Projet

Général

Profil

« Précédent | Suivant » 

Révision 96454bcd

Ajouté par Sylvain Sauvage il y a plus de 11 ans

Version 1.9-mock

This is version 1.9-mock. 1.9 because the API still have changes pending
(principally relative to the Discovery Services). “mock” because TLS
configuration is not yet available and the signatures (SigMa) are not fully
implemented.

  • All:
    - code cleaned and refactored
    - lots of bugs fixed
    - dependencies checked and trimmed
    - documentation added
    - Identity handling added
  • New library modules (Mu, Nu)
  • New signature modules (SigMa)
  • Access Layer and User interfaces (ALfA and OMeGa):
    - code refactored
    - new, better APIs
    - Identity handling added
    - use EPCglobal and DS events (no proxy types anymore)
  • New tempororay DSeTa web service (pending new DS)
  • ETa corrected and added to the IoTa-Installer
    - ETa-Callback modules are now available as web applications
    - filtering rules: if a part of an event is not allowed, now the whole
    event is deleted from the result (before only the rejectd part was)
  • CaPPa: overall refactoring of XACML handling
    - new temporary User web service
    - new Xi module: XACML Interrogation web service (was two modules: TCP and
    servlet)
  • PSi now signs its events
  • Installer, now also installs or configures:
    - ETa and its Callback modules
    - ActiveMQ
    - SigMa
    - certificate/signing key
  • Greyc letters figures:
    - new simplified figures (sans IoTa and simplified IoTa)
    - new figure for ETa modules
    - show 3rd party clients
    - data flows specified
    - TLS and link security added
    - IDs and trusted IDs added
    - color adjusted for printing
    - GREYC logo added

Voir les différences:

ETa/ETa/src/main/java/fr/unicaen/iota/eta/query/QueryCheck.java
/*
* This program is a part of the IoTa Project.
*
* Copyright © 2008-2012 Université de Caen Basse-Normandie, GREYC
* Copyright © 2011-2012 Université de Caen Basse-Normandie, GREYC
* Copyright © 2011 Orange Labs
*
* This program is free software: you can redistribute it and/or modify
......
*/
package fr.unicaen.iota.eta.query;
import com.sun.xacml.ctx.Result;
import fr.unicaen.iota.eta.xacml.EPCISPEP;
import fr.unicaen.iota.xacml.XACMLConstantsEventType;
import fr.unicaen.iota.xacml.pep.ExtensionEvent;
import fr.unicaen.iota.xacml.pep.XACMLEPCISEvent;
import fr.unicaen.iota.xacml.pep.XACMLEPCISMasterData;
import fr.unicaen.iota.xi.client.EPCISPEP;
import fr.unicaen.iota.xi.utils.Utils;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.xml.bind.JAXBElement;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xerces.dom.ElementNSImpl;
import org.fosstrak.epcis.model.*;
import org.fosstrak.epcis.soap.ImplementationExceptionResponse;
import org.fosstrak.epcis.utils.TimeParser;
import org.w3c.dom.Element;
/**
* This QueryCheck class initializes the EPCIS PEP to send XACML request to the
......
private final EPCISPEP epcisPEP;
private static final Log LOG = LogFactory.getLog(QueryOperationsModule.class);
public QueryCheck() {
epcisPEP = new EPCISPEP();
public QueryCheck(EPCISPEP epcisPEP) {
this.epcisPEP = epcisPEP;
}
/**
......
*
* @param xacmlEvent The EPCIS event to check
* @param user The user name
* @return
* <code>true</code> if permitted.
* @return <code>true</code> if permitted.
*/
public boolean xacmlCheck(XACMLEPCISEvent xacmlEvent, String user) {
int xacmlResponse = epcisPEP.queryEvent(user, xacmlEvent, "Query");
return xacmlResponse == Result.DECISION_PERMIT;
int xacmlResponse = epcisPEP.queryEvent(user, xacmlEvent);
return Utils.responseIsPermit(xacmlResponse);
}
/**
......
* @param owner The owner to check.
* @param user The user name to check.
* @return The filtered list.
