2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.policy.xacml.test.json;
23 import static org.junit.Assert.assertEquals;
24 import static org.junit.Assert.fail;
26 import java.text.ParseException;
27 import java.util.ArrayList;
28 import java.util.Arrays;
29 import java.util.Collection;
30 import java.util.List;
31 import java.math.BigInteger;
33 import org.junit.Ignore;
34 import org.junit.Test;
36 import com.att.research.xacml.api.Attribute;
37 import com.att.research.xacml.api.AttributeValue;
38 import com.att.research.xacml.api.Decision;
39 import com.att.research.xacml.api.Identifier;
40 import com.att.research.xacml.api.XACML3;
41 import com.att.research.xacml.std.IdentifierImpl;
42 import com.att.research.xacml.std.StdAttribute;
43 import com.att.research.xacml.std.StdAttributeCategory;
44 import com.att.research.xacml.std.StdAttributeValue;
45 import com.att.research.xacml.std.StdIdReference;
46 import com.att.research.xacml.std.StdMutableAdvice;
47 import com.att.research.xacml.std.StdMutableAttribute;
48 import com.att.research.xacml.std.StdMutableAttributeAssignment;
49 import com.att.research.xacml.std.StdMutableMissingAttributeDetail;
50 import com.att.research.xacml.std.StdMutableObligation;
51 import com.att.research.xacml.std.StdMutableResponse;
52 import com.att.research.xacml.std.StdMutableResult;
53 import com.att.research.xacml.std.StdMutableStatus;
54 import com.att.research.xacml.std.StdMutableStatusDetail;
55 import com.att.research.xacml.std.StdStatusCode;
56 import com.att.research.xacml.std.StdVersion;
57 import com.att.research.xacml.std.datatypes.DataTypes;
58 import com.att.research.xacml.std.datatypes.StringNamespaceContext;
59 import com.att.research.xacml.std.datatypes.XPathExpressionWrapper;
60 import com.att.research.xacml.std.json.JSONResponse;
61 import com.att.research.xacml.std.json.JSONStructureException;
67 * In Eclipse select this file or the enclosing directory, right-click and select Run As/JUnit Test
71 public class ResponseTest {
75 StdMutableResponse response;
77 StdMutableResult result;
79 StdMutableStatus status;
82 // Note: Initially test responses without Obligations, Associated Advice, Attributes, or PolicyIdentifier
86 public void testEmptyAndDecisions() {
89 jsonResponse = JSONResponse.toString(null, false);
90 fail("Operation should throw exception");
91 } catch (JSONStructureException e) {
93 } catch (Exception e) {
94 fail ("Failed convert from JSON to object: " + e);
97 // empty response (no Result object)
98 response = new StdMutableResponse();
100 jsonResponse = JSONResponse.toString(response, false);
101 fail("Operation should throw exception");
102 } catch (JSONStructureException e) {
104 } catch (Exception e) {
105 fail ("Failed convert from JSON to object: " + e);
109 // just decision, no status
110 response = new StdMutableResponse();
111 result = new StdMutableResult();
112 result.setDecision(Decision.PERMIT);
113 response.add(result);
115 jsonResponse = JSONResponse.toString(response, false);
116 assertEquals("{\"Response\":[{\"Decision\":\"Permit\"}]}", jsonResponse);
117 } catch (Exception e) {
118 fail("operation failed, e="+e);
121 // just status (empty), no decision
122 response = new StdMutableResponse();
123 result = new StdMutableResult();
124 status = new StdMutableStatus();
125 result.setStatus(status);
126 response.add(result);
128 jsonResponse = JSONResponse.toString(response, false);
129 fail("Operation should throw exception");
130 } catch (JSONStructureException e) {
132 } catch (Exception e) {
133 fail ("Failed convert from JSON to object: " + e);
136 // just status (non-empty), no decision
137 response = new StdMutableResponse();
138 result = new StdMutableResult();
139 status = new StdMutableStatus();
140 status.setStatusCode(StdStatusCode.STATUS_CODE_OK);
141 result.setStatus(status);
142 response.add(result);
144 jsonResponse = JSONResponse.toString(response, false);
145 fail("Operation should throw exception");
146 } catch (JSONStructureException e) {
148 } catch (Exception e) {
149 fail ("Failed convert from JSON to object: " + e);
153 // test other decisions without Status
155 response = new StdMutableResponse();
156 result = new StdMutableResult();
157 result.setDecision(Decision.DENY);
158 response.add(result);
160 jsonResponse = JSONResponse.toString(response, false);
161 assertEquals("{\"Response\":[{\"Decision\":\"Deny\"}]}", jsonResponse);
162 } catch (Exception e) {
163 fail("operation failed, e="+e);
166 response = new StdMutableResponse();
167 result = new StdMutableResult();
168 result.setDecision(Decision.NOTAPPLICABLE);
169 response.add(result);
171 jsonResponse = JSONResponse.toString(response, false);
172 assertEquals("{\"Response\":[{\"Decision\":\"NotApplicable\"}]}", jsonResponse);
173 } catch (Exception e) {
174 fail("operation failed, e="+e);
177 response = new StdMutableResponse();
178 result = new StdMutableResult();
179 result.setDecision(Decision.INDETERMINATE);
180 response.add(result);
182 jsonResponse = JSONResponse.toString(response, false);
183 assertEquals("{\"Response\":[{\"Decision\":\"Indeterminate\"}]}", jsonResponse);
184 } catch (Exception e) {
185 fail("operation failed, e="+e);
188 response = new StdMutableResponse();
189 result = new StdMutableResult();
190 result.setDecision(Decision.INDETERMINATE_DENY);
191 response.add(result);
193 jsonResponse = JSONResponse.toString(response, false);
194 assertEquals("{\"Response\":[{\"Decision\":\"Indeterminate{D}\"}]}", jsonResponse);
195 } catch (Exception e) {
196 fail("operation failed, e="+e);
199 response = new StdMutableResponse();
200 result = new StdMutableResult();
201 result.setDecision(Decision.INDETERMINATE_DENYPERMIT);
202 response.add(result);
204 jsonResponse = JSONResponse.toString(response, false);
205 assertEquals("{\"Response\":[{\"Decision\":\"Indeterminate{DP}\"}]}", jsonResponse);
206 } catch (Exception e) {
207 fail("operation failed, e="+e);
210 response = new StdMutableResponse();
211 result = new StdMutableResult();
212 result.setDecision(Decision.INDETERMINATE_PERMIT);
213 response.add(result);
215 jsonResponse = JSONResponse.toString(response, false);
216 assertEquals("{\"Response\":[{\"Decision\":\"Indeterminate{P}\"}]}", jsonResponse);
217 } catch (Exception e) {
218 fail("operation failed, e="+e);
222 // test Multiple Decisions - success
223 response = new StdMutableResponse();
224 result = new StdMutableResult();
225 result.setDecision(Decision.PERMIT);
226 response.add(result);
227 StdMutableResult result2 = new StdMutableResult();
228 result2.setDecision(Decision.DENY);
229 response.add(result2);
231 jsonResponse = JSONResponse.toString(response, false);
232 assertEquals("{\"Response\":[{\"Decision\":\"Permit\"},{\"Decision\":\"Deny\"}]}", jsonResponse);
233 } catch (Exception e) {
234 fail("operation failed, e="+e);
238 // test Multiple Decisions - one success and one error
239 response = new StdMutableResponse();
240 result = new StdMutableResult();
241 result.setDecision(Decision.PERMIT);
242 response.add(result);
243 result2 = new StdMutableResult();
244 result2.setDecision(Decision.INDETERMINATE);
245 response.add(result2);
247 jsonResponse = JSONResponse.toString(response, false);
248 assertEquals("{\"Response\":[{\"Decision\":\"Permit\"},{\"Decision\":\"Indeterminate\"}]}", jsonResponse);
249 } catch (Exception e) {
250 fail("operation failed, e="+e);
257 // Test with every field filled in with multiple values where appropriate
259 public void testAllFieldsResponse() {
261 // fully-loaded multiple response
263 StdMutableResponse response = new StdMutableResponse();
264 // create a Status object
265 StdMutableStatus status = new StdMutableStatus(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
266 status.setStatusMessage("some status message");
267 StdMutableStatusDetail statusDetailIn = new StdMutableStatusDetail();
268 StdMutableMissingAttributeDetail mad = new StdMutableMissingAttributeDetail();
269 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "doh"));
270 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_INTEGER.getId(), "5432"));
271 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "meh"));
272 mad.setAttributeId(XACML3.ID_ACTION_PURPOSE);
273 mad.setCategory(XACML3.ID_ATTRIBUTE_CATEGORY_ACTION);
274 mad.setDataTypeId(XACML3.ID_DATATYPE_STRING);
275 mad.setIssuer("an Issuer");
276 statusDetailIn.addMissingAttributeDetail(mad);
277 status.setStatusDetail(statusDetailIn);
278 // create a single result object
279 StdMutableResult result = new StdMutableResult(status);
281 result.setDecision(Decision.INDETERMINATE);
282 // put the Result into the Response
283 response.add(result);
286 // create a new Result with a different Decision
287 status = new StdMutableStatus(StdStatusCode.STATUS_CODE_OK);
288 result = new StdMutableResult(status);
289 result.setDecision(Decision.DENY);
291 StdMutableObligation obligation = new StdMutableObligation();
292 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
293 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
294 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
296 "obligation-issuer1",
297 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
298 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
299 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
301 "obligation-issuer2",
302 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Ned")));
303 result.addObligation(obligation);
304 obligation = new StdMutableObligation();
305 obligation.setId(XACML3.ID_SUBJECT_CATEGORY_INTERMEDIARY_SUBJECT);
306 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
307 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
309 "obligation-issuer3",
310 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Maggie")));
311 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
312 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
314 "obligation-issuer4",
315 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Homer")));
316 result.addObligation(obligation);
319 StdMutableAdvice advice = new StdMutableAdvice();
320 advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
321 advice.addAttributeAssignment(new StdMutableAttributeAssignment(
322 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
325 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu")));
326 advice.addAttributeAssignment(new StdMutableAttributeAssignment(
329 "advice-issuerNoCategory",
330 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Crusty")));
331 result.addAdvice(advice);
334 response.add(result);
337 // create a new Result with a different Decision
338 // add Child/minor status codes within the main status
339 StdStatusCode childChildChildStatusCode = new StdStatusCode(new IdentifierImpl("childChildChildStatusCode"));
340 StdStatusCode childChildStatusCode = new StdStatusCode(new IdentifierImpl("childChildStatusCode"), childChildChildStatusCode);
341 StdStatusCode child1StatusCode = new StdStatusCode(new IdentifierImpl("child1StatusCode"), childChildStatusCode);
342 StdStatusCode statusCode = new StdStatusCode(XACML3.ID_STATUS_OK, child1StatusCode);
344 status = new StdMutableStatus(statusCode);
347 result = new StdMutableResult(status);
348 result.setDecision(Decision.PERMIT);
353 // add attribute list in result
