diff options
author | Jim Hahn <jrh3@att.com> | 2020-06-03 09:26:33 -0400 |
---|---|---|
committer | Jim Hahn <jrh3@att.com> | 2020-07-14 10:29:49 -0400 |
commit | e87b18923c23a1a0fbfaae1c75645a577b96c892 (patch) | |
tree | 5b7b0e4d52dca3f81b7c9add036b5f6816d5bf78 /controlloop/common/guard/src/main | |
parent | c3879a50de6473b8673faa9f958a0c646a4b8ca9 (diff) |
Remove usecases and legacy actor code
Made the following changes to remove usescase and legacy actor
code:
- deleted the usecases controller and feature
- deleted code associated with legacy actors, with the exception
of AaiManager, which is needed by RestControlLoopManager
- moved the contents of the "guard" project into the m2/guard project,
as that is the only thing that still needs it
- modified the m2/GuardContext to get the name of its persistence unit
from the properties so it could be overridden by junit tests
- used eclipselink constants
Also fixed a bug in the properties for the VFC actor.
Addressed review comment:
- removed usecases from Dockerfile
Issue-ID: POLICY-2558
Change-Id: I677d68c9efed9247c3d55773abdcc736b577a6b4
Signed-off-by: Jim Hahn <jrh3@att.com>
Diffstat (limited to 'controlloop/common/guard/src/main')
9 files changed, 0 insertions, 999 deletions
diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java deleted file mode 100644 index 0331b7aab..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java +++ /dev/null @@ -1,155 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.util.HashSet; -import java.util.Set; -import java.util.UUID; -import java.util.function.Supplier; -import org.drools.core.WorkingMemory; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class CallGuardTask implements Runnable { - - private static final Logger logger = LoggerFactory.getLogger(CallGuardTask.class); - - /** - * Actor/recipe pairs whose guard requests need a VF Module count. Each element is of - * the form "<actor>:<recipe>". - */ - private static final Set<String> NEEDS_VF_COUNT = new HashSet<>(); - - /** - * Actor/recipe pairs whose guard requests need the VF Module count to be incremented - * (i.e., because a module is being added). Each element is of the form - * "<actor>:<recipe>". - */ - private static final Set<String> INCR_VF_COUNT = new HashSet<>(); - - static { - INCR_VF_COUNT.add("SO:VF Module Create"); - NEEDS_VF_COUNT.addAll(INCR_VF_COUNT); - } - - private WorkingMemory workingMemory; - private String clname; - private String actor; - private String recipe; - private String target; - private String requestId; - private Integer vfCount; - - /** - * Populated once the response has been determined, which may happen during the - * constructor or later, during {@link #run()}. - */ - private PolicyGuardResponse guardResponse; - - /** - * Guard url is grabbed from PolicyEngine manager properties. - */ - public CallGuardTask(WorkingMemory wm, String cl, String act, - String rec, String tar, String reqId, Supplier<Integer> vfcnt) { - workingMemory = wm; - clname = cl; - actor = act; - recipe = rec; - requestId = reqId; - target = tar; - - vfCount = null; - - String key = act + ":" + rec; - - if (NEEDS_VF_COUNT.contains(key)) { - // this actor/recipe needs the count - get it - if ((vfCount = vfcnt.get()) == null) { - /* - * The count is missing - create an artificial Deny, which will be - * inserted into working memory when "run()" is called. - */ - guardResponse = new PolicyGuardResponse(Util.DENY, UUID.fromString(requestId), recipe); - logger.error("CallGuardTask.run missing VF Module count; requestId={}", requestId); - return; - } - - if (INCR_VF_COUNT.contains(key)) { - // this actor/recipe needs the count to be incremented - ++vfCount; - } - } - } - - @Override - public void run() { - if (guardResponse != null) { - // already have a response - just insert it - workingMemory.insert(guardResponse); - return; - } - - final long startTime = System.nanoTime(); - - PolicyGuardXacmlRequestAttributes xacmlReq = - new PolicyGuardXacmlRequestAttributes(clname, actor, recipe, target, requestId, vfCount); - - logger.debug("\n********** XACML REQUEST START ********"); - logger.debug("{}", xacmlReq); - logger.debug("********** XACML REQUEST END ********\n"); - - String guardDecision = null; - - // - // Make guard request - // - guardDecision = new PolicyGuardXacmlHelper().callPdp(xacmlReq); - - logger.debug("\n********** XACML RESPONSE START ********"); - logger.debug("{}", guardDecision); - logger.debug("********** XACML RESPONSE END ********\n"); - - // - // Check if the restful call was unsuccessful or property doesn't exist - // - if (guardDecision == null) { - logger.error("********** XACML FAILED TO CONNECT ********"); - guardDecision = Util.INDETERMINATE; - } - - guardResponse = new PolicyGuardResponse(guardDecision, UUID.fromString(this.requestId), this.recipe); - - // - // Create an artificial Guard response in case we didn't get a clear Permit or Deny - // - if ("Indeterminate".equals(guardResponse.getResult())) { - guardResponse.setOperation(recipe); - guardResponse.setRequestId(UUID.fromString(requestId)); - } - - long estimatedTime = System.nanoTime() - startTime; - logger.debug("\n\n============ Guard inserted with decision {} !!! =========== time took: {} mili sec \n\n", - guardResponse.getResult(), (double) estimatedTime / 1000 / 1000); - workingMemory.insert(guardResponse); - - } - -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java deleted file mode 100644 index 6b11c1afa..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java +++ /dev/null @@ -1,25 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -public enum GuardResult { - LOCK_ACQUIRED, LOCK_DENIED, LOCK_EXCEPTION; -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java deleted file mode 100644 index 8887e00b7..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java +++ /dev/null @@ -1,84 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.util.UUID; - -public class PolicyGuardRequest { - private String actor; - private String target; - private UUID requestId; - private String operation; - - /** - * Construct an instance. - * - * @param actor the actor - * @param target the target - * @param requestId the request Id - * @param operation the operation - */ - public PolicyGuardRequest(String actor, String target, UUID requestId, String operation) { - super(); - this.actor = actor; - this.target = target; - this.requestId = requestId; - this.operation = operation; - } - - @Override - public String toString() { - return "PolicyGuardRequest [actor=" + actor + ", target=" + target + ", requestId=" + requestId + ", operation=" - + operation + "]"; - } - - public String getActor() { - return actor; - } - - public void setActor(String actor) { - this.actor = actor; - } - - public String getTarget() { - return target; - } - - public void setTarget(String target) { - this.target = target; - } - - public UUID getRequestId() { - return requestId; - } - - public void setRequestId(UUID requestId) { - this.requestId = requestId; - } - - public String getOperation() { - return operation; - } - - public void setOperation(String operation) { - this.operation = operation; - } -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java deleted file mode 100644 index 574c50b79..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java +++ /dev/null @@ -1,71 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.util.UUID; - -public class PolicyGuardResponse { - private UUID requestId; - private String operation; - private String result; - - /** - * Create an instance. - * - * @param result the result - * @param req the request Id - * @param op the operation - */ - public PolicyGuardResponse(String result, UUID req, String op) { - this.result = result; - this.requestId = req; - this.operation = op; - } - - @Override - public String toString() { - return "PolicyGuardResponse [requestId=" + requestId + ", operation=" + operation + ", result=" + result + "]"; - } - - public UUID getRequestId() { - return requestId; - } - - public void setRequestId(UUID requestId) { - this.requestId = requestId; - } - - public String getResult() { - return result; - } - - public void setResult(String result) { - this.result = result; - } - - public String getOperation() { - return operation; - } - - public void setOperation(String operation) { - this.operation = operation; - } -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java deleted file mode 100644 index d9ace1d83..