summaryrefslogtreecommitdiffstats
path: root/ECOMP-PAP-REST/src/main/resources/Decision_GuardPolicyTemplate.xml
diff options
context:
space:
mode:
Diffstat (limited to 'ECOMP-PAP-REST/src/main/resources/Decision_GuardPolicyTemplate.xml')
-rw-r--r--ECOMP-PAP-REST/src/main/resources/Decision_GuardPolicyTemplate.xml107
1 files changed, 0 insertions, 107 deletions
diff --git a/ECOMP-PAP-REST/src/main/resources/Decision_GuardPolicyTemplate.xml b/ECOMP-PAP-REST/src/main/resources/Decision_GuardPolicyTemplate.xml
deleted file mode 100644
index d404080e0..000000000
--- a/ECOMP-PAP-REST/src/main/resources/Decision_GuardPolicyTemplate.xml
+++ /dev/null
@@ -1,107 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:d56af069-6cf1-430c-ba07-e26602e06a52" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny">
- <Description>${description}</Description>
- <Target>
- <AnyOf>
- <AllOf>
- <Match MatchId="org.openecomp.function.regex-match">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${PolicyName}</AttributeValue>
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="PolicyName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- </AllOf>
- <AllOf>
- <Match MatchId="org.openecomp.function.regex-match">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${ECOMPName}</AttributeValue>
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ECOMPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${actor}</AttributeValue>
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="actor" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${recipe}</AttributeValue>
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="recipe" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${targets}</AttributeValue>
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="target" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${clname}</AttributeValue>
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="clname" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- </AllOf>
- </AnyOf>
- </Target>
- <Rule RuleId="urn:com:xacml:rule:id:284d9393-f861-4250-b62d-fc36640a363a" Effect="Permit">
- <Target>
- <AnyOf>
- <AllOf>
- <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DECIDE</AttributeValue>
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- </AllOf>
- </AnyOf>
- </Target>
- <Condition>
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
- <Apply FunctionId="urn:oasis:names:tc:xacml:2.0:function:time-in-range">
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
- <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" DataType="http://www.w3.org/2001/XMLSchema#time" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" MustBePresent="false"/>
- </Apply>
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveStart}</AttributeValue>
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveEnd}</AttributeValue>
- </Apply>
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than-or-equal">
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="count" DataType="http://www.w3.org/2001/XMLSchema#integer" Issuer="org:onap:xacml:guard:historydb:tw:${twValue}:${twUnits}" MustBePresent="false"/>
- </Apply>
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">${limit}</AttributeValue>
- </Apply>
- </Apply>
- </Apply>
- </Condition>
- </Rule>
- <Rule RuleId="urn:com:xacml:rule:id:284d9393-f861-4250-b62d-fc36640a363a" Effect="Deny">
- <Target>
- <AnyOf>
- <AllOf>
- <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DECIDE</AttributeValue>
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- </AllOf>
- </AnyOf>
- </Target>
- <Condition>
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
- <Apply FunctionId="urn:oasis:names:tc:xacml:2.0:function:time-in-range">
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
- <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" DataType="http://www.w3.org/2001/XMLSchema#time" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" MustBePresent="false"/>
- </Apply>
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveStart}</AttributeValue>
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveEnd}</AttributeValue>
- </Apply>
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than-or-equal">
- <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="count" DataType="http://www.w3.org/2001/XMLSchema#integer" Issuer="org:onap:xacml:guard:historydb:tw:${twValue}:${twUnits}" MustBePresent="false"/>
- </Apply>
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">${limit}</AttributeValue>
- </Apply>
- </Apply>
- </Apply>
- </Apply>
- </Condition>
- <AdviceExpressions>
- <AdviceExpression AdviceId="GUARD_YAML" AppliesTo="Deny">
- <AttributeAssignmentExpression AttributeId="guard.response" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Denied!</AttributeValue>
- </AttributeAssignmentExpression>
- </AdviceExpression>
- </AdviceExpressions>
- </Rule>
-</Policy> \ No newline at end of file