* @throws ImplementationExceptionResponse If an unknown event type is
* encountered.
*/
public List<Object> xacmlCheck(List<Object> objects, String user, String owner)
throws ImplementationExceptionResponse {
public List<Object> xacmlCheck(List<Object> objects, String user, String owner) {
Iterator<Object> iterObject = objects.iterator();
while (iterObject.hasNext()) {
Object result = iterObject.next();
......
}
if (result instanceof ObjectEventType) {
// Remove the result if denied for all
if (!filterObjectEventType((ObjectEventType) result, user, owner)) {
if (!checkObjectEvent((ObjectEventType) result, user, owner)) {
iterObject.remove();
}
} else if (result instanceof AggregationEventType) {
// Remove the result if denied for all
if (!filterAggregationEventType((AggregationEventType) result, user, owner)) {
if (!checkAggregationEvent((AggregationEventType) result, user, owner)) {
iterObject.remove();
}
} else if (result instanceof QuantityEventType) {
// Remove the result if denied
if (!filterQuantityEventType((QuantityEventType) result, user, owner)) {
if (!checkQuantityEvent((QuantityEventType) result, user, owner)) {
iterObject.remove();
}
} else if (result instanceof TransactionEventType) {
// Remove the result if denied for all
if (!filterTransactionEventType((TransactionEventType) result, user, owner)) {
if (!checkTransactionEvent((TransactionEventType) result, user, owner)) {
iterObject.remove();
}
} else {
String msg = "Unknown event type: " + result.getClass().getName();
LOG.error(msg);
ImplementationException ie = new ImplementationException();
ie.setReason(msg);
throw new ImplementationExceptionResponse(msg, ie);
}
}
return null;
return objects;
}
/**
* Filters object events by XACML requests
* Checks access rights to an object event.
*
* @param result The object event to filter by XACML requests.
* @param objectEvent The object event to filter by XACML requests.
* @param user The user to check.
* @param owner The owner to check.
* @return
* <code>true</code> if one (or more) request is permited.
* @return <code>true</code> if the object event is permitted.
*/
private boolean filterObjectEventType(ObjectEventType result, String user, String owner) {
Date eventTime = (result.getEventTime() != null) ? result.getEventTime().toGregorianCalendar().getTime() : null;
Date recordTime = (result.getRecordTime() != null) ? result.getRecordTime().toGregorianCalendar().getTime() : null;
private boolean checkObjectEvent(ObjectEventType objectEvent, String user, String owner) {
Date eventTime = (objectEvent.getEventTime() != null) ? objectEvent.getEventTime().toGregorianCalendar().getTime() : null;
Date recordTime = (objectEvent.getRecordTime() != null) ? objectEvent.getRecordTime().toGregorianCalendar().getTime() : null;
String eventType = XACMLConstantsEventType.OBJECT;
String bizStep = result.getBizStep();
String operation = (result.getAction() != null) ? result.getAction().value() : null;
String bizLoc = (result.getBizLocation() != null) ? result.getBizLocation().getId() : null;
String readPoint = (result.getReadPoint() != null) ? result.getReadPoint().getId() : null;
String disposition = result.getDisposition();
String bizStep = objectEvent.getBizStep();
String operation = (objectEvent.getAction() != null) ? objectEvent.getAction().value() : null;
String bizLoc = (objectEvent.getBizLocation() != null) ? objectEvent.getBizLocation().getId() : null;
String readPoint = (objectEvent.getReadPoint() != null) ? objectEvent.getReadPoint().getId() : null;
String disposition = objectEvent.getDisposition();
Long quantity = null;
String parentId = null;
String childEpc = null;
......
