aboutsummaryrefslogtreecommitdiffstats
path: root/controlloop/templates
diff options
context:
space:
mode:
authorJoshua Reich <jreich@research.att.com>2019-02-15 13:40:07 -0800
committerJoshua Reich <jreich@research.att.com>2019-02-27 20:59:46 -0800
commitd01dd35e38462ad56a802b5bc3f2f9d64faa0b92 (patch)
treec59382daefba071c84a4e177b39ad4a6c499cfa3 /controlloop/templates
parent5cd902ff9e11c0f401e0633a32902a63f18596ba (diff)
YAML clc directive spec/compilation to XACML
Created java definition of CoordinationDirective class. Initial library supports one coordination directive FirstBlocksSecond, prototype for this directive added as firstBlocksSecond.xml. Functions for compiling example yaml directive are in SupportUtil. Change-Id: If7c22402729670403510f1fa2f7f43de6a4a522c Issue-ID: POLICY-1173 Signed-off-by: Joshua Reich <jreich@research.att.com>
Diffstat (limited to 'controlloop/templates')
-rw-r--r--controlloop/templates/template.demo.clc/pom.xml11
-rw-r--r--controlloop/templates/template.demo.clc/src/main/resources/coordination/prototype/firstBlocksSecond.xml60
-rw-r--r--controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/ControlLoopCoordinationTest.java148
-rw-r--r--controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/SupportUtil.java82
-rw-r--r--controlloop/templates/template.demo.clc/src/test/resources/coordination/synthetic_control_loop_one_blocks_synthetic_control_loop_two.yaml20
-rw-r--r--controlloop/templates/template.demo.clc/src/test/resources/properties/prototype/xacml_guard_clc.properties (renamed from controlloop/templates/template.demo.clc/src/test/resources/xacml/xacml_guard_clc.properties)27
-rw-r--r--controlloop/templates/template.demo.clc/src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml51
7 files changed, 266 insertions, 133 deletions
diff --git a/controlloop/templates/template.demo.clc/pom.xml b/controlloop/templates/template.demo.clc/pom.xml
index 5e80ad225..917b72fae 100644
--- a/controlloop/templates/template.demo.clc/pom.xml
+++ b/controlloop/templates/template.demo.clc/pom.xml
@@ -99,7 +99,7 @@
<artifactId>sdnc</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
- </dependency>
+ </dependency>
<dependency>
<groupId>org.onap.policy.drools-applications.controlloop.common.model-impl</groupId>
<artifactId>events</artifactId>
@@ -113,6 +113,12 @@
<scope>provided</scope>
</dependency>
<dependency>
+ <groupId>org.onap.policy.drools-applications.controlloop.common</groupId>
+ <artifactId>coordination</artifactId>
+ <version>${project.version}</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
<groupId>org.onap.policy.drools-applications.controlloop.common.model-impl</groupId>
<artifactId>aai</artifactId>
<version>${project.version}</version>
@@ -182,7 +188,7 @@
<artifactId>actor.sdnc</artifactId>
<version>${project.version}</version>
<scope>provided</scope>
- </dependency>
+ </dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
@@ -213,4 +219,3 @@
</dependency>
</dependencies>
</project>
-
diff --git a/controlloop/templates/template.demo.clc/src/main/resources/coordination/prototype/firstBlocksSecond.xml b/controlloop/templates/template.demo.clc/src/main/resources/coordination/prototype/firstBlocksSecond.xml
new file mode 100644
index 000000000..54cda9575
--- /dev/null
+++ b/controlloop/templates/template.demo.clc/src/main/resources/coordination/prototype/firstBlocksSecond.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+ ============LICENSE_START=======================================================
+ drools-applications
+ ================================================================================
+ Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+
+<!--
+# PIP Engine Definition
+#
+xacml.pip.engines=getstatus
+getstatus.classname=org.onap.policy.guard.PipEngineGetStatus
+getstatus.issuer=org:onap:policy:guard:getstatus
+-->
+
+<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:att:xacml:policy:id:son:guard:UNIQUE_ID" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny">
+ <Description>Policy for first_blocks_second coordination (if first running and second requests to run, deny second).</Description>
+ <Target>
+ <AnyOf>
+ <AllOf>
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
+ <!-- value to be autofilled by yaml from a xacml template -->
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">CONTROL_LOOP_TWO</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:clname:clname-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ </AllOf>
+ </AnyOf>
+ </Target>
+
+ <Rule RuleId="urn:com:att:xacml:rule:id:1" Effect="Deny">
+ <Description>First Is Running</Description>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <VariableReference VariableId="clc_status"/>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Success</AttributeValue>
+ </Apply>
+ </Condition>
+ </Rule>
+
+ <VariableDefinition VariableId="clc_status">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <!-- to be autofilled by yaml from a xacml template -->
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:research:xacml:test:sql:resource:operations:status" DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="org:onap:policy:guard:getstatus:clname:CONTROL_LOOP_ONE" MustBePresent="false"/>
+ </Apply>
+ </VariableDefinition>
+</Policy>
diff --git a/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/ControlLoopCoordinationTest.java b/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/ControlLoopCoordinationTest.java
index 4d8fca83b..ee5eceba9 100644
--- a/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/ControlLoopCoordinationTest.java
+++ b/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/ControlLoopCoordinationTest.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -27,9 +27,13 @@ import static org.junit.Assert.fail;
import com.google.gson.Gson;
+import java.io.File;
import java.io.IOException;
+import java.io.PrintWriter;
import java.lang.StringBuilder;
import java.net.URLEncoder;
+import java.nio.file.Files;
+import java.nio.file.Paths;
import java.time.Instant;
import java.util.HashMap;
import java.util.List;
@@ -59,6 +63,8 @@ import org.onap.policy.controlloop.ControlLoopTargetType;
import org.onap.policy.controlloop.VirtualControlLoopEvent;
import org.onap.policy.controlloop.VirtualControlLoopNotification;
import org.onap.policy.controlloop.policy.ControlLoopPolicy;
+import org.onap.policy.coordination.CoordinationDirective;
+import org.onap.policy.coordination.Util;
import org.onap.policy.drools.protocol.coders.EventProtocolCoder;
import org.onap.policy.drools.protocol.coders.EventProtocolParams;
import org.onap.policy.drools.protocol.coders.JsonProtocolFilter;
@@ -89,9 +95,11 @@ public class ControlLoopCoordinationTest implements TopicListener {
/**
* Setup simulator.
+ *
+ * @throws IOException when thrown by buildAaiSim
*/
@BeforeClass
- public static void setUpSimulator() {
+ public static void setUpSimulator() throws Exception {
PolicyEngine.manager.configure(new Properties());
assertTrue(PolicyEngine.manager.start());
Properties noopSinkProperties = new Properties();
@@ -119,34 +127,69 @@ public class ControlLoopCoordinationTest implements TopicListener {
.eventClass("org.onap.policy.appclcm.LcmRequestWrapper")
.protocolFilter(new JsonProtocolFilter())
.modelClassLoaderHash(1111));
- try {
- SupportUtil.buildAaiSim();
- } catch (Exception e) {
- fail(e.getMessage());
- }
-
+ SupportUtil.buildAaiSim();
+ /*
+ * Apply the coordination directive
+ */
+ final String coordinationDir = "src/test/resources/coordination";
+ final String coordinationProtoDir = "src/main/resources/coordination/prototype";
+ final String coordinationDirectiveName = "synthetic_control_loop_one_blocks_synthetic_control_loop_two";
+ final String propertiesDir = "src/test/resources/properties";
+ final String propertiesProtoDir = "src/test/resources/properties/prototype";
+ final String xacmlDir = "src/test/resources/xacml";
+ final String yamlDir = "src/test/resources/yaml";
+
+ String coordinationDirectiveFile = coordinationDir + File.separator + coordinationDirectiveName + ".yaml";
+ /*
+ * Load the coordination directive from the Yaml encoding
+ */
+ CoordinationDirective cd = Util.loadCoordinationDirectiveFromFile(coordinationDirectiveFile);
+ logger.info("CoordinationDirective={}", cd.toString());
+ /*
+ * Generate the Xacml policy from the coordination directive
+ */
+ String xacmlPolicy = Util.generateXacmlFromCoordinationDirective(cd, coordinationProtoDir);
+ /*
+ * Create directory for Xacml output file, if necessary
+ */
+ Files.createDirectories(Paths.get(xacmlDir));
+ /*
+ * Write Xacml policy to file
+ */
+ String xacmlFilename = xacmlDir + File.separator
+ + cd.getCoordinationFunction()
+ + cd.getControlLoop(0)
+ + cd.getControlLoop(1)
+ + ".xml";
+ File xacmlFile = new File(xacmlFilename);
+ PrintWriter xacmlFileWriter = new PrintWriter(xacmlFile);
+ xacmlFileWriter.println(xacmlPolicy);
+ xacmlFileWriter.flush();
+ /*
+ * Remove Xacml file after test
+ */
+ xacmlFile.deleteOnExit();
+ /*
+ * Insert the Xacml policy file into the PDP
+ */
+ SupportUtil.insertXacmlPolicy(xacmlFilename, propertiesProtoDir, propertiesDir);
/*
* Start the kie sessions
*/
- try {
- kieSession1 = startSession(
+ kieSession1 = startSession(
controlLoopOneName,
"src/main/resources/__closedLoopControlName__.drl",
- "src/test/resources/yaml/policy_ControlLoop_SyntheticOne.yaml",
+ yamlDir + "/policy_ControlLoop_SyntheticOne.yaml",
"service=ServiceDemo;resource=Res1Demo;type=operational",
"SyntheticControlLoopOnePolicy",
"org.onap.closed_loop.ServiceDemo:VNFS:1.0.0");
- kieSession2 = startSession(
+ kieSession2 = startSession(
controlLoopTwoName,
"src/main/resources/__closedLoopControlName__.drl",
- "src/test/resources/yaml/policy_ControlLoop_SyntheticTwo.yaml",
+ yamlDir + "/policy_ControlLoop_SyntheticTwo.yaml",
"service=ServiceDemo;resource=Res1Demo;type=operational",
"SyntheticControlLoopTwoPolicy",
"org.onap.closed_loop.ServiceDemo:VNFS:1.0.0");
- } catch (IOException e) {
- logger.debug("Could not create kieSession, exception {}", e.getMessage());
- fail("Could not create kieSession");
- }
}
/**
@@ -168,7 +211,7 @@ public class ControlLoopCoordinationTest implements TopicListener {
/**
* Set expected decision.
- *
+ *
* @param ed the expected decision ("PERMIT" or "DENY")
*/
public void expectedDecisionIs(String ed) {
@@ -180,7 +223,7 @@ public class ControlLoopCoordinationTest implements TopicListener {
* This method is used to simulate event messages from DCAE
* that start the control loop (onset message) or end the
* control loop (abatement message).
- *
+ *
* @param controlLoopName the control loop name
* @param requestId the requestId for this event
* @param status could be onset or abated
@@ -188,7 +231,7 @@ public class ControlLoopCoordinationTest implements TopicListener {
* @param kieSession the kieSession to which this event is being sent
*/
protected void sendEvent(String controlLoopName,
- UUID requestId,
+ UUID requestId,
ControlLoopEventStatus status,
String target,
KieSession kieSession) {
@@ -206,14 +249,14 @@ public class ControlLoopCoordinationTest implements TopicListener {
Gson gson = new Gson();
String json = gson.toJson(event);
logger.debug("sendEvent {}", json);
-
+
kieSession.insert(event);
}
-
+
/**
* Simulate an event by inserting into kieSession and firing rules as needed.
- *
+ *
* @param cles the ControlLoopEventStatus
* @param rid the request ID
* @param controlLoopName the control loop name
@@ -234,12 +277,12 @@ public class ControlLoopCoordinationTest implements TopicListener {
}
//
// simulate sending event
- //
+ //
sendEvent(controlLoopName, rid, cles, target, kieSession);
kieSession.fireUntilHalt();
//
// get dump of database entries and log
- //
+ //
List<?> entries = SupportUtil.dumpDb();
assertNotNull(entries);
logger.debug("dumpDB, {} entries", entries.size());
@@ -248,17 +291,17 @@ public class ControlLoopCoordinationTest implements TopicListener {
}
//
// we are done
- //
+ //
logger.info("simulateEvent: done");
}
/**
* Simulate an onset event.
- *
+ *
* @param rid the request ID
* @param controlLoopName the control loop name
* @param kieSession the kieSession to which this event is being sent
- * @param expectedDecision the expected decision
+ * @param expectedDecision the expected decision
*/
public void simulateOnset(UUID rid,
String controlLoopName,
@@ -270,7 +313,7 @@ public class ControlLoopCoordinationTest implements TopicListener {
/**
* Simulate an abated event.
- *
+ *
* @param rid the request ID
* @param controlLoopName the control loop name
* @param kieSession the kieSession to which this event is being sent
@@ -281,10 +324,10 @@ public class ControlLoopCoordinationTest implements TopicListener {
KieSession kieSession) {
simulateEvent(ControlLoopEventStatus.ABATED, rid, controlLoopName, target, kieSession, null);
}
-
+
/**
* This method will start a kie session and instantiate the Policy Engine.
- *
+ *
* @param droolsTemplate the DRL rules file
* @param yamlFile the yaml file containing the policies
* @param policyScope scope for policy
@@ -312,11 +355,11 @@ public class ControlLoopCoordinationTest implements TopicListener {
controlLoopName.append(pair.first.getControlLoop().getControlLoopName());
String yamlContents = pair.second;
-
+
/*
* Construct a kie session
*/
- final KieSession kieSession = SupportUtil.buildContainer(droolsTemplate,
+ final KieSession kieSession = SupportUtil.buildContainer(droolsTemplate,
controlLoopName.toString(),
policyScope,
policyName,
@@ -336,7 +379,7 @@ public class ControlLoopCoordinationTest implements TopicListener {
/*
* (non-Javadoc)
- *
+ *
* @see org.onap.policy.drools.PolicyEngineListener#newEventNotification(java.lang.String)
*/
@Override
@@ -400,7 +443,7 @@ public class ControlLoopCoordinationTest implements TopicListener {
logger.debug("Halting kieSession2");
kieSession2.halt();
} else {
- fail("Unknown ControlLoop");
+ fail("Unknown ControlLoop");
}
}
} else if (policyName.endsWith("EVENT.MANAGER.TIMEOUT")) {
@@ -435,7 +478,7 @@ public class ControlLoopCoordinationTest implements TopicListener {
/**
* This method will dump all the facts in the working memory.
- *
+ *
* @param kieSession the session containing the facts
*/
public void dumpFacts(KieSession kieSession) {
@@ -454,14 +497,14 @@ public class ControlLoopCoordinationTest implements TopicListener {
logger.info("Beginning testSyntheticControlLoopOneBlocksSyntheticControlLoopTwo");
/*
* Allows the PolicyEngine to callback to this object to
- * notify that there is an event ready to be pulled
+ * notify that there is an event ready to be pulled
* from the queue
*/
for (TopicSink sink : noopTopics) {
assertTrue(sink.start());
sink.register(this);
}
-
+
/*
* Create unique requestIds
*/
@@ -475,25 +518,33 @@ public class ControlLoopCoordinationTest implements TopicListener {
final String t1 = "TARGET_1";
final String t2 = "TARGET_2";
- logger.info("@@@@@@@@@@ cl2 ONSET t1 (Success) @@@@@@@@@@");
+ logger.info("@@@@@@@@@@ cl2 ONSET t1 (Success) @@@@@@@@@@");
simulateOnset(requestId1, cl2, t1, kieSession2,"PERMIT");
- logger.info("@@@@@@@@@@ cl1 ONSET t1 @@@@@@@@@@");
+
+ logger.info("@@@@@@@@@@ cl1 ONSET t1 @@@@@@@@@@");
simulateOnset(requestId2, cl1, t1, kieSession1,"PERMIT");
- logger.info("@@@@@@@@@@ cl2 ABATED t1 @@@@@@@@@@");
+
+ logger.info("@@@@@@@@@@ cl2 ABATED t1 @@@@@@@@@@");
simulateAbatement(requestId1, cl2, t1, kieSession2);
- logger.info("@@@@@@@@@@ cl2 ONSET t1 (Fail) @@@@@@@@@@");
+
+ logger.info("@@@@@@@@@@ cl2 ONSET t1 (Fail) @@@@@@@@@@");
simulateOnset(requestId3, cl2, t1, kieSession2,"DENY");
+
logger.info("@@@@@@@@@@ cl2 ONSET t2 (Success) @@@@@@@@@@");
simulateOnset(requestId4, cl2, t2, kieSession2,"PERMIT");
- logger.info("@@@@@@@@@@ cl2 ABATED t2 @@@@@@@@@@");
+
+ logger.info("@@@@@@@@@@ cl2 ABATED t2 @@@@@@@@@@");
simulateAbatement(requestId4, cl2, t2, kieSession2);
- logger.info("@@@@@@@@@@ cl1 ABATED t1 @@@@@@@@@@");
+
+ logger.info("@@@@@@@@@@ cl1 ABATED t1 @@@@@@@@@@");
simulateAbatement(requestId2, cl1, t1, kieSession1);
- logger.info("@@@@@@@@@@ cl2 ONSET t1 (Success) @@@@@@@@@@");
+
+ logger.info("@@@@@@@@@@ cl2 ONSET t1 (Success) @@@@@@@@@@");
simulateOnset(requestId5, cl2, t1, kieSession2,"PERMIT");
- logger.info("@@@@@@@@@@ cl2 ABATED t1 @@@@@@@@@@");
+
+ logger.info("@@@@@@@@@@ cl2 ABATED t1 @@@@@@@@@@");
simulateAbatement(requestId5, cl2, t1, kieSession2);
-
+
/*
* Print what's left in memory
*/
@@ -501,4 +552,3 @@ public class ControlLoopCoordinationTest implements TopicListener {
dumpFacts(kieSession2);
}
}
-
diff --git a/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/SupportUtil.java b/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/SupportUtil.java
index bf2038cc2..a9f0a04e4 100644
--- a/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/SupportUtil.java
+++ b/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/SupportUtil.java
@@ -2,14 +2,14 @@
* ============LICENSE_START=======================================================
* demo
* ================================================================================
- * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -22,17 +22,23 @@ package org.onap.policy.template.demo.clc;
import static org.junit.Assert.fail;
+import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
+import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
+import java.io.PrintWriter;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.List;
+import java.util.Map;
+import java.util.UUID;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+import java.util.stream.Stream;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
@@ -49,6 +55,8 @@ import org.kie.api.runtime.KieSession;
import org.onap.policy.common.endpoints.http.server.HttpServletServer;
import org.onap.policy.controlloop.policy.ControlLoopPolicy;
import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
+import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
+import org.onap.policy.coordination.CoordinationDirective;
import org.onap.policy.drools.system.PolicyEngine;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -78,7 +86,7 @@ public final class SupportUtil {
/**
* Load YAML.
- *
+ *
* @param testFile test file to load
* @return the Pair of a policy and the yaml contents
*/
@@ -95,6 +103,7 @@ public final class SupportUtil {
return new Pair<ControlLoopPolicy, String>((ControlLoopPolicy) obj, contents);
} catch (IOException e) {
+ logger.error("Error while loading YAML", e);
fail(e.getLocalizedMessage());
}
return null;
@@ -102,7 +111,7 @@ public final class SupportUtil {
/**
* Load the YAML guard policy.
- *
+ *
* @param testFile the test file to load
* @return return the guard object
*/
@@ -116,11 +125,70 @@ public final class SupportUtil {
Object obj = yaml.load(contents);
return (ControlLoopGuard) obj;
} catch (IOException e) {
+ logger.error("Error while loading YAML guard", e);
fail(e.getLocalizedMessage());
}
return null;
}
+ /**
+ * Insert the Xacml policy into the PDP.
+ * Achieved by configuring the properties file to load the Xacml policy and required PIP(s).
+ *
+ * @param xacmlFile the Xacml policy file's path
+ * @param propProtoDir the directory containing Xacml implementation prototypes
+ * @param propDir the directory to which the Xacml rule should be output
+ */
+ public static void insertXacmlPolicy(String xacmlFile,
+ String propProtoDir,
+ String propDir) {
+ String propName = "xacml_guard_clc";
+ String propProtoFile = propProtoDir + File.separator + propName + ".properties";
+ String propFilename = propDir + File.separator + propName + ".properties";
+
+ String addXacmlFileToRoot = "# Policies to load\n"
+ + "xacml.rootPolicies=p1\n"
+ + "p1.file=" + xacmlFile + "\n";
+
+ File propFile = new File(propFilename);
+ try (Stream<String> stream = Files.lines(Paths.get(propProtoFile));
+ PrintWriter output = new PrintWriter(propFile)) {
+ /*
+ * Remove file after test
+ */
+ propFile.deleteOnExit();
+ /*
+ * Copy the property prototype
+ */
+ stream.forEach(output::println);
+ /*
+ * Add the Xacml policy to the set of root policies
+ */
+ output.println(addXacmlFileToRoot);
+ /*
+ * Obtain PIP Engine definitions from Xacml policy
+ * and insert into property file.
+ */
+ try (BufferedReader br = new BufferedReader(new FileReader(xacmlFile))) {
+ boolean select = false;
+ for (String line; (line = br.readLine()) != null; ) {
+ if (line.contains("PIP Engine Definition")) {
+ select = true;
+ }
+ if (line.contains("-->")) {
+ select = false;
+ }
+ if (select) {
+ output.println(line);
+ }
+ }
+ }
+ } catch (Exception e) {
+ logger.error("Error when trying to create test propery file", e);
+ fail(e.getMessage());
+ }
+ }
+
public static HttpServletServer buildAaiSim() throws InterruptedException, IOException {
return org.onap.policy.simulators.Util.buildAaiSim();
}
@@ -244,7 +312,7 @@ public final class SupportUtil {
* Guard PDP-x connection Properties. No URL specified -> use embedded PDPEngine.
*/
PolicyEngine.manager.setEnvironmentProperty("prop.guard.propfile",
- "src/test/resources/xacml/xacml_guard_clc.properties");
+ "src/test/resources/properties/xacml_guard_clc.properties");
PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_USER, "python");
PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_PASS, "test");
PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_CLIENT_USER, "python");
@@ -252,7 +320,7 @@ public final class SupportUtil {
PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_ENV, "TEST");
PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_DISABLED, "false");
}
-
+
/**
* Set the operation history properties.
*/
diff --git a/controlloop/templates/template.demo.clc/src/test/resources/coordination/synthetic_control_loop_one_blocks_synthetic_control_loop_two.yaml b/controlloop/templates/template.demo.clc/src/test/resources/coordination/synthetic_control_loop_one_blocks_synthetic_control_loop_two.yaml
new file mode 100644
index 000000000..7b69c3a0c
--- /dev/null
+++ b/controlloop/templates/template.demo.clc/src/test/resources/coordination/synthetic_control_loop_one_blocks_synthetic_control_loop_two.yaml
@@ -0,0 +1,20 @@
+# Copyright 2019 AT&T Intellectual Property. All rights reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+!!org.onap.policy.coordination.CoordinationDirective
+
+controlLoop:
+- SyntheticControlLoopOne
+- SyntheticControlLoopTwo
+coordinationFunction: firstBlocksSecond \ No newline at end of file
diff --git a/controlloop/templates/template.demo.clc/src/test/resources/xacml/xacml_guard_clc.properties b/controlloop/templates/template.demo.clc/src/test/resources/properties/prototype/xacml_guard_clc.properties
index 5f5e0c8b2..edc76517a 100644
--- a/controlloop/templates/template.demo.clc/src/test/resources/xacml/xacml_guard_clc.properties
+++ b/controlloop/templates/template.demo.clc/src/test/resources/properties/prototype/xacml_guard_clc.properties
@@ -2,14 +2,14 @@
# ============LICENSE_START=======================================================
# ONAP
# ================================================================================
-# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+# Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -19,13 +19,6 @@
###
#
#
-# This files defines PIPs that will be used by XACML Guard Policies. One PIP per time window (5 min, 10min,...,1 month).
-#
-#
-#
-
-#
-# Default XACML Properties File
# Standard API Factories
#
xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory
@@ -48,18 +41,6 @@ xacml.att.policyFinderFactory=com.att.research.xacmlatt.pdp.std.StdPolicyFinderF
# the embedded PDP uses.
#
-# In case we have multiple applicable Guard policies, we will deny if any of them denies.
+# In case we have multiple applicable Guard policies, we will deny if any of them denies.
#xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-deny-overrides
xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:permit-unless-deny
-
-
-# Policies to load
-#
-xacml.rootPolicies=p1
-p1.file=src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml
-
-# PIP Engine Definition
-#
-xacml.pip.engines=getstatus
-getstatus.classname=org.onap.policy.guard.PipEngineGetStatus
-getstatus.issuer=org:onap:policy:guard:getstatus
diff --git a/controlloop/templates/template.demo.clc/src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml b/controlloop/templates/template.demo.clc/src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml
deleted file mode 100644
index f503a2b11..000000000
--- a/controlloop/templates/template.demo.clc/src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml
+++ /dev/null
@@ -1,51 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!--
- ============LICENSE_START=======================================================
- drools-applications
- ================================================================================
- Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:att:xacml:policy:id:son:guard:5" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny">
-<Description>Policy for first_blocks_second coordination (if first running and second requests to run, deny second).</Description>
-<Target>
- <AnyOf>
- <AllOf>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SyntheticControlLoopTwo</AttributeValue>
- <!-- value should be autofilled by yaml from a xacml template -->
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:clname:clname-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- </AllOf>
- </AnyOf>
-</Target>
-
-<Rule RuleId="urn:com:att:xacml:rule:id:1" Effect="Deny">
- <Description>First Is Running</Description>
- <Condition>
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
- <VariableReference VariableId="clc_status"/>
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Success</AttributeValue>
- </Apply>
- </Condition>
-</Rule>
-
-<!-- 'action_one' should be autofilled by yaml from a xacml template -->
-<VariableDefinition VariableId="clc_status">
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:research:xacml:test:sql:resource:operations:status" DataType="http://www.w3.org/2001/XMLSchema#string" Issuer="org:onap:policy:guard:getstatus:clname:SyntheticControlLoopOne" MustBePresent="false"/>
- </Apply>
-</VariableDefinition>
-</Policy>