/usr/include/shibsp/attribute/filtering/MatchFunctor.h is in libshibsp-dev 2.6.0+dfsg1-4+deb9u1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 | /**
* Licensed to the University Corporation for Advanced Internet
* Development, Inc. (UCAID) under one or more contributor license
* agreements. See the NOTICE file distributed with this work for
* additional information regarding copyright ownership.
*
* UCAID licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License. You may obtain a copy of the
* License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the specific
* language governing permissions and limitations under the License.
*/
/**
* @file shibsp/attribute/filtering/MatchFunctor.h
*
* A function that evaluates whether an expressed criteria is met by the current filter context.
*/
#ifndef __shibsp_matchfunc_h__
#define __shibsp_matchfunc_h__
#include <shibsp/base.h>
namespace shibsp {
class SHIBSP_API Attribute;
class SHIBSP_API FilteringContext;
/**
* A function that evaluates whether an expressed criteria is met by the current filter context.
*/
class SHIBSP_API MatchFunctor
{
MAKE_NONCOPYABLE(MatchFunctor);
protected:
MatchFunctor();
public:
virtual ~MatchFunctor();
/**
* Evaluates this matching criteria. This evaluation is used when a filtering engine determines policy
* applicability.
*
* @param filterContext current filtering context
* @return true if the criteria for this matching function are met
* @throws AttributeFilteringException thrown if the function can not be evaluated
*/
virtual bool evaluatePolicyRequirement(const FilteringContext& filterContext) const=0;
/**
* Evaluates this matching criteria. This evaluation is used when a filtering engine is filtering attribute
* values.
*
* @param filterContext the current filtering context
* @param attribute the attribute being evaluated
* @param index the index of the attribute value being evaluated
* @return true if the criteria for this matching function are met
* @throws AttributeFilteringException thrown if the function can not be evaluated
*/
virtual bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const=0;
};
/** Always evaluates to true. */
extern SHIBSP_API xmltooling::QName AnyMatchFunctorType;
/** Conjunction MatchFunctor. */
extern SHIBSP_API xmltooling::QName AndMatchFunctorType;
/** Disjunction MatchFunctor. */
extern SHIBSP_API xmltooling::QName OrMatchFunctorType;
/** Negating MatchFunctor. */
extern SHIBSP_API xmltooling::QName NotMatchFunctorType;
/** Matches the issuing entity's name. */
extern SHIBSP_API xmltooling::QName AttributeIssuerStringType;
/** Matches the requesting entity's name. */
extern SHIBSP_API xmltooling::QName AttributeRequesterStringType;
/** Matches the principal's authentication method/class or context reference. */
extern SHIBSP_API xmltooling::QName AuthenticationMethodStringType;
/** Matches an attribute's string value. */
extern SHIBSP_API xmltooling::QName AttributeValueStringType;
/** Matches an attribute's "scope". */
extern SHIBSP_API xmltooling::QName AttributeScopeStringType;
/** Matches the issuing entity's name. */
extern SHIBSP_API xmltooling::QName AttributeIssuerRegexType;
/** Matches the requesting entity's name. */
extern SHIBSP_API xmltooling::QName AttributeRequesterRegexType;
/** Matches the principal's authentication method/class or context reference. */
extern SHIBSP_API xmltooling::QName AuthenticationMethodRegexType;
/** Matches an attribute's string value. */
extern SHIBSP_API xmltooling::QName AttributeValueRegexType;
/** Matches an attribute's "scope". */
extern SHIBSP_API xmltooling::QName AttributeScopeRegexType;
/** Matches based on the number of values. */
extern SHIBSP_API xmltooling::QName NumberOfAttributeValuesType;
/** Matches based on metadata groups of issuer. */
extern SHIBSP_API xmltooling::QName AttributeIssuerInEntityGroupType;
/** Matches based on metadata groups of requester. */
extern SHIBSP_API xmltooling::QName AttributeRequesterInEntityGroupType;
/** Matches based on metadata groups of requester. */
extern SHIBSP_API xmltooling::QName InEntityGroupType;
/** Matches based on entity attributes of issuer. */
extern SHIBSP_API xmltooling::QName AttributeIssuerEntityAttributeExactMatchType;
/** Matches based on entity attributes of requester. */
extern SHIBSP_API xmltooling::QName AttributeRequesterEntityAttributeExactMatchType;
/** Matches based on entity attributes of requester. */
extern SHIBSP_API xmltooling::QName EntityAttributeExactMatchType;
/** Matches based on entity attributes of issuer and a regex. */
extern SHIBSP_API xmltooling::QName AttributeIssuerEntityAttributeRegexMatchType;
/** Matches based on entity attributes of requester and a regex. */
extern SHIBSP_API xmltooling::QName AttributeRequesterEntityAttributeRegexMatchType;
/** Matches based on entity attributes of requester and a regex. */
extern SHIBSP_API xmltooling::QName EntityAttributeRegexMatchType;
/** Matches based on issuer and pluggable criteria. */
extern SHIBSP_API xmltooling::QName AttributeIssuerEntityMatcherType;
/** Matches based on requester and pluggable criteria. */
extern SHIBSP_API xmltooling::QName AttributeRequesterEntityMatcherType;
/** Matches scope based on metadata Scope extensions. */
extern SHIBSP_API xmltooling::QName AttributeScopeMatchesShibMDScopeType;
/** Matches value based on metadata Scope extensions. */
extern SHIBSP_API xmltooling::QName AttributeValueMatchesShibMDScopeType;
/** Matches based on NameID NameQualifiers. */
extern SHIBSP_API xmltooling::QName NameIDQualifierStringType;
/** Matches based on RegistrationAuthority extension in issuer's metadata. */
extern SHIBSP_API xmltooling::QName AttributeIssuerRegistrationAuthorityType;
/** Matches based on RegistrationAuthority extension in requester's metadata. */
extern SHIBSP_API xmltooling::QName RegistrationAuthorityType;
/**
* Registers MatchFunctor classes into the runtime.
*/
void SHIBSP_API registerMatchFunctors();
};
#endif /* __shibsp_matchfunc_h__ */
|