Context Navigation

← Previous Changeset
Next Changeset →

Changeset 6754

Timestamp:

22/03/10 08:30:50 (11 years ago)

Author:

pjkersha

Message:

Parsing complete for all XACML example rules but minus Obligations implementation. This is probably not needed for NDG. Added original NDG test policy to test parsing with this.

Location:

TI12-security/trunk/NDG_XACML/ndg/xacml

Files:

: 5 added
: 12 edited

core/attributedesignator.py (modified) (1 diff)
core/attributeselector.py (modified) (1 diff)
core/condition.py (modified) (1 diff)
core/policy.py (modified) (3 diffs)
core/policydefaults.py (added)
parsers/etree/applyreader.py (modified) (4 diffs)
parsers/etree/attributedesignatorreader.py (modified) (1 diff)
parsers/etree/attributeselectorreader.py (modified) (1 diff)
parsers/etree/attributevaluereader.py (modified) (1 diff)
parsers/etree/expressionreader.py (modified) (1 diff)
parsers/etree/policydefaultsreader.py (added)
parsers/etree/policyreader.py (modified) (3 diffs)
test/ndg1.xml (added)
test/rule2.xml (modified) (2 diffs)
test/rule3.xml (added)
test/rule4.xml (added)
test/test_xacml.py (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed

TI12-security/trunk/NDG_XACML/ndg/xacml/core/attributedesignator.py

-                      r6753
+                      r6754
     """XACML Action Attribute Designator type"""
     ELEMENT_LOCAL_NAME = 'ActionAttributeDesignator'
+class EnvironmentAttributeDesignator(AttributeDesignator):
+    """XACML Environment Attribute Designator type"""
+    ELEMENT_LOCAL_NAME = 'EnvironmentAttributeDesignator'

TI12-security/trunk/NDG_XACML/ndg/xacml/core/attributeselector.py

-                      r6747
+                      r6754
+'''
+Created on 16 Mar 2010
+"""NDG XACML AttributeSelector type
+@author: pjkersha
+'''
+NERC DataGrid Project
+"""
+__author__ = "P J Kershaw"
+__date__ = "16/03/10"
+__copyright__ = "(C) 2010 Science and Technology Facilities Council"
+__contact__ = "Philip.Kershaw@stfc.ac.uk"
+__license__ = "BSD - see LICENSE file in top-level directory"
+__contact__ = "Philip.Kershaw@stfc.ac.uk"
+__revision__ = "$Id: $"
+import logging
+log = logging.getLogger(__name__)
+class AttributeSelector(object):
+    '''
+    classdocs
+from ndg.xacml.core.expression import Expression
+class AttributeSelector(Expression):
+    '''XACML Attribute Selector type
     '''
     ELEMENT_LOCAL_NAME = 'AttributeSelector'
+    MUST_BE_PRESENT_ATTRIB_NAME = 'MustBePresent'
+    REQUEST_CONTEXT_PATH_ATTRIB_NAME = 'RequestContextPath'
+    __slots__ = ('__mustBePresent', '__requestContextPath')
+    def __init__(self):
+        '''XACML Attribute Selector type
+        '''
+        super(AttributeSelector, self).__init__()
+        self.__mustBePresent = None
+        self.__requestContextPath = None
+    @property
+    def requestContextPath(self):
+        """Get Issuer"""
+        return self.__requestContextPath
+    def __init__(selfparams):
+        '''
+        Constructor
+        '''
+    @requestContextPath.setter
+    def requestContextPath(self, value):
+        """Set Issuer"""
+        if not isinstance(value, basestring):
+            raise TypeError('Expecting %r type for "requestContextPath" '
+                            'attribute; got %r' % (basestring, type(value)))
+        self.__requestContextPath = value
+    @property
+    def mustBePresent(self):
+        """Get Must Be Present flag"""
+        return self.__mustBePresent
+    @mustBePresent.setter
+    def mustBePresent(self, value):
+        """Set Must Be Present flag"""
+        if not isinstance(value, bool):
+            raise TypeError('Expecting %r type for "mustBePresent" '
+                            'attribute; got %r' % (bool, type(value)))
+        self.__mustBePresent = value

