summaryrefslogtreecommitdiffstats
path: root/controlloop/common/guard/src/main
diff options
context:
space:
mode:
authorJim Hahn <jrh3@att.com>2020-06-03 09:26:33 -0400
committerJim Hahn <jrh3@att.com>2020-07-14 10:29:49 -0400
commite87b18923c23a1a0fbfaae1c75645a577b96c892 (patch)
tree5b7b0e4d52dca3f81b7c9add036b5f6816d5bf78 /controlloop/common/guard/src/main
parentc3879a50de6473b8673faa9f958a0c646a4b8ca9 (diff)
Remove usecases and legacy actor code
Made the following changes to remove usescase and legacy actor code: - deleted the usecases controller and feature - deleted code associated with legacy actors, with the exception of AaiManager, which is needed by RestControlLoopManager - moved the contents of the "guard" project into the m2/guard project, as that is the only thing that still needs it - modified the m2/GuardContext to get the name of its persistence unit from the properties so it could be overridden by junit tests - used eclipselink constants Also fixed a bug in the properties for the VFC actor. Addressed review comment: - removed usecases from Dockerfile Issue-ID: POLICY-2558 Change-Id: I677d68c9efed9247c3d55773abdcc736b577a6b4 Signed-off-by: Jim Hahn <jrh3@att.com>
Diffstat (limited to 'controlloop/common/guard/src/main')
-rw-r--r--controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java155
-rw-r--r--controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java25
-rw-r--r--controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java84
-rw-r--r--controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java71
-rw-r--r--controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java139
-rw-r--r--controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java123
-rw-r--r--controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java210
-rw-r--r--controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java149
-rw-r--r--controlloop/common/guard/src/main/resources/META-INF/persistence.xml43
9 files changed, 0 insertions, 999 deletions
diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java
deleted file mode 100644
index 0331b7aab..000000000
--- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java
+++ /dev/null
@@ -1,155 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.util.HashSet;
-import java.util.Set;
-import java.util.UUID;
-import java.util.function.Supplier;
-import org.drools.core.WorkingMemory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class CallGuardTask implements Runnable {
-
- private static final Logger logger = LoggerFactory.getLogger(CallGuardTask.class);
-
- /**
- * Actor/recipe pairs whose guard requests need a VF Module count. Each element is of
- * the form "&lt;actor&gt;:&lt;recipe&gt;".
- */
- private static final Set<String> NEEDS_VF_COUNT = new HashSet<>();
-
- /**
- * Actor/recipe pairs whose guard requests need the VF Module count to be incremented
- * (i.e., because a module is being added). Each element is of the form
- * "&lt;actor&gt;:&lt;recipe&gt;".
- */
- private static final Set<String> INCR_VF_COUNT = new HashSet<>();
-
- static {
- INCR_VF_COUNT.add("SO:VF Module Create");
- NEEDS_VF_COUNT.addAll(INCR_VF_COUNT);
- }
-
- private WorkingMemory workingMemory;
- private String clname;
- private String actor;
- private String recipe;
- private String target;
- private String requestId;
- private Integer vfCount;
-
- /**
- * Populated once the response has been determined, which may happen during the
- * constructor or later, during {@link #run()}.
- */
- private PolicyGuardResponse guardResponse;
-
- /**
- * Guard url is grabbed from PolicyEngine manager properties.
- */
- public CallGuardTask(WorkingMemory wm, String cl, String act,
- String rec, String tar, String reqId, Supplier<Integer> vfcnt) {
- workingMemory = wm;
- clname = cl;
- actor = act;
- recipe = rec;
- requestId = reqId;
- target = tar;
-
- vfCount = null;
-
- String key = act + ":" + rec;
-
- if (NEEDS_VF_COUNT.contains(key)) {
- // this actor/recipe needs the count - get it
- if ((vfCount = vfcnt.get()) == null) {
- /*
- * The count is missing - create an artificial Deny, which will be
- * inserted into working memory when "run()" is called.
- */
- guardResponse = new PolicyGuardResponse(Util.DENY, UUID.fromString(requestId), recipe);
- logger.error("CallGuardTask.run missing VF Module count; requestId={}", requestId);
- return;
- }
-
- if (INCR_VF_COUNT.contains(key)) {
- // this actor/recipe needs the count to be incremented
- ++vfCount;
- }
- }
- }
-
- @Override
- public void run() {
- if (guardResponse != null) {
- // already have a response - just insert it
- workingMemory.insert(guardResponse);
- return;
- }
-
- final long startTime = System.nanoTime();
-
- PolicyGuardXacmlRequestAttributes xacmlReq =
- new PolicyGuardXacmlRequestAttributes(clname, actor, recipe, target, requestId, vfCount);
-
- logger.debug("\n********** XACML REQUEST START ********");
- logger.debug("{}", xacmlReq);
- logger.debug("********** XACML REQUEST END ********\n");
-
- String guardDecision = null;
-
- //
- // Make guard request
- //
- guardDecision = new PolicyGuardXacmlHelper().callPdp(xacmlReq);
-
- logger.debug("\n********** XACML RESPONSE START ********");
- logger.debug("{}", guardDecision);
- logger.debug("********** XACML RESPONSE END ********\n");
-
- //
- // Check if the restful call was unsuccessful or property doesn't exist
- //
- if (guardDecision == null) {
- logger.error("********** XACML FAILED TO CONNECT ********");
- guardDecision = Util.INDETERMINATE;
- }
-
- guardResponse = new PolicyGuardResponse(guardDecision, UUID.fromString(this.requestId), this.recipe);
-
- //
- // Create an artificial Guard response in case we didn't get a clear Permit or Deny
- //
- if ("Indeterminate".equals(guardResponse.getResult())) {
- guardResponse.setOperation(recipe);
- guardResponse.setRequestId(UUID.fromString(requestId));
- }
-
- long estimatedTime = System.nanoTime() - startTime;
- logger.debug("\n\n============ Guard inserted with decision {} !!! =========== time took: {} mili sec \n\n",
- guardResponse.getResult(), (double) estimatedTime / 1000 / 1000);
- workingMemory.insert(guardResponse);
-
- }
-
-}
diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java
deleted file mode 100644
index 6b11c1afa..000000000
--- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-public enum GuardResult {
- LOCK_ACQUIRED, LOCK_DENIED, LOCK_EXCEPTION;
-}
diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java
deleted file mode 100644
index 8887e00b7..000000000
--- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.util.UUID;
-
-public class PolicyGuardRequest {
- private String actor;
- private String target;
- private UUID requestId;
- private String operation;
-
- /**
- * Construct an instance.
- *
- * @param actor the actor
- * @param target the target
- * @param requestId the request Id
- * @param operation the operation
- */
- public PolicyGuardRequest(String actor, String target, UUID requestId, String operation) {
- super();
- this.actor = actor;
- this.target = target;
- this.requestId = requestId;
- this.operation = operation;
- }
-
- @Override
- public String toString() {
- return "PolicyGuardRequest [actor=" + actor + ", target=" + target + ", requestId=" + requestId + ", operation="
- + operation + "]";
- }
-
- public String getActor() {
- return actor;
- }
-
- public void setActor(String actor) {
- this.actor = actor;
- }
-
- public String getTarget() {
- return target;
- }
-
- public void setTarget(String target) {
- this.target = target;
- }
-
- public UUID getRequestId() {
- return requestId;
- }
-
- public void setRequestId(UUID requestId) {
- this.requestId = requestId;
- }
-
- public String getOperation() {
- return operation;
- }
-
- public void setOperation(String operation) {
- this.operation = operation;
- }
-}
diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java
deleted file mode 100644
index 574c50b79..000000000
--- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.util.UUID;
-
-public class PolicyGuardResponse {
- private UUID requestId;
- private String operation;
- private String result;
-
- /**
- * Create an instance.
- *
- * @param result the result
- * @param req the request Id
- * @param op the operation
- */
- public PolicyGuardResponse(String result, UUID req, String op) {
- this.result = result;
- this.requestId = req;
- this.operation = op;
- }
-
- @Override
- public String toString() {
- return "PolicyGuardResponse [requestId=" + requestId + ", operation=" + operation + ", result=" + result + "]";
- }
-
- public UUID getRequestId() {
- return requestId;
- }
-
- public void setRequestId(UUID requestId) {
- this.requestId = requestId;
- }
-
- public String getResult() {
- return result;
- }
-
- public void setResult(String result) {
- this.result = result;
- }
-
- public String getOperation() {
- return operation;
- }
-
- public void setOperation(String operation) {
- this.operation = operation;
- }
-}
diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java
deleted file mode 100644
index d9ace1d83..000000000
--- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * ONAP
- * ================================================================================
- * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved.
- * Modifications Copyright (C) 2019 Samsung Electronics Co., Ltd.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-import org.apache.commons.lang3.tuple.Pair;
-import org.onap.policy.common.endpoints.event.comm.Topic.CommInfrastructure;
-import org.onap.policy.common.endpoints.utils.NetLoggerUtil;
-import org.onap.policy.common.endpoints.utils.NetLoggerUtil.EventType;
-import org.onap.policy.common.utils.coder.CoderException;
-import org.onap.policy.common.utils.coder.StandardCoder;
-import org.onap.policy.drools.system.PolicyEngineConstants;
-import org.onap.policy.models.decisions.concepts.DecisionRequest;
-import org.onap.policy.models.decisions.concepts.DecisionResponse;
-import org.onap.policy.rest.RestManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-
-public class PolicyGuardXacmlHelper {
- private static final Logger logger = LoggerFactory.getLogger(PolicyGuardXacmlHelper.class);
-
- private String url;
- private String user;
- private String pwd;
-
- /**
- * Constructor.
- */
- public PolicyGuardXacmlHelper() {
- this.url = PolicyEngineConstants.getManager().getEnvironmentProperty("guard.url");
- this.user = PolicyEngineConstants.getManager().getEnvironmentProperty("pdpx.username");
- this.pwd = PolicyEngineConstants.getManager().getEnvironmentProperty("pdpx.password");
- }
-
- /**
- * Call PDP.
- *
- * @param xacmlReq the XACML request
- * @return the response
- */
- public String callPdp(PolicyGuardXacmlRequestAttributes xacmlReq) {
- //
- // Create a request suitable for API
- //
- DecisionRequest decisionRequest = new DecisionRequest();
- decisionRequest.setOnapName("Policy");
- decisionRequest.setOnapComponent("Drools PDP");
- decisionRequest.setOnapInstance("usecase template");
- decisionRequest.setRequestId(UUID.randomUUID().toString());
- decisionRequest.setAction("guard");
- Map<String, String> guard = new HashMap<>();
- guard.put("actor", xacmlReq.getActorId());
- guard.put("operation", xacmlReq.getOperationId());
- guard.put("target", xacmlReq.getTargetId());
- if (xacmlReq.getClnameId() != null) {
- guard.put("clname", xacmlReq.getClnameId());
- }
- if (xacmlReq.getVfCount() != null) {
- guard.put("vfCount", Integer.toString(xacmlReq.getVfCount()));
- }
- Map<String, Object> resources = new HashMap<>();
- resources.put("guard", guard);
- decisionRequest.setResource(resources);
-
- try {
- //
- // Call RESTful PDP
- //
- NetLoggerUtil.log(EventType.OUT, CommInfrastructure.REST, this.url, decisionRequest.toString());
- String response = callRestfulPdp(decisionRequest);
- NetLoggerUtil.log(EventType.IN, CommInfrastructure.REST, this.url, response);
-
- return response;
- } catch (Exception e) {
- logger.error("Exception in sending RESTful request: ", e);
- }
-
- return Util.DENY;
- }
-
- /**
- * This makes an HTTP POST call to a running PDP RESTful servlet to get a decision.
- *
- * @param decisionRequest The Decision request
- * @return response from guard which contains "Permit" or "Deny"
- * @throws CoderException Exception when converting to/from JSON the message body
- */
- private String callRestfulPdp(DecisionRequest decisionRequest) throws CoderException {
- StandardCoder coder = new StandardCoder();
-
- String jsonBody = coder.encode(decisionRequest);
- RestManager restManager = new RestManager();
-
- Map<String, String> headers = new HashMap<>();
- headers.put("Accepts", "application/json");
-
- logger.info("Guard Decision Request: {}", jsonBody);
-
- Pair<Integer, String> httpDetails = restManager.post(url, user, pwd, headers, "application/json", jsonBody);
-
- if (httpDetails == null) {
- logger.error("Guard rest call returned a null pair - defaulting to DENY");
- return Util.DENY;
- }
-
- logger.info("Guard Decision REST Response {} {}", httpDetails.getLeft(), httpDetails.getRight());
-
- if (httpDetails.getLeft() == 200) {
- DecisionResponse decision = coder.decode(httpDetails.getRight(), DecisionResponse.class);
- logger.info("Guard Decision {}", decision);
- return decision.getStatus();
- }
-
- return Util.DENY;
- }
-
-}
diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java
deleted file mode 100644
index c888f94c1..000000000
--- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import com.att.research.xacml.std.annotations.XACMLAction;
-import com.att.research.xacml.std.annotations.XACMLRequest;
-import com.att.research.xacml.std.annotations.XACMLResource;
-import com.att.research.xacml.std.annotations.XACMLSubject;
-
-@XACMLRequest(ReturnPolicyIdList = true, CombinedDecision = true)
-public class PolicyGuardXacmlRequestAttributes {
-
- @XACMLSubject(includeInResults = true, attributeId = "urn:org:onap:guard:clname:clname-id")
- String clnameId;
-
- @XACMLSubject(includeInResults = true, attributeId = "urn:org:onap:guard:actor:actor-id")
- String actorId;
-
- @XACMLAction(includeInResults = true, attributeId = "urn:org:onap:guard:operation:operation-id")
- String operationId;
-
- @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:target:target-id")
- String targetId;
-
- @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:request:request-id")
- String requestId;
-
- @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:request:vf-count")
- Integer vfCount;
-
- /**
- * Construct an instance.
- *
- * @param clnameId the control loop Id
- * @param actorId the actor Id
- * @param operationId the operation Id
- * @param targetId the target Id
- * @param requestId the request Id
- * @param vfCount the new number of VF Modules
- */
- public PolicyGuardXacmlRequestAttributes(String clnameId, String actorId, String operationId, String targetId,
- String requestId, Integer vfCount) {
- super();
- this.clnameId = clnameId;
- this.actorId = actorId;
- this.operationId = operationId;
- this.targetId = targetId;
- this.requestId = requestId;
- this.vfCount = vfCount;
- }
-
- @Override
- public String toString() {
- return "PolicyGuardXacmlRequestAttributes [actorId=" + actorId + ", operationId=" + operationId + ", targetId="
- + targetId + ", requestId=" + requestId + "]";
- }
-
- public String getActorId() {
- return actorId;
- }
-
- public void setActorId(String actorId) {
- this.actorId = actorId;
- }
-
- public String getOperationId() {
- return operationId;
- }
-
- public void setOperationId(String operationId) {
- this.operationId = operationId;
- }
-
- public String getTargetId() {
- return targetId;
- }
-
- public void setTargetId(String targetId) {
- this.targetId = targetId;
- }
-
- public String getRequestId() {
- return requestId;
- }
-
- public void setRequestId(String requestId) {
- this.requestId = requestId;
- }
-
- public String getClnameId() {
- return clnameId;
- }
-
- public void setClnameId(String clnameId) {
- this.clnameId = clnameId;
- }
-
- public Integer getVfCount() {
- return vfCount;
- }
-
- public void setVfCount(Integer vfCount) {
- this.vfCount = vfCount;
- }
-}
diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java
deleted file mode 100644
index 60ccce05d..000000000
--- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java
+++ /dev/null
@@ -1,210 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017, 2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.io.IOException;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.List;
-import java.util.function.Consumer;
-import org.onap.policy.controlloop.policy.guard.Constraint;
-import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
-import org.onap.policy.controlloop.policy.guard.GuardPolicy;
-import org.onap.policy.controlloop.policy.guard.MatchParameters;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class PolicyGuardYamlToXacml {
- private static final Logger logger = LoggerFactory.getLogger(PolicyGuardYamlToXacml.class);
-
- private PolicyGuardYamlToXacml() {
- // Construction of this static class is not allowed
- }
-
- /**
- * Convert from Yaml to Xacml.
- *
- * @param yamlFile the Yaml file
- * @param xacmlTemplate the Xacml template
- * @param xacmlPolicyOutput the Xacml output
- */
- public static void fromYamlToXacml(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput) {
- fromYamlToXacml(yamlFile, xacmlTemplate, xacmlPolicyOutput, PolicyGuardYamlToXacml::generateXacmlGuard,
- constraint -> {
- logger.debug("num: {}", constraint.getFreq_limit_per_target());
- logger.debug("duration: {}", constraint.getTime_window());
- logger.debug("time_in_range: {}", constraint.getActive_time_range());
- });
- }
-
- /**
- * Convert from Yaml to Xacml.
- *
- * @param yamlFile the Yaml file
- * @param xacmlTemplate the Xacml template
- * @param xacmlPolicyOutput the Xacml output
- * @param generator function to generate the yaml from the xacml
- * @param logConstraint function to log relevant fields of the constraint
- */
- public static void fromYamlToXacml(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput,
- Generator generator, Consumer<Constraint> logConstraint) {
-
- ControlLoopGuard yamlGuardObject = Util.loadYamlGuard(yamlFile);
- GuardPolicy guardPolicy = yamlGuardObject.getGuards().get(0);
- logger.debug("clname: {}", guardPolicy.getMatch_parameters().getControlLoopName());
- logger.debug("actor: {}", guardPolicy.getMatch_parameters().getActor());
- logger.debug("recipe: {}", guardPolicy.getMatch_parameters().getRecipe());
- Constraint constraint = guardPolicy.getLimit_constraints().get(0);
- logConstraint.accept(constraint);
-
- Path xacmlTemplatePath = Paths.get(xacmlTemplate);
- String xacmlTemplateContent;
-
- try {
- xacmlTemplateContent = new String(Files.readAllBytes(xacmlTemplatePath));
-
- String xacmlPolicyContent = generator.apply(xacmlTemplateContent,
- guardPolicy.getMatch_parameters(), constraint);
-
- Files.write(Paths.get(xacmlPolicyOutput), xacmlPolicyContent.getBytes());
-
- } catch (IOException e) {
- logger.error("fromYamlToXacml threw: ", e);
- }
- }
-
- /**
- * Generate a Xacml guard.
- *
- * @param xacmlTemplateContent the Xacml template content
- * @param matchParameters the paremeters to use
- * @param constraint the constraint to use
- * @return the guard
- */
- private static String generateXacmlGuard(String xacmlTemplateContent, MatchParameters matchParameters,
- Constraint constraint) {
-
- xacmlTemplateContent = doCommonReplacements(xacmlTemplateContent, matchParameters, constraint);
-
- String targetsRegex = "";
- if (isNullOrEmptyList(matchParameters.getTargets())) {
- targetsRegex = ".*";
- } else {
- StringBuilder targetsRegexSb = new StringBuilder();
- boolean addBarChar = false;
- for (String t : matchParameters.getTargets()) {
- targetsRegexSb.append(t);
- if (addBarChar) {
- targetsRegexSb.append("|");
- } else {
- addBarChar = true;
- }
- }
- targetsRegex = targetsRegexSb.toString();
- }
- xacmlTemplateContent = xacmlTemplateContent.replace("${targets}", targetsRegex);
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${limit}",
- constraint.getFreq_limit_per_target().toString());
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${twValue}", constraint.getTime_window().get("value"));
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${twUnits}", constraint.getTime_window().get("units"));
-
- logger.debug(xacmlTemplateContent);
-
- return xacmlTemplateContent;
- }
-
- private static String doCommonReplacements(String xacmlTemplateContent, MatchParameters matchParameters,
- Constraint constraint) {
-
- replaceNullOrEmpty(matchParameters.getControlLoopName(), matchParameters::setControlLoopName, ".*");
- xacmlTemplateContent = xacmlTemplateContent.replace("${clname}", matchParameters.getControlLoopName());
-
- replaceNullOrEmpty(matchParameters.getActor(), matchParameters::setActor, ".*");
- xacmlTemplateContent = xacmlTemplateContent.replace("${actor}", matchParameters.getActor());
-
- replaceNullOrEmpty(matchParameters.getRecipe(), matchParameters::setRecipe, ".*");
- xacmlTemplateContent = xacmlTemplateContent.replace("${recipe}", matchParameters.getRecipe());
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${guardActiveStart}",
- constraint.getActive_time_range().get("start"));
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${guardActiveEnd}",
- constraint.getActive_time_range().get("end"));
-
- return xacmlTemplateContent;
- }
-
- private static void replaceNullOrEmpty(String text, Consumer<String> replacer, String newValue) {
- if (isNullOrEmpty(text)) {
- replacer.accept(newValue);
- }
- }
-
- public static boolean isNullOrEmpty(String string) {
- return string == null || string.trim().isEmpty();
- }
-
- public static boolean isNullOrEmptyList(List<String> list) {
- return list == null || list.isEmpty();
- }
-
- /**
- * Convert from Yaml to Xacml blacklist.