String bizTrans = null;
ExtensionEvent extension = null;
boolean onePermit = false;
if (result.getEpcList().getEpc() == null || result.getEpcList().getEpc().isEmpty()) {
if (result.getBizTransactionList() == null || result.getBizTransactionList().getBizTransaction() == null
|| result.getBizTransactionList().getBizTransaction().isEmpty()) {
if (objectEvent.getEpcList().getEpc() == null || objectEvent.getEpcList().getEpc().isEmpty()) {
if (objectEvent.getBizTransactionList() == null || objectEvent.getBizTransactionList().getBizTransaction() == null
|| objectEvent.getBizTransactionList().getBizTransaction().isEmpty()) {
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
} else {
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
for (BusinessTransactionType bizTransType : objectEvent.getBizTransactionList().getBizTransaction()) {
bizTrans = bizTransType.getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
} else {
iterBizTransType.remove();
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
}
} else {
if (result.getBizTransactionList() == null || result.getBizTransactionList().getBizTransaction() == null
|| result.getBizTransactionList().getBizTransaction().isEmpty()) {
Iterator<EPC> iterEpc = result.getEpcList().getEpc().iterator();
while (iterEpc.hasNext()) {
epc = iterEpc.next().getValue();
if (objectEvent.getBizTransactionList() == null || objectEvent.getBizTransactionList().getBizTransaction() == null
|| objectEvent.getBizTransactionList().getBizTransaction().isEmpty()) {
for (EPC epcType : objectEvent.getEpcList().getEpc()) {
epc = epcType.getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
} else {
iterEpc.remove();
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
} else {
String allowedEpc = null;
String allowedBizTrans = null;
Iterator<EPC> iterEpc = result.getEpcList().getEpc().iterator();
while (iterEpc.hasNext()) {
EPC epcItem = iterEpc.next();
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
BusinessTransactionType bizTransType = iterBizTransType.next();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
allowedEpc = epcItem.getValue();
allowedBizTrans = bizTransType.getValue();
onePermit = true;
break;
}
}
if (allowedEpc == null) {
iterEpc.remove();
} else {
break;
}
}
if (allowedEpc != null) {
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
Iterator<BusinessTransactionType> iterBizTransType = objectEvent.getBizTransactionList().getBizTransaction().iterator();
for (EPC epcType : objectEvent.getEpcList().getEpc()) {
epc = epcType.getValue();
if (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
iterBizTransType.remove();
}
}
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
if (allowedBizTrans != null) {
iterEpc = result.getEpcList().getEpc().iterator();
while (iterEpc.hasNext()) {
EPC epcItem = iterEpc.next();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
iterEpc.remove();
}
while (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
}
}
if (onePermit) {
epc = null;
bizTrans = null;
Iterator<Object> iter = result.getAny().iterator();
while (iter.hasNext()) {
Object obj = iter.next();
ElementNSImpl element = (ElementNSImpl) obj;
String namespace = element.getNamespaceURI();
String extensionName = element.getLocalName();
String value = element.getTextContent();
// Gets the extension value
Object extensionValue = null;
epc = null;
bizTrans = null;
for (Object obj : objectEvent.getAny()) {
Element element = (Element) obj;
String namespace = element.getNamespaceURI();
String extensionName = element.getLocalName();
String value = element.getTextContent();
// Gets the extension value
Object extensionValue = null;
try {
extensionValue = new Integer(Integer.parseInt(value));
} catch (Exception ex) {
// Extension value is not an integer
try {
extensionValue = new Integer(Integer.parseInt(value));
} catch (Exception ex) {
// Extension value is not an integer
extensionValue = new Float(Float.parseFloat(value));
} catch (Exception exF) {
// Extension value is not a float
try {
extensionValue = new Float(Float.parseFloat(value));
} catch (Exception exF) {
// Extension value is not a float
extensionValue = new Double(Double.parseDouble(value));
} catch (Exception exD) {
// Extension value is not a double
try {
extensionValue = new Double(Double.parseDouble(value));
} catch (Exception exD) {
// Extension value is not a double
try {
extensionValue = TimeParser.parseAsDate(value);
} catch (Exception exP) {
// Extension value is not a date
}
extensionValue = TimeParser.parseAsDate(value);
} catch (Exception exP) {
// Extension value is not a date
}
}
}
// Extension value is a string
if (extensionValue == null) {
extensionValue = value;
}
}
// Extension value is a string
if (extensionValue == null) {
extensionValue = value;
}
extension = new ExtensionEvent(namespace, extensionName, extensionValue);
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
iter.remove();
}
extension = new ExtensionEvent(namespace, extensionName, extensionValue);
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
return onePermit;
return true;
}
/**
* Filter aggregation events by XACML requests.
