diff options
author | ToineSiebelink <toine.siebelink@est.tech> | 2024-12-09 11:22:29 +0000 |
---|---|---|
committer | ToineSiebelink <toine.siebelink@est.tech> | 2024-12-10 18:33:49 +0000 |
commit | 9c4745535aeb1e68e1a3c8fdda358dbcbb673362 (patch) | |
tree | 0e01214a546223d35a23cd7b932d208e389c1757 /docs/api | |
parent | f325ca432bae326cc279c85907543ccf3f45400c (diff) |
Policy Executor API Review Board Comments
- Implemented Guild review comments in API
- Updated Stub to reflect new API and 'support' all operations
- Updated production code to use new API
- Updated Semi-Integration Tests
Issue-ID: CPS-2479
Change-Id: Ibe307b0d859312b534009a384e9f71e1ea2affe0
Signed-off-by: ToineSiebelink <toine.siebelink@est.tech>
Diffstat (limited to 'docs/api')
-rw-r--r-- | docs/api/swagger/policy-executor/openapi.yaml | 369 |
1 files changed, 178 insertions, 191 deletions
diff --git a/docs/api/swagger/policy-executor/openapi.yaml b/docs/api/swagger/policy-executor/openapi.yaml index 1248c0d08b..ba341b2d57 100644 --- a/docs/api/swagger/policy-executor/openapi.yaml +++ b/docs/api/swagger/policy-executor/openapi.yaml @@ -18,229 +18,179 @@ openapi: 3.0.3 info: - description: Allows NCMP to execute a policy defined by a third party implementation - before proceeding with a CM operation - title: Policy Executor - version: 1.0.0 + title: Operation permission API + description: "Allows a client application to execute a permission request defined by a third party implementation before proceeding with an operation. As an example, a permission can be requested before performing any configuration management operation." + version: 1.0.0-alpha.1+1 + contact: + name: CPS team + url: https://lf-onap.atlassian.net/wiki/spaces/DW/pages/16442177/Configuration+Persistence+Service+Developer+s+Landing+Page + email: cpsteam@est.tech + license: + name: Copyright (C) 2024 Nordix Foundation + x-audience: external-partner + x-api-id: c7fc2f5b-16bd-4bcb-8ac8-ea8d543fcc15 +tags: + - name: Operation permission + description: "Initiate a permission request on an operation." servers: -- url: / + - url: http://{hostname}/operation-permission/v1 security: -- bearerAuth: [] -tags: -- description: Execute all your policies - name: policy-executor + - bearerAuth: [] paths: - /policy-executor/api/v1/{action}: + /permissions: post: - description: Fire a Policy action - operationId: executePolicyAction + description: "Initiate permission request" + operationId: initiatePermissionRequest parameters: - - description: Bearer token may be used to identify client as part of a policy - explode: false - in: header - name: Authorization - required: false - schema: - type: string - style: simple - - description: "The policy action. Currently supported options: 'execute'" - explode: false - in: path - name: action - required: true - schema: - example: execute - type: string - style: simple + - name: Content-Type + description: This specifies the media type of the request sent by the client to the server + in: header + required: true + schema: + type: string + default: application/json + - name: Accept + description: Indicates the response media type accepted by the client. + in: header + required: false + schema: + type: string + default: application/json + - description: Bearer token may be used to identify client as part of a policy + explode: false + in: header + name: Authorization + required: false + schema: + type: string + style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/PolicyExecutionRequest' - description: The action request body + $ref: '#/components/schemas/PermissionRequest' + description: "The permission request body" required: true responses: - "200": - content: - application/json: - schema: - $ref: '#/components/schemas/PolicyExecutionResponse' - description: Successful policy execution - "400": + '200': + description: "OK" content: application/json: - example: - status: 400 - message: Bad Request - details: The provided request is not valid schema: - $ref: '#/components/schemas/ErrorMessage' - description: Bad request - "401": - content: - application/json: - example: - status: 401 - message: Unauthorized