Add JSON PolicyDefinition

src/main/java/edu/mostafa/abac/security/policy/SimplePolicyDefinition.java

@@ -9,7 +9,7 @@
 import org.springframework.expression.spel.standard.SpelExpressionParser;
 import org.springframework.stereotype.Component;
 
-@Component
+//@Component
 public class SimplePolicyDefinition implements PolicyDefinition {
 	private List<PolicyRule> rules;
 

src/main/java/edu/mostafa/abac/security/policy/json/JsonFilePolicyDefinition.java

@@ -0,0 +1,50 @@
+package edu.mostafa.abac.security.policy.json;
+
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.List;
+
+import javax.annotation.PostConstruct;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.expression.Expression;
+import org.springframework.stereotype.Component;
+
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+
+import edu.mostafa.abac.security.policy.PolicyDefinition;
+import edu.mostafa.abac.security.policy.PolicyRule;
+
+@Component
+public class JsonFilePolicyDefinition implements PolicyDefinition {
+	private static Logger logger = LoggerFactory.getLogger(JsonFilePolicyDefinition.class);
+
+	private static String DEFAULT_POLICY_FILE_NAME = "default-policy.json";
+
+	private List<PolicyRule> rules;
+
+	@PostConstruct
+	private void init(){
+		ObjectMapper mapper = new ObjectMapper();
+		SimpleModule module = new SimpleModule();
+		module.addDeserializer(Expression.class, new SpelDeserializer());
+		mapper.registerModule(module);
+		try {
+			PolicyRule[] staff = mapper.readValue(getClass().getResourceAsStream(DEFAULT_POLICY_FILE_NAME), PolicyRule[].class);
+			this.rules = Arrays.asList(staff);
+		} catch (JsonMappingException e) {
+			logger.error("An error occurred while parsing the policy file.", e);
+		} catch (IOException e) {
+			logger.error("An error occurred while reading the policy file.", e);
+		}
+	}
+
+	@Override
+	public List<PolicyRule> getAllPolicyRules() {
+		return rules;
+	}
+
+}

src/main/java/edu/mostafa/abac/security/policy/json/SpelDeserializer.java

@@ -0,0 +1,32 @@
+package edu.mostafa.abac.security.policy.json;
+
+import java.io.IOException;
+
+import org.springframework.expression.Expression;
+import org.springframework.expression.ExpressionParser;
+import org.springframework.expression.spel.standard.SpelExpressionParser;
+
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import com.fasterxml.jackson.databind.deser.std.StdDeserializer;
+
+public class SpelDeserializer extends StdDeserializer<Expression> {
+	ExpressionParser elParser = new SpelExpressionParser();
+
+	public SpelDeserializer(){
+		this(null);
+	}
+
+	protected SpelDeserializer(Class<?> vc) {
+		super(vc);
+	}
+
+	@Override
+	public Expression deserialize(JsonParser jp, DeserializationContext ctxt)
+			throws IOException, JsonProcessingException {
+		String expresionString = jp.getCodec().readValue(jp, String.class);
+        return elParser.parseExpression(expresionString);
+	}
+
+}

src/main/resources/edu/mostafa/abac/security/policy/json/default-policy.json

@@ -0,0 +1,8 @@
+[
+	{
+		"name": "ResourceOwner",
+		"description": "Resource owner should have access to it.",
+		"target": "true",
+		"condition": "subject.name == resource.owner"
+	}
+]