Merge "Policy Executor Feature Toggle"

2 files changed, 78 insertions, 0 deletions

diff --git a/cps-ncmp-service/src/main/java/org/onap/cps/ncmp/impl/data/DmiDataOperations.java b/cps-ncmp-service/src/main/java/org/onap/cps/ncmp/impl/data/DmiDataOperations.java
index b902fe2767..4cbf9d4b3b 100644
--- a/cps-ncmp-service/src/main/java/org/onap/cps/ncmp/impl/data/DmiDataOperations.java
+++ b/cps-ncmp-service/src/main/java/org/onap/cps/ncmp/impl/data/DmiDataOperations.java
@@ -71,6 +71,7 @@ public class DmiDataOperations {
     private final JsonObjectMapper jsonObjectMapper;
     private final DmiProperties dmiProperties;
     private final DmiRestClient dmiRestClient;
+    private final PolicyExecutor policyExecutor;
 
     /**
      * This method fetches the resource data from the operational data store for a given CM handle
@@ -170,6 +171,9 @@ public class DmiDataOperations {
                                                                              final String dataType,
                                                                              final String authorization) {
         final YangModelCmHandle yangModelCmHandle = getYangModelCmHandle(cmHandleId);
+
+        policyExecutor.checkPermission(yangModelCmHandle, operationType, authorization, resourceId, requestData);
+
         final CmHandleState cmHandleState = yangModelCmHandle.getCompositeState().getCmHandleState();
         validateIfCmHandleStateReady(yangModelCmHandle, cmHandleState);
 
diff --git a/cps-ncmp-service/src/main/java/org/onap/cps/ncmp/impl/data/PolicyExecutor.java b/cps-ncmp-service/src/main/java/org/onap/cps/ncmp/impl/data/PolicyExecutor.java
new file mode 100644
index 0000000000..2b5eb9e792
--- /dev/null
+++ b/cps-ncmp-service/src/main/java/org/onap/cps/ncmp/impl/data/PolicyExecutor.java
@@ -0,0 +1,74 @@
+/*
+ *  ============LICENSE_START=======================================================
+ *  Copyright (C) 2024 Nordix Foundation
+ *  ================================================================================
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  SPDX-License-Identifier: Apache-2.0
+ *  ============LICENSE_END=========================================================
+ */
+
+package org.onap.cps.ncmp.impl.data;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.onap.cps.ncmp.api.data.models.OperationType;
+import org.onap.cps.ncmp.impl.inventory.models.YangModelCmHandle;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class PolicyExecutor {
+
+    @Value("${ncmp.policy-executor.enabled:false}")
+    private boolean enabled;
+
+    @Value("${ncmp.policy-executor.server.address:http://policy-executor}")
+    private String serverAddress;
+
+    @Value("${ncmp.policy-executor.server.port:8080}")
+    private String serverPort;
+
+    private static final String PAYLOAD_TYPE_PREFIX = "cm_";
+
+    /**
+     * Use the Policy Executor to check permission for a cm write operation.
+     * Wil throw an exception when the operation is not permitted (work in progress)
+     *
+     * @param yangModelCmHandle   the cm handle involved
+     * @param operationType       the write operation
+     * @param authorization       the original rest authorization token (can be used to determine the client)
+     * @param resourceIdentifier  the resource identifier (can be blank)
+     * @param changeRequestAsJson the change details from the original rest request in json format
+     */
+    public void checkPermission(final YangModelCmHandle yangModelCmHandle,
+                                final OperationType operationType,
+                                final String authorization,
+                                final String resourceIdentifier,
+                                final String changeRequestAsJson) {
+        if (enabled) {
+            final String payloadType = PAYLOAD_TYPE_PREFIX + operationType.getOperationName();
+            log.info("Policy Executor Enabled");
+            log.info("Address               : {}", serverAddress);
+            log.info("Port                  : {}", serverPort);
+            log.info("Authorization         : {}", authorization);
+            log.info("Payload Type          : {}", payloadType);
+            log.info("Target FDN            : {}", yangModelCmHandle.getAlternateId());
+            log.info("CM Handle Id          : {}", yangModelCmHandle.getId());
+            log.info("Resource Identifier   : {}", resourceIdentifier);
+            log.info("Change Request (json) : {}", changeRequestAsJson);
+        }
+    }
+}