354 Identifier categoryIdentifier = new IdentifierImpl("firstCategory");
355 Attribute[] attrList = {
356 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true),
357 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent2"), new StdAttributeValue<String>(DataTypes.DT_YEARMONTHDURATION.getId(), "P10Y4M"), "BIssue", false),
358 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent3"), new StdAttributeValue<Double>(DataTypes.DT_DOUBLE.getId(), 765.432), "CIssue", true),
359 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent4"), new StdAttributeValue<Boolean>(DataTypes.DT_BOOLEAN.getId(), true), "DIssue", true),
360 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent5"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), "EIssue", true),
361 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrNoIssuer"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), null, true) };
362 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, Arrays.asList(attrList)));
363 categoryIdentifier = new IdentifierImpl("secondCategory");
364 Attribute[] secondAttrList = {
365 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent12"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu2"), "AIssue2", true),
366 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent22"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Abc2"), "BIssue2", false),
367 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent32"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Der2"), "CIssue2", true) };
368 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, Arrays.asList(secondAttrList)));
371 // add PolicyIdentifierList to result
372 StdIdReference policyIdentifier1 = null;
373 StdIdReference policyIdentifier2 = null;
374 StdIdReference policySetIdentifier1 = null;
375 StdIdReference policySetIdentifier2 = null;
377 policyIdentifier1 = new StdIdReference(new IdentifierImpl("idRef1"), StdVersion.newInstance("1.2.3"));
378 policyIdentifier2 = new StdIdReference(new IdentifierImpl("idRef2_NoVersion"));
379 policySetIdentifier1 = new StdIdReference(new IdentifierImpl("idSetRef1"), StdVersion.newInstance("4.5.6.7.8.9.0"));
380 policySetIdentifier2 = new StdIdReference(new IdentifierImpl("idSetRef2_NoVersion"));
381 } catch (ParseException e1) {
382 fail("creating policyIds, e="+e1);
385 result.addPolicyIdentifier(policyIdentifier1);
386 result.addPolicyIdentifier(policyIdentifier2);
388 result.addPolicySetIdentifier(policySetIdentifier1);
389 result.addPolicySetIdentifier(policySetIdentifier2);
391 response.add(result);
393 // convert Response to JSON
395 jsonResponse = JSONResponse.toString(response, false);
396 System.out.println(jsonResponse);
397 //System.out.println(JSONResponse.toString(response, true));
398 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"},\"StatusMessage\":\"some status message\",\"StatusDetail\":\"<MissingAttributeDetail Category=\\\\\\\"urn:oasis:names:tc:xacml:3.0:attribute-category:action\\\\\\\" AttributeId=\\\\\\\"urn:oasis:names:tc:xacml:2.0:action:purpose\\\\\\\" DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\" Issuer=\\\\\\\"an Issuer\\\\\\\"><AttributeValue DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\">doh</AttributeValue><AttributeValue DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#integer\\\\\\\">5432</AttributeValue><AttributeValue DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\">meh</AttributeValue></MissingAttributeDetail>\"},\"Decision\":\"Indeterminate\"},{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:ok\"}},\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"obligation-issuer1\",\"Value\":\"Bart\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"obligation-issuer2\",\"Value\":\"Ned\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]},{\"Id\":\"urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject\",\"AttributeAssignment\":[{\"Issuer\":\"obligation-issuer3\",\"Value\":\"Maggie\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"obligation-issuer4\",\"Value\":\"Homer\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Deny\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"advice-issuer1\",\"Value\":\"Apu\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"advice-issuerNoCategory\",\"Value\":\"Crusty\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]},{\"Status\":{\"StatusCode\":{\"StatusCode\":{\"StatusCode\":{\"StatusCode\":{\"Value\":\"childChildChildStatusCode\"},\"Value\":\"childChildStatusCode\"},\"Value\":\"child1StatusCode\"},\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:ok\"}},\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"CIssue\",\"Value\":765.432,\"DataType\":\"http://www.w3.org/2001/XMLSchema#double\",\"AttributeId\":\"attrIdent3\"},{\"Issuer\":\"DIssue\",\"Value\":true,\"DataType\":\"http://www.w3.org/2001/XMLSchema#boolean\",\"AttributeId\":\"attrIdent4\"},{\"Issuer\":\"EIssue\",\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrIdent5\"},{\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrNoIssuer\"}]},{\"CategoryId\":\"secondCategory\",\"Attribute\":[{\"Issuer\":\"AIssue2\",\"Value\":\"Apu2\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent12\"},{\"Issuer\":\"CIssue2\",\"Value\":\"Der2\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent32\"}]}],\"Decision\":\"Permit\",\"PolicyIdentifier\":{\"PolicyIdReference\":[{\"Id\":\"idRef1\",\"Version\":\"1.2.3\"},{\"Id\":\"idRef2_NoVersion\"}],\"PolicySetIdReference\":[{\"Id\":\"idSetRef1\",\"Version\":\"4.5.6.7.8.9.0\"},{\"Id\":\"idSetRef2_NoVersion\"}]}}]}", jsonResponse);
399 } catch (Exception e) {
400 fail("operation failed, e="+e);
407 // combinations of Status values with Decision values
409 public void testDecisionStatusMatch() {
410 // the tests in this method use different values and do not change structures, so we can re-use the objects
411 response = new StdMutableResponse();
412 result = new StdMutableResult();
413 status = new StdMutableStatus();
414 result.setStatus(status);
415 response.add(result);
418 status.setStatusCode(StdStatusCode.STATUS_CODE_OK);
419 result.setDecision(Decision.PERMIT);
421 jsonResponse = JSONResponse.toString(response, false);
422 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:ok\"}},\"Decision\":\"Permit\"}]}", jsonResponse);
423 } catch (Exception e) {
424 fail("operation failed, e="+e);
426 result.setDecision(Decision.DENY);
428 jsonResponse = JSONResponse.toString(response, false);
429 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:ok\"}},\"Decision\":\"Deny\"}]}", jsonResponse);
430 } catch (Exception e) {
431 fail("operation failed, e="+e);
433 result.setDecision(Decision.NOTAPPLICABLE);
435 jsonResponse = JSONResponse.toString(response, false);
436 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:ok\"}},\"Decision\":\"NotApplicable\"}]}", jsonResponse);
437 } catch (Exception e) {
438 fail("operation failed, e="+e);
440 result.setDecision(Decision.INDETERMINATE);
442 jsonResponse = JSONResponse.toString(response, false);
443 fail("Operation should throw exception");
444 } catch (JSONStructureException e) {
446 } catch (Exception e) {
447 fail ("Failed convert from JSON to object: " + e);
449 result.setDecision(Decision.INDETERMINATE_DENY);
451 jsonResponse = JSONResponse.toString(response, false);
452 fail("Operation should throw exception");
453 } catch (JSONStructureException e) {
455 } catch (Exception e) {
456 fail ("Failed convert from JSON to object: " + e);
458 result.setDecision(Decision.INDETERMINATE_DENYPERMIT);
460 jsonResponse = JSONResponse.toString(response, false);
461 fail("Operation should throw exception");
462 } catch (JSONStructureException e) {
464 } catch (Exception e) {
465 fail ("Failed convert from JSON to object: " + e);
467 result.setDecision(Decision.INDETERMINATE_PERMIT);
469 jsonResponse = JSONResponse.toString(response, false);
470 fail("Operation should throw exception");
471 } catch (JSONStructureException e) {
473 } catch (Exception e) {
474 fail ("Failed convert from JSON to object: " + e);
482 // StatusCode = SyntaxError
483 status.setStatusCode(StdStatusCode.STATUS_CODE_SYNTAX_ERROR);
484 result.setDecision(Decision.PERMIT);
486 jsonResponse = JSONResponse.toString(response, false);
487 fail("Operation should throw exception");
488 } catch (JSONStructureException e) {
490 } catch (Exception e) {
491 fail ("Failed convert from JSON to object: " + e);
493 result.setDecision(Decision.DENY);
495 jsonResponse = JSONResponse.toString(response, false);
496 fail("Operation should throw exception");
497 } catch (JSONStructureException e) {
499 } catch (Exception e) {
500 fail ("Failed convert from JSON to object: " + e);
502 result.setDecision(Decision.NOTAPPLICABLE);
504 jsonResponse = JSONResponse.toString(response, false);
505 fail("Operation should throw exception");
506 } catch (JSONStructureException e) {
508 } catch (Exception e) {
509 fail ("Failed convert from JSON to object: " + e);
511 result.setDecision(Decision.INDETERMINATE);
513 jsonResponse = JSONResponse.toString(response, false);
514 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:syntax-error\"}},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
515 } catch (Exception e) {
516 fail("operation failed, e="+e);
518 result.setDecision(Decision.INDETERMINATE_DENY);
520 jsonResponse = JSONResponse.toString(response, false);
521 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:syntax-error\"}},\"Decision\":\"Indeterminate{D}\"}]}", jsonResponse);
522 } catch (Exception e) {
523 fail("operation failed, e="+e);
525 result.setDecision(Decision.INDETERMINATE_DENYPERMIT);
527 jsonResponse = JSONResponse.toString(response, false);
528 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:syntax-error\"}},\"Decision\":\"Indeterminate{DP}\"}]}", jsonResponse);
529 } catch (Exception e) {
530 fail("operation failed, e="+e);
532 result.setDecision(Decision.INDETERMINATE_PERMIT);
534 jsonResponse = JSONResponse.toString(response, false);
535 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:syntax-error\"}},\"Decision\":\"Indeterminate{P}\"}]}", jsonResponse);
536 } catch (Exception e) {
537 fail("operation failed, e="+e);
541 // StatusCode = ProcessingError
542 status.setStatusCode(StdStatusCode.STATUS_CODE_PROCESSING_ERROR);
543 result.setDecision(Decision.PERMIT);
545 jsonResponse = JSONResponse.toString(response, false);
546 fail("Operation should throw exception");
547 } catch (JSONStructureException e) {
549 } catch (Exception e) {
550 fail ("Failed convert from JSON to object: " + e);
552 result.setDecision(Decision.DENY);
554 jsonResponse = JSONResponse.toString(response, false);
555 fail("Operation should throw exception");
556 } catch (JSONStructureException e) {
558 } catch (Exception e) {
559 fail ("Failed convert from JSON to object: " + e);
561 result.setDecision(Decision.NOTAPPLICABLE);
563 jsonResponse = JSONResponse.toString(response, false);
564 fail("Operation should throw exception");
565 } catch (JSONStructureException e) {
567 } catch (Exception e) {
568 fail ("Failed convert from JSON to object: " + e);
570 result.setDecision(Decision.INDETERMINATE);
572 jsonResponse = JSONResponse.toString(response, false);
573 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:processing-error\"}},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
