From 91d04c64771832a0b8815ffbe1f0f9920320d94d Mon Sep 17 00:00:00 2001 From: Pamela Dragosh Date: Tue, 14 Feb 2017 19:41:00 -0500 Subject: Initial OpenECOMP policy/engine commit Change-Id: I7dbff37733b661643dd4d1caefa3d7dccc361b6e Signed-off-by: Pamela Dragosh --- .../test/FunctionDefinitionRegexpMatchTest.java | 511 +++++++++++++++++++++ 1 file changed, 511 insertions(+) create mode 100644 ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionRegexpMatchTest.java (limited to 'ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionRegexpMatchTest.java') diff --git a/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionRegexpMatchTest.java b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionRegexpMatchTest.java new file mode 100644 index 000000000..631dca910 --- /dev/null +++ b/ECOMP-PDP/src/test/java/org/openecomp/policy/pdp/test/FunctionDefinitionRegexpMatchTest.java @@ -0,0 +1,511 @@ +/*- + * ============LICENSE_START======================================================= + * ECOMP-PDP + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.openecomp.policy.pdp.test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.net.URI; +import java.util.ArrayList; +import java.util.List; + +import javax.security.auth.x500.X500Principal; + +import org.junit.Test; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.datatypes.DataTypes; +import com.att.research.xacml.std.datatypes.IPAddress; +import com.att.research.xacml.std.datatypes.RFC2396DomainName; +import com.att.research.xacml.std.datatypes.RFC822Name; +import com.att.research.xacmlatt.pdp.policy.ExpressionResult; +import com.att.research.xacmlatt.pdp.policy.FunctionArgument; +import com.att.research.xacmlatt.pdp.policy.FunctionArgumentAttributeValue; +import com.att.research.xacmlatt.pdp.std.StdFunctions; +import com.att.research.xacmlatt.pdp.std.functions.*; + +/** + * Test of PDP Functions (See XACML core spec section A.3) + * + * TO RUN - use jUnit + * In Eclipse select this file or the enclosing directory, right-click and select Run As/JUnit Test + * + * + */ +public class FunctionDefinitionRegexpMatchTest { + + + /* + * variables useful in the following tests + */ + List arguments = new ArrayList(); + + + @Test + public void testString() { + String v1 = new String("abc"); + String v2 = new String("def"); + + + FunctionArgumentAttributeValue attrV1 = null; + FunctionArgumentAttributeValue attrV2 = null; + FunctionArgumentAttributeValue attrNull = null; + FunctionArgumentAttributeValue attrInteger = null; + try { + attrV1 = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(v1)); + attrV2 = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(v2)); + attrNull = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(null)); + attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234)); + } catch (Exception e) { + fail("creating attributes e="+ e); + } + + FunctionDefinitionRegexpMatch fd = (FunctionDefinitionRegexpMatch) StdFunctions.FD_STRING_REGEXP_MATCH; + + // check identity and type of the thing created + assertEquals(XACML3.ID_FUNCTION_STRING_REGEXP_MATCH, fd.getId()); + assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId()); + + // just to be safe... If tests take too long these can probably be eliminated + assertFalse(fd.returnsBag()); + + + // match + arguments.clear(); + arguments.add(attrV1); + arguments.add(attrV1); + ExpressionResult res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + Boolean resValue = (Boolean)res.getValue().getValue(); + assertEquals(true, resValue); + + // no match + arguments.clear(); + arguments.add(attrV1); + arguments.add(attrV2); + res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + resValue = (Boolean)res.getValue().getValue(); + assertEquals(false, resValue); + + // null regex + arguments.clear(); + arguments.add(null); + arguments.add(attrV2); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:string-regexp-match Got null argument", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + + arguments.clear(); + arguments.add(attrNull); + arguments.add(attrV2); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:string-regexp-match Got null attribute", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + // null object to match + arguments.clear(); + arguments.add(attrV1); + arguments.add(null); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:string-regexp-match Got null argument", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + arguments.clear(); + arguments.add(attrV1); + arguments.add(attrNull); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:string-regexp-match Got null attribute", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + + // regex not string + arguments.clear(); + arguments.add(attrInteger); + arguments.add(attrV2); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:string-regexp-match Expected data type 'string' saw 'integer'", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + // object to match not correct type + arguments.clear(); + arguments.add(attrV1); + arguments.add(attrInteger); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:string-regexp-match Expected data type 'string' saw 'integer'", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + } + + @Test + public void testAnyURI() { + String regexp = new String("abc"); + URI uri1 = null; + URI uri2 = null; + try { + uri1 = new URI("abc"); + uri2 = new URI("def"); + } catch (Exception e) { + fail("Unable to create URIs, e="+e); + } + + + FunctionArgumentAttributeValue attrRegexp = null; + FunctionArgumentAttributeValue attrUri1 = null; + FunctionArgumentAttributeValue attrUri2 = null; + FunctionArgumentAttributeValue attrInteger = null; + try { + attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp)); + attrUri1 = new FunctionArgumentAttributeValue(DataTypes.DT_ANYURI.createAttributeValue(uri1)); + attrUri2 = new FunctionArgumentAttributeValue(DataTypes.DT_ANYURI.createAttributeValue(uri2)); + attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234)); + } catch (Exception e) { + fail("creating attributes e="+ e); + } + + FunctionDefinitionRegexpMatch fd = (FunctionDefinitionRegexpMatch) StdFunctions.FD_ANYURI_REGEXP_MATCH; + + // check identity and type of the thing created + assertEquals(XACML3.ID_FUNCTION_ANYURI_REGEXP_MATCH, fd.getId()); + assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId()); + + // just to be safe... If tests take too long these can probably be eliminated + assertFalse(fd.returnsBag()); + + + // match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrUri1); + ