2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.policy.xacml.test.json;
23 import static org.junit.Assert.assertEquals;
24 import static org.junit.Assert.fail;
26 import org.junit.Test;
28 import com.att.research.xacml.api.Request;
29 import com.att.research.xacml.std.json.JSONRequest;
30 import com.att.research.xacml.std.json.JSONStructureException;
32 * Test JSON Request convert to object - Default Category object tests
35 * In Eclipse select this file or the enclosing directory, right-click and select Run As/JUnit Test
38 * The "correct" way to verify that each JSON string gets translated into our internal Objects correctly is to look explicitly at each of the child objects
39 * and verify that they are correct. This would involve a lot of coding to get child of child of child and individually verify each property of each element.
40 * To simplify testing we assume that request.toString() correctly includes a complete text representation of every sub-component of the Request object
41 * and we compare the resulting String to our expected String.
42 * This has two possible sources of error:
43 * - toString might not include some sub-component, and
44 * - the initial verification of the resulting string is done by hand and may have been incorrect.
48 public class RequestDefaultCategoryTest {
50 // The request object output from each test conversion from JSON string
55 * Request that uses all fields with both single and multiple entries
57 String allFieldsRequest =
59 "\"ReturnPolicyIdList\" : true ," +
60 "\"CombinedDecision\" : true ," +
61 "\"XPathVersion\" : \"http://www.w3.org/TR/1999/REC-xpath-19991116\"," +
62 "\"MultiRequests\" : {" +
63 "\"RequestReference\": [" +
65 "\"ReferenceId\" : [\"foo1\",\"bar1\"]" +
68 "\"ReferenceId\" : [\"foo2\",\"bar1\"]" +
74 "\"CategoryId\": \"custom-category\", " +
75 "\"Id\" : \"customId\", " +
78 "\"AttributeId\" : \"document-id\", " +
79 "\"DataType\" : \"integer\", " +
83 "\"AttributeId\" : \"document-url\", " +
84 "\"DataType\" : \"anyURI\", " +
85 "\"Value\" : \"http://somewhere.over.the.com/rainbow\" " +
88 "\"AttributeId\" : \"page-list\", " +
89 "\"Value\" : [1, 2, 3, 4.5, 3, 2, 1] " +
94 "\"CategoryId\": \"another-custom-cat\", " +
95 "\"Id\" : \"anotherXmlId\", " +
96 "\"Attribute\" : []" +
100 "\"AccessSubject\":{ " +
101 "\"Content\" : \"<?xml version=\\\"1.0\\\"?><catalog>" +
102 "<book id=\\\"bk101\\\"><author>Gambardella, Matthew</author><title>XML Developer's Guide</title><genre>Computer</genre>" +
103 "<price>44.95</price><publish_date>2000-10-01</publish_date><description>An in-depth look at creating applications with XML.</description>"+
104 "</book></catalog>\"," +
105 "\"Attribute\" : []" +
109 "\"Content\" : \"PD94bWwgdmVyc2lvbj0iMS4wIj8+PGNhdGFsb2c+PGJvb2sgaWQ9ImJrMTAxIj48YXV0aG9yPkdhbWJhcmRlbGxhLCBNYXR0aGV3PC9hdXRob3I+PHRpdGxlPlhNT" +
110 "CBEZXZlbG9wZXIncyBHdWlkZTwvdGl0bGU+PGdlbnJlPkNvbXB1dGVyPC9nZW5yZT48cHJpY2U+NDQuOTU8L3ByaWNlPjxwdWJsaXNoX2RhdGU+MjAwMC0xMC0wMTwvcHVibGlzaF"+
111 "9kYXRlPjxkZXNjcmlwdGlvbj5BbiBpbi1kZXB0aCBsb29rIGF0IGNyZWF0aW5nIGFwcGxpY2F0aW9ucyB3aXRoIFhNTC48L2Rlc2NyaXB0aW9uPjwvYm9vaz48L2NhdGFsb2c+\"" +
120 * The following example comes directly from the JSON Profile Spec
122 String exampleFromSpec = "{ " +
124 "\"AccessSubject\" : { " +
125 "\"Attribute\": [ " +
127 "\"Id\" : \"subject-id\", " +
128 "\"Value\" : \"Andreas\" " +
131 "\"Id\" : \"location\", " +
132 "\"Value\" : \"Gamla Stan\" " +
139 "\"Id\" : \"action-id\", " +
140 "\"Value\" : \"http://www.xacml.eu/buy\", " +
141 "\"DataType\" : \"anyURI\" " +
144 "\"Resource\" : { " +
145 "\"Attribute\": [ " +
147 "\"Id\" : \"book-title\", " +
148 "\"Value\" : \"Learn German in 90 days\" " +
151 "\"Id\" : \"currency\", " +
152 "\"Value\" : \"SEK\" " +
155 "\"Id\" : \"price\", " +
156 "\"Value\" : 123.34 " +
165 * The following example comes directly from the JSON Profile Spec (modified to include a "</Catalog>" missing from both examples).
166 * It shows the two ways of handling XPath content, as escaped XML and as Base64 encoding.
168 String xPathExampleFromSpec = "{ " +
170 "\"Resource\" : { " +
171 "\"Attribute\": [ " +
173 "\"Id\" : \"urn:oasis:names:tc:xacml:3.0:content-selector\", " +
174 "\"DataType\" : \"xpathExpression\", " +
176 "\"XPathCategory\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\", " +
177 "\"Namespaces\" : [{ " +
178 "\"Namespace\" : \"urn:oasis:names:tc:xacml:3.0:core:schema:wd-17\" " +
181 "\"Prefix\" : \"md\", " +
182 "\"Namespace\" : \"urn:example:med:schemas:record\" " +
185 "\"XPath\" : \"md:record/md:patient/md:patientDoB\" " +
194 // test Shorthand Category notation for elements not tested in their own section below.
195 // Categories that are more commonly used are fully tested.
196 // Given that the functions within the categories are the same irrespective of the name of the category,
197 // we assume that the contents of the category will work ok once the Shorthand notation is recognized, so all we need to test is the shorthand
198 // The ones that are tested in their own sections are:
205 public void testCategoryShorthand() {
207 // RecipientSubject present both as element within Category and as separate RecipientSubject element at same level as Category
209 request = JSONRequest.load("{\"Request\" : {"
211 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject\", \"Attribute\" : [{" +
212 "\"Id\" : \"document-id\", " +
213 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
215 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject\", \"Attribute\" : [{" +
216 "\"Id\" : \"document-id\", " +
217 "\"Value\" : \"aValue\"" +
220 "\"RecipientSubject\" : { " +
221 "\"Attribute\": [ " +
223 "\"Id\" : \"subject-id\", " +
224 "\"Value\" : \"Andreas\" " +
227 "\"Id\" : \"location\", " +
228 "\"Value\" : \"Gamla Stan\" " +
233 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
234 } catch (Exception e) {
235 fail ("Failed convert from JSON to object: " + e);
239 // IntermediarySubject present both as element within Category and as separate IntermediarySubject element at same level as Category
241 request = JSONRequest.load("{\"Request\" : {"
243 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject\", \"Attribute\" : [{" +
244 "\"Id\" : \"document-id\", " +
245 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
247 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject\", \"Attribute\" : [{" +
248 "\"Id\" : \"document-id\", " +
249 "\"Value\" : \"aValue\"" +
252 "\"IntermediarySubject\" : { " +
253 "\"Attribute\": [ " +
255 "\"Id\" : \"subject-id\", " +
256 "\"Value\" : \"Andreas\" " +
259 "\"Id\" : \"location\", " +
260 "\"Value\" : \"Gamla Stan\" " +
265 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:intermediary-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
266 } catch (Exception e) {
267 fail ("Failed convert from JSON to object: " + e);
271 // Codebase present both as element within Category and as separate Codebase element at same level as Category
273 request = JSONRequest.load("{\"Request\" : {"
275 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:codebase\", \"Attribute\" : [{" +
276 "\"Id\" : \"document-id\", " +
277 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
279 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:codebase\", \"Attribute\" : [{" +
280 "\"Id\" : \"document-id\", " +
281 "\"Value\" : \"aValue\"" +
284 "\"Codebase\" : { " +
285 "\"Attribute\": [ " +
287 "\"Id\" : \"subject-id\", " +
288 "\"Value\" : \"Andreas\" " +
291 "\"Id\" : \"location\", " +
292 "\"Value\" : \"Gamla Stan\" " +
297 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:codebase,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:codebase,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:codebase,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:codebase,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:codebase,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:codebase,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:codebase,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
298 } catch (Exception e) {
299 fail ("Failed convert from JSON to object: " + e);
304 // RequestingMachine present both as element within Category and as separate RequestingMachine element at same level as Category
306 request = JSONRequest.load("{\"Request\" : {"
308 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine\", \"Attribute\" : [{" +
309 "\"Id\" : \"document-id\", " +
310 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
312 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine\", \"Attribute\" : [{" +
313 "\"Id\" : \"document-id\", " +
314 "\"Value\" : \"aValue\"" +
317 "\"RequestingMachine\" : { " +
318 "\"Attribute\": [ " +
320 "\"Id\" : \"subject-id\", " +
321 "\"Value\" : \"Andreas\" " +
324 "\"Id\" : \"location\", " +
325 "\"Value\" : \"Gamla Stan\" " +
330 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:requesting-machine,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
331 } catch (Exception e) {
332 fail ("Failed convert from JSON to object: " + e);
351 // test AccessSubject
352 // Include test for backward compatibility with "Subject"
354 public void testAccessSubjectRequest() {
356 // AccessSubject absent
358 request = JSONRequest.load("{\"Request\" : {\"Category\": [{\"CategoryId\" : \"custom-category\", \"Attribute\" : [{" +
359 "\"Id\" : \"document-id\", " +
360 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
362 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=custom-category,attributes=[{attributeId=document-id,category=custom-category,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
363 } catch (Exception e) {
364 fail ("Failed convert from JSON to object: " + e);
367 // AccessSubject as normal element under Category (with CategoryId==subject category id)
369 request = JSONRequest.load("{\"Request\" : {\"Category\": [{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:access-subject\", \"Attribute\" : [{" +
370 "\"Id\" : \"document-id\", " +
371 "\"Value\" : \"aValue\" " +
373 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
374 } catch (Exception e) {
375 fail ("Failed convert from JSON to object: " + e);
378 // multiple AccessSubjects under Category
380 request = JSONRequest.load("{\"Request\" : {\"Category\": ["
381 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:access-subject\", \"Attribute\" : [{" +
382 "\"Id\" : \"document-id\", " +
383 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
385 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:access-subject\", \"Attribute\" : [{" +
386 "\"Id\" : \"document-id\", " +
387 "\"Value\" : \"aValue\"" +
390 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
391 } catch (Exception e) {
392 fail ("Failed convert from JSON to object: " + e);
395 // AccessSubject present both as element within Category and as separate AccessSubject element at same level as Category
397 request = JSONRequest.load("{\"Request\" : {"
399 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:access-subject\", \"Attribute\" : [{" +
400 "\"Id\" : \"document-id\", " +
401 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
403 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:access-subject\", \"Attribute\" : [{" +
404 "\"Id\" : \"document-id\", " +
405 "\"Value\" : \"aValue\"" +
408 "\"AccessSubject\" : { " +
409 "\"Attribute\": [ " +
411 "\"Id\" : \"subject-id\", " +
412 "\"Value\" : \"Andreas\" " +
415 "\"Id\" : \"location\", " +
416 "\"Value\" : \"Gamla Stan\" " +
421 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
422 } catch (Exception e) {
423 fail ("Failed convert from JSON to object: " + e);
426 // AccessSubject present, no other Category element
428 request = JSONRequest.load("{\"Request\" : {"
430 "\"AccessSubject\" : { " +
431 "\"Attribute\": [ " +
433 "\"Id\" : \"subject-id\", " +
434 "\"Value\" : \"Andreas\" " +
437 "\"Id\" : \"location\", " +
438 "\"Value\" : \"Gamla Stan\" " +
443 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
444 } catch (Exception e) {
445 fail ("Failed convert from JSON to object: " + e);
449 // Subject present, no other Category element (Backward Compatibility
451 request = JSONRequest.load("{\"Request\" : {"
454 "\"Attribute\": [ " +
456 "\"Id\" : \"subject-id\", " +
457 "\"Value\" : \"Andreas\" " +
460 "\"Id\" : \"location\", " +
461 "\"Value\" : \"Gamla Stan\" " +
466 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
467 } catch (Exception e) {
468 fail ("Failed convert from JSON to object: " + e);
471 // AccessSubject present, 1/multiple other Category element also present
473 request = JSONRequest.load("{\"Request\" : {"
475 + "{\"CategoryId\" : \"custom-category\", \"Attribute\" : [{" +
476 "\"Id\" : \"document-id\", " +
477 "\"Value\" : \"aValue\"" +
480 "\"AccessSubject\" : { " +
481 "\"Attribute\": [ " +
483 "\"Id\" : \"subject-id\", " +
484 "\"Value\" : \"Andreas\" " +
487 "\"Id\" : \"location\", " +
488 "\"Value\" : \"Gamla Stan\" " +
493 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=custom-category,attributes=[{attributeId=document-id,category=custom-category,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
494 } catch (Exception e) {
495 fail ("Failed convert from JSON to object: " + e);
498 // 2 AccessSubjects - duplicates fail
500 request = JSONRequest.load("{\"Request\" : {"
502 "\"AccessSubject\" : { " +
503 "\"Attribute\": [ " +
505 "\"Id\" : \"subject-id\", " +
506 "\"Value\" : \"Andreas\" " +
509 "\"Id\" : \"location\", " +
510 "\"Value\" : \"Gamla Stan\" " +
515 "\"AccessSubject\" : { " +
516 "\"Attribute\": [ " +
518 "\"Id\" : \"subject-id\", " +
519 "\"Value\" : \"Andreas\" " +
522 "\"Id\" : \"location\", " +
523 "\"Value\" : \"Gamla Stan\" " +
528 fail("Operation should throw exception");
529 } catch (JSONStructureException e) {
531 } catch (Exception e) {
532 fail ("Failed convert from JSON to object: " + e);
535 // AccessSubject with correct Category value
537 request = JSONRequest.load("{\"Request\" : {"
539 "\"AccessSubject\" : { " +
540 "\"CategoryId\" : \"urn:oasis:names:tc:xacml:1.0:subject-category:access-subject\" ," +
541 "\"Attribute\": [ " +
543 "\"Id\" : \"subject-id\", " +
544 "\"Value\" : \"Andreas\" " +
547 "\"Id\" : \"location\", " +
548 "\"Value\" : \"Gamla Stan\" " +
553 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
554 } catch (Exception e) {
555 fail ("Failed convert from JSON to object: " + e);
558 // AccessSubject with wrong Category value
560 request = JSONRequest.load("{\"Request\" : {"
562 "\"AccessSubject\" : { " +
563 "\"CategoryId\" : \"notthesubject\" ," +
564 "\"Attribute\": [ " +
566 "\"Id\" : \"subject-id\", " +
567 "\"Value\" : \"Andreas\" " +
570 "\"Id\" : \"location\", " +
571 "\"Value\" : \"Gamla Stan\" " +
576 fail("Operation should throw exception");
577 } catch (JSONStructureException e) {
579 } catch (Exception e) {
580 fail ("Failed convert from JSON to object: " + e);
583 // AccessSubject with array of sub-object AccessSubjects (Multi Decision)
585 request = JSONRequest.load("{\"Request\" : {"
587 "\"AccessSubject\" : ["
589 "\"Attribute\": [ " +
591 "\"Id\" : \"subject-id\", " +
592 "\"Value\" : \"Andreas\" " +
595 "\"Id\" : \"location\", " +
596 "\"Value\" : \"Gamla Stan\" " +
601 "\"Attribute\": [ " +
603 "\"Id\" : \"subject-id\", " +
604 "\"Value\" : \"Arless\" " +
607 "\"Id\" : \"location\", " +
608 "\"Value\" : \"Somewhere\" " +
613 "\"Attribute\": [ " +
615 "\"Id\" : \"subject-id\", " +
616 "\"Value\" : \"Barry\" " +
619 "\"Id\" : \"location\", " +
620 "\"Value\" : \"Elsewhere\" " +
626 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Arless}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Somewhere}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Barry}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:1.0:subject-category:access-subject,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Elsewhere}],includeInResults=false}]}}]}", request.toString());
627 } catch (Exception e) {
628 fail ("Failed convert from JSON to object: " + e);
641 // Action ... duplicate all AccessSubject tests...
644 public void testActionRequest() {
648 request = JSONRequest.load("{\"Request\" : {\"Category\": [{\"CategoryId\" : \"custom-category\", \"Attribute\" : [{" +
649 "\"Id\" : \"document-id\", " +
650 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
652 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=custom-category,attributes=[{attributeId=document-id,category=custom-category,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
653 } catch (Exception e) {
654 fail ("Failed convert from JSON to object: " + e);
657 // Action as normal element under Category (with CategoryId==subject category id)
659 request = JSONRequest.load("{\"Request\" : {\"Category\": [{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
660 "\"Id\" : \"document-id\", " +
661 "\"Value\" : \"aValue\" " +
663 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
664 } catch (Exception e) {
665 fail ("Failed convert from JSON to object: " + e);
668 // multiple Actions under Category
670 request = JSONRequest.load("{\"Request\" : {\"Category\": ["
671 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
672 "\"Id\" : \"document-id\", " +
673 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
675 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
676 "\"Id\" : \"document-id\", " +
677 "\"Value\" : \"aValue\"" +
680 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
681 } catch (Exception e) {
682 fail ("Failed convert from JSON to object: " + e);
685 // Action present both as element within Category and as separate Action element at same level as Category
687 request = JSONRequest.load("{\"Request\" : {"
689 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
690 "\"Id\" : \"document-id\", " +
691 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
693 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
694 "\"Id\" : \"document-id\", " +
695 "\"Value\" : \"aValue\"" +
699 "\"Attribute\": [ " +
701 "\"Id\" : \"subject-id\", " +
702 "\"Value\" : \"Andreas\" " +
705 "\"Id\" : \"location\", " +
706 "\"Value\" : \"Gamla Stan\" " +
711 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
712 } catch (Exception e) {
713 fail ("Failed convert from JSON to object: " + e);
716 // Action present, no other Category element
718 request = JSONRequest.load("{\"Request\" : {"
721 "\"Attribute\": [ " +
723 "\"Id\" : \"subject-id\", " +
724 "\"Value\" : \"Andreas\" " +
727 "\"Id\" : \"location\", " +
728 "\"Value\" : \"Gamla Stan\" " +
733 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
734 } catch (Exception e) {
735 fail ("Failed convert from JSON to object: " + e);
738 // Action present, 1/multiple other Category element also present
740 request = JSONRequest.load("{\"Request\" : {"
742 + "{\"CategoryId\" : \"custom-category\", \"Attribute\" : [{" +
743 "\"Id\" : \"document-id\", " +
744 "\"Value\" : \"aValue\"" +
748 "\"Attribute\": [ " +
750 "\"Id\" : \"subject-id\", " +
751 "\"Value\" : \"Andreas\" " +
754 "\"Id\" : \"location\", " +
755 "\"Value\" : \"Gamla Stan\" " +
760 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=custom-category,attributes=[{attributeId=document-id,category=custom-category,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
761 } catch (Exception e) {
762 fail ("Failed convert from JSON to object: " + e);
765 // 2 Actions - duplicates fail
767 request = JSONRequest.load("{\"Request\" : {"
770 "\"Attribute\": [ " +
772 "\"Id\" : \"subject-id\", " +
773 "\"Value\" : \"Andreas\" " +
776 "\"Id\" : \"location\", " +
777 "\"Value\" : \"Gamla Stan\" " +
783 "\"Attribute\": [ " +
785 "\"Id\" : \"subject-id\", " +
786 "\"Value\" : \"Andreas\" " +
789 "\"Id\" : \"location\", " +
790 "\"Value\" : \"Gamla Stan\" " +
795 fail("Operation should throw exception");
796 } catch (JSONStructureException e) {
798 } catch (Exception e) {
799 fail ("Failed convert from JSON to object: " + e);
802 // Action with correct Category value
804 request = JSONRequest.load("{\"Request\" : {"
807 "\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:action\" ," +
808 "\"Attribute\": [ " +
810 "\"Id\" : \"subject-id\", " +
811 "\"Value\" : \"Andreas\" " +
814 "\"Id\" : \"location\", " +
815 "\"Value\" : \"Gamla Stan\" " +
820 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
821 } catch (Exception e) {
822 fail ("Failed convert from JSON to object: " + e);
825 // Action with wrong Category value
827 request = JSONRequest.load("{\"Request\" : {"
830 "\"CategoryId\" : \"notthesubject\" ," +
831 "\"Attribute\": [ " +
833 "\"Id\" : \"subject-id\", " +
834 "\"Value\" : \"Andreas\" " +
837 "\"Id\" : \"location\", " +
838 "\"Value\" : \"Gamla Stan\" " +
843 fail("Operation should throw exception");
844 } catch (JSONStructureException e) {
846 } catch (Exception e) {
847 fail ("Failed convert from JSON to object: " + e);
850 // Action with array of sub-object Actions (Multi Decision)
852 request = JSONRequest.load("{\"Request\" : {"
856 "\"Attribute\": [ " +
858 "\"Id\" : \"subject-id\", " +
859 "\"Value\" : \"Andreas\" " +
862 "\"Id\" : \"location\", " +
863 "\"Value\" : \"Gamla Stan\" " +
868 "\"Attribute\": [ " +
870 "\"Id\" : \"subject-id\", " +
871 "\"Value\" : \"Arless\" " +
874 "\"Id\" : \"location\", " +
875 "\"Value\" : \"Somewhere\" " +
880 "\"Attribute\": [ " +
882 "\"Id\" : \"subject-id\", " +
883 "\"Value\" : \"Barry\" " +
886 "\"Id\" : \"location\", " +
887 "\"Value\" : \"Elsewhere\" " +
893 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Arless}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Somewhere}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Barry}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:action,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Elsewhere}],includeInResults=false}]}}]}", request.toString());
894 } catch (Exception e) {
895 fail ("Failed convert from JSON to object: " + e);
903 // Resource ... duplicate all AccessSubject tests...
906 public void testResourceRequest() {
910 request = JSONRequest.load("{\"Request\" : {\"Category\": [{\"CategoryId\" : \"custom-category\", \"Attribute\" : [{" +
911 "\"Id\" : \"document-id\", " +
912 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
914 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=custom-category,attributes=[{attributeId=document-id,category=custom-category,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
915 } catch (Exception e) {
916 fail ("Failed convert from JSON to object: " + e);
919 // Resource as normal element under Category (with CategoryId==subject category id)
921 request = JSONRequest.load("{\"Request\" : {\"Category\": [{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
922 "\"Id\" : \"document-id\", " +
923 "\"Value\" : \"aValue\" " +
925 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
926 } catch (Exception e) {
927 fail ("Failed convert from JSON to object: " + e);
930 // multiple Resources under Category
932 request = JSONRequest.load("{\"Request\" : {\"Category\": ["
933 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
934 "\"Id\" : \"document-id\", " +
935 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
937 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
938 "\"Id\" : \"document-id\", " +
939 "\"Value\" : \"aValue\"" +
942 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
943 } catch (Exception e) {
944 fail ("Failed convert from JSON to object: " + e);
947 // Resource present both as element within Category and as separate Resource element at same level as Category
949 request = JSONRequest.load("{\"Request\" : {"
951 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
952 "\"Id\" : \"document-id\", " +
953 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
955 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
956 "\"Id\" : \"document-id\", " +
957 "\"Value\" : \"aValue\"" +
960 "\"Resource\" : { " +
961 "\"Attribute\": [ " +
963 "\"Id\" : \"subject-id\", " +
964 "\"Value\" : \"Andreas\" " +
967 "\"Id\" : \"location\", " +
968 "\"Value\" : \"Gamla Stan\" " +
973 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
974 } catch (Exception e) {
975 fail ("Failed convert from JSON to object: " + e);
978 // Resource present, no other Category element
980 request = JSONRequest.load("{\"Request\" : {"
982 "\"Resource\" : { " +
983 "\"Attribute\": [ " +
985 "\"Id\" : \"subject-id\", " +
986 "\"Value\" : \"Andreas\" " +
989 "\"Id\" : \"location\", " +
990 "\"Value\" : \"Gamla Stan\" " +
995 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
996 } catch (Exception e) {
997 fail ("Failed convert from JSON to object: " + e);
1000 // Resource present, 1/multiple other Category element also present
1002 request = JSONRequest.load("{\"Request\" : {"
1004 + "{\"CategoryId\" : \"custom-category\", \"Attribute\" : [{" +
1005 "\"Id\" : \"document-id\", " +
1006 "\"Value\" : \"aValue\"" +
1009 "\"Resource\" : { " +
1010 "\"Attribute\": [ " +
1012 "\"Id\" : \"subject-id\", " +
1013 "\"Value\" : \"Andreas\" " +
1016 "\"Id\" : \"location\", " +
1017 "\"Value\" : \"Gamla Stan\" " +
1022 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=custom-category,attributes=[{attributeId=document-id,category=custom-category,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
1023 } catch (Exception e) {
1024 fail ("Failed convert from JSON to object: " + e);
1027 // 2 Resources - duplicates fail
1029 request = JSONRequest.load("{\"Request\" : {"
1031 "\"Resource\" : { " +
1032 "\"Attribute\": [ " +
1034 "\"Id\" : \"subject-id\", " +
1035 "\"Value\" : \"Andreas\" " +
1038 "\"Id\" : \"location\", " +
1039 "\"Value\" : \"Gamla Stan\" " +
1044 "\"Resource\" : { " +
1045 "\"Attribute\": [ " +
1047 "\"Id\" : \"subject-id\", " +
1048 "\"Value\" : \"Andreas\" " +
1051 "\"Id\" : \"location\", " +
1052 "\"Value\" : \"Gamla Stan\" " +
1057 fail("Operation should throw exception");
1058 } catch (JSONStructureException e) {
1060 } catch (Exception e) {
1061 fail ("Failed convert from JSON to object: " + e);
1064 // Resource with correct Category value
1066 request = JSONRequest.load("{\"Request\" : {"
1068 "\"Resource\" : { " +
1069 "\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\" ," +
1070 "\"Attribute\": [ " +
1072 "\"Id\" : \"subject-id\", " +
1073 "\"Value\" : \"Andreas\" " +
1076 "\"Id\" : \"location\", " +
1077 "\"Value\" : \"Gamla Stan\" " +
1082 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
1083 } catch (Exception e) {
1084 fail ("Failed convert from JSON to object: " + e);
1087 // Resource with wrong Category value
1089 request = JSONRequest.load("{\"Request\" : {"
1091 "\"Resource\" : { " +
1092 "\"CategoryId\" : \"notthesubject\" ," +
1093 "\"Attribute\": [ " +
1095 "\"Id\" : \"subject-id\", " +
1096 "\"Value\" : \"Andreas\" " +
1099 "\"Id\" : \"location\", " +
1100 "\"Value\" : \"Gamla Stan\" " +
1105 fail("Operation should throw exception");
1106 } catch (JSONStructureException e) {
1108 } catch (Exception e) {
1109 fail ("Failed convert from JSON to object: " + e);
1112 // Resource with array of sub-object Resources (Multi Decision)
1114 request = JSONRequest.load("{\"Request\" : {"
1118 "\"Attribute\": [ " +
1120 "\"Id\" : \"subject-id\", " +
1121 "\"Value\" : \"Andreas\" " +
1124 "\"Id\" : \"location\", " +
1125 "\"Value\" : \"Gamla Stan\" " +
1130 "\"Attribute\": [ " +
1132 "\"Id\" : \"subject-id\", " +
1133 "\"Value\" : \"Arless\" " +
1136 "\"Id\" : \"location\", " +
1137 "\"Value\" : \"Somewhere\" " +
1142 "\"Attribute\": [ " +
1144 "\"Id\" : \"subject-id\", " +
1145 "\"Value\" : \"Barry\" " +
1148 "\"Id\" : \"location\", " +
1149 "\"Value\" : \"Elsewhere\" " +
1155 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Arless}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Somewhere}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Barry}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:resource,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Elsewhere}],includeInResults=false}]}}]}", request.toString());
1156 } catch (Exception e) {
1157 fail ("Failed convert from JSON to object: " + e);
1167 // Environment ... duplicate all AccessSubject tests ...
1170 public void testEnvironmentRequest() {
1172 // Environment absent
1174 request = JSONRequest.load("{\"Request\" : {\"Category\": [{\"CategoryId\" : \"custom-category\", \"Attribute\" : [{" +
1175 "\"Id\" : \"document-id\", " +
1176 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
1178 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=custom-category,attributes=[{attributeId=document-id,category=custom-category,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
1179 } catch (Exception e) {
1180 fail ("Failed convert from JSON to object: " + e);
1183 // Environment as normal element under Category (with CategoryId==subject category id)
1185 request = JSONRequest.load("{\"Request\" : {\"Category\": [{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
1186 "\"Id\" : \"document-id\", " +
1187 "\"Value\" : \"aValue\" " +
1189 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
1190 } catch (Exception e) {
1191 fail ("Failed convert from JSON to object: " + e);
1194 // multiple Environments under Category
1196 request = JSONRequest.load("{\"Request\" : {\"Category\": ["
1197 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
1198 "\"Id\" : \"document-id\", " +
1199 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
1201 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
1202 "\"Id\" : \"document-id\", " +
1203 "\"Value\" : \"aValue\"" +
1206 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}]}", request.toString());
1207 } catch (Exception e) {
1208 fail ("Failed convert from JSON to object: " + e);
1211 // Environment present both as element within Category and as separate Environment element at same level as Category
1213 request = JSONRequest.load("{\"Request\" : {"
1215 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
1216 "\"Id\" : \"document-id\", " +
1217 "\"Value\" : [ \"aValue\", \"aValue\", \"aValue\" ] " +
1219 + "{\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\", \"Attribute\" : [{" +
1220 "\"Id\" : \"document-id\", " +
1221 "\"Value\" : \"aValue\"" +
1224 "\"Environment\" : { " +
1225 "\"Attribute\": [ " +
1227 "\"Id\" : \"subject-id\", " +
1228 "\"Value\" : \"Andreas\" " +
1231 "\"Id\" : \"location\", " +
1232 "\"Value\" : \"Gamla Stan\" " +
1237 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=document-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
1238 } catch (Exception e) {
1239 fail ("Failed convert from JSON to object: " + e);
1242 // Environment present, no other Category element
1244 request = JSONRequest.load("{\"Request\" : {"
1246 "\"Environment\" : { " +
1247 "\"Attribute\": [ " +
1249 "\"Id\" : \"subject-id\", " +
1250 "\"Value\" : \"Andreas\" " +
1253 "\"Id\" : \"location\", " +
1254 "\"Value\" : \"Gamla Stan\" " +
1259 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
1260 } catch (Exception e) {
1261 fail ("Failed convert from JSON to object: " + e);
1264 // Environment present, 1/multiple other Category element also present
1266 request = JSONRequest.load("{\"Request\" : {"
1268 + "{\"CategoryId\" : \"custom-category\", \"Attribute\" : [{" +
1269 "\"Id\" : \"document-id\", " +
1270 "\"Value\" : \"aValue\"" +
1273 "\"Environment\" : { " +
1274 "\"Attribute\": [ " +
1276 "\"Id\" : \"subject-id\", " +
1277 "\"Value\" : \"Andreas\" " +
1280 "\"Id\" : \"location\", " +
1281 "\"Value\" : \"Gamla Stan\" " +
1286 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=custom-category,attributes=[{attributeId=document-id,category=custom-category,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=aValue}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
1287 } catch (Exception e) {
1288 fail ("Failed convert from JSON to object: " + e);
1291 // 2 Environments - duplicates fail
1293 request = JSONRequest.load("{\"Request\" : {"
1295 "\"Environment\" : { " +
1296 "\"Attribute\": [ " +
1298 "\"Id\" : \"subject-id\", " +
1299 "\"Value\" : \"Andreas\" " +
1302 "\"Id\" : \"location\", " +
1303 "\"Value\" : \"Gamla Stan\" " +
1308 "\"Environment\" : { " +
1309 "\"Attribute\": [ " +
1311 "\"Id\" : \"subject-id\", " +
1312 "\"Value\" : \"Andreas\" " +
1315 "\"Id\" : \"location\", " +
1316 "\"Value\" : \"Gamla Stan\" " +
1321 fail("Operation should throw exception");
1322 } catch (JSONStructureException e) {
1324 } catch (Exception e) {
1325 fail ("Failed convert from JSON to object: " + e);
1328 // Environment with correct Category value
1330 request = JSONRequest.load("{\"Request\" : {"
1332 "\"Environment\" : { " +
1333 "\"CategoryId\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:environment\" ," +
1334 "\"Attribute\": [ " +
1336 "\"Id\" : \"subject-id\", " +
1337 "\"Value\" : \"Andreas\" " +
1340 "\"Id\" : \"location\", " +
1341 "\"Value\" : \"Gamla Stan\" " +
1346 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}]}", request.toString());
1347 } catch (Exception e) {
1348 fail ("Failed convert from JSON to object: " + e);
1351 // Environment with wrong Category value
1353 request = JSONRequest.load("{\"Request\" : {"
1355 "\"Environment\" : { " +
1356 "\"CategoryId\" : \"notthesubject\" ," +
1357 "\"Attribute\": [ " +
1359 "\"Id\" : \"subject-id\", " +
1360 "\"Value\" : \"Andreas\" " +
1363 "\"Id\" : \"location\", " +
1364 "\"Value\" : \"Gamla Stan\" " +
1369 fail("Operation should throw exception");
1370 } catch (JSONStructureException e) {
1372 } catch (Exception e) {
1373 fail ("Failed convert from JSON to object: " + e);
1376 // Environment with array of sub-object Environments (Multi Decision)
1378 request = JSONRequest.load("{\"Request\" : {"
1380 "\"Environment\" : ["
1382 "\"Attribute\": [ " +
1384 "\"Id\" : \"subject-id\", " +
1385 "\"Value\" : \"Andreas\" " +
1388 "\"Id\" : \"location\", " +
1389 "\"Value\" : \"Gamla Stan\" " +
1394 "\"Attribute\": [ " +
1396 "\"Id\" : \"subject-id\", " +
1397 "\"Value\" : \"Arless\" " +
1400 "\"Id\" : \"location\", " +
1401 "\"Value\" : \"Somewhere\" " +
1406 "\"Attribute\": [ " +
1408 "\"Id\" : \"subject-id\", " +
1409 "\"Value\" : \"Barry\" " +
1412 "\"Id\" : \"location\", " +
1413 "\"Value\" : \"Elsewhere\" " +
1419 assertEquals("{returnPolicyIdList=false,combinedDecision=false,requestAttributes=[{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Andreas}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Gamla Stan}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Arless}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Somewhere}],includeInResults=false}]}}{super={category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,attributes=[{attributeId=subject-id,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Barry}],includeInResults=false}{attributeId=location,category=urn:oasis:names:tc:xacml:3.0:attribute-category:environment,values=[{dataTypeId=http://www.w3.org/2001/XMLSchema#string,value=Elsewhere}],includeInResults=false}]}}]}", request.toString());
1420 } catch (Exception e) {
1421 fail ("Failed convert from JSON to object: " + e);
Code Review / policy / engine.git / blob