574 } catch (Exception e) {
575 fail("operation failed, e="+e);
577 result.setDecision(Decision.INDETERMINATE_DENY);
579 jsonResponse = JSONResponse.toString(response, false);
580 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:processing-error\"}},\"Decision\":\"Indeterminate{D}\"}]}", jsonResponse);
581 } catch (Exception e) {
582 fail("operation failed, e="+e);
584 result.setDecision(Decision.INDETERMINATE_DENYPERMIT);
586 jsonResponse = JSONResponse.toString(response, false);
587 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:processing-error\"}},\"Decision\":\"Indeterminate{DP}\"}]}", jsonResponse);
588 } catch (Exception e) {
589 fail("operation failed, e="+e);
591 result.setDecision(Decision.INDETERMINATE_PERMIT);
593 jsonResponse = JSONResponse.toString(response, false);
594 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:processing-error\"}},\"Decision\":\"Indeterminate{P}\"}]}", jsonResponse);
595 } catch (Exception e) {
596 fail("operation failed, e="+e);
601 // StatusCode = MissingAttribute
602 status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
603 result.setDecision(Decision.PERMIT);
605 jsonResponse = JSONResponse.toString(response, false);
606 fail("Operation should throw exception");
607 } catch (JSONStructureException e) {
609 } catch (Exception e) {
610 fail ("Failed convert from JSON to object: " + e);
612 result.setDecision(Decision.DENY);
614 jsonResponse = JSONResponse.toString(response, false);
615 fail("Operation should throw exception");
616 } catch (JSONStructureException e) {
618 } catch (Exception e) {
619 fail ("Failed convert from JSON to object: " + e);
621 result.setDecision(Decision.NOTAPPLICABLE);
623 jsonResponse = JSONResponse.toString(response, false);
624 fail("Operation should throw exception");
625 } catch (JSONStructureException e) {
627 } catch (Exception e) {
628 fail ("Failed convert from JSON to object: " + e);
630 result.setDecision(Decision.INDETERMINATE);
632 jsonResponse = JSONResponse.toString(response, false);
633 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"}},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
634 } catch (Exception e) {
635 fail("operation failed, e="+e);
637 result.setDecision(Decision.INDETERMINATE_DENY);
639 jsonResponse = JSONResponse.toString(response, false);
640 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"}},\"Decision\":\"Indeterminate{D}\"}]}", jsonResponse);
641 } catch (Exception e) {
642 fail("operation failed, e="+e);
644 result.setDecision(Decision.INDETERMINATE_DENYPERMIT);
646 jsonResponse = JSONResponse.toString(response, false);
647 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"}},\"Decision\":\"Indeterminate{DP}\"}]}", jsonResponse);
648 } catch (Exception e) {
649 fail("operation failed, e="+e);
651 result.setDecision(Decision.INDETERMINATE_PERMIT);
653 jsonResponse = JSONResponse.toString(response, false);
654 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"}},\"Decision\":\"Indeterminate{P}\"}]}", jsonResponse);
655 } catch (Exception e) {
656 fail("operation failed, e="+e);
663 // tests related to Status and its components
665 public void testStatus() {
666 // Status with no StatusCode - error
667 response = new StdMutableResponse();
668 result = new StdMutableResult();
669 status = new StdMutableStatus();
670 result.setStatus(status);
671 result.setDecision(Decision.PERMIT);
672 response.add(result);
674 jsonResponse = JSONResponse.toString(response, false);
675 fail("Operation should throw exception");
676 } catch (JSONStructureException e) {
678 } catch (Exception e) {
679 fail ("Failed convert from JSON to object: " + e);
682 // Status with StatusMessage when OK
683 response = new StdMutableResponse();
684 result = new StdMutableResult();
685 status = new StdMutableStatus();
686 status.setStatusCode(StdStatusCode.STATUS_CODE_OK);
687 status.setStatusMessage("I'm ok, you're ok");
688 result.setStatus(status);
689 result.setDecision(Decision.PERMIT);
690 response.add(result);
692 jsonResponse = JSONResponse.toString(response, false);
693 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:ok\"},\"StatusMessage\":\"I'm ok, you're ok\"},\"Decision\":\"Permit\"}]}", jsonResponse);
694 } catch (Exception e) {
695 fail("operation failed, e="+e);
698 // Status with StatusDetail when OK
699 response = new StdMutableResponse();
700 result = new StdMutableResult();
701 status = new StdMutableStatus();
702 status.setStatusCode(StdStatusCode.STATUS_CODE_OK);
703 StdMutableStatusDetail statusDetail = new StdMutableStatusDetail();
704 status.setStatusDetail(statusDetail);
705 result.setStatus(status);
706 result.setDecision(Decision.PERMIT);
707 response.add(result);
709 jsonResponse = JSONResponse.toString(response, false);
710 fail("Operation should throw exception");
711 } catch (JSONStructureException e) {
713 } catch (Exception e) {
714 fail ("Failed convert from JSON to object: " + e);
717 // Status with StatusMessage when SyntaxError
718 response = new StdMutableResponse();
719 result = new StdMutableResult();
720 status = new StdMutableStatus();
721 status.setStatusCode(StdStatusCode.STATUS_CODE_SYNTAX_ERROR);
722 status.setStatusMessage("I'm ok, you're ok");
723 result.setStatus(status);
724 result.setDecision(Decision.INDETERMINATE);
725 response.add(result);
727 jsonResponse = JSONResponse.toString(response, false);
728 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:syntax-error\"},\"StatusMessage\":\"I'm ok, you're ok\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
729 } catch (Exception e) {
730 fail("operation failed, e="+e);
733 // Status with empty StatusDetail when SyntaxError
734 response = new StdMutableResponse();
735 result = new StdMutableResult();
736 status = new StdMutableStatus();
737 status.setStatusCode(StdStatusCode.STATUS_CODE_SYNTAX_ERROR);
738 statusDetail = new StdMutableStatusDetail();
739 status.setStatusDetail(statusDetail);
740 result.setStatus(status);
741 result.setDecision(Decision.INDETERMINATE);
742 response.add(result);
744 jsonResponse = JSONResponse.toString(response, false);
745 fail("Operation should throw exception");
746 } catch (JSONStructureException e) {
748 } catch (Exception e) {
749 fail ("Failed convert from JSON to object: " + e);
753 // Status with StatusMessage when ProcessingError
754 response = new StdMutableResponse();
755 result = new StdMutableResult();
756 status = new StdMutableStatus();
757 status.setStatusCode(StdStatusCode.STATUS_CODE_PROCESSING_ERROR);
758 status.setStatusMessage("I'm ok, you're ok");
759 result.setStatus(status);
760 result.setDecision(Decision.INDETERMINATE);
761 response.add(result);
763 jsonResponse = JSONResponse.toString(response, false);
764 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:processing-error\"},\"StatusMessage\":\"I'm ok, you're ok\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
765 } catch (Exception e) {
766 fail("operation failed, e="+e);
769 // Status with empty StatusDetail when ProcessingError
770 response = new StdMutableResponse();
771 result = new StdMutableResult();
772 status = new StdMutableStatus();
773 status.setStatusCode(StdStatusCode.STATUS_CODE_PROCESSING_ERROR);
774 statusDetail = new StdMutableStatusDetail();
775 status.setStatusDetail(statusDetail);
776 result.setStatus(status);
777 result.setDecision(Decision.INDETERMINATE);
778 response.add(result);
780 jsonResponse = JSONResponse.toString(response, false);
781 fail("Operation should throw exception");
782 } catch (JSONStructureException e) {
784 } catch (Exception e) {
785 fail ("Failed convert from JSON to object: " + e);
789 // Status with StatusMessage when MissingAttribute
790 response = new StdMutableResponse();
791 result = new StdMutableResult();
792 status = new StdMutableStatus();
793 status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
794 status.setStatusMessage("I'm ok, you're ok");
795 result.setStatus(status);
796 result.setDecision(Decision.INDETERMINATE);
797 response.add(result);
799 jsonResponse = JSONResponse.toString(response, false);
800 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"},\"StatusMessage\":\"I'm ok, you're ok\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
801 } catch (Exception e) {
802 fail("operation failed, e="+e);
805 // Status with empty StatusDetail when MissingAttribute
806 response = new StdMutableResponse();
807 result = new StdMutableResult();
808 status = new StdMutableStatus();
809 status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
810 statusDetail = new StdMutableStatusDetail();
811 status.setStatusDetail(statusDetail);
812 result.setStatus(status);
813 result.setDecision(Decision.INDETERMINATE);
814 response.add(result);
816 jsonResponse = JSONResponse.toString(response, false);
817 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"}},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
818 } catch (Exception e) {
819 fail("operation failed, e="+e);
824 // Status with StatusDetail with empty detail when MissingAttribute
825 response = new StdMutableResponse();
826 result = new StdMutableResult();
827 status = new StdMutableStatus();
828 status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
829 statusDetail = new StdMutableStatusDetail();
830 StdMutableMissingAttributeDetail mad = new StdMutableMissingAttributeDetail();
831 statusDetail.addMissingAttributeDetail(mad);
832 status.setStatusDetail(statusDetail);
833 result.setStatus(status);
834 result.setDecision(Decision.INDETERMINATE);
835 response.add(result);
837 jsonResponse = JSONResponse.toString(response, false);
838 fail("Operation should throw exception");
839 } catch (JSONStructureException e) {
841 } catch (Exception e) {
842 fail ("Failed convert from JSON to object: " + e);
845 // Status with StatusDetail with valid detail with no value when MissingAttribute
846 response = new StdMutableResponse();
847 result = new StdMutableResult();
848 status = new StdMutableStatus();
849 status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
850 statusDetail = new StdMutableStatusDetail();
851 mad = new StdMutableMissingAttributeDetail();
852 mad.setAttributeId(new IdentifierImpl("mad"));
853 mad.setCategory(XACML3.ID_ACTION);
854 mad.setDataTypeId(DataTypes.DT_STRING.getId());
855 statusDetail.addMissingAttributeDetail(mad);
856 status.setStatusDetail(statusDetail);
857 result.setStatus(status);
858 result.setDecision(Decision.INDETERMINATE);
859 response.add(result);
861 jsonResponse = JSONResponse.toString(response, false);
862 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"},\"StatusDetail\":\"<MissingAttributeDetail Category=\\\\\\\"urn:oasis:names:tc:xacml:1.0:action\\\\\\\" AttributeId=\\\\\\\"mad\\\\\\\" DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\"></MissingAttributeDetail>\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
863 } catch (Exception e) {
864 fail("operation failed, e="+e);
867 // Status with StatusDetail with valid detail with value when MissingAttribute
868 response = new StdMutableResponse();
869 result = new StdMutableResult();
870 status = new StdMutableStatus();
871 status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
872 statusDetail = new StdMutableStatusDetail();
873 mad = new StdMutableMissingAttributeDetail();
874 mad.setAttributeId(new IdentifierImpl("mad"));
875 mad.setCategory(XACML3.ID_ACTION);
876 mad.setDataTypeId(DataTypes.DT_STRING.getId());
877 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "meh"));
878 statusDetail.addMissingAttributeDetail(mad);
879 status.setStatusDetail(statusDetail);
880 result.setStatus(status);
881 result.setDecision(Decision.INDETERMINATE);
882 response.add(result);
884 jsonResponse = JSONResponse.toString(response, false);
885 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"},\"StatusDetail\":\"<MissingAttributeDetail Category=\\\\\\\"urn:oasis:names:tc:xacml:1.0:action\\\\\\\" AttributeId=\\\\\\\"mad\\\\\\\" DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\"><AttributeValue DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\">meh</AttributeValue></MissingAttributeDetail>\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
886 } catch (Exception e) {
887 fail("operation failed, e="+e);
890 // Status with StatusDetail with array valid detail with value when MissingAttribute
891 response = new StdMutableResponse();
892 result = new StdMutableResult();
893 status = new StdMutableStatus();
894 status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
895 statusDetail = new StdMutableStatusDetail();
896 mad = new StdMutableMissingAttributeDetail();
897 mad.setAttributeId(new IdentifierImpl("mad"));
898 mad.setCategory(XACML3.ID_ACTION);
899 mad.setDataTypeId(DataTypes.DT_STRING.getId());
900 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "meh"));
901 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "nu?"));
902 statusDetail.addMissingAttributeDetail(mad);
903 status.setStatusDetail(statusDetail);
904 result.setStatus(status);
905 result.setDecision(Decision.INDETERMINATE);
906 response.add(result);
908 jsonResponse = JSONResponse.toString(response, false);
909 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"},\"StatusDetail\":\"<MissingAttributeDetail Category=\\\\\\\"urn:oasis:names:tc:xacml:1.0:action\\\\\\\" AttributeId=\\\\\\\"mad\\\\\\\" DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\"><AttributeValue DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\">meh</AttributeValue><AttributeValue DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\">nu?</AttributeValue></MissingAttributeDetail>\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
910 } catch (Exception e) {
911 fail("operation failed, e="+e);
915 // Status with StatusDetail with valid detail with Integer value when MissingAttribute
916 response = new StdMutableResponse();
917 result = new StdMutableResult();
918 status = new StdMutableStatus();
919 status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
920 statusDetail = new StdMutableStatusDetail();
921 mad = new StdMutableMissingAttributeDetail();
922 mad.setAttributeId(new IdentifierImpl("mad"));
923 mad.setCategory(XACML3.ID_ACTION);
924 mad.setDataTypeId(DataTypes.DT_INTEGER.getId());
925 mad.addAttributeValue(new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(1111)));
926 statusDetail.addMissingAttributeDetail(mad);
927 status.setStatusDetail(statusDetail);
928 result.setStatus(status);
929 result.setDecision(Decision.INDETERMINATE);
930 response.add(result);
932 jsonResponse = JSONResponse.toString(response, false);
933 // assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"},\"StatusDetail\":\"<MissingAttributeDetail Category=\\\\\\\"urn:oasis:names:tc:xacml:1.0:action\\\\\\\" AttributeId=\\\\\\\"mad\\\\\\\" DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\"><AttributeValue DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#integer\\\\\\\">1111</AttributeValue></MissingAttributeDetail>\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
934 } catch (Exception e) {
935 java.io.StringWriter sw = new java.io.StringWriter();
936 java.io.PrintWriter pw = new java.io.PrintWriter(sw);
937 e.printStackTrace(pw);
940 fail("operation failed, e="+e + sw.toString());
943 // Status with StatusDetail with array valid detail with Integer value when MissingAttribute
944 response = new StdMutableResponse();
945 result = new StdMutableResult();
946 status = new StdMutableStatus();
947 status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
948 statusDetail = new StdMutableStatusDetail();
949 mad = new StdMutableMissingAttributeDetail();
950 mad.setAttributeId(new IdentifierImpl("mad"));
951 mad.setCategory(XACML3.ID_ACTION);
952 mad.setDataTypeId(DataTypes.DT_STRING.getId());
953 mad.addAttributeValue(new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(1111)));
954 mad.addAttributeValue(new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(2222)));
955 statusDetail.addMissingAttributeDetail(mad);
956 status.setStatusDetail(statusDetail);
957 result.setStatus(status);
958 result.setDecision(Decision.INDETERMINATE);
959 response.add(result);
961 jsonResponse = JSONResponse.toString(response, false);
962 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"},\"StatusDetail\":\"<MissingAttributeDetail Category=\\\\\\\"urn:oasis:names:tc:xacml:1.0:action\\\\\\\" AttributeId=\\\\\\\"mad\\\\\\\" DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#string\\\\\\\"><AttributeValue DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#integer\\\\\\\">1111</AttributeValue><AttributeValue DataType=\\\\\\\"http://www.w3.org/2001/XMLSchema#integer\\\\\\\">2222</AttributeValue></MissingAttributeDetail>\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
963 } catch (Exception e) {
964 fail("operation failed, e="+e);
967 // StringNamespaceContext snc = new StringNamespaceContext();
969 // snc.add("defaultURI");
970 // snc.add("md", "referenceForMD");
971 // } catch (Exception e) {
972 // fail("unable to create NamespaceContext e="+e);
974 // XPathExpressionWrapper xpathExpressionWrapper = new XPathExpressionWrapper(snc, "//md:record");
976 //TODO - assume that we will never try to pass back an XPathExpression in a MissingAttributeDetail - it doesn't make sense and is unclear how to put into XML
977 // // Status with StatusDetail with valid detail with XPathExpression value when MissingAttribute
978 // response = new StdMutableResponse();
979 // result = new StdMutableResult();
980 // status = new StdMutableStatus();
981 // status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
982 // statusDetail = new StdMutableStatusDetail();
983 // mad = new StdMutableMissingAttributeDetail();
984 // mad.setAttributeId(new IdentifierImpl("mad"));
985 // mad.setCategory(XACML3.ID_ACTION);
986 // mad.setDataTypeId(DataTypes.DT_STRING.getId());
987 // mad.addAttributeValue(new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper, new IdentifierImpl("xpathCategoryId")));
988 // statusDetail.addMissingAttributeDetail(mad);
989 // status.setStatusDetail(statusDetail);
990 // result.setStatus(status);
991 // result.setDecision(Decision.INDETERMINATE);
992 // response.add(result);
994 // jsonResponse = JSONResponse.toString(response, false);
995 // assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"},\"StatusDetail\":\"<AttributeValue>1111</AttributeValue><Category>urn:oasis:names:tc:xacml:1.0:action</Category><AttributeId>mad</AttributeId><DataType>http://www.w3.org/2001/XMLSchema#string</DataType></MissingAttributeDetail>\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
996 // } catch (Exception e) {
997 // fail("operation failed, e="+e);
1000 // // Status with StatusDetail with array valid detail with XPathExpression value when MissingAttribute
1001 // response = new StdMutableResponse();
1002 // result = new StdMutableResult();
1003 // status = new StdMutableStatus();
1004 // status.setStatusCode(StdStatusCode.STATUS_CODE_MISSING_ATTRIBUTE);
1005 // statusDetail = new StdMutableStatusDetail();
1006 // mad = new StdMutableMissingAttributeDetail();
1007 // mad.setAttributeId(new IdentifierImpl("mad"));
1008 // mad.setCategory(XACML3.ID_ACTION);
1009 // mad.setDataTypeId(DataTypes.DT_STRING.getId());
1010 // mad.addAttributeValue(new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper, new IdentifierImpl("xpathCategoryId1")));
1011 // mad.addAttributeValue(new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper, new IdentifierImpl("xpathCategoryId2")));
1012 // statusDetail.addMissingAttributeDetail(mad);
1013 // status.setStatusDetail(statusDetail);
1014 // result.setStatus(status);
1015 // result.setDecision(Decision.INDETERMINATE);
1016 // response.add(result);
1018 // jsonResponse = JSONResponse.toString(response, false);
1019 // assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:missing-attribute\"},\"StatusDetail\":\"<AttributeValue>1111</AttributeValue><AttributeValue>2222</AttributeValue><Category>urn:oasis:names:tc:xacml:1.0:action</Category><AttributeId>mad</AttributeId><DataType>http://www.w3.org/2001/XMLSchema#string</DataType></MissingAttributeDetail>\"},\"Decision\":\"Indeterminate\"}]}", jsonResponse);
1020 // } catch (Exception e) {
1021 // fail("operation failed, e="+e);
1024 //TODO - try with other data types, esp XPathExpression
1026 // Status with StatusDetail with array valid detail with value when SyntaxError
1027 response = new StdMutableResponse();
1028 result = new StdMutableResult();
1029 status = new StdMutableStatus();
1030 status.setStatusCode(StdStatusCode.STATUS_CODE_SYNTAX_ERROR);
1031 statusDetail = new StdMutableStatusDetail();
1032 mad = new StdMutableMissingAttributeDetail();
1033 mad.setAttributeId(new IdentifierImpl("mad"));
1034 mad.setCategory(XACML3.ID_ACTION);
1035 mad.setDataTypeId(DataTypes.DT_STRING.getId());
1036 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "meh"));
1037 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "nu?"));
1038 statusDetail.addMissingAttributeDetail(mad);
1039 status.setStatusDetail(statusDetail);
1040 result.setStatus(status);
1041 result.setDecision(Decision.INDETERMINATE);
1042 response.add(result);
1044 jsonResponse = JSONResponse.toString(response, false);
1045 fail("Operation should throw exception");
1046 } catch (JSONStructureException e) {
1048 } catch (Exception e) {
1049 fail ("Failed convert from JSON to object: " + e);
1052 // Status with StatusDetail with array valid detail with value when ProcessingError
1053 response = new StdMutableResponse();
1054 result = new StdMutableResult();
1055 status = new StdMutableStatus();
1056 status.setStatusCode(StdStatusCode.STATUS_CODE_PROCESSING_ERROR);
1057 statusDetail = new StdMutableStatusDetail();
1058 mad = new StdMutableMissingAttributeDetail();
1059 mad.setAttributeId(new IdentifierImpl("mad"));
1060 mad.setCategory(XACML3.ID_ACTION);
1061 mad.setDataTypeId(DataTypes.DT_STRING.getId());
1062 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "meh"));
1063 mad.addAttributeValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "nu?"));
1064 statusDetail.addMissingAttributeDetail(mad);
1065 status.setStatusDetail(statusDetail);
1066 result.setStatus(status);
1067 result.setDecision(Decision.INDETERMINATE);
1068 response.add(result);
1070 jsonResponse = JSONResponse.toString(response, false);
1071 fail("Operation should throw exception");
1072 } catch (JSONStructureException e) {
1074 } catch (Exception e) {
1075 fail ("Failed convert from JSON to object: " + e);
1080 // Status with nested child StatusCodes (child status containing child status containing...)
