Context Navigation

source: fedd/abac-src/rbtm/engine/GraphEngine.java @ 866c983

axis_examplecompt_changesinfo-opsversion-1.30version-2.00version-3.01version-3.02

Last change on this file since 866c983 was 8780cbec, checked in by Jay Jacobs <Jay.Jacobs@…>, 15 years ago
ABAC sources from Cobham
Property mode set to `100644`
File size: 11.4 KB

Line
1	package edu.stanford.peer.rbtm.engine;
2
3	import java.util.*;
4
5	import edu.stanford.peer.rbtm.RBTMConstants;
6	import edu.stanford.peer.rbtm.credential.*;
7	import edu.stanford.peer.rbtm.util.*;
8
9	/**
10	* A graph engine is a proof graph which may optionally contain a predicate
11	* function. This implementation is a tightly coupled directed credential
12	* graph and credential index.
13	*/
14	public class GraphEngine
15	implements java.io.Serializable, ProofGraph, RBTMConstants
16	{
17	static final public Iterator emptyIt = new ArrayList(1).iterator();
18	static final public Collection emptyCollection = new ArrayList(1);
19
20	/** stores all the credentials */
21	private HashSet credentials = new HashSet();
22
23	/** an index from issuers to credential collections */
24	private HashMap indexByIssuer = new HashMap();
25
26	/** an index from roles to credential collections */
27	private HashMap indexByRole = new HashMap();
28
29	/** an index from role name to credential collections */
30	private HashMap indexByRoleName = new HashMap();
31
32	/** an index from subjects to collections of credentials */
33	private HashMap indexBySubject = new HashMap();
34
35	/** predicate function which could be null */
36	private Predicate pred = null;
37
38	private int track;
39
40	private SolutionFilter solutionFilter;
41
42	// a proof queue
43	transient private ProofQueue proofQueue = new SimpleProofQueue();
44
45	transient private HashMap nodeTable = new HashMap();
46
47
48	public GraphEngine(Set creds, int tt, SolutionFilter filter, Predicate p) {
49	this(creds, tt, filter);
50	pred = p;
51	}
52
53	public GraphEngine(Set creds, int trackType, SolutionFilter filter)
54	{
55	this(trackType, filter);
56	addCredentials(creds);
57	}
58
59	public GraphEngine(int trackType, SolutionFilter filter) {
60	track = trackType;
61	solutionFilter = (filter == null)? new DefaultSolutionFilter(): filter;
62	}
63
64	public GraphEngine(Predicate p) {
65	this();
66	pred = p;
67	}
68
69	public GraphEngine() {
70	this(TRACK_ALL, null);
71	}
72
73
74	public void reinit() {
75	proofQueue = new SimpleProofQueue();
76	nodeTable = new HashMap();
77	}
78
79	synchronized public void addCredentials(Collection credentials) {
80	reinit();
81	Iterator credIt = credentials.iterator();
82	while (credIt.hasNext()) {
83	addCredential((StaticCredential)credIt.next());
84	}
85	}
86
87	synchronized public void removeCredentials(Collection credentials) {
88	reinit();
89	Iterator credIt = credentials.iterator();
90	while (credIt.hasNext()) {
91	removeCredential((StaticCredential)credIt.next());
92	}
93	}
94
95	synchronized public boolean addCredential(StaticCredential cred) {
96	// Make sure that no duplicate Credential exists
97	if (credentials.contains(cred)) {
98	Debug.debugInfo("trying to add existing credential: " + cred);
99	return false;
100	}
101	Debug.debugInfo("adding credential: " + cred);
102	credentials.add(cred);
103	addIndexFor(cred);
104	ProofNode node = getNode(cred.getDefinedRole());
105	if (node != null) {
106	node.invalidateBackward();
107	}
108	node = getNode(cred.getSubject());
109	if (node != null) {
110	node.invalidateForward();
111	}
112	return true;
113	}
114
115	synchronized public void removeCredential(StaticCredential cred) {
116	if (credentials.contains(cred)) {
117	Debug.debugInfo("removing credential: " + cred);
118	reinit();
119	credentials.remove(cred);
120	removeIndexFor(cred);
121	} else {
122	Debug.debugInfo("trying to remove nonexistent credential: " + cred);
123	//// throw Exception
124	}
125	}
126
127	private void addIndexFor(StaticCredential cred)
128	{
129	Entity e = cred.getIssuer();
130	ArrayList credList = (ArrayList)indexByIssuer.get(e);
131	if (credList == null) {
132	credList = new ArrayList(40);
133	indexByIssuer.put(e, credList);
134	}
135	credList.add(cred);
136
137	// Code to deal with indexByRole
138	Role r = cred.getDefinedRole();
139	credList = (ArrayList) indexByRole.get(r);
140	if (credList == null) {
141	credList = new ArrayList(10);
142	indexByRole.put(r, credList);
143	}
144	credList.add(cred);
145
146	// Code to deal with indexByRoleName
147	RoleName name = r.getName();
148	credList = (ArrayList) indexByRoleName.get(name);
149	if (credList == null) {
150	credList = new ArrayList(10);
151	indexByRoleName.put(name, credList);
152	}
153	credList.add(cred);
154
155	EntityExpression subject = cred.getSubject();
156	if(subject instanceof Intersection) {
157	Iterator parts = ((Intersection)subject).getParts();
158	while(parts.hasNext()) {
159	EntityExpression partialSolution =
160	(EntityExpression)parts.next();
161	credList = (ArrayList) indexBySubject.get(subject);
162	if (credList == null) {
163	credList = new ArrayList(10);
164	indexBySubject.put(partialSolution, credList);
165	}
166	credList.add(cred);
167	}
168	} else {
169	credList = (ArrayList) indexBySubject.get(subject);
170	if (credList == null) {
171	credList = new ArrayList(10);
172	indexBySubject.put(subject, credList);
173	}
174	credList.add(cred);
175	}
176	}
177
178	private void removeIndexFor(StaticCredential cred)
179	{
180	((ArrayList)indexByIssuer.get(cred.getIssuer())).remove(cred);
181	((ArrayList)indexByRole.get(cred.getDefinedRole())).remove(cred);
182	((ArrayList)indexBySubject.get(cred.getSubject())).remove(cred);
183	}
184
185	/*
186	public void addRole(Role role) {
187	if (! indexByRole.containsKey(role)) {
188	indexByRole.put(role, new ArrayList());
189	}
190	}
191	*/
192
193	/**
194	* Repository function: finds all credentials issued by entity e.
195	*/
196	synchronized public Collection getCredentialsIssuedBy(Entity e) {
197	Collection credentials = (Collection)indexByIssuer.get(e);
198	if (credentials == null) {
199	return emptyCollection;
200	} else {
201	return credentials;
202	}
203	}
204
205
206	synchronized public Iterator findCredentialsDefiningRole(RoleName r)
207	{
208	ArrayList credList = (ArrayList) indexByRoleName.get(r);
209	if (credList == null) {
210	return emptyIt;
211	} else {
212	return credList.iterator();
213	}
214	}
215
216	synchronized public Iterator findCredentialsDefiningRole(Role r)
217	{
218	ArrayList credList = (ArrayList) indexByRole.get(r);
219	if (credList == null) {
220	return emptyIt;
221	} else {
222	return credList.iterator();
223	}
224	}
225
226	synchronized public Iterator findCredentialsBySubject(EntityExpression subject)
227	{
228	ArrayList credList = (ArrayList) indexBySubject.get(subject);
229	if (credList == null) {
230	return emptyIt;
231	} else {
232	return credList.iterator();
233	}
234	}
235
236	synchronized public Iterator findCredentialsByPartialSubject(EntityExpression subject)
237	{
238	// Using a vector copies the arraylist so we don't remove from it
239	ArrayList credList = (ArrayList)indexBySubject.get(subject);
240	if (credList == null) {
241	return emptyIt;
242	}
243	credList = (ArrayList)credList.clone();
244	Iterator i = credList.iterator();
245	while(i.hasNext()) { // remove credential which aren't intersections
246	StaticCredential cred = (StaticCredential)i.next();
247	if(!(cred.getSubject() instanceof Intersection)) {
248	i.remove();
249	//System.out.println("Removing " + cred.getSubject());
250	} else {
251	//System.out.println("Not Removing " + cred.getSubject());
252	}
253	}
254	return credList.iterator();
255	}
256
257	/*
258	boolean hasCredentialsForSubject(EntityExpression re) {
259	return findCredentialsBySubject(re).hasNext();
260	}
261	*/
262
263	// Find out all Roles that roleExp belongs to
264	synchronized public ResultEvidenceMap forwardSearch(EntityExpression roleExp) {
265	ProofNode goalNode = addForwardNode(roleExp);
266	while (proofQueue.hasUnexploredForwardNodes()) {
267	proofQueue.nextUnexploredForwardNode().forwardProcess();
268	}
269	return goalNode.getForwardSolutions();
270	}
271
272	// Find out all members of roleExp
273	synchronized public ResultEvidenceMap backwardSearch(EntityExpression roleExp) {
274	ProofNode goalNode = addBackwardNode(roleExp);
275	while (proofQueue.hasUnexploredBackwardNodes()) {
276	proofQueue.nextUnexploredBackwardNode().backwardProcess();
277	}
278	return goalNode.getBackwardSolutions();
279	}
280
281	public ProofNode addForwardNode(EntityExpression roleExp) {
282	ProofNode node = addNode(roleExp);
283	proofQueue.addForwardNode(node);
284	return node;
285	}
286
287	public ProofNode addBackwardNode (EntityExpression roleExp) {
288	ProofNode node = addNode(roleExp);
289	proofQueue.addBackwardNode(node);
290	return node;
291	}
292
293	/**
294	* Add a node corresponding to a role expression, make sure that the
295	* node is not added twice.
296	*/
297	private ProofNode addNode (EntityExpression roleExp) {
298	ProofNode node = (ProofNode)nodeTable.get(roleExp);
299	if (node == null) {
300	node = createProofNode(roleExp);
301	nodeTable.put(roleExp, node);
302	}
303	return node;
304	}
305
306	private ProofNode getNode(EntityExpression roleExp) {
307	return (ProofNode)nodeTable.get(roleExp);
308	}
309
310	private ProofNode createProofNode (EntityExpression roleExp) {
311	if (roleExp instanceof Role) {
312	return new RoleProofNode(this, (Role)roleExp, track);
313	} else if (roleExp instanceof LinkedRole) {
314	return new LinkedRoleProofNode(this, (LinkedRole)roleExp, track);
315	} else if (roleExp instanceof Intersection) {
316	return new IntersectionProofNode(this,(Intersection)roleExp,track);
317	} else {
318	return new EntityProofNode(this, (Entity)roleExp, track);
319	}
320	}
321
322	public ForwardSolution getForwardSolution(EntityExpression re) {
323	return solutionFilter.getForwardSolution(re);
324	}
325
326	public BackwardSolution getBackwardSolution(EntityExpression re) {
327	return solutionFilter.getBackwardSolution(re);
328	}
329
330	public String toString() {
331	return "credentials=" + credentials.toString() + "\n" +
332	"indexByIssuer=" + indexByIssuer.toString() + "\n" +
333	"indexByRole=" + indexByRole.toString() + "\n" +
334	"indexBySubject=" + indexBySubject.toString();
335	}
336
337	private String getSubjectIndexs()
338	{
339	StringBuffer outBuf = new StringBuffer();
340	Iterator keyIt = indexBySubject.keySet().iterator();
341	while (keyIt.hasNext()) {
342	Object o = keyIt.next();
343	if (o instanceof Role) {
344	outBuf.append("Role ").append(o.toString()).append("\n");
345	Role r = (Role) o;
346	outBuf.append("Base is ").append(r.getBase().getClass()).append("\n");
347	outBuf.append("RoleName is ").append(r.getName().getClass()).append("\n");
348	}
349	}
350	return outBuf.toString();
351	}
352
353	public Predicate getPredicate() { return pred; }
354
355	public HashSet getChain(EntityExpression source, EntityExpression target) {
356	System.out.println("source = " + source);
357	System.out.println("target = " + target);
358	ProofNode sourceNode = getNode(source);
359	System.out.println("node table = " + nodeTable);
360	if(sourceNode != null) {
361	return sourceNode.getChain(0, target);
362	}
363	return null;
364	}
365
366	/** accessor method added to support distributed discovery */
367	protected HashSet getCredentials() { return credentials; }
368	}
369
370

Note: See TracBrowser for help on using the repository browser.

Download in other formats: