/**
* ---------------------------------------------------------------------------
* | Target | Rule values | Policy Value |
* ---------------------------------------------------------------------------
* | “Match” | Don’t care | Specified by the rule-combining algorithm |
* | “No-match” | Don’t care | “NotApplicable” |
* | “Indeterminate” | See Table 7 | See Table 7 |
* ---------------------------------------------------------------------------
*
* Table 7
* --------------------------------------------------------
* | Combining algorithm Value | Policy set or policy Value |
* --------------------------------------------------------
* | “NotApplicable” | “NotApplicable” |
* | “Permit” | “Indeterminate{P}” |
* | “Deny” | “Indeterminate{D}” |
* | “Indeterminate” | “Indeterminate{DP}” |
* | “Indeterminate{DP}” | “Indeterminate{DP}” |
* | “Indeterminate{P}” | “Indeterminate{P}” |
* | “Indeterminate{D}” | “Indeterminate{D}” |
* --------------------------------------------------------
*
* @inheritdoc
*/
public function evaluate(Request $request)
{
$targetValue = null;
$combiningAlgorithmDecision = null;
$decision = Decision::NOT_APPLICABLE;
$targetValue = $this->target->evaluate($request);
if ($targetValue === Match::MATCH) {
$decision = $this->getRuleCombiningAlgorithm()->evaluate($request, $this->getRules());
} elseif ($targetValue === Match::INDETERMINATE) {
switch ($this->getRuleCombiningAlgorithm()->evaluate($request, $this->getRules())) {
case Decision::NOT_APPLICABLE:
$decision = Decision::NOT_APPLICABLE;
break;
case Decision::PERMIT:
$decision = Decision::INDETERMINATE_P;
break;
case Decision::DENY:
$decision = Decision::INDETERMINATE_D;
break;
case Decision::INDETERMINATE_D_P:
$decision = Decision::INDETERMINATE_D_P;
break;
case Decision::INDETERMINATE_P:
$decision = Decision::INDETERMINATE_P;
break;
case Decision::INDETERMINATE_D:
$decision = Decision::INDETERMINATE_D;
break;
default:
$decision = Decision::INDETERMINATE_D_P;
}
}
return $decision;
}