TI12-security/trunk/NDG_XACML/ndg/xacml/core/condition.py

r6753	r6754
11	11	__revision__ = "$Id: $"
12	12	from ndg.xacml.core import PolicyComponent
	13	from ndg.xacml.core.expression import Expression
13	14
14	15

TI12-security/trunk/NDG_XACML/ndg/xacml/core/policy.py

-                      r6746
+                      r6754
 from ndg.xacml.utils import TypedList
 from ndg.xacml.core import PolicyComponent
+from ndg.xacml.core.policydefaults import PolicyDefaults
 from ndg.xacml.core.target import Target
 from ndg.xacml.core.rule import Rule
 …
     """Invalid XML namespace for policy document"""
-'''
-    <xs:complexType name="PolicyType">
-        <xs:sequence>
-            <xs:element ref="xacml:Description" minOccurs="0"/>
-            <xs:element ref="xacml:PolicyDefaults" minOccurs="0"/>
-            <xs:element ref="xacml:CombinerParameters" minOccurs="0"/>
-            <xs:element ref="xacml:Target"/>
-            <xs:choice maxOccurs="unbounded">
-                <xs:element ref="xacml:CombinerParameters" minOccurs="0"/>
-                <xs:element ref="xacml:RuleCombinerParameters" minOccurs="0"/>
-                <xs:element ref="xacml:VariableDefinition"/>
-                <xs:element ref="xacml:Rule"/>
-            </xs:choice>
-            <xs:element ref="xacml:Obligations" minOccurs="0"/>
-        </xs:sequence>
-        <xs:attribute name="PolicyId" type="xs:anyURI" use="required"/>
-        <xs:attribute name="Version" type="xacml:VersionType" default="1.0"/>
-        <xs:attribute name="RuleCombiningAlgId" type="xs:anyURI" use="required"/>
-    </xs:complexType>
-'''
 class Policy(PolicyComponent):
 …
     description = property(_getDescription, _setDescription,
                            doc="Policy Description text")
+    def _getPolicyDefaults(self):
+        return self.__policyDefaults
+    def _setPolicyDefaults(self, value):
+        if not isinstance(value, PolicyDefaults):
+            raise TypeError('Expecting string type for "policyDefaults" '
+                            'attribute; got %r' % type(value))
+        self.__policyDefaults = value
+    policyDefaults = property(_getPolicyDefaults,
+                              _setPolicyDefaults,
+                              None,
+                              "Policy PolicyDefaults element")
     def parse(self):
         """Parse the policy file set in policyFilePath attribute

TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/applyreader.py

-                      r6753
+                      r6754
 __contact__ = "Philip.Kershaw@stfc.ac.uk"
 __revision__ = "$Id: $"
+import logging
+log = logging.getLogger(__name__)
 from ndg.xacml.core.apply import Apply
+from ndg.xacml.core.attributeselector import AttributeSelector
 from ndg.xacml.core.attributedesignator import (SubjectAttributeDesignator,
                                                 ResourceAttributeDesignator,
+                                                EnvironmentAttributeDesignator,
                                                 ActionAttributeDesignator,
                                                 EnvironmentAttributeDesignator)
 …
 from ndg.xacml.parsers.etree import QName
 from ndg.xacml.parsers.etree.reader import ETreeAbstractReader
+from ndg.xacml.parsers.etree.expressionreader import ExpressionReader
 from ndg.xacml.parsers.etree.factory import ReaderFactory
 …
         # elements
         for subElem in elem:
             localName = QName.getLocalPart(elem[0].tag)
+            localName = QName.getLocalPart(subElem.tag)
             if localName == xacmlType.ELEMENT_LOCAL_NAME:
                 applyObj.expressions.append(ApplyReader.parse(subElem))
 …
                 applyObj.expressions.append(
                                 SubjectAttributeDesignatorReader.parse(subElem))
+            elif localName == EnvironmentAttributeDesignator.ELEMENT_LOCAL_NAME:
+                EnvironmentAttributeDesignatorReader = ReaderFactory.getReader(
+                                                    EnvironmentAttributeDesignator)
+                applyObj.expressions.append(
+                            EnvironmentAttributeDesignatorReader.parse(subElem))
+            elif localName == ActionAttributeDesignator.ELEMENT_LOCAL_NAME:
+                ActionAttributeDesignatorReader = ReaderFactory.getReader(
+                                                    ActionAttributeDesignator)
+                applyObj.expressions.append(
+                                ActionAttributeDesignatorReader.parse(subElem))
+            elif localName == EnvironmentAttributeDesignator.ELEMENT_LOCAL_NAME:
+                EnvironmentAttributeDesignatorReader = ReaderFactory.getReader(
+                                                EnvironmentAttributeDesignator)
+                applyObj.expressions.append(
+                            EnvironmentAttributeDesignatorReader.parse(subElem))
+            elif localName == AttributeSelector.ELEMENT_LOCAL_NAME:
+                AttributeSelectorReader = ReaderFactory.getReader(
+                                                            AttributeSelector)
+                applyObj.expressions.append(
+                                        AttributeSelectorReader.parse(subElem))
             else:
                 raise XMLParseError('%r Apply sub-element not recognised' %
                                     localName)
+                raise NotImplementedError('%r Apply sub-element not '
+                                          'recognised', localName)
         return applyObj

TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/attributedesignatorreader.py

r6752	r6754
40	40	attributeDesignator.issuer = issuer
41	41
42		mustBePresent = elem.attrib.get(xacmlType.~~DATA_TYPE~~_ATTRIB_NAME)
	42	mustBePresent = elem.attrib.get(xacmlType.MUST_BE_PRESENT_ATTRIB_NAME)
43	43	if mustBePresent is not None:
44	44	attributeDesignator.mustBePresent = str2Bool(mustBePresent)

TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/attributeselectorreader.py

-                      r6750
+                      r6754
 __contact__ = "Philip.Kershaw@stfc.ac.uk"
 __revision__ = "$Id: $"
+from ndg.xacml.parsers.etree.reader import ETreeAbstractReader
+from ndg.xacml.core.attributeselector import AttributeSelector
+from ndg.xacml.parsers import XMLParseError
+from ndg.xacml.parsers.etree import QName
+from ndg.xacml.parsers.etree.expressionreader import ExpressionReader
+class AttributeSelectorReader(ETreeAbstractReader):
+    '''
+    classdocs
+    '''
+class AttributeSelectorReader(ExpressionReader):
+    '''ElementTree based parser for XACML Attribute Selector type'''
+    TYPE = AttributeSelector
+    def _parseExtension(self, elem, attributeSelector):
+        xacmlType = self.__class__.TYPE
+        localName = QName.getLocalPart(elem.tag)
+        if localName != xacmlType.ELEMENT_LOCAL_NAME:
+            raise XMLParseError("No \"%s\" element found" %
+                                xacmlType.ELEMENT_LOCAL_NAME)
+        # Unpack *required* attributes from top-level element
+        attributeValues = []
+        for attributeName in (xacmlType.REQUEST_CONTEXT_PATH_ATTRIB_NAME,):
+            attributeValue = elem.attrib.get(attributeName)
+            if attributeValue is None:
+                raise XMLParseError('No "%s" attribute found in "%s" element' %
+                                    (attributeName,
+                                     xacmlType.ELEMENT_LOCAL_NAME))
+            attributeValues.append(attributeValue)
+        attributeSelector.requestContextPath, = attributeValues
+        mustBePresent = elem.attrib.get(xacmlType.MUST_BE_PRESENT_ATTRIB_NAME)
+        if mustBePresent is not None:
+            attributeSelector.mustBePresent = str2Bool(mustBePresent)
+        return attributeSelector
+    def __init__(self):
+        '''
+        Constructor
+        '''

TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/attributevaluereader.py

r6750	r6754
10	10	__contact__ = "Philip.Kershaw@stfc.ac.uk"
11	11	__revision__ = "$Id: $"
12		from ndg.xacml.core.attributevalue import ~~Expression,~~ AttributeValue
	12	from ndg.xacml.core.attributevalue import AttributeValue
13	13	from ndg.xacml.parsers import XMLParseError
14	14	from ndg.xacml.parsers.etree.expressionreader import ExpressionReader

TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/expressionreader.py

-                      r6752
+                      r6754
             if attributeValue is None:
                 raise XMLParseError('No "%s" attribute found in "%s" element' %
+                                    (attributeName, xacmlType.ELEMENT_LOCAL_NAME))
+                                    (attributeName,
+                                     xacmlType.ELEMENT_LOCAL_NAME))
             attributeValues.append(attributeValue)

TI12-security/trunk/NDG_XACML/ndg/xacml/parsers/etree/policyreader.py

-                      r6752
+                      r6754
 from ndg.xacml.parsers import XMLParseError
 from ndg.xacml.core.policy import Policy
+from ndg.xacml.core.policydefaults import PolicyDefaults
 from ndg.xacml.core.variabledefinition import VariableDefinition
 from ndg.xacml.core.rule import Rule
 …
             elif localName == xacmlType.POLICY_DEFAULTS_LOCAL_NAME:
+                raise NotImplementedError()
+                PolicyDefaultsReader = ReaderFactory.getReader(PolicyDefaults)
+                policy.policyDefaults = PolicyDefaultsReader.parse(childElem)
             elif localName == Target.ELEMENT_LOCAL_NAME:
 …
             elif localName == xacmlType.OBLIGATIONS_LOCAL_NAME:
+                raise NotImplementedError()
+                raise NotImplementedError('Parsing for Obligations element is '
+                                          'not implemented')
             else:

TI12-security/trunk/NDG_XACML/ndg/xacml/test/rule2.xml

-                      r6751
+                      r6754
 <?xml version="1.0" encoding="UTF-8"?>
+<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os" xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-os.xsd" xmlns:xf="http://www.w3.org/TR/2002/WD-xquery-operators-20020816/#" xmlns:md="http:www.med.example.com/schemas/record.xsd" PolicyId="urn:oasis:names:tc:xacml:2.0:example:policyid:2" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
+<Policy xmlns="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
+    xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os http://docs.oasis-open.org/xacml/access_control-xacml-2.0-policy-schema-os.xsd"
+    xmlns:xf="http://www.w3.org/TR/2002/WD-xquery-operators-20020816/#"
+    xmlns:md="http:www.med.example.com/schemas/record.xsd"
+    PolicyId="urn:oasis:names:tc:xacml:2.0:example:policyid:2"
+    RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides">
 <!--
     <PolicyDefaults>
         <XPathVersion>http://www.w3.org/TR/1999/Rec-xpath-19991116</XPathVersion>
     </PolicyDefaults>
+-->
     <Target/>
+<!--
     <VariableDefinition VariableId="17590035">
         <Apply FunctionId="urn:oasis:names:tc:xacml:2.0:function:date-less-or-equal">
 …
                 <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
                     <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+                        <SubjectAttributeDesignator AttributeId="urn:oasis:names:tc:xacml:2.0:example:attribute:
+                            parent-guardian-id" DataType="http://www.w3.org/2001/XMLSchema#string"/>
+                        <SubjectAttributeDesignator
+                         AttributeId="urn:oasis:names:tc:xacml:2.0:example:attribute:parent-guardian-id"
+                         DataType="http://www.w3.org/2001/XMLSchema#string"/>
                     </Apply>
+                    <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+                        <AttributeSelector RequestContextPath="//md:record/md:parentGuardian/md:parentGuardianId/text()" DataType="http://www.w3.org/2001/XMLSchema#string"/>
+                    <Apply
+                     FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+                        <AttributeSelector
+                         RequestContextPath="//md:record/md:parentGuardian/md:parentGuardianId/text()"
+                         DataType="http://www.w3.org/2001/XMLSchema#string"/>
                     </Apply>
                 </Apply>
+                <!--
                 <VariableReference VariableId="17590035"/>
+                -->
             </Apply>
         </Condition>