- *
- * @param yamlFile the Yaml file
- * @param xacmlTemplate the Xacml template
- * @param xacmlPolicyOutput the Xacml output
- */
- public static void fromYamlToXacmlBlacklist(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput) {
- fromYamlToXacml(yamlFile, xacmlTemplate, xacmlPolicyOutput, PolicyGuardYamlToXacml::generateXacmlGuardBlacklist,
- constraint -> {
- logger.debug("freq_limit_per_target: {}", constraint.getFreq_limit_per_target());
- logger.debug("time_window: {}", constraint.getTime_window());
- logger.debug("active_time_range: {}", constraint.getActive_time_range());
- });
- }
-
- private static String generateXacmlGuardBlacklist(String xacmlTemplateContent, MatchParameters matchParameters,
- Constraint constraint) {
-
- String result = doCommonReplacements(xacmlTemplateContent, matchParameters, constraint);
-
- for (String target : constraint.getBlacklist()) {
- result = result.replace("${blackListElement}",
- "<AttributeValue DataType=\"http://www.w3.org/2001/XMLSchema#string\">" + target
- + "</AttributeValue>" + "\n\t\t\t\t\t\t\\${blackListElement}\n");
- }
-
- result = result.replace("\t\t\t\t\t\t\\${blackListElement}\n", "");
-
- return result;
- }
-
- @FunctionalInterface
- private static interface Generator {
- public String apply(String xacmlTemplateContent, MatchParameters matchParameters,
- Constraint constraint);
- }
-}
diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java
deleted file mode 100644
index 717ca3f45..000000000
--- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java
+++ /dev/null
@@ -1,149 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.charset.StandardCharsets;
-import org.apache.commons.io.IOUtils;
-import org.onap.policy.controlloop.policy.ControlLoopPolicy;
-import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
-import org.onap.policy.drools.system.PolicyEngineConstants;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.yaml.snakeyaml.Yaml;
-import org.yaml.snakeyaml.constructor.Constructor;
-
-public final class Util {
- /*
- * Keys for guard properties
- */
- public static final String PROP_GUARD_URL = "guard.url";
- public static final String PROP_GUARD_USER = "pdpx.username";
- public static final String PROP_GUARD_PASS = "pdpx.password";
- public static final String PROP_GUARD_DISABLED = "guard.disabled";
-
- /*
- * Keys for eclipse link and ONAP properties
- */
- public static final String ECLIPSE_LINK_KEY_URL = "javax.persistence.jdbc.url";
- public static final String ECLIPSE_LINK_KEY_USER = "javax.persistence.jdbc.user";
- public static final String ECLIPSE_LINK_KEY_PASS = "javax.persistence.jdbc.password";
-
- public static final String ONAP_KEY_URL = "guard.jdbc.url";
- public static final String ONAP_KEY_USER = "sql.db.username";
- public static final String ONAP_KEY_PASS = "sql.db.password";
-
- /*
- * Guard responses
- */
- public static final String INDETERMINATE = "Indeterminate";
- public static final String PERMIT = "Permit";
- public static final String DENY = "Deny";
-
- /*
- * Junit props
- */
- protected static final String PU_KEY = "OperationsHistoryPU";
- protected static final String JUNITPU = "OperationsHistoryPUTest";
-
- private static final Logger logger = LoggerFactory.getLogger(Util.class);
-
- public static class Pair<A, B> {
- public final A parameterA;
- public final B parameterB;
-
- public Pair(A parameterA, B parameterB) {
- this.parameterA = parameterA;
- this.parameterB = parameterB;
- }
- }
-
- private Util() {
- // This static class cannot be instantiated
- }
-
- /**
- * Load a Yaml file.
- *
- * @param testFile the Yaml file
- * @return the policies
- */
- public static Pair<ControlLoopPolicy, String> loadYaml(String testFile) {
- try (InputStream is = new FileInputStream(new File(testFile))) {
- String contents = IOUtils.toString(is, StandardCharsets.UTF_8);
- //
- // Read the yaml into our Java Object
- //
- Yaml yaml = new Yaml(new Constructor(ControlLoopPolicy.class));
- Object obj = yaml.load(contents);
-
- logger.debug(contents);
-
- return new Pair<>((ControlLoopPolicy) obj, contents);
- } catch (IOException e) {
- logger.error(e.getLocalizedMessage(), e);
- }
- return null;
- }
-
- /**
- * Load a Yaml guard.
- *
- * @param testFile the Yaml file
- * @return the guard
- */
- public static ControlLoopGuard loadYamlGuard(String testFile) {
- try (InputStream is = new FileInputStream(new File(testFile))) {
- String contents = IOUtils.toString(is, StandardCharsets.UTF_8);
- //
- // Read the yaml into our Java Object
- //
- Yaml yaml = new Yaml(new Constructor(ControlLoopGuard.class));
- Object obj = yaml.load(contents);
- return (ControlLoopGuard) obj;
- } catch (IOException e) {
- logger.error(e.getLocalizedMessage(), e);
- }
- return null;
- }
-
- /**
- * Sets Guard Properties.
- *
- * <p>see /guard/src/test/java/org/onap/policy/guard/UtilTest.java for setting test properties
- */
- public static void setGuardEnvProps(String url, String username, String password) {
- PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_URL, url);
- PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_USER, username);
- PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_PASS, password);
- }
-
- public static void setGuardEnvProp(String key, String value) {
- PolicyEngineConstants.getManager().setEnvironmentProperty(key, value);
- }
-
- public static String getGuardProp(String propName) {
- return PolicyEngineConstants.getManager().getEnvironmentProperty(propName);
- }
-}
diff --git a/controlloop/common/guard/src/main/resources/META-INF/persistence.xml b/controlloop/common/guard/src/main/resources/META-INF/persistence.xml
deleted file mode 100644
index cf7e28190..000000000
--- a/controlloop/common/guard/src/main/resources/META-INF/persistence.xml
+++ /dev/null
@@ -1,43 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<!--
- ============LICENSE_START=======================================================
- drools-applications
- ================================================================================
- Copyright (C) 2018-2020 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-<persistence xmlns="http://java.sun.com/xml/ns/persistence"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/persistence
- http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd" version="1.0">
-
- <persistence-unit name="OperationsHistoryPU" transaction-type="RESOURCE_LOCAL">
- <provider>org.eclipse.persistence.jpa.PersistenceProvider</provider>
-
- <class>org.onap.policy.guard.OperationsHistory</class>
-
- <properties>
- <property name="eclipselink.ddl-generation" value="create-tables"/>
- <property name="eclipselink.logging.level" value="INFO" />
- <property name="javax.persistence.jdbc.driver" value="org.mariadb.jdbc.Driver" />
- <property name="javax.persistence.jdbc.url" value="jdbc:mariadb://mariadb:3306/operationshistory"/>
- <property name="javax.persistence.jdbc.user" value="policy_user"/>
- <property name="javax.persistence.jdbc.password" value="cG9saWN5X3VzZXI="/>
- <property name="javax.persistence.schema-generation.database.action" value="drop-and-create"/>
- <property name="javax.persistence.schema-generation.create-source" value="metadata"/>
- </properties>
- </persistence-unit>
-
-</persistence>