactory = property(_getPolicyCombiningAlgFactory,
181 _setPolicyCombiningAlgFactory,
182 doc="Policy Combining Algorithm Factory")
183
184 @property
186 """Policy Combining algorithm
187 @return: policy combining algorithm class instance
188 @rtype: ndg.xacml.core.policy_combining_alg.PolicyCombiningAlgInterface
189 derived type
190 """
191 return self.__policyCombiningAlg
192
194 '''
195 @return: policy set id
196 @rtype: NoneType / basestring
197 '''
198 return self.__policySetId
199
201 '''@param value: policy set id
202 @type value: basestring
203 @raise TypeError: incorrect input type
204 '''
205 if not isinstance(value, basestring):
206 raise TypeError('Expecting string type for "policySetId" '
207 'attribute; got %r' % type(value))
208
209 self.__policySetId = value
210
211 policySetId = property(_getPolicySetId, _setPolicySetId, None, "Policy Set Id")
212
213 ident = property(_getPolicySetId, None, None, "Policy Set Id")
214
216 '''@return: policy set version
217 @rtype: NoneType / basestring
218 '''
219 return self.__version
220
222 '''@param value: policy set version
223 @type value: basestring
224 @raise TypeError: incorrect input type
225 '''
226 if not isinstance(value, basestring):
227 raise TypeError('Expecting string type for "version" '
228 'attribute; got %r' % type(value))
229
230 self.__version = value
231
232 version = property(_getVersion, _setVersion, None, "Policy Set Version")
233
235 '''@return: policy combining algorithm ID
236 @rtype: NoneType / basestring
237 '''
238 return self.__policyCombiningAlgId
239
241 '''@param value: policy combining algorithm ID
242 @type value: NoneType / basestring
243 @raise TypeError: incorrect input type
244 '''
245 if not isinstance(value, basestring):
246 raise TypeError('Expecting string type for "policyCombiningAlgId" '
247 'attribute; got %r' % type(value))
248
249 self.__policyCombiningAlgId = value
250 self._setPolicyCombiningAlgFromId()
251
283
284 policyCombiningAlgId = property(_getPolicyCombiningAlgId,
285 _setPolicyCombiningAlgId, None,
286 doc="Policy Combining Algorithm Id")
287
288 @property
290 """@raise NotImplementedError: combiner parameters property is not
291 currently implemented
292 """
293 raise NotImplementedError()
294
295 @property
297 """@raise NotImplementedError: policy combiner parameters property is
298 not currently implemented
299 """
300 raise NotImplementedError()
301
302 @property
304 """@raise NotImplementedError: variable definitions parameters property
305 is not currently implemented
306 """
307 raise NotImplementedError()
308
309 @property
311 """Return the list of policies / policy sets
312 @return: list of policies / policy sets
313 @rtype: ndg.xacml.utils.TypedList
314 """
315 return self.__policies
316
317 @property
319 """@return: obligations
320 @rtype: ndg.xacml.utils.TypedList
321 """
322 return self.__obligations
323
325 """@return: target element
326 @rtype: NoneType / ndg.xacml.core.target.Target
327 """
328 return self.__target
329
331 """@param value: target element
332 @type value: ndg.xacml.core.target.Target
333 @raise TypeError: incorrect input type
334 """
335 if not isinstance(value, Target):
336 raise TypeError('Expecting Target for "target" '
337 'attribute; got %r' % type(value))
338 self.__target = value
339
340 target = property(_getTarget, _setTarget, doc="list of Policy targets")
341
343 '''@return: policy description text
344 @rtype: NoneType / basestring
345 '''
346 return self.__description
347
349 '''@param value: policy description text
350 @type value: basestring
351 @raise TypeError: incorrect input type
352 '''
353 if not isinstance(value, basestring):
354 raise TypeError('Expecting string type for "description" '
355 'attribute; got %r' % type(value))
356 self.__description = value
357
358 description = property(_getDescription, _setDescription,
359 doc="Policy Description text")
360
362 '''@return: policy set defaults
363 @rtype: NoneType / ndg.xacml.core.policydefaults.PolicyDefaults
364 '''
365 return self.__policySetDefaults
366
368 '''@param value: policy set defaults
369 @type value: ndg.xacml.core.policydefaults.PolicyDefaults
370 @raise TypeError: incorrect input type
371 '''
372 if not isinstance(value, PolicyDefaults):
373 raise TypeError('Expecting string type for "policyDefaults" '
374 'attribute; got %r' % type(value))
375
376 self.__policySetDefaults = value
377
378 policySetDefaults = property(_getPolicySetDefaults,
379 _setPolicySetDefaults,
380 None,
381 "Policy Set PolicyDefaults element")
382
384 """Evaluates the policy combining algorithm for this policy set.
385 @param context: the request context
386 @type context: ndg.xacml.core.request.Request
387 @return: result of the evaluation - the decision for this policy set
388 @rtype: ndg.xacml.core.context.result.Decision
389 """
390 return self.policyCombiningAlg.evaluate(self.policies, context)
391