Allow bags in AttributeAssignments (multi-valued) #47
Description
The sections 5.39 and 5.40 of XACML 3..0 spec say:
If the
<AttributeAssignmentExpression>evaluates to a bag, then there MUST be a resulting<AttributeAssignment>for each of the values in the bag.
This means that if an attribute A is assigned 10 values, you need 10 <AttributeAssignment> elements with the same AttributeId, Category and Issuer in the response. This adds to the verbosity of XACML responses and it is far from optimal from a parser's point of view.
So the proposal here is to support multiple values per AttributeAssignment, like Attributes. Also based on the discussion in issue #46, we add the DataType to AttributeAssignment (and remove from AttributeValue), and based on #18, the Category attribute is renamed CategoryId:
<xs:complexType name="AttributeAssignmentType">
<xs:sequence>
<xs:element ref="xacml:AttributeValue" maxOccurs="unbounded"/>
</xs:sequence>
<xs:attribute name="AttributeId" type="xs:anyURI" use="required"/>
<xs:attribute name="CategoryId" type="xs:anyURI" use="optional"/>
<xs:attribute name="Issuer" type="xs:string" use="optional"/>
<xs:attribute name="DataType" type="xs:anyURI" use="required"/>
<!-- Not forgetting that we might make DataType default to string. -->
</xs:complexType>