From e87b18923c23a1a0fbfaae1c75645a577b96c892 Mon Sep 17 00:00:00 2001 From: Jim Hahn Date: Wed, 3 Jun 2020 09:26:33 -0400 Subject: Remove usecases and legacy actor code Made the following changes to remove usescase and legacy actor code: - deleted the usecases controller and feature - deleted code associated with legacy actors, with the exception of AaiManager, which is needed by RestControlLoopManager - moved the contents of the "guard" project into the m2/guard project, as that is the only thing that still needs it - modified the m2/GuardContext to get the name of its persistence unit from the properties so it could be overridden by junit tests - used eclipselink constants Also fixed a bug in the properties for the VFC actor. Addressed review comment: - removed usecases from Dockerfile Issue-ID: POLICY-2558 Change-Id: I677d68c9efed9247c3d55773abdcc736b577a6b4 Signed-off-by: Jim Hahn --- .../java/org/onap/policy/guard/CallGuardTask.java | 155 --------------- .../java/org/onap/policy/guard/GuardResult.java | 25 --- .../org/onap/policy/guard/PolicyGuardRequest.java | 84 --------- .../org/onap/policy/guard/PolicyGuardResponse.java | 71 ------- .../onap/policy/guard/PolicyGuardXacmlHelper.java | 139 -------------- .../guard/PolicyGuardXacmlRequestAttributes.java | 123 ------------ .../onap/policy/guard/PolicyGuardYamlToXacml.java | 210 --------------------- .../src/main/java/org/onap/policy/guard/Util.java | 149 --------------- 8 files changed, 956 deletions(-) delete mode 100644 controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java delete mode 100644 controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java delete mode 100644 controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java delete mode 100644 controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java delete mode 100644 controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java delete mode 100644 controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java delete mode 100644 controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java delete mode 100644 controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java (limited to 'controlloop/common/guard/src/main/java/org') diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java deleted file mode 100644 index 0331b7aab..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/CallGuardTask.java +++ /dev/null @@ -1,155 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.util.HashSet; -import java.util.Set; -import java.util.UUID; -import java.util.function.Supplier; -import org.drools.core.WorkingMemory; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class CallGuardTask implements Runnable { - - private static final Logger logger = LoggerFactory.getLogger(CallGuardTask.class); - - /** - * Actor/recipe pairs whose guard requests need a VF Module count. Each element is of - * the form "<actor>:<recipe>". - */ - private static final Set NEEDS_VF_COUNT = new HashSet<>(); - - /** - * Actor/recipe pairs whose guard requests need the VF Module count to be incremented - * (i.e., because a module is being added). Each element is of the form - * "<actor>:<recipe>". - */ - private static final Set INCR_VF_COUNT = new HashSet<>(); - - static { - INCR_VF_COUNT.add("SO:VF Module Create"); - NEEDS_VF_COUNT.addAll(INCR_VF_COUNT); - } - - private WorkingMemory workingMemory; - private String clname; - private String actor; - private String recipe; - private String target; - private String requestId; - private Integer vfCount; - - /** - * Populated once the response has been determined, which may happen during the - * constructor or later, during {@link #run()}. - */ - private PolicyGuardResponse guardResponse; - - /** - * Guard url is grabbed from PolicyEngine manager properties. - */ - public CallGuardTask(WorkingMemory wm, String cl, String act, - String rec, String tar, String reqId, Supplier vfcnt) { - workingMemory = wm; - clname = cl; - actor = act; - recipe = rec; - requestId = reqId; - target = tar; - - vfCount = null; - - String key = act + ":" + rec; - - if (NEEDS_VF_COUNT.contains(key)) { - // this actor/recipe needs the count - get it - if ((vfCount = vfcnt.get()) == null) { - /* - * The count is missing - create an artificial Deny, which will be - * inserted into working memory when "run()" is called. - */ - guardResponse = new PolicyGuardResponse(Util.DENY, UUID.fromString(requestId), recipe); - logger.error("CallGuardTask.run missing VF Module count; requestId={}", requestId); - return; - } - - if (INCR_VF_COUNT.contains(key)) { - // this actor/recipe needs the count to be incremented - ++vfCount; - } - } - } - - @Override - public void run() { - if (guardResponse != null) { - // already have a response - just insert it - workingMemory.insert(guardResponse); - return; - } - - final long startTime = System.nanoTime(); - - PolicyGuardXacmlRequestAttributes xacmlReq = - new PolicyGuardXacmlRequestAttributes(clname, actor, recipe, target, requestId, vfCount); - - logger.debug("\n********** XACML REQUEST START ********"); - logger.debug("{}", xacmlReq); - logger.debug("********** XACML REQUEST END ********\n"); - - String guardDecision = null; - - // - // Make guard request - // - guardDecision = new PolicyGuardXacmlHelper().callPdp(xacmlReq); - - logger.debug("\n********** XACML RESPONSE START ********"); - logger.debug("{}", guardDecision); - logger.debug("********** XACML RESPONSE END ********\n"); - - // - // Check if the restful call was unsuccessful or property doesn't exist - // - if (guardDecision == null) { - logger.error("********** XACML FAILED TO CONNECT ********"); - guardDecision = Util.INDETERMINATE; - } - - guardResponse = new PolicyGuardResponse(guardDecision, UUID.fromString(this.requestId), this.recipe); - - // - // Create an artificial Guard response in case we didn't get a clear Permit or Deny - // - if ("Indeterminate".equals(guardResponse.getResult())) { - guardResponse.setOperation(recipe); - guardResponse.setRequestId(UUID.fromString(requestId)); - } - - long estimatedTime = System.nanoTime() - startTime; - logger.debug("\n\n============ Guard inserted with decision {} !!! =========== time took: {} mili sec \n\n", - guardResponse.getResult(), (double) estimatedTime / 1000 / 1000); - workingMemory.insert(guardResponse); - - } - -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java deleted file mode 100644 index 6b11c1afa..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/GuardResult.java +++ /dev/null @@ -1,25 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -public enum GuardResult { - LOCK_ACQUIRED, LOCK_DENIED, LOCK_EXCEPTION; -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java deleted file mode 100644 index 8887e00b7..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardRequest.java +++ /dev/null @@ -1,84 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.util.UUID; - -public class PolicyGuardRequest { - private String actor; - private String target; - private UUID requestId; - private String operation; - - /** - * Construct an instance. - * - * @param actor the actor - * @param target the target - * @param requestId the request Id - * @param operation the operation - */ - public PolicyGuardRequest(String actor, String target, UUID requestId, String operation) { - super(); - this.actor = actor; - this.target = target; - this.requestId = requestId; - this.operation = operation; - } - - @Override - public String toString() { - return "PolicyGuardRequest [actor=" + actor + ", target=" + target + ", requestId=" + requestId + ", operation=" - + operation + "]"; - } - - public String getActor() { - return actor; - } - - public void setActor(String actor) { - this.actor = actor; - } - - public String getTarget() { - return target; - } - - public void setTarget(String target) { - this.target = target; - } - - public UUID getRequestId() { - return requestId; - } - - public void setRequestId(UUID requestId) { - this.requestId = requestId; - } - - public String getOperation() { - return operation; - } - - public void setOperation(String operation) { - this.operation = operation; - } -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java deleted file mode 100644 index 574c50b79..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardResponse.java +++ /dev/null @@ -1,71 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.util.UUID; - -public class PolicyGuardResponse { - private UUID requestId; - private String operation; - private String result; - - /** - * Create an instance. - * - * @param result the result - * @param req the request Id - * @param op the operation - */ - public PolicyGuardResponse(String result, UUID req, String op) { - this.result = result; - this.requestId = req; - this.operation = op; - } - - @Override - public String toString() { - return "PolicyGuardResponse [requestId=" + requestId + ", operation=" + operation + ", result=" + result + "]"; - } - - public UUID getRequestId() { - return requestId; - } - - public void setRequestId(UUID requestId) { - this.requestId = requestId; - } - - public String getResult() { - return result; - } - - public void setResult(String result) { - this.result = result; - } - - public String getOperation() { - return operation; - } - - public void setOperation(String operation) { - this.operation = operation; - } -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java deleted file mode 100644 index d9ace1d83..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlHelper.java +++ /dev/null @@ -1,139 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP - * ================================================================================ - * Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved. - * Modifications Copyright (C) 2019 Samsung Electronics Co., Ltd. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.util.HashMap; -import java.util.Map; -import java.util.UUID; -import org.apache.commons.lang3.tuple.Pair; -import org.onap.policy.common.endpoints.event.comm.Topic.CommInfrastructure; -import org.onap.policy.common.endpoints.utils.NetLoggerUtil; -import org.onap.policy.common.endpoints.utils.NetLoggerUtil.EventType; -import org.onap.policy.common.utils.coder.CoderException; -import org.onap.policy.common.utils.coder.StandardCoder; -import org.onap.policy.drools.system.PolicyEngineConstants; -import org.onap.policy.models.decisions.concepts.DecisionRequest; -import org.onap.policy.models.decisions.concepts.DecisionResponse; -import org.onap.policy.rest.RestManager; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - - -public class PolicyGuardXacmlHelper { - private static final Logger logger = LoggerFactory.getLogger(PolicyGuardXacmlHelper.class); - - private String url; - private String user; - private String pwd; - - /** - * Constructor. - */ - public PolicyGuardXacmlHelper() { - this.url = PolicyEngineConstants.getManager().getEnvironmentProperty("guard.url"); - this.user = PolicyEngineConstants.getManager().getEnvironmentProperty("pdpx.username"); - this.pwd = PolicyEngineConstants.getManager().getEnvironmentProperty("pdpx.password"); - } - - /** - * Call PDP. - * - * @param xacmlReq the XACML request - * @return the response - */ - public String callPdp(PolicyGuardXacmlRequestAttributes xacmlReq) { - // - // Create a request suitable for API - // - DecisionRequest decisionRequest = new DecisionRequest(); - decisionRequest.setOnapName("Policy"); - decisionRequest.setOnapComponent("Drools PDP"); - decisionRequest.setOnapInstance("usecase template"); - decisionRequest.setRequestId(UUID.randomUUID().toString()); - decisionRequest.setAction("guard"); - Map guard = new HashMap<>(); - guard.put("actor", xacmlReq.getActorId()); - guard.put("operation", xacmlReq.getOperationId()); - guard.put("target", xacmlReq.getTargetId()); - if (xacmlReq.getClnameId() != null) { - guard.put("clname", xacmlReq.getClnameId()); - } - if (xacmlReq.getVfCount() != null) { - guard.put("vfCount", Integer.toString(xacmlReq.getVfCount())); - } - Map resources = new HashMap<>(); - resources.put("guard", guard); - decisionRequest.setResource(resources); - - try { - // - // Call RESTful PDP - // - NetLoggerUtil.log(EventType.OUT, CommInfrastructure.REST, this.url, decisionRequest.toString()); - String response = callRestfulPdp(decisionRequest); - NetLoggerUtil.log(EventType.IN, CommInfrastructure.REST, this.url, response); - - return response; - } catch (Exception e) { - logger.error("Exception in sending RESTful request: ", e); - } - - return Util.DENY; - } - - /** - * This makes an HTTP POST call to a running PDP RESTful servlet to get a decision. - * - * @param decisionRequest The Decision request - * @return response from guard which contains "Permit" or "Deny" - * @throws CoderException Exception when converting to/from JSON the message body - */ - private String callRestfulPdp(DecisionRequest decisionRequest) throws CoderException { - StandardCoder coder = new StandardCoder(); - - String jsonBody = coder.encode(decisionRequest); - RestManager restManager = new RestManager(); - - Map headers = new HashMap<>(); - headers.put("Accepts", "application/json"); - - logger.info("Guard Decision Request: {}", jsonBody); - - Pair httpDetails = restManager.post(url, user, pwd, headers, "application/json", jsonBody); - - if (httpDetails == null) { - logger.error("Guard rest call returned a null pair - defaulting to DENY"); - return Util.DENY; - } - - logger.info("Guard Decision REST Response {} {}", httpDetails.getLeft(), httpDetails.getRight()); - - if (httpDetails.getLeft() == 200) { - DecisionResponse decision = coder.decode(httpDetails.getRight(), DecisionResponse.class); - logger.info("Guard Decision {}", decision); - return decision.getStatus(); - } - - return Util.DENY; - } - -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java deleted file mode 100644 index c888f94c1..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardXacmlRequestAttributes.java +++ /dev/null @@ -1,123 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import com.att.research.xacml.std.annotations.XACMLAction; -import com.att.research.xacml.std.annotations.XACMLRequest; -import com.att.research.xacml.std.annotations.XACMLResource; -import com.att.research.xacml.std.annotations.XACMLSubject; - -@XACMLRequest(ReturnPolicyIdList = true, CombinedDecision = true) -public class PolicyGuardXacmlRequestAttributes { - - @XACMLSubject(includeInResults = true, attributeId = "urn:org:onap:guard:clname:clname-id") - String clnameId; - - @XACMLSubject(includeInResults = true, attributeId = "urn:org:onap:guard:actor:actor-id") - String actorId; - - @XACMLAction(includeInResults = true, attributeId = "urn:org:onap:guard:operation:operation-id") - String operationId; - - @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:target:target-id") - String targetId; - - @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:request:request-id") - String requestId; - - @XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:request:vf-count") - Integer vfCount; - - /** - * Construct an instance. - * - * @param clnameId the control loop Id - * @param actorId the actor Id - * @param operationId the operation Id - * @param targetId the target Id - * @param requestId the request Id - * @param vfCount the new number of VF Modules - */ - public PolicyGuardXacmlRequestAttributes(String clnameId, String actorId, String operationId, String targetId, - String requestId, Integer vfCount) { - super(); - this.clnameId = clnameId; - this.actorId = actorId; - this.operationId = operationId; - this.targetId = targetId; - this.requestId = requestId; - this.vfCount = vfCount; - } - - @Override - public String toString() { - return "PolicyGuardXacmlRequestAttributes [actorId=" + actorId + ", operationId=" + operationId + ", targetId=" - + targetId + ", requestId=" + requestId + "]"; - } - - public String getActorId() { - return actorId; - } - - public void setActorId(String actorId) { - this.actorId = actorId; - } - - public String getOperationId() { - return operationId; - } - - public void setOperationId(String operationId) { - this.operationId = operationId; - } - - public String getTargetId() { - return targetId; - } - - public void setTargetId(String targetId) { - this.targetId = targetId; - } - - public String getRequestId() { - return requestId; - } - - public void setRequestId(String requestId) { - this.requestId = requestId; - } - - public String getClnameId() { - return clnameId; - } - - public void setClnameId(String clnameId) { - this.clnameId = clnameId; - } - - public Integer getVfCount() { - return vfCount; - } - - public void setVfCount(Integer vfCount) { - this.vfCount = vfCount; - } -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java deleted file mode 100644 index 60ccce05d..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/PolicyGuardYamlToXacml.java +++ /dev/null @@ -1,210 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017, 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.List; -import java.util.function.Consumer; -import org.onap.policy.controlloop.policy.guard.Constraint; -import org.onap.policy.controlloop.policy.guard.ControlLoopGuard; -import org.onap.policy.controlloop.policy.guard.GuardPolicy; -import org.onap.policy.controlloop.policy.guard.MatchParameters; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class PolicyGuardYamlToXacml { - private static final Logger logger = LoggerFactory.getLogger(PolicyGuardYamlToXacml.class); - - private PolicyGuardYamlToXacml() { - // Construction of this static class is not allowed - } - - /** - * Convert from Yaml to Xacml. - * - * @param yamlFile the Yaml file - * @param xacmlTemplate the Xacml template - * @param xacmlPolicyOutput the Xacml output - */ - public static void fromYamlToXacml(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput) { - fromYamlToXacml(yamlFile, xacmlTemplate, xacmlPolicyOutput, PolicyGuardYamlToXacml::generateXacmlGuard, - constraint -> { - logger.debug("num: {}", constraint.getFreq_limit_per_target()); - logger.debug("duration: {}", constraint.getTime_window()); - logger.debug("time_in_range: {}", constraint.getActive_time_range()); - }); - } - - /** - * Convert from Yaml to Xacml. - * - * @param yamlFile the Yaml file - * @param xacmlTemplate the Xacml template - * @param xacmlPolicyOutput the Xacml output - * @param generator function to generate the yaml from the xacml - * @param logConstraint function to log relevant fields of the constraint - */ - public static void fromYamlToXacml(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput, - Generator generator, Consumer logConstraint) { - - ControlLoopGuard yamlGuardObject = Util.loadYamlGuard(yamlFile); - GuardPolicy guardPolicy = yamlGuardObject.getGuards().get(0); - logger.debug("clname: {}", guardPolicy.getMatch_parameters().getControlLoopName()); - logger.debug("actor: {}", guardPolicy.getMatch_parameters().getActor()); - logger.debug("recipe: {}", guardPolicy.getMatch_parameters().getRecipe()); - Constraint constraint = guardPolicy.getLimit_constraints().get(0); - logConstraint.accept(constraint); - - Path xacmlTemplatePath = Paths.get(xacmlTemplate); - String xacmlTemplateContent; - - try { - xacmlTemplateContent = new String(Files.readAllBytes(xacmlTemplatePath)); - - String xacmlPolicyContent = generator.apply(xacmlTemplateContent, - guardPolicy.getMatch_parameters(), constraint); - - Files.write(Paths.get(xacmlPolicyOutput), xacmlPolicyContent.getBytes()); - - } catch (IOException e) { - logger.error("fromYamlToXacml threw: ", e); - } - } - - /** - * Generate a Xacml guard. - * - * @param xacmlTemplateContent the Xacml template content - * @param matchParameters the paremeters to use - * @param constraint the constraint to use - * @return the guard - */ - private static String generateXacmlGuard(String xacmlTemplateContent, MatchParameters matchParameters, - Constraint constraint) { - - xacmlTemplateContent = doCommonReplacements(xacmlTemplateContent, matchParameters, constraint); - - String targetsRegex = ""; - if (isNullOrEmptyList(matchParameters.getTargets())) { - targetsRegex = ".*"; - } else { - StringBuilder targetsRegexSb = new StringBuilder(); - boolean addBarChar = false; - for (String t : matchParameters.getTargets()) { - targetsRegexSb.append(t); - if (addBarChar) { - targetsRegexSb.append("|"); - } else { - addBarChar = true; - } - } - targetsRegex = targetsRegexSb.toString(); - } - xacmlTemplateContent = xacmlTemplateContent.replace("${targets}", targetsRegex); - - xacmlTemplateContent = xacmlTemplateContent.replace("${limit}", - constraint.getFreq_limit_per_target().toString()); - - xacmlTemplateContent = xacmlTemplateContent.replace("${twValue}", constraint.getTime_window().get("value")); - - xacmlTemplateContent = xacmlTemplateContent.replace("${twUnits}", constraint.getTime_window().get("units")); - - logger.debug(xacmlTemplateContent); - - return xacmlTemplateContent; - } - - private static String doCommonReplacements(String xacmlTemplateContent, MatchParameters matchParameters, - Constraint constraint) { - - replaceNullOrEmpty(matchParameters.getControlLoopName(), matchParameters::setControlLoopName, ".*"); - xacmlTemplateContent = xacmlTemplateContent.replace("${clname}", matchParameters.getControlLoopName()); - - replaceNullOrEmpty(matchParameters.getActor(), matchParameters::setActor, ".*"); - xacmlTemplateContent = xacmlTemplateContent.replace("${actor}", matchParameters.getActor()); - - replaceNullOrEmpty(matchParameters.getRecipe(), matchParameters::setRecipe, ".*"); - xacmlTemplateContent = xacmlTemplateContent.replace("${recipe}", matchParameters.getRecipe()); - - xacmlTemplateContent = xacmlTemplateContent.replace("${guardActiveStart}", - constraint.getActive_time_range().get("start")); - - xacmlTemplateContent = xacmlTemplateContent.replace("${guardActiveEnd}", - constraint.getActive_time_range().get("end")); - - return xacmlTemplateContent; - } - - private static void replaceNullOrEmpty(String text, Consumer replacer, String newValue) { - if (isNullOrEmpty(text)) { - replacer.accept(newValue); - } - } - - public static boolean isNullOrEmpty(String string) { - return string == null || string.trim().isEmpty(); - } - - public static boolean isNullOrEmptyList(List list) { - return list == null || list.isEmpty(); - } - - /** - * Convert from Yaml to Xacml blacklist. - * - * @param yamlFile the Yaml file - * @param xacmlTemplate the Xacml template - * @param xacmlPolicyOutput the Xacml output - */ - public static void fromYamlToXacmlBlacklist(String yamlFile, String xacmlTemplate, String xacmlPolicyOutput) { - fromYamlToXacml(yamlFile, xacmlTemplate, xacmlPolicyOutput, PolicyGuardYamlToXacml::generateXacmlGuardBlacklist, - constraint -> { - logger.debug("freq_limit_per_target: {}", constraint.getFreq_limit_per_target()); - logger.debug("time_window: {}", constraint.getTime_window()); - logger.debug("active_time_range: {}", constraint.getActive_time_range()); - }); - } - - private static String generateXacmlGuardBlacklist(String xacmlTemplateContent, MatchParameters matchParameters, - Constraint constraint) { - - String result = doCommonReplacements(xacmlTemplateContent, matchParameters, constraint); - - for (String target : constraint.getBlacklist()) { - result = result.replace("${blackListElement}", - "" + target - + "" + "\n\t\t\t\t\t\t\\${blackListElement}\n"); - } - - result = result.replace("\t\t\t\t\t\t\\${blackListElement}\n", ""); - - return result; - } - - @FunctionalInterface - private static interface Generator { - public String apply(String xacmlTemplateContent, MatchParameters matchParameters, - Constraint constraint); - } -} diff --git a/controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java b/controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java deleted file mode 100644 index 717ca3f45..000000000 --- a/controlloop/common/guard/src/main/java/org/onap/policy/guard/Util.java +++ /dev/null @@ -1,149 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * guard - * ================================================================================ - * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.guard; - -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.nio.charset.StandardCharsets; -import org.apache.commons.io.IOUtils; -import org.onap.policy.controlloop.policy.ControlLoopPolicy; -import org.onap.policy.controlloop.policy.guard.ControlLoopGuard; -import org.onap.policy.drools.system.PolicyEngineConstants; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.yaml.snakeyaml.Yaml; -import org.yaml.snakeyaml.constructor.Constructor; - -public final class Util { - /* - * Keys for guard properties - */ - public static final String PROP_GUARD_URL = "guard.url"; - public static final String PROP_GUARD_USER = "pdpx.username"; - public static final String PROP_GUARD_PASS = "pdpx.password"; - public static final String PROP_GUARD_DISABLED = "guard.disabled"; - - /* - * Keys for eclipse link and ONAP properties - */ - public static final String ECLIPSE_LINK_KEY_URL = "javax.persistence.jdbc.url"; - public static final String ECLIPSE_LINK_KEY_USER = "javax.persistence.jdbc.user"; - public static final String ECLIPSE_LINK_KEY_PASS = "javax.persistence.jdbc.password"; - - public static final String ONAP_KEY_URL = "guard.jdbc.url"; - public static final String ONAP_KEY_USER = "sql.db.username"; - public static final String ONAP_KEY_PASS = "sql.db.password"; - - /* - * Guard responses - */ - public static final String INDETERMINATE = "Indeterminate"; - public static final String PERMIT = "Permit"; - public static final String DENY = "Deny"; - - /* - * Junit props - */ - protected static final String PU_KEY = "OperationsHistoryPU"; - protected static final String JUNITPU = "OperationsHistoryPUTest"; - - private static final Logger logger = LoggerFactory.getLogger(Util.class); - - public static class Pair { - public final A parameterA; - public final B parameterB; - - public Pair(A parameterA, B parameterB) { - this.parameterA = parameterA; - this.parameterB = parameterB; - } - } - - private Util() { - // This static class cannot be instantiated - } - - /** - * Load a Yaml file. - * - * @param testFile the Yaml file - * @return the policies - */ - public static Pair loadYaml(String testFile) { - try (InputStream is = new FileInputStream(new File(testFile))) { - String contents = IOUtils.toString(is, StandardCharsets.UTF_8); - // - // Read the yaml into our Java Object - // - Yaml yaml = new Yaml(new Constructor(ControlLoopPolicy.class)); - Object obj = yaml.load(contents); - - logger.debug(contents); - - return new Pair<>((ControlLoopPolicy) obj, contents); - } catch (IOException e) { - logger.error(e.getLocalizedMessage(), e); - } - return null; - } - - /** - * Load a Yaml guard. - * - * @param testFile the Yaml file - * @return the guard - */ - public static ControlLoopGuard loadYamlGuard(String testFile) { - try (InputStream is = new FileInputStream(new File(testFile))) { - String contents = IOUtils.toString(is, StandardCharsets.UTF_8); - // - // Read the yaml into our Java Object - // - Yaml yaml = new Yaml(new Constructor(ControlLoopGuard.class)); - Object obj = yaml.load(contents); - return (ControlLoopGuard) obj; - } catch (IOException e) { - logger.error(e.getLocalizedMessage(), e); - } - return null; - } - - /** - * Sets Guard Properties. - * - *

see /guard/src/test/java/org/onap/policy/guard/UtilTest.java for setting test properties - */ - public static void setGuardEnvProps(String url, String username, String password) { - PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_URL, url); - PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_USER, username); - PolicyEngineConstants.getManager().setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_PASS, password); - } - - public static void setGuardEnvProp(String key, String value) { - PolicyEngineConstants.getManager().setEnvironmentProperty(key, value); - } - - public static String getGuardProp(String propName) { - return PolicyEngineConstants.getManager().getEnvironmentProperty(propName); - } -} -- cgit 1.2.3-korg