@Override public String getType() { if (isUpdated()) return updated.getType(); return cached.getType(); }
private void verifyCircularReference(Policy policy, List<String> ids) { if (!policy.getType().equals("aggregate")) { return; } if (ids.contains(policy.getId())) { throw new RuntimeException("Circular reference found [" + policy.getName() + "]."); } ids.add(policy.getId()); for (Policy associated : policy.getAssociatedPolicies()) { verifyCircularReference(associated, ids); } }
public CachedPolicy(Long revision, Policy policy) { super(revision, policy.getId()); this.type = policy.getType(); this.decisionStrategy = policy.getDecisionStrategy(); this.logic = policy.getLogic();
@Override public void evaluate(Evaluation evaluation) { AuthorizationProvider authorization = evaluation.getAuthorizationProvider(); DefaultEvaluation defaultEvaluation = DefaultEvaluation.class.cast(evaluation); Map<Policy, Map<Object, Decision.Effect>> decisionCache = defaultEvaluation.getDecisionCache(); Policy policy = evaluation.getPolicy(); ResourcePermission permission = evaluation.getPermission(); policy.getAssociatedPolicies().forEach(associatedPolicy -> { Map<Object, Decision.Effect> decisions = decisionCache.computeIfAbsent(associatedPolicy, p -> new HashMap<>()); Decision.Effect effect = decisions.get(permission); defaultEvaluation.setPolicy(associatedPolicy); if (effect == null) { PolicyProvider policyProvider = authorization.getProvider(associatedPolicy.getType()); policyProvider.evaluate(defaultEvaluation); evaluation.denyIfNoEffect(); decisions.put(permission, defaultEvaluation.getEffect()); } else { defaultEvaluation.setEffect(effect); } }); }
PolicyProvider policyProvider = authorization.getProvider(associatedPolicy.getType());
representation.addClient(realm.getClientById(client).getClientId()); } else if ("user".equals(associatedPolicy.getType())) { UserPolicyRepresentation rep = UserPolicyRepresentation.class.cast(associatedRep);
if ("role".equals(associatedPolicy.getType())) { createPolicy = false; if ("group".equals(associatedPolicy.getType())) { createPolicy = false; if ("client".equals(associatedPolicy.getType())) { createPolicy = false; if ("user".equals(associatedPolicy.getType())) { createPolicy = false; if ("js".equals(associatedPolicy.getType())) { createPolicy = false;