Policy Manager

Owned by Gareth Woodham
Last updated: Aug 23, 2016 by S

Background

Some of the policy rules are country-specific which means that the logic must be contained in a class supplied by the Participating Nation (PN).  This page describes how the "Assertion Validator" component uses Java ServiceLoader is used to fetch a local "Policy Manager" implementation.

This task will be implemented in Release x.x.x. of assertion-validator.  Here is the JIRA: OPENNCP-730 - Getting issue details... STATUS

Design

The diagram shows how the AssertionAttributeValidator uses the ServiceLoader to load the National implementation of PolicyManager.

It does not matter what the fully qualified name of the class is.  The ServiceLoader requires only that the class must implement PolicyManagerInterface and that there is a provider-configuration file in the resource directory META-INF/services.

If the AssertionAttributeValidator fails to load a National implementation then it will fallback to instanciating the DefaultPolicyManagerImpl.  This is useful for testing purposes and as an example of how to build the implementation.

We use the same approach for the Integration between Protocol Teminators and the National Connector. Please refer to that page for more information about the ServiceLoader.

Interface

Here is a first shot at the Policy Manager public interface.

PolicyManagerInterface
public interface PolicyManagerInterface {
        void XSPASubjectValidatorForHCP(Assertion assertion) throws MissingFieldException, InvalidFieldException;
        void XSPASubjectValidatorForTRC(Assertion assertion) throws MissingFieldException, InvalidFieldException;
        void XSPARoleValidator(Assertion assertion) throws MissingFieldException, InvalidFieldException;
        void OnBehalfOfValidator(Assertion assertion) throws MissingFieldException, InvalidFieldException;
        void HealthcareFacilityValidator(Assertion assertion) throws MissingFieldException, InvalidFieldException;
        void PurposeOfUseValidator(Assertion assertion) throws MissingFieldException, InsufficientRightsException;
        void XSPALocalityValidator(Assertion assertion) throws MissingFieldException, InvalidFieldException;
        void XCPDPermissionValidator(Assertion assertion) throws InsufficientRightsException;
        void XCAPermissionValidatorPS(Assertion assertion) throws InsufficientRightsException;
        void XCAPermissionValidatorEP(Assertion assertion) throws InsufficientRightsException;
        void XDRPermissionValidatorED(Assertion assertion) throws InsufficientRightsException;
        void XDRPermissionValidatorConsent(Assertion assertion) throws InsufficientRightsException;
}

We need urgent expert input about which methods need to be localized and which are applicable for all countries!!

Packaging

It is the responsibility of the PN to develop scripts to package the National implementation.  The recommended approach is to package the class (and any supporting classes) into a jar file.  This jar file must be bundled into the lib directory in the epsos-server.war.  The Swedish team have Maven scripts which fetch the war from joinup, extract, add the National jars and then create a new war.