Age | Commit message (Collapse) | Author | Files | Lines |
|
Decoupled checking AAI data from checking an event's syntax so that new
onsets can check both while all other events can just check the syntax.
Issue-Id: POLICY-371
Change-Id: Ic76b1335b389bbec47ff0d29485ccbb249d5f18c
Signed-off-by: Charles Cole <cc847m@att.com>
|
|
The locking of the target is now taken care of when
the operation manager is initialized. This allows us
to keep the template flow the same and to ensure that
for vFW we will not lock the source if it is not intended
to be the target. NOTE: This will have to be revised in
the future if policy chaining will support having
different targets specified for each policy in the chain.
Additional work was done for hardening the APPC model code
to make sure exceptions are caught and we gracefully end
processing the event with memory clean up and a final failure
notification sent.
Issue-Id: POLICY-367
Change-Id: Ic796d95eb5400067744492f810dd8069ba6241b3
Signed-off-by: Daniel Cruz <dc443y@att.com>
Signed-off-by: daniel <dc443y@att.com>
|
|
generating a control loop project from archetype
(but not from junits) runs into velocity parse failures
as specified in ticket. The existing .drl code
for the line that fails the parsing has been slightly
modified to bypass this problem. In addition a
logging statement has been added to the catch.
Change-Id: I3eec82c9b710cc9d2a13dc68032a8a6074016b40
Issue-ID: POLICY-376
Signed-off-by: Jorge Hernandez <jh1730@att.com>
|
|
These changes now allow a lookup of the source vnf-id
based on the onset's vnf-name.
Issue-Id: POLICY-366
Change-Id: I6f6bd500b892dddbbb9e12156b4486208309e21d
Signed-off-by: Daniel Cruz <dc443y@att.com>
|
|
Changed check event syntax in the event manager so that it only looks
for AAI info if the event is an onset.
Issue-Id: POLICY-368
Change-Id: I241e9a110cc5fc4553a5e9cd842d51f76a800368
Signed-off-by: Charles Cole <cc847m@att.com>
|
|
|
|
Now reject an event if the AAI get query for the event fails. Added test
cases for this behavior.
Fixed some issues from my previous pull request.
Issue-Id: POLICY-314
Change-Id: I674e95302a271423c307a88d061064e12e491a7a
Signed-off-by: Charles Cole <cc847m@att.com>
|
|
|
|
Removed the deprecated pre-Amsterdam policy template code from repository.
Issue-Id: POLICY-308
Change-Id: I5000f61acddf3b84eef5fbfdbceabfc69aeb96c4
Signed-off-by: Magnusen, Drew (dm741q) <dm741q@att.com>
|
|
Added logger statments to network.log for AAI, SO,
PDPX Guard, and VFC for all inbound/outbound traffic.
Issue-Id: POLICY-356
Change-Id: I802d45d8136f987b4304baa8f17e166b1c8df165
Signed-off-by: Magnusen, Drew (dm741q) <dm741q@att.com>
|
|
|
|
Errors from AAI after a Named query now throw an AAIEXception. This is
caught in the template to allow the resources to be removed from memory
and a final failure to be thrown.
Issue-ID: POLICY-314
Change-Id: I319d29ef537b2d01ca288622aac1d9dbbe05f5eb
Signed-off-by: Charles Cole <cc847m@att.com>
|
|
Issue-ID: POLICY-292
Change-Id: Ia4d4fae4150ea12e46079aabb4bbf4e3c92c8d00
Signed-off-by: Hockla, Ali (ah999m) <ah999m@att.com>
|
|
This fix enables the pdp to stop events with
different requestId's/controlLoopNames from
being processed if the target entity specified is
already being processed by another event/controlloop.
The lock timeout rule is removed to stop the event from
waiting to obtain a lock if it was not already required.
Handling of the lock denied case is taken care of in the
event manager rule instead of in a seperate rule to avoid
further unneccessary computation.
A new control loop test case was created that is for testing
general control loop errors. The test case included is for
testing that the lock will deny a request with a duplicate
target entity.
