Changeset 6775 for TI12-security/trunk/NDG_XACML/ndg/xacml/test/test_xacml.py

Timestamp:

25/03/10 16:09:00 (11 years ago)

Author:

pjkersha

Message:

More work on PDP and moved pdp, pip and pap modules to context package.

File:

• TI12-security/trunk/NDG_XACML/ndg/xacml/test/test_xacml.py (modified) (2 diffs)

TI12-security/trunk/NDG_XACML/ndg/xacml/test/test_xacml.py

@@ -265 +265 @@
         
         
-class MyPDP(PDPInterface):
-    
-    def __init__(self):
-        self.policy = None
+class PDP(PDPInterface):
+    """A XACML Policy Decision Point implementation.  It supports the use of a 
+    single policy but not policy sets"""
+    __slots__ = ('__policy',)
+    
+    def __init__(self, policy=None):
+        """
+        @param policy: policy object for PDP to use to apply access control
+        decisions, may be omitted.
+        @type policy: ndg.xacml.core.policy.Policy / None
+        """
+        self.__policy = None
+        if policy is not None:
+            self.policy = policy
         
     @classmethod
-    def fromPolicy(cls, source):
+    def fromPolicy(cls, source, reader):
+        """Create a new PDP instance with a given policy
+        @param source: source for policy
+        @type source: type (dependent on the reader set, it could be for example
+        a file path string, file object, XML element instance)
+        @param reader: the reader instance to use to read this policy
+        @type reader: ndg.xacml.parsers.AbstractReader derived type
+        """
+        if not isinstance(reader, AbstractReader):
+            raise TypeError('Expecting %r derived type for "reader" input; got '
+                            '%r instead' % (AbstractReader, type(reader)))
+            
         pdp = cls()
-        self.policy = ReaderFactory.getReader(Policy).parse(source)
-        
+        pdp.policy = reader.parse(source)
+        return policy
+    
+    @property
+    def policy(self):
+        """policy object for PDP to use to apply access control decisions"""
+        return self.__policy
+    
+    @policy.setter
+    def policy(self, value):
+        '''policy object for PDP to use to apply access control decisions'''
+        if not isinstance(value, Policy):
+            raise TypeError('Expecting %r derived type for "policy" input; got '
+                            '%r instead' % (Policy, type(value)))
+        self.__policy = value
+                    
     def evaluate(self, request):
         """Make an access control decision for the given request based on the
@@ -288 +323 @@
         response.results.append(result)
         result.decision = Decision.NOT_APPLICABLE
+        
+        if not isinstance(request, Request):
+             log.error('Expecting %r derived type for "reader" input; got '
+                       '%r instead' % Request, type(request))
+             result.decision = Decision.INDETERMINATE
+             return response
             
         # Exception block around all rule processing in order to set
         # INDETERMINATE response from any exceptions raised
-        try:  
+        try: 
+                 
             # Check policy target for match
             log.debug('Checking policy target for match...')