pdp and proto changes (#178)

src/main/java/gov/nist/csd/pm/pdp/PDP.java

@@ -18,12 +18,17 @@
 import gov.nist.csd.pm.common.exception.PMException;
 import gov.nist.csd.pm.common.tx.TxRunner;
 import gov.nist.csd.pm.common.routine.Routine;
+import gov.nist.csd.pm.pdp.adjudication.AccessAdjudication;
+import gov.nist.csd.pm.pdp.adjudication.AdjudicationResponse;
+import gov.nist.csd.pm.pdp.adjudication.OperationRequest;
+import gov.nist.csd.pm.pdp.bootstrap.PolicyBootstrapper;
 
 import java.util.*;
 
 import static gov.nist.csd.pm.pap.admin.AdminPolicy.ALL_NODE_NAMES;
 import static gov.nist.csd.pm.common.graph.node.NodeType.ANY;
 import static gov.nist.csd.pm.common.graph.node.Properties.NO_PROPERTIES;
+import static gov.nist.csd.pm.pdp.adjudication.Decision.GRANT;
 
 public class PDP implements EventPublisher, AccessAdjudication {
 
@@ -105,15 +110,15 @@ public void publishEvent(EventContext event) throws PMException {
     }
 
     @Override
-    public ResourceAdjudicationResponse adjudicateResourceOperation(UserContext user, String target, String resourceOperation) throws PMException {
+    public AdjudicationResponse adjudicateResourceOperation(UserContext user, String target, String resourceOperation) throws PMException {
         if (!pap.query().operations().getResourceOperations().contains(resourceOperation)) {
             throw new OperationDoesNotExistException(resourceOperation);
         }
 
         try {
             privilegeChecker.check(user, target, resourceOperation);
         } catch (UnauthorizedException e) {
-            return new ResourceAdjudicationResponse(e);
+            return new AdjudicationResponse(e);
         }
 
         Node node = pap.query().graph().getNode(target);
@@ -125,7 +130,7 @@ public ResourceAdjudicationResponse adjudicateResourceOperation(UserContext user
                 Map.of("target", target)
         ));
 
-        return new ResourceAdjudicationResponse(node);
+        return new AdjudicationResponse(GRANT, node);
     }
 
     private Object executeOperation(UserContext user, ExecutionContext ctx, PDPTx pdpTx, String name, Map<String, Object> operands) throws PMException {
@@ -154,22 +159,22 @@ private Object executeOperation(UserContext user, ExecutionContext ctx, PDPTx pd
     }
 
     @Override
-    public AdminAdjudicationResponse adjudicateAdminOperation(UserContext user, String name, Map<String, Object> operands) throws PMException {
+    public AdjudicationResponse adjudicateAdminOperation(UserContext user, String name, Map<String, Object> operands) throws PMException {
         try {
             Object returnValue = runTx(user, tx -> {
                 PDPExecutionContext ctx = new PDPExecutionContext(user, tx);
 
                 return executeOperation(user, ctx, tx, name, operands);
             });
 
-            return new AdminAdjudicationResponse(Decision.GRANT, returnValue);
+            return new AdjudicationResponse(GRANT, returnValue);
         } catch(UnauthorizedException e){
-            return new AdminAdjudicationResponse(e);
+            return new AdjudicationResponse(e);
         }
     }
 
     @Override
-    public AdminAdjudicationResponse adjudicateAdminRoutine(UserContext user, String name, Map<String, Object> operands) throws PMException {
+    public AdjudicationResponse adjudicateAdminRoutine(UserContext user, String name, Map<String, Object> operands) throws PMException {
         Routine<?> adminRoutine = pap.query().routines().getAdminRoutine(name);
         try {
             Object returnValue = runTx(user, tx -> {
@@ -187,14 +192,14 @@ public AdminAdjudicationResponse adjudicateAdminRoutine(UserContext user, String
                 return o;
             });
 
-            return new AdminAdjudicationResponse(Decision.GRANT, returnValue);
+            return new AdjudicationResponse(GRANT, returnValue);
         } catch (UnauthorizedException e) {
-            return new AdminAdjudicationResponse(e);
+            return new AdjudicationResponse(e);
         }
     }
 
     @Override
-    public AdminAdjudicationResponse adjudicateAdminRoutine(UserContext user, List<OperationRequest> operationRequests) throws PMException {
+    public AdjudicationResponse adjudicateAdminRoutine(UserContext user, List<OperationRequest> operationRequests) throws PMException {
         try {
             runTx(user, tx -> {
                 PDPExecutionContext ctx = new PDPExecutionContext(user, tx);
@@ -206,9 +211,9 @@ public AdminAdjudicationResponse adjudicateAdminRoutine(UserContext user, List<O
                 return null;
             });
 
-            return new AdminAdjudicationResponse(Decision.GRANT);
+            return new AdjudicationResponse(GRANT);
         } catch(UnauthorizedException e){
-            return new AdminAdjudicationResponse(e);
+            return new AdjudicationResponse(e);
         }
     }
 }

src/main/java/gov/nist/csd/pm/pdp/adjudication/AccessAdjudication.java

@@ -0,0 +1,16 @@
+package gov.nist.csd.pm.pdp.adjudication;
+
+import gov.nist.csd.pm.common.exception.PMException;
+import gov.nist.csd.pm.pap.query.model.context.UserContext;
+
+import java.util.List;
+import java.util.Map;
+
+public interface AccessAdjudication {
+
+    AdjudicationResponse adjudicateResourceOperation(UserContext user, String policyElement, String resourceOperation) throws PMException;
+    AdjudicationResponse adjudicateAdminOperation(UserContext user, String name, Map<String, Object> operands) throws PMException;
+    AdjudicationResponse adjudicateAdminRoutine(UserContext user, String name, Map<String, Object> operands) throws PMException;
+    AdjudicationResponse adjudicateAdminRoutine(UserContext user, List<OperationRequest> operationRequests) throws PMException;
+
+}

src/main/java/gov/nist/csd/pm/pdp/AdminAdjudicationResponse.java → src/main/java/gov/nist/csd/pm/pdp/adjudication/AdjudicationResponse.java

@@ -1,25 +1,26 @@
-package gov.nist.csd.pm.pdp;
+package gov.nist.csd.pm.pdp.adjudication;
 
 import gov.nist.csd.pm.pap.query.model.explain.Explain;
+import gov.nist.csd.pm.pdp.UnauthorizedException;
 
 import java.util.Objects;
 
-public class AdminAdjudicationResponse {
+public class AdjudicationResponse {
 
     private Decision decision;
     private Object value;
     private Explain explain;
 
-    public AdminAdjudicationResponse(Decision decision) {
+    public AdjudicationResponse(Decision decision) {
         this.decision = decision;
     }
 
-    public AdminAdjudicationResponse(Decision decision, Object value) {
+    public AdjudicationResponse(Decision decision, Object value) {
         this.decision = decision;
         this.value = value;
     }
 
-    public AdminAdjudicationResponse(UnauthorizedException e) {
+    public AdjudicationResponse(UnauthorizedException e) {
         this.decision = Decision.DENY;
         this.explain = e.getExplain();
     }
@@ -51,7 +52,7 @@ public void setValue(Object value) {
     @Override
     public boolean equals(Object o) {
         if (this == o) return true;
-        if (!(o instanceof AdminAdjudicationResponse response)) return false;
+        if (!(o instanceof AdjudicationResponse response)) return false;
 	    return decision == response.decision && Objects.equals(value, response.value) && Objects.equals(explain, response.explain);
     }
 

src/main/java/gov/nist/csd/pm/pdp/Adjudicator.java → src/main/java/gov/nist/csd/pm/pdp/adjudication/Adjudicator.java

@@ -1,4 +1,4 @@
-package gov.nist.csd.pm.pdp;
+package gov.nist.csd.pm.pdp.adjudication;
 
 import gov.nist.csd.pm.pap.PrivilegeChecker;
 

src/main/java/gov/nist/csd/pm/pdp/Decision.java → src/main/java/gov/nist/csd/pm/pdp/adjudication/Decision.java

@@ -1,4 +1,4 @@
-package gov.nist.csd.pm.pdp;
+package gov.nist.csd.pm.pdp.adjudication;
 
 public enum Decision {
     GRANT,

src/main/java/gov/nist/csd/pm/pdp/OperationRequest.java → src/main/java/gov/nist/csd/pm/pdp/adjudication/OperationRequest.java

@@ -1,4 +1,4 @@
-package gov.nist.csd.pm.pdp;
+package gov.nist.csd.pm.pdp.adjudication;
 
 import java.util.Map;
 

src/main/java/gov/nist/csd/pm/pdp/PMLBootstrapper.java → src/main/java/gov/nist/csd/pm/pdp/bootstrap/PMLBootstrapper.java

@@ -1,4 +1,4 @@
-package gov.nist.csd.pm.pdp;
+package gov.nist.csd.pm.pdp.bootstrap;
 
 import gov.nist.csd.pm.pap.PAP;
 import gov.nist.csd.pm.common.exception.PMException;

src/main/java/gov/nist/csd/pm/pdp/PolicyBootstrapper.java → src/main/java/gov/nist/csd/pm/pdp/bootstrap/PolicyBootstrapper.java

@@ -1,4 +1,4 @@
-package gov.nist.csd.pm.pdp;
+package gov.nist.csd.pm.pdp.bootstrap;
 
 import gov.nist.csd.pm.pap.PAP;
 import gov.nist.csd.pm.common.exception.PMException;

src/main/java/gov/nist/csd/pm/pdp/modification/GraphModificationAdjudicator.java

@@ -11,7 +11,7 @@
 import gov.nist.csd.pm.pap.PrivilegeChecker;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
 import gov.nist.csd.pm.common.graph.node.NodeType;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 import java.util.Collection;
 import java.util.Map;

src/main/java/gov/nist/csd/pm/pdp/modification/ObligationsModificationAdjudicator.java

@@ -11,7 +11,7 @@
 import gov.nist.csd.pm.common.op.obligation.DeleteObligationOp;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
 import gov.nist.csd.pm.common.obligation.Rule;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 import java.util.List;
 import java.util.Map;

src/main/java/gov/nist/csd/pm/pdp/modification/OperationsModificationAdjudicator.java

@@ -12,7 +12,7 @@
 import gov.nist.csd.pm.common.op.operation.DeleteAdminOperationOp;
 import gov.nist.csd.pm.common.op.operation.SetResourceOperationsOp;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 import java.util.Map;
 

src/main/java/gov/nist/csd/pm/pdp/modification/PolicyModificationAdjudicator.java

@@ -6,7 +6,7 @@
 import gov.nist.csd.pm.pap.modification.*;
 import gov.nist.csd.pm.pap.PrivilegeChecker;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 public class PolicyModificationAdjudicator extends Adjudicator implements PolicyModification {
 

src/main/java/gov/nist/csd/pm/pdp/modification/ProhibitionsModificationAdjudicator.java

@@ -13,7 +13,7 @@
 import gov.nist.csd.pm.common.prohibition.ContainerCondition;
 import gov.nist.csd.pm.common.prohibition.Prohibition;
 import gov.nist.csd.pm.common.prohibition.ProhibitionSubject;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 import java.util.Collection;
 import java.util.Map;

src/main/java/gov/nist/csd/pm/pdp/modification/RoutinesModificationAdjudicator.java

@@ -10,7 +10,7 @@
 import gov.nist.csd.pm.common.op.routine.DeleteAdminRoutineOp;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
 import gov.nist.csd.pm.common.routine.Routine;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 import java.util.Map;
 

src/main/java/gov/nist/csd/pm/pdp/query/AccessQueryAdjudicator.java

@@ -9,7 +9,7 @@
 import gov.nist.csd.pm.pap.query.model.subgraph.SubgraphPrivileges;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
 import gov.nist.csd.pm.pap.query.model.explain.Explain;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 import java.util.List;
 import java.util.Map;

src/main/java/gov/nist/csd/pm/pdp/query/GraphQueryAdjudicator.java

@@ -11,7 +11,7 @@
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
 import gov.nist.csd.pm.pap.query.model.subgraph.AscendantSubgraph;
 import gov.nist.csd.pm.pap.query.model.subgraph.DescendantSubgraph;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 import gov.nist.csd.pm.pdp.UnauthorizedException;
 
 import java.util.ArrayList;

src/main/java/gov/nist/csd/pm/pdp/query/ObligationsQueryAdjudicator.java

@@ -10,7 +10,7 @@
 import gov.nist.csd.pm.pap.query.ObligationsQuery;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
 import gov.nist.csd.pm.common.obligation.Obligation;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 import gov.nist.csd.pm.pdp.UnauthorizedException;
 
 import java.util.Collection;

src/main/java/gov/nist/csd/pm/pdp/query/OperationsQueryAdjudicator.java

@@ -9,7 +9,7 @@
 import gov.nist.csd.pm.pap.PrivilegeChecker;
 import gov.nist.csd.pm.pap.query.OperationsQuery;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 import java.util.Collection;
 

src/main/java/gov/nist/csd/pm/pdp/query/ProhibitionsQueryAdjudicator.java

@@ -10,7 +10,7 @@
 import gov.nist.csd.pm.pap.query.ProhibitionsQuery;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
 import gov.nist.csd.pm.common.prohibition.Prohibition;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 import java.util.Collection;
 import java.util.HashMap;

src/main/java/gov/nist/csd/pm/pdp/query/RoutinesQueryAdjudicator.java

@@ -8,7 +8,7 @@
 import gov.nist.csd.pm.pap.query.RoutinesQuery;
 import gov.nist.csd.pm.pap.query.model.context.UserContext;
 import gov.nist.csd.pm.common.routine.Routine;
-import gov.nist.csd.pm.pdp.Adjudicator;
+import gov.nist.csd.pm.pdp.adjudication.Adjudicator;
 
 import java.util.Collection;