Issue-ID: POLICY-341
Change-Id: Ib62286eff74ec22b2c645f32f385cb331fb1dff3
Signed-off-by: Daniel Cruz <dc443y@att.com>
|
|
|
|
|
|
- Removed nonBaseIndex since there is only base vf Module in v11 response
- Reverted to checkExtractedFields()
- Modified the AAI Simulator to return the v11 response
- If AAI NQ fails then the SO Request will not be constructed. In this
case, we are retracting objects from the transaction and inserting policyResult.FAILURE into current operation to
prevent null values in finishOperation
Issue-ID: POLICY-339
Change-Id: I1c48fac4f9a51467ad54b0706543f5d1baa70389
Signed-off-by: Hockla, Ali (ah999m) <ah999m@att.com>
|
|
Removed operation_history.properties / operations-history.properties.
Changed the properties in persistence.xml
so that it uses the correct values. Previously junit would never write
to db because the "guard.disabled" property was not set. Set this property.
Additionally the operationshistory10 table was trying to be created even
though it exists. These values work in junit code. Not tested on
rackspace yet.
Issue-ID: POLICY-345
Change-Id: Id755b3152ae6ac4991ea9c314154592ea0105070
Signed-off-by: Temoc Rodriguez <cr056n@att.com>
|
|
Missing abatement=false for Use Cases other than vCPE. Added DCAE
Control Loop Event message for ABATED.
Issue-ID: POLICY-346
Change-Id: Ic8890dd81607ff8657a6f9e49cd9be51cb410fe1
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Control loop junits now use the actual PolicyEngine instead of a
simulation, allowing them to work with the archetype template
Issue-ID: POLICY-101
Change-Id: I910961996aaf831f4e91b7d7173d05fdfdd77683
Signed-off-by: Charles Cole <cc847m@att.com>
|
|
|
|
Added a check for when the guard response from pdp-x is not
200. When the response is unauthorized or forbidden, it will
have an empty body, try to convert to json, and throw an
exception. Added a null check on the response and returns
indeterminate in the case of an empty body.
Issue-ID: POLICY-280
Change-Id: I9d384472e230495130bd41d377e25b74fe9ea9bd
Signed-off-by: Temoc Rodriguez <cr056n@att.com>
|
|
per Scott's feedback, see JIRA ticket notes
Change-Id: I5e9a5a6f98fceabc58911a3673d1b889604b5a92
Issue-ID: POLICY-300
Signed-off-by: Jorge Hernandez <jh1730@att.com>
|
|
PAP currently generates a set up rule that inserts a Params object
when the session is loaded. Since the official template also
has an equivalent rule that is used by the drools applications
team to perform initializations tasks, at runtime we end up with
2 Params objects with the same control loop data. This has
sideeffects where the same rule becomes true for 2 Params objects
therefore performing duplicated actions which introduces somewhat
anomalous behavior.
The PapParams is introduced to satisfy current PAP needs for
management of rules. The structure is included here only for
those purposes but it carries no significance at runtime during
drools executions since the rules go by Params instead of PapParams.
In the near future, the plan is to have the PAP not generating
SET UP rules.
There is a companion review on the PAP side to refer to PapParams
instead of Params to fulfill the resolution of POLICY-302.
Change-Id: I2f9ed3cee3d5d5209eecd43823cfc44a4b937600
Issue-ID: POLICY-302
Signed-off-by: Jorge Hernandez <jh1730@att.com>
|
|
The existing APPC Response Cleanup Rules will drop responses
that are not specific for that control loop. For example
vDNS control loop will drop LCM Response for vCPE control loops
preventing progress of the use cases.
This only happens when the control loops coexist with the
current set of rules.
Change-Id: I5a9ae26e39ecce8dd7f1098d02b6c6b97650b67a
Issue-ID: POLICY-298
Signed-off-by: Jorge Hernandez <jh1730@att.com>
|
|
|
|
Removed a lingering dependency on the "demo" project
that is causing build errors.
Issue-ID: POLICY-291
Change-Id: If1870ebba33c4ff29a0bd5bcdaa39d9b61f62436
Signed-off-by: Daniel Cruz <dc443y@att.com>
|
|
|
|
Removing the legacy "demo" project as this uses obsolete
code. The operation and control loop timeouts were increased
to allow more time for the simulators to respond.
Issue-Id: POLICY-291
Change-Id: I1143352cefaf9749ca0eca55927960535b2599b8
Signed-off-by: Daniel Cruz <dc443y@att.com>
|
|
Added a fix so that the guard database is not attempted to be accessed
while guard is set to disabled. The guard db access is done in the
operations manager which has no context of guardat the moment. Because
of this separation, the boolean must be grabbed from the PolicyEngine
properties. We should consider some guard refactoring.
Issue-ID: POLICY-296
Change-Id: Ida7a2a7c19e568b076731e0f04bdc8a9fd0fcb26
Signed-off-by: Temoc Rodriguez <cr056n@att.com>
|
|
|
|
This fix now implements the observer pattern for the
PolicyEngineJUnitImpl so that the test cases can be
notified when an event is available to be pulled.
This eliminates the need to sleep the thread for
some arbitrary time to let the rules process events.
Issue-ID: POLICY-291
Change-Id: I884c959c20b95a1b58f357602099d8a01c8d2e3c
Signed-off-by: Daniel Cruz <dc443y@att.com>
|
|
Issue-ID: POLICY-292
Change-Id: Id53e9d3b6ba23b20d7e45d4d3b39f8092f126333
Signed-off-by: Hockla, Ali (ah999m) <ah999m@att.com>
|
|
Change-Id: I05c577e8760f5b4b8e6375f50a327c9dde575e06
Issue-ID: POLICY-260
Signed-off-by: Jorge Hernandez <jh1730@att.com>
|
|
This allows the user to disable or enable guard
through the .properties.environment file. Verified
and tested in a pdp. Properties were added to the
simulators properties file for the simulators to
work out of the box.
Issue-ID: POLICY-259
Change-Id: I0027a5d28f1b30e81bdbe42fa17621b36a61c850
Signed-off-by: Daniel Cruz <dc443y@att.com>
|
|
|
|
Made MSBServiceFactory serializable
Issue-ID: POLICY-115
Change-Id: I8c8abdf656a49bc20ecefb42a7f4f7bacde57726
Signed-off-by: Hockla, Ali (ah999m) <ah999m@att.com>
|
|
Deleted ControlLoopXacmlGuardTest.java so avoid sonar blockers. This
junit will reduce coverage a bit but is not significant. This junit is
already covered by the other use case junit files in template demo. A
more robust junit is in need to test guard permit, deny, and pdp-x
misconnecion in relation to the drl operations and rules. For now, this
file does not add useful testing.
Issue-ID: POLICY-260
Change-Id: Iaed0ad62f72ddc5b9a6b7626a037c26d6fd1ca52
Signed-off-by: Temoc Rodriguez <cr056n@att.com>
|
|
|
|
Fixed two Sonar criticals. Changed VFC actor service provider to
eliminate redundant AAI queries.
Issue-ID: POLICY-115
Change-Id: Ic4993b5d498a1cb3d3fc51ce1d2b4e90bb26353d
Signed-off-by: Charles Cole <cc847m@att.com>
|
|
This applies changes to make retries work properly
for all control loops. The current design was ignoring
the upper bound of the retries and retrying until either
a success or control loop timeout occured. This is now
fixed to only do retries until the limit is reached that
is specified from the policy.
The operation is now started in the GUARD.PERMITTED rule.
I think this is better because it stops Policy from doing
extra processing if there is a guard deny. This is also
needed so that we can properly do retries for all cases.
The notifications sent in GUARD_NOT_YET_QUERIED and
GUARD.RESPONSE are now more informative with the
message specifying the actor and recipe. The not queried
rule has a message stating that we are sending a query
to guard and the guard response message in the guard
response rule specifices the result from guard.
During a retest of vDNS it appeared that the archetype
template was no longer working, this was because there
were changes in the JUnit template that were not
reflected in the archetype template. These were added
to archetype and vDNS is verified to work again.
Another small fix needed was making sure the action for
vCPE is "Restart" instead of "restart". APPC will
reject our request if "Restart" is not sent as the
action.
Issue-ID: POLICY-259
Change-Id: I28dd3c9a629d297b408775a01afadd5c19351e37
Signed-off-by: Daniel Cruz <dc443y@att.com>
|
|
|
|
Added guard authentication, client authentication, and environment http
headers to the pdp-x guard restful request. Properties are set to
PolicyEngine.manager. Property getter, setter, and properties in
guard/.../Util.java. Test properties defined in junits themselves. Added
code from GuardContext.java to grab the properties and make restful request.
PolicyGuardXacmlHelper now closely resembles GuardContext in order to mimic
functionality. Guard url no longer is passed into CallGuardTask, it is now
a property.
Issue-ID: POLICY-260
Change-Id: I5b144764828b6da0e7b738a578e4f6596a0f4f36
Signed-off-by: Temoc Rodriguez <cr056n@att.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|