nordugrid-arc-dev 5.0.5-1ubuntu1 / usr / include / arc / security / ArcPDP / policy / Policy.h

This file is indexed.

/usr/include/arc/security/ArcPDP/policy/Policy.h is in nordugrid-arc-dev 5.0.5-1ubuntu1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#ifndef __ARC_SEC_POLICY_H__
#define __ARC_SEC_POLICY_H__

#include <list>
#include <arc/XMLNode.h>
#include <arc/Logger.h>
#include <arc/security/ClassLoader.h>

#include "../EvaluationCtx.h"
#include "../Result.h"

namespace ArcSec {

class EvaluatorContext;

///Interface for containing and processing different types of policy.
/**Basically, each policy object is a container which includes a few elements 
 *e.g., ArcPolicySet objects includes a few ArcPolicy objects; ArcPolicy object 
 *includes a few ArcRule objects. There is logical relationship between ArcRules 
 *or ArcPolicies, which is called combining algorithm. According to algorithm, 
 *evaluation results from the elements are combined, and then the combined 
 *evaluation result is returned to the up-level. 
 */
class Policy : public Arc::LoadableClass {
protected:
  std::list<Policy*> subelements;
  static Arc::Logger logger; 
 
public:
  /// Template constructor - creates empty policy
  Policy(Arc::PluginArgument* parg): Arc::LoadableClass(parg) {};

  /// Template constructor - creates policy based on XML document
  /** If XML document is empty then empty policy is created. If it is not 
    empty then it must be valid policy document - otherwise created object
    should be invalid. */
  Policy(const Arc::XMLNode, Arc::PluginArgument* parg): Arc::LoadableClass(parg) {};  

  /// Template constructor - creates policy based on XML document
  /** If XML document is empty then empty policy is created. If it is not 
    empty then it must be valid policy document - otherwise created object
    should be invalid. This constructor is based on the policy node and i
    the EvaluatorContext which includes the factory objects for combining 
    algorithm and function */ 
  Policy(const Arc::XMLNode, EvaluatorContext*, Arc::PluginArgument* parg): Arc::LoadableClass(parg) {};
  virtual ~Policy(){};

  /// Returns true is object is valid.
  virtual operator bool(void) const = 0;
  
  ///Evaluate whether the two targets to be evaluated match to each other
  virtual MatchResult match(EvaluationCtx*) = 0;

/**Evaluate policy
 * For the <Rule> of Arc, only get the "Effect" from rules;
 * For the <Policy> of Arc, combine the evaluation result from <Rule>;
 * For the <Rule> of XACML, evaluate the <Condition> node by using information from request, 
 * and use the "Effect" attribute of <Rule>;
 * For the <Policy> of XACML, combine the evaluation result from <Rule>
 */
  virtual Result eval(EvaluationCtx*) = 0;

  /**Add a policy element to into "this" object */
  virtual void addPolicy(Policy* pl){subelements.push_back(pl);};

  /**Set Evaluator Context for the usage in creating low-level policy object*/
  virtual void setEvaluatorContext(EvaluatorContext*) {};

  /**Parse XMLNode, and construct the low-level Rule object*/
  virtual void make_policy() {};

  /**Get the "Effect" attribute*/
  virtual std::string getEffect() const = 0;
  
  /**Get eveluation result*/
  virtual EvalResult& getEvalResult() = 0;

  /**Set eveluation result*/
  virtual void setEvalResult(EvalResult& res) = 0;

  /**Get the name of Evaluator which can evaluate this policy*/
  virtual const char* getEvalName() const = 0;

  /**Get the name of this policy*/
  virtual const char* getName() const = 0;
};

} // namespace ArcSec

#endif /* __ARC_SEC_POLICY_H__ */

APT Browse - Built by Thomas Orozco.