* Checks access rights to an aggregation event.
*
* @param result The AggregationEventType to filter by XACML requests.
* @param aggregationEvent The AggregationEventType to filter by XACML requests.
* @param user The user to check.
* @param owner The owner to check.
* @return
* <code>true</code> if one (or more) request is permited.
* @return <code>true</code> if the aggregation event is permitted.
*/
private boolean filterAggregationEventType(AggregationEventType result, String user, String owner) {
Date eventTime = (result.getEventTime() != null) ? result.getEventTime().toGregorianCalendar().getTime() : null;
Date recordTime = (result.getRecordTime() != null) ? result.getRecordTime().toGregorianCalendar().getTime() : null;
private boolean checkAggregationEvent(AggregationEventType aggregationEvent, String user, String owner) {
Date eventTime = (aggregationEvent.getEventTime() != null) ? aggregationEvent.getEventTime().toGregorianCalendar().getTime() : null;
Date recordTime = (aggregationEvent.getRecordTime() != null) ? aggregationEvent.getRecordTime().toGregorianCalendar().getTime() : null;
String eventType = XACMLConstantsEventType.AGGREGATION;
String operation = (result.getAction() != null) ? result.getAction().value() : null;
String readPoint = (result.getReadPoint() != null) ? result.getReadPoint().getId() : null;
String bizLoc = (result.getBizLocation() != null) ? result.getBizLocation().getId() : null;
String bizStep = result.getBizStep();
String disposition = result.getDisposition();
String parentId = result.getParentID();
String operation = (aggregationEvent.getAction() != null) ? aggregationEvent.getAction().value() : null;
String readPoint = (aggregationEvent.getReadPoint() != null) ? aggregationEvent.getReadPoint().getId() : null;
String bizLoc = (aggregationEvent.getBizLocation() != null) ? aggregationEvent.getBizLocation().getId() : null;
String bizStep = aggregationEvent.getBizStep();
String disposition = aggregationEvent.getDisposition();
String parentId = aggregationEvent.getParentID();
Long quantity = null;
String epc = null;
String childEpc = null;
String bizTrans = null;
ExtensionEvent extension = null;
boolean onePermit = false;
if (result.getChildEPCs() == null || result.getChildEPCs().getEpc() == null || result.getChildEPCs().getEpc().isEmpty()) {
if (result.getBizTransactionList() == null || result.getBizTransactionList().getBizTransaction() == null
|| result.getBizTransactionList().getBizTransaction().isEmpty()) {
if (aggregationEvent.getChildEPCs() == null || aggregationEvent.getChildEPCs().getEpc() == null || aggregationEvent.getChildEPCs().getEpc().isEmpty()) {
if (aggregationEvent.getBizTransactionList() == null || aggregationEvent.getBizTransactionList().getBizTransaction() == null
|| aggregationEvent.getBizTransactionList().getBizTransaction().isEmpty()) {
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
} else {
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
for (BusinessTransactionType bizTransType : aggregationEvent.getBizTransactionList().getBizTransaction()) {
bizTrans = bizTransType.getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
} else {
iterBizTransType.remove();
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
}
} else {
if (result.getBizTransactionList() == null || result.getBizTransactionList().getBizTransaction() == null
|| result.getBizTransactionList().getBizTransaction().isEmpty()) {
Iterator<EPC> iterChildEpc = result.getChildEPCs().getEpc().iterator();
while (iterChildEpc.hasNext()) {
childEpc = iterChildEpc.next().getValue();
if (aggregationEvent.getBizTransactionList() == null || aggregationEvent.getBizTransactionList().getBizTransaction() == null
|| aggregationEvent.getBizTransactionList().getBizTransaction().isEmpty()) {
for (EPC epcType : aggregationEvent.getChildEPCs().getEpc()) {
childEpc = epcType.getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
} else {
iterChildEpc.remove();
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
} else {
String allowedChildEpc = null;
String allowedBizTrans = null;
Iterator<EPC> iterChildEpc = result.getChildEPCs().getEpc().iterator();
while (iterChildEpc.hasNext()) {
childEpc = iterChildEpc.next().getValue();
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
Iterator<BusinessTransactionType> iterBizTransType = aggregationEvent.getBizTransactionList().getBizTransaction().iterator();
for (EPC epcType : aggregationEvent.getChildEPCs().getEpc()) {
childEpc = epcType.getValue();
if (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
allowedChildEpc = childEpc;
allowedBizTrans = bizTrans;
onePermit = true;
break;
}
}
if (allowedChildEpc == null) {
iterChildEpc.remove();
} else {
break;
}
}
if (allowedChildEpc != null) {
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
iterBizTransType.remove();
}
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
if (allowedBizTrans != null) {
iterChildEpc = result.getChildEPCs().getEpc().iterator();
while (iterChildEpc.hasNext()) {
childEpc = iterChildEpc.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
iterChildEpc.remove();
}
while (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
}
}
if (onePermit) {
childEpc = null;
bizTrans = null;
Iterator<Object> iter = result.getAny().iterator();
while (iter.hasNext()) {
Object obj = iter.next();
ElementNSImpl element = (ElementNSImpl) obj;
String namespace = element.getNamespaceURI();
String extensionName = element.getLocalName();
String value = element.getTextContent();
// Gets the extension value
Object extensionValue = null;
childEpc = null;
bizTrans = null;
for (Object obj: aggregationEvent.getAny()) {
Element element = (Element) obj;
String namespace = element.getNamespaceURI();
String extensionName = element.getLocalName();
String value = element.getTextContent();
// Gets the extension value
Object extensionValue = null;
try {
extensionValue = new Integer(Integer.parseInt(value));
} catch (Exception ex) {
// Extension value is not an integer
try {
extensionValue = new Integer(Integer.parseInt(value));
} catch (Exception ex) {
// Extension value is not an integer
extensionValue = new Float(Float.parseFloat(value));
} catch (Exception exF) {
// Extension value is not a float
try {
extensionValue = new Float(Float.parseFloat(value));
} catch (Exception exF) {
// Extension value is not a float
extensionValue = new Double(Double.parseDouble(value));
} catch (Exception exD) {
// Extension value is not a double
try {
extensionValue = new Double(Double.parseDouble(value));
} catch (Exception exD) {
// Extension value is not a double
try {
extensionValue = TimeParser.parseAsDate(value);
} catch (Exception exP) {
// Extension value is not a date
}
extensionValue = TimeParser.parseAsDate(value);
} catch (Exception exP) {
// Extension value is not a date
}
}
}
// Extension value is a string
if (extensionValue == null) {
extensionValue = value;
}
extension = new ExtensionEvent(namespace, extensionName, extensionValue);
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
iter.remove();
}
}
// Extension value is a string
if (extensionValue == null) {
extensionValue = value;
}
extension = new ExtensionEvent(namespace, extensionName, extensionValue);
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
return onePermit;
return true;
}
/**
* Filters quantity event by XACML requests.
* Checks access rights to a quantity event.
*
* @param result The QuantityEventType to filter by XACML requests.
* @param quantityEvent The QuantityEventType to filter by XACML requests.
* @param user The user to check.
* @param owner The owner to check.
* @return
* <code>true</code> if the request is permited.
* @return <code>true</code> if the quantity event is permitted.
*/
private boolean filterQuantityEventType(QuantityEventType result, String user, String owner) {
Date eventTime = (result.getEventTime() != null) ? result.getEventTime().toGregorianCalendar().getTime() : null;
Date recordTime = (result.getRecordTime() != null) ? result.getRecordTime().toGregorianCalendar().getTime() : null;
private boolean checkQuantityEvent(QuantityEventType quantityEvent, String user, String owner) {
Date eventTime = (quantityEvent.getEventTime() != null) ? quantityEvent.getEventTime().toGregorianCalendar().getTime() : null;
Date recordTime = (quantityEvent.getRecordTime() != null) ? quantityEvent.getRecordTime().toGregorianCalendar().getTime() : null;
String eventType = XACMLConstantsEventType.QUANTITY;
String readPoint = (result.getReadPoint() != null) ? result.getReadPoint().getId() : null;
String bizLoc = (result.getBizLocation() != null) ? result.getBizLocation().getId() : null;
String bizStep = result.getBizStep();
String disposition = result.getDisposition();
String epc = result.getEpcClass();
Long quantity = new Long(result.getQuantity());
String readPoint = (quantityEvent.getReadPoint() != null) ? quantityEvent.getReadPoint().getId() : null;
String bizLoc = (quantityEvent.getBizLocation() != null) ? quantityEvent.getBizLocation().getId() : null;
String bizStep = quantityEvent.getBizStep();
String disposition = quantityEvent.getDisposition();
String epc = quantityEvent.getEpcClass();
Long quantity = new Long(quantityEvent.getQuantity());
String operation = null;
String parentId = null;
String childEpc = null;
String bizTrans = null;
ExtensionEvent extension = null;
if (result.getBizTransactionList() == null || result.getBizTransactionList().getBizTransaction() == null
|| result.getBizTransactionList().getBizTransaction().isEmpty()) {
if (quantityEvent.getBizTransactionList() == null || quantityEvent.getBizTransactionList().getBizTransaction() == null
|| quantityEvent.getBizTransactionList().getBizTransaction().isEmpty()) {
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
return xacmlCheck(xacmlEvent, user);
}
boolean onePermit = false;
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
} else {
iterBizTransType.remove();
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
} else {
for (BusinessTransactionType bizTransType : quantityEvent.getBizTransactionList().getBizTransaction()) {
bizTrans = bizTransType.getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
}
if (onePermit) {
bizTrans = null;
Iterator<Object> iter = result.getAny().iterator();
while (iter.hasNext()) {
Object obj = iter.next();
ElementNSImpl element = (ElementNSImpl) obj;
String namespace = element.getNamespaceURI();
String extensionName = element.getLocalName();
String value = element.getTextContent();
// Gets the extension value
Object extensionValue = null;
bizTrans = null;
for (Object obj : quantityEvent.getAny()) {
Element element = (Element) obj;
String namespace = element.getNamespaceURI();
String extensionName = element.getLocalName();
String value = element.getTextContent();
// Gets the extension value
Object extensionValue = null;
try {
extensionValue = new Integer(Integer.parseInt(value));
} catch (Exception ex) {
// Extension value is not an integer
try {
extensionValue = new Integer(Integer.parseInt(value));
} catch (Exception ex) {
// Extension value is not an integer
extensionValue = new Float(Float.parseFloat(value));
} catch (Exception exF) {
// Extension value is not a float
try {
extensionValue = new Float(Float.parseFloat(value));
} catch (Exception exF) {
// Extension value is not a float
extensionValue = new Double(Double.parseDouble(value));
} catch (Exception exD) {
// Extension value is not a double
try {
extensionValue = new Double(Double.parseDouble(value));
} catch (Exception exD) {
// Extension value is not a double
try {
extensionValue = TimeParser.parseAsDate(value);
} catch (Exception exP) {
// Extension value is not a date
}
extensionValue = TimeParser.parseAsDate(value);
} catch (Exception exP) {
// Extension value is not a date
}
}
}
// Extension value is a string
if (extensionValue == null) {
extensionValue = value;
}
extension = new ExtensionEvent(namespace, extensionName, extensionValue);
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
iter.remove();
}
}
// Extension value is a string
if (extensionValue == null) {
extensionValue = value;
}
extension = new ExtensionEvent(namespace, extensionName, extensionValue);
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
return onePermit;
return true;
}
/**
* Filters transaction event by XACML requests.
* Checks access rights to a transaction event.
*
* @param result The TransactionEventType to filter by XACML requests.
* @param transactionEvent The TransactionEventType to filter by XACML requests.
* @param user The user to check.
* @param owner The owner to check.
* @return
* <code>true</code> if one (or more) request is permited.
* @return <code>true</code> if the transaction event is permitted.
*/
private boolean filterTransactionEventType(TransactionEventType result, String user, String owner) {
Date eventTime = (result.getEventTime() != null) ? result.getEventTime().toGregorianCalendar().getTime() : null;
Date recordTime = (result.getRecordTime() != null) ? result.getRecordTime().toGregorianCalendar().getTime() : null;
private boolean checkTransactionEvent(TransactionEventType transactionEvent, String user, String owner) {
Date eventTime = (transactionEvent.getEventTime() != null) ? transactionEvent.getEventTime().toGregorianCalendar().getTime() : null;
Date recordTime = (transactionEvent.getRecordTime() != null) ? transactionEvent.getRecordTime().toGregorianCalendar().getTime() : null;
String eventType = XACMLConstantsEventType.TRANSACTION;
String operation = (result.getAction() != null) ? result.getAction().value() : null;
String readPoint = (result.getReadPoint() != null) ? result.getReadPoint().getId() : null;
String bizLoc = (result.getBizLocation() != null) ? result.getBizLocation().getId() : null;
String bizStep = result.getBizStep();
String disposition = result.getDisposition();
String parentId = result.getParentID();
String operation = (transactionEvent.getAction() != null) ? transactionEvent.getAction().value() : null;
String readPoint = (transactionEvent.getReadPoint() != null) ? transactionEvent.getReadPoint().getId() : null;
String bizLoc = (transactionEvent.getBizLocation() != null) ? transactionEvent.getBizLocation().getId() : null;
String bizStep = transactionEvent.getBizStep();
String disposition = transactionEvent.getDisposition();
String parentId = transactionEvent.getParentID();
Long quantity = null;
String childEpc = null;
String epc = null;
String bizTrans = null;
ExtensionEvent extension = null;
boolean onePermit = false;
if (result.getEpcList() == null || result.getEpcList().getEpc() == null || result.getEpcList().getEpc().isEmpty()) {
if (result.getBizTransactionList() == null || result.getBizTransactionList().getBizTransaction() == null
|| result.getBizTransactionList().getBizTransaction().isEmpty()) {
if (transactionEvent.getEpcList() == null || transactionEvent.getEpcList().getEpc() == null || transactionEvent.getEpcList().getEpc().isEmpty()) {
if (transactionEvent.getBizTransactionList() == null || transactionEvent.getBizTransactionList().getBizTransaction() == null
|| transactionEvent.getBizTransactionList().getBizTransaction().isEmpty()) {
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
} else {
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
for (BusinessTransactionType bizTransType : transactionEvent.getBizTransactionList().getBizTransaction()) {
bizTrans = bizTransType.getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
} else {
iterBizTransType.remove();
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
}
} else {
if (result.getBizTransactionList() == null || result.getBizTransactionList().getBizTransaction() == null
|| result.getBizTransactionList().getBizTransaction().isEmpty()) {
Iterator<EPC> iterEpc = result.getEpcList().getEpc().iterator();
while (iterEpc.hasNext()) {
epc = iterEpc.next().getValue();
if (transactionEvent.getBizTransactionList() == null || transactionEvent.getBizTransactionList().getBizTransaction() == null
|| transactionEvent.getBizTransactionList().getBizTransaction().isEmpty()) {
for (EPC epcType : transactionEvent.getEpcList().getEpc()) {
epc = epcType.getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
onePermit = true;
} else {
iterEpc.remove();
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
} else {
String allowedEpc = null;
String allowedBizTrans = null;
Iterator<EPC> iterEpc = result.getEpcList().getEpc().iterator();
while (iterEpc.hasNext()) {
epc = iterEpc.next().getValue();
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
Iterator<BusinessTransactionType> iterBizTransType = transactionEvent.getBizTransactionList().getBizTransaction().iterator();
for (EPC epcType : transactionEvent.getEpcList().getEpc()) {
epc = epcType.getValue();
if (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (xacmlCheck(xacmlEvent, user)) {
allowedEpc = epc;
allowedBizTrans = bizTrans;
onePermit = true;
break;
}
}
if (allowedEpc == null) {
iterEpc.remove();
} else {
break;
}
}
if (allowedEpc != null) {
