source: TI12-security/trunk/ndg_xacml/ndg/xacml/core/attributevalue.py @ 7324

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/ndg_xacml/ndg/xacml/core/attributevalue.py@7324
Revision 7324, 9.3 KB checked in by pjkersha, 10 years ago (diff)

Incomplete - task 2: XACML-Security Integration

  • adding in functionality for call out to PIP via context handler from Subject Attribute Designator
  • Property svn:keywords set to Id
Line 
1"""NDG XACML attribute type definition
2
3NERC DataGrid
4"""
5__author__ = "P J Kershaw"
6__date__ = "25/02/10"
7__copyright__ = "(C) 2010 Science and Technology Facilities Council"
8__contact__ = "Philip.Kershaw@stfc.ac.uk"
9__license__ = "BSD - see LICENSE file in top-level directory"
10__contact__ = "Philip.Kershaw@stfc.ac.uk"
11__revision__ = "$Id$"
12from datetime import datetime, timedelta
13
14from ndg.xacml.utils import VettedDict
15from ndg.xacml.core.expression import Expression
16   
17
18class AttributeValue(Expression):
19    """XACML Attribute Value type
20   
21    @cvar ELEMENT_LOCAL_NAME: XML local name for this element
22    @type ELEMENT_LOCAL_NAME: string 
23    @cvar CLASS_NAME_SUFFIX: all attribute value classes end with this suffix
24    @type CLASS_NAME_SUFFIX: string
25    @cvar IDENTIFIER_PREFIX: geberic prefix for attribute value URNs
26    @type IDENTIFIER_PREFIX: string
27    @cvar IDENTIFIER: URN for attribute value in derived class
28    @type IDENTIFIER: NoneType - derived classes should set to appropriate
29    string
30    @cvar TYPE_URIS: URIs for all the different supported types
31    @type TYPE_URIS: tuple
32    @cvar TYPE_NAMES: corresponding short names for all the types
33    @type TYPE_NAMES: tuple
34    @cvar NATIVE_TYPES: equivalent python types as implemented
35    @cvar TYPE_MAP: mapping from type names to python types
36    @type TYPE_MAP: dict
37    @cvar TYPE_URI_MAP: mapping from type names to type URIs
38    @type TYPE_URI_MAP: dict
39    @cvar TYPE: type name for derived type - set to None in this parent class
40    @type TYPE: NoneType / string in derived type
41   
42    @ivar __value: setting for this attribute value
43    @type __value: any - constrained in derived classes
44    """
45    ELEMENT_LOCAL_NAME = 'AttributeValue'
46    CLASS_NAME_SUFFIX = 'AttributeValue'
47    IDENTIFIER_PREFIX = 'http://www.w3.org/2001/XMLSchema#'
48 
49    IDENTIFIER = None
50    TYPE_URIS = (
51    'http://www.w3.org/2001/XMLSchema#string',
52    'http://www.w3.org/2001/XMLSchema#anyURI',
53    'http://www.w3.org/2001/XMLSchema#integer',
54    'http://www.w3.org/2001/XMLSchema#boolean',
55    'http://www.w3.org/2001/XMLSchema#double',
56    'http://www.w3.org/2001/XMLSchema#date',
57    'http://www.w3.org/2001/XMLSchema#dateTime',
58    'http://www.w3.org/2001/XMLSchema#time',
59    'http://www.w3.org/TR/2002/WD-xquery-operators-20020816#dayTimeDuration',
60    'http://www.w3.org/TR/2002/WD-xquery-operators-20020816#yearMonthDuration',
61    'urn:oasis:names:tc:xacml:1.0:data-type:x500Name',
62    'urn:oasis:names:tc:xacml:1.0:data-type:rfc822Name',
63    'http://www.w3.org/2001/XMLSchema#hexBinary',
64    'http://www.w3.org/2001/XMLSchema#base64Binary',
65    'urn:oasis:names:tc:xacml:2.0:data-type:ipAddress',
66    'urn:oasis:names:tc:xacml:2.0:data-type:dnsName'
67    )
68    TYPE_NAMES = (
69        'String',
70        'AnyURI',
71        'Integer',
72        'Boolean',
73        'Double',
74        'Date',
75        'DateTime',
76        'Time',
77        'DayTimeDuration',
78        'YearMonthDuration',
79        'X500Name',
80        'Rfc822Name',
81        'HexBinary',
82        'Base64Binary',
83        'IpAddress',
84        'DnsName',
85    )
86    NATIVE_TYPES = (
87        basestring,
88        basestring,
89        int,
90        bool,
91        float,
92        datetime,
93        datetime,
94        datetime,
95        timedelta,
96        timedelta,
97        basestring,
98        basestring,
99        int,
100        NotImplemented,
101        basestring,
102        basestring
103    )
104    TYPE_MAP = dict(zip(TYPE_NAMES, NATIVE_TYPES))
105    TYPE_URI_MAP = dict(zip(TYPE_NAMES, TYPE_URIS))
106    TYPE = None
107   
108    __slots__ = ('__value',) 
109   
110    def __init__(self, value=None):
111        """Derived classes must override setting TYPE class variable
112       
113        @param value: initialise the attribute value by setting this keyword
114        @type value: (set by self.__class__.TYPE)
115        """
116       
117        super(AttributeValue, self).__init__()
118        if self.__class__.TYPE is None:
119            raise NotImplementedError('TYPE class variable must be set to a '
120                                      'valid type in a derived class')
121           
122        self.__value = None
123       
124        # Allow derived classes to make an implicit data type setting
125        self.dataType = self.__class__.IDENTIFIER
126       
127        if value is not None:
128            self.value = value
129
130    def __repr__(self):
131        return "%s = %r " % (super(AttributeValue, self).__repr__(),
132                             self.__value)
133   
134    def _get_value(self):
135        """Get value
136        @return: setting for this attribute value
137        @rtype: any - constrained in derived classes
138        """
139        return self.__value
140
141    def _set_value(self, value):
142        """Set value
143       
144        @param value: setting for this attribute value
145        @type value: any - constrained in derived classes
146        @raise TypeError: if type doesn't match TYPE class variable.  Derived
147        classes should set this
148        """
149        if not isinstance(value, self.__class__.TYPE):
150            raise TypeError('Expecting %r type for "value" '
151                            'attribute; got %r' % (self.__class__.TYPE, 
152                                                   type(value)))
153           
154        self.__value = value 
155
156    value = property(_get_value, _set_value, None, "expression value") 
157   
158    def evaluate(self, context):
159        """Evaluate the result of the expression in a condition.  In the case of
160        an attribute value it's simply itself
161       
162        @param context: the request context
163        @type context: ndg.xacml.core.context.request.Request
164        @return: this attribute value
165        @rtype: AttributeValue 
166        """ 
167        return self
168
169
170class AttributeValueClassMap(VettedDict):
171    """Specialised dictionary to hold mappings of XML attribute type URIs to
172    their equivalent classes
173    """
174   
175    def __init__(self):
176        """Force entries to derive from AttributeValue and IDs to
177        be string type
178        """       
179        # Filters are defined as staticmethods but reference via self here to
180        # enable derived class to override them as standard methods without
181        # needing to redefine this __init__ method           
182        VettedDict.__init__(self, self.keyFilter, self.valueFilter)
183       
184    @staticmethod
185    def keyFilter(key):
186        """Enforce string type keys
187       
188        @param key: URN for attribute
189        @type key: basestring
190        @return: boolean True indicating key is OK
191        @rtype: bool
192        @raise TypeError: incorrect input type
193        """
194        if not isinstance(key, basestring):
195            raise TypeError('Expecting %r type for key; got %r' % 
196                            (basestring, type(key))) 
197        return True 
198   
199    @staticmethod
200    def valueFilter(value):
201        """Enforce AttributeValue derived types for values
202        @param value: attribute value
203        @type value: ndg.xacml.core.attributevalue.AttributeValue derived type
204        @return: boolean True indicating attribute value is correct type
205        @rtype: bool
206        @raise TypeError: incorrect input type
207        """
208        if not issubclass(value, AttributeValue):
209            raise TypeError('Expecting %r derived type for value; got %r' % 
210                            (AttributeValue, type(value))) 
211        return True 
212
213
214# Dynamically Create classes based on AttributeValue for all the XACML primitive
215# types
216_IDENTIFIER2CLASS_MAP = AttributeValueClassMap()
217
218for typeName, _type in AttributeValue.TYPE_MAP.items():
219    identifier = AttributeValue.TYPE_URI_MAP[typeName]
220
221    className = typeName + AttributeValue.CLASS_NAME_SUFFIX               
222    classVars = {'TYPE': _type, 'IDENTIFIER': identifier}
223   
224    attributeValueClass = type(className, (AttributeValue, ), classVars)
225    AttributeValue.register(attributeValueClass)
226    _IDENTIFIER2CLASS_MAP[identifier] = attributeValueClass
227   
228   
229class AttributeValueClassFactory(object):
230    """Create AttributeValue types based on the XML namespace identifier
231   
232    Convenience wrapper for _IDENTIFIER2CLASS_MAP instance of
233    AttributeValueClassMap
234   
235    @ivar __classMap: mapping object to map attribute value URIs to their
236    implementations as classes
237    @type __classMap: ndg.xacml.core.attributevalue.AttributeValueClassMap
238    """
239    __slots__ = ('__classMap',)
240   
241    def __init__(self, classMap=None):
242        """Set a mapping object to map attribute value URIs to their
243        implementations as classes
244       
245        @param classMap: input an alternative to the default class mapping
246        object _IDENTIFIER2CLASS_MAP, if None, it will default to this setting
247        @type classMap: ndg.xacml.core.attributevalue.AttributeValueClassMap
248        """
249        if classMap is None:
250            self.__classMap = _IDENTIFIER2CLASS_MAP
251        elif isinstance(classMap, AttributeValueClassMap):
252            self.__classMap = classMap
253        else:
254            raise TypeError('Expecting %r derived type for "map" input; got %r'
255                            % (AttributeValueClassMap, type(map)))
256           
257    def __call__(self, identifier):
258        """Return <type>AttributeValue class for given identifier URI or None
259        if no match is found
260       
261        @return: attribute value class
262        @rtype: NoneType / ndg.xacml.core.attributevalue.AttributeValue derived
263        type
264        """
265        return self.__classMap.get(identifier)
266       
Note: See TracBrowser for help on using the repository browser.