Clover Coverage Report
Coverage timestamp: Sun Mar 23 2008 08:24:39 GMT
Overview   Package   File
    FRAMES   NO FRAMES     
43   257   13   3.07
12   115   0.6   14
14     1.86  
1    
 
 
  PolicyFinder       Line # 75 43 13 88.4% 0.884058
 
No Tests
 
1    /*
2    * Copyright (c) 2006, University of Kent
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions are met:
7    *
8    * Redistributions of source code must retain the above copyright notice, this
9    * list of conditions and the following disclaimer.
10    *
11    * Redistributions in binary form must reproduce the above copyright notice,
12    * this list of conditions and the following disclaimer in the documentation
13    * and/or other materials provided with the distribution.
14    *
15    * 1. Neither the name of the University of Kent nor the names of its
16    * contributors may be used to endorse or promote products derived from this
17    * software without specific prior written permission.
18    *
19    * 2. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
20    * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
21    * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22    * PURPOSE ARE DISCLAIMED.
23    *
24    * 3. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
25    * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26    * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27    * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28    * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29    * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30    * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31    * POSSIBILITY OF SUCH DAMAGE.
32    *
33    * 4. YOU AGREE THAT THE EXCLUSIONS IN PARAGRAPHS 2 AND 3 ABOVE ARE REASONABLE
34    * IN THE CIRCUMSTANCES. IN PARTICULAR, YOU ACKNOWLEDGE (1) THAT THIS
35    * SOFTWARE HAS BEEN MADE AVAILABLE TO YOU FREE OF CHARGE, (2) THAT THIS
36    * SOFTWARE IS NOT "PRODUCT" QUALITY, BUT HAS BEEN PRODUCED BY A RESEARCH
37    * GROUP WHO DESIRE TO MAKE THIS SOFTWARE FREELY AVAILABLE TO PEOPLE WHO WISH
38    * TO USE IT, AND (3) THAT BECAUSE THIS SOFTWARE IS NOT OF "PRODUCT" QUALITY
39    * IT IS INEVITABLE THAT THERE WILL BE BUGS AND ERRORS, AND POSSIBLY MORE
40    * SERIOUS FAULTS, IN THIS SOFTWARE.
41    *
42    * 5. This license is governed, except to the extent that local laws
43    * necessarily apply, by the laws of England and Wales.
44    */
45   
46    package issrg.pba.rbac;
47   
48   
49   
50    import issrg.pba.rbac.policies.*;
51    import java.security.Principal;
52    import issrg.utils.repository.AttributeRepository;
53    import issrg.pba.PolicyParser;
54    import issrg.pba.Subject;
55    import issrg.pba.Target;
56    import issrg.pba.Action;
57    import issrg.pba.PbaException;
58    import issrg.pba.CredentialsService;
59    import issrg.pba.repository.AuthzTokenRepository;
60   
61    import issrg.pba.rbac.URLHandler;
62   
63    import issrg.SAWS.*; // added for MSoD
64    import issrg.pba.rbac.SAWSLogLevelConstant;//Bassem:
65   
66    import org.apache.log4j.*;// added for logging
67    /**
68    * This is an abstract class that is designed for the PermisRBAC class to
69    * retrieve policies from different formats. It defines the way of retrieving
70    * policies, as well as providing some basic implementation of all the sucessive
71    * SubClass.
72    *
73    * @author Gansen
74    */
 
75    public abstract class PolicyFinder {
76   
77    /** This is the Authorisation token repository that keeps the policy*/
78    protected AuthzTokenRepository Repository=null;
79    private Logger logger = Logger.getLogger(PolicyFinder.class);
80    /** This is the signature verifier that verifies the signature over the policy */
81    protected SignatureVerifier sv=null; //MultiRepository
82   
83    /** This is the parsed form of the loaded policy */
84    protected PolicyParser parsedPolicy;
85   
86    /** This is the authorisation token parser that is used to parse the authorisation tokens*/
87    protected issrg.pba.AuthzTokenParser tokenParser;// = CustomisePERMIS.getAuthTokenParser();
88   
89    /** This is the allocation policy object */
90    protected issrg.pba.rbac.policies.AllocationPolicy allocationPolicy;
91   
92    /** This is the access policy object.*/
93    protected issrg.pba.rbac.policies.AccessPolicy accessPolicy;
94   
95    protected issrg.pba.rbac.policies.MSoDPolicySet msodPolicySet; // added for MSoD
96    protected SAWSServer sawsServer = null; // added for MSoD
97   
98   
99    //Bassem: parameters and methods related to saws server and SAT level
100    protected int satLevel=0;
 
101  25 toggle public int getSATLevel(){
102  25 return satLevel;
103    }
104    protected String soa=null;
105   
106    //returns the sawsserver instance
 
107  25 togglepublic SAWSServer getSAWSServer()
108    {
109  25 return sawsServer;
110    }
111   
112    //returns the SOA
 
113  4 togglepublic String getSOA()
114    {
115  4 return soa;
116    }
117    //Bassem: to get the policy file path for PermisStartingType record to log in SAWS
118    protected String filepath=null;
 
119  4 toggle public String getfilepath(){
120  4 return filepath;
121    }
122   
123    //Bassem to close log file in SAWS
 
124  0 toggle public void SAWSCloseLog(){
125  0 if(getSAWSServer()!=null) //case when NO_INFO level and MSoD policy exists
126  0 getSAWSServer().closeLog();
127    }
128   
129   
130    // change ObjectID into String
131    // date 15/11/2005
132    protected String policyOID;
133   
134    // this statement registers the XML nodes of the IF-statement and interpreters
 
135  20 toggle static {
136  20 issrg.pba.rbac.xmlpolicy.XMLPolicyParser.registerDefaultNodes();
137    }
138   
139    /**
140    * This method returns the object that is the parsed form of the loaded policy
141    */
 
142  52 toggle public PolicyParser getParsedPolicy(){
143  52 return parsedPolicy;
144    }
145   
146   
147    /**
148    * This method returns the allocation policy.
149    */
 
150  1549 toggle public AllocationPolicy getAllocationPolicy(){
151  1549 return allocationPolicy;
152    }
153   
154    /**
155    *This method returns the access policy.
156    */
 
157  1359 toggle public AccessPolicy getAccessPolicy(){
158  1359 logger.debug("return access control policy");
159  1359 return accessPolicy;
160    }
161   
162    /**
163    *This method returns the access policy. added for MSoD
164    */
 
165  0 toggle public MSoDPolicySet getMSoDPolicy(){
166  0 return msodPolicySet;
167    }
168   
169    /**
170    * This method retrieves the repository object.
171    */
 
172  1548 toggle public AuthzTokenRepository getRepository(){
173  1548 return Repository;
174    }
175   
176    /**
177    * This method retrieve the signature verifier object.
178    */
 
179  22 toggle public SignatureVerifier getSV(){
180  22 return sv;
181    }
182   
183    // change ObjectID getPolicyOID() into String getPolicyOID()
184    // date : 15/11/2005
 
185  1552 toggle public String getPolicyOID(){
186  1552 return policyOID;
187    }
188   
189    private static final String DOCTYPE = "<!DOCTYPE";
190    private static final String SYSTEM = "SYSTEM";
191    private static final String DOCTYPE_C = ">";
192    private static final String COMMENT_O = "<!--";
193    private static final String COMMENT_C = "-->";
194   
195   
196   
197    /**
198    * This method does simplistic XML policy pre-processing to remove a &lt;!DOCTYPE
199    * SYSTEM&gt; tag from it. The tag is intended to point to the DTD location,
200    * and the XML parsers attempt to validate the XML policy using it. Note that
201    * the location is very often machine-specific and only confuses the XML
202    * parser. It is safe to remove the pointer to the DTD, since the
203    * XMLPolicyParser validates the semantics of the XML.
204    *
205    * @param xml - the XML to remove the SYSTEM tag from
206    * @return the XML without the SYSTEM tag in it
207    */
 
208  24 toggle public static String removeSystemTag(String xml){
209  24 int doctypeIdx=0;
210  24 int commentIdx=0;
211   
212  24 while (true){
213  42 doctypeIdx=xml.indexOf(DOCTYPE, doctypeIdx);
214  42 if (doctypeIdx==-1) break;
215   
216  18 while (true){
217  37 commentIdx=xml.indexOf(COMMENT_O, commentIdx);
218  37 int e=xml.length();
219   
220  37 if (commentIdx>=0){
221  36 e=xml.indexOf(COMMENT_C, commentIdx+COMMENT_O.length());
222    }else{
223  1 commentIdx=e;
224    }
225   
226  37 if (doctypeIdx<e){
227  18 break;
228    }
229   
230  19 commentIdx=e+COMMENT_C.length();
231    }
232   
233  18 if (doctypeIdx<commentIdx){
234  18 int e=xml.indexOf(DOCTYPE_C, doctypeIdx);
235  18 int s=xml.indexOf(SYSTEM, doctypeIdx);
236   
237  18 if (e>=0 && s>=0 && s<e && xml.charAt(s-1)<=' '
238    && xml.charAt(s+SYSTEM.length())<=' '){
239   
240  1 char [] chr=new char[xml.length()];
241  1 StringBuffer sb = new StringBuffer(xml);
242  1 sb.getChars(0, chr.length, chr, 0);
243   
244  1 sb=new StringBuffer(new String(chr, 0, s));
245  1 sb.append(new String(chr, e, chr.length-e));
246   
247  1 xml=sb.toString();
248   
249    }
250  18 commentIdx=doctypeIdx;
251  18 doctypeIdx++;
252    }
253    }
254   
255  24 return xml;
256    }
257    }
 
CloverReport generated by Clover Code Coverage v2.0.3
Sun Mar 23 2008 08:29:30 GMT.		   Clover: Open Source License registered to OpenPERMIS.