diff options
author | Jorge Hernandez <jh1730@att.com> | 2017-05-03 21:31:58 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2017-05-03 21:31:58 +0000 |
commit | a330af579866dacbe595e2e4ad1dd29cd3c96945 (patch) | |
tree | b9455591600034dfd4f33a9c1f733336280f2208 /ECOMP-PDP | |
parent | 5444e748b8651d8346dcb78c5ab8b0637dea197b (diff) | |
parent | e0addf5b588a1244f9679becd90999dfcb4c3a94 (diff) |
Merge "Policy 1707 commit to LF"
Diffstat (limited to 'ECOMP-PDP')
21 files changed, 929 insertions, 133 deletions
diff --git a/ECOMP-PDP/config_testing/test_PolicyEngine.xml b/ECOMP-PDP/config_testing/test_PolicyEngine.xml new file mode 100644 index 000000000..e168ca2ab --- /dev/null +++ b/ECOMP-PDP/config_testing/test_PolicyEngine.xml @@ -0,0 +1,595 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<!-- + ============LICENSE_START======================================================= + ECOMP-PDP + ================================================================================ + Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + --> + +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:03e0d98f-90e4-4457-bd78-3ddec62e27d5" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable"> + <Description>Test Policies for the ProtoType PolicyEngineAPI</Description> + <Target/> + <VariableDefinition VariableId="ResetVM"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:or"> + <Description>Check if the CPU Utilization or Memory reach the threshold values. </Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>CPU</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:cpu" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">95</AttributeValue> + </Apply> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>Memory</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:memory" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">95</AttributeValue> + </Apply> + </Apply> + </VariableDefinition> + <VariableDefinition VariableId="SpinOffVM"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:or"> + <Description>Spinoff if the VM if CPU or memory value reaches the threshold</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>CPU</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:cpu" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">90</AttributeValue> + </Apply> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>Memory</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:memory" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">90</AttributeValue> + </Apply> + </Apply> + </VariableDefinition> + <Rule RuleId="urn:com:xacml:rule:id:2a815211-f387-47ee-9b15-4b6a0f15b31f" Effect="Permit"> + <Description>Json Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_json.json</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815212-f387-47ee-9b15-4b6a0f15b31f" Effect="Permit"> + <Description>Json + Config test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSONconfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_json.json</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815211-f387-47ee-9b15-4bfa0f15f568" Effect="Permit"> + <Description>XML test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XML</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_xml.xml</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815212-f387-47ee-9b15-4bfa0f15f568" Effect="Permit"> + <Description>XML + Config test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XML</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XMLConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_xml.xml</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815211-f387-47ee-9b15-4b6a5287f3af" Effect="Permit"> + <Description>Properties Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Properties</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_prop.properties</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815212-f387-47ee-9b15-4b6a5287f3af" Effect="Permit"> + <Description>Properties + Config Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Properties</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">PropConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_prop.properties</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815211-f387-47ee-9b15-4b7a5287f3af" Effect="Permit"> + <Description>Other Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Other</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_other.txt</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:2a815212-f387-47ee-9b15-4b8a5287f3af" Effect="Permit"> + <Description>Other + Config Test</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Other</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">OtherConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_other.txt</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:786aded3-49c4-43da-9e16-77be6b522f04" Effect="Permit"> + <Description> JSON + Attributes </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">JSONconfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestSubject</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Subject.com:test:subject:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestJSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Action.com:test:action:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Test</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Resource.com:test:resource:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_json.json</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:6311eb9c-ec15-43d5-9f16-17c14b300e6d" Effect="Permit"> + <Description> XML + Attributes </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XML</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">XMLConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestSubject</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Subject.com:test:subject:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestJSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Action.com:test:action:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Test</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Resource.com:test:resource:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_xml.xml</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:1148b345-4836-4853-96fc-84c1d37f4dbd" Effect="Permit"> + <Description> Prop + Attributes </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Properties</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">PropConfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestSubject</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Subject.com:test:subject:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestJSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Action.com:test:action:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Test</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Resource.com:test:resource:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_prop.properties</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:786aded3-49c4-43da-9e16-77b86b522f04" Effect="Permit"> + <Description> Other + Attributes </Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Other</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Otherconfig</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ConfigName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestSubject</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Subject.com:test:subject:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">ACCESS</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">TestJSON</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Action.com:test:action:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Config</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Test</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="Resource.com:test:resource:json" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.labs.ecomp.advice.config" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.key" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Configuration</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.advice.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:5443/config/test_other.txt</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <!-- <Rule RuleId="urn:com:xacml:rule:id:a5b3007a-853a-47f0-a4c2-56912b47d74a" Effect="Permit"> + <Description>test if this is working </Description> + + </Rule> --> + <Rule RuleId="urn:com:xacml:rule:id:596bb33b-c0ab-4840-9f8f-aebb0b603f37" Effect="Permit"> + <Description>Permit to RESET VM if the values reach the threshold settings.</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Restart</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:boolean-equal"> + <Description>Restart VM if this condition is met</Description> + <VariableReference VariableId="ResetVM"/> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean">true</AttributeValue> + </Apply> + </Condition> + <ObligationExpressions> + <ObligationExpression ObligationId="com.att.labs.ecomp.obligation" FulfillOn="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.obligation.restart" Category="urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Restart</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.obligation.server" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:server:name" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> + </AttributeAssignmentExpression> + </ObligationExpression> + </ObligationExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:596db34b-c0ab-4841-9f9d-aedb07603f39" Effect="Permit"> + <Description>Permit to SpinOff VM if the values reach the threshold settings.</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SpinOff</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:boolean-equal"> + <Description>SpinOff VM if this condition is met</Description> + <VariableReference VariableId="SpinOffVM"/> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean">true</AttributeValue> + </Apply> + </Condition> + <ObligationExpressions> + <ObligationExpression ObligationId="com.att.labs.ecomp.obligation" FulfillOn="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.obligation.spinoff" Category="urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">SpinOff</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="performer" Category="urn:oasis:names:tc:xacml:1.0:subject-category:recipient-subject"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">PDPAction</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="type" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">REST</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.labs.ecomp.obligation.server" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:server:name" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="method" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">GET</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="URL" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:8635/RESTjson/PDP/VM/$com.att.labs.ecomp.obligation.spinoff/$com.att.labs.ecomp.obligation.server</AttributeValue> + </AttributeAssignmentExpression> + </ObligationExpression> + </ObligationExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:c2430bab-c2a1-4686-b885-67f8036a1e52" Effect="Deny"> + <Description>Deny all the other requests.</Description> + <Target/> + </Rule> +</Policy> diff --git a/ECOMP-PDP/config_testing/xacml.pip.properties b/ECOMP-PDP/config_testing/xacml.pip.properties new file mode 100644 index 000000000..27b5b3e9b --- /dev/null +++ b/ECOMP-PDP/config_testing/xacml.pip.properties @@ -0,0 +1,19 @@ +### +# ============LICENSE_START======================================================= +# ECOMP-PDP +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### diff --git a/ECOMP-PDP/config_testing/xacml.policy.properties b/ECOMP-PDP/config_testing/xacml.policy.properties new file mode 100644 index 000000000..9990d375d --- /dev/null +++ b/ECOMP-PDP/config_testing/xacml.policy.properties @@ -0,0 +1,23 @@ +### +# ============LICENSE_START======================================================= +# ECOMP-PDP +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +xacml.referencedPolicies=test_PolicyEngine.xml +xacml.rootPolicies=test_PolicyEngine.xml +test_PolicyEngine.xml.file=config_testing\\test_PolicyEngine.xml diff --git a/ECOMP-PDP/pom.xml b/ECOMP-PDP/pom.xml index 731902608..9aa5d6fd7 100644 --- a/ECOMP-PDP/pom.xml +++ b/ECOMP-PDP/pom.xml @@ -24,7 +24,6 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> - <artifactId>ECOMP-PDP</artifactId> <description>ECOMP-PDP</description> <packaging>jar</packaging> @@ -40,14 +39,29 @@ <artifactId>ECOMP-REST</artifactId> </dependency> <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + <version>4.4.1</version> + </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpcore</artifactId> + <version>4.4.4</version> + </dependency> + <dependency> + <groupId>org.glassfish</groupId> + <artifactId>javax.json</artifactId> + <version>1.0.4</version> + </dependency> + <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> - <version>1.5</version> + <version>1.10</version> </dependency> <dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> - <version>1.1.3</version> + <version>1.2</version> <exclusions> <exclusion> <groupId>javax.servlet</groupId> @@ -58,37 +72,7 @@ <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>14.0.1</version> - </dependency> - <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> - <version>4.3.1</version> - </dependency> - <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpcore</artifactId> - <version>4.3.1</version> - </dependency> - <dependency> - <groupId>commons-io</groupId> - <artifactId>commons-io</artifactId> - <version>2.4</version> - </dependency> - <dependency> - <groupId>org.glassfish</groupId> - <artifactId>javax.json</artifactId> - <version>1.0.4</version> - </dependency> - <dependency> - <groupId>com.sun.jersey</groupId> - <artifactId>jersey-client</artifactId> - <version>1.18</version> - </dependency> - <dependency> - <groupId>com.sun.jersey</groupId> - <artifactId>jersey-core</artifactId> - <version>1.18</version> + <version>19.0</version> </dependency> <dependency> <groupId>com.att.research.xacml</groupId> diff --git a/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/action/FindAction.java b/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/action/FindAction.java index 2c06f646c..86c5c9b4b 100644 --- a/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/action/FindAction.java +++ b/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/action/FindAction.java @@ -28,7 +28,6 @@ import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.Map; -import java.util.logging.Logger; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -42,6 +41,8 @@ import org.apache.http.client.methods.HttpPost; import org.apache.http.client.methods.HttpPut; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.DefaultHttpClient; +import org.openecomp.policy.common.logging.flexlogger.FlexLogger; +import org.openecomp.policy.common.logging.flexlogger.Logger; import org.openecomp.policy.rest.XACMLRestProperties; import com.att.research.xacml.api.Advice; @@ -62,10 +63,8 @@ import com.att.research.xacml.std.StdMutableResult; import com.att.research.xacml.std.StdObligation; import com.att.research.xacml.util.XACMLProperties; -import org.openecomp.policy.common.logging.flexlogger.FlexLogger; - public class FindAction { - private Logger logger = (Logger) FlexLogger.getLogger(this.getClass()); + private Logger LOGGER = FlexLogger.getLogger(this.getClass()); private Boolean changeIt = false; private String configURL = null; private StdMutableResponse newResponse = new StdMutableResponse(); @@ -105,8 +104,8 @@ public class FindAction { search(stdResponse); } addResults(stdResponse, config , decide); - logger.info("Original Result is " + stdResponse.toString()); - logger.info("Generated Result is " + addResult.toString()); + LOGGER.info("Original Result is " + stdResponse.toString()); + LOGGER.info("Generated Result is " + addResult.toString()); return newResponse; } @@ -142,7 +141,7 @@ public class FindAction { attributeURI = new StdAttributeAssignment(attribute); } } else if (attribute.getAttributeId().stringValue().startsWith("headers")) { - logger.info("Headers are : "+ attribute.getAttributeValue().getValue().toString()); + LOGGER.info("Headers are : "+ attribute.getAttributeValue().getValue().toString()); header = true; headers.put(attribute.getAttributeId().stringValue().replaceFirst("(headers).", ""), attribute.getAttributeValue().getValue().toString()); @@ -194,7 +193,7 @@ public class FindAction { private void TakeAction(StdMutableResponse stdResponse, Identifier advId, Collection<AttributeAssignment> afterRemoveAssignments) { if (changeIt) { - logger.info("the URL is :" + configURL); + LOGGER.info("the URL is :" + configURL); // Calling Rest URL.. callRest(); // Including the Results in an Advice @@ -252,6 +251,7 @@ public class FindAction { private int status; private String response; + private DefaultHttpClient httpClient; private void callRest() { // Finding the Macros in the URL.. @@ -259,17 +259,17 @@ public class FindAction { Matcher match = pattern.matcher(configURL); StringBuffer sb = new StringBuffer(); while (match.find()) { - logger.info("Found Macro : " + match.group(1)); + LOGGER.info("Found Macro : " + match.group(1)); String replaceValue = matchValues.get(match.group(1)); - logger.info("Replacing with :" + replaceValue); + LOGGER.info("Replacing with :" + replaceValue); match.appendReplacement(sb, replaceValue); } match.appendTail(sb); - logger.info("URL is : " + sb.toString()); + LOGGER.info("URL is : " + sb.toString()); configURL = sb.toString(); // Calling the Requested service. if (matchValues.get("method").equalsIgnoreCase("GET")) { - DefaultHttpClient httpClient = new DefaultHttpClient(); + httpClient = new DefaultHttpClient(); try { HttpGet getRequest = new HttpGet(configURL); // Adding Headers here @@ -289,14 +289,16 @@ public class FindAction { } response = output; } catch (ClientProtocolException e) { + LOGGER.error(e.getMessage()); response = e.getMessage(); } catch (IOException e) { + LOGGER.error(e.getMessage()); response = e.getMessage(); } finally { httpClient.getConnectionManager().shutdown(); } } else if(matchValues.get("method").equalsIgnoreCase("POST")) { - DefaultHttpClient httpClient = new DefaultHttpClient(); + httpClient = new DefaultHttpClient(); try { HttpPost postRequest = new HttpPost(configURL); // Adding Headers here @@ -310,14 +312,14 @@ public class FindAction { URLConnection connection = null; connection = configURL.openConnection(); // InputStream in = connection.getInputStrem(); - // logger.info("The Body Content is : " + IOUtils.toString(in)); + // LOGGER.info("The Body Content is : " + IOUtils.toString(in)); JsonReader jsonReader = Json.createReader(connection.getInputStream()); StringEntity input = new StringEntity(jsonReader.readObject().toString()); input.setContentType("application/json"); postRequest.setEntity(input); // Executing the Request. HttpResponse result = httpClient.execute(postRequest); - logger.info("Result Headers are : " + result.getAllHeaders()); + LOGGER.info("Result Headers are : " + result.getAllHeaders()); status = result.getStatusLine().getStatusCode(); BufferedReader br = new BufferedReader(new InputStreamReader( (result.getEntity().getContent()))); @@ -328,14 +330,16 @@ public class FindAction { } response = output; } catch (ClientProtocolException e) { + LOGGER.error(e.getMessage()); response = e.getMessage(); } catch (IOException e) { + LOGGER.error(e.getMessage()); response = e.getMessage(); } finally { httpClient.getConnectionManager().shutdown(); } } else if(matchValues.get("method").equalsIgnoreCase("PUT")) { - DefaultHttpClient httpClient = new DefaultHttpClient(); + httpClient = new DefaultHttpClient(); try { HttpPut putRequest = new HttpPut(configURL); // Adding Headers here @@ -349,7 +353,7 @@ public class FindAction { URLConnection connection = null; connection = configURL.openConnection(); //InputStream in = connection.getInputStream(); - //logger.info("The Body Content is : " + IOUtils.toString(in)); + //LOGGER.info("The Body Content is : " + IOUtils.toString(in)); JsonReader jsonReader = Json.createReader(connection.getInputStream()); StringEntity input = new StringEntity(jsonReader.readObject().toString()); input.setContentType("application/json"); @@ -366,12 +370,14 @@ public class FindAction { } response = output; } catch (ClientProtocolException e) { + LOGGER.error(e.getMessage()); response = e.getMessage(); } catch (IOException e) { + LOGGER.error(e.getMessage()); response = e.getMessage(); } finally { httpClient.getConnectionManager().shutdown(); } } } -} +}
\ No newline at end of file diff --git a/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/ECOMPPDPEngine.java b/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/ECOMPPDPEngine.java index d1d6ebc90..34dee4fbb 100644 --- a/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/ECOMPPDPEngine.java +++ b/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/ECOMPPDPEngine.java @@ -37,23 +37,19 @@ public class ECOMPPDPEngine extends ATTPDPEngine { public ECOMPPDPEngine(EvaluationContextFactory evaluationContextFactoryIn, Decision defaultDecisionIn, ScopeResolver scopeResolverIn, Properties properties) { super(evaluationContextFactoryIn, defaultDecisionIn, scopeResolverIn, properties); - // TODO Auto-generated constructor stub } public ECOMPPDPEngine(EvaluationContextFactory evaluationContextFactoryIn, Decision defaultDecisionIn, ScopeResolver scopeResolverIn) { super(evaluationContextFactoryIn, defaultDecisionIn, scopeResolverIn); - // TODO Auto-generated constructor stub } public ECOMPPDPEngine(EvaluationContextFactory evaluationContextFactoryIn, ScopeResolver scopeResolverIn) { super(evaluationContextFactoryIn, scopeResolverIn); - // TODO Auto-generated constructor stub } @Override public Response decide(Request pepRequest) throws PDPException { - // TODO Auto-generated method stub Response response = super.decide(pepRequest); FindAction findAction = new FindAction(); diff --git a/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/std/functions/FunctionDefinitionCustomRegexpMatch.java b/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/std/functions/FunctionDefinitionCustomRegexpMatch.java index 9e63052a4..806df2193 100644 --- a/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/std/functions/FunctionDefinitionCustomRegexpMatch.java +++ b/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/std/functions/FunctionDefinitionCustomRegexpMatch.java @@ -115,9 +115,4 @@ public class FunctionDefinitionCustomRegexpMatch<I> extends FunctionDefinitionBa } } - - - - - } diff --git a/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/std/functions/PolicyList.java b/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/std/functions/PolicyList.java index 24ef2f72e..d1a14d502 100644 --- a/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/std/functions/PolicyList.java +++ b/ECOMP-PDP/src/main/java/org/openecomp/policy/xacml/pdp/std/functions/PolicyList.java @@ -20,14 +20,7 @@ package org.openecomp.policy.xacml.pdp.std.functions; import java.util.ArrayList; -import java.util.HashMap; import java.util.List; -import java.util.Map; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.openecomp.policy.common.logging.flexlogger.FlexLogger; -import org.openecomp.policy.common.logging.flexlogger.Logger; /** * Creates a list of policy ids. * @@ -35,9 +28,7 @@ import org.openecomp.policy.common.logging.flexlogger.Logger; */ public class PolicyList { -// private static Map<String, Integer> policyMap = new HashMap<>(); private static List<String> policyList = new ArrayList<String>(); - private Logger logger = FlexLogger.getLogger(this.getClass()); public static List<String> getpolicyList(){ @@ -48,11 +39,9 @@ public class PolicyList { if (!policyList.contains(policyID)){ policyList.add(policyID); } - // policyMap.put(policyID, count); } public static void clearPolicyList(){ - // policyMap.clear(); if (!policyList.isEmpty()){ policyList.clear(); } diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionAccessPermittedTest.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionAccessPermittedTest.java index 050b833ac..bd86e50b1 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionAccessPermittedTest.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionAccessPermittedTest.java @@ -35,7 +35,6 @@ import java.util.List; import javax.xml.namespace.NamespaceContext; import org.junit.Ignore; -import org.junit.Test; import com.att.research.xacml.api.Request; import com.att.research.xacml.api.XACML3; @@ -47,7 +46,7 @@ import com.att.research.xacmlatt.pdp.policy.FunctionArgument; import com.att.research.xacmlatt.pdp.policy.FunctionArgumentAttributeValue; import com.att.research.xacmlatt.pdp.std.StdEvaluationContext; import com.att.research.xacmlatt.pdp.std.StdFunctions; -import com.att.research.xacmlatt.pdp.std.functions.*; +import com.att.research.xacmlatt.pdp.std.functions.FunctionDefinitionAccessPermitted; /** * Test of PDP Functions (See XACML core spec section A.3) diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionRegexpMatchTest.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionRegexpMatchTest.java index 631dca910..26cc46620 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionRegexpMatchTest.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionRegexpMatchTest.java @@ -240,7 +240,7 @@ public class FunctionDefinitionRegexpMatchTest { IPAddress addr1 = null; IPAddress addr2 = null; try { - addr1 = IPAddress.newInstance("10.123.45.67"); + addr1 = IPAddress.newInstance("10.123.13.14"); addr2 = IPAddress.newInstance("10.12.13.14"); } catch (Exception e) { fail("Unable to create IPAddresses, e="+e); diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionStringConversionTest.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionStringConversionTest.java index ae887cc60..1e3fd7e70 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionStringConversionTest.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionStringConversionTest.java @@ -1801,27 +1801,27 @@ public class FunctionDefinitionStringConversionTest { short[] addrShorts= {123, 134, 156, 255 }; short[] addrMaskShorts= {255, 255, 255, 255 }; try { - attrString1 = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123")); - attrStringFull = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123/10.11.121.123:123-456")); - attrStringMissingElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123")); - attrStringTooManyElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123.222")); - attrStringIllegalElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123")); - attrStringOutOfOrder = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123:123-456/10.11.12.123")); - - attrStringMask = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123/10.11.12.123")); - attrStringMissingMaskElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123/10.11.12.123")); - attrStringTooManyMaskElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123/10.11.12.123.222")); - attrStringIllegalMaskElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.255/10.11.123.255")); - attrStringMaskNoValue = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.156/")); + attrString1 = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255")); + attrStringFull = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255/255.255.255.255:123-456")); + attrStringMissingElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.255")); + attrStringTooManyElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.255.111.222")); + attrStringIllegalElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.256.255")); + attrStringOutOfOrder = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.256.255:123-456/255.255.255.255")); + + attrStringMask = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255/255.255.255.255")); + attrStringMissingMaskElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255/123.134.255")); + attrStringTooManyMaskElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255/122.134.155.111.222")); + attrStringIllegalMaskElement = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255/123.134.256.255")); + attrStringMaskNoValue = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255/")); // optional mask // "/" with no mask (fail) - attrStringMinusPort = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123:-123")); - attrStringPortMinus = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123:123-")); - attrStringPortPort = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123:1234567-432")); - attrStringNoPort = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123:")); - attrStringBadPort = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123:12.34")); - attrStringTooManyPorts = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("10.11.12.123:-123-456")); + attrStringMinusPort = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255:-123")); + attrStringPortMinus = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255:123-")); + attrStringPortPort = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255:1234567-432")); + attrStringNoPort = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255:")); + attrStringBadPort = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255:12.34")); + attrStringTooManyPorts = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue("123.134.156.255:-123-456")); @@ -1868,7 +1868,7 @@ public class FunctionDefinitionStringConversionTest { arguments.add(attrStringMissingElement); res = fd.evaluate(null, arguments); assertFalse(res.isOk()); - assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"10.11.12.123\": invalid address", res.getStatus().getStatusMessage()); + assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"123.134.255\": invalid address", res.getStatus().getStatusMessage()); assertEquals("urn:oasis:names:tc:xacml:1.0:status:syntax-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); // too many elements @@ -1876,7 +1876,7 @@ public class FunctionDefinitionStringConversionTest { arguments.add(attrStringTooManyElement); res = fd.evaluate(null, arguments); assertFalse(res.isOk()); - assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"10.11.12.123.222\": invalid address", res.getStatus().getStatusMessage()); + assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"123.134.255.111.222\": invalid address", res.getStatus().getStatusMessage()); assertEquals("urn:oasis:names:tc:xacml:1.0:status:syntax-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); // illegal element @@ -1884,7 +1884,7 @@ public class FunctionDefinitionStringConversionTest { arguments.add(attrStringIllegalElement); res = fd.evaluate(null, arguments); assertFalse(res.isOk()); - assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"10.11.123.255\": invalid octet: \"256", res.getStatus().getStatusMessage()); + assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"123.134.256.255\": invalid octet: \"256", res.getStatus().getStatusMessage()); assertEquals("urn:oasis:names:tc:xacml:1.0:status:syntax-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); // Out of order @@ -1892,7 +1892,7 @@ public class FunctionDefinitionStringConversionTest { arguments.add(attrStringOutOfOrder); res = fd.evaluate(null, arguments); assertFalse(res.isOk()); - assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"10.11.12.123:123-456/10.11.12.123\": out of order components", res.getStatus().getStatusMessage()); + assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"123.134.256.255:123-456/255.255.255.255\": out of order components", res.getStatus().getStatusMessage()); assertEquals("urn:oasis:names:tc:xacml:1.0:status:syntax-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); @@ -1913,7 +1913,7 @@ public class FunctionDefinitionStringConversionTest { arguments.add(attrStringMissingMaskElement); res = fd.evaluate(null, arguments); assertFalse(res.isOk()); - assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"10.11.12.123\": invalid address", res.getStatus().getStatusMessage()); + assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"123.134.255\": invalid address", res.getStatus().getStatusMessage()); assertEquals("urn:oasis:names:tc:xacml:1.0:status:syntax-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); // too many mask elements @@ -1921,7 +1921,7 @@ public class FunctionDefinitionStringConversionTest { arguments.add(attrStringTooManyMaskElement); res = fd.evaluate(null, arguments); assertFalse(res.isOk()); - assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"10.11.12.123.222\": invalid address", res.getStatus().getStatusMessage()); + assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"122.134.155.111.222\": invalid address", res.getStatus().getStatusMessage()); assertEquals("urn:oasis:names:tc:xacml:1.0:status:syntax-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); // illegal Mask element @@ -1929,7 +1929,7 @@ public class FunctionDefinitionStringConversionTest { arguments.add(attrStringIllegalMaskElement); res = fd.evaluate(null, arguments); assertFalse(res.isOk()); - assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"10.11.12.123\": invalid octet: \"256", res.getStatus().getStatusMessage()); + assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"123.134.256.255\": invalid octet: \"256", res.getStatus().getStatusMessage()); assertEquals("urn:oasis:names:tc:xacml:1.0:status:syntax-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); //mask indicator without value @@ -1980,7 +1980,7 @@ public class FunctionDefinitionStringConversionTest { arguments.add(attrStringNoPort); res = fd.evaluate(null, arguments); assertFalse(res.isOk()); - assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"10.11.12.123:\": no portrange given after ':'", res.getStatus().getStatusMessage()); + assertEquals("function:ipAddress-from-string Invalid IPv4 address string \"123.134.156.255:\": no portrange given after ':'", res.getStatus().getStatusMessage()); assertEquals("urn:oasis:names:tc:xacml:1.0:status:syntax-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); @@ -2264,7 +2264,7 @@ public class FunctionDefinitionStringConversionTest { FunctionArgumentAttributeValue attrObj1 = null; FunctionArgumentAttributeValue attrObjV6 = null; FunctionArgumentAttributeValue attrStringBadType = null; - String objValueString = "10.11.12.123"; + String objValueString = "123.145.255.255"; String objValueStringV6 = "[FEDC:BA98:7654:3210:FEDC:BA98:7654:3210]"; try { attrObj1 = new FunctionArgumentAttributeValue(DataTypes.DT_IPADDRESS.createAttributeValue(objValueString)); diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/PDPTest.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/PDPTest.java index 3b3e0b7bb..bd19ae357 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/PDPTest.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/PDPTest.java @@ -20,19 +20,13 @@ package org.openecomp.policy.pdp.test; -//import static org.junit.Assert.assertNotNull; + import static org.junit.Assert.assertNull; //import static org.junit.Assert.fail; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.junit.Test; -import org.openecomp.policy.common.logging.flexlogger.FlexLogger; -import org.openecomp.policy.common.logging.flexlogger.Logger; +import org.junit.Test; public class PDPTest { - - private static final Logger logger = FlexLogger.getLogger(PDPTest.class); @Test public void testDummy() { diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/TestRunner.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/TestRunner.java index 5886f836a..111d85276 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/TestRunner.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/TestRunner.java @@ -25,12 +25,14 @@ import org.junit.runner.Result; import org.junit.runner.notification.Failure; public class TestRunner { + private static Result results; + public static void main(String[] args) { Result result = JUnitCore.runClasses(PDPTest.class); for(Failure failure: result.getFailures()) { System.out.println("Failed Test: " + failure.toString()); } - Result results = null; + results = null; if(result.wasSuccessful()) { System.out.println("Test Results... "); System.out.println("Stats: \nRun Time: " + (results.getRunTime()+result.getRunTime()) + "\nTotal Tests:" + results.getRunCount()+ result.getRunCount() diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformancePIPEngine.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformancePIPEngine.java index 5ba399528..84012c0d3 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformancePIPEngine.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformancePIPEngine.java @@ -36,9 +36,7 @@ import java.util.List; import java.util.Map; import java.util.Properties; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.openecomp.policy.common.logging.flexlogger.FlexLogger; +import org.openecomp.policy.common.logging.flexlogger.FlexLogger; import org.openecomp.policy.common.logging.flexlogger.Logger; import com.att.research.xacml.api.Attribute; diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceScopeResolver.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceScopeResolver.java index f9284ff84..fe2bc15f2 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceScopeResolver.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceScopeResolver.java @@ -27,9 +27,7 @@ import java.util.Iterator; import java.util.List; import java.util.Map; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.openecomp.policy.common.logging.flexlogger.FlexLogger; +import org.openecomp.policy.common.logging.flexlogger.FlexLogger; import org.openecomp.policy.common.logging.flexlogger.Logger; import com.att.research.xacml.api.Attribute; diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceTestEngine.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceTestEngine.java index 2b37cd3e7..c2ad3a207 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceTestEngine.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceTestEngine.java @@ -20,9 +20,7 @@ package org.openecomp.policy.pdp.test.conformance; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.openecomp.policy.common.logging.flexlogger.FlexLogger; +import org.openecomp.policy.common.logging.flexlogger.FlexLogger; import org.openecomp.policy.common.logging.flexlogger.Logger; import com.att.research.xacml.api.Request; diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceTestSet.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceTestSet.java index ad5b96219..65e10a489 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceTestSet.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/conformance/ConformanceTestSet.java @@ -34,9 +34,7 @@ import java.util.Iterator; import java.util.List; import java.util.Map; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.openecomp.policy.common.logging.flexlogger.FlexLogger; +import org.openecomp.policy.common.logging.flexlogger.FlexLogger; import org.openecomp.policy.common.logging.flexlogger.Logger; /** diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/custom/TestBase.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/custom/TestBase.java index 089526d4e..82fd5da7a 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/custom/TestBase.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/custom/TestBase.java @@ -47,9 +47,9 @@ import org.apache.commons.cli.Option; import org.apache.commons.cli.Options; import org.apache.commons.cli.ParseException; import org.apache.commons.io.IOUtils; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.apache.http.entity.ContentType; +import org.openecomp.policy.common.logging.flexlogger.FlexLogger; +import org.openecomp.policy.common.logging.flexlogger.Logger; import com.att.research.xacml.api.AttributeValue; import com.att.research.xacml.api.DataType; @@ -79,9 +79,7 @@ import com.att.research.xacml.std.json.JSONStructureException; import com.att.research.xacml.util.FactoryException; import com.att.research.xacml.util.XACMLProperties; import com.google.common.base.Splitter; -import com.google.common.collect.Lists; -import org.openecomp.policy.common.logging.flexlogger.FlexLogger; -import org.openecomp.policy.common.logging.flexlogger.Logger; +import com.google.common.collect.Lists; /** * This is a base class for setting up a test environment. Using properties files, it contains the diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/custom/TestCustom.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/custom/TestCustom.java index e6530a186..e6d135ebc 100644 --- a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/custom/TestCustom.java +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/custom/TestCustom.java @@ -45,9 +45,7 @@ import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.GnuParser; import org.apache.commons.cli.Option; import org.apache.commons.cli.ParseException; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.openecomp.policy.common.logging.flexlogger.FlexLogger; +import org.openecomp.policy.common.logging.flexlogger.FlexLogger; import org.openecomp.policy.common.logging.flexlogger.Logger; import com.att.research.xacml.api.AttributeValue; diff --git a/ECOMP-PDP/src/test/resources/CSVPolicy.xml b/ECOMP-PDP/src/test/resources/CSVPolicy.xml new file mode 100644 index 000000000..7175fb500 --- /dev/null +++ b/ECOMP-PDP/src/test/resources/CSVPolicy.xml @@ -0,0 +1,205 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<!-- + ============LICENSE_START======================================================= + ECOMP-PDP + ================================================================================ + Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + --> + +<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:fb9e6bed-b5dd-430c-acd4-1baed0c1f1cf" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-unless-permit"> + <Description>This Policy handles the Take action and Advice action operations. </Description> + <Target /> + <!--<Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">VM</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> --> + <VariableDefinition VariableId="doesItRequireNewVM"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:or"> + <Description>Check the CPU Utilization or Network Load</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>Load</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:load" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">95</AttributeValue> + <!--<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="com:att:research:xacml:test:pip:csv:category:server" AttributeId="com:att:research:xacml:test:pip:csv:server:loadval" DataType="http://www.w3.org/2001/XMLSchema#integer" Issuer="com:att:research:xacml:test:pip:csv" MustBePresent="false"/> + </Apply> --> + </Apply> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than"> + <Description>CPU</Description> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:labs:ecomp:resource:vm:cpu" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">95</AttributeValue> + <!-- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="com:att:research:xacml:test:pip:csv:category:server" AttributeId="com:att:research:xacml:test:pip:csv:server:cpuval" DataType="http://www.w3.org/2001/XMLSchema#integer" Issuer="com:att:research:xacml:test:pip:csv" MustBePresent="false"/> + </Apply> --> + </Apply> + </Apply> + </VariableDefinition> + <Rule RuleId="urn:com:xacml:rule:id:9f8e2241-8205-4656-b6f6-143637cc0c66" Effect="Permit"> + <Description>Permit to create a new VM with Obligation</Description> + <Target /> + <!--<Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">create_Action</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> --> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:boolean-equal"> + <Description>If the Requirement has met create the VM</Description> + <VariableReference VariableId="doesItRequireNewVM"/> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean">true</AttributeValue> + </Apply> + </Condition> + <ObligationExpressions> + <ObligationExpression ObligationId="com.att.research.nvp.test.obligation" FulfillOn="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.test.obligation.key" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Action_Info</AttributeValue> + </AttributeAssignmentExpression> + </ObligationExpression> + <ObligationExpression ObligationId="com.att.research.nvp.test.multiobligation" FulfillOn="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.obligation.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Create_NEW_VM</AttributeValue> + </AttributeAssignmentExpression> + </ObligationExpression> + </ObligationExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:6dd4c4b2-8864-4bae-b497-7472b464ffe7" Effect="Permit"> + <Description>Permit to create a new VM with Advice</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">create_adviceAction</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:boolean-equal"> + <Description>If the Requirement has met create the VM</Description> + <VariableReference VariableId="doesItRequireNewVM"/> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean">true</AttributeValue> + </Apply> + </Condition> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.research.nvp.test.advice.multi" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.test.advice.key"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Action_Info</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + <AdviceExpression AdviceId="com.att.research.nvp.test.advice.multiadvice" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.test.advice.multival"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Created New VM</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.test.advice.val" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:8080/pdp/?type=hb</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> + <VariableDefinition VariableId="removeVM"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-less-than"> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="com:att:research:xacml:test:pip:csv:resource:cpu" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="true"/> + </Apply> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only"> + <AttributeDesignator Category="com:att:research:xacml:test:pip:csv:category:server" AttributeId="com:att:research:xacml:test:pip:csv:server:minval" DataType="http://www.w3.org/2001/XMLSchema#integer" Issuer="com:att:research:xacml:test:pip:csv" MustBePresent="false"/> + </Apply> + </Apply> + </VariableDefinition> + <Rule RuleId="urn:com:xacml:rule:id:262fc3fd-f3f3-4aaa-8b9c-504f89be5ba2" Effect="Permit"> + <Description>Permit to remove a VM with Obligation</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">remove_Action</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:boolean-equal"> + <Description>If the resource usage is low then remove the VM</Description> + <VariableReference VariableId="removeVM"/> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean">true</AttributeValue> + </Apply> + </Condition> + <ObligationExpressions> + <ObligationExpression ObligationId="com.att.research.nvp.test.obligation" FulfillOn="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.test.obligation.key" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Action_Info</AttributeValue> + </AttributeAssignmentExpression> + </ObligationExpression> + <ObligationExpression ObligationId="com.att.research.nvp.test.multiobligation" FulfillOn="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.obligation.value" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Remove_VM</AttributeValue> + </AttributeAssignmentExpression> + </ObligationExpression> + </ObligationExpressions> + </Rule> + <Rule RuleId="urn:com:xacml:rule:id:6b17c532-6b43-4577-b499-30c862bc7df3" Effect="Permit"> + <Description>Permit to remove a VM with Advice</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">remove_adviceAction</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <Condition> + <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:boolean-equal"> + <Description>If the resource usage is low then remove the VM</Description> + <VariableReference VariableId="removeVM"/> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#boolean">true</AttributeValue> + </Apply> + </Condition> + <AdviceExpressions> + <AdviceExpression AdviceId="com.att.research.nvp.test.advice.multi" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.test.advice.key"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Action_Info</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + <AdviceExpression AdviceId="com.att.research.nvp.test.advice.multiadvice" AppliesTo="Permit"> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.test.advice.multival"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Removed VM</AttributeValue> + </AttributeAssignmentExpression> + <AttributeAssignmentExpression AttributeId="com.att.research.nvp.test.advice.val" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">http://localhost:8080/pdp/?type=hb</AttributeValue> + </AttributeAssignmentExpression> + </AdviceExpression> + </AdviceExpressions> + </Rule> +</Policy> diff --git a/ECOMP-PDP/src/test/resources/logback.xml b/ECOMP-PDP/src/test/resources/logback.xml index 3cb7a4469..e51ac17e1 100644 --- a/ECOMP-PDP/src/test/resources/logback.xml +++ b/ECOMP-PDP/src/test/resources/logback.xml @@ -44,14 +44,15 @@ <property name="defaultAuditPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}||%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> <property name="defaultAuditPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{requestId}|%X{serviceInstanceId}|%t|%X{serverName}|%X{serviceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{instanceUuid}|%p|%X{severity}|%X{serverIpAddress}|%X{ElapsedTime}|%X{server}|%X{clientIpAddress}|%c||%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> --> - <property name="defaultAuditPattern" value="%X{TransactionBeginTimestamp}|%X{TransactionEndTimestamp}|%X{requestId}|%X{serviceInstanceId}|%t|%X{serverName}|%X{serviceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{instanceUuid}|%p|%X{severity}|%X{serverIpAddress}|%X{TransactionElapsedTime}|%X{server}|%X{clientIpAddress}|%c||%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> + <property name="defaultAuditPattern" value="%X{TransactionBeginTimestamp}|%X{TransactionEndTimestamp}|%X{requestId}|%X{serviceInstanceId}|%t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{statusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{instanceUuid}|%p|%X{severity}|%X{serverIpAddress}|%X{TransactionElapsedTime}|%X{server}|%X{clientIpAddress}|%c||%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> <!-- M E T R I C <property name="defaultMetricPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}||%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> --> - <property name="defaultMetricPattern" value="%X{MetricBeginTimestamp}|%X{MetricEndTimestamp}|%X{requestId}|%X{serviceInstanceId}|%t|%X{serverName}|%X{serviceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%p|%X{severity}|%X{serverIpAddress}|%X{MetricElapsedTime}|%X{server}|%X{clientIpAddress}|%c||%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> + <property name="defaultMetricPattern" value="%X{MetricBeginTimestamp}|%X{MetricEndTimestamp}|%X{requestId}|%X{serviceInstanceId}|%t|%X{serverName}|%X{serviceName}|%X{partnerName}|%X{targetEntity}|%X{targetServiceName}|%X{statusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%p|%X{severity}|%X{serverIpAddress}|%X{MetricElapsedTime}|%X{server}|%X{clientIpAddress}|%c||%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> + |