Iterator<BusinessTransactionType> iterBizTransType = result.getBizTransactionList().getBizTransaction().iterator();
while (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
iterBizTransType.remove();
}
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
if (allowedBizTrans != null) {
iterEpc = result.getEpcList().getEpc().iterator();
while (iterEpc.hasNext()) {
epc = iterEpc.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
iterEpc.remove();
}
while (iterBizTransType.hasNext()) {
bizTrans = iterBizTransType.next().getValue();
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
}
}
if (onePermit) {
epc = null;
bizTrans = null;
Iterator<Object> iter = result.getAny().iterator();
while (iter.hasNext()) {
Object obj = iter.next();
ElementNSImpl element = (ElementNSImpl) obj;
String namespace = element.getNamespaceURI();
String extensionName = element.getLocalName();
String value = element.getTextContent();
// Gets the extension value
Object extensionValue = null;
epc = null;
bizTrans = null;
for (Object obj : transactionEvent.getAny()) {
Element element = (Element) obj;
String namespace = element.getNamespaceURI();
String extensionName = element.getLocalName();
String value = element.getTextContent();
// Gets the extension value
Object extensionValue = null;
try {
extensionValue = new Integer(Integer.parseInt(value));
} catch (Exception ex) {
// Extension value is not an integer
try {
extensionValue = new Integer(Integer.parseInt(value));
} catch (Exception ex) {
// Extension value is not an integer
extensionValue = new Float(Float.parseFloat(value));
} catch (Exception exF) {
// Extension value is not a float
try {
extensionValue = new Float(Float.parseFloat(value));
} catch (Exception exF) {
// Extension value is not a float
extensionValue = new Double(Double.parseDouble(value));
} catch (Exception exD) {
// Extension value is not a double
try {
extensionValue = new Double(Double.parseDouble(value));
} catch (Exception exD) {
// Extension value is not a double
try {
extensionValue = TimeParser.parseAsDate(value);
} catch (Exception exP) {
// Extension value is not a date
}
extensionValue = TimeParser.parseAsDate(value);
} catch (Exception exP) {
// Extension value is not a date
}
}
}
// Extension value is a string
if (extensionValue == null) {
extensionValue = value;
}
}
// Extension value is a string
if (extensionValue == null) {
extensionValue = value;
}
extension = new ExtensionEvent(namespace, extensionName, extensionValue);
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
iter.remove();
}
extension = new ExtensionEvent(namespace, extensionName, extensionValue);
XACMLEPCISEvent xacmlEvent = new XACMLEPCISEvent(owner, bizStep, epc, eventTime, recordTime, operation,
eventType, parentId, childEpc, quantity, readPoint, bizLoc, bizTrans, disposition, extension);
if (!xacmlCheck(xacmlEvent, user)) {
return false;
}
}
return onePermit;
return true;
}
/**
* Checks wehther the user has access rights to subscribe.
* Checks whether the user has access rights to subscribe.
*
* @param user The user who wants to subscribe.
* @return The decision result.
*/
public int checkSubscribe(String user, String partner) {
return epcisPEP.subscribe(user, partner, "Query");
public boolean checkSubscribe(String user, String partner) {
int xacmlResponse = epcisPEP.subscribe(user, partner);
return Utils.responseIsPermit(xacmlResponse);
}
/**
* Checks whether the user can use an identity.
*
* @param user The identity used by the user.
* @param partner The partner of the user.
* @return The decision result.
*/
public boolean canBe(String user, String partner) {
int xacmlResponse = epcisPEP.canBe(user, partner);
return Utils.responseIsPermit(xacmlResponse);
}
/**
......
*
* @param xacmlMasterData The Master Data to check.
* @param user The user name to check.
* @return
* <code>true</code> if permitted.
* @return <code>true</code> if permitted.
*/
private boolean xacmlCheckMasterData(XACMLEPCISMasterData xacmlMasterData, String user) {
int xacmlResponse = epcisPEP.queryMasterData(user, xacmlMasterData, "Query");
return xacmlResponse == Result.DECISION_PERMIT;
int xacmlResponse = epcisPEP.queryMasterData(user, xacmlMasterData);
return Utils.responseIsPermit(xacmlResponse);
}
}

Formats disponibles : Unified diff