summaryrefslogtreecommitdiffstats
path: root/controlloop/templates/template.demo/src/main/resources
diff options
context:
space:
mode:
authorMichael Borokhovich <michael@research.att.com>2017-07-20 09:53:57 -0400
committerMichael Borokhovich <michael@research.att.com>2017-07-20 12:11:23 -0400
commitfa09813ca39cbdb7a0ac6a38507d4ea96e28879f (patch)
treec9b2cc4bdf2c109ab43f79afd1af4909f813636b /controlloop/templates/template.demo/src/main/resources
parentd3c335e97b9d262588696784551e8bd02ce8331f (diff)
[POLICY-80] Adding the Policy Guard features
Two Policy Guard features added: Frequency-limiter and Blacklist. Change-Id: I48184ab0ae9760c9ea7594cd7346b456aa964d48 Signed-off-by: Michael Borokhovich <michael@research.att.com>
Diffstat (limited to 'controlloop/templates/template.demo/src/main/resources')
-rw-r--r--controlloop/templates/template.demo/src/main/resources/ControlLoop_Template_xacml_guard.drl9
-rw-r--r--controlloop/templates/template.demo/src/main/resources/blacklist_template.xml11
-rw-r--r--controlloop/templates/template.demo/src/main/resources/frequency_limiter_template.xml18
3 files changed, 29 insertions, 9 deletions
diff --git a/controlloop/templates/template.demo/src/main/resources/ControlLoop_Template_xacml_guard.drl b/controlloop/templates/template.demo/src/main/resources/ControlLoop_Template_xacml_guard.drl
index 330f41b56..a141f4956 100644
--- a/controlloop/templates/template.demo/src/main/resources/ControlLoop_Template_xacml_guard.drl
+++ b/controlloop/templates/template.demo/src/main/resources/ControlLoop_Template_xacml_guard.drl
@@ -17,8 +17,8 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
-package com.att.ecomp.policy.controlloop;
+
+package org.onap.policy.controlloop;
import org.onap.policy.controlloop.VirtualControlLoopEvent;
import org.onap.policy.controlloop.VirtualControlLoopNotification;
@@ -528,8 +528,6 @@ rule "${policyName}.EVENT.MANAGER.OPERATION.LOCKED.GUARD_NOT_YET_QUERIED"
Logger.metrics($lock);
-
-
//
// We are starting the operation but the actor won't be contacted until Guard is queried and permitted.
//
@@ -561,7 +559,8 @@ rule "${policyName}.EVENT.MANAGER.OPERATION.LOCKED.GUARD_NOT_YET_QUERIED"
Thread t = new Thread(new org.onap.policy.guard.CallGuardTask(
XacmlPdpEngine,
"",
- drools.getWorkingMemory(),
+ drools.getWorkingMemory(),
+ $event.closedLoopControlName,
$operation.policy.actor.toString(),
$operation.policy.recipe,
$manager.getTargetInstance($operation.policy),
diff --git a/controlloop/templates/template.demo/src/main/resources/blacklist_template.xml b/controlloop/templates/template.demo/src/main/resources/blacklist_template.xml
index 560fa57f1..5d31730db 100644
--- a/controlloop/templates/template.demo/src/main/resources/blacklist_template.xml
+++ b/controlloop/templates/template.demo/src/main/resources/blacklist_template.xml
@@ -4,11 +4,18 @@
<Target>
<AnyOf>
<AllOf>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
+ <!-- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*</AttributeValue>-->
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${clname}</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:clname:clname-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+
+ <!-- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">-->
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${actor}</AttributeValue>
<AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:actor:actor-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
</Match>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${recipe}</AttributeValue>
<AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:operation:operation-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
</Match>
diff --git a/controlloop/templates/template.demo/src/main/resources/frequency_limiter_template.xml b/controlloop/templates/template.demo/src/main/resources/frequency_limiter_template.xml
index 221fd6ddf..2d73a1e6d 100644
--- a/controlloop/templates/template.demo/src/main/resources/frequency_limiter_template.xml
+++ b/controlloop/templates/template.demo/src/main/resources/frequency_limiter_template.xml
@@ -4,14 +4,28 @@
<Target>
<AnyOf>
<AllOf>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
+ <!-- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*</AttributeValue>-->
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${clname}</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:clname:clname-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+
+ <!-- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">-->
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${actor}</AttributeValue>
<AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:actor:actor-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
</Match>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${recipe}</AttributeValue>
<AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:operation:operation-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
</Match>
+
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${targets}</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:target:target-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+
</AllOf>
</AnyOf>
</Target>