2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
24 * A MatchFunctor that logical ANDs the results of contained functors.
28 #include "exceptions.h"
29 #include "attribute/filtering/FilterPolicyContext.h"
30 #include "attribute/filtering/MatchFunctor.h"
31 #include "util/SPConstants.h"
33 #include <xercesc/util/XMLUniDefs.hpp>
34 #include <xmltooling/util/XMLHelper.h>
36 using namespace shibsp;
37 using namespace xmltooling;
43 * A MatchFunctor that logical ANDs the results of contained functors.
45 class SHIBSP_DLLLOCAL AndMatchFunctor : public MatchFunctor
48 AndMatchFunctor(const pair<const FilterPolicyContext*,const DOMElement*>& p);
50 bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
51 if (m_functors.empty())
53 for (vector<const MatchFunctor*>::const_iterator mf = m_functors.begin(); mf!=m_functors.end(); ++mf)
54 if (!(*mf)->evaluatePolicyRequirement(filterContext))
59 bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
60 if (m_functors.empty())
62 for (vector<const MatchFunctor*>::const_iterator mf = m_functors.begin(); mf!=m_functors.end(); ++mf)
63 if (!(*mf)->evaluatePermitValue(filterContext, attribute, index))
69 MatchFunctor* buildFunctor(const DOMElement* e, const FilterPolicyContext* functorMap);
71 vector<const MatchFunctor*> m_functors;
74 MatchFunctor* SHIBSP_DLLLOCAL AndMatchFunctorFactory(const pair<const FilterPolicyContext*,const DOMElement*>& p)
76 return new AndMatchFunctor(p);
79 static XMLCh _id[] = UNICODE_LITERAL_2(i,d);
80 static XMLCh _ref[] = UNICODE_LITERAL_3(r,e,f);
81 static XMLCh Rule[] = UNICODE_LITERAL_4(R,u,l,e);
82 static XMLCh RuleReference[] = UNICODE_LITERAL_13(R,u,l,e,R,e,f,e,r,e,n,c,e);
85 AndMatchFunctor::AndMatchFunctor(const pair<const FilterPolicyContext*,const DOMElement*>& p)
88 const DOMElement* e = XMLHelper::getFirstChildElement(p.second);
91 if (XMLHelper::isNodeNamed(e, shibspconstants::SHIB2ATTRIBUTEFILTER_MF_BASIC_NS, Rule)) {
92 func = buildFunctor(e, p.first);
94 else if (XMLHelper::isNodeNamed(e, shibspconstants::SHIB2ATTRIBUTEFILTER_MF_BASIC_NS, RuleReference)) {
95 string ref = XMLHelper::getAttrString(e, nullptr, _ref);
97 multimap<string,MatchFunctor*>::const_iterator rule = p.first->getMatchFunctors().find(ref);
98 func = (rule!=p.first->getMatchFunctors().end()) ? rule->second : nullptr;
103 m_functors.push_back(func);
105 e = XMLHelper::getNextSiblingElement(e);
109 MatchFunctor* AndMatchFunctor::buildFunctor(const DOMElement* e, const FilterPolicyContext* functorMap)
111 // We'll track and map IDs just for consistency, but don't require them or worry about dups.
112 string id = XMLHelper::getAttrString(e, nullptr, _id);
113 if (!id.empty() && functorMap->getMatchFunctors().count(id))
116 auto_ptr<xmltooling::QName> type(XMLHelper::getXSIType(e));
118 throw ConfigurationException("Child Rule found with no xsi:type.");
120 MatchFunctor* func = SPConfig::getConfig().MatchFunctorManager.newPlugin(*type.get(), make_pair(functorMap,e));
121 functorMap->getMatchFunctors().insert(multimap<string,MatchFunctor*>::value_type(id, func));