policy.js revision a40daee24e5a9d8820cf0e83ff7a0a16f94c9ab0
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * Copyright (c) 2012 ForgeRock AS. All Rights Reserved
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * The contents of this file are subject to the terms
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * of the Common Development and Distribution License
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * (the License). You may not use this file except in
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * compliance with the License.
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * You can obtain a copy of the License at
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * See the License for the specific language governing
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * permission and limitations under the License.
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * When distributing Covered Code, include this CDDL
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * Header Notice in each file and include the License file
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * If applicable, add the following below the CDDL Header,
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * with the fields enclosed by brackets [] replaced by
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * your own identifying information:
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle * "Portions Copyrighted [year] [name of copyright owner]"
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle//var params;
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle//var fullObject;
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienlevar failedPolicies = new Array();
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle "policies" : [
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle "clientValidation": true,
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle "clientValidation": true,
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle "policyId" : "max-attempts-triggers-lock-cooldown",
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle "policyExec" : "maxAttemptsTriggersLockCooldown",
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle "policyRequirements" : ["NO_MORE_THAN_X_ATTEMPTS_WITHIN_Y_MINUTES"]
25b1abfbb74fea0ddfcf186f7be3ef5f8c095790Chad Kienle "clientValidation": true,
var failures = [],
failures = [{"policyRequirement": "NO_MORE_THAN_X_ATTEMPTS_WITHIN_Y_MINUTES", params: {"max":params.max,"numMinutes":params.numMinutes}}];
return failures;
var queryParams = {
var namePattern = /^([A-Za'-\u0105\u0107\u0119\u0142\u00F3\u015B\u017C\u017A\u0104\u0106\u0118\u0141\u00D3\u015A\u017B\u0179\u00C0\u00C8\u00CC\u00D2\u00D9\u00E0\u00E8\u00EC\u00F2\u00F9\u00C1\u00C9\u00CD\u00D3\u00DA\u00DD\u00E1\u00E9\u00ED\u00F3\u00FA\u00FD\u00C2\u00CA\u00CE\u00D4\u00DB\u00E2\u00EA\u00EE\u00F4\u00FB\u00C3\u00D1\u00D5\u00E3\u00F1\u00F5\u00C4\u00CB\u00CF\u00D6\u00DC\u0178\u00E4\u00EB\u00EF\u00F6\u00FC\u0178\u00A1\u00BF\u00E7\u00C7\u0152\u0153\u00DF\u00D8\u00F8\u00C5\u00E5\u00C6\u00E6\u00DE\u00FE\u00D0\u00F0\-\s])+$/;
if (typeof value === "string" && value.length && (value.match(reg) === null || value.match(reg).length < params.numCaps)) {
return [ { "policyRequirement" : "AT_LEAST_X_CAPITAL_LETTERS", "params" : {"numCaps": params.numCaps} } ];
if (typeof value === "string" && value.length && (value.match(reg) === null || value.match(reg).length < params.numNums)) {
if (typeof(openidm) !== "undefined" && typeof(request) !== "undefined" && request.id && !request.id.match('/$')) {
if (typeof(fullObject[fieldArray[i]]) === "undefined" && typeof(fullObject_server[fieldArray[i]]) !== "undefined") {
return [{"policyRequirement": "CANNOT_CONTAIN_OTHERS", params: {"disallowedFields": fieldArray[i]}}];
var currentValue = openidm.read("config/" + params.configBase),
var props = resource.properties;
var compProps = resource.properties;
return resource;
var retObj = {},
policyRequirements = new Array(),
if (policy == null) {
var found = false;
found = true;
if (!found) {
p.params = new Array();
var param = {};
found = false;
return returnPolicies;
var found = false;
found = true;
if (!found) {
found = false;
var returnArray = new Array();
var resource;
var object;
if (props != null) {
if (policies != null) {
var property = {};
return returnArray;
function processRequest() {
var resource;
if (resource == null ) {
resource = {};
var compArray = new Array();
returnObject = {};
var failedPolicyRequirements = new Array();
returnObject = {};
if (resource == null) {
} catch (error) {