diff options
author | Michael Borokhovich <michael@research.att.com> | 2017-07-20 09:53:57 -0400 |
---|---|---|
committer | Michael Borokhovich <michael@research.att.com> | 2017-07-20 12:11:23 -0400 |
commit | fa09813ca39cbdb7a0ac6a38507d4ea96e28879f (patch) | |
tree | c9b2cc4bdf2c109ab43f79afd1af4909f813636b /controlloop/templates/template.demo/src/main/resources | |
parent | d3c335e97b9d262588696784551e8bd02ce8331f (diff) |
[POLICY-80] Adding the Policy Guard features
Two Policy Guard features added: Frequency-limiter and Blacklist.
Change-Id: I48184ab0ae9760c9ea7594cd7346b456aa964d48
Signed-off-by: Michael Borokhovich <michael@research.att.com>
Diffstat (limited to 'controlloop/templates/template.demo/src/main/resources')
3 files changed, 29 insertions, 9 deletions
diff --git a/controlloop/templates/template.demo/src/main/resources/ControlLoop_Template_xacml_guard.drl b/controlloop/templates/template.demo/src/main/resources/ControlLoop_Template_xacml_guard.drl index 330f41b56..a141f4956 100644 --- a/controlloop/templates/template.demo/src/main/resources/ControlLoop_Template_xacml_guard.drl +++ b/controlloop/templates/template.demo/src/main/resources/ControlLoop_Template_xacml_guard.drl @@ -17,8 +17,8 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - -package com.att.ecomp.policy.controlloop; + +package org.onap.policy.controlloop; import org.onap.policy.controlloop.VirtualControlLoopEvent; import org.onap.policy.controlloop.VirtualControlLoopNotification; @@ -528,8 +528,6 @@ rule "${policyName}.EVENT.MANAGER.OPERATION.LOCKED.GUARD_NOT_YET_QUERIED" Logger.metrics($lock); - - // // We are starting the operation but the actor won't be contacted until Guard is queried and permitted. // @@ -561,7 +559,8 @@ rule "${policyName}.EVENT.MANAGER.OPERATION.LOCKED.GUARD_NOT_YET_QUERIED" Thread t = new Thread(new org.onap.policy.guard.CallGuardTask( XacmlPdpEngine, "", - drools.getWorkingMemory(), + drools.getWorkingMemory(), + $event.closedLoopControlName, $operation.policy.actor.toString(), $operation.policy.recipe, $manager.getTargetInstance($operation.policy), diff --git a/controlloop/templates/template.demo/src/main/resources/blacklist_template.xml b/controlloop/templates/template.demo/src/main/resources/blacklist_template.xml index 560fa57f1..5d31730db 100644 --- a/controlloop/templates/template.demo/src/main/resources/blacklist_template.xml +++ b/controlloop/templates/template.demo/src/main/resources/blacklist_template.xml @@ -4,11 +4,18 @@ <Target> <AnyOf> <AllOf> - <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> + <!-- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*</AttributeValue>--> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${clname}</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:clname:clname-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + + <!-- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">--> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${actor}</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:actor:actor-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> - <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${recipe}</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:operation:operation-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> diff --git a/controlloop/templates/template.demo/src/main/resources/frequency_limiter_template.xml b/controlloop/templates/template.demo/src/main/resources/frequency_limiter_template.xml index 221fd6ddf..2d73a1e6d 100644 --- a/controlloop/templates/template.demo/src/main/resources/frequency_limiter_template.xml +++ b/controlloop/templates/template.demo/src/main/resources/frequency_limiter_template.xml @@ -4,14 +4,28 @@ <Target> <AnyOf> <AllOf> - <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> + <!-- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*</AttributeValue>--> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${clname}</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:clname:clname-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + + <!-- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">--> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${actor}</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:actor:actor-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> - <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${recipe}</AttributeValue> <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:operation:operation-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> </Match> + + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${targets}</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:target:target-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> </AnyOf> </Target> |