Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NullPointerException when use VariableReference inside of AttributeAssignmentExpression #149

Open
MiguelAng86 opened this issue Nov 29, 2020 · 0 comments
Open

NullPointerException when use VariableReference inside of AttributeAssignmentExpression #149

MiguelAng86 opened this issue Nov 29, 2020 · 0 comments

Comments

@MiguelAng86
Copy link

Description:
When I use a VariableReference inside of AttributeAssignmentExpression to avoid duplicate code, the code throw a NullPointerException.

I saw that this explote in the class VariableReference, line 164. The reason is that in the getReferencedDefinition() method of the same class, the manager variable is null when the VariableReference is used inside of a Advice or Obligation Expression.

Steps to reproduce:
This case it can reproduce if it modify the TestPolicy_0003.xml with this xml:

<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="TestPolicy0001"
        RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable"
        Version="1.0">
    <Description>Advance Test policy 0003. This has been written for jira COMMONS-97.
        Use case : Users who is from asela.com can only see read patient data whose registered email is
        from asela.com domain.  Advice is returned with patient id of the permitted patient data.
        First XPath evaluation is done with respect to multiple:content-selector. This would creates
        the multiple XACML request. Then each XACML request is evaluated with Attribute selector.
        Here content element has been bounded with custom namespace and prefix
    </Description>
    <PolicyDefaults>
        <XPathVersion>http://www.w3.org/TR/1999/REC-xpath-19991116</XPathVersion>
    </PolicyDefaults>
    <VariableDefinition VariableId="test">
        <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
            <AttributeSelector MustBePresent="false"
                               ContextSelectorId="urn:oasis:names:tc:xacml:3.0:content-selector"
                               Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
                               Path="/ak:patient/ak:patientId/text()"
                               DataType="http://www.w3.org/2001/XMLSchema#string"/>
        </Apply>
    </VariableDefinition>
    <Target>
        <AnyOf>
            <AllOf>
                <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
                    <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue>
                    <AttributeDesignator MustBePresent="false"
                                         Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"
                                         AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id"
                                         DataType="http://www.w3.org/2001/XMLSchema#string"/>
                </Match>
            </AllOf>
        </AnyOf>
    </Target>
    <Rule RuleId="rule1" Effect="Permit">
    <Description>Rule to match value in content element using XPath</Description>
        <Target>
            <AnyOf>
                <AllOf>
                    <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
                        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">@asela.com</AttributeValue>
                        <AttributeSelector MustBePresent="false"
                                           ContextSelectorId="urn:oasis:names:tc:xacml:3.0:content-selector"
                                           Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
                                           Path="//ak:email/text()"
                                           DataType="http://www.w3.org/2001/XMLSchema#string"/>
                    </Match>
                </AllOf>
            </AnyOf>
        </Target>
        <Condition>
            <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
                <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">@asela.com</AttributeValue>
                <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
                    <AttributeSelector MustBePresent="false"
                            ContextSelectorId="urn:oasis:names:tc:xacml:3.0:content-selector"
                            Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
                            Path="/ak:patient/ak:patientContact/ak:email/text()"
                            DataType="http://www.w3.org/2001/XMLSchema#string"/>
                </Apply>
            </Apply>
        </Condition>
        <AdviceExpressions>
            <AdviceExpression AdviceId="patientId" AppliesTo="Permit">
                <AttributeAssignmentExpression AttributeId="urn:oasis:names:tc:xacml:2.0:example:attribute:text">
                    <VariableReference VariableId="test"/>
                </AttributeAssignmentExpression>
            </AdviceExpression>
        </AdviceExpressions>
    </Rule>
    <Rule RuleId="rule2" Effect="Deny">
        <Description>Deny rule</Description>
    </Rule>
</Policy>

Thank you in advance.
Regards.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MiguelAng86