+
+ /**
+ * Process Decision Result.
+ *
+ * @param result input from Response.
+ * @return pdpResposne based on result.
+ */
+ private PDPResponse processDecisionResult(Result result) {
+ PDPResponse pdpResponse = new PDPResponse();
+ pdpResponse.setDecision(PolicyDecision.DENY);
+
+ if (!result.getDecision().equals(Decision.PERMIT)) {
+ LOGGER.info("processDecisionResult: Decision not a Permit. " + result.getDecision().toString());
+ String indeterminatePropValue = XACMLProperties.getProperty("decision.indeterminate.response");
+ if (result.getDecision().equals(Decision.INDETERMINATE) && indeterminatePropValue != null) {
+ if ("PERMIT".equalsIgnoreCase(indeterminatePropValue)) {
+ pdpResponse.setDecision(PolicyDecision.PERMIT);
+ } else {
+ pdpResponse.setDecision(PolicyDecision.DENY);
+ }
+ } else {
+ pdpResponse.setDecision(PolicyDecision.DENY);
+ }
+ for (Advice advice : result.getAssociatedAdvice()) {
+ for (AttributeAssignment attribute : advice.getAttributeAssignments()) {
+ pdpResponse.setDetails(attribute.getAttributeValue().getValue().toString());
+ break;
+ }
+ }
+ pdpResponse.setStatus(
+ XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Params passed: Decision not a Permit.",
+ PolicyResponseStatus.NO_ACTION_REQUIRED, PolicyConfigStatus.CONFIG_NOT_FOUND);
+ } else {
+ checkDecision(pdpResponse, result);
+ }
+ return pdpResponse;
+ }
+
+
+ /**
+ * Check for Decision for decision based calls.
+ *
+ * @param pdpResponseInput pdpResponse.
+ * @param result result.
+ * @return pdpResponse.
+ */
+ private PDPResponse checkDecision(PDPResponse pdpResponseInput, Result result) {
+ PDPResponse pdpResponse = pdpResponseInput;
+ // check for Decision for decision based calls.
+ pdpResponse.setDecision(PolicyDecision.PERMIT);
+
+ // if this is a Rainy Day treatment decision we need to get
+ // the selected treatment
+ if (!Strings.isNullOrEmpty(requestType) && RAINYDAY_TYPE.equals(requestType)) {
+ pdpResponse.setDetails(getRainyDayTreatment(result));
+ } else if (!Strings.isNullOrEmpty(requestType) && DECISION_MS_NAMING_TYPE.equals(requestType)) {
+ boolean configRetrieved = false;
+ for (Advice advice : result.getAssociatedAdvice()) {
+ configRetrieved = checkConfig(advice, configRetrieved, pdpResponse);
+ }
+ if (!configRetrieved) {
+ LOGGER.error(" Failed to retrieve Config data for " + DECISION_MS_NAMING_TYPE);
+ pdpResponse.setDetails("Error in retrieving Config Data");
+ }
+
+ } else {
+ pdpResponse.setDetails("Decision Permit. OK!");
+ }
+ return pdpResponse;
+ }
+
+ /**
+ * Check if there is a configuration.
+ *
+ * @param advice advice.
+ * @param configRetrieved boolean.
+ * @param pdpResponse pdpResposneInput.
+ * @return pdpResponse.
+ */
+ private boolean checkConfig(Advice advice, boolean configRetrieved, PDPResponse pdpResponse) {
+ for (AttributeAssignment attribute : advice.getAttributeAssignments()) {
+ if (attribute.getDataTypeId().stringValue().endsWith("anyURI")) {
+ String configUrl = attribute.getAttributeValue().getValue().toString();
+ String pdpConfigLocation =
+ configUrl.replace("$URL", XACMLProperties.getProperty(XACMLRestProperties.PROP_PDP_WEBAPPS));
+ // If there is a configuration.
+ try {
+ LOGGER.debug("processDecisionResult: Configuration Call to : " + configUrl);
+ pdpResponse = configCall(pdpConfigLocation);
+ pdpResponse.setDecision(PolicyDecision.PERMIT);
+ pdpResponse.setDetails(pdpResponse.getConfig());
+ configRetrieved = true;
+ break;
+ } catch (Exception e) {
+ LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + e);
+ LOGGER.error(" Failed to retrieve Config data for " + configUrl);
+ pdpResponse.setDetails("Error in retrieving Config Data from the Configuration URL " + configUrl);
+ }
+ }
+ }
+ return configRetrieved;
+ }
+