From af9975a4ed5440efa97b137c3f1e9b9ac3b4f7ca Mon Sep 17 00:00:00 2001 From: Bill Smith Date: Tue, 21 Aug 2018 15:27:02 -0700 Subject: [PATCH] [SHIBUI-661] Added support to XML generation for EntityAttributesFilter for target types CONDITION_SCRIPT and REGEX. Added helper method that evaluates regex and generates tiny script. Unit tests forthcoming. --- .../JPAMetadataResolverServiceImpl.groovy | 44 ++++++++++++++++--- 1 file changed, 39 insertions(+), 5 deletions(-) diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index 18796b950..971e64bcd 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -70,6 +70,8 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { (List) (List) entityAttributesFilter.getAttributes() ) } + //TODO: else if CONDITION_SCRIPT/REGEX, add new rule + // new ScriptedPredicate, new EvaluableScript target.setRules(rules) metadataFilters.add(target) } @@ -146,15 +148,47 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { filter.attributes.each { attribute -> mkp.yieldUnescaped(openSamlObjects.marshalToXmlString(attribute, false)) } - if (filter.entityAttributesFilterTarget.entityAttributesFilterTargetType == EntityAttributesFilterTarget - .EntityAttributesFilterTargetType.ENTITY) { - filter.entityAttributesFilterTarget.value.each { - Entity(it) - } + switch (filter.entityAttributesFilterTarget.entityAttributesFilterTargetType) { + case EntityAttributesFilterTarget + .EntityAttributesFilterTargetType.ENTITY: + filter.entityAttributesFilterTarget.value.each { + Entity(it) + } + break + case EntityAttributesFilterTarget + .EntityAttributesFilterTargetType.CONDITION_SCRIPT: + case EntityAttributesFilterTarget + .EntityAttributesFilterTargetType.REGEX: + ConditionScript() { + Script() { + def script + if (filter.entityAttributesFilterTarget.entityAttributesFilterTargetType == + EntityAttributesFilterTarget.EntityAttributesFilterTargetType.CONDITION_SCRIPT) { + script = filter.entityAttributesFilterTarget.value + } else if (filter.entityAttributesFilterTarget.entityAttributesFilterTargetType == + EntityAttributesFilterTarget.EntityAttributesFilterTargetType.REGEX) { + //TODO: Is the "entityId" supposed to be the resourceId of the filter? Or something else? + //TODO: Assuming value is a list of one element? Error check? + script = generateRegexScript(filter.entityAttributesFilterTarget.value.get(0), filter.resourceId) + } + mkp.yieldUnescaped("") + } + } + break + default: + //TODO do nothing? + break } } } + private String generateRegexScript(String regex, String entityId) { + def matched = entityId ==~ ~regex + return '''\ + "use strict"; + ${matched};''' + } + void constructXmlNodeForFilter(EntityRoleWhiteListFilter filter, def markupBuilderDelegate) { markupBuilderDelegate.MetadataFilter( 'xsi:type': 'EntityRoleWhiteList',