aboutsummaryrefslogtreecommitdiffstats
path: root/controlloop/m2/guard
diff options
context:
space:
mode:
Diffstat (limited to 'controlloop/m2/guard')
-rw-r--r--controlloop/m2/guard/pom.xml132
-rw-r--r--controlloop/m2/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java155
-rw-r--r--controlloop/m2/guard/src/main/java/org/onap/policy/guard/GuardContext.java393
-rw-r--r--controlloop/m2/guard/src/main/java/org/onap/policy/guard/GuardResult.java25
-rw-r--r--controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java84
-rw-r--r--controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java71
-rw-r--r--controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java139
-rw-r--r--controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java123
-rw-r--r--controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java210
-rw-r--r--controlloop/m2/guard/src/main/java/org/onap/policy/guard/Util.java146
-rw-r--r--controlloop/m2/guard/src/main/resources/META-INF/persistence.xml43
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/CallGuardTaskTest.java78
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardContextTest.java194
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardResultTest.java42
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardUtilTest.java102
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardRequestTest.java59
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardResponseTest.java55
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardXacmlHelperTest.java150
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributesTest.java74
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardYamlToXacmlTest.java248
-rw-r--r--controlloop/m2/guard/src/test/java/org/onap/policy/guard/SupportTextFileUtils.java65
-rw-r--r--controlloop/m2/guard/src/test/resources/META-INF/persistence.xml43
-rw-r--r--controlloop/m2/guard/src/test/resources/blacklist_template.xml117
-rw-r--r--controlloop/m2/guard/src/test/resources/frequency_limiter_template.xml127
24 files changed, 0 insertions, 2875 deletions
diff --git a/controlloop/m2/guard/pom.xml b/controlloop/m2/guard/pom.xml
deleted file mode 100644
index 7a4993a40..000000000
--- a/controlloop/m2/guard/pom.xml
+++ /dev/null
@@ -1,132 +0,0 @@
-<?xml version="1.0"?>
-<!--
- ============LICENSE_START=======================================================
- ONAP Policy Engine - Drools PDP
- ================================================================================
- Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.onap.policy.drools-applications.controlloop.m2</groupId>
- <artifactId>m2</artifactId>
- <version>1.7.1-SNAPSHOT</version>
- </parent>
-
- <artifactId>guard</artifactId>
-
- <dependencies>
- <dependency>
- <groupId>org.onap.policy.drools-applications.controlloop.m2</groupId>
- <artifactId>util</artifactId>
- <version>${project.version}</version>
- </dependency>
-
- <dependency>
- <groupId>org.onap.policy.models.policy-models-interactions</groupId>
- <artifactId>model-yaml</artifactId>
- <version>${policy.models.version}</version>
- <scope>provided</scope>
- </dependency>
-
- <dependency>
- <groupId>org.onap.policy.drools-pdp</groupId>
- <artifactId>policy-core</artifactId>
- <version>${version.policy.drools-pdp}</version>
- <scope>provided</scope>
- </dependency>
-
- <dependency>
- <groupId>org.onap.policy.drools-pdp</groupId>
- <artifactId>policy-management</artifactId>
- <version>${version.policy.drools-pdp}</version>
- <scope>provided</scope>
- </dependency>
-
- <dependency>
- <groupId>org.onap.policy.models.policy-models-interactions.model-impl</groupId>
- <artifactId>guard</artifactId>
- <version>${policy.models.version}</version>
- </dependency>
-
- <dependency>
- <groupId>org.onap.policy.models</groupId>
- <artifactId>policy-models-decisions</artifactId>
- <version>${policy.models.version}</version>
- </dependency>
-
- <dependency>
- <groupId>org.onap.policy.models.policy-models-interactions.model-impl</groupId>
- <artifactId>rest</artifactId>
- <version>${policy.models.version}</version>
- </dependency>
-
- <dependency>
- <groupId>com.att.research.xacml</groupId>
- <artifactId>xacml-pdp</artifactId>
- <version>1.0.2</version>
- <exclusions>
- <!--
- Exclude jars with an older version or that are insecure and not needed.
- -->
- <exclusion>
- <artifactId>commons-codec</artifactId>
- <groupId>commons-codec</groupId>
- </exclusion>
- <exclusion>
- <artifactId>commons-logging</artifactId>
- <groupId>commons-logging</groupId>
- </exclusion>
- <exclusion>
- <artifactId>guava</artifactId>
- <groupId>com.google.guava</groupId>
- </exclusion>
- <exclusion>
- <artifactId>commons-lang3</artifactId>
- <groupId>org.apache.commons</groupId>
- </exclusion>
- <exclusion>
- <artifactId>jackson-databind</artifactId>
- <groupId>com.fasterxml.jackson.core</groupId>
- </exclusion>
- <exclusion>
- <artifactId>commons-collections</artifactId>
- <groupId>commons-collections</groupId>
- </exclusion>
- <exclusion>
- <artifactId>commons-lang</artifactId>
- <groupId>commons-lang</groupId>
- </exclusion>
- </exclusions>
- </dependency>
-
- <dependency>
- <groupId>org.onap.policy.models.policy-models-interactions</groupId>
- <artifactId>simulators</artifactId>
- <version>${policy.models.version}</version>
- <scope>test</scope>
- </dependency>
-
- <dependency>
- <groupId>com.h2database</groupId>
- <artifactId>h2</artifactId>
- <scope>test</scope>
- </dependency>
-
- </dependencies>
-</project>
diff --git a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java b/controlloop/m2/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java
deleted file mode 100644
index 0331b7aab..000000000
--- a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java
+++ /dev/null
@@ -1,155 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.util.HashSet;
-import java.util.Set;
-import java.util.UUID;
-import java.util.function.Supplier;
-import org.drools.core.WorkingMemory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class CallGuardTask implements Runnable {
-
- private static final Logger logger = LoggerFactory.getLogger(CallGuardTask.class);
-
- /**
- * Actor/recipe pairs whose guard requests need a VF Module count. Each element is of
- * the form "&lt;actor&gt;:&lt;recipe&gt;".
- */
- private static final Set<String> NEEDS_VF_COUNT = new HashSet<>();
-
- /**
- * Actor/recipe pairs whose guard requests need the VF Module count to be incremented
- * (i.e., because a module is being added). Each element is of the form
- * "&lt;actor&gt;:&lt;recipe&gt;".
- */
- private static final Set<String> INCR_VF_COUNT = new HashSet<>();
-
- static {
- INCR_VF_COUNT.add("SO:VF Module Create");
- NEEDS_VF_COUNT.addAll(INCR_VF_COUNT);
- }
-
- private WorkingMemory workingMemory;
- private String clname;
- private String actor;
- private String recipe;
- private String target;
- private String requestId;
- private Integer vfCount;
-
- /**
- * Populated once the response has been determined, which may happen during the
- * constructor or later, during {@link #run()}.
- */
- private PolicyGuardResponse guardResponse;
-
- /**
- * Guard url is grabbed from PolicyEngine manager properties.
- */
- public CallGuardTask(WorkingMemory wm, String cl, String act,
- String rec, String tar, String reqId, Supplier<Integer> vfcnt) {
- workingMemory = wm;
- clname = cl;
- actor = act;
- recipe = rec;
- requestId = reqId;
- target = tar;
-
- vfCount = null;
-
- String key = act + ":" + rec;
-
- if (NEEDS_VF_COUNT.contains(key)) {
- // this actor/recipe needs the count - get it
- if ((vfCount = vfcnt.get()) == null) {
- /*
- * The count is missing - create an artificial Deny, which will be
- * inserted into working memory when "run()" is called.
- */
- guardResponse = new PolicyGuardResponse(Util.DENY, UUID.fromString(requestId), recipe);
- logger.error("CallGuardTask.run missing VF Module count; requestId={}", requestId);
- return;
- }
-
- if (INCR_VF_COUNT.contains(key)) {
- // this actor/recipe needs the count to be incremented
- ++vfCount;
- }
- }
- }
-
- @Override
- public void run() {
- if (guardResponse != null) {
- // already have a response - just insert it
- workingMemory.insert(guardResponse);
- return;
- }
-
- final long startTime = System.nanoTime();
-
- PolicyGuardXacmlRequestAttributes xacmlReq =
- new PolicyGuardXacmlRequestAttributes(clname, actor, recipe, target, requestId, vfCount);
-
- logger.debug("\n********** XACML REQUEST START ********");
- logger.debug("{}", xacmlReq);
- logger.debug("********** XACML REQUEST END ********\n");
-
- String guardDecision = null;
-
- //
- // Make guard request
- //
- guardDecision = new PolicyGuardXacmlHelper().callPdp(xacmlReq);
-
- logger.debug("\n********** XACML RESPONSE START ********");
- logger.debug("{}", guardDecision);
- logger.debug("********** XACML RESPONSE END ********\n");
-
- //
- // Check if the restful call was unsuccessful or property doesn't exist
- //
- if (guardDecision == null) {
- logger.error("********** XACML FAILED TO CONNECT ********");
- guardDecision = Util.INDETERMINATE;
- }
-
- guardResponse = new PolicyGuardResponse(guardDecision, UUID.fromString(this.requestId), this.recipe);
-
- //
- // Create an artificial Guard response in case we didn't get a clear Permit or Deny
- //
- if ("Indeterminate".equals(guardResponse.getResult())) {
- guardResponse.setOperation(recipe);
- guardResponse.setRequestId(UUID.fromString(requestId));
- }
-
- long estimatedTime = System.nanoTime() - startTime;
- logger.debug("\n\n============ Guard inserted with decision {} !!! =========== time took: {} mili sec \n\n",
- guardResponse.getResult(), (double) estimatedTime / 1000 / 1000);
- workingMemory.insert(guardResponse);
-
- }
-
-}
diff --git a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/GuardContext.java b/controlloop/m2/guard/src/main/java/org/onap/policy/guard/GuardContext.java
deleted file mode 100644
index 75163e24e..000000000
--- a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/GuardContext.java
+++ /dev/null
@@ -1,393 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.io.ObjectStreamException;
-import java.io.Serializable;
-import java.sql.Timestamp;
-import java.time.Instant;
-import java.util.HashMap;
-import java.util.Properties;
-import java.util.UUID;
-import javax.persistence.EntityManager;
-import javax.persistence.EntityManagerFactory;
-import javax.persistence.Persistence;
-import org.drools.core.WorkingMemory;
-import org.eclipse.persistence.config.PersistenceUnitProperties;
-import org.onap.policy.drools.core.PolicyContainer;
-import org.onap.policy.drools.core.PolicySession;
-import org.onap.policy.drools.system.PolicyControllerConstants;
-import org.onap.policy.drools.system.PolicyEngineConstants;
-import org.onap.policy.util.DroolsSessionCommonSerializable;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Each instance of this class is initialized from a 'Properties' object,
- * which is most likely a '*-controller.properties' file. The expectation is
- * that it will be initialized within a '.drl' file, and be referenced by
- * the associated 'Context' object.
- */
-public class GuardContext implements Serializable {
- private static final long serialVersionUID = 1L;
-
- private static Logger logger = LoggerFactory.getLogger(GuardContext.class);
-
- // object that should be serialized
- private Object namedSerializable;
-
- /*==================================*/
- /* fields extracted from properties */
- /*==================================*/
- // contains the four database properties, 'javax.persistence.jdbc.*',
- private Properties dbProperties = null;
-
- // initialized from 'guard.disabled', but may also be set to 'true' if
- // there is an initialization error
- private boolean disabled = false;
-
- // errors that forced 'disabled' to be set to 'true'
- private String errorMessage = null;
-
- /*======================================================*/
- /* fields that shouldn't be included in serialized data */
- /*======================================================*/
-
- // derived from DB properties
- private transient EntityManagerFactory emf = null;
-
- /**
- * Constructor - initialize the 'GuardContext' instance using the
- * controller's properties file. The properties file is located using a
- * 'PolicySession' instance, but the way this mapping is done isn't
- * perfect -- it may use the wrong properties file if there is another
- * 'PolicyContainer' instance using the same 'artifactId' and 'groupId'.
- *
- * @param session the 'PolicySession' instance used to locate the associated
- * 'Properties' instance
- */
- public GuardContext(PolicySession session) {
- this(session, null);
- }
-
- /**
- * Constructor - initialize the 'GuardContext' instance using the
- * controller's properties file. The properties file is located using a
- * 'PolicySession' instance, but the way this mapping is done isn't
- * perfect -- it may use the wrong properties file if there is another
- * 'PolicyContainer' instance using the same 'artifactId' and 'groupId'.
- *
- * @param session the 'PolicySession' instance used to locate the associated
- * 'Properties' instance
- * @param serializableName a String name unique within the Drools session
- * that can be used to locate the corresponding 'GuardContext' object
- * on the remote host
- */
- public GuardContext(PolicySession session, String serializableName) {
- namedSerializable =
- (serializableName == null ? this :
- new DroolsSessionCommonSerializable(serializableName, this));
-
- // At present, there is no simple way to get the properties based
- // upon a 'PolicyContainer'. Instead, we search through all of the
- // 'PolicyController' instances looking for one with a matching
- // 'artifactId' and 'groupId'. Note that this may not work correctly
- // if there is more than one controller using the same or different
- // version of the same artifact.
-
- PolicyContainer container = session.getPolicyContainer();
- String artifactId = container.getArtifactId();
- String groupId = container.getGroupId();
-
- Properties properties =
- PolicyControllerConstants.getFactory().get(groupId, artifactId).getProperties();
- init(properties);
- }
-
- /**
- * Constructor - initialize the 'GuardContext' instance using the
- * specified properties.
- *
- * @param properties configuration data used to initialize the 'GuardContext' instance
- */
- public GuardContext(Properties properties) {
- init(properties);
- }
-
- /**
- * Common initialization routine code used by both constructors.
- *
- * @param properties configuration data used to initialize the 'GuardContext' instance
- */
- private void init(Properties properties) {
- // used to store error messages
- StringBuilder sb = new StringBuilder();
-
- // fetch these parameters, if they exist
- String disabledString =
- PolicyEngineConstants.getManager().getEnvironmentProperty(Util.PROP_GUARD_DISABLED);
-
- if (disabledString != null) {
- // decode optional 'guard.disabled' parameter
- disabled = Boolean.valueOf(disabledString);
- if (disabled) {
- // skip everything else
- return;
- }
- }
-
- // extract 'guard.java.persistence.jdbc.*' parameters,
- // which are all mandatory
- dbProperties = new Properties();
- setProperty(dbProperties, Util.ONAP_KEY_URL, PersistenceUnitProperties.JDBC_URL, sb);
- setProperty(dbProperties, Util.ONAP_KEY_USER, PersistenceUnitProperties.JDBC_USER, sb);
- setProperty(dbProperties, Util.ONAP_KEY_PASS, PersistenceUnitProperties.JDBC_PASSWORD, sb);
- String driver = properties.getProperty("guard." + PersistenceUnitProperties.JDBC_DRIVER);
- if (driver != null) {
- dbProperties.setProperty(PersistenceUnitProperties.JDBC_DRIVER, driver);
- }
- dbProperties.setProperty(Util.PROP_GUARD_PERSISTENCE_UNIT,
- properties.getProperty(Util.PROP_GUARD_PERSISTENCE_UNIT, Util.PU_KEY));
-
- // if there are any errors, update 'errorMessage' & disable guard queries
- if (sb.length() != 0) {
- // remove the terminating ", ", and extract resulting error message
- sb.setLength(sb.length() - 2);
- errorMessage = sb.toString();
- disabled = true;
- logger.error("Initialization failure: {}", errorMessage);
- }
- }
-
- /**
- * Fetch a property from the PolicyEngine environment, and store it in
- * a corresponding property in 'properties'.
- *
- * @param properties the location to store the properties
- * @param srcName source environment property name
- * @param destName destination property name
- * @param log a 'StringBuilder' used to construct an error message, if needed
- */
- private void setProperty(Properties properties, String srcName, String destName, StringBuilder log) {
- String value =
- PolicyEngineConstants.getManager().getEnvironmentProperty(srcName);
- if (value == null) {
- log.append("'").append(srcName).append("' is not defined, ");
- } else {
- properties.setProperty(destName, value);
- }
- }
-
- /**
- * Do an asynchronous (non-blocking) HTTP REST query to see if this
- * operation is permitted by 'guard'. The response is returned by
- * inserting a 'PolicyGuardResponse' instance into Drools memory.
- *
- * @param workingMemory the Drools response is inserted here
- * @param actor the processor being acted upon (e.g. "APPC")
- * @param recipe otherwise known as "operation" (e.g. "Restart")
- * @param target a further qualifier on 'actor'? (e.g. "VM")
- * @param requestId the UUID string identifying the overall request
- */
- public void asyncQuery(
- WorkingMemory workingMemory,
- String actor, String recipe, String target,
- String requestId) {
-
- asyncQuery(workingMemory, actor, recipe, target, requestId, null);
- }
-
- /**
- * Do an asynchronous (non-blocking) HTTP REST query to see if this
- * operation is permitted by 'guard'. The response is returned by
- * inserting a 'PolicyGuardResponse' instance into Drools memory.
- *
- * @param workingMemory the Drools response is inserted here
- * @param actor the processor being acted upon (e.g. "APPC")
- * @param recipe otherwise known as "operation" (e.g. "Restart")
- * @param target a further qualifier on 'actor'? (e.g. "VM")
- * @param requestId the UUID string identifying the overall request
- * @param controlLoopName the 'controlLoopName' value or 'null'
- * (if 'null', it is ommitted from the query to 'guard')
- */
- public void asyncQuery(
- final WorkingMemory workingMemory,
- final String actor, final String recipe, final String target,
- final String requestId, final String controlLoopName) {
-
- if (disabled) {
- logger.error("query skipped: {}", errorMessage);
- workingMemory.insert(
- new PolicyGuardResponse("Deny", UUID.fromString(requestId), recipe));
- return;
- }
-
- CallGuardTask cgt = new CallGuardTask(workingMemory, controlLoopName,
- actor, recipe, target, requestId, () -> null);
-
- PolicyEngineConstants.getManager().getExecutorService().execute(cgt);
- }
-
- /**
- * Create an 'EntityManagerFactory', if needed, and then create a new
- * 'EntityManager' instance.
- *
- * @return a new 'EntityManager' instance
- */
- private EntityManager createEntityManager() {
- if (emf == null) {
- // 'EntityManagerFactory' does not exist yet -- create one
-
- // copy database properties to a 'HashMap'
- HashMap<Object, Object> propertiesMap = new HashMap<>(dbProperties);
-
- // use 'ClassLoader' from Drools session
- propertiesMap.put("eclipselink.classloader",
- GuardContext.class.getClassLoader());
-
- // create DB tables, if needed
- propertiesMap.put("eclipselink.ddl-generation", "create-tables");
-
- // create entity manager factory
- String persistenceUnit = dbProperties.getProperty(Util.PROP_GUARD_PERSISTENCE_UNIT);
- emf = Persistence.createEntityManagerFactory(persistenceUnit, propertiesMap);
- }
-
- // create and return the 'EntityManager'
- return emf.createEntityManager();
- }
-
- /**
- * This is a synchronous (blocking) method, which creates a database entity
- * for an in-progress request.
- *
- * @param starttime this is used as the 'starttime' timestamp in the record
- * @param endtime this is used as the 'endtime' timestamp in the record
- * @param closedLoopControlName uniquely identifies the Drools rules
- * @param actor the processor being acted upon (e.g. "APPC")
- * @param recipe otherwise known as "operation" (e.g. "Restart")
- * @param target a further qualifier on 'actor'? (e.g. "VM")
- * @param requestId the UUID string identifying the overall request
- * @param subRequestId further qualifier on 'requestId'
- * @param message indicates success status, or reason for failure
- * @param outcome 'PolicyResult' enumeration string
- * @return 'true' if the operation was successful, and 'false' if not
- */
- public boolean createDbEntry(
- Instant starttime, Instant endtime, String closedLoopControlName,
- String actor, String recipe, String target,
- String requestId, String subRequestId, String message, String outcome) {
-
- if (disabled) {
- if (errorMessage != null) {
- logger.error("Database update skipped: {}", errorMessage);
- }
- return false;
- }
-
- EntityManager em = null;
- boolean rval = false;
-
- try {
- em = createEntityManager();
-
- // create the new DB table entry
- OperationsHistory newEntry = new OperationsHistory();
-
- // populate the new DB table entry
- newEntry.setClosedLoopName(closedLoopControlName);
- newEntry.setRequestId(requestId);
- newEntry.setActor(actor);
- newEntry.setOperation(recipe);
- newEntry.setTarget(target);
- newEntry.setStarttime(new Timestamp(starttime.toEpochMilli()));
- newEntry.setSubrequestId(subRequestId);
-
- newEntry.setEndtime(new Timestamp(endtime.toEpochMilli()));
- newEntry.setMessage(message);
- newEntry.setOutcome(outcome);
-
- // store the new entry in the DB
- em.getTransaction().begin();
- em.persist(newEntry);
- em.getTransaction().commit();
-
- rval = true;
- } finally {
- // free EntityManager
- if (em != null) {
- em.close();
- }
- }
- return rval;
- }
-
- /**
- * This is an asynchronous (non-blocking) method, which creates a database
- * entity for an in-progress request.
- *
- * @param starttime this is used as the 'starttime' timestamp in the record
- * @param endtime this is used as the 'endtime' timestamp in the record
- * @param closedLoopControlName uniquely identifies the Drools rules
- * @param actor the processor being acted upon (e.g. "APPC")
- * @param recipe otherwise known as "operation" (e.g. "Restart")
- * @param target a further qualifier on 'actor'? (e.g. "VM")
- * @param requestId the UUID string identifying the overall request
- * @param subRequestId further qualifier on 'requestId'
- * @param message indicates success status, or reason for failure
- * @param outcome 'PolicyResult' enumeration string
- */
- public void asyncCreateDbEntry(
- final Instant starttime, final Instant endtime,
- final String closedLoopControlName,
- final String actor, final String recipe, final String target,
- final String requestId, final String subRequestId,
- final String message, final String outcome) {
- if (disabled) {
- if (errorMessage != null) {
- logger.error("Database update skipped: {}", errorMessage);
- }
- return;
- }
-
- PolicyEngineConstants.getManager().getExecutorService().execute(() -> {
- try {
- // using a separate thread, call the synchronous 'createDbEntry'
- // method
- createDbEntry(starttime, endtime, closedLoopControlName,
- actor, recipe, target, requestId, subRequestId,
- message, outcome);
- } catch (Exception e) {
- logger.error("GuardContext.asyncCreateDbEntry", e);
- }
- });
- }
-
- /**
- * This method is used as part of serialization -- 'namedSerializable'
- * is serialized instead of 'this'.
- *
- * @return the object to be serialized
- */
- private Object writeReplace() throws ObjectStreamException {
- return namedSerializable;
- }
-}
diff --git a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/GuardResult.java b/controlloop/m2/guard/src/main/java/org/onap/policy/guard/GuardResult.java
deleted file mode 100644
index 6b11c1afa..000000000
--- a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/GuardResult.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-public enum GuardResult {
- LOCK_ACQUIRED, LOCK_DENIED, LOCK_EXCEPTION;
-}
diff --git a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java b/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java
deleted file mode 100644
index 8887e00b7..000000000
--- a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.util.UUID;
-
-public class PolicyGuardRequest {
- private String actor;
- private String target;
- private UUID requestId;
- private String operation;
-
- /**
- * Construct an instance.
- *
- * @param actor the actor
- * @param target the target
- * @param requestId the request Id
- * @param operation the operation
- */
- public PolicyGuardRequest(String actor, String target, UUID requestId, String operation) {
- super();
- this.actor = actor;
- this.target = target;
- this.requestId = requestId;
- this.operation = operation;
- }
-
- @Override
- public String toString() {
- return "PolicyGuardRequest [actor=" + actor + ", target=" + target + ", requestId=" + requestId + ", operation="
- + operation + "]";
- }
-
- public String getActor() {
- return actor;
- }
-
- public void setActor(String actor) {
- this.actor = actor;
- }
-
- public String getTarget() {
- return target;
- }
-
- public void setTarget(String target) {
- this.target = target;
- }
-
- public UUID getRequestId() {
- return requestId;
- }
-
- public void setRequestId(UUID requestId) {
- this.requestId = requestId;
- }
-
- public String getOperation() {
- return operation;
- }
-
- public void setOperation(String operation) {
- this.operation = operation;
- }
-}
diff --git a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java b/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java
deleted file mode 100644
index 574c50b79..000000000
--- a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.util.UUID;
-
-public class PolicyGuardResponse {
- private UUID requestId;
- private String operation;
- private String result;
-
- /**
- * Create an instance.
- *
- * @param result the result
- * @param req the request Id
- * @param op the operation
- */
- public PolicyGuardResponse(String result, UUID req, String op) {
- this.result = result;
- this.requestId = req;
- this.operation = op;
- }
-
- @Override
- public String toString() {
- return "PolicyGuardResponse [requestId=" + requestId + ", operation=" + operation + ", result=" + result + "]";
- }
-
- public UUID getRequestId() {
- return requestId;
- }
-
- public void setRequestId(UUID requestId) {
- this.requestId = requestId;
- }
-
- public String getResult() {
- return result;
- }
-
- public void setResult(String result) {
- this.result = result;
- }
-
- public String getOperation() {
- return operation;
- }
-
- public void setOperation(String operation) {
- this.operation = operation;
- }
-}
diff --git a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java b/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java
deleted file mode 100644
index d9ace1d83..000000000
--- a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * ONAP
- * ================================================================================
- * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved.
- * Modifications Copyright (C) 2019 Samsung Electronics Co., Ltd.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-import org.apache.commons.lang3.tuple.Pair;
-import org.onap.policy.common.endpoints.event.comm.Topic.CommInfrastructure;
-import org.onap.policy.common.endpoints.utils.NetLoggerUtil;
-import org.onap.policy.common.endpoints.utils.NetLoggerUtil.EventType;
-import org.onap.policy.common.utils.coder.CoderException;
-import org.onap.policy.common.utils.coder.StandardCoder;
-import org.onap.policy.drools.system.PolicyEngineConstants;
-import org.onap.policy.models.decisions.concepts.DecisionRequest;
-import org.onap.policy.models.decisions.concepts.DecisionResponse;
-import org.onap.policy.rest.RestManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-
-public class PolicyGuardXacmlHelper {
- private static final Logger logger = LoggerFactory.getLogger(PolicyGuardXacmlHelper.class);
-
- private String url;
- private String user;
- private String pwd;
-
- /**
- * Constructor.
- */
- public PolicyGuardXacmlHelper() {
- this.url = PolicyEngineConstants.getManager().getEnvironmentProperty("guard.url");
- this.user = PolicyEngineConstants.getManager().getEnvironmentProperty("pdpx.username");
- this.pwd = PolicyEngineConstants.getManager().getEnvironmentProperty("pdpx.password");
- }
-
- /**
- * Call PDP.
- *
- * @param xacmlReq the XACML request
- * @return the response
- */
- public String callPdp(PolicyGuardXacmlRequestAttributes xacmlReq) {
- //
- // Create a request suitable for API
- //
- DecisionRequest decisionRequest = new DecisionRequest();
- decisionRequest.setOnapName("Policy");
- decisionRequest.setOnapComponent("Drools PDP");
- decisionRequest.setOnapInstance("usecase template");
- decisionRequest.setRequestId(UUID.randomUUID().toString());
- decisionRequest.setAction("guard");
- Map<String, String> guard = new HashMap<>();
- guard.put("actor", xacmlReq.getActorId());
- guard.put("operation", xacmlReq.getOperationId());
- guard.put("target", xacmlReq.getTargetId());
- if (xacmlReq.getClnameId() != null) {
- guard.put("clname", xacmlReq.getClnameId());
- }
- if (xacmlReq.getVfCount() != null) {
- guard.put("vfCount", Integer.toString(xacmlReq.getVfCount()));
- }
- Map<String, Object> resources = new HashMap<>();
- resources.put("guard", guard);
- decisionRequest.setResource(resources);
-
- try {
- //
- // Call RESTful PDP
- //
- NetLoggerUtil.log(EventType.OUT, CommInfrastructure.REST, this.url, decisionRequest.toString());
- String response = callRestfulPdp(decisionRequest);
- NetLoggerUtil.log(EventType.IN, CommInfrastructure.REST, this.url, response);
-
- return response;
- } catch (Exception e) {
- logger.error("Exception in sending RESTful request: ", e);
- }
-
- return Util.DENY;
- }
-
- /**
- * This makes an HTTP POST call to a running PDP RESTful servlet to get a decision.
- *
- * @param decisionRequest The Decision request
- * @return response from guard which contains "Permit" or "Deny"
- * @throws CoderException Exception when converting to/from JSON the message body
- */
- private String callRestfulPdp(DecisionRequest decisionRequest) throws CoderException {
- StandardCoder coder = new StandardCoder();
-
- String jsonBody = coder.encode(decisionRequest);
- RestManager restManager = new RestManager();
-
- Map<String, String> headers = new HashMap<>();
- headers.put("Accepts", "application/json");
-
- logger.info("Guard Decision Request: {}", jsonBody);
-
- Pair<Integer, String> httpDetails = restManager.post(url, user, pwd, headers, "application/json", jsonBody);
-
- if (httpDetails == null) {
- logger.error("Guard rest call returned a null pair - defaulting to DENY");
- return Util.DENY;
- }
-
- logger.info("Guard Decision REST Response {} {}", httpDetails.getLeft(), httpDetails.getRight());
-
- if (httpDetails.getLeft() == 200) {
- DecisionResponse decision = coder.decode(httpDetails.getRight(), DecisionResponse.class);
- logger.info("Guard Decision {}", decision);
- return decision.getStatus();
- }
-
- return Util.DENY;
- }
-
-}
diff --git a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java b/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java
deleted file mode 100644
index c888f94c1..000000000
--- a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import com.att.research.xacml.std.annotations.XACMLAction;
-import com.att.research.xacml.std.annotations.XACMLRequest;
-import com.att.research.xacml.std.annotations.XACMLResource;
-import com.att.research.xacml.std.annotations.XACMLSubject;
-
-@XACMLRequest(ReturnPolicyIdList = true, CombinedDecision = true)
-public class PolicyGuardXacmlRequestAttributes {
-
- @XACMLSubject(includeInResults = true, attributeId = "urn:org:onap:guard:clname:clname-id")
- String clnameId;
-
- @XACMLSubject(includeInResults = true, attributeId = "urn:org:onap:guard:actor:actor-id")
- String actorId;
-
- @XACMLAction(includeInResults = true, attributeId = "urn:org:onap:guard:operation:operation-id")
- String operationId;
-
- @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:target:target-id")
- String targetId;
-
- @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:request:request-id")
- String requestId;
-
- @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:request:vf-count")
- Integer vfCount;
-
- /**
- * Construct an instance.
- *
- * @param clnameId the control loop Id
- * @param actorId the actor Id
- * @param operationId the operation Id
- * @param targetId the target Id
- * @param requestId the request Id
- * @param vfCount the new number of VF Modules
- */
- public PolicyGuardXacmlRequestAttributes(String clnameId, String actorId, String operationId, String targetId,
- String requestId, Integer vfCount) {
- super();
- this.clnameId = clnameId;
- this.actorId = actorId;
- this.operationId = operationId;
- this.targetId = targetId;
- this.requestId = requestId;
- this.vfCount = vfCount;
- }
-
- @Override
- public String toString() {
- return "PolicyGuardXacmlRequestAttributes [actorId=" + actorId + ", operationId=" + operationId + ", targetId="
- + targetId + ", requestId=" + requestId + "]";
- }
-
- public String getActorId() {
- return actorId;
- }
-
- public void setActorId(String actorId) {
- this.actorId = actorId;
- }
-
- public String getOperationId() {
- return operationId;
- }
-
- public void setOperationId(String operationId) {
- this.operationId = operationId;
- }
-
- public String getTargetId() {
- return targetId;
- }
-
- public void setTargetId(String targetId) {
- this.targetId = targetId;
- }
-
- public String getRequestId() {
- return requestId;
- }
-
- public void setRequestId(String requestId) {
- this.requestId = requestId;
- }
-
- public String getClnameId() {
- return clnameId;
- }
-
- public void setClnameId(String clnameId) {
- this.clnameId = clnameId;
- }
-
- public Integer getVfCount() {
- return vfCount;
- }
-
- public void setVfCount(Integer vfCount) {
- this.vfCount = vfCount;
- }
-}
diff --git a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java b/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java
deleted file mode 100644
index 60ccce05d..000000000
--- a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java
+++ /dev/null
@@ -1,210 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017, 2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.io.IOException;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.List;
-import java.util.function.Consumer;
-import org.onap.policy.controlloop.policy.guard.Constraint;
-import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
-import org.onap.policy.controlloop.policy.guard.GuardPolicy;
-import org.onap.policy.controlloop.policy.guard.MatchParameters;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class PolicyGuardYamlToXacml {
- private static final Logger logger = LoggerFactory.getLogger(PolicyGuardYamlToXacml.class);
-
- private PolicyGuardYamlToXacml() {
- // Construction of this static class is not allowed
- }
-
- /**
- * Convert from Yaml to Xacml.
- *
- * @param yamlFile the Yaml file
- * @param xacmlTemplate the Xacml template
- * @param xacmlPolicyOutput the Xacml output
- */
- public static void fromYamlToXacml(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput) {
- fromYamlToXacml(yamlFile, xacmlTemplate, xacmlPolicyOutput, PolicyGuardYamlToXacml::generateXacmlGuard,
- constraint -> {
- logger.debug("num: {}", constraint.getFreq_limit_per_target());
- logger.debug("duration: {}", constraint.getTime_window());
- logger.debug("time_in_range: {}", constraint.getActive_time_range());
- });
- }
-
- /**
- * Convert from Yaml to Xacml.
- *
- * @param yamlFile the Yaml file
- * @param xacmlTemplate the Xacml template
- * @param xacmlPolicyOutput the Xacml output
- * @param generator function to generate the yaml from the xacml
- * @param logConstraint function to log relevant fields of the constraint
- */
- public static void fromYamlToXacml(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput,
- Generator generator, Consumer<Constraint> logConstraint) {
-
- ControlLoopGuard yamlGuardObject = Util.loadYamlGuard(yamlFile);
- GuardPolicy guardPolicy = yamlGuardObject.getGuards().get(0);
- logger.debug("clname: {}", guardPolicy.getMatch_parameters().getControlLoopName());
- logger.debug("actor: {}", guardPolicy.getMatch_parameters().getActor());
- logger.debug("recipe: {}", guardPolicy.getMatch_parameters().getRecipe());
- Constraint constraint = guardPolicy.getLimit_constraints().get(0);
- logConstraint.accept(constraint);
-
- Path xacmlTemplatePath = Paths.get(xacmlTemplate);
- String xacmlTemplateContent;
-
- try {
- xacmlTemplateContent = new String(Files.readAllBytes(xacmlTemplatePath));
-
- String xacmlPolicyContent = generator.apply(xacmlTemplateContent,
- guardPolicy.getMatch_parameters(), constraint);
-
- Files.write(Paths.get(xacmlPolicyOutput), xacmlPolicyContent.getBytes());
-
- } catch (IOException e) {
- logger.error("fromYamlToXacml threw: ", e);
- }
- }
-
- /**
- * Generate a Xacml guard.
- *
- * @param xacmlTemplateContent the Xacml template content
- * @param matchParameters the paremeters to use
- * @param constraint the constraint to use
- * @return the guard
- */
- private static String generateXacmlGuard(String xacmlTemplateContent, MatchParameters matchParameters,
- Constraint constraint) {
-
- xacmlTemplateContent = doCommonReplacements(xacmlTemplateContent, matchParameters, constraint);
-
- String targetsRegex = "";
- if (isNullOrEmptyList(matchParameters.getTargets())) {
- targetsRegex = ".*";
- } else {
- StringBuilder targetsRegexSb = new StringBuilder();
- boolean addBarChar = false;
- for (String t : matchParameters.getTargets()) {
- targetsRegexSb.append(t);
- if (addBarChar) {
- targetsRegexSb.append("|");
- } else {
- addBarChar = true;
- }
- }
- targetsRegex = targetsRegexSb.toString();
- }
- xacmlTemplateContent = xacmlTemplateContent.replace("${targets}", targetsRegex);
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${limit}",
- constraint.getFreq_limit_per_target().toString());
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${twValue}", constraint.getTime_window().get("value"));
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${twUnits}", constraint.getTime_window().get("units"));
-
- logger.debug(xacmlTemplateContent);
-
- return xacmlTemplateContent;
- }
-
- private static String doCommonReplacements(String xacmlTemplateContent, MatchParameters matchParameters,
- Constraint constraint) {
-
- replaceNullOrEmpty(matchParameters.getControlLoopName(), matchParameters::setControlLoopName, ".*");
- xacmlTemplateContent = xacmlTemplateContent.replace("${clname}", matchParameters.getControlLoopName());
-
- replaceNullOrEmpty(matchParameters.getActor(), matchParameters::setActor, ".*");
- xacmlTemplateContent = xacmlTemplateContent.replace("${actor}", matchParameters.getActor());
-
- replaceNullOrEmpty(matchParameters.getRecipe(), matchParameters::setRecipe, ".*");
- xacmlTemplateContent = xacmlTemplateContent.replace("${recipe}", matchParameters.getRecipe());
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${guardActiveStart}",
- constraint.getActive_time_range().get("start"));
-
- xacmlTemplateContent = xacmlTemplateContent.replace("${guardActiveEnd}",
- constraint.getActive_time_range().get("end"));
-
- return xacmlTemplateContent;
- }
-
- private static void replaceNullOrEmpty(String text, Consumer<String> replacer, String newValue) {
- if (isNullOrEmpty(text)) {
- replacer.accept(newValue);
- }
- }
-
- public static boolean isNullOrEmpty(String string) {
- return string == null || string.trim().isEmpty();
- }
-
- public static boolean isNullOrEmptyList(List<String> list) {
- return list == null || list.isEmpty();
- }
-
- /**
- * Convert from Yaml to Xacml blacklist.
- *
- * @param yamlFile the Yaml file
- * @param xacmlTemplate the Xacml template
- * @param xacmlPolicyOutput the Xacml output
- */
- public static void fromYamlToXacmlBlacklist(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput) {
- fromYamlToXacml(yamlFile, xacmlTemplate, xacmlPolicyOutput, PolicyGuardYamlToXacml::generateXacmlGuardBlacklist,
- constraint -> {
- logger.debug("freq_limit_per_target: {}", constraint.getFreq_limit_per_target());
- logger.debug("time_window: {}", constraint.getTime_window());
- logger.debug("active_time_range: {}", constraint.getActive_time_range());
- });
- }
-
- private static String generateXacmlGuardBlacklist(String xacmlTemplateContent, MatchParameters matchParameters,
- Constraint constraint) {
-
- String result = doCommonReplacements(xacmlTemplateContent, matchParameters, constraint);
-
- for (String target : constraint.getBlacklist()) {
- result = result.replace("${blackListElement}",
- "<AttributeValue DataType=\"http://www.w3.org/2001/XMLSchema#string\">" + target
- + "</AttributeValue>" + "\n\t\t\t\t\t\t\\${blackListElement}\n");
- }
-
- result = result.replace("\t\t\t\t\t\t\\${blackListElement}\n", "");
-
- return result;
- }
-
- @FunctionalInterface
- private static interface Generator {
- public String apply(String xacmlTemplateContent, MatchParameters matchParameters,
- Constraint constraint);
- }
-}
diff --git a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/Util.java b/controlloop/m2/guard/src/main/java/org/onap/policy/guard/Util.java
deleted file mode 100644
index d1eed1bb4..000000000
--- a/controlloop/m2/guard/src/main/java/org/onap/policy/guard/Util.java
+++ /dev/null
@@ -1,146 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.charset.StandardCharsets;
-import org.apache.commons.io.IOUtils;
-import org.onap.policy.controlloop.policy.ControlLoopPolicy;
-import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
-import org.onap.policy.drools.system.PolicyEngineConstants;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.yaml.snakeyaml.Yaml;
-import org.yaml.snakeyaml.constructor.Constructor;
-
-public final class Util {
- /*
- * Keys for guard properties
- */
- public static final String PROP_GUARD_URL = "guard.url";
- public static final String PROP_GUARD_USER = "pdpx.username";
- public static final String PROP_GUARD_PASS = "pdpx.password";
- public static final String PROP_GUARD_DISABLED = "guard.disabled";
- public static final String PROP_GUARD_PERSISTENCE_UNIT = "guard.persistenceUnit";
-
- /*
- * Keys for ONAP properties
- */
- public static final String ONAP_KEY_URL = "guard.jdbc.url";
- public static final String ONAP_KEY_USER = "sql.db.username";
- public static final String ONAP_KEY_PASS = "sql.db.password";
-
- /*
- * Guard responses
- */
- public static final String INDETERMINATE = "Indeterminate";
- public static final String PERMIT = "Permit";
- public static final String DENY = "Deny";
-
- /*
- * Junit props
- */
- protected static final String PU_KEY = "OperationsHistoryPU";
- protected static final String JUNITPU = "OperationsHistoryPUTest";
-
- private static final Logger logger = LoggerFactory.getLogger(Util.class);
-
- public static class Pair<A, B> {
- public final A parameterA;
- public final B parameterB;
-
- public Pair(A parameterA, B parameterB) {
- this.parameterA = parameterA;
- this.parameterB = parameterB;
- }
- }
-
- private Util() {
- // This static class cannot be instantiated
- }
-
- /**
- * Load a Yaml file.
- *
- * @param testFile the Yaml file
- * @return the policies
- */
- public static Pair<ControlLoopPolicy, String> loadYaml(String testFile) {
- try (InputStream is = new FileInputStream(new File(testFile))) {
- String contents = IOUtils.toString(is, StandardCharsets.UTF_8);
- //
- // Read the yaml into our Java Object
- //
- Yaml yaml = new Yaml(new Constructor(ControlLoopPolicy.class));
- Object obj = yaml.load(contents);
-
- logger.debug(contents);
-
- return new Pair<>((ControlLoopPolicy) obj, contents);
- } catch (IOException e) {
- logger.error(e.getLocalizedMessage(), e);
- }
- return null;
- }
-
- /**
- * Load a Yaml guard.
- *
- * @param testFile the Yaml file
- * @return the guard
- */
- public static ControlLoopGuard loadYamlGuard(String testFile) {
- try (InputStream is = new FileInputStream(new File(testFile))) {
- String contents = IOUtils.toString(is, StandardCharsets.UTF_8);
- //
- // Read the yaml into our Java Object
- //
- Yaml yaml = new Yaml(new Constructor(ControlLoopGuard.class));
- Object obj = yaml.load(contents);
- return (ControlLoopGuard) obj;
- } catch (IOException e) {
- logger.error(e.getLocalizedMessage(), e);
- }
- return null;
- }
-
- /**
- * Sets Guard Properties.
- *
- * <p>see /guard/src/test/java/org/onap/policy/guard/UtilTest.java for setting test properties
- */
- public static void setGuardEnvProps(String url, String username, String password) {
- PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_URL, url);
- PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_USER, username);
- PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_PASS, password);
- }
-
- public static void setGuardEnvProp(String key, String value) {
- PolicyEngineConstants.getManager().setEnvironmentProperty(key, value);
- }
-
- public static String getGuardProp(String propName) {
- return PolicyEngineConstants.getManager().getEnvironmentProperty(propName);
- }
-}
diff --git a/controlloop/m2/guard/src/main/resources/META-INF/persistence.xml b/controlloop/m2/guard/src/main/resources/META-INF/persistence.xml
deleted file mode 100644
index cf7e28190..000000000
--- a/controlloop/m2/guard/src/main/resources/META-INF/persistence.xml
+++ /dev/null
@@ -1,43 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<!--
- ============LICENSE_START=======================================================
- drools-applications
- ================================================================================
- Copyright (C) 2018-2020 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-<persistence xmlns="http://java.sun.com/xml/ns/persistence"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/persistence
- http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd" version="1.0">
-
- <persistence-unit name="OperationsHistoryPU" transaction-type="RESOURCE_LOCAL">
- <provider>org.eclipse.persistence.jpa.PersistenceProvider</provider>
-
- <class>org.onap.policy.guard.OperationsHistory</class>
-
- <properties>
- <property name="eclipselink.ddl-generation" value="create-tables"/>
- <property name="eclipselink.logging.level" value="INFO" />
- <property name="javax.persistence.jdbc.driver" value="org.mariadb.jdbc.Driver" />
- <property name="javax.persistence.jdbc.url" value="jdbc:mariadb://mariadb:3306/operationshistory"/>
- <property name="javax.persistence.jdbc.user" value="policy_user"/>
- <property name="javax.persistence.jdbc.password" value="cG9saWN5X3VzZXI="/>
- <property name="javax.persistence.schema-generation.database.action" value="drop-and-create"/>
- <property name="javax.persistence.schema-generation.create-source" value="metadata"/>
- </properties>
- </persistence-unit>
-
-</persistence>
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/CallGuardTaskTest.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/CallGuardTaskTest.java
deleted file mode 100644
index 3a647b130..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/CallGuardTaskTest.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import static org.mockito.ArgumentMatchers.argThat;
-import static org.mockito.ArgumentMatchers.isNotNull;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
-import java.util.function.Supplier;
-import org.drools.core.WorkingMemory;
-import org.junit.Test;
-
-public class CallGuardTaskTest {
-
- private static final String REQ_ID = "1-2-3-4-5";
- private static final String REQ_MATCHER = "0+1-0+2-0+3-0+4-0+5";
- private static final String VF_COUNT_ACTOR = "SO";
- private static final String INCR_VF_COUNT_RECIPE = "VF Module Create";
-
- /**
- * Tests that "run" works, and inserts guard response into working memory.
- */
- @Test
- public void testRun() {
- // plain - doesn't need VF module count
- //doTestRun(Util.INDETERMINATE, "act", "rec", () -> null);
-
- // SO actor, but plain recipe - doesn't need VF module count
- //doTestRun(Util.INDETERMINATE, VF_COUNT_ACTOR, "rec", () -> null);
-
- // plain actor, but scale-out recipe - doesn't need VF module count
- //doTestRun(Util.INDETERMINATE, "act", "VF Module Create", () -> null);
-
- // needs VF count
- //doTestRun(Util.INDETERMINATE, VF_COUNT_ACTOR, INCR_VF_COUNT_RECIPE, () -> 22);
-
- // needs VF count, but it's missing ==> DENY
- doTestRun(Util.DENY, VF_COUNT_ACTOR, INCR_VF_COUNT_RECIPE, () -> null);
- }
-
- private void doTestRun(String status, String actor, String recipe, Supplier<Integer> vfCount) {
- WorkingMemory mockWorkingSession = mock(WorkingMemory.class);
- when(mockWorkingSession.insert(isNotNull())).thenReturn(null);
- // Create CallGuardTask and run
- CallGuardTask cgt = new CallGuardTask(mockWorkingSession, "cl", actor, recipe, "tar", REQ_ID, vfCount);
- cgt.run();
- verify(mockWorkingSession).insert(argThat((Object obj) -> {
- if (!(obj instanceof PolicyGuardResponse)) {
- return false;
- }
- // Check if the inserted response is PolicyGuardResponse, is Indeterminate,
- // and has same reqID
- PolicyGuardResponse response = (PolicyGuardResponse) obj;
- // req ID has form 00000001-0002-0003-0004-000000000005
- return status.equals(response.getResult()) && response.getRequestId().toString().matches(REQ_MATCHER);
- }));
- }
-}
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardContextTest.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardContextTest.java
deleted file mode 100644
index 1b375cf21..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardContextTest.java
+++ /dev/null
@@ -1,194 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
-import static org.mockito.ArgumentMatchers.isNotNull;
-import static org.mockito.Mockito.atLeast;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
-import java.io.IOException;
-import java.time.Instant;
-import java.util.Properties;
-import java.util.UUID;
-import java.util.concurrent.LinkedBlockingQueue;
-import java.util.concurrent.TimeUnit;
-import org.drools.core.WorkingMemory;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.mockito.Mockito;
-import org.onap.policy.drools.core.PolicyContainer;
-import org.onap.policy.drools.core.PolicySession;
-import org.onap.policy.drools.system.PolicyEngineConstants;
-
-public class GuardContextTest {
-
- private static Properties prop;
- private static GuardContext guardContext;
- private static WorkingMemory workingMemory;
- private static LinkedBlockingQueue<Object> queue = new LinkedBlockingQueue<>();
-
- /**
- * Class-level initialization.
- */
- @BeforeClass
- public static void setup() throws IOException {
- PolicyEngineConstants.getManager().configure(new Properties());
- PolicyEngineConstants.getManager().start();
-
- prop = new Properties();
- prop.setProperty("guard.pdp.rest.url", "http://www.google.com/");
- prop.setProperty("guard.pdp.rest.client.user", "testuser");
- prop.setProperty("guard.pdp.rest.client.password", "testpassword");
- prop.setProperty("guard.pdp.rest.timeout", "1000");
- prop.setProperty("guard.pdp.rest.environment", "dev");
-
- workingMemory = mock(WorkingMemory.class);
- when(workingMemory.insert(isNotNull())).thenAnswer(
- invocation -> {
- queue.add(invocation.getArgument(0));
- return null;
- });
- }
-
- @AfterClass
- public static void stop() {
- PolicyEngineConstants.getManager().stop();
- }
-
- @Test
- public void testGuardDbResponse() throws InterruptedException {
- Properties props = new Properties(prop);
- props.setProperty(Util.PROP_GUARD_PERSISTENCE_UNIT, Util.JUNITPU);
- props.setProperty("guard.disabled", "false");
- props.setProperty("guard.javax.persistence.jdbc.user", "user");
- props.setProperty("guard.javax.persistence.jdbc.password", "secret");
- props.setProperty("guard.javax.persistence.jdbc.driver", "org.h2.Driver");
- props.setProperty("guard.javax.persistence.jdbc.url", "jdbc:h2:mem:testGuardDbResponse");
-
- guardContext = new GuardContext(props);
- assertNotNull(guardContext);
-
- guardContext.asyncCreateDbEntry(Instant.now().minusSeconds(1), Instant.now(),
- "testCLName", "testActor", "testRecipe", "testTarget",
- UUID.randomUUID().toString(), "1", "testMessage", "testOutcome");
-
- queue.clear();
- guardContext.asyncQuery(workingMemory, "testActor", "testRecipe",
- "testTarget", UUID.randomUUID().toString(), "testCLName");
- Object response = queue.poll(10, TimeUnit.SECONDS);
- assertNotNull(response);
- }
-
- @Test
- public void testBadValues() throws InterruptedException {
- Properties props = new Properties(prop);
- props.setProperty("guard.disabled", "true");
- props.setProperty("guard.pdp.rest.client.user", "");
- props.setProperty("guard.pdp.rest.client.password", "");
- props.setProperty("guard.pdp.rest.url", "bad,testuser,testpassword");
-
- guardContext = new GuardContext(props);
-
- guardContext.asyncCreateDbEntry(Instant.now().minusSeconds(1), Instant.now(),
- "testCLName", "testActor", "testRecipe", "testTarget",
- UUID.randomUUID().toString(), "1", "testMessage", "testOutcome");
-
- queue.clear();
- guardContext.asyncQuery(workingMemory, "testActor", "testRecipe",
- "testTarget", UUID.randomUUID().toString());
- Object response = queue.poll(10, TimeUnit.SECONDS);
- assertNotNull(response);
- }
-
- @Test
- public void testPolicyGuardResponse() {
- UUID requestId = UUID.randomUUID();
- PolicyGuardResponse emptyResponse1 = new PolicyGuardResponse(null, null, null);
-
- assertNotNull(emptyResponse1);
-
- PolicyGuardResponse response = new PolicyGuardResponse("Some Result", requestId, "Some Details");
-
- response.setRequestId(requestId);
- assertEquals(requestId, response.getRequestId());
-
- response.setResult("Some Result");
- assertEquals("Some Result", response.getResult());
-
- assertEquals("PolicyGuardResponse [requestId=", response.toString().substring(0, 31));
- }
-
- @Test
- public void testConstructors() {
- PolicySession mockPolicySession = Mockito.mock(PolicySession.class);
- PolicyContainer mockPolicyContainer = Mockito.mock(PolicyContainer.class);
-
- when(mockPolicySession.getPolicyContainer()).thenReturn(mockPolicyContainer);
- when(mockPolicyContainer.getArtifactId()).thenReturn("testArtifactId");
- when(mockPolicyContainer.getGroupId()).thenReturn("testGroupId");
-
- assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> {
- guardContext = new GuardContext(mockPolicySession);
- });
-
- assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> {
- guardContext = new GuardContext(mockPolicySession, "testSerializableName");
- });
-
- verify(mockPolicySession, atLeast(1)).getPolicyContainer();
- verify(mockPolicyContainer, atLeast(1)).getArtifactId();
- verify(mockPolicyContainer, atLeast(1)).getGroupId();
- }
-
- @Test
- public void testCreateDbEntry() {
- Properties props = new Properties();
- props.setProperty(Util.PROP_GUARD_PERSISTENCE_UNIT, Util.JUNITPU);
- Instant startTime = Instant.now();
- Instant endTime = Instant.now();
-
- guardContext = new GuardContext(props);
- assertFalse(guardContext.createDbEntry(startTime, endTime, "testClosedLoopControlName", "testActor",
- "testRecipe", "testTarget", "testRequestId", "testSubRequestId", "testMessage", "testOutcome"));
-
- PolicyEngineConstants.getManager().setEnvironmentProperty("guard.disabled", "true");
- assertFalse(guardContext.createDbEntry(startTime, endTime, "testClosedLoopControlName", "testActor",
- "testRecipe", "testTarget", "testRequestId", "testSubRequestId", "testMessage", "testOutcome"));
-
- PolicyEngineConstants.getManager().setEnvironmentProperty("guard.disabled", "");
- PolicyEngineConstants.getManager().setEnvironmentProperty("guard.jdbc.url", "jdbc:h2:mem:testCreateDbEntry");
- PolicyEngineConstants.getManager().setEnvironmentProperty("sql.db.username", "user");
- PolicyEngineConstants.getManager().setEnvironmentProperty("sql.db.password", "secret");
- guardContext = new GuardContext(props);
- assertTrue(guardContext.createDbEntry(startTime, endTime, "testClosedLoopControlName", "testActor",
- "testRecipe", "testTarget", "testRequestId", "testSubRequestId", "testMessage", "testOutcome"));
-
- PolicyEngineConstants.getManager().setEnvironmentProperty("guard.disabled", "");
- }
-}
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardResultTest.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardResultTest.java
deleted file mode 100644
index 6fe0f2b50..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardResultTest.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2018 Ericsson. All rights reserved.
- * Modifications Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-
-import org.junit.Test;
-
-public class GuardResultTest {
-
- @Test
- public void testGuardResult() {
- assertEquals(3, GuardResult.values().length);
- assertNotNull(GuardResult.LOCK_ACQUIRED);
- assertNotNull(GuardResult.LOCK_DENIED);
- assertNotNull(GuardResult.LOCK_EXCEPTION);
-
- assertEquals(GuardResult.LOCK_ACQUIRED, GuardResult.valueOf("LOCK_ACQUIRED"));
- assertEquals(GuardResult.LOCK_DENIED, GuardResult.valueOf("LOCK_DENIED"));
- assertEquals(GuardResult.LOCK_EXCEPTION, GuardResult.valueOf("LOCK_EXCEPTION"));
- }
-}
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardUtilTest.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardUtilTest.java
deleted file mode 100644
index e17207634..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/GuardUtilTest.java
+++ /dev/null
@@ -1,102 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2018 Ericsson. All rights reserved.
- * Modifications Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
-
-import com.google.common.io.Files;
-import java.io.File;
-import java.io.IOException;
-import org.junit.Test;
-import org.onap.policy.controlloop.policy.ControlLoopPolicy;
-import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
-import org.onap.policy.guard.Util.Pair;
-import org.yaml.snakeyaml.Yaml;
-import org.yaml.snakeyaml.constructor.Constructor;
-
-public class GuardUtilTest {
- @Test
- public void testLoadYamlOk() throws IOException {
- File tempYamlFile = File.createTempFile("ONAPPF", "yaml");
- tempYamlFile.deleteOnExit();
-
- ControlLoopPolicy clPolicy = new ControlLoopPolicy();
-
- Yaml clYaml = new Yaml(new Constructor(ControlLoopPolicy.class));
- String clYamlString = clYaml.dump(clPolicy);
-
- SupportTextFileUtils.putStringAsFile(clYamlString, tempYamlFile);
-
- Pair<ControlLoopPolicy, String> result = Util.loadYaml(tempYamlFile.getCanonicalPath());
-
- assertEquals(clPolicy, result.parameterA);
- assertEquals(clYamlString, result.parameterB);
- }
-
- @Test
- public void testLoadYamlError() throws IOException {
- File tempDir = Files.createTempDir();
- tempDir.deleteOnExit();
-
- // Read from a directory forces an IO exception
- assertNull(Util.loadYaml(tempDir.getCanonicalPath()));
- }
-
- @Test
- public void testLoadGuardYamlOk() throws IOException {
- File tempYamlFile = File.createTempFile("ONAPPF", "yaml");
- tempYamlFile.deleteOnExit();
-
- ControlLoopGuard clGuardPolicy = new ControlLoopGuard();
-
- Yaml clYaml = new Yaml(new Constructor(ControlLoopPolicy.class));
- String clYamlString = clYaml.dump(clGuardPolicy);
-
- SupportTextFileUtils.putStringAsFile(clYamlString, tempYamlFile);
-
- ControlLoopGuard result = Util.loadYamlGuard(tempYamlFile.getCanonicalPath());
-
- assertEquals(clGuardPolicy, result);
- }
-
- @Test
- public void testLoadGuardYamlError() throws IOException {
- File tempDir = Files.createTempDir();
- tempDir.deleteOnExit();
-
- // Read from a directory forces an IO exception
- assertNull(Util.loadYamlGuard(tempDir.getCanonicalPath()));
- }
-
- @Test
- public void testMisc() {
- Util.setGuardEnvProp("Actor", "Judy Garland");
- assertEquals("Judy Garland", Util.getGuardProp("Actor"));
-
- Util.setGuardEnvProps("http://somewhere.over.the.rainbow", "Dorothy", "Toto");
-
- assertEquals("http://somewhere.over.the.rainbow", Util.getGuardProp(Util.PROP_GUARD_URL));
- assertEquals("Dorothy", Util.getGuardProp(Util.PROP_GUARD_USER));
- assertEquals("Toto", Util.getGuardProp(Util.PROP_GUARD_PASS));
- }
-}
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardRequestTest.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardRequestTest.java
deleted file mode 100644
index cdc862acb..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardRequestTest.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2018 Ericsson. All rights reserved.
- * ================================================================================
- * Modifications Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-
-import java.util.UUID;
-import org.junit.Test;
-
-public class PolicyGuardRequestTest {
-
- private static final String KANSAS = "Kansas";
- private static final String GET_BACK_HOME = "GetBackHome";
- private static final String DOROTHY = "Dorothy";
-
- @Test
- public void testPolicyGuardRequest() {
- UUID requestId = UUID.randomUUID();
-
- assertNotNull(new PolicyGuardRequest(null, null, null, null));
-
- PolicyGuardRequest request = new PolicyGuardRequest(DOROTHY, KANSAS, requestId, GET_BACK_HOME);
-
- request.setRequestId(requestId);
- assertEquals(requestId, request.getRequestId());
-
- request.setActor(DOROTHY);
- assertEquals(DOROTHY, request.getActor());
-
- request.setTarget(KANSAS);
- assertEquals(KANSAS, request.getTarget());
-
- request.setOperation(GET_BACK_HOME);
- assertEquals(GET_BACK_HOME, request.getOperation());
-
- assertEquals("PolicyGuardRequest [actor=Dorothy", request.toString().substring(0, 33));
- }
-}
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardResponseTest.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardResponseTest.java
deleted file mode 100644
index 629555297..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardResponseTest.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2018 Ericsson. All rights reserved.
- * ================================================================================
- * Modifications Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-
-import java.util.UUID;
-import org.junit.Test;
-
-public class PolicyGuardResponseTest {
-
- private static final String GET_BACK_HOME = "GetBackHome";
- private static final String BACK_HOME = "BackHome";
-
- @Test
- public void testPolicyGuardResponse() {
- UUID requestId = UUID.randomUUID();
-
- assertNotNull(new PolicyGuardResponse(null, null, null));
-
- PolicyGuardResponse response = new PolicyGuardResponse(BACK_HOME, requestId, GET_BACK_HOME);
-
- response.setRequestId(requestId);
- assertEquals(requestId, response.getRequestId());
-
- response.setResult(BACK_HOME);
- assertEquals(BACK_HOME, response.getResult());
-
- response.setOperation(GET_BACK_HOME);
- assertEquals(GET_BACK_HOME, response.getOperation());
-
- assertEquals("PolicyGuardResponse [requestId=", response.toString().substring(0, 31));
- }
-}
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardXacmlHelperTest.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardXacmlHelperTest.java
deleted file mode 100644
index 47af1fbc6..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardXacmlHelperTest.java
+++ /dev/null
@@ -1,150 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-
-import java.util.Properties;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.onap.policy.common.endpoints.http.server.HttpServletServerFactoryInstance;
-import org.onap.policy.drools.system.PolicyEngineConstants;
-import org.onap.policy.drools.utils.logging.LoggerUtil;
-
-public class PolicyGuardXacmlHelperTest {
-
- private static final String TARGET = "target";
- private static final String REQUEST_ID = "requestId";
- private static final String RECIPE = "recipe";
- private static final String GUARD_URL = "guard.url";
- private static final String ACTOR = "actor";
- private static final Integer VF_COUNT = 100;
-
- /**
- * Set up test class.
- */
- @BeforeClass
- public static void setupSimulator() throws Exception {
- LoggerUtil.setLevel("ROOT", "INFO");
- LoggerUtil.setLevel("org.eclipse.jetty", "WARN");
-
- HttpServletServerFactoryInstance.getServerFactory().destroy();
- org.onap.policy.simulators.Util.buildGuardSim();
-
- //
- // Set guard properties
- //
- org.onap.policy.guard.Util.setGuardEnvProps("http://localhost:6669/policy/pdpx/v1/decision", "python", "test");
- }
-
- /**
- * Shuts down simulator and performs 1 more test for the case where the connection fails.
- */
- @AfterClass
- public static void tearDownSimulator() {
- HttpServletServerFactoryInstance.getServerFactory().destroy();
-
- // Null/ Bad Connection Case
- PolicyGuardXacmlRequestAttributes xacmlReq = new PolicyGuardXacmlRequestAttributes(
- org.onap.policy.simulators.GuardSimulatorJaxRs.DENY_CLNAME, ACTOR, RECIPE, TARGET,
- REQUEST_ID, VF_COUNT);
- String rawDecision = new PolicyGuardXacmlHelper().callPdp(xacmlReq);
- assertNotNull(rawDecision);
- assertEquals(Util.DENY, rawDecision);
- }
-
- @Test
- public void testSimulator() {
- PolicyGuardXacmlRequestAttributes request = new PolicyGuardXacmlRequestAttributes("clname_id", "actor_id",
- "operation_id", "target_id", "request_id", VF_COUNT);
- String xacmlResponse = new PolicyGuardXacmlHelper().callPdp(request);
- assertNotNull(xacmlResponse);
- }
-
- @Test
- /*
- * Tests PolicyGuardXacmlHelper.callPdp method to determine if it returns DENY, PERMIT, or
- * INDETERMINATE as expected.
- */
- public void testCallPdp() {
- // Deny Case
- PolicyGuardXacmlRequestAttributes xacmlReq = new PolicyGuardXacmlRequestAttributes(
- org.onap.policy.simulators.GuardSimulatorJaxRs.DENY_CLNAME, ACTOR, RECIPE, TARGET,
- REQUEST_ID, VF_COUNT);
- String rawDecision = new PolicyGuardXacmlHelper().callPdp(xacmlReq);
- assertNotNull(rawDecision);
- assertEquals(Util.DENY, rawDecision);
-
- // Permit Case
- xacmlReq = new PolicyGuardXacmlRequestAttributes("clname", ACTOR, RECIPE, TARGET, REQUEST_ID, VF_COUNT);
- rawDecision = new PolicyGuardXacmlHelper().callPdp(xacmlReq);
- assertNotNull(rawDecision);
- assertEquals(Util.PERMIT, rawDecision);
-
- // Indeterminate case is in tearDown for efficiency
- }
-
- @Test
- public void testInit() {
- final Properties savedEnvironment = (Properties) PolicyEngineConstants.getManager().getEnvironment().clone();
-
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().setProperty(GUARD_URL,
- "http://localhost:6669/pdp/api/getDecision,Dorothy");
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().setProperty(GUARD_URL,
- "http://localhost:6669/pdp/api/getDecision,Dorothy,Toto");
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().setProperty(GUARD_URL,
- "http://localhost:6969/policy/pdpx/v1/decision");
-
- PolicyEngineConstants.getManager().getEnvironment().setProperty("pdpx.timeout", "thisIsNotANumber");
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().setProperty("pdpx.timeout", "1000");
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().remove("pdpx.password");
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().setProperty("pdpx.username", "python");
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().setProperty(GUARD_URL, "///");
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().setProperty("guard.disabled", "");
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().setProperty("guard.disabled", "true");
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().getEnvironment().clear();
- assertNotNull(new PolicyGuardXacmlHelper());
-
- PolicyEngineConstants.getManager().setEnvironment(savedEnvironment);
- }
-}
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributesTest.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributesTest.java
deleted file mode 100644
index 3d49d99c1..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributesTest.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2018 Ericsson. All rights reserved.
- * ================================================================================
- * Modifications Copyright (C) 2018-2020 AT&T. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-
-import java.util.UUID;
-import org.junit.Test;
-
-public class PolicyGuardXacmlRequestAttributesTest {
-
- @Test
- public void testPolicyGuardXacmlRequestAttributes() {
- PolicyGuardXacmlRequestAttributes attributes =
- new PolicyGuardXacmlRequestAttributes(null, null, null, null, null, null);
- assertNotNull(attributes);
-
- UUID requestId = UUID.randomUUID();
- attributes.setRequestId(requestId.toString());
- assertEquals(requestId.toString(), attributes.getRequestId());
-
- UUID operationId = UUID.randomUUID();
- attributes.setOperationId(operationId.toString());
- assertEquals(operationId.toString(), attributes.getOperationId());
-
- UUID actorId = UUID.randomUUID();
- attributes.setActorId(actorId.toString());
- assertEquals(actorId.toString(), attributes.getActorId());
-
- UUID targetId = UUID.randomUUID();
- attributes.setTargetId(targetId.toString());
- assertEquals(targetId.toString(), attributes.getTargetId());
-
- attributes.setTargetId(targetId.toString());
- assertEquals(targetId.toString(), attributes.getTargetId());
-
- UUID controlLoopId = UUID.randomUUID();
- attributes.setClnameId(controlLoopId.toString());
- assertEquals(controlLoopId.toString(), attributes.getClnameId());
-
- attributes.setClnameId(null);
- assertEquals(null, attributes.getClnameId());
-
- Integer vfCount = 20;
- attributes.setVfCount(vfCount);
- assertEquals(vfCount, attributes.getVfCount());
-
- attributes.setVfCount(null);
- assertEquals(null, attributes.getVfCount());
-
- assertEquals("PolicyGuardXacmlRequestAttributes [actorId=", attributes.toString().substring(0, 43));
- }
-}
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardYamlToXacmlTest.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardYamlToXacmlTest.java
deleted file mode 100644
index a8110ed04..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/PolicyGuardYamlToXacmlTest.java
+++ /dev/null
@@ -1,248 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import org.junit.Before;
-import org.junit.Test;
-import org.onap.policy.controlloop.policy.guard.Constraint;
-import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
-import org.onap.policy.controlloop.policy.guard.GuardPolicy;
-import org.onap.policy.controlloop.policy.guard.MatchParameters;
-import org.yaml.snakeyaml.Yaml;
-import org.yaml.snakeyaml.constructor.Constructor;
-
-public class PolicyGuardYamlToXacmlTest {
- private static final String SOME_START_TIME = "someStartTime";
- private static final String SOME_END_TIME = "someEndTime";
- private static final String HOURS = "hours";
- private static final String TARGET2 = "WickedWitchOfTheWest";
- private static final String TARGET1 = "Wizard";
- private static final String ONAPPF_FILE = "ONAPPF";
- private static final String RECIPE = "GoToOz";
- private static final String TEXT1 = "WestWitches";
- private static final String TEXT2 = "EastWitches";
- private static final String OUT_XACML = ".out.xacml";
- private ControlLoopGuard clGuard;
-
- /**
- * Set up test cases.
- */
- @Before
- public void createControlLoopGuard() {
- clGuard = new ControlLoopGuard();
- MatchParameters matchParameters = new MatchParameters();
- matchParameters.setControlLoopName("WizardOfOz");
- matchParameters.setActor("Dorothy");
- matchParameters.setRecipe(RECIPE);
- List<String> targets = new ArrayList<>();
- targets.add(TARGET1);
- targets.add(TARGET2);
- matchParameters.setTargets(targets);
- GuardPolicy guardPolicy = new GuardPolicy();
- guardPolicy.setMatch_parameters(matchParameters);
- Constraint limitConstraint = new Constraint();
- limitConstraint.setFreq_limit_per_target(5);
- Map<String, String> timeWindow = new HashMap<>();
- timeWindow.put("value", "10");
- timeWindow.put("units", HOURS);
- limitConstraint.setTime_window(timeWindow);
- Map<String, String> activeTimeRange = new HashMap<>();
- activeTimeRange.put("start", SOME_START_TIME);
- activeTimeRange.put("end", SOME_END_TIME);
- limitConstraint.setActive_time_range(activeTimeRange);
- LinkedList<Constraint> limitConstraints = new LinkedList<>();
- limitConstraints.add(limitConstraint);
- guardPolicy.setLimit_constraints(limitConstraints);
- LinkedList<GuardPolicy> guardList = new LinkedList<>();
- guardList.add(guardPolicy);
- clGuard.setGuards(guardList);
- }
-
- @Test
- public void testGenerateXacmlGuardFull() throws IOException {
- File tempYamlFile = File.createTempFile(ONAPPF_FILE, "yaml");
- tempYamlFile.deleteOnExit();
-
- File tempXacmlTemplateFile = new File("src/test/resources/frequency_limiter_template.xml");
-
- File tempXacmlOutputFile = File.createTempFile(ONAPPF_FILE, OUT_XACML);
- tempXacmlOutputFile.deleteOnExit();
-
- Yaml clYaml = new Yaml(new Constructor(ControlLoopGuard.class));
- String clYamlString = clYaml.dump(clGuard);
-
- SupportTextFileUtils.putStringAsFile(clYamlString, tempYamlFile);
- PolicyGuardYamlToXacml.fromYamlToXacml(tempYamlFile.getCanonicalPath(),
- tempXacmlTemplateFile.getCanonicalPath(), tempXacmlOutputFile.getCanonicalPath());
-
- String result = SupportTextFileUtils.getTextFileAsString(tempXacmlOutputFile.getCanonicalPath());
-
- // Assert no mote "${}" are left
- assertFalse(result.contains("${"));
- assertFalse(result.contains("}"));
- // Assert all substitutions are made
- assertTrue(result.contains("cl"));
- assertTrue(result.contains("actor"));
- assertTrue(result.contains(RECIPE));
- assertTrue(result.contains(TARGET1));
- assertTrue(result.contains(TARGET2));
- assertTrue(result.contains("10"));
- assertTrue(result.contains(HOURS));
- assertTrue(result.contains(SOME_START_TIME));
- assertTrue(result.contains(SOME_END_TIME));
- }
-
- @Test
- public void testGenerateXacmlGuardPartial() throws IOException {
- final File tempYamlFile = File.createTempFile(ONAPPF_FILE, "yaml");
- tempYamlFile.deleteOnExit();
-
- final File tempXacmlTemplateFile = new File("src/test/resources/frequency_limiter_template.xml");
-
- final File tempXacmlOutputFile = File.createTempFile(ONAPPF_FILE, OUT_XACML);
- tempXacmlOutputFile.deleteOnExit();
-
- MatchParameters matchParameters = clGuard.getGuards().get(0).getMatch_parameters();
- matchParameters.setControlLoopName(null);
- matchParameters.setActor(null);
- matchParameters.setRecipe(null);
- matchParameters.setTargets(null);
-
- Yaml clYaml = new Yaml(new Constructor(ControlLoopGuard.class));
- String clYamlString = clYaml.dump(clGuard);
-
- SupportTextFileUtils.putStringAsFile(clYamlString, tempYamlFile);
- PolicyGuardYamlToXacml.fromYamlToXacml(tempYamlFile.getCanonicalPath(),
- tempXacmlTemplateFile.getCanonicalPath(), tempXacmlOutputFile.getCanonicalPath());
-
- String result = SupportTextFileUtils.getTextFileAsString(tempXacmlOutputFile.getCanonicalPath());
-
- // Assert no mote "${}" are left
- assertFalse(result.contains("${"));
- assertFalse(result.contains("}"));
- // Assert all substitutions are made
- assertTrue(result.contains("cl"));
- assertTrue(result.contains("actor"));
- assertFalse(result.contains(RECIPE));
- assertFalse(result.contains(TARGET1));
- assertFalse(result.contains(TARGET2));
- assertTrue(result.contains("10"));
- assertTrue(result.contains(HOURS));
- assertTrue(result.contains(SOME_START_TIME));
- assertTrue(result.contains(SOME_END_TIME));
- }
-
- @Test
- public void testIsNullOrEmpty() {
- assertTrue(PolicyGuardYamlToXacml.isNullOrEmpty(""));
- assertTrue(PolicyGuardYamlToXacml.isNullOrEmpty(null));
- assertFalse(PolicyGuardYamlToXacml.isNullOrEmpty("hello"));
- }
-
- @Test
- public void testIsNullOrEmptyList() {
- List<String> list = new ArrayList<>();
- assertTrue(PolicyGuardYamlToXacml.isNullOrEmptyList(null));
- assertTrue(PolicyGuardYamlToXacml.isNullOrEmptyList(list));
-
- list.add("hello");
- assertFalse(PolicyGuardYamlToXacml.isNullOrEmptyList(list));
- }
-
- @Test
- public void testGenerateXacmlGuardBlacklist() throws IOException {
- final File tempYamlFile = File.createTempFile(ONAPPF_FILE, "yaml");
- tempYamlFile.deleteOnExit();
-
- final File tempXacmlTemplateFile = new File("src/test/resources/blacklist_template.xml");
-
- final File tempXacmlOutputFile = File.createTempFile(ONAPPF_FILE, OUT_XACML);
- tempXacmlOutputFile.deleteOnExit();
-
- List<String> blacklist = new ArrayList<>();
- blacklist.add(TEXT1);
- blacklist.add(TEXT2);
- clGuard.getGuards().get(0).getLimit_constraints().get(0).setBlacklist(blacklist);
-
- Yaml clYaml = new Yaml(new Constructor(ControlLoopGuard.class));
- String clYamlString = clYaml.dump(clGuard);
-
- SupportTextFileUtils.putStringAsFile(clYamlString, tempYamlFile);
- PolicyGuardYamlToXacml.fromYamlToXacmlBlacklist(tempYamlFile.getCanonicalPath(),
- tempXacmlTemplateFile.getCanonicalPath(), tempXacmlOutputFile.getCanonicalPath());
-
- String result = SupportTextFileUtils.getTextFileAsString(tempXacmlOutputFile.getCanonicalPath());
- // Assert no mote "${}" are left
- assertFalse(result.contains("${"));
- assertFalse(result.contains("}"));
- // Assert all substitutions are made
- assertTrue(result.contains(TEXT1));
- assertTrue(result.contains(TEXT2));
- }
-
- @Test
- public void testGenerateXacmlGuardBlacklistPartial() throws IOException {
- final File tempYamlFile = File.createTempFile(ONAPPF_FILE, "yaml");
- tempYamlFile.deleteOnExit();
-
- final File tempXacmlTemplateFile = new File("src/test/resources/blacklist_template.xml");
-
- final File tempXacmlOutputFile = File.createTempFile(ONAPPF_FILE, OUT_XACML);
- tempXacmlOutputFile.deleteOnExit();
-
- List<String> blacklist = new ArrayList<>();
- blacklist.add(TEXT1);
- blacklist.add(TEXT2);
- GuardPolicy guardPolicy = clGuard.getGuards().get(0);
- guardPolicy.getLimit_constraints().get(0).setBlacklist(blacklist);
-
- MatchParameters matchParameters = guardPolicy.getMatch_parameters();
- matchParameters.setControlLoopName(null);
- matchParameters.setActor(null);
- matchParameters.setRecipe(null);
- matchParameters.setTargets(null);
-
- Yaml clYaml = new Yaml(new Constructor(ControlLoopGuard.class));
- String clYamlString = clYaml.dump(clGuard);
-
- SupportTextFileUtils.putStringAsFile(clYamlString, tempYamlFile);
- PolicyGuardYamlToXacml.fromYamlToXacmlBlacklist(tempYamlFile.getCanonicalPath(),
- tempXacmlTemplateFile.getCanonicalPath(), tempXacmlOutputFile.getCanonicalPath());
-
- String result = SupportTextFileUtils.getTextFileAsString(tempXacmlOutputFile.getCanonicalPath());
- // Assert no mote "${}" are left
- assertFalse(result.contains("${"));
- assertFalse(result.contains("}"));
- // Assert all substitutions are made
- assertTrue(result.contains(TEXT1));
- assertTrue(result.contains(TEXT2));
- }
-}
diff --git a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/SupportTextFileUtils.java b/controlloop/m2/guard/src/test/java/org/onap/policy/guard/SupportTextFileUtils.java
deleted file mode 100644
index 98c33c761..000000000
--- a/controlloop/m2/guard/src/test/java/org/onap/policy/guard/SupportTextFileUtils.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * guard
- * ================================================================================
- * Copyright (C) 2018 Ericsson. All rights reserved.