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java +++ /dev/null @@ -1,139 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP - * ================================================================================ - * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved. - * Modifications Copyright (C) 2019 Samsung Electronics Co., Ltd. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.util.HashMap; -import java.util.Map; -import java.util.UUID; -import org.apache.commons.lang3.tuple.Pair; -import org.onap.policy.common.endpoints.event.comm.Topic.CommInfrastructure; -import org.onap.policy.common.endpoints.utils.NetLoggerUtil; -import org.onap.policy.common.endpoints.utils.NetLoggerUtil.EventType; -import org.onap.policy.common.utils.coder.CoderException; -import org.onap.policy.common.utils.coder.StandardCoder; -import org.onap.policy.drools.system.PolicyEngineConstants; -import org.onap.policy.models.decisions.concepts.DecisionRequest; -import org.onap.policy.models.decisions.concepts.DecisionResponse; -import org.onap.policy.rest.RestManager; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - - -public class PolicyGuardXacmlHelper { - private static final Logger logger = LoggerFactory.getLogger(PolicyGuardXacmlHelper.class); - - private String url; - private String user; - private String pwd; - - /** - * Constructor. - */ - public PolicyGuardXacmlHelper() { - this.url = PolicyEngineConstants.getManager().getEnvironmentProperty("guard.url"); - this.user = PolicyEngineConstants.getManager().getEnvironmentProperty("pdpx.username"); - this.pwd = PolicyEngineConstants.getManager().getEnvironmentProperty("pdpx.password"); - } - - /** - * Call PDP. - * - * @param xacmlReq the XACML request - * @return the response - */ - public String callPdp(PolicyGuardXacmlRequestAttributes xacmlReq) { - // - // Create a request suitable for API - // - DecisionRequest decisionRequest = new DecisionRequest(); - decisionRequest.setOnapName("Policy"); - decisionRequest.setOnapComponent("Drools PDP"); - decisionRequest.setOnapInstance("usecase template"); - decisionRequest.setRequestId(UUID.randomUUID().toString()); - decisionRequest.setAction("guard"); - Map<String, String> guard = new HashMap<>(); - guard.put("actor", xacmlReq.getActorId()); - guard.put("operation", xacmlReq.getOperationId()); - guard.put("target", xacmlReq.getTargetId()); - if (xacmlReq.getClnameId() != null) { - guard.put("clname", xacmlReq.getClnameId()); - } - if (xacmlReq.getVfCount() != null) { - guard.put("vfCount", Integer.toString(xacmlReq.getVfCount())); - } - Map<String, Object> resources = new HashMap<>(); - resources.put("guard", guard); - decisionRequest.setResource(resources); - - try { - // - // Call RESTful PDP - // - NetLoggerUtil.log(EventType.OUT, CommInfrastructure.REST, this.url, decisionRequest.toString()); - String response = callRestfulPdp(decisionRequest); - NetLoggerUtil.log(EventType.IN, CommInfrastructure.REST, this.url, response); - - return response; - } catch (Exception e) { - logger.error("Exception in sending RESTful request: ", e); - } - - return Util.DENY; - } - - /** - * This makes an HTTP POST call to a running PDP RESTful servlet to get a decision. - * - * @param decisionRequest The Decision request - * @return response from guard which contains "Permit" or "Deny" - * @throws CoderException Exception when converting to/from JSON the message body - */ - private String callRestfulPdp(DecisionRequest decisionRequest) throws CoderException { - StandardCoder coder = new StandardCoder(); - - String jsonBody = coder.encode(decisionRequest); - RestManager restManager = new RestManager(); - - Map<String, String> headers = new HashMap<>(); - headers.put("Accepts", "application/json"); - - logger.info("Guard Decision Request: {}", jsonBody); - - Pair<Integer, String> httpDetails = restManager.post(url, user, pwd, headers, "application/json", jsonBody); - - if (httpDetails == null) { - logger.error("Guard rest call returned a null pair - defaulting to DENY"); - return Util.DENY; - } - - logger.info("Guard Decision REST Response {} {}", httpDetails.getLeft(), httpDetails.getRight()); - - if (httpDetails.getLeft() == 200) { - DecisionResponse decision = coder.decode(httpDetails.getRight(), DecisionResponse.class); - logger.info("Guard Decision {}", decision); - return decision.getStatus(); - } - - return Util.DENY; - } - -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java deleted file mode 100644 index c888f94c1..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java +++ /dev/null @@ -1,123 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import com.att.research.xacml.std.annotations.XACMLAction; -import com.att.research.xacml.std.annotations.XACMLRequest; -import com.att.research.xacml.std.annotations.XACMLResource; -import com.att.research.xacml.std.annotations.XACMLSubject; - -@XACMLRequest(ReturnPolicyIdList = true, CombinedDecision = true) -public class PolicyGuardXacmlRequestAttributes { - - @XACMLSubject(includeInResults = true, attributeId = "urn:org:onap:guard:clname:clname-id") - String clnameId; - - @XACMLSubject(includeInResults = true, attributeId = "urn:org:onap:guard:actor:actor-id") - String actorId; - - @XACMLAction(includeInResults = true, attributeId = "urn:org:onap:guard:operation:operation-id") - String operationId; - - @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:target:target-id") - String targetId; - - @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:request:request-id") - String requestId; - - @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:request:vf-count") - Integer vfCount; - - /** - * Construct an instance. - * - * @param clnameId the control loop Id - * @param actorId the actor Id - * @param operationId the operation Id - * @param targetId the target Id - * @param requestId the request Id - * @param vfCount the new number of VF Modules - */ - public PolicyGuardXacmlRequestAttributes(String clnameId, String actorId, String operationId, String targetId, - String requestId, Integer vfCount) { - super(); - this.clnameId = clnameId; - this.actorId = actorId; - this.operationId = operationId; - this.targetId = targetId; - this.requestId = requestId; - this.vfCount = vfCount; - } - - @Override - public String toString() { - return "PolicyGuardXacmlRequestAttributes [actorId=" + actorId + ", operationId=" + operationId + ", targetId=" - + targetId + ", requestId=" + requestId + "]"; - } - - public String getActorId() { - return actorId; - } - - public void setActorId(String actorId) { - this.actorId = actorId; - } - - public String getOperationId() { - return operationId; - } - - public void setOperationId(String operationId) { - this.operationId = operationId; - } - - public String getTargetId() { - return targetId; - } - - public void setTargetId(String targetId) { - this.targetId = targetId; - } - - public String getRequestId() { - return requestId; - } - - public void setRequestId(String requestId) { - this.requestId = requestId; - } - - public String getClnameId() { - return clnameId; - } - - public void setClnameId(String clnameId) { - this.clnameId = clnameId; - } - - public Integer getVfCount() { - return vfCount; - } - - public void setVfCount(Integer vfCount) { - this.vfCount = vfCount; - } -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java deleted file mode 100644 index 60ccce05d..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java +++ /dev/null @@ -1,210 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017, 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.List; -import java.util.function.Consumer; -import org.onap.policy.controlloop.policy.guard.Constraint; -import org.onap.policy.controlloop.policy.guard.ControlLoopGuard; -import org.onap.policy.controlloop.policy.guard.GuardPolicy; -import org.onap.policy.controlloop.policy.guard.MatchParameters; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class PolicyGuardYamlToXacml { - private static final Logger logger = LoggerFactory.getLogger(PolicyGuardYamlToXacml.class); - - private PolicyGuardYamlToXacml() { - // Construction of this static class is not allowed - } - - /** - * Convert from Yaml to Xacml. - * - * @param yamlFile the Yaml file - * @param xacmlTemplate the Xacml template - * @param xacmlPolicyOutput the Xacml output - */ - public static void fromYamlToXacml(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput) { - fromYamlToXacml(yamlFile, xacmlTemplate, xacmlPolicyOutput, PolicyGuardYamlToXacml::generateXacmlGuard, - constraint -> { - logger.debug("num: {}", constraint.getFreq_limit_per_target()); - logger.debug("duration: {}", constraint.getTime_window()); - logger.debug("time_in_range: {}", constraint.getActive_time_range()); - }); - } - - /** - * Convert from Yaml to Xacml. - * - * @param yamlFile the Yaml file - * @param xacmlTemplate the Xacml template - * @param xacmlPolicyOutput the Xacml output - * @param generator function to generate the yaml from the xacml - * @param logConstraint function to log relevant fields of the constraint - */ - public static void fromYamlToXacml(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput, - Generator generator, Consumer<Constraint> logConstraint) { - - ControlLoopGuard yamlGuardObject = Util.loadYamlGuard(yamlFile); - GuardPolicy guardPolicy = yamlGuardObject.getGuards().get(0); - logger.debug("clname: {}", guardPolicy.getMatch_parameters().getControlLoopName()); - logger.debug("actor: {}", guardPolicy.getMatch_parameters().getActor()); - logger.debug("recipe: {}", guardPolicy.getMatch_parameters().getRecipe()); - Constraint constraint = guardPolicy.getLimit_constraints().get(0); - logConstraint.accept(constraint); - - Path xacmlTemplatePath = Paths.get(xacmlTemplate); - String xacmlTemplateContent; - - try { - xacmlTemplateContent = new String(Files.readAllBytes(xacmlTemplatePath)); - - String xacmlPolicyContent = generator.apply(xacmlTemplateContent, - guardPolicy.getMatch_parameters(), constraint); - - Files.write(Paths.get(xacmlPolicyOutput), xacmlPolicyContent.getBytes()); - - } catch (IOException e) { - logger.error("fromYamlToXacml threw: ", e); - } - } - - /** - * Generate a Xacml guard. - * - * @param xacmlTemplateContent the Xacml template content - * @param matchParameters the paremeters to use - * @param constraint the constraint to use - * @return the guard - */ - private static String generateXacmlGuard(String xacmlTemplateContent, MatchParameters matchParameters, - Constraint constraint) { - - xacmlTemplateContent = doCommonReplacements(xacmlTemplateContent, matchParameters, constraint); - - String targetsRegex = ""; - if (isNullOrEmptyList(matchParameters.getTargets())) { - targetsRegex = ".*"; - } else { - StringBuilder targetsRegexSb = new StringBuilder(); - boolean addBarChar = false; - for (String t : matchParameters.getTargets()) { - targetsRegexSb.append(t); - if (addBarChar) { - targetsRegexSb.append("|"); - } else { - addBarChar = true; - } - } - targetsRegex = targetsRegexSb.toString(); - } - xacmlTemplateContent = xacmlTemplateContent.replace("${targets}", targetsRegex); - - xacmlTemplateContent = xacmlTemplateContent.replace("${limit}", - constraint.getFreq_limit_per_target().toString()); - - xacmlTemplateContent = xacmlTemplateContent.replace("${twValue}", constraint.getTime_window().get("value")); - - xacmlTemplateContent = xacmlTemplateContent.replace("${twUnits}", constraint.getTime_window().get("units")); - - logger.debug(xacmlTemplateContent); - - return xacmlTemplateContent; - } - - private static String doCommonReplacements(String xacmlTemplateContent, MatchParameters matchParameters, - Constraint constraint) { - - replaceNullOrEmpty(matchParameters.getControlLoopName(), matchParameters::setControlLoopName, ".*"); - xacmlTemplateContent = xacmlTemplateContent.replace("${clname}", matchParameters.getControlLoopName()); - - replaceNullOrEmpty(matchParameters.getActor(), matchParameters::setActor, ".*"); - xacmlTemplateContent = xacmlTemplateContent.replace("${actor}", matchParameters.getActor()); - - replaceNullOrEmpty(matchParameters.getRecipe(), matchParameters::setRecipe, ".*"); - xacmlTemplateContent = xacmlTemplateContent.replace("${recipe}", matchParameters.getRecipe()); - - xacmlTemplateContent = xacmlTemplateContent.replace("${guardActiveStart}", - constraint.getActive_time_range().get("start")); - - xacmlTemplateContent = xacmlTemplateContent.replace("${guardActiveEnd}", - constraint.getActive_time_range().get("end")); - - return xacmlTemplateContent; - } - - private static void replaceNullOrEmpty(String text, Consumer<String> replacer, String newValue) { - if (isNullOrEmpty(text)) { - replacer.accept(newValue); - } - } - - public static boolean isNullOrEmpty(String string) { - return string == null || string.trim().isEmpty(); - } - - public static boolean isNullOrEmptyList(List<String> list) { - return list == null || list.isEmpty(); - } - - /** - * Convert from Yaml to Xacml blacklist. - * - * @param yamlFile the Yaml file - * @param xacmlTemplate the Xacml template - * @param xacmlPolicyOutput the Xacml output - */ - public static void fromYamlToXacmlBlacklist(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput) { - fromYamlToXacml(yamlFile, xacmlTemplate, xacmlPolicyOutput, PolicyGuardYamlToXacml::generateXacmlGuardBlacklist, - constraint -> { - logger.debug("freq_limit_per_target: {}", constraint.getFreq_limit_per_target()); - logger.debug("time_window: {}", constraint.getTime_window()); - logger.debug("active_time_range: {}", constraint.getActive_time_range()); - }); - } - - private static String generateXacmlGuardBlacklist(String xacmlTemplateContent, MatchParameters matchParameters, - Constraint constraint) { - - String result = doCommonReplacements(xacmlTemplateContent, matchParameters, constraint); - - for (String target : constraint.getBlacklist()) { - result = result.replace("${blackListElement}", - "<AttributeValue DataType=\"http://www.w3.org/2001/XMLSchema#string\">" + target - + "</AttributeValue>" + "\n\t\t\t\t\t\t\\${blackListElement}\n"); - } - - result = result.replace("\t\t\t\t\t\t\\${blackListElement}\n", ""); - - return result; - } - - @FunctionalInterface - private static interface Generator { - public String apply(String xacmlTemplateContent, MatchParameters matchParameters, - Constraint constraint); - } -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java deleted file mode 100644 index 717ca3f45..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java +++ /dev/null @@ -1,149 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.nio.charset.StandardCharsets; -import org.apache.commons.io.IOUtils; -import org.onap.policy.controlloop.policy.ControlLoopPolicy; -import org.onap.policy.controlloop.policy.guard.ControlLoopGuard; -import org.onap.policy.drools.system.PolicyEngineConstants; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.yaml.snakeyaml.Yaml; -import org.yaml.snakeyaml.constructor.Constructor; - -public final class Util { - /* - * Keys for guard properties - */ - public static final String PROP_GUARD_URL = "guard.url"; - public static final String PROP_GUARD_USER = "pdpx.username"; - public static final String PROP_GUARD_PASS = "pdpx.password"; - public static final String PROP_GUARD_DISABLED = "guard.disabled"; - - /* - * Keys for eclipse link and ONAP properties - */ - public static final String ECLIPSE_LINK_KEY_URL = "javax.persistence.jdbc.url"; - public static final String ECLIPSE_LINK_KEY_USER = "javax.persistence.jdbc.user"; - public static final String ECLIPSE_LINK_KEY_PASS = "javax.persistence.jdbc.password"; - - public static final String ONAP_KEY_URL = "guard.jdbc.url"; - public static final String ONAP_KEY_USER = "sql.db.username"; - public static final String ONAP_KEY_PASS = "sql.db.password"; - - /* - * Guard responses - */ - public static final String INDETERMINATE = "Indeterminate"; - public static final String PERMIT = "Permit"; - public static final String DENY = "Deny"; - - /* - * Junit props - */ - protected static final String PU_KEY = "OperationsHistoryPU"; - protected static final String JUNITPU = "OperationsHistoryPUTest"; - - private static final Logger logger = LoggerFactory.getLogger(Util.class); - - public static class Pair<A, B> { - public final A parameterA; - public final B parameterB; - - public Pair(A parameterA, B parameterB) { - this.parameterA = parameterA; - this.parameterB = parameterB; - } - } - - private Util() { - // This static class cannot be instantiated - } - - /** - * Load a Yaml file. - * - * @param testFile the Yaml file - * @return the policies - */ - public static Pair<ControlLoopPolicy, String> loadYaml(String testFile) { - try (InputStream is = new FileInputStream(new File(testFile))) { - String contents = IOUtils.toString(is, StandardCharsets.UTF_8); - // - // Read the yaml into our Java Object - // - Yaml yaml = new Yaml(new Constructor(ControlLoopPolicy.class)); - Object obj = yaml.load(contents); - - logger.debug(contents); - - return new Pair<>((ControlLoopPolicy) obj, contents); - } catch (IOException e) { - logger.error(e.getLocalizedMessage(), e); - } - return null; - } - - /** - * Load a Yaml guard. - * - * @param testFile the Yaml file - * @return the guard - */ - public static ControlLoopGuard loadYamlGuard(String testFile) { - try (InputStream is = new FileInputStream(new File(testFile))) { - String contents = IOUtils.toString(is, StandardCharsets.UTF_8); - // - // Read the yaml into our Java Object - // - Yaml yaml = new Yaml(new Constructor(ControlLoopGuard.class)); - Object obj = yaml.load(contents); - return (ControlLoopGuard) obj; - } catch (IOException e) { - logger.error(e.getLocalizedMessage(), e); - } - return null; - } - - /** - * Sets Guard Properties. - * - * <p>see /guard/src/test/java/org/onap/policy/guard/UtilTest.java for setting test properties - */ - public static void setGuardEnvProps(String url, String username, String password) { - PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_URL, url); - PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_USER, username); - PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_PASS, password); - } - - public static void setGuardEnvProp(String key, String value) { - PolicyEngineConstants.getManager().setEnvironmentProperty(key, value); - } - - public static String getGuardProp(String propName) { - return PolicyEngineConstants.getManager().getEnvironmentProperty(propName); - } -} diff --git a/controlloop/common/guard/src/main/resources/META-INF/persistence.xml b/controlloop/common/guard/src/main/resources/META-INF/persistence.xml deleted file mode 100644 index cf7e28190..000000000 --- a/controlloop/common/guard/src/main/resources/META-INF/persistence.xml +++ /dev/null @@ -1,43 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" ?> -<!-- - ============LICENSE_START======================================================= - drools-applications - ================================================================================ - Copyright (C) 2018-2020 AT&T Intellectual Property. All rights reserved. - ================================================================================ - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ============LICENSE_END========================================================= - --> -<persistence xmlns="http://java.sun.com/xml/ns/persistence" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://java.sun.com/xml/ns/persistence - http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd" version="1.0"> - - <persistence-unit name="OperationsHistoryPU" transaction-type="RESOURCE_LOCAL"> - <provider>org.eclipse.persistence.jpa.PersistenceProvider</provider> - - <class>org.onap.policy.guard.OperationsHistory</class> - - <properties> - <property name="eclipselink.ddl-generation" value="create-tables"/> - <property name="eclipselink.logging.level" value="INFO" /> - <property name="javax.persistence.jdbc.driver" value="org.mariadb.jdbc.Driver" /> - <property name="javax.persistence.jdbc.url" value="jdbc:mariadb://mariadb:3306/operationshistory"/> - <property name="javax.persistence.jdbc.user" value="policy_user"/> - <property name="javax.persistence.jdbc.password" value="cG9saWN5X3VzZXI="/> - <property name="javax.persistence.schema-generation.database.action" value="drop-and-create"/> - <property name="javax.persistence.schema-generation.create-source" value="metadata"/> - </properties> - </persistence-unit> - -</persistence> |