Added code to compute potential release sets. This can be used to avoid resolving...
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / aa / arp / ArpEngine.java
index cced58c..f79d900 100755 (executable)
@@ -55,8 +55,10 @@ import java.net.URL;
 import java.security.Principal;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Map;
 import java.util.Properties;
+import java.util.Set;
 
 import org.apache.log4j.Logger;
 
@@ -90,13 +92,17 @@ public class ArpEngine {
 
        public ArpEngine(Properties properties) throws ArpException {
                try {
-                       this.repository = ArpRepositoryFactory.getInstance(properties);
+                       repository = ArpRepositoryFactory.getInstance(properties);
                } catch (ArpRepositoryException e) {
                        log.error("Could not start Arp Engine: " + e);
                        throw new ArpException("Could not start Arp Engine.");
                }
        }
 
+       public ArpEngine(ArpRepository repository, Properties properties) throws ArpException {
+               this.repository = repository;
+       }
+
        public static MatchFunction lookupMatchFunction(URI functionIdentifier) throws ArpException {
                String className = null;
 
@@ -135,8 +141,8 @@ public class ArpEngine {
                        for (int i = 0; userPolicies.length > i; i++) {
                                Rule[] rules = userPolicies[i].getMatchingRules(requester, resource);
 
-                               for (int j = 0; rules.length > i; j++) {
-                                       effectiveArp.addRule(rules[i]);
+                               for (int j = 0; rules.length > j; j++) {
+                                       effectiveArp.addRule(rules[j]);
                                }
                        }
 
@@ -147,4 +153,27 @@ public class ArpEngine {
                }
        }
 
+       URI[] listPossibleReleaseAttributes(Principal principal, String requester, URL resource)
+               throws ArpProcessingException {
+               Set possibleReleaseSet = new HashSet();
+               Rule[] rules = createEffectiveArp(principal, requester, resource).getAllRules();
+               for (int i = 0; rules.length > i; i++) {
+                       Rule.Attribute[] attributes = rules[i].getAttributes();
+                       for (int j = 0; attributes.length > j; j++) {
+                               if (attributes[j].releaseAnyValue()) {
+                                       possibleReleaseSet.add(attributes[j].getName());
+                               } else {
+                                       Rule.AttributeValue[] values = attributes[j].getValues();
+                                       for (int k = 0; values.length > k; k++) {
+                                               if (values[k].getRelease().equals("permit")) {
+                                                       possibleReleaseSet.add(attributes[j].getName());
+                                                       break;
+                                               }
+                                       }
+                               }
+                       }
+               }
+               return (URI[]) possibleReleaseSet.toArray(new URI[0]);
+       }
+
 }