request - details: This request is unauthorized - schema: - $ref: '#/components/schemas/ErrorMessage' - description: Unauthorized request - "403": - content: - application/json: - example: - status: 403 - message: Request Forbidden - details: This request is forbidden - schema: - $ref: '#/components/schemas/ErrorMessage' - description: Request forbidden - "500": - content: - application/json: - example: - status: 500 - message: Internal Server Error - details: Internal server error occurred - schema: - $ref: '#/components/schemas/ErrorMessage' - description: Internal server error + $ref: '#/components/schemas/PermissionResponse' + '400': + $ref: '#/components/responses/BadRequest' + '401': + $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' + '500': + $ref: '#/components/responses/InternalServerError' tags: - - policy-executor + - Operation permission components: - parameters: - actionInPath: - description: "The policy action. Currently supported options: 'execute'" - explode: false - in: path - name: action - required: true - schema: - example: execute - type: string - style: simple - authorizationInHeader: - description: Bearer token may be used to identify client as part of a policy - explode: false - in: header - name: Authorization - required: false - schema: - type: string - style: simple - responses: - BadRequest: - content: - application/json: - example: - status: 400 - message: Bad Request - details: The provided request is not valid - schema: - $ref: '#/components/schemas/ErrorMessage' - description: Bad request - Unauthorized: - content: - application/json: - example: - status: 401 - message: Unauthorized request - details: This request is unauthorized - schema: - $ref: '#/components/schemas/ErrorMessage' - description: Unauthorized request - Forbidden: - content: - application/json: - example: - status: 403 - message: Request Forbidden - details: This request is forbidden - schema: - $ref: '#/components/schemas/ErrorMessage' - description: Request forbidden - InternalServerError: - content: - application/json: - example: - status: 500 - message: Internal Server Error - details: Internal server error occurred - schema: - $ref: '#/components/schemas/ErrorMessage' - description: Internal server error - NotImplemented: - content: - application/json: - example: - status: 501 - message: Not Implemented - details: Method not implemented - schema: - $ref: '#/components/schemas/ErrorMessage' - description: Method not (yet) implemented + securitySchemes: + bearerAuth: + type: http + description: "Bearer token (from a client),used by policies to identify the client" + scheme: bearer schemas: ErrorMessage: + type: object + title: Error properties: status: type: string - message: + title: type: string details: type: string - title: Error - type: object - Request: + Operation: example: - schema: org.onap.cps.ncmp.policy-executor:ncmp-create-schema:1.0.0 - data: "{}" + operation: update + entityHandleId: ABCD123450d7A822AB27B386829FD9E12 + resourceIdentifier: ManagedElement=Kista/GNBDUFunction=1/UECC=1 + targetIdentifier: MEContext=RadioNode-K6_0001,ManagedElement=RadioNode-K6_0001 + changeRequest: + Cell: + - id: Cell-id + attributes: + administrativeState: UNLOCKED properties: - schema: - description: The schema for the data in this request. The schema name should - include the type of operation - example: org.onap.cps.ncmp.policy-executor:ncmp-create-schema:1.0.0 + operation: + description: Currently supported operations are 'create', 'update', 'patch', 'delete'. For other possible operation types see the client documentation. + example: update + type: string + entityHandleId: + description: A unique identifier for the network element. + example: ABCD123450d7A822AB27B386829FD9E12 type: string - data: - description: The data related to the request. The format of the object is - determined by the schema + resourceIdentifier: + description: Identifies the object in the node model. Currently supported separators are '/' and ','. For other possible format see the client documentation. + example: ManagedElement=Kista/GNBDUFunction=1/UECC=1 + type: string + targetIdentifier: + description: FDN of the target node. Currently supported separators are '/' and ','. For other possible format see the client documentation. + example: MEContext=RadioNode-K6_0001/ManagedElement=RadioNode-K6_0001 + type: string + changeRequest: + description: All the information that is required to identify which parameters and attributes of the network is changing. + example: + Cell: + - id: Cell-id + attributes: + administrativeState: UNLOCKED type: object required: - - data - - schema + - operation + - targetIdentifier type: object - PolicyExecutionRequest: + PermissionRequest: example: - decisionType: allow - requests: - - schema: org.onap.cps.ncmp.policy-executor:ncmp-create-schema:1.0.0 - data: "{}" - - schema: org.onap.cps.ncmp.policy-executor:ncmp-create-schema:1.0.0 - data: "{}" + permissionId: 550e8400-e29b-41d4-a716-446655440000 + changeRequestFormat: cm-legacy + operations: + - operation: update + entityHandleId: ABCD123450d7A822AB27B386829FD9E12 + resourceIdentifier: ManagedElement=Kista/GNBDUFunction=1/UECC=1 + targetIdentifier: MEContext=RadioNode-K6_0001/ManagedElement=RadioNode-K6_0001 + changeRequest: + Cell: + - id: Cell-id + attributes: + administrativeState: UNLOCKED + - operation: delete + entityHandleId: DCBA123450d7A822AB27B386829FD9E12 + resourceIdentifier: ManagedElement=Kista/GNBDUFunction=1/UECC=1 + targetIdentifier: MEContext=RadioNode-K6_0002/ManagedElement=RadioNode-K6_0002 properties: - decisionType: - description: "The type of decision. Currently supported options: 'allow'" - example: allow + permissionId: + description: Unique ID for the permission request (for auditing purposes) + example: 550e8400-e29b-41d4-a716-446655440000 + type: string + changeRequestFormat: + description: Format of the change request. Currently supported 'cm-legacy'. For other possible formats see the client documentation. + example: cm-legacy type: string - requests: + operations: items: - $ref: '#/components/schemas/Request' + $ref: '#/components/schemas/Operation' type: array required: - - decisionType - - requests + - operations + - changeRequestFormat type: object - PolicyExecutionResponse: + PermissionResponse: example: - decision: deny - decisionId: 550e8400-e29b-41d4-a716-446655440000 - message: Object locked due to recent change + id: 550e8400-e29b-41d4-a716-446655440000 + permissionResult: deny + message: Object locked due to recent changes properties: - decisionId: - description: Unique ID for the decision (for auditing purposes) + id: + description: Unique ID for the permission request (for auditing purposes) example: 550e8400-e29b-41d4-a716-446655440000 type: string - decision: + permissionResult: description: "The decision outcome. Currently supported values: 'allow','deny'" example: deny type: string @@ -249,13 +199,50 @@ components: example: Object locked due to recent change type: string required: - - decision - - decisionId - - message + - id + - permissionResult + - message type: object - securitySchemes: - bearerAuth: - description: "Bearer token (from client that called CPS-NCMP),used by policies\ - \ to identify the client" - scheme: bearer - type: http + + responses: + BadRequest: + description: "Bad Request" + content: + application/problem+json: + schema: + $ref: '#/components/schemas/ErrorMessage' + example: + status: '400' + title: "Bad Request" + details: "The provided request is not valid" + Unauthorized: + description: "Unauthorized request" + content: + application/problem+json: + schema: + $ref: '#/components/schemas/ErrorMessage' + example: + status: '401' + title: "Unauthorized request" + details: "This request is unauthorized" + Forbidden: + description: "Forbidden" + content: + application/problem+json: + schema: + $ref: '#/components/schemas/ErrorMessage' + example: + status: '403' + title: "Request Forbidden" + details: "This request is forbidden" + + InternalServerError: + description: "Internal Server Error" + content: + application/problem+json: + schema: + $ref: '#/components/schemas/ErrorMessage' + example: + status: '500' + title: "Internal Server Error" + details: "Internal server error occurred" |