1081 response = new StdMutableResponse();
1082 result = new StdMutableResult();
1083 status = new StdMutableStatus();
1084 StdStatusCode child1StatusCode = new StdStatusCode(new IdentifierImpl("child1StatusCode"));
1085 StdStatusCode statusCode = new StdStatusCode(XACML3.ID_STATUS_OK, child1StatusCode);
1086 status = new StdMutableStatus(statusCode);
1087 status.setStatusMessage("I'm ok, you're ok");
1088 result.setStatus(status);
1089 result.setDecision(Decision.PERMIT);
1090 response.add(result);
1092 jsonResponse = JSONResponse.toString(response, false);
1093 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"StatusCode\":{\"Value\":\"child1StatusCode\"},\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:ok\"},\"StatusMessage\":\"I'm ok, you're ok\"},\"Decision\":\"Permit\"}]}", jsonResponse);
1094 } catch (Exception e) {
1095 fail("operation failed, e="+e);
1097 response = new StdMutableResponse();
1098 result = new StdMutableResult();
1099 status = new StdMutableStatus();
1100 StdStatusCode childChildChildStatusCode = new StdStatusCode(new IdentifierImpl("childChildChildStatusCode"));
1101 StdStatusCode childChildStatusCode = new StdStatusCode(new IdentifierImpl("childChildStatusCode"), childChildChildStatusCode);
1102 child1StatusCode = new StdStatusCode(new IdentifierImpl("child1StatusCode"), childChildStatusCode);
1103 statusCode = new StdStatusCode(XACML3.ID_STATUS_OK, child1StatusCode);
1104 status = new StdMutableStatus(statusCode);
1105 status.setStatusMessage("I'm ok, you're ok");
1106 result.setStatus(status);
1107 result.setDecision(Decision.PERMIT);
1108 response.add(result);
1110 jsonResponse = JSONResponse.toString(response, false);
1111 assertEquals("{\"Response\":[{\"Status\":{\"StatusCode\":{\"StatusCode\":{\"StatusCode\":{\"StatusCode\":{\"Value\":\"childChildChildStatusCode\"},\"Value\":\"childChildStatusCode\"},\"Value\":\"child1StatusCode\"},\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:ok\"},\"StatusMessage\":\"I'm ok, you're ok\"},\"Decision\":\"Permit\"}]}", jsonResponse);
1112 } catch (Exception e) {
1113 fail("operation failed, e="+e);
1121 public void testObligations() {
1123 // create an XPathExpression for use later
1124 StringNamespaceContext snc = new StringNamespaceContext();
1126 snc.add("defaultURI");
1127 snc.add("md", "referenceForMD");
1128 } catch (Exception e) {
1129 fail("unable to create NamespaceContext e="+e);
1131 XPathExpressionWrapper xpathExpressionWrapper = new XPathExpressionWrapper(snc, "//md:record");
1132 XPathExpressionWrapper xpathExpressionWrapper2 = new XPathExpressionWrapper(snc, "//md:hospital");
1134 StdMutableObligation obligation;
1136 // test Obligation single decision no attributes
1137 response = new StdMutableResponse();
1138 result = new StdMutableResult();
1139 result.setDecision(Decision.PERMIT);
1140 obligation = new StdMutableObligation();
1141 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1142 result.addObligation(obligation);
1143 response.add(result);
1145 jsonResponse = JSONResponse.toString(response, false);
1146 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\"}],\"Decision\":\"Permit\"}]}", jsonResponse);
1147 } catch (Exception e) {
1148 fail("operation failed, e="+e);
1151 // obligation missing Id
1152 response = new StdMutableResponse();
1153 result = new StdMutableResult();
1154 result.setDecision(Decision.PERMIT);
1155 obligation = new StdMutableObligation();
1156 result.addObligation(obligation);
1157 response.add(result);
1159 jsonResponse = JSONResponse.toString(response, false);
1160 fail("Operation should throw exception");
1161 } catch (JSONStructureException e) {
1163 } catch (Exception e) {
1164 fail ("Failed convert from JSON to object: " + e);
1169 // AttributeAssignment - with AttributeId, Value, Category, DataType, Issuer
1170 response = new StdMutableResponse();
1171 result = new StdMutableResult();
1172 result.setDecision(Decision.PERMIT);
1173 obligation = new StdMutableObligation();
1174 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1175 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1176 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1178 "obligation-issuer1",
1179 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1180 result.addObligation(obligation);
1181 response.add(result);
1183 jsonResponse = JSONResponse.toString(response, false);
1184 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"obligation-issuer1\",\"Value\":\"Bart\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1185 } catch (Exception e) {
1186 fail("operation failed, e="+e);
1190 // AttributeAssignment - with AttributeId, Value, no Category, DataType, Issuer
1191 response = new StdMutableResponse();
1192 result = new StdMutableResult();
1193 result.setDecision(Decision.PERMIT);
1194 obligation = new StdMutableObligation();
1195 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1196 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1199 "obligation-issuer1",
1200 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1201 result.addObligation(obligation);
1202 response.add(result);
1204 jsonResponse = JSONResponse.toString(response, false);
1205 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"obligation-issuer1\",\"Value\":\"Bart\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1206 } catch (Exception e) {
1207 fail("operation failed, e="+e);
1210 // AttributeAssignment - Missing AttributeId
1211 response = new StdMutableResponse();
1212 result = new StdMutableResult();
1213 result.setDecision(Decision.PERMIT);
1214 obligation = new StdMutableObligation();
1215 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1216 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1217 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1219 "obligation-issuer1",
1220 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1221 result.addObligation(obligation);
1222 response.add(result);
1224 jsonResponse = JSONResponse.toString(response, false);
1225 fail("Operation should throw exception");
1226 } catch (JSONStructureException e) {
1228 } catch (Exception e) {
1229 fail ("Failed convert from JSON to object: " + e);
1232 // AttributeAssignment - Missing Value
1233 response = new StdMutableResponse();
1234 result = new StdMutableResult();
1235 result.setDecision(Decision.PERMIT);
1236 obligation = new StdMutableObligation();
1237 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1238 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1239 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1241 "obligation-issuer1",
1243 result.addObligation(obligation);
1244 response.add(result);
1246 jsonResponse = JSONResponse.toString(response, false);
1247 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"obligation-issuer1\",\"Value\":\"\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1248 } catch (Exception e) {
1249 fail("operation failed, e="+e);
1252 // AttributeAssignment - missing DataType
1253 response = new StdMutableResponse();
1254 result = new StdMutableResult();
1255 result.setDecision(Decision.PERMIT);
1256 obligation = new StdMutableObligation();
1257 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1258 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1259 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1261 "obligation-issuer1",
1262 new StdAttributeValue<String>(null, "Bart")));
1263 result.addObligation(obligation);
1264 response.add(result);
1266 jsonResponse = JSONResponse.toString(response, false);
1267 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"obligation-issuer1\",\"Value\":\"Bart\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1268 } catch (Exception e) {
1269 fail("operation failed, e="+e);
1272 // AttributeAssignment - missing issuer
1273 response = new StdMutableResponse();
1274 result = new StdMutableResult();
1275 result.setDecision(Decision.PERMIT);
1276 obligation = new StdMutableObligation();
1277 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1278 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1279 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1282 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1283 result.addObligation(obligation);
1284 response.add(result);
1286 jsonResponse = JSONResponse.toString(response, false);
1287 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Value\":\"Bart\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1288 } catch (Exception e) {
1289 fail("operation failed, e="+e);
1292 // AttributeAssignment - Integer type
1293 response = new StdMutableResponse();
1294 result = new StdMutableResult();
1295 result.setDecision(Decision.PERMIT);
1296 obligation = new StdMutableObligation();
1297 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1298 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1299 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1302 new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(1111))));
1303 result.addObligation(obligation);
1304 response.add(result);
1306 jsonResponse = JSONResponse.toString(response, false);
1307 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Value\":1111,\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1308 } catch (Exception e) {
1309 fail("operation failed, e="+e);
1313 // AttributeAssignment - XPathExpression type
1314 response = new StdMutableResponse();
1315 result = new StdMutableResult();
1316 result.setDecision(Decision.PERMIT);
1317 obligation = new StdMutableObligation();
1318 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1319 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1320 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1323 new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper, new IdentifierImpl("SimpleXPathCategory"))));
1324 result.addObligation(obligation);
1325 response.add(result);
1327 jsonResponse = JSONResponse.toString(response, false);
1328 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Value\":{\"Namespaces\":[{\"Namespace\":\"referenceForMD\",\"Prefix\":\"md\"},{\"Namespace\":\"defaultURI\"}],\"XPathCategory\":\"SimpleXPathCategory\",\"XPath\":\"//md:record\"},\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1329 } catch (Exception e) {
1330 fail("operation failed, e="+e);
1337 // Technically arrays cannot occur in Obligations and Advice elements. The XML spec boils down to the following definition:
1338 // <Obligation (attributes of the obligation) >
1339 // <AttributeAssignment (attributes of this assignment) >value</AttributeAssignment>
1340 // <AttributeAssignment (attributes of this assignment) >value</AttributeAssignment>
1343 // which means that there may be multiple AttributeAssignments but each one has only one value.
1344 // This differs from the Attributes section in which each <Attribute> may have multiple <AttributeValue> elements.
1345 // For Obligations and Advice we can simulate an array by having multiple AttributeAssignment elements with the same Category, Id and Issuer.
1349 // AttributeAssignment - Multiple values with same Category and Id (one way of doing array)
1350 response = new StdMutableResponse();
1351 result = new StdMutableResult();
1352 result.setDecision(Decision.PERMIT);
1353 obligation = new StdMutableObligation();
1354 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1355 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1356 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1358 "obligation-issuer1",
1359 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1360 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1361 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1363 "obligation-issuer1",
1364 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Lisa")));
1365 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1366 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1368 "obligation-issuer1",
1369 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Maggie")));
1370 result.addObligation(obligation);
1371 response.add(result);
1373 jsonResponse = JSONResponse.toString(response, false);
1374 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"obligation-issuer1\",\"Value\":\"Bart\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"obligation-issuer1\",\"Value\":\"Lisa\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"obligation-issuer1\",\"Value\":\"Maggie\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1375 } catch (Exception e) {
1376 fail("operation failed, e="+e);
1380 // AttributeAssignment - Multiple Integer values with same Category and Id (one way of doing array)
1381 response = new StdMutableResponse();
1382 result = new StdMutableResult();
1383 result.setDecision(Decision.PERMIT);
1384 obligation = new StdMutableObligation();
1385 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1386 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1387 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1389 "obligation-issuer1",
1390 new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(1111))));
1391 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1392 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1394 "obligation-issuer1",
1395 new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(2222))));
1396 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1397 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1399 "obligation-issuer1",
1400 new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(3333))));
1401 result.addObligation(obligation);
1402 response.add(result);
1404 jsonResponse = JSONResponse.toString(response, false);
1405 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"obligation-issuer1\",\"Value\":1111,\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"obligation-issuer1\",\"Value\":2222,\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"obligation-issuer1\",\"Value\":3333,\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1406 } catch (Exception e) {
1407 fail("operation failed, e="+e);
1411 // Multiple XPathExpression values with same Category and Id (one way of doing array)
1412 response = new StdMutableResponse();
1413 result = new StdMutableResult();
1414 result.setDecision(Decision.PERMIT);
1415 obligation = new StdMutableObligation();
1416 obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1417 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1418 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1421 new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper, new IdentifierImpl("SimpleXPathCategory"))));
1422 obligation.addAttributeAssignment(new StdMutableAttributeAssignment(
1423 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1426 new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper2, new IdentifierImpl("SimpleXPathCategory"))));
1427 result.addObligation(obligation);
1428 response.add(result);
1430 jsonResponse = JSONResponse.toString(response, false);
1431 assertEquals("{\"Response\":[{\"Obligations\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Value\":{\"Namespaces\":[{\"Namespace\":\"referenceForMD\",\"Prefix\":\"md\"},{\"Namespace\":\"defaultURI\"}],\"XPathCategory\":\"SimpleXPathCategory\",\"XPath\":\"//md:record\"},\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Value\":{\"Namespaces\":[{\"Namespace\":\"referenceForMD\",\"Prefix\":\"md\"},{\"Namespace\":\"defaultURI\"}],\"XPathCategory\":\"SimpleXPathCategory\",\"XPath\":\"//md:hospital\"},\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1432 } catch (Exception e) {
1433 fail("operation failed, e="+e);
1442 public void testAdvice() {
1444 // create an XPathExpression for use later
1445 StringNamespaceContext snc = new StringNamespaceContext();
1447 snc.add("defaultURI");
1448 snc.add("md", "referenceForMD");
1449 } catch (Exception e) {
1450 fail("unable to create NamespaceContext e="+e);
1452 XPathExpressionWrapper xpathExpressionWrapper = new XPathExpressionWrapper(snc, "//md:record");
1453 XPathExpressionWrapper xpathExpressionWrapper2 = new XPathExpressionWrapper(snc, "//md:hospital");
1455 StdMutableAdvice Advice;
1457 // test Advice single decision no attributes
1458 response = new StdMutableResponse();
1459 result = new StdMutableResult();
1460 result.setDecision(Decision.PERMIT);
1461 Advice = new StdMutableAdvice();
1462 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1463 result.addAdvice(Advice);
1464 response.add(result);
1466 jsonResponse = JSONResponse.toString(response, false);
1467 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\"}]}]}", jsonResponse);
1468 } catch (Exception e) {
1469 fail("operation failed, e="+e);
1472 // Advice missing Id
1473 response = new StdMutableResponse();
1474 result = new StdMutableResult();
1475 result.setDecision(Decision.PERMIT);
1476 Advice = new StdMutableAdvice();
1477 result.addAdvice(Advice);
1478 response.add(result);
1480 jsonResponse = JSONResponse.toString(response, false);
1481 fail("Operation should throw exception");
1482 } catch (JSONStructureException e) {
1484 } catch (Exception e) {
1485 fail ("Failed convert from JSON to object: " + e);
1490 // AttributeAssignment - with AttributeId, Value, Category, DataType, Issuer
1491 response = new StdMutableResponse();
1492 result = new StdMutableResult();
1493 result.setDecision(Decision.PERMIT);
1494 Advice = new StdMutableAdvice();
1495 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1496 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1497 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1500 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1501 result.addAdvice(Advice);
1502 response.add(result);
1504 jsonResponse = JSONResponse.toString(response, false);
1505 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"Advice-issuer1\",\"Value\":\"Bart\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1506 } catch (Exception e) {
1507 fail("operation failed, e="+e);
1511 // AttributeAssignment - with AttributeId, Value, no Category, DataType, Issuer
1512 response = new StdMutableResponse();
1513 result = new StdMutableResult();
1514 result.setDecision(Decision.PERMIT);
1515 Advice = new StdMutableAdvice();
1516 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1517 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1521 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1522 result.addAdvice(Advice);
1523 response.add(result);
1525 jsonResponse = JSONResponse.toString(response, false);
1526 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"Advice-issuer1\",\"Value\":\"Bart\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1527 } catch (Exception e) {
1528 fail("operation failed, e="+e);
1531 // AttributeAssignment - Missing AttributeId
1532 response = new StdMutableResponse();
1533 result = new StdMutableResult();
1534 result.setDecision(Decision.PERMIT);
1535 Advice = new StdMutableAdvice();
1536 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1537 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1538 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1541 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1542 result.addAdvice(Advice);
1543 response.add(result);
1545 jsonResponse = JSONResponse.toString(response, false);
1546 fail("Operation should throw exception");
1547 } catch (JSONStructureException e) {
1549 } catch (Exception e) {
1550 fail ("Failed convert from JSON to object: " + e);
1553 // AttributeAssignment - Missing Value
1554 response = new StdMutableResponse();
1555 result = new StdMutableResult();
1556 result.setDecision(Decision.PERMIT);
1557 Advice = new StdMutableAdvice();
1558 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1559 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1560 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1564 result.addAdvice(Advice);
1565 response.add(result);
1567 jsonResponse = JSONResponse.toString(response, false);
1568 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"Advice-issuer1\",\"Value\":\"\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1569 } catch (Exception e) {
1570 fail("operation failed, e="+e);
1573 // AttributeAssignment - missing DataType
1574 response = new StdMutableResponse();
1575 result = new StdMutableResult();
1576 result.setDecision(Decision.PERMIT);
1577 Advice = new StdMutableAdvice();
1578 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1579 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1580 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1583 new StdAttributeValue<String>(null, "Bart")));
1584 result.addAdvice(Advice);
1585 response.add(result);
1587 jsonResponse = JSONResponse.toString(response, false);
1588 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"Advice-issuer1\",\"Value\":\"Bart\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1589 } catch (Exception e) {
1590 fail("operation failed, e="+e);
1593 // AttributeAssignment - missing issuer
1594 response = new StdMutableResponse();
1595 result = new StdMutableResult();
1596 result.setDecision(Decision.PERMIT);
1597 Advice = new StdMutableAdvice();
1598 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1599 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1600 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1603 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1604 result.addAdvice(Advice);
1605 response.add(result);
1607 jsonResponse = JSONResponse.toString(response, false);
1608 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Value\":\"Bart\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1609 } catch (Exception e) {
1610 fail("operation failed, e="+e);
1613 // AttributeAssignment - Integer type
1614 response = new StdMutableResponse();
1615 result = new StdMutableResult();
1616 result.setDecision(Decision.PERMIT);
1617 Advice = new StdMutableAdvice();
1618 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1619 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1620 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1623 new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(1111))));
1624 result.addAdvice(Advice);
1625 response.add(result);
1627 jsonResponse = JSONResponse.toString(response, false);
1628 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Value\":1111,\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1629 } catch (Exception e) {
1630 fail("operation failed, e="+e);
1634 // AttributeAssignment - XPathExpression type
1635 response = new StdMutableResponse();
1636 result = new StdMutableResult();
1637 result.setDecision(Decision.PERMIT);
1638 Advice = new StdMutableAdvice();
1639 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1640 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1641 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1644 new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper, new IdentifierImpl("SimpleXPathCategory"))));
1645 result.addAdvice(Advice);
1646 response.add(result);
1648 jsonResponse = JSONResponse.toString(response, false);
1649 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Value\":{\"Namespaces\":[{\"Namespace\":\"referenceForMD\",\"Prefix\":\"md\"},{\"Namespace\":\"defaultURI\"}],\"XPathCategory\":\"SimpleXPathCategory\",\"XPath\":\"//md:record\"},\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1650 } catch (Exception e) {
1651 fail("operation failed, e="+e);
1658 // Technically arrays cannot occur in Obligations and Advice elements. The XML spec boils down to the following definition:
1659 // <Obligation (attributes of the obligation) >
1660 // <AttributeAssignment (attributes of this assignment) >value</AttributeAssignment>
1661 // <AttributeAssignment (attributes of this assignment) >value</AttributeAssignment>
1664 // which means that there may be multiple AttributeAssignments but each one has only one value.
1665 // This differs from the Attributes section in which each <Attribute> may have multiple <AttributeValue> elements.
1666 // For Obligations and Advice we can simulate an array by having multiple AttributeAssignment elements with the same Category, Id and Issuer.
1669 // AttributeAssignment - Multiple values with same Category and Id (one way of doing array)
1670 response = new StdMutableResponse();
1671 result = new StdMutableResult();
1672 result.setDecision(Decision.PERMIT);
1673 Advice = new StdMutableAdvice();
1674 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1675 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1676 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1679 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart")));
1680 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1681 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1684 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Lisa")));
1685 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1686 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1689 new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Maggie")));
1690 result.addAdvice(Advice);
1691 response.add(result);
1693 jsonResponse = JSONResponse.toString(response, false);
1694 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"Advice-issuer1\",\"Value\":\"Bart\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"Advice-issuer1\",\"Value\":\"Lisa\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"Advice-issuer1\",\"Value\":\"Maggie\",\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1695 } catch (Exception e) {
1696 fail("operation failed, e="+e);
1700 // AttributeAssignment - Multiple Integer values with same Category and Id (one way of doing array)
1701 response = new StdMutableResponse();
1702 result = new StdMutableResult();
1703 result.setDecision(Decision.PERMIT);
1704 Advice = new StdMutableAdvice();
1705 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1706 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1707 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1710 new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(1111))));
1711 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1712 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1715 new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(2222))));
1716 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1717 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1720 new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(3333))));
1721 result.addAdvice(Advice);
1722 response.add(result);
1724 jsonResponse = JSONResponse.toString(response, false);
1725 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Issuer\":\"Advice-issuer1\",\"Value\":1111,\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"Advice-issuer1\",\"Value\":2222,\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Issuer\":\"Advice-issuer1\",\"Value\":3333,\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1726 } catch (Exception e) {
1727 fail("operation failed, e="+e);
1731 // Multiple XPathExpression values with same Category and Id (one way of doing array)
1732 response = new StdMutableResponse();
1733 result = new StdMutableResult();
1734 result.setDecision(Decision.PERMIT);
1735 Advice = new StdMutableAdvice();
1736 Advice.setId(XACML3.ID_ACTION_IMPLIED_ACTION);
1737 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1738 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1741 new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper, new IdentifierImpl("SimpleXPathCategory"))));
1742 Advice.addAttributeAssignment(new StdMutableAttributeAssignment(
1743 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
1746 new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper2, new IdentifierImpl("SimpleXPathCategory"))));
1747 result.addAdvice(Advice);
1748 response.add(result);
1750 jsonResponse = JSONResponse.toString(response, false);
1751 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"AssociatedAdvice\":[{\"Id\":\"urn:oasis:names:tc:xacml:1.0:action:implied-action\",\"AttributeAssignment\":[{\"Value\":{\"Namespaces\":[{\"Namespace\":\"referenceForMD\",\"Prefix\":\"md\"},{\"Namespace\":\"defaultURI\"}],\"XPathCategory\":\"SimpleXPathCategory\",\"XPath\":\"//md:record\"},\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"},{\"Value\":{\"Namespaces\":[{\"Namespace\":\"referenceForMD\",\"Prefix\":\"md\"},{\"Namespace\":\"defaultURI\"}],\"XPathCategory\":\"SimpleXPathCategory\",\"XPath\":\"//md:hospital\"},\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"DataType\":\"urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression\",\"AttributeId\":\"urn:oasis:names:tc:xacml:1.0:subject\"}]}]}]}", jsonResponse);
1752 } catch (Exception e) {
1753 fail("operation failed, e="+e);
1768 public void testAttributes() {
1770 // create an XPathExpression for use later
1771 StringNamespaceContext snc = new StringNamespaceContext();
1773 snc.add("defaultURI");
1774 snc.add("md", "referenceForMD");
1775 } catch (Exception e) {
1776 fail("unable to create NamespaceContext e="+e);
1778 XPathExpressionWrapper xpathExpressionWrapper = new XPathExpressionWrapper(snc, "//md:record");
1781 Identifier categoryIdentifier;
1782 List<Attribute> attrList = new ArrayList<Attribute>();
1783 StdMutableAttribute mutableAttribute;
1785 // Attr list with no entries
1786 response = new StdMutableResponse();
1787 result = new StdMutableResult();
1788 result.setDecision(Decision.PERMIT);
1789 categoryIdentifier = new IdentifierImpl("firstCategory");
1791 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1792 response.add(result);
1794 jsonResponse = JSONResponse.toString(response, false);
1795 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1796 } catch (Exception e) {
1797 fail("operation failed, e="+e);
1802 response = new StdMutableResponse();
1803 result = new StdMutableResult();
1804 result.setDecision(Decision.PERMIT);
1805 categoryIdentifier = new IdentifierImpl("firstCategory");
1807 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true));
1808 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1809 response.add(result);
1811 jsonResponse = JSONResponse.toString(response, false);
1812 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1813 } catch (Exception e) {
1814 fail("operation failed, e="+e);
1817 // multiple attributes
1818 response = new StdMutableResponse();
1819 result = new StdMutableResult();
1820 result.setDecision(Decision.PERMIT);
1821 categoryIdentifier = new IdentifierImpl("firstCategory");
1823 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true));
1824 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent2"), new StdAttributeValue<String>(DataTypes.DT_YEARMONTHDURATION.getId(), "P10Y4M"), "BIssue", true));
1825 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent3"), new StdAttributeValue<Double>(DataTypes.DT_DOUBLE.getId(), 765.432), "CIssue", true));
1826 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent4"), new StdAttributeValue<Boolean>(DataTypes.DT_BOOLEAN.getId(), true), "DIssue", true));
1827 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent5"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), "EIssue", true));
1828 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1829 response.add(result);
1831 jsonResponse = JSONResponse.toString(response, false);
1832 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"BIssue\",\"Value\":\"P10Y4M\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#yearMonthDuration\",\"AttributeId\":\"attrIdent2\"},{\"Issuer\":\"CIssue\",\"Value\":765.432,\"DataType\":\"http://www.w3.org/2001/XMLSchema#double\",\"AttributeId\":\"attrIdent3\"},{\"Issuer\":\"DIssue\",\"Value\":true,\"DataType\":\"http://www.w3.org/2001/XMLSchema#boolean\",\"AttributeId\":\"attrIdent4\"},{\"Issuer\":\"EIssue\",\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrIdent5\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1833 } catch (Exception e) {
1834 fail("operation failed, e="+e);
1837 // IncludeInResult=false/true
1838 response = new StdMutableResponse();
1839 result = new StdMutableResult();
1840 result.setDecision(Decision.PERMIT);
1841 categoryIdentifier = new IdentifierImpl("firstCategory");
1843 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", false));
1844 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1845 response.add(result);
1847 jsonResponse = JSONResponse.toString(response, false);
1848 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1849 } catch (Exception e) {
1850 fail("operation failed, e="+e);
1853 // Missing AttributeId (mandatory)
1854 response = new StdMutableResponse();
1855 result = new StdMutableResult();
1856 result.setDecision(Decision.PERMIT);
1857 categoryIdentifier = new IdentifierImpl("firstCategory");
1859 attrList.add(new StdAttribute(categoryIdentifier, null, new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true));
1860 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1861 response.add(result);
1863 jsonResponse = JSONResponse.toString(response, false);
1864 fail("Operation should throw exception");
1865 } catch (JSONStructureException e) {
1867 } catch (Exception e) {
1868 fail ("Failed convert from JSON to object: " + e);
1871 // Missing mandatory Value
1872 response = new StdMutableResponse();
1873 result = new StdMutableResult();
1874 result.setDecision(Decision.PERMIT);
1875 categoryIdentifier = new IdentifierImpl("firstCategory");
1877 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), null), "AIssue", true));
1878 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1879 response.add(result);
1881 jsonResponse = JSONResponse.toString(response, false);
1882 fail("Operation should throw exception");
1883 } catch (JSONStructureException e) {
1885 } catch (Exception e) {
1886 fail ("Failed convert from JSON to object: " + e);
1889 // Missing optional Issuer
1890 response = new StdMutableResponse();
1891 result = new StdMutableResult();
1892 result.setDecision(Decision.PERMIT);
1893 categoryIdentifier = new IdentifierImpl("firstCategory");
1895 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), null, true));
1896 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1897 response.add(result);
1899 jsonResponse = JSONResponse.toString(response, false);
1900 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1901 } catch (Exception e) {
1902 fail("operation failed, e="+e);
1905 // missing optional DataType
1906 response = new StdMutableResponse();
1907 result = new StdMutableResult();
1908 result.setDecision(Decision.PERMIT);
1909 categoryIdentifier = new IdentifierImpl("firstCategory");
1911 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(null, "Apu"), "AIssue", true));
1912 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1913 response.add(result);
1915 jsonResponse = JSONResponse.toString(response, false);
1916 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1917 } catch (Exception e) {
1918 fail("operation failed, e="+e);
1921 // same id, same type different issuer
1922 // (This is not an array of values because issuer is different)
1923 response = new StdMutableResponse();
1924 result = new StdMutableResult();
1925 result.setDecision(Decision.PERMIT);
1926 categoryIdentifier = new IdentifierImpl("firstCategory");
1928 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true));
1929 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart"), "BIssue", true));
1930 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Simpson"), "CIssue", true));
1931 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1932 response.add(result);
1934 jsonResponse = JSONResponse.toString(response, false);
1935 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"BIssue\",\"Value\":\"Bart\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"CIssue\",\"Value\":\"Simpson\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1936 } catch (Exception e) {
1937 fail("operation failed, e="+e);
1940 // same id, same type different issuer
1941 // (This is effectively an array of values, but we return them as separate values to the client)
1942 response = new StdMutableResponse();
1943 result = new StdMutableResult();
1944 result.setDecision(Decision.PERMIT);
1945 categoryIdentifier = new IdentifierImpl("firstCategory");
1947 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true));
1948 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart"), "AIssue", true));
1949 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Simpson"), "AIssue", true));
1950 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1951 response.add(result);
1953 jsonResponse = JSONResponse.toString(response, false);
1954 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"AIssue\",\"Value\":\"Bart\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"AIssue\",\"Value\":\"Simpson\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1955 } catch (Exception e) {
1956 fail("operation failed, e="+e);
1959 // same Id, different types, same issuer
1960 response = new StdMutableResponse();
1961 result = new StdMutableResult();
1962 result.setDecision(Decision.PERMIT);
1963 categoryIdentifier = new IdentifierImpl("firstCategory");
1965 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true));
1966 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_YEARMONTHDURATION.getId(), "P10Y4M"), "AIssue", true));
1967 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<Double>(DataTypes.DT_DOUBLE.getId(), 765.432), "AIssue", true));
1968 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<Boolean>(DataTypes.DT_BOOLEAN.getId(), true), "AIssue", true));
1969 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), "AIssue", true));
1970 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), "AIssue", true));
1971 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1972 response.add(result);
1974 jsonResponse = JSONResponse.toString(response, false);
1975 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"AIssue\",\"Value\":\"P10Y4M\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#yearMonthDuration\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"AIssue\",\"Value\":765.432,\"DataType\":\"http://www.w3.org/2001/XMLSchema#double\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"AIssue\",\"Value\":true,\"DataType\":\"http://www.w3.org/2001/XMLSchema#boolean\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"AIssue\",\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"AIssue\",\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1976 } catch (Exception e) {
1977 fail("operation failed, e="+e);
1980 // same Id, different types, different issuer
1981 response = new StdMutableResponse();
1982 result = new StdMutableResult();
1983 result.setDecision(Decision.PERMIT);
1984 categoryIdentifier = new IdentifierImpl("firstCategory");
1986 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true));
1987 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_YEARMONTHDURATION.getId(), "P10Y4M"), "BIssue", true));
1988 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<Double>(DataTypes.DT_DOUBLE.getId(), 765.432), "CIssue", true));
1989 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<Boolean>(DataTypes.DT_BOOLEAN.getId(), true), "DIssue", true));
1990 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), "EIssue", true));
1991 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), null, true));
1992 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
1993 response.add(result);
1995 jsonResponse = JSONResponse.toString(response, false);
1996 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"BIssue\",\"Value\":\"P10Y4M\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#yearMonthDuration\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"CIssue\",\"Value\":765.432,\"DataType\":\"http://www.w3.org/2001/XMLSchema#double\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"DIssue\",\"Value\":true,\"DataType\":\"http://www.w3.org/2001/XMLSchema#boolean\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"EIssue\",\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrIdent1\"},{\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
1997 } catch (Exception e) {
1998 fail("operation failed, e="+e);
2001 // different Id, different types, same issuer
2002 response = new StdMutableResponse();
2003 result = new StdMutableResult();
2004 result.setDecision(Decision.PERMIT);
2005 categoryIdentifier = new IdentifierImpl("firstCategory");
2007 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true));
2008 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent2"), new StdAttributeValue<String>(DataTypes.DT_YEARMONTHDURATION.getId(), "AIssue"), "BIssue", true));
2009 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent3"), new StdAttributeValue<Double>(DataTypes.DT_DOUBLE.getId(), 765.432), "AIssue", true));
2010 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent4"), new StdAttributeValue<Boolean>(DataTypes.DT_BOOLEAN.getId(), true), "AIssue", true));
2011 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent5"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), "AIssue", true));
2012 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
2013 response.add(result);
2015 jsonResponse = JSONResponse.toString(response, false);
2016 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"BIssue\",\"Value\":\"AIssue\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#yearMonthDuration\",\"AttributeId\":\"attrIdent2\"},{\"Issuer\":\"AIssue\",\"Value\":765.432,\"DataType\":\"http://www.w3.org/2001/XMLSchema#double\",\"AttributeId\":\"attrIdent3\"},{\"Issuer\":\"AIssue\",\"Value\":true,\"DataType\":\"http://www.w3.org/2001/XMLSchema#boolean\",\"AttributeId\":\"attrIdent4\"},{\"Issuer\":\"AIssue\",\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrIdent5\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
2017 } catch (Exception e) {
2018 fail("operation failed, e="+e);
2022 // one Attribute of type XPathExpression (the only complex data type)
2023 response = new StdMutableResponse();
2024 result = new StdMutableResult();
2025 result.setDecision(Decision.PERMIT);
2026 categoryIdentifier = new IdentifierImpl("firstCategory");
2028 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<XPathExpressionWrapper>(DataTypes.DT_XPATHEXPRESSION.getId(), xpathExpressionWrapper, new IdentifierImpl("xpathCategory")), "AIssue", true));
2029 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
2030 response.add(result);
2032 jsonResponse = JSONResponse.toString(response, false);
2033 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":{\"Namespaces\":[{\"Namespace\":\"referenceForMD\",\"Prefix\":\"md\"},{\"Namespace\":\"defaultURI\"}],\"XPathCategory\":\"xpathCategory\",\"XPath\":\"//md:record\"},\"DataType\":\"urn:oasis:names:tc:xacml:3.0:data-type:xpathExpression\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
2034 } catch (Exception e) {
2035 fail("operation failed, e="+e);
2039 // multiple sets of values
2040 response = new StdMutableResponse();
2041 result = new StdMutableResult();
2042 result.setDecision(Decision.PERMIT);
2043 categoryIdentifier = new IdentifierImpl("firstCategory");
2045 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"), "AIssue", true));
2046 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent2"), new StdAttributeValue<String>(DataTypes.DT_YEARMONTHDURATION.getId(), "P10Y4M"), "BIssue", false));
2047 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent3"), new StdAttributeValue<Double>(DataTypes.DT_DOUBLE.getId(), 765.432), "CIssue", true));
2048 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent4"), new StdAttributeValue<Boolean>(DataTypes.DT_BOOLEAN.getId(), true), "DIssue", true));
2049 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent5"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), "EIssue", true));
2050 attrList.add(new StdAttribute(categoryIdentifier, new IdentifierImpl("attrNoIssuer"), new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)), null, true));
2051 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
2052 categoryIdentifier = new IdentifierImpl("secondCategory");
2053 Attribute[] secondAttrList = {
2054 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent12"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu2"), "AIssue2", true),
2055 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent22"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Abc2"), "BIssue2", false),
2056 new StdAttribute(categoryIdentifier, new IdentifierImpl("attrIdent32"), new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Der2"), "CIssue2", true) };
2057 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, Arrays.asList(secondAttrList)));
2058 response.add(result);
2060 jsonResponse = JSONResponse.toString(response, false);
2061 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":\"Apu\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"},{\"Issuer\":\"CIssue\",\"Value\":765.432,\"DataType\":\"http://www.w3.org/2001/XMLSchema#double\",\"AttributeId\":\"attrIdent3\"},{\"Issuer\":\"DIssue\",\"Value\":true,\"DataType\":\"http://www.w3.org/2001/XMLSchema#boolean\",\"AttributeId\":\"attrIdent4\"},{\"Issuer\":\"EIssue\",\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrIdent5\"},{\"Value\":4567,\"DataType\":\"http://www.w3.org/2001/XMLSchema#integer\",\"AttributeId\":\"attrNoIssuer\"}]},{\"CategoryId\":\"secondCategory\",\"Attribute\":[{\"Issuer\":\"AIssue2\",\"Value\":\"Apu2\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent12\"},{\"Issuer\":\"CIssue2\",\"Value\":\"Der2\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent32\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
2062 } catch (Exception e) {
2063 fail("operation failed, e="+e);
2067 // array of values - same type
2068 response = new StdMutableResponse();
2069 result = new StdMutableResult();
2070 result.setDecision(Decision.PERMIT);
2072 categoryIdentifier = new IdentifierImpl("firstCategory");
2073 mutableAttribute = new StdMutableAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), (Collection<AttributeValue<?>>)null, "AIssue", true);
2075 mutableAttribute.addValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"));
2076 mutableAttribute.addValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Bart"));
2077 mutableAttribute.addValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Homer"));
2078 mutableAttribute.addValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Ned"));
2080 attrList.add(mutableAttribute);
2081 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
2082 response.add(result);
2084 jsonResponse = JSONResponse.toString(response, false);
2085 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":[\"Apu\",\"Bart\",\"Homer\",\"Ned\"],\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
2086 } catch (Exception e) {
2087 fail("operation failed, e="+e);
2091 // array of values - compatible different types
2092 response = new StdMutableResponse();
2093 result = new StdMutableResult();
2094 result.setDecision(Decision.PERMIT);
2096 categoryIdentifier = new IdentifierImpl("firstCategory");
2097 mutableAttribute = new StdMutableAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), (Collection<AttributeValue<?>>)null, "AIssue", true);
2099 mutableAttribute.addValue(new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)));
2100 mutableAttribute.addValue(new StdAttributeValue<Double>(DataTypes.DT_DOUBLE.getId(), 765.432));
2101 mutableAttribute.addValue(new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)));
2102 attrList.add(mutableAttribute);
2103 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
2104 response.add(result);
2106 jsonResponse = JSONResponse.toString(response, false);
2107 assertEquals("{\"Response\":[{\"Category\":[{\"CategoryId\":\"firstCategory\",\"Attribute\":[{\"Issuer\":\"AIssue\",\"Value\":[4567,765.432,4567],\"DataType\":\"http://www.w3.org/2001/XMLSchema#double\",\"AttributeId\":\"attrIdent1\"}]}],\"Decision\":\"Permit\"}]}", jsonResponse);
2108 } catch (Exception e) {
2109 fail("operation failed, e="+e);
2113 // array of values - incompatible different types
2114 response = new StdMutableResponse();
2115 result = new StdMutableResult();
2116 result.setDecision(Decision.PERMIT);
2118 categoryIdentifier = new IdentifierImpl("firstCategory");
2119 mutableAttribute = new StdMutableAttribute(categoryIdentifier, new IdentifierImpl("attrIdent1"), (Collection<AttributeValue<?>>)null, "AIssue", true);
2121 mutableAttribute.addValue(new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Apu"));
2122 mutableAttribute.addValue(new StdAttributeValue<String>(DataTypes.DT_YEARMONTHDURATION.getId(), "P10Y4M"));
2123 mutableAttribute.addValue(new StdAttributeValue<Double>(DataTypes.DT_DOUBLE.getId(), 765.432));
2124 mutableAttribute.addValue(new StdAttributeValue<Boolean>(DataTypes.DT_BOOLEAN.getId(), true));
2125 mutableAttribute.addValue(new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)));
2126 mutableAttribute.addValue(new StdAttributeValue<BigInteger>(DataTypes.DT_INTEGER.getId(), BigInteger.valueOf(4567)));
2127 attrList.add(mutableAttribute);
2128 result.addAttributeCategory(new StdAttributeCategory(categoryIdentifier, attrList));
2129 response.add(result);
2131 jsonResponse = JSONResponse.toString(response, false);
2132 fail("Operation should throw exception");
2133 } catch (JSONStructureException e) {
2135 } catch (Exception e) {
2136 fail ("Failed convert from JSON to object: " + e);
2145 // PolicyIdentifier tests
2147 public void testPolicyIdentifier() {
2149 StdIdReference policyIdentifier1 = null;
2150 StdIdReference policyIdentifier2 = null;
2151 StdIdReference policySetIdentifier1 = null;
2152 StdIdReference policySetIdentifier2 = null;
2154 // multiple PolicyIdentifiers of both types
2155 response = new StdMutableResponse();
2156 result = new StdMutableResult();
2157 result.setDecision(Decision.PERMIT);
2159 policyIdentifier1 = new StdIdReference(new IdentifierImpl("idRef1"), StdVersion.newInstance("1.2.3"));
2160 policyIdentifier2 = new StdIdReference(new IdentifierImpl("idRef2_NoVersion"));
2161 policySetIdentifier1 = new StdIdReference(new IdentifierImpl("idSetRef1"), StdVersion.newInstance("4.5.6.7.8.9.0"));
2162 policySetIdentifier2 = new StdIdReference(new IdentifierImpl("idSetRef2_NoVersion"));
2163 } catch (ParseException e1) {
2164 fail("creating policyIds, e="+e1);
2166 result.addPolicyIdentifier(policyIdentifier1);
2167 result.addPolicyIdentifier(policyIdentifier2);
2168 result.addPolicySetIdentifier(policySetIdentifier1);
2169 result.addPolicySetIdentifier(policySetIdentifier2);
2170 response.add(result);
2172 jsonResponse = JSONResponse.toString(response, false);
2173 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"PolicyIdentifier\":{\"PolicyIdReference\":[{\"Id\":\"idRef1\",\"Version\":\"1.2.3\"},{\"Id\":\"idRef2_NoVersion\"}],\"PolicySetIdReference\":[{\"Id\":\"idSetRef1\",\"Version\":\"4.5.6.7.8.9.0\"},{\"Id\":\"idSetRef2_NoVersion\"}]}}]}", jsonResponse);
2174 } catch (Exception e) {
2175 fail("operation failed, e="+e);
2179 // PolicyIdentifier exists but has no IdReferences
2180 response = new StdMutableResponse();
2181 result = new StdMutableResult();
2182 result.setDecision(Decision.PERMIT);
2183 policyIdentifier1 = null;
2184 result.addPolicyIdentifier(policyIdentifier1);
2185 response.add(result);
2187 jsonResponse = JSONResponse.toString(response, false);
2188 fail("Operation should throw exception");
2189 } catch (JSONStructureException e) {
2191 } catch (Exception e) {
2192 fail ("Failed convert from JSON to object: " + e);
2195 // PolicySetIdentifier exists but has not IdReferences
2196 response = new StdMutableResponse();
2197 result = new StdMutableResult();
2198 result.setDecision(Decision.PERMIT);
2199 policySetIdentifier1 = null;
2200 result.addPolicyIdentifier(policySetIdentifier1);
2201 response.add(result);
2203 jsonResponse = JSONResponse.toString(response, false);
2204 fail("Operation should throw exception");
2205 } catch (JSONStructureException e) {
2207 } catch (Exception e) {
2208 fail ("Failed convert from JSON to object: " + e);
2211 // PolicyIdentifier with PolicyIdReference and no PolicySetIdReference
2212 response = new StdMutableResponse();
2213 result = new StdMutableResult();
2214 result.setDecision(Decision.PERMIT);
2216 policyIdentifier1 = new StdIdReference(new IdentifierImpl("idRef1"), StdVersion.newInstance("1.2.3"));
2217 } catch (ParseException e1) {
2218 fail("creating policyIds, e="+e1);
2220 result.addPolicyIdentifier(policyIdentifier1);
2221 response.add(result);
2223 jsonResponse = JSONResponse.toString(response, false);
2224 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"PolicyIdentifier\":{\"PolicyIdReference\":[{\"Id\":\"idRef1\",\"Version\":\"1.2.3\"}]}}]}", jsonResponse);
2225 } catch (Exception e) {
2226 fail("operation failed, e="+e);
2231 // PolicyIdentifier with no PolicyIdReference and with PolicySetIdReference
2232 response = new StdMutableResponse();
2233 result = new StdMutableResult();
2234 result.setDecision(Decision.PERMIT);
2236 policySetIdentifier1 = new StdIdReference(new IdentifierImpl("idSetRef1"), StdVersion.newInstance("4.5.6.7.8.9.0"));
2237 } catch (ParseException e1) {
2238 fail("creating policyIds, e="+e1);
2240 result.addPolicySetIdentifier(policySetIdentifier1);
2241 response.add(result);
2243 jsonResponse = JSONResponse.toString(response, false);
2244 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"PolicyIdentifier\":{\"PolicySetIdReference\":[{\"Id\":\"idSetRef1\",\"Version\":\"4.5.6.7.8.9.0\"}]}}]}", jsonResponse);
2245 } catch (Exception e) {
2246 fail("operation failed, e="+e);
2250 // IdReferences without version
2251 response = new StdMutableResponse();
2252 result = new StdMutableResult();
2253 result.setDecision(Decision.PERMIT);
2255 policyIdentifier1 = new StdIdReference(new IdentifierImpl("idRef1"), null);
2256 policyIdentifier2 = new StdIdReference(new IdentifierImpl("idRef2_NoVersion"));
2257 policySetIdentifier1 = new StdIdReference(new IdentifierImpl("idSetRef1"));
2258 policySetIdentifier2 = new StdIdReference(new IdentifierImpl("idSetRef2_NoVersion"));
2260 result.addPolicyIdentifier(policyIdentifier1);
2261 result.addPolicyIdentifier(policyIdentifier2);
2262 result.addPolicySetIdentifier(policySetIdentifier1);
2263 result.addPolicySetIdentifier(policySetIdentifier2);
2264 response.add(result);
2266 jsonResponse = JSONResponse.toString(response, false);
2267 assertEquals("{\"Response\":[{\"Decision\":\"Permit\",\"PolicyIdentifier\":{\"PolicyIdReference\":[{\"Id\":\"idRef1\"},{\"Id\":\"idRef2_NoVersion\"}],\"PolicySetIdReference\":[{\"Id\":\"idSetRef1\"},{\"Id\":\"idSetRef2_NoVersion\"}]}}]}", jsonResponse);
2268 } catch (Exception e) {
2269 fail("operation failed, e="+e);