From 88d1b6ccc92a42c94c2cd462789a90fcf245efb2 Mon Sep 17 00:00:00 2001 From: Jorge Hernandez Date: Wed, 19 Sep 2018 14:35:22 -0500 Subject: AAF Configuration in PDP-D AAF is disabled by default until pairwise testing is completed. Change-Id: Ica83873a2605742689ed0c2e06dfade20bef8bf0 Signed-off-by: Jorge Hernandez Issue-ID: POLICY-1043 Signed-off-by: Jorge Hernandez --- .../feature/config/feature-healthcheck.properties | 2 + .../drools/healthcheck/AafHealthCheckFilter.java | 35 ++++++++++++++++ .../drools/healthcheck/HealthCheckFeatureTest.java | 23 ++++++++--- .../healthcheck/TestAafHealthCheckFilter.java | 46 ++++++++++++++++++++++ 4 files changed, 100 insertions(+), 6 deletions(-) create mode 100644 feature-healthcheck/src/main/java/org/onap/policy/drools/healthcheck/AafHealthCheckFilter.java create mode 100644 feature-healthcheck/src/test/java/org/onap/policy/drools/healthcheck/TestAafHealthCheckFilter.java (limited to 'feature-healthcheck') diff --git a/feature-healthcheck/src/main/feature/config/feature-healthcheck.properties b/feature-healthcheck/src/main/feature/config/feature-healthcheck.properties index ec457b7d..e44543a8 100644 --- a/feature-healthcheck/src/main/feature/config/feature-healthcheck.properties +++ b/feature-healthcheck/src/main/feature/config/feature-healthcheck.properties @@ -27,6 +27,8 @@ http.server.services.HEALTHCHECK.swagger=true http.server.services.HEALTHCHECK.userName=${{HEALTHCHECK_USER}} http.server.services.HEALTHCHECK.password=${{HEALTHCHECK_PASSWORD}} http.server.services.HEALTHCHECK.https=true +http.server.services.HEALTHCHECK.aaf=false +http.server.services.HEALTHCHECK.filterClasses= http.client.services=PAP,PDP diff --git a/feature-healthcheck/src/main/java/org/onap/policy/drools/healthcheck/AafHealthCheckFilter.java b/feature-healthcheck/src/main/java/org/onap/policy/drools/healthcheck/AafHealthCheckFilter.java new file mode 100644 index 00000000..3cb9def6 --- /dev/null +++ b/feature-healthcheck/src/main/java/org/onap/policy/drools/healthcheck/AafHealthCheckFilter.java @@ -0,0 +1,35 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.drools.healthcheck; + +import org.onap.policy.common.endpoints.http.server.aaf.AafGranularAuthFilter; +import org.onap.policy.drools.server.restful.aaf.AafBase; + +/** + * Healthcheck AAF Authorization Filter + */ +public class AafHealthCheckFilter extends AafGranularAuthFilter { + + @Override + public String getPermissionTypeRoot() { + return AafBase.AAF_ROOT_PERMISSION; + } +} diff --git a/feature-healthcheck/src/test/java/org/onap/policy/drools/healthcheck/HealthCheckFeatureTest.java b/feature-healthcheck/src/test/java/org/onap/policy/drools/healthcheck/HealthCheckFeatureTest.java index 8ae73435..e0312f1f 100644 --- a/feature-healthcheck/src/test/java/org/onap/policy/drools/healthcheck/HealthCheckFeatureTest.java +++ b/feature-healthcheck/src/test/java/org/onap/policy/drools/healthcheck/HealthCheckFeatureTest.java @@ -25,6 +25,7 @@ import static org.junit.Assert.assertTrue; import java.io.File; import java.io.FileWriter; +import java.io.IOException; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; @@ -34,6 +35,7 @@ import org.junit.AfterClass; import org.junit.BeforeClass; import org.junit.Test; import org.onap.policy.common.endpoints.properties.PolicyEndPointProperties; +import org.onap.policy.common.utils.network.NetworkUtil; import org.onap.policy.drools.healthcheck.HealthCheck.Report; import org.onap.policy.drools.healthcheck.HealthCheck.Reports; import org.onap.policy.drools.persistence.SystemPersistence; @@ -81,7 +83,11 @@ public class HealthCheckFeatureTest { PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "." + "HEALTHCHECK" + PolicyEndPointProperties.PROPERTY_HTTP_REST_CLASSES_SUFFIX, org.onap.policy.drools.healthcheck.RestMockHealthCheck.class.getName()); - httpProperties.setProperty(PolicyEndPointProperties.PROPERTY_HTTP_CLIENT_SERVICES + "." + "HEALTHCHECK" + httpProperties.setProperty( + PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "." + "HEALTHCHECK" + + PolicyEndPointProperties.PROPERTY_HTTP_FILTER_CLASSES_SUFFIX, + org.onap.policy.drools.healthcheck.TestAafHealthCheckFilter.class.getName()); + httpProperties.setProperty(PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "." + "HEALTHCHECK" + PolicyEndPointProperties.PROPERTY_MANAGED_SUFFIX, "true"); @@ -101,7 +107,6 @@ public class HealthCheckFeatureTest { httpProperties.setProperty(PolicyEndPointProperties.PROPERTY_HTTP_CLIENT_SERVICES + "." + "HEALTHCHECK" + PolicyEndPointProperties.PROPERTY_MANAGED_SUFFIX, "true"); - configDirSetup(); } @@ -117,15 +122,21 @@ public class HealthCheckFeatureTest { } @Test - public void test() { + public void test() throws IOException, InterruptedException { HealthCheckFeature feature = new HealthCheckFeature(); feature.afterStart(PolicyEngine.manager); + if (!NetworkUtil.isTcpPortOpen("localhost", 7777, 5, 10000L)) { + throw new IllegalStateException("cannot connect to port " + 7777); + } + Reports reports = HealthCheck.monitor.healthCheck(); + assertTrue(reports.getDetails().size() > 0); + for (Report rpt : reports.getDetails()) { - if (rpt.getName() == "HEALTHCHECK") { + if ("HEALTHCHECK".equals(rpt.getName())) { assertTrue(rpt.isHealthy()); assertEquals(200, rpt.getCode()); assertEquals("All Alive", rpt.getMessage()); @@ -141,7 +152,7 @@ public class HealthCheckFeatureTest { /** * setup up config directory. */ - protected static void configDirSetup() { + private static void configDirSetup() { File origPropsFile = new File(healthCheckPropsPath.toString()); File backupPropsFile = new File(healthCheckPropsBackupPath.toString()); @@ -167,7 +178,7 @@ public class HealthCheckFeatureTest { /** * cleanup up config directory. */ - protected static void configDirCleanup() { + private static void configDirCleanup() { File origPropsFile = new File(healthCheckPropsBackupPath.toString()); File backupPropsFile = new File(healthCheckPropsPath.toString()); diff --git a/feature-healthcheck/src/test/java/org/onap/policy/drools/healthcheck/TestAafHealthCheckFilter.java b/feature-healthcheck/src/test/java/org/onap/policy/drools/healthcheck/TestAafHealthCheckFilter.java new file mode 100644 index 00000000..03ca6897 --- /dev/null +++ b/feature-healthcheck/src/test/java/org/onap/policy/drools/healthcheck/TestAafHealthCheckFilter.java @@ -0,0 +1,46 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.drools.healthcheck; + +import javax.servlet.http.HttpServletRequest; +import org.onap.policy.common.utils.network.NetworkUtil; + +/** + * Healthcheck AAF Authorization Filter + */ +public class TestAafHealthCheckFilter extends AafHealthCheckFilter { + + @Override + protected String getRole(HttpServletRequest request) { + String expectedPerm = "org.onap.policy.pdpd.healthcheck.test|" + + NetworkUtil.getHostname() + "|get"; + if (!expectedPerm.equals(super.getRole(request))) { + throw new IllegalStateException("unexpected AAF granular permission"); + } else { + return "user"; + } + } + + @Override + public String getPermissionTypeRoot() { + return "org.onap.policy.pdpd"; + } +} -- cgit 1.2.3-korg