1 """XACML 2.0 profile for SAML 2.0 module
2
3 NERC DataGrid Project
4 """
5 __author__ = "R B Wilkinson"
6 __date__ = "23/12/11"
7 __copyright__ = "(C) 2011 Science and Technology Facilities Council"
8 __license__ = "http://www.apache.org/licenses/LICENSE-2.0"
9 __contact__ = "Philip.Kershaw@stfc.ac.uk"
10 __revision__ = '$Id$'
11
12 from ndg.saml.common.xml import SAMLConstants, QName
13 from ndg.saml.saml2.core import RequestAbstractType, Statement
14
15 from ndg.xacml.core.context.request import Request
16 from ndg.xacml.core.context.response import Response
17
18
20 '''SAML 2.0 XACML Profile XACMLAuthzDecisionQuery
21
22 @cvar DEFAULT_ELEMENT_LOCAL_NAME: Element local name.
23 @type DEFAULT_ELEMENT_LOCAL_NAME: string
24 @cvar DEFAULT_ELEMENT_NAME: Default element name.
25 @type DEFAULT_ELEMENT_NAME: string
26 @cvar TYPE_LOCAL_NAME: Local name of the XSI type.
27 @type TYPE_LOCAL_NAME: string
28 @cvar TYPE_NAME: QName of the XSI type.
29 @type TYPE_NAME: string
30 @cvar RETURN_CONTEXT_ATTRIB_NAME: ReturnContext attribute name.
31 @type RETURN_CONTEXT_ATTRIB_NAME: string
32
33 @ivar inputContextOnly: InputContextOnly attribute value.
34 @type inputContextOnly: bool
35 @ivar returnContext: ReturnContext attribute value.
36 @type returnContext: bool
37 @ivar xacmlContextRequest: XACML context request
38 @type xacmlContextRequest: ndg.xacml.core.context.request.Request
39 '''
40
41
42 DEFAULT_ELEMENT_LOCAL_NAME = "XACMLAuthzDecisionQuery"
43
44
45 DEFAULT_ELEMENT_NAME = QName(SAMLConstants.SAML2_XACML_PROTOCOL_NS,
46 DEFAULT_ELEMENT_LOCAL_NAME,
47 SAMLConstants.SAML2_XACML_PROTOCOL_PREFIX)
48
49
50 TYPE_LOCAL_NAME = "XACMLAuthzDecisionQueryType"
51
52
53 TYPE_NAME = QName(SAMLConstants.SAML2_XACML_PROTOCOL_NS,
54 TYPE_LOCAL_NAME,
55 SAMLConstants.SAML2_XACML_PROTOCOL_PREFIX)
56
57
58 INPUT_CONTEXT_ONLY_ATTRIB_NAME = "InputContextOnly"
59
60
61 RETURN_CONTEXT_ATTRIB_NAME = "ReturnContext"
62
63 __slots__ = (
64 '__inputContextOnly',
65 '__returnContext',
66 '__xacmlContextRequest'
67 )
68
70 '''Create new authorisation decision query
71 '''
72 super(XACMLAuthzDecisionQuery, self).__init__()
73
74
75 self.__inputContextOnly = None
76
77
78 self.__returnContext = None
79
80
81 self.__xacmlContextRequest = None
82
84 '''Enable pickling
85
86 @return: object's attribute dictionary
87 @rtype: dict
88 '''
89 _dict = super(XACMLAuthzDecisionQuery, self).__getstate__()
90 for attrName in XACMLAuthzDecisionQuery.__slots__:
91
92
93 if attrName.startswith('__'):
94 attrName = "_XACMLAuthzDecisionQuery" + attrName
95
96 _dict[attrName] = getattr(self, attrName)
97
98 return _dict
99
101 '''Get the InputContextOnly attribute value of this query
102
103 @return: InputContextOnly value
104 @rtype: bool
105 '''
106 return self.__inputContextOnly
107
109 '''Sets the InputContextOnly attribute value of this query.
110
111 @param value: the new InputContextOnly attribute value
112 @type value: bool
113 @raise TypeError: if incorrect input type
114 '''
115 if not isinstance(value, basestring):
116 raise TypeError('Expecting string type for "InputContextOnly" '
117 'attribute; got %r instead' % type(value))
118
119 self.__inputContextOnly = value
120
121 inputContextOnly = property(fget=_getInputContextOnly,
122 fset=_setInputContextOnly,
123 doc="Determines whether the decision is made "
124 "using information in the decision query only "
125 "- unused")
126
128 '''Get the ReturnContext attribute value of this query
129
130 @return: ReturnContext value
131 @rtype: bool
132 '''
133 return self.__returnContext
134
135 - def _setReturnContext(self, value):
136 '''Sets the ReturnContext attribute value of this query.
137
138 @param value: the new ReturnContext attribute value
139 @type value: bool
140 @raise TypeError: if incorrect input type
141 '''
142 if not isinstance(value, basestring):
143 raise TypeError('Expecting string type for "ReturnContext" '
144 'attribute; got %r instead' % type(value))
145
146 self.__returnContext = value
147
148 returnContext = property(fget=_getReturnContext,
149 fset=_setReturnContext,
150 doc="Determines whether the request context is"
151 "response")
152
154 '''
155 Gets the XACML context request.
156
157 @rtype:
158 @return: XACML context request
159 '''
160 return self.__xacmlContextRequest
161
163 '''
164 Sets the XacmlContextRequest.
165
166 @param value: XacmlContextRequest
167 @raise TypeError: input value is incorrect type
168 '''
169 if not isinstance(value, Request):
170 raise TypeError('Expecting %r type for "decision" attribute; '
171 'got %r instead' % (Request, type(value)))
172 self.__xacmlContextRequest = value
173
174 xacmlContextRequest = property(_getXacmlContextRequest,
175 _setXacmlContextRequest,
176 doc="XACML context request")
177
179 '''Return attributes for this element as a tuple
180
181 @return: attributes for this element
182 @rtype: tuple
183 '''
184 children = []
185
186 superChildren = super(XACMLAuthzDecisionQuery, self).getOrderedChildren()
187 if superChildren:
188 children.extend(superChildren)
189
190 children.extend(self.__xacmlContextRequest)
191
192 if len(children) == 0:
193 return None
194
195 return tuple(children)
196
197
199 '''SAML 2.0 XACML Profile XACMLAuthzDecisionQuery
200
201 @cvar DEFAULT_ELEMENT_LOCAL_NAME: Element local name.
202 @type DEFAULT_ELEMENT_LOCAL_NAME: string
203 @cvar DEFAULT_ELEMENT_NAME: Default element name.
204 @type DEFAULT_ELEMENT_NAME: string
205 @cvar TYPE_LOCAL_NAME: Local name of the XSI type.
206 @type TYPE_LOCAL_NAME: string
207 @cvar TYPE_NAME: QName of the XSI type.
208 @type TYPE_NAME: string
209 '''
210
211
212 DEFAULT_ELEMENT_LOCAL_NAME = "XACMLAuthzDecisionStatement"
213
214
215 DEFAULT_ELEMENT_NAME = QName(SAMLConstants.SAML2_XACML_ASSERTION_NS,
216 DEFAULT_ELEMENT_LOCAL_NAME,
217 SAMLConstants.SAML2_XACML_ASSERTION_PREFIX)
218
219
220 TYPE_LOCAL_NAME = "XACMLAuthzDecisionStatementType"
221
222
223 TYPE_NAME = QName(SAMLConstants.SAML2_XACML_ASSERTION_NS,
224 TYPE_LOCAL_NAME,
225 SAMLConstants.SAML2_XACML_ASSERTION_PREFIX)
226 __slots__ = (
227 '__xacmlContextRequest',
228 '__xacmlContextResponse'
229 )
230
239
241 '''Enable pickling
242
243 @return: object's attribute dictionary
244 @rtype: dict
245 '''
246 _dict = super(XACMLAuthzDecisionStatement, self).__getstate__()
247 for attrName in XACMLAuthzDecisionStatement.__slots__:
248
249
250 if attrName.startswith('__'):
251 attrName = "_XACMLAuthzDecisionStatement" + attrName
252
253 _dict[attrName] = getattr(self, attrName)
254
255 return _dict
256
258 '''Gets the XACML context Request child element.
259
260 @return: Request value
261 @rtype: ndg.xacml.core.context.request.Request
262 '''
263 return self.__xacmlContextRequest
264
266 '''Sets the XACML context Request child element.
267
268 @param value: the new Request attribute value
269 @type value: ndg.xacml.core.context.request.Request
270 @raise TypeError: if incorrect input type
271 '''
272 if not isinstance(value, Request):
273 raise TypeError('Expecting string type for "Request" '
274 'attribute; got %r instead' % type(value))
275
276 self.__xacmlContextRequest = value
277
278 xacmlContextRequest = property(fget=_getXacmlContextRequest,
279 fset=_setXacmlContextRequest,
280 doc="XACML context Request")
281
283 '''Gets the XACML context Response child element.
284
285 @return: Response value
286 @rtype: ndg.xacml.core.context.request.Response
287 '''
288 return self.__xacmlContextResponse
289
291 '''Sets the XACML context Response child element.
292
293 @param value: the new Response attribute value
294 @type value: ndg.xacml.core.context.request.Response
295 @raise TypeError: if incorrect input type
296 '''
297 if not isinstance(value, Response):
298 raise TypeError('Expecting string type for "Response" '
299 'attribute; got %r instead' % type(value))
300
301 self.__xacmlContextResponse = value
302
303 xacmlContextResponse = property(fget=_getXacmlContextResponse,
304 fset=_setXacmlContextResponse,
305 doc="XACML context Response")
306