TI12-security/trunk/NDG_XACML/ndg/xacml/test/test_xacml.py

-                      r6752
+                      r6754
 import unittest
 from os import path
+import logging
+logging.basicConfig(level=logging.DEBUG)
 from ndg.xacml.core.policy import Policy
+from ndg.xacml.core.attributedesignator import SubjectAttributeDesignator
+from ndg.xacml.core.attributeselector import AttributeSelector
 from ndg.xacml.parsers.etree.factory import ReaderFactory
 …
     XACML_TEST2_FILENAME = "rule2.xml"
     XACML_TEST2_FILEPATH = path.join(THIS_DIR, XACML_TEST2_FILENAME)
+    XACML_TEST3_FILENAME = "rule3.xml"
+    XACML_TEST3_FILEPATH = path.join(THIS_DIR, XACML_TEST3_FILENAME)
+    XACML_TEST4_FILENAME = "rule4.xml"
+    XACML_TEST4_FILEPATH = path.join(THIS_DIR, XACML_TEST4_FILENAME)
+    XACML_NDGTEST1_FILENAME = "ndg1.xml"
+    XACML_NDGTEST1_FILEPATH = path.join(THIS_DIR, XACML_NDGTEST1_FILENAME)
     def test01ETreeParseRule1Policy(self):
 …
         policy = PolicyReader.parse(XACMLTestCase.XACML_TEST2_FILEPATH)
         self.assert_(policy)
+        self.assert_(
+        policy.policyId == "urn:oasis:names:tc:xacml:2.0:example:policyid:2")
+        self.assert_(policy.ruleCombiningAlgId == \
+        "urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides")
+        self.assert_(policy.description is None)
+        self.assert_(len(policy.target.actions) == 0)
+        self.assert_(policy.rules[0].id == \
+                     "urn:oasis:names:tc:xacml:2.0:example:ruleid:2")
+        self.assert_(policy.rules[0].effect == 'Permit')
+        self.assert_(policy.rules[0].description == """\
+A person may read any medical record in the
+            http://www.med.example.com/records.xsd namespace
+            for which he or she is the designated parent or guardian,
+            and for which the patient is under 16 years of age""")
+        self.assert_(len(policy.rules[0].target.subjects) == 0)
+        self.assert_(len(policy.rules[0].target.actions) == 1)
+        self.assert_(len(policy.rules[0].target.resources) == 1)
+        self.assert_(len(policy.rules[0].target.environments) == 0)
+        self.assert_(len(policy.rules[0].target.resources[0
+                                                    ].resourceMatches) == 2)
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[0
+            ].matchId == "urn:oasis:names:tc:xacml:1.0:function:string-equal")
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[0
+            ].attributeValue.dataType == \
+                                    "http://www.w3.org/2001/XMLSchema#string")
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[0
+            ].attributeValue.value == 'urn:med:example:schemas:record')
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[0
+            ].attributeDesignator.dataType == \
+                                    "http://www.w3.org/2001/XMLSchema#string")
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[1
+            ].attributeDesignator.attributeId == \
+                            "urn:oasis:names:tc:xacml:1.0:resource:xpath")
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[1
+            ].matchId == \
+                "urn:oasis:names:tc:xacml:1.0:function:xpath-node-match")
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[1
+            ].attributeValue.dataType == \
+                                    "http://www.w3.org/2001/XMLSchema#string")
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[1
+            ].attributeValue.value == '/md:record')
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[1
+            ].attributeDesignator.dataType == \
+                                    "http://www.w3.org/2001/XMLSchema#string")
+        self.assert_(policy.rules[0].target.resources[0].resourceMatches[1
+            ].attributeDesignator.attributeId == \
+                                "urn:oasis:names:tc:xacml:1.0:resource:xpath")
+        # Verify Action
+        self.assert_(len(policy.rules[0].target.actions[0
+                                                    ].actionMatches) == 1)
+        self.assert_(policy.rules[0].target.actions[0].actionMatches[0
+            ].matchId == "urn:oasis:names:tc:xacml:1.0:function:string-equal")
+        self.assert_(policy.rules[0].target.actions[0].actionMatches[0
+            ].attributeValue.dataType == \
+                                    "http://www.w3.org/2001/XMLSchema#string")
+        self.assert_(policy.rules[0].target.actions[0].actionMatches[0
+            ].attributeValue.value == "read")
+        self.assert_(policy.rules[0].target.actions[0].actionMatches[0
+            ].attributeDesignator.dataType == \
+                                    "http://www.w3.org/2001/XMLSchema#string")
+        self.assert_(policy.rules[0].target.actions[0].actionMatches[0
+            ].attributeDesignator.attributeId == \
+                            "urn:oasis:names:tc:xacml:1.0:action:action-id")
+        self.assert_(policy.rules[0].condition)
+        self.assert_(policy.rules[0].condition.expression.functionId == \
+                     "urn:oasis:names:tc:xacml:1.0:function:and")
+        self.assert_(len(policy.rules[0].condition.expression.expressions) == 1)
+        self.assert_(policy.rules[0].condition.expression.expressions[0
+            ].functionId == \
+                'urn:oasis:names:tc:xacml:1.0:function:string-equal')
+        self.assert_(len(policy.rules[0].condition.expression.expressions) == 1)
+        self.assert_(len(policy.rules[0].condition.expression.expressions[0
+                     ].expressions) == 2)
+        self.assert_(policy.rules[0].condition.expression.expressions[0
+            ].expressions[0].functionId == \
+                "urn:oasis:names:tc:xacml:1.0:function:string-one-and-only")
+        self.assert_(isinstance(
+                        policy.rules[0].condition.expression.expressions[0
+                            ].expressions[0
+                            ].expressions[0], SubjectAttributeDesignator))
+        self.assert_(policy.rules[0].condition.expression.expressions[0
+                            ].expressions[0
+                            ].expressions[0].attributeId == \
+                            "urn:oasis:names:tc:xacml:2.0:example:attribute:"
+                            "parent-guardian-id")
+        self.assert_(policy.rules[0].condition.expression.expressions[0
+                            ].expressions[0
+                            ].expressions[0].dataType == \
+                            "http://www.w3.org/2001/XMLSchema#string")
+        self.assert_(policy.rules[0].condition.expression.expressions[0
+                            ].expressions[0
+                            ].expressions[0].attributeId == \
+                            "urn:oasis:names:tc:xacml:2.0:example:attribute:"
+                            "parent-guardian-id")
+        self.assert_(isinstance(policy.rules[0
+                            ].condition.expression.expressions[0
+                            ].expressions[1
+                            ].expressions[0], AttributeSelector))
+        self.assert_(policy.rules[0
+                            ].condition.expression.expressions[0
+                            ].expressions[1
+                            ].expressions[0].requestContextPath == \
+                            "//md:record/md:parentGuardian/md:parentGuardianId/"
+                            "text()")
+        self.assert_(policy.rules[0
+                            ].condition.expression.expressions[0
+                            ].expressions[1
+                            ].expressions[0].dataType == \
+                            "http://www.w3.org/2001/XMLSchema#string")
+    def test03ETreeParseRule3Policy(self):
+        PolicyReader = ReaderFactory.getReader(Policy)
+        try:
+            policy = PolicyReader.parse(XACMLTestCase.XACML_TEST3_FILEPATH)
+            self.assert_(policy)
+        except NotImplementedError, e:
+            print("Expecting Obligations not implemented exception: %s" %e)
+    def test04ETreeParseRule4Policy(self):
+        PolicyReader = ReaderFactory.getReader(Policy)
+        policy = PolicyReader.parse(XACMLTestCase.XACML_TEST4_FILEPATH)
+        self.assert_(policy)
+    def test05ETreeParseNdg1Policy(self):
+        # Example policy for URI Regular expression based matching of
+        # resources for NDG
+        PolicyReader = ReaderFactory.getReader(Policy)
+        policy = PolicyReader.parse(XACMLTestCase.XACML_NDGTEST1_FILEPATH)
+        self.assert_(policy)
 if __name__ == "__main__":
     unittest.main()

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: