- return false;
- }
-
- private void addConditionSet(EgKey eg, ConditionSet cs,
- Map<EgKey, Set<ConditionSet>> egConditions) {
- if (egConditions == null) return;
- Set<ConditionSet> cset = egConditions.get(eg);
- if (cset == null) {
- egConditions.put(eg, cset = new HashSet<>());
- }
- cset.add(cs);
- }
-
- /**
- * Choose the set of subjects that in scope for each possible set of
- * endpoint conditions
- */
- protected Table<EgKey, EgKey, Policy>
- selectSubjects(Table<EgKey, EgKey,
- List<ContractMatch>> contractMatches,
- Map<EgKey, Set<ConditionSet>> egConditions) {
- // Note that it's possible to further simplify the resulting policy
- // in the case of things like repeated rules, condition sets that
- // cover other condition sets, etc. This would be a good thing to do
- // at some point
- Table<EgKey, EgKey, Policy> policy = HashBasedTable.create();
-
- for (List<ContractMatch> matches : contractMatches.values()) {
- for (ContractMatch match : matches) {
- List<Clause> clauses = match.contract.getClause();
- if (clauses == null) continue;
-
- List<Subject> subjectList = match.contract.getSubject();
- if (subjectList == null) continue;
-
- EgKey ckey = new EgKey(match.consumerTenant.getId(),
- match.consumer.getId());
- EgKey pkey = new EgKey(match.providerTenant.getId(),
- match.provider.getId());
- EgKey one = ckey;
- EgKey two = pkey;
- boolean reverse = shouldReverse(ckey, pkey);
- if (reverse) {
- one = pkey;
- two = ckey;
- }
- Policy existing = policy.get(one, two);
-
- HashMap<SubjectName, Subject> subjects = new HashMap<>();
- for (Subject s : subjectList) {
- subjects.put(s.getName(), s);
- }
-
- Table<ConditionSet, ConditionSet, List<Subject>> subjectMap =
- HashBasedTable.create();
-
- for (Clause clause : clauses) {
- if (clause.getSubjectRefs() != null &&
- clauseMatches(clause, match)) {
- ConditionSet consCSet = buildConsConditionSet(clause);
- addConditionSet(ckey, consCSet, egConditions);
- ConditionSet provCSet = buildProvConditionSet(clause);
- addConditionSet(pkey, provCSet, egConditions);
- List<Subject> clauseSubjects =
- subjectMap.get(consCSet, provCSet);
- if (clauseSubjects == null) {
- clauseSubjects = new ArrayList<>();
- subjectMap.put(consCSet, provCSet, clauseSubjects);
- }
- for (SubjectName sn : clause.getSubjectRefs()) {
- Subject s = subjects.get(sn);
- if (s != null) clauseSubjects.add(s);
- }
- }
- }
-
- policy.put(one, two,
- resolvePolicy(match.contractTenant,
- match.contract,
- reverse,
- existing,
- subjectMap));
- }
- }
-
- return policy;
- }
-
- private List<ConsumerContractMatch> matchConsumerContracts(Tenant tenant,
- EndpointGroup consumer) {
- List<ConsumerContractMatch> matches = new ArrayList<>();
- if (consumer.getConsumerNamedSelector() != null) {
- for (ConsumerNamedSelector cns : consumer.getConsumerNamedSelector()) {
- if (cns.getContract() == null) continue;
- for (ContractId contractId : cns.getContract()) {
- Contract contract =
- TenantUtils.findContract(tenant, contractId);
- if (contract == null) continue;
- matches.add(new ConsumerContractMatch(tenant, contract,
- tenant, consumer,
- cns));