- * Modifications Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.guard;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-import org.drools.core.util.IoUtils;
-
-/**
- * The Class TextFileUtils is class that provides useful functions for handling text files.
- * Functions to read and wrtie text files to strings and strings are provided.
- *
- * @author Liam Fallon (liam.fallon@ericsson.com)
- */
-public class SupportTextFileUtils {
-
- private SupportTextFileUtils() {
- // do nothing
- }
-
- /**
- * Method to return the contents of a text file as a string.
- *
- * @param textFilePath The path to the file as a string
- * @return A string containing the contents of the file
- * @throws IOException on errors reading text from the file
- */
- public static String getTextFileAsString(final String textFilePath) {
- return IoUtils.readFileAsString(new File(textFilePath));
- }
-
- /**
- * Method to write contents of a string to a text file.
- *
- * @param outString The string to write
- * @param textFile The file to write the string to
- * @throws IOException on errors reading text from the file
- */
- public static void putStringAsFile(final String outString, final File textFile) throws IOException {
- try (final FileOutputStream textFileOutputStream = new FileOutputStream(textFile)) {
- textFileOutputStream.write(outString.getBytes(StandardCharsets.UTF_8));
- }
- }
-}
diff --git a/controlloop/m2/guard/src/test/resources/META-INF/persistence.xml b/controlloop/m2/guard/src/test/resources/META-INF/persistence.xml
deleted file mode 100644
index 8e8be4ed2..000000000
--- a/controlloop/m2/guard/src/test/resources/META-INF/persistence.xml
+++ /dev/null
@@ -1,43 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ============LICENSE_START=======================================================
- drools-applications
- ================================================================================
- Copyright (C) 2018-2020 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-<persistence xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/persistence persistence_1_0.xsd" version="1.0">
-
- <!-- In-mem DB for junit -->
- <persistence-unit name="OperationsHistoryPUTest"
- transaction-type="RESOURCE_LOCAL">
- <provider>org.eclipse.persistence.jpa.PersistenceProvider</provider>
-
- <class>org.onap.policy.guard.OperationsHistory</class>
-
- <properties>
- <property name="eclipselink.ddl-generation" value="create-tables" />
- <property name="eclipselink.logging.level" value="FINE" />
- <property name="hibernate.dialect" value="org.hibernate.dialect.H2Dialect"/>
- <property name="javax.persistence.jdbc.driver" value="org.h2.Driver" />
- <property name="javax.persistence.jdbc.url" value="jdbc:h2:mem:testdb;DATABASE_TO_UPPER=FALSE" />
- <property name="javax.persistence.jdbc.user" value="policy" />
- <property name="javax.persistence.jdbc.password" value="P01icY" />
- <property name="javax.persistence.schema-generation.database.action" value="drop-and-create"/>
- <property name="javax.persistence.schema-generation.create-source" value="metadata"/>
- </properties>
- </persistence-unit>
-
-</persistence>
diff --git a/controlloop/m2/guard/src/test/resources/blacklist_template.xml b/controlloop/m2/guard/src/test/resources/blacklist_template.xml
deleted file mode 100644
index 1563e4a7d..000000000
--- a/controlloop/m2/guard/src/test/resources/blacklist_template.xml
+++ /dev/null
@@ -1,117 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!--
- ============LICENSE_START=======================================================
- drools-applications
- ================================================================================
- Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"
- PolicyId="urn:com:att:xacml:policy:id:25e12b06-11d5-4895-b2a2-6f6c594de069"
- Version="1"
- RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny">
- <Description>Policy for frequency limiter.</Description>
- <Target>
- <AnyOf>
- <AllOf>
- <Match
- MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <!-- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*</AttributeValue>-->
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#string">${clname}</AttributeValue>
- <AttributeDesignator
- Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
- AttributeId="urn:org:onap:guard:clname:clname-id"
- DataType="http://www.w3.org/2001/XMLSchema#string"
- MustBePresent="false" />
- </Match>
-
- <!-- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">-->
- <Match
- MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#string">${actor}</AttributeValue>
- <AttributeDesignator
- Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
- AttributeId="urn:org:onap:guard:actor:actor-id"
- DataType="http://www.w3.org/2001/XMLSchema#string"
- MustBePresent="false" />
- </Match>
- <Match
- MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#string">${recipe}</AttributeValue>
- <AttributeDesignator
- Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"
- AttributeId="urn:org:onap:guard:operation:operation-id"
- DataType="http://www.w3.org/2001/XMLSchema#string"
- MustBePresent="false" />
- </Match>
- </AllOf>
- </AnyOf>
- </Target>
- <Rule
- RuleId="urn:com:att:xacml:rule:id:e1e8c5c0-e2ba-47d5-9289-6c015305ed21"
- Effect="Deny">
- <Description>DENY - only if target is in black list and guard is
- active.</Description>
- <Condition>
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
- <VariableReference
- VariableId="isGuardActive" />
- <VariableReference
- VariableId="isInBlackList" />
- </Apply>
- </Condition>
- </Rule>
- <VariableDefinition VariableId="isInBlackList">
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:3.0:function:any-of">
- <Function
- FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal" />
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
- <AttributeDesignator
- Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
- AttributeId="urn:org:onap:guard:target:target-id"
- DataType="http://www.w3.org/2001/XMLSchema#string"
- MustBePresent="false" />
- </Apply>
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag">
- ${blackListElement}
- <!-- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">vserver.vserver-name</AttributeValue>-->
- </Apply>
- </Apply>
- </VariableDefinition>
- <VariableDefinition VariableId="isGuardActive">
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:2.0:function:time-in-range">
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
- <AttributeDesignator
- AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time"
- DataType="http://www.w3.org/2001/XMLSchema#time"
- Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"
- MustBePresent="false" />
- </Apply>
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveStart}</AttributeValue>
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveEnd}</AttributeValue>
- </Apply>
- </VariableDefinition>
-</Policy>
diff --git a/controlloop/m2/guard/src/test/resources/frequency_limiter_template.xml b/controlloop/m2/guard/src/test/resources/frequency_limiter_template.xml
deleted file mode 100644
index d26432f86..000000000
--- a/controlloop/m2/guard/src/test/resources/frequency_limiter_template.xml
+++ /dev/null
@@ -1,127 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<!--
- ============LICENSE_START=======================================================
- drools-applications
- ================================================================================
- Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"
- PolicyId="urn:com:att:xacml:policy:id:25e12b06-11d5-4895-b2a2-6f6c594de069"
- Version="1"
- RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny">
- <Description>Policy for frequency limiter.</Description>
- <Target>
- <AnyOf>
- <AllOf>
-
- <Match
- MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <!-- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*</AttributeValue>-->
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#string">${clname}</AttributeValue>
- <AttributeDesignator
- Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
- AttributeId="urn:org:onap:guard:clname:clname-id"
- DataType="http://www.w3.org/2001/XMLSchema#string"
- MustBePresent="false" />
- </Match>
-
- <!-- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">-->
- <Match
- MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#string">${actor}</AttributeValue>
- <AttributeDesignator
- Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
- AttributeId="urn:org:onap:guard:actor:actor-id"
- DataType="http://www.w3.org/2001/XMLSchema#string"
- MustBePresent="false" />
- </Match>
- <Match
- MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#string">${recipe}</AttributeValue>
- <AttributeDesignator
- Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"
- AttributeId="urn:org:onap:guard:operation:operation-id"
- DataType="http://www.w3.org/2001/XMLSchema#string"
- MustBePresent="false" />
- </Match>
-
- <Match
- MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#string">${targets}</AttributeValue>
- <AttributeDesignator
- Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
- AttributeId="urn:org:onap:guard:target:target-id"
- DataType="http://www.w3.org/2001/XMLSchema#string"
- MustBePresent="false" />
- </Match>
-
- </AllOf>
- </AnyOf>
- </Target>
- <Rule
- RuleId="urn:com:att:xacml:rule:id:e1e8c5c0-e2ba-47d5-9289-6c015305ed21"
- Effect="Deny">
- <Description>DENY - only if number of operations performed in
- the past is larger than the limit and the Guard is active.</Description>
- <Condition>
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
- <VariableReference
- VariableId="isGuardActive" />
- <VariableReference
- VariableId="isHistoryGreaterThanLimit" />
- </Apply>
- </Condition>
- </Rule>
- <VariableDefinition VariableId="isGuardActive">
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:2.0:function:time-in-range">
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
- <AttributeDesignator
- AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time"
- DataType="http://www.w3.org/2001/XMLSchema#time"
- Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"
- MustBePresent="false" />
- </Apply>
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveStart}</AttributeValue>
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveEnd}</AttributeValue>
- </Apply>
- </VariableDefinition>
- <VariableDefinition
- VariableId="isHistoryGreaterThanLimit">
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than-or-equal">
- <Apply
- FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
- <AttributeDesignator
- Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
- AttributeId="com:att:research:xacml:test:sql:resource:operations:count"
- DataType="http://www.w3.org/2001/XMLSchema#integer"
- Issuer="com:att:research:xacml:guard:historydb:tw:${twValue}:${twUnits}"
- MustBePresent="false" />
- </Apply>
- <AttributeValue
- DataType="http://www.w3.org/2001/XMLSchema#integer">${limit}</AttributeValue>
- </Apply>
- </VariableDefinition>
-</Policy>