diff options
-rw-r--r-- | ONAP-PDP/pom.xml | 7 | ||||
-rw-r--r-- | ONAP-PDP/src/test/java/org/onap/policy/xacml/action/DummyRest.java | 37 | ||||
-rw-r--r-- | ONAP-PDP/src/test/java/org/onap/policy/xacml/action/FindActionTest.java | 145 | ||||
-rw-r--r-- | ONAP-PDP/src/test/resources/xacml.pdp.properties | 176 |
4 files changed, 361 insertions, 4 deletions
diff --git a/ONAP-PDP/pom.xml b/ONAP-PDP/pom.xml index dc3953b76..02057bd3a 100644 --- a/ONAP-PDP/pom.xml +++ b/ONAP-PDP/pom.xml @@ -88,5 +88,12 @@ <artifactId>junit</artifactId> <version>4.11</version> </dependency> + <dependency> + <groupId>org.onap.policy.drools-pdp</groupId> + <artifactId>policy-endpoints</artifactId> + <version>${project.version}</version> + <scope>test</scope> + </dependency> </dependencies> + </project> diff --git a/ONAP-PDP/src/test/java/org/onap/policy/xacml/action/DummyRest.java b/ONAP-PDP/src/test/java/org/onap/policy/xacml/action/DummyRest.java new file mode 100644 index 000000000..7a7fe548d --- /dev/null +++ b/ONAP-PDP/src/test/java/org/onap/policy/xacml/action/DummyRest.java @@ -0,0 +1,37 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP-PDP + * ================================================================================ + * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.xacml.action; + +import javax.ws.rs.GET; +import javax.ws.rs.Path; + +@Path("/") +public class DummyRest { + + @GET + @Path("/foobar") + public String subscribe() { + + return "{\"Foo\":\"bar\"}"; + } + + +} diff --git a/ONAP-PDP/src/test/java/org/onap/policy/xacml/action/FindActionTest.java b/ONAP-PDP/src/test/java/org/onap/policy/xacml/action/FindActionTest.java index e59428699..2a36fa280 100644 --- a/ONAP-PDP/src/test/java/org/onap/policy/xacml/action/FindActionTest.java +++ b/ONAP-PDP/src/test/java/org/onap/policy/xacml/action/FindActionTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP-PDP * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,13 +22,15 @@ package org.onap.policy.xacml.action; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; +import org.junit.AfterClass; import org.junit.Before; +import org.junit.BeforeClass; import org.junit.Test; import org.onap.policy.xacml.custom.OnapFunctionDefinitionFactory; - import com.att.research.xacml.api.Decision; import com.att.research.xacml.api.Request; import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.IdentifierImpl; import com.att.research.xacml.std.StdAttributeValue; import com.att.research.xacml.std.StdMutableAdvice; import com.att.research.xacml.std.StdMutableAttributeAssignment; @@ -41,17 +43,21 @@ import com.att.research.xacml.std.StdMutableStatusDetail; import com.att.research.xacml.std.StdStatusCode; import com.att.research.xacml.std.datatypes.DataTypes; import com.att.research.xacml.std.json.JSONRequest; +import com.att.research.xacml.util.XACMLProperties; +import org.onap.policy.drools.http.server.HttpServletServer; +import org.onap.policy.drools.utils.NetworkUtil; public class FindActionTest { + String xPathExampleFromSpec = "{ " + "\"Request\" : { " + "\"Resource\" : { " + "\"Attribute\": [ " + "{ " + "\"Id\" : \"urn:oasis:names:tc:xacml:3.0:content-selector\", " + - "\"DataType\" : \"xpathExpression\", " + + "\"DataType\" : \"xpathExpression\", " + "\"Value\" : { " + "\"XPathCategory\" : \"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\", " + "\"Namespaces\" : [{ " + @@ -71,14 +77,46 @@ public class FindActionTest { "} "; String jsonResponse; - Request request; + private static final int MOCK_SERVER_PORT = 6670; + @BeforeClass + public static void setUpServer() { + try { + final HttpServletServer testServer = HttpServletServer.factory.build("dmaapSim", + "localhost", MOCK_SERVER_PORT, "/", false, true); + testServer.addServletClass("/*", DummyRest.class.getName()); + testServer.waitedStart(2000); + if (!NetworkUtil.isTcpPortOpen("localhost", testServer.getPort(), 5, 10000L)) + throw new IllegalStateException("cannot connect to port " + testServer.getPort()); + } catch (final Exception e) { + fail(e.getMessage()); + } + + } + + @AfterClass + public static void tearDownSimulator() { + HttpServletServer.factory.destroy(); + } + @Before public void setUp() throws Exception { new OnapFunctionDefinitionFactory(); request = JSONRequest.load(xPathExampleFromSpec); + + try { + XACMLProperties.reloadProperties(); + System.setProperty(XACMLProperties.XACML_PROPERTIES_NAME, "src/test/resources/xacml.pdp.properties"); + XACMLProperties.getProperties(); + + assertTrue(true); + } catch (Exception e) { + fail(); + + } } + @Test public final void testRun() { @@ -126,6 +164,105 @@ public class FindActionTest { "advice-issuer1", new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "Test"))); response.add(result); + + // The logic below exercises the callRest and takeAction methods in FindAction + // GET request + status = new StdMutableStatus(StdStatusCode.STATUS_CODE_OK); + result = new StdMutableResult(status); + result.setDecision(Decision.PERMIT); + + obligation = new StdMutableObligation(); + obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION); + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("performer"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "PDPACTION"))); + + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("URL"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "http://localhost:" + MOCK_SERVER_PORT))); + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("method"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "GET"))); + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("headers"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "foobar"))); + + + result.addObligation(obligation); + response.add(result); + + // POST request + status = new StdMutableStatus(StdStatusCode.STATUS_CODE_OK); + result = new StdMutableResult(status); + result.setDecision(Decision.PERMIT); + + obligation = new StdMutableObligation(); + obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION); + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("performer"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "PDPACTION"))); + + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("URL"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "http://localhost:" + MOCK_SERVER_PORT))); + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("method"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "POST"))); + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("body"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "http://localhost:" + MOCK_SERVER_PORT + "/foobar"))); + + result.addObligation(obligation); + response.add(result); + + //PUT request + status = new StdMutableStatus(StdStatusCode.STATUS_CODE_OK); + result = new StdMutableResult(status); + result.setDecision(Decision.PERMIT); + + obligation = new StdMutableObligation(); + obligation.setId(XACML3.ID_ACTION_IMPLIED_ACTION); + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("performer"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "PDPACTION"))); + + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("URL"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "http://localhost:" + MOCK_SERVER_PORT))); + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("method"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "PUT"))); + obligation.addAttributeAssignment(new StdMutableAttributeAssignment( + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE, + new IdentifierImpl("body"), + "obligation-issuer", + new StdAttributeValue<String>(DataTypes.DT_STRING.getId(), "http://localhost:" + MOCK_SERVER_PORT + "/foobar"))); + + result.addObligation(obligation); + response.add(result); + try { assertTrue(action.run(response, request) != null); } catch (Exception e) { diff --git a/ONAP-PDP/src/test/resources/xacml.pdp.properties b/ONAP-PDP/src/test/resources/xacml.pdp.properties new file mode 100644 index 000000000..a5120f342 --- /dev/null +++ b/ONAP-PDP/src/test/resources/xacml.pdp.properties @@ -0,0 +1,176 @@ +### +# ============LICENSE_START======================================================= +# ONAP-PDP-REST +# ================================================================================ +# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +# Default XACML Properties File for PDP RESTful servlet +# +# Standard API Factories +# +xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory +xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory +xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory +# NOT USED SEE BELOW xacml.pipFinderFactory=org.onap.policy.xacml.std.pip.StdPIPFinderFactory +xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory +# +# AT&T PDP Implementation Factories +# +xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory +xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory +xacml.att.functionDefinitionFactory=org.onap.policy.xacml.custom.OnapFunctionDefinitionFactory +# NOT USED SEE BELOW xacml.att.policyFinderFactory=org.onap.policy.pdp.std.StdPolicyFinderFactory +# creteUpdate Policy Implementation Class details. +createUpdatePolicy.impl.className=org.onap.policy.pdp.rest.api.services.CreateUpdatePolicyServiceImpl +# AAF Implementation class details +aafClient.impl.className=org.onap.policy.utils.AAFPolicyClientImpl +# +# AT&T RESTful PDP Implementation Factories +# +xacml.pipFinderFactory=org.onap.policy.pdp.rest.impl.XACMLPdpPIPFinderFactory +xacml.att.policyFinderFactory=org.onap.policy.pdp.rest.XACMLPdpPolicyFinderFactory +# +# When set to true, this flag tells the StdPolicyFinderFactory to combined all the root policy files into +# into one PolicySet and use the given Policy Algorithm. +# +xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-permit-overrides +# +# PDP RESTful API properties +# +# Set this to the address where the XACML-PAP-REST servlet is running +xacml.rest.pap.url=http://localhost:8070/pap/ + +#if multiple paps exist, the xacml.rest.pap.url can be removed and they can be defined like this: +#xacml.rest.pap.urls=http://localhost:9090/pap/,http://localhost:9091/pap/ + +# +# Give the running PDP an ID for the PAP. The url that its running as is a good choice. +# The PAP identifies PDP's using the URL of the PDP. +# +xacml.rest.pdp.id=http://localhost:8082/pdp/ + +# Give the port number used for the PDP + +xacml.jmx.port=0 + + +# Notification Properties +# Notifcation type: websocket, ueb or dmaap... if left blank websocket is the default +NOTIFICATION_TYPE=websocket +NOTIFICATION_SERVERS= +NOTIFICATION_TOPIC= +NOTIFICATION_DELAY= +UEB_API_KEY= +UEB_API_SECRET= +DMAAP_AAF_LOGIN= +DMAAP_AAF_PASSWORD= + +# +# Set the directory where the PDP holds its Policy Cache and PIP Configuration +# +xacml.rest.pdp.config=config + +xacml.rest.pdp.webapps=/home/users/PolicyEngine/webapps/ConfigPAP/ +# +# Initialize register with PAP servlet +# +xacml.rest.pdp.register=true +# +# Sleep period in seconds between register attempts +# +xacml.rest.pdp.register.sleep=15 +# +# number of attempts to register. -1 means keep trying forever. +# +xacml.rest.pdp.register.retries=-1 +# +# max number of bytes in a POST of a XML/JSON request +# old value #32767 +xacml.rest.pdp.maxcontent=99999999 +# +# Set UserID here +xacml.rest.pdp.userid=testpdp +# Set Password here +xacml.rest.pdp.password=alpha456 + +# id PAP +xacml.rest.pap.userid=testpap +#if multiple paps have different logins, they can be defined like this: +#http\://localhost\:9090/pap/.xacml.rest.pap.userid=testpap + +# pass PAP +xacml.rest.pap.password=alpha123 +#http\://localhost\:9090/pap/.xacml.rest.pap.password=alpha123 + +# Delay for Notifications Don't change this. Value in milliSec. +xacml.rest.notification.delay=30 + +# Client interval to ping notification service. +CLIENT_INTERVAL=15000 + +# Buffer Size. +REQUEST_BUFFER_SIZE=15 + +#Properties for db access +#properties for MySql xacml database: PLEASE DO NOT REMOVE... NEEDED FOR APIs +javax.persistence.jdbc.driver=org.h2.Driver +javax.persistence.jdbc.url=jdbc:h2:file:./sql/xacmlTest +javax.persistence.jdbc.user=sa +javax.persistence.jdbc.password= + +#***Properties for IntegrityMonitor integration defined in XACMLRestProperties.java*** + +#The name of the PDP. Must be unique across the system +xacml.rest.pdp.resource.name=site_1.pdp_1 + +#***Properties for IntegrityMonitor integration defined in IntegrityMonitorProperties.java*** + +#Interval between forward progress counter updates in seconds +fp_monitor_interval=30 + +#Number of forward progress counter failures before failover +failed_counter_threshold=3 + +#Interval in seconds between test transactions if there is no other traffic +test_trans_interval=10 + +#Interval in seconds between updates of the forward progress counter in the DB +write_fpc_interval=5 + +#Name of the site +site_name=site_1 + +#Node type +node_type=pdp_xacml + +#Dependency groups are groups of resources upon which a node operational state is dependent upon). +#Each group is a comma-separated list of resource names and groups are separated by a semicolon. +#A group may contain one or more members. Resource names must match the resource names defined +#in the respective servers' properties files +dependency_groups=site_1.pdplp_1;site_1.astragw_1;site_1.brmsgw_1 + +# this can be DEVL, TEST, PROD +ENVIRONMENT=DEVL +xacml.rest.pep.idfile = client.properties + +#AAF Policy Name space +#Not Mandatory for Open Onap +policy.aaf.namespace = +policy.aaf.resource = +# Decision Response settings. +# can be either PERMIT or DENY. +decision.indeterminate.response=PERMIT
\ No newline at end of file |