Ignore:
Timestamp:
16/04/10 10:36:08 (11 years ago)
Author:
pjkersha
Message:

Working XACML implementation with permit-overrides rule combining algorithm.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/NDG_XACML/ndg/xacml/core/rule_combining_alg.py

    r6822 r6823  
    5050 
    5151 
    52 class PermitOverridesRuleCombingAlg(RuleCombiningAlgInterface): 
     52class PermitOverridesRuleCombiningAlg(RuleCombiningAlgInterface): 
    5353    """Implementation of permit overrides XACML rule combining algorithm""" 
    5454     
     
    7070        atLeastOneDeny = False 
    7171         
    72         for rule in rules:    
     72        for rule in rules: 
    7373            decision = rule.evaluate(context) 
    7474            if decision == Decision.DENY: 
     
    105105    """Class Factory mapping Rule Combining Algorithm identifiers to their 
    106106    class implementations""" 
     107     
     108    # All algorithms are not implemented by default(!) 
    107109    DEFAULT_MAP = {}.fromkeys(ALGORITHMS, NotImplemented) 
     110     
     111    # Permit overrides is the only one currently implemented 
    108112    DEFAULT_MAP[ 
    109113        'urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides' 
    110         ] = PermitOverridesRuleCombingAlg 
     114        ] = PermitOverridesRuleCombiningAlg 
    111115     
    112116    def __init__(self, map=DEFAULT_MAP): 
     
    116120    def __call__(self, identifier): 
    117121        """Return the class for a given Rule Combining Algorithm identifier 
     122        @param identifier: XACML rule combining algorithm urn 
     123        @type identifier: basestring 
     124        @return: rule combining class corresponding to the given input 
     125        identifier 
     126        @rtype: RuleCombiningAlgInterface derived type or NoneType if no match  
     127        is found or NotImplementedType if the identifier corresponds to a valid  
     128        XACML rule combining algorithm but is not supported in this  
     129        implementation 
    118130        """ 
    119         self.__map.get(identifier) 
     131        return self.__map.get(identifier) 
Note: See TracChangeset for help on using the changeset viewer.