AuthorisationPolicy

Based on net.ponder2.policy.PolicyP2Adaptor

This is an Authorisation Policy. See http://ponder2.net/cgi-bin/moin.cgi/BasicScenario for more information on using authorisation policies.

Factory Messages
OperationDescription
subject: subject action: action target: target focus: focus Creates a new authorisation policy between subject and target managed objects. The authorisation policy applies to the given action and the given focus. The action is essentially the PonderTalk keywords to be checked.
e.g. a domain could be monitored with the action "at:put"" Note that the ':' is necessary for keyword actions.
The focus is 's' for subject authorisation at PEP1 or PEP4, 't' for target authorisation at PEP2 or PEP3.

Operational Messages
OperationReturnDescription
final self Sets the policy as a final one. Checking stops at this point and this policy determines whether access will be granted
reqneg self sets the policy as a negative authorisation for the request
repneg self sets the policy as a negative authorisation for the reply
reqcondition: aBlock P2Object sets the condition of the policy for the request part of an action. The arguments to the block are the values given to the action being performed. e.g. with action:
 "at:put:" 
the condition block might be
 [ :at :put | at == "accounts" ] 
the argument names do not matter, you could also have
 [ :name | name == "accounts" ] 
You can also use the global variables p_subject and p_target in the block's PonderTalk, they refer to the source and target objects associated with the action in question.
Answers aBlock.
repcondition: aBlock P2Object sets the condition of the policy for the reply part of an action. The argument to the block is the value of the return from the action being performed. e.g. with action:
 "at:" 
the reply condition block might be
 [ :name | name == "accounts" ] 
You can also use the global variables p_subject and p_target in the block's PonderTalk, they refer to the source and target objects associated with the action in question.
Answers aBlock.