summaryrefslogtreecommitdiffstats
path: root/ONAP-PAP-REST/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'ONAP-PAP-REST/src/main')
-rw-r--r--ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/DecisionPolicy.java29
-rw-r--r--ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/policycontroller/PolicyCreation.java38
-rw-r--r--ONAP-PAP-REST/src/main/resources/Decision_GuardMinMaxPolicyTemplate.xml138
3 files changed, 189 insertions, 16 deletions
diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/DecisionPolicy.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/DecisionPolicy.java
index 47ab45894..03fbe0763 100644
--- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/DecisionPolicy.java
+++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/DecisionPolicy.java
@@ -90,9 +90,11 @@ public class DecisionPolicy extends Policy {
private static final String AAFPROVIDER = "AAF";
public static final String GUARD_YAML = "GUARD_YAML";
public static final String GUARD_BL_YAML = "GUARD_BL_YAML";
+ public static final String GUARD_MIN_MAX = "GUARD_MIN_MAX";
public static final String RAINY_DAY = "Rainy_Day";
private static final String XACML_GUARD_TEMPLATE = "Decision_GuardPolicyTemplate.xml";
private static final String XACML_BLGUARD_TEMPLATE = "Decision_GuardBLPolicyTemplate.xml";
+ private static final String XACML_GUARD_MIN_MAX_TEMPLATE = "Decision_GuardMinMaxPolicyTemplate.xml";
private static final String ONAPNAME = "ONAPName";
private static final String POLICY_NAME = "PolicyName";
@@ -194,8 +196,10 @@ public class DecisionPolicy extends Policy {
}
policyName = policyAdapter.getNewFileName();
- if (policyAdapter.getRuleProvider().equals(GUARD_YAML)
- || policyAdapter.getRuleProvider().equals(GUARD_BL_YAML)) {
+ if(policyAdapter.getRuleProvider().equals(GUARD_YAML) ||
+ policyAdapter.getRuleProvider().equals(GUARD_BL_YAML) ||
+ policyAdapter.getRuleProvider().equals(GUARD_MIN_MAX)){
+
Map<String, String> yamlParams = new HashMap<>();
String blackListEntryType = policyAdapter.getBlackListEntryType() != null
? policyAdapter.getBlackListEntryType() : "Use Manual Entry";
@@ -353,6 +357,12 @@ public class DecisionPolicy extends Policy {
}
cons.setBlacklist(blackList);
break;
+ case GUARD_MIN_MAX:
+ templateFile = new File(classLoader.getResource(XACML_GUARD_MIN_MAX_TEMPLATE).getFile());
+ xacmlTemplatePath = templateFile.toPath();
+ cons = new Constraint(Integer.parseInt(yamlParams.get("min")),
+ Integer.parseInt(yamlParams.get("max")), activeTimeRange);
+ break;
default:
templateFile = new File(classLoader.getResource(XACML_GUARD_TEMPLATE).getFile());
xacmlTemplatePath = templateFile.toPath();
@@ -372,6 +382,7 @@ public class DecisionPolicy extends Policy {
cons = new Constraint(Integer.parseInt(yamlParams.get("limit")), timeWindow, activeTimeRange);
break;
}
+
builder = builder.addLimitConstraint(policy1.getId(), cons);
// Build the specification
Results results = builder.buildSpecification();
@@ -399,6 +410,18 @@ public class DecisionPolicy extends Policy {
yamlSpecs.put("twUnits", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst()
.getTime_window().get("units"));
}
+
+ if (yamlGuardObject.getGuards().getFirst().getLimit_constraints().
+ getFirst().getMaxVnfCount() != null) {
+ yamlSpecs.put("max", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst()
+ .getMaxVnfCount().toString());
+ }
+ if (yamlGuardObject.getGuards().getFirst().getLimit_constraints().
+ getFirst().getMinVnfCount() != null) {
+ yamlSpecs.put("min", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst()
+ .getMinVnfCount().toString());
+ }
+
yamlSpecs.put("guardActiveStart", yamlGuardObject.getGuards().getFirst().getLimit_constraints()
.getFirst().getActive_time_range().get("start"));
yamlSpecs.put("guardActiveEnd", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst()
@@ -406,9 +429,11 @@ public class DecisionPolicy extends Policy {
String xacmlPolicyContent = SafePolicyBuilder.generateXacmlGuard(xacmlTemplateContent, yamlSpecs,
yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getBlacklist(),
yamlGuardObject.getGuards().getFirst().getMatch_parameters().getTargets());
+
// Convert the Policy into Stream input to Policy Adapter.
Object policy = XACMLPolicyScanner
.readPolicy(new ByteArrayInputStream(xacmlPolicyContent.getBytes(StandardCharsets.UTF_8)));
+
return (PolicyType) policy;
} catch (IOException e) {
LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error while creating the policy " + e.getMessage(),
diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/policycontroller/PolicyCreation.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/policycontroller/PolicyCreation.java
index 951f25c25..de5d1cf49 100644
--- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/policycontroller/PolicyCreation.java
+++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/policycontroller/PolicyCreation.java
@@ -402,46 +402,56 @@ public class PolicyCreation extends AbstractPolicyCreation{
}
}
}
- if(policyData.getRuleProvider()!=null && (policyData.getRuleProvider().equals(DecisionPolicy.GUARD_YAML)|| policyData.getRuleProvider().equals(DecisionPolicy.GUARD_BL_YAML))
- && policyData.getYamlparams()!=null){
+ if (policyData.getRuleProvider() != null
+ && (policyData.getRuleProvider().equals(DecisionPolicy.GUARD_YAML)
+ || policyData.getRuleProvider().equals(DecisionPolicy.GUARD_BL_YAML)
+ || policyData.getRuleProvider().equals(DecisionPolicy.GUARD_MIN_MAX))
+ && policyData.getYamlparams() != null) {
attributeMap.put("actor", policyData.getYamlparams().getActor());
attributeMap.put("recipe", policyData.getYamlparams().getRecipe());
attributeMap.put("clname", policyData.getYamlparams().getClname());
attributeMap.put("limit", policyData.getYamlparams().getLimit());
+ attributeMap.put("min", policyData.getYamlparams().getMin());
+ attributeMap.put("max", policyData.getYamlparams().getMax());
attributeMap.put("timeWindow", policyData.getYamlparams().getTimeWindow());
attributeMap.put("timeUnits", policyData.getYamlparams().getTimeUnits());
attributeMap.put("guardActiveStart", policyData.getYamlparams().getGuardActiveStart());
attributeMap.put("guardActiveEnd", policyData.getYamlparams().getGuardActiveEnd());
- if(policyData.getYamlparams().getBlackList()!=null){
+ if (policyData.getYamlparams().getBlackList() != null) {
String blackList = StringUtils.join(policyData.getYamlparams().getBlackList(), ",");
attributeMap.put("blackList", blackList);
}
- if(DecisionPolicy.GUARD_BL_YAML.equals(policyData.getRuleProvider()) && "Use File Upload".equals(policyData.getBlackListEntryType())){
- if(policyData.getBlackListEntries() != null && !policyData.getBlackListEntries().isEmpty()){
+ if (DecisionPolicy.GUARD_BL_YAML.equals(policyData.getRuleProvider())
+ && "Use File Upload".equals(policyData.getBlackListEntryType())) {
+ if (policyData.getBlackListEntries() != null
+ && !policyData.getBlackListEntries().isEmpty()) {
String blackList = StringUtils.join(policyData.getBlackListEntries(), ",");
attributeMap.put("blackList", blackList);
}
- if(policyData.getAppendBlackListEntries() != null && !policyData.getAppendBlackListEntries().isEmpty()){
+ if (policyData.getAppendBlackListEntries() != null
+ && !policyData.getAppendBlackListEntries().isEmpty()) {
String blackList = StringUtils.join(policyData.getAppendBlackListEntries(), ",");
attributeMap.put("appendBlackList", blackList);
}
}
- if(policyData.getYamlparams().getTargets()!=null){
- String targets = StringUtils.join(policyData.getYamlparams().getTargets(),",");
+ if (policyData.getYamlparams().getTargets() != null) {
+ String targets = StringUtils.join(policyData.getYamlparams().getTargets(), ",");
attributeMap.put("targets", targets);
}
}
- if(policyData.getRuleProvider()!=null && policyData.getRuleProvider().equals(DecisionPolicy.RAINY_DAY)){
+ if (policyData.getRuleProvider() != null
+ && policyData.getRuleProvider().equals(DecisionPolicy.RAINY_DAY)) {
attributeMap.put("ServiceType", policyData.getRainyday().getServiceType());
attributeMap.put("VNFType", policyData.getRainyday().getVnfType());
attributeMap.put("BB_ID", policyData.getRainyday().getBbid());
attributeMap.put("WorkStep", policyData.getRainyday().getWorkstep());
- if(policyData.getRainyday().getTreatmentTableChoices()!=null && policyData.getRainyday().getTreatmentTableChoices().size() > 0){
- for (Object table : policyData.getRainyday().getTreatmentTableChoices()){
- if(table instanceof LinkedHashMap<?,?>){
- String errorcode = ((LinkedHashMap<?,?>) table).get("errorcode").toString();
- String treatment = ((LinkedHashMap<?,?>) table).get("treatment").toString();
+ if (policyData.getRainyday().getTreatmentTableChoices() != null
+ && policyData.getRainyday().getTreatmentTableChoices().isEmpty()) {
+ for (Object table : policyData.getRainyday().getTreatmentTableChoices()) {
+ if (table instanceof LinkedHashMap<?, ?>) {
+ String errorcode = ((LinkedHashMap<?, ?>) table).get("errorcode").toString();
+ String treatment = ((LinkedHashMap<?, ?>) table).get("treatment").toString();
treatmentMap.put(errorcode, treatment);
}
}
diff --git a/ONAP-PAP-REST/src/main/resources/Decision_GuardMinMaxPolicyTemplate.xml b/ONAP-PAP-REST/src/main/resources/Decision_GuardMinMaxPolicyTemplate.xml
new file mode 100644
index 000000000..afb118aa5
--- /dev/null
+++ b/ONAP-PAP-REST/src/main/resources/Decision_GuardMinMaxPolicyTemplate.xml
@@ -0,0 +1,138 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+ ============LICENSE_START==================================================
+ ONAP Policy Engine
+ ===========================================================================
+ Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ ===========================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END====================================================
+ -->
+<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="urn:com:xacml:policy:id:d56af069-6cf1-430c-ba07-e26602e06a52" Version="1" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny">
+ <Description>${description}</Description>
+ <Target>
+ <AnyOf>
+ <AllOf>
+ <Match MatchId="org.onap.function.regex-match">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${PolicyName}</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="PolicyName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ </AllOf>
+ <AllOf>
+ <Match MatchId="org.onap.function.regex-match">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${ONAPName}</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="ONAPName" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">(?i)${actor}</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="actor" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">(?i)${recipe}</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="recipe" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${targets}</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="target" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">${clname}</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="clname" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ </AllOf>
+ </AnyOf>
+ </Target>
+ <Rule RuleId="urn:com:xacml:rule:id:284d9393-f861-4250-b62d-fc36640a363a" Effect="Permit">
+ <Target>
+ <AnyOf>
+ <AllOf>
+ <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DECIDE</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ </AllOf>
+ </AnyOf>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:2.0:function:time-in-range">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" DataType="http://www.w3.org/2001/XMLSchema#time" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" MustBePresent="false"/>
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveStart}</AttributeValue>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveEnd}</AttributeValue>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="vfCount" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="false"/>
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">${min}</AttributeValue>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-less-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="vfCount" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="false"/>
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">${max}</AttributeValue>
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ </Rule>
+ <Rule RuleId="urn:com:xacml:rule:id:284d9393-f861-4250-b62d-fc36640a363a" Effect="Deny">
+ <Target>
+ <AnyOf>
+ <AllOf>
+ <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DECIDE</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ </AllOf>
+ </AnyOf>
+ </Target>
+ <Condition>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:not">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:2.0:function:time-in-range">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:time-one-and-only">
+ <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:environment:current-time" DataType="http://www.w3.org/2001/XMLSchema#time" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment" MustBePresent="false"/>
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveStart}</AttributeValue>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#time">${guardActiveEnd}</AttributeValue>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-greater-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="vfCount" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="false"/>
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">${min}</AttributeValue>
+ </Apply>
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-less-than-or-equal">
+ <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:integer-one-and-only">
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="vfCount" DataType="http://www.w3.org/2001/XMLSchema#integer" MustBePresent="false"/>
+ </Apply>
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#integer">${max}</AttributeValue>
+ </Apply>
+ </Apply>
+ </Apply>
+ </Apply>
+ </Condition>
+ <AdviceExpressions>
+ <AdviceExpression AdviceId="GUARD_MIN_MAX" AppliesTo="Deny">
+ <AttributeAssignmentExpression AttributeId="guard.response" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Denied By Guard</AttributeValue>
+ </AttributeAssignmentExpression>
+ </AdviceExpression>
+ </AdviceExpressions>
+ </Rule>
+</Policy> \ No newline at end of file