From d01dd35e38462ad56a802b5bc3f2f9d64faa0b92 Mon Sep 17 00:00:00 2001 From: Joshua Reich Date: Fri, 15 Feb 2019 13:40:07 -0800 Subject: YAML clc directive spec/compilation to XACML Created java definition of CoordinationDirective class. Initial library supports one coordination directive FirstBlocksSecond, prototype for this directive added as firstBlocksSecond.xml. Functions for compiling example yaml directive are in SupportUtil. Change-Id: If7c22402729670403510f1fa2f7f43de6a4a522c Issue-ID: POLICY-1173 Signed-off-by: Joshua Reich --- .../coordination/prototype/firstBlocksSecond.xml | 60 +++++++++ .../demo/clc/ControlLoopCoordinationTest.java | 148 ++++++++++++++------- .../onap/policy/template/demo/clc/SupportUtil.java | 82 +++++++++++- ...loop_one_blocks_synthetic_control_loop_two.yaml | 20 +++ .../prototype/xacml_guard_clc.properties | 46 +++++++ ..._loop_one_blocks_synthetic_control_loop_two.xml | 51 ------- .../resources/xacml/xacml_guard_clc.properties | 65 --------- 7 files changed, 300 insertions(+), 172 deletions(-) create mode 100644 controlloop/templates/template.demo.clc/src/main/resources/coordination/prototype/firstBlocksSecond.xml create mode 100644 controlloop/templates/template.demo.clc/src/test/resources/coordination/synthetic_control_loop_one_blocks_synthetic_control_loop_two.yaml create mode 100644 controlloop/templates/template.demo.clc/src/test/resources/properties/prototype/xacml_guard_clc.properties delete mode 100644 controlloop/templates/template.demo.clc/src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml delete mode 100644 controlloop/templates/template.demo.clc/src/test/resources/xacml/xacml_guard_clc.properties (limited to 'controlloop/templates/template.demo.clc/src') diff --git a/controlloop/templates/template.demo.clc/src/main/resources/coordination/prototype/firstBlocksSecond.xml b/controlloop/templates/template.demo.clc/src/main/resources/coordination/prototype/firstBlocksSecond.xml new file mode 100644 index 000000000..54cda9575 --- /dev/null +++ b/controlloop/templates/template.demo.clc/src/main/resources/coordination/prototype/firstBlocksSecond.xml @@ -0,0 +1,60 @@ + + + + + + + Policy for first_blocks_second coordination (if first running and second requests to run, deny second). + + + + + + CONTROL_LOOP_TWO + + + + + + + + First Is Running + + + + Success + + + + + + + + + + + diff --git a/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/ControlLoopCoordinationTest.java b/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/ControlLoopCoordinationTest.java index 4d8fca83b..ee5eceba9 100644 --- a/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/ControlLoopCoordinationTest.java +++ b/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/ControlLoopCoordinationTest.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -27,9 +27,13 @@ import static org.junit.Assert.fail; import com.google.gson.Gson; +import java.io.File; import java.io.IOException; +import java.io.PrintWriter; import java.lang.StringBuilder; import java.net.URLEncoder; +import java.nio.file.Files; +import java.nio.file.Paths; import java.time.Instant; import java.util.HashMap; import java.util.List; @@ -59,6 +63,8 @@ import org.onap.policy.controlloop.ControlLoopTargetType; import org.onap.policy.controlloop.VirtualControlLoopEvent; import org.onap.policy.controlloop.VirtualControlLoopNotification; import org.onap.policy.controlloop.policy.ControlLoopPolicy; +import org.onap.policy.coordination.CoordinationDirective; +import org.onap.policy.coordination.Util; import org.onap.policy.drools.protocol.coders.EventProtocolCoder; import org.onap.policy.drools.protocol.coders.EventProtocolParams; import org.onap.policy.drools.protocol.coders.JsonProtocolFilter; @@ -89,9 +95,11 @@ public class ControlLoopCoordinationTest implements TopicListener { /** * Setup simulator. + * + * @throws IOException when thrown by buildAaiSim */ @BeforeClass - public static void setUpSimulator() { + public static void setUpSimulator() throws Exception { PolicyEngine.manager.configure(new Properties()); assertTrue(PolicyEngine.manager.start()); Properties noopSinkProperties = new Properties(); @@ -119,34 +127,69 @@ public class ControlLoopCoordinationTest implements TopicListener { .eventClass("org.onap.policy.appclcm.LcmRequestWrapper") .protocolFilter(new JsonProtocolFilter()) .modelClassLoaderHash(1111)); - try { - SupportUtil.buildAaiSim(); - } catch (Exception e) { - fail(e.getMessage()); - } - + SupportUtil.buildAaiSim(); + /* + * Apply the coordination directive + */ + final String coordinationDir = "src/test/resources/coordination"; + final String coordinationProtoDir = "src/main/resources/coordination/prototype"; + final String coordinationDirectiveName = "synthetic_control_loop_one_blocks_synthetic_control_loop_two"; + final String propertiesDir = "src/test/resources/properties"; + final String propertiesProtoDir = "src/test/resources/properties/prototype"; + final String xacmlDir = "src/test/resources/xacml"; + final String yamlDir = "src/test/resources/yaml"; + + String coordinationDirectiveFile = coordinationDir + File.separator + coordinationDirectiveName + ".yaml"; + /* + * Load the coordination directive from the Yaml encoding + */ + CoordinationDirective cd = Util.loadCoordinationDirectiveFromFile(coordinationDirectiveFile); + logger.info("CoordinationDirective={}", cd.toString()); + /* + * Generate the Xacml policy from the coordination directive + */ + String xacmlPolicy = Util.generateXacmlFromCoordinationDirective(cd, coordinationProtoDir); + /* + * Create directory for Xacml output file, if necessary + */ + Files.createDirectories(Paths.get(xacmlDir)); + /* + * Write Xacml policy to file + */ + String xacmlFilename = xacmlDir + File.separator + + cd.getCoordinationFunction() + + cd.getControlLoop(0) + + cd.getControlLoop(1) + + ".xml"; + File xacmlFile = new File(xacmlFilename); + PrintWriter xacmlFileWriter = new PrintWriter(xacmlFile); + xacmlFileWriter.println(xacmlPolicy); + xacmlFileWriter.flush(); + /* + * Remove Xacml file after test + */ + xacmlFile.deleteOnExit(); + /* + * Insert the Xacml policy file into the PDP + */ + SupportUtil.insertXacmlPolicy(xacmlFilename, propertiesProtoDir, propertiesDir); /* * Start the kie sessions */ - try { - kieSession1 = startSession( + kieSession1 = startSession( controlLoopOneName, "src/main/resources/__closedLoopControlName__.drl", - "src/test/resources/yaml/policy_ControlLoop_SyntheticOne.yaml", + yamlDir + "/policy_ControlLoop_SyntheticOne.yaml", "service=ServiceDemo;resource=Res1Demo;type=operational", "SyntheticControlLoopOnePolicy", "org.onap.closed_loop.ServiceDemo:VNFS:1.0.0"); - kieSession2 = startSession( + kieSession2 = startSession( controlLoopTwoName, "src/main/resources/__closedLoopControlName__.drl", - "src/test/resources/yaml/policy_ControlLoop_SyntheticTwo.yaml", + yamlDir + "/policy_ControlLoop_SyntheticTwo.yaml", "service=ServiceDemo;resource=Res1Demo;type=operational", "SyntheticControlLoopTwoPolicy", "org.onap.closed_loop.ServiceDemo:VNFS:1.0.0"); - } catch (IOException e) { - logger.debug("Could not create kieSession, exception {}", e.getMessage()); - fail("Could not create kieSession"); - } } /** @@ -168,7 +211,7 @@ public class ControlLoopCoordinationTest implements TopicListener { /** * Set expected decision. - * + * * @param ed the expected decision ("PERMIT" or "DENY") */ public void expectedDecisionIs(String ed) { @@ -180,7 +223,7 @@ public class ControlLoopCoordinationTest implements TopicListener { * This method is used to simulate event messages from DCAE * that start the control loop (onset message) or end the * control loop (abatement message). - * + * * @param controlLoopName the control loop name * @param requestId the requestId for this event * @param status could be onset or abated @@ -188,7 +231,7 @@ public class ControlLoopCoordinationTest implements TopicListener { * @param kieSession the kieSession to which this event is being sent */ protected void sendEvent(String controlLoopName, - UUID requestId, + UUID requestId, ControlLoopEventStatus status, String target, KieSession kieSession) { @@ -206,14 +249,14 @@ public class ControlLoopCoordinationTest implements TopicListener { Gson gson = new Gson(); String json = gson.toJson(event); logger.debug("sendEvent {}", json); - + kieSession.insert(event); } - + /** * Simulate an event by inserting into kieSession and firing rules as needed. - * + * * @param cles the ControlLoopEventStatus * @param rid the request ID * @param controlLoopName the control loop name @@ -234,12 +277,12 @@ public class ControlLoopCoordinationTest implements TopicListener { } // // simulate sending event - // + // sendEvent(controlLoopName, rid, cles, target, kieSession); kieSession.fireUntilHalt(); // // get dump of database entries and log - // + // List entries = SupportUtil.dumpDb(); assertNotNull(entries); logger.debug("dumpDB, {} entries", entries.size()); @@ -248,17 +291,17 @@ public class ControlLoopCoordinationTest implements TopicListener { } // // we are done - // + // logger.info("simulateEvent: done"); } /** * Simulate an onset event. - * + * * @param rid the request ID * @param controlLoopName the control loop name * @param kieSession the kieSession to which this event is being sent - * @param expectedDecision the expected decision + * @param expectedDecision the expected decision */ public void simulateOnset(UUID rid, String controlLoopName, @@ -270,7 +313,7 @@ public class ControlLoopCoordinationTest implements TopicListener { /** * Simulate an abated event. - * + * * @param rid the request ID * @param controlLoopName the control loop name * @param kieSession the kieSession to which this event is being sent @@ -281,10 +324,10 @@ public class ControlLoopCoordinationTest implements TopicListener { KieSession kieSession) { simulateEvent(ControlLoopEventStatus.ABATED, rid, controlLoopName, target, kieSession, null); } - + /** * This method will start a kie session and instantiate the Policy Engine. - * + * * @param droolsTemplate the DRL rules file * @param yamlFile the yaml file containing the policies * @param policyScope scope for policy @@ -312,11 +355,11 @@ public class ControlLoopCoordinationTest implements TopicListener { controlLoopName.append(pair.first.getControlLoop().getControlLoopName()); String yamlContents = pair.second; - + /* * Construct a kie session */ - final KieSession kieSession = SupportUtil.buildContainer(droolsTemplate, + final KieSession kieSession = SupportUtil.buildContainer(droolsTemplate, controlLoopName.toString(), policyScope, policyName, @@ -336,7 +379,7 @@ public class ControlLoopCoordinationTest implements TopicListener { /* * (non-Javadoc) - * + * * @see org.onap.policy.drools.PolicyEngineListener#newEventNotification(java.lang.String) */ @Override @@ -400,7 +443,7 @@ public class ControlLoopCoordinationTest implements TopicListener { logger.debug("Halting kieSession2"); kieSession2.halt(); } else { - fail("Unknown ControlLoop"); + fail("Unknown ControlLoop"); } } } else if (policyName.endsWith("EVENT.MANAGER.TIMEOUT")) { @@ -435,7 +478,7 @@ public class ControlLoopCoordinationTest implements TopicListener { /** * This method will dump all the facts in the working memory. - * + * * @param kieSession the session containing the facts */ public void dumpFacts(KieSession kieSession) { @@ -454,14 +497,14 @@ public class ControlLoopCoordinationTest implements TopicListener { logger.info("Beginning testSyntheticControlLoopOneBlocksSyntheticControlLoopTwo"); /* * Allows the PolicyEngine to callback to this object to - * notify that there is an event ready to be pulled + * notify that there is an event ready to be pulled * from the queue */ for (TopicSink sink : noopTopics) { assertTrue(sink.start()); sink.register(this); } - + /* * Create unique requestIds */ @@ -475,25 +518,33 @@ public class ControlLoopCoordinationTest implements TopicListener { final String t1 = "TARGET_1"; final String t2 = "TARGET_2"; - logger.info("@@@@@@@@@@ cl2 ONSET t1 (Success) @@@@@@@@@@"); + logger.info("@@@@@@@@@@ cl2 ONSET t1 (Success) @@@@@@@@@@"); simulateOnset(requestId1, cl2, t1, kieSession2,"PERMIT"); - logger.info("@@@@@@@@@@ cl1 ONSET t1 @@@@@@@@@@"); + + logger.info("@@@@@@@@@@ cl1 ONSET t1 @@@@@@@@@@"); simulateOnset(requestId2, cl1, t1, kieSession1,"PERMIT"); - logger.info("@@@@@@@@@@ cl2 ABATED t1 @@@@@@@@@@"); + + logger.info("@@@@@@@@@@ cl2 ABATED t1 @@@@@@@@@@"); simulateAbatement(requestId1, cl2, t1, kieSession2); - logger.info("@@@@@@@@@@ cl2 ONSET t1 (Fail) @@@@@@@@@@"); + + logger.info("@@@@@@@@@@ cl2 ONSET t1 (Fail) @@@@@@@@@@"); simulateOnset(requestId3, cl2, t1, kieSession2,"DENY"); + logger.info("@@@@@@@@@@ cl2 ONSET t2 (Success) @@@@@@@@@@"); simulateOnset(requestId4, cl2, t2, kieSession2,"PERMIT"); - logger.info("@@@@@@@@@@ cl2 ABATED t2 @@@@@@@@@@"); + + logger.info("@@@@@@@@@@ cl2 ABATED t2 @@@@@@@@@@"); simulateAbatement(requestId4, cl2, t2, kieSession2); - logger.info("@@@@@@@@@@ cl1 ABATED t1 @@@@@@@@@@"); + + logger.info("@@@@@@@@@@ cl1 ABATED t1 @@@@@@@@@@"); simulateAbatement(requestId2, cl1, t1, kieSession1); - logger.info("@@@@@@@@@@ cl2 ONSET t1 (Success) @@@@@@@@@@"); + + logger.info("@@@@@@@@@@ cl2 ONSET t1 (Success) @@@@@@@@@@"); simulateOnset(requestId5, cl2, t1, kieSession2,"PERMIT"); - logger.info("@@@@@@@@@@ cl2 ABATED t1 @@@@@@@@@@"); + + logger.info("@@@@@@@@@@ cl2 ABATED t1 @@@@@@@@@@"); simulateAbatement(requestId5, cl2, t1, kieSession2); - + /* * Print what's left in memory */ @@ -501,4 +552,3 @@ public class ControlLoopCoordinationTest implements TopicListener { dumpFacts(kieSession2); } } - diff --git a/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/SupportUtil.java b/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/SupportUtil.java index bf2038cc2..a9f0a04e4 100644 --- a/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/SupportUtil.java +++ b/controlloop/templates/template.demo.clc/src/test/java/org/onap/policy/template/demo/clc/SupportUtil.java @@ -2,14 +2,14 @@ * ============LICENSE_START======================================================= * demo * ================================================================================ - * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -22,17 +22,23 @@ package org.onap.policy.template.demo.clc; import static org.junit.Assert.fail; +import java.io.BufferedReader; import java.io.File; import java.io.FileInputStream; +import java.io.FileReader; import java.io.IOException; import java.io.InputStream; +import java.io.PrintWriter; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.util.List; +import java.util.Map; +import java.util.UUID; import java.util.regex.Matcher; import java.util.regex.Pattern; +import java.util.stream.Stream; import javax.persistence.EntityManager; import javax.persistence.EntityManagerFactory; import javax.persistence.Persistence; @@ -49,6 +55,8 @@ import org.kie.api.runtime.KieSession; import org.onap.policy.common.endpoints.http.server.HttpServletServer; import org.onap.policy.controlloop.policy.ControlLoopPolicy; import org.onap.policy.controlloop.policy.guard.ControlLoopGuard; +import org.onap.policy.controlloop.policy.guard.ControlLoopGuard; +import org.onap.policy.coordination.CoordinationDirective; import org.onap.policy.drools.system.PolicyEngine; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -78,7 +86,7 @@ public final class SupportUtil { /** * Load YAML. - * + * * @param testFile test file to load * @return the Pair of a policy and the yaml contents */ @@ -95,6 +103,7 @@ public final class SupportUtil { return new Pair((ControlLoopPolicy) obj, contents); } catch (IOException e) { + logger.error("Error while loading YAML", e); fail(e.getLocalizedMessage()); } return null; @@ -102,7 +111,7 @@ public final class SupportUtil { /** * Load the YAML guard policy. - * + * * @param testFile the test file to load * @return return the guard object */ @@ -116,11 +125,70 @@ public final class SupportUtil { Object obj = yaml.load(contents); return (ControlLoopGuard) obj; } catch (IOException e) { + logger.error("Error while loading YAML guard", e); fail(e.getLocalizedMessage()); } return null; } + /** + * Insert the Xacml policy into the PDP. + * Achieved by configuring the properties file to load the Xacml policy and required PIP(s). + * + * @param xacmlFile the Xacml policy file's path + * @param propProtoDir the directory containing Xacml implementation prototypes + * @param propDir the directory to which the Xacml rule should be output + */ + public static void insertXacmlPolicy(String xacmlFile, + String propProtoDir, + String propDir) { + String propName = "xacml_guard_clc"; + String propProtoFile = propProtoDir + File.separator + propName + ".properties"; + String propFilename = propDir + File.separator + propName + ".properties"; + + String addXacmlFileToRoot = "# Policies to load\n" + + "xacml.rootPolicies=p1\n" + + "p1.file=" + xacmlFile + "\n"; + + File propFile = new File(propFilename); + try (Stream stream = Files.lines(Paths.get(propProtoFile)); + PrintWriter output = new PrintWriter(propFile)) { + /* + * Remove file after test + */ + propFile.deleteOnExit(); + /* + * Copy the property prototype + */ + stream.forEach(output::println); + /* + * Add the Xacml policy to the set of root policies + */ + output.println(addXacmlFileToRoot); + /* + * Obtain PIP Engine definitions from Xacml policy + * and insert into property file. + */ + try (BufferedReader br = new BufferedReader(new FileReader(xacmlFile))) { + boolean select = false; + for (String line; (line = br.readLine()) != null; ) { + if (line.contains("PIP Engine Definition")) { + select = true; + } + if (line.contains("-->")) { + select = false; + } + if (select) { + output.println(line); + } + } + } + } catch (Exception e) { + logger.error("Error when trying to create test propery file", e); + fail(e.getMessage()); + } + } + public static HttpServletServer buildAaiSim() throws InterruptedException, IOException { return org.onap.policy.simulators.Util.buildAaiSim(); } @@ -244,7 +312,7 @@ public final class SupportUtil { * Guard PDP-x connection Properties. No URL specified -> use embedded PDPEngine. */ PolicyEngine.manager.setEnvironmentProperty("prop.guard.propfile", - "src/test/resources/xacml/xacml_guard_clc.properties"); + "src/test/resources/properties/xacml_guard_clc.properties"); PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_USER, "python"); PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_PASS, "test"); PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_CLIENT_USER, "python"); @@ -252,7 +320,7 @@ public final class SupportUtil { PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_ENV, "TEST"); PolicyEngine.manager.setEnvironmentProperty(org.onap.policy.guard.Util.PROP_GUARD_DISABLED, "false"); } - + /** * Set the operation history properties. */ diff --git a/controlloop/templates/template.demo.clc/src/test/resources/coordination/synthetic_control_loop_one_blocks_synthetic_control_loop_two.yaml b/controlloop/templates/template.demo.clc/src/test/resources/coordination/synthetic_control_loop_one_blocks_synthetic_control_loop_two.yaml new file mode 100644 index 000000000..7b69c3a0c --- /dev/null +++ b/controlloop/templates/template.demo.clc/src/test/resources/coordination/synthetic_control_loop_one_blocks_synthetic_control_loop_two.yaml @@ -0,0 +1,20 @@ +# Copyright 2019 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +!!org.onap.policy.coordination.CoordinationDirective + +controlLoop: +- SyntheticControlLoopOne +- SyntheticControlLoopTwo +coordinationFunction: firstBlocksSecond \ No newline at end of file diff --git a/controlloop/templates/template.demo.clc/src/test/resources/properties/prototype/xacml_guard_clc.properties b/controlloop/templates/template.demo.clc/src/test/resources/properties/prototype/xacml_guard_clc.properties new file mode 100644 index 000000000..edc76517a --- /dev/null +++ b/controlloop/templates/template.demo.clc/src/test/resources/properties/prototype/xacml_guard_clc.properties @@ -0,0 +1,46 @@ +### +# ============LICENSE_START======================================================= +# ONAP +# ================================================================================ +# Copyright (C) 2018-2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### +# +# +# Standard API Factories +# +xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory +xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory +xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory +xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory +xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory +# +# AT&T PDP Implementation Factories +# +xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory +xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory +xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory +xacml.att.policyFinderFactory=com.att.research.xacmlatt.pdp.std.StdPolicyFinderFactory + + +# +# NOTE: If you are testing against a RESTful PDP, then the PDP must be configured with the +# policies and PIP configuration as defined below. Otherwise, this is the configuration that +# the embedded PDP uses. +# + +# In case we have multiple applicable Guard policies, we will deny if any of them denies. +#xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-deny-overrides +xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:permit-unless-deny diff --git a/controlloop/templates/template.demo.clc/src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml b/controlloop/templates/template.demo.clc/src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml deleted file mode 100644 index f503a2b11..000000000 --- a/controlloop/templates/template.demo.clc/src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml +++ /dev/null @@ -1,51 +0,0 @@ - - - -Policy for first_blocks_second coordination (if first running and second requests to run, deny second). - - - - - SyntheticControlLoopTwo - - - - - - - - - First Is Running - - - - Success - - - - - - - - - - - diff --git a/controlloop/templates/template.demo.clc/src/test/resources/xacml/xacml_guard_clc.properties b/controlloop/templates/template.demo.clc/src/test/resources/xacml/xacml_guard_clc.properties deleted file mode 100644 index 5f5e0c8b2..000000000 --- a/controlloop/templates/template.demo.clc/src/test/resources/xacml/xacml_guard_clc.properties +++ /dev/null @@ -1,65 +0,0 @@ -### -# ============LICENSE_START======================================================= -# ONAP -# ================================================================================ -# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### -# -# -# This files defines PIPs that will be used by XACML Guard Policies. One PIP per time window (5 min, 10min,...,1 month). -# -# -# - -# -# Default XACML Properties File -# Standard API Factories -# -xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory -xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory -xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory -xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory -xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory -# -# AT&T PDP Implementation Factories -# -xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory -xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory -xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory -xacml.att.policyFinderFactory=com.att.research.xacmlatt.pdp.std.StdPolicyFinderFactory - - -# -# NOTE: If you are testing against a RESTful PDP, then the PDP must be configured with the -# policies and PIP configuration as defined below. Otherwise, this is the configuration that -# the embedded PDP uses. -# - -# In case we have multiple applicable Guard policies, we will deny if any of them denies. -#xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-deny-overrides -xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:permit-unless-deny - - -# Policies to load -# -xacml.rootPolicies=p1 -p1.file=src/test/resources/xacml/synthetic_control_loop_one_blocks_synthetic_control_loop_two.xml - -# PIP Engine Definition -# -xacml.pip.engines=getstatus -getstatus.classname=org.onap.policy.guard.PipEngineGetStatus -getstatus.issuer=org:onap:policy:guard:getstatus -- cgit 1.2.3-korg