Make the n-of function determinate. #24
Labels
enhancement
New feature or request
Comments
|
If I recall correctly, it was decided that Indeterminate was the appropriate response because the Policy is technically invalid and that since Policy validation was deemed an implementation issue, this was the only way to "call out" in the spec. Not advocating that we keep it that way, just context... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It really annoys me (in particular because it thwarts my attempts at efficient policy indexing) that the n-of function evaluates to Indeterminate if the first argument (an integer) is greater than the number of remaining Boolean arguments . Clearly something like 6 out of 5 (remaining arguments) can't be satisfied even if they are all True, so the overall result ought to be False rather than Indeterminate. The definition of the function is also quiet about N < 0. I would say that N <= 0 will always result in True.
The URI is:
A revised function could be added to both XACML 3.0 and XACML 4.0
and the old definition retained for backward compatibility.
The text was updated successfully, but these errors were encountered: