Révision bf9c3717
Ajouté par Remy Menard il y a environ 11 ans
ETa/ETa/src/main/java/fr/unicaen/iota/eta/query/QueryCheck.java | ||
---|---|---|
* @return <code>true</code> if permitted.
|
||
*/
|
||
public boolean xacmlCheck(XACMLEPCISEvent xacmlEvent, String user) {
|
||
user = fr.unicaen.iota.mu.Utils.formatId(user);
|
||
int xacmlResponse = epcisPEP.queryEvent(user, xacmlEvent);
|
||
return fr.unicaen.iota.xi.utils.Utils.responseIsPermit(xacmlResponse);
|
||
}
|
||
... | ... | |
* Filters the list of events.
|
||
*
|
||
* @param objects The list of events to filter.
|
||
* @param owner The owner to check.
|
||
* @param user The user name to check.
|
||
* @return The filtered list.
|
||
*/
|
||
... | ... | |
if (owner == null) {
|
||
return false;
|
||
}
|
||
owner = fr.unicaen.iota.mu.Utils.formatId(owner);
|
||
Date eventTime = (objectEvent.getEventTime() != null) ? objectEvent.getEventTime().toGregorianCalendar().getTime() : null;
|
||
Date recordTime = (objectEvent.getRecordTime() != null) ? objectEvent.getRecordTime().toGregorianCalendar().getTime() : null;
|
||
String eventType = XACMLConstantsEventType.OBJECT;
|
||
... | ... | |
*
|
||
* @param aggregationEvent The AggregationEventType to filter by XACML requests.
|
||
* @param user The user to check.
|
||
* @param owner The owner to check.
|
||
* @return <code>true</code> if the aggregation event is permitted.
|
||
*/
|
||
private boolean checkAggregationEvent(AggregationEventType aggregationEvent, String user) {
|
||
... | ... | |
if (owner == null) {
|
||
return false;
|
||
}
|
||
owner = fr.unicaen.iota.mu.Utils.formatId(owner);
|
||
Date eventTime = (aggregationEvent.getEventTime() != null) ? aggregationEvent.getEventTime().toGregorianCalendar().getTime() : null;
|
||
Date recordTime = (aggregationEvent.getRecordTime() != null) ? aggregationEvent.getRecordTime().toGregorianCalendar().getTime() : null;
|
||
String eventType = XACMLConstantsEventType.AGGREGATION;
|
||
... | ... | |
*
|
||
* @param quantityEvent The QuantityEventType to filter by XACML requests.
|
||
* @param user The user to check.
|
||
* @param owner The owner to check.
|
||
* @return <code>true</code> if the quantity event is permitted.
|
||
*/
|
||
private boolean checkQuantityEvent(QuantityEventType quantityEvent, String user) {
|
||
... | ... | |
if (owner == null) {
|
||
return false;
|
||
}
|
||
owner = fr.unicaen.iota.mu.Utils.formatId(owner);
|
||
Date eventTime = (quantityEvent.getEventTime() != null) ? quantityEvent.getEventTime().toGregorianCalendar().getTime() : null;
|
||
Date recordTime = (quantityEvent.getRecordTime() != null) ? quantityEvent.getRecordTime().toGregorianCalendar().getTime() : null;
|
||
String eventType = XACMLConstantsEventType.QUANTITY;
|
||
... | ... | |
*
|
||
* @param transactionEvent The TransactionEventType to filter by XACML requests.
|
||
* @param user The user to check.
|
||
* @param owner The owner to check.
|
||
* @return <code>true</code> if the transaction event is permitted.
|
||
*/
|
||
private boolean checkTransactionEvent(TransactionEventType transactionEvent, String user) {
|
||
... | ... | |
if (owner == null) {
|
||
return false;
|
||
}
|
||
owner = fr.unicaen.iota.mu.Utils.formatId(owner);
|
||
Date eventTime = (transactionEvent.getEventTime() != null) ? transactionEvent.getEventTime().toGregorianCalendar().getTime() : null;
|
||
Date recordTime = (transactionEvent.getRecordTime() != null) ? transactionEvent.getRecordTime().toGregorianCalendar().getTime() : null;
|
||
String eventType = XACMLConstantsEventType.TRANSACTION;
|
||
... | ... | |
* @return The decision result.
|
||
*/
|
||
public boolean checkSubscribe(String user, String partner) {
|
||
user = fr.unicaen.iota.mu.Utils.formatId(user);
|
||
partner = fr.unicaen.iota.mu.Utils.formatId(partner);
|
||
int xacmlResponse = epcisPEP.subscribe(user, partner);
|
||
return fr.unicaen.iota.xi.utils.Utils.responseIsPermit(xacmlResponse);
|
||
}
|
||
... | ... | |
* @return The decision result.
|
||
*/
|
||
public boolean canBe(String user, String partner) {
|
||
user = fr.unicaen.iota.mu.Utils.formatId(user);
|
||
partner = fr.unicaen.iota.mu.Utils.formatId(partner);
|
||
int xacmlResponse = epcisPEP.canBe(user, partner);
|
||
return fr.unicaen.iota.xi.utils.Utils.responseIsPermit(xacmlResponse);
|
||
}
|
||
... | ... | |
* @param user The user name to check
|
||
*/
|
||
private void xacmlCheckMasterDType(List<VocabularyElementType> vocElList, String user) {
|
||
user = fr.unicaen.iota.mu.Utils.formatId(user);
|
||
Iterator<VocabularyElementType> iterVoc = vocElList.iterator();
|
||
while (iterVoc.hasNext()) {
|
||
boolean allowed = false;
|
||
... | ... | |
if (Constants.URN_IOTA.equals(elem.getName().getNamespaceURI()) &&
|
||
Constants.EXTENSION_OWNER_ID.equals(elem.getName().getLocalPart())) {
|
||
String owner = elem.getValue().toString();
|
||
fr.unicaen.iota.mu.Utils.formatId(owner);
|
||
XACMLEPCISMasterData xacmlMasterData = new XACMLEPCISMasterData(owner, id);
|
||
if (xacmlCheckMasterData(xacmlMasterData, user)) {
|
||
allowed = true;
|
||
... | ... | |
* @return <code>true</code> if permitted.
|
||
*/
|
||
private boolean xacmlCheckMasterData(XACMLEPCISMasterData xacmlMasterData, String user) {
|
||
user = fr.unicaen.iota.mu.Utils.formatId(user);
|
||
int xacmlResponse = epcisPEP.queryMasterData(user, xacmlMasterData);
|
||
return fr.unicaen.iota.xi.utils.Utils.responseIsPermit(xacmlResponse);
|
||
}
|
Formats disponibles : Unified diff
Version 1.99
- a few bugs fixed!
- new testing application to capture events
- new options to the command line to configure the public/private keys
for TLS and for signature
- new method more accurate than "traceEPC": the events are sorted by
EPCIS
- New options added to the command line
- user can be identified by alias, if the DN of his certificate is
incompatible with the LDAP directory
- new shell script to configure the LDAP directory (same
functionnalities as IoTa-Installer)
- installs and configures LaMBDa
- finer certificate mangagement
- EpcILoN correctly subscribe with TLS to ETa
- new figure for LaMBDa
- shows data flows between PHI and YPSilon
- sets DS and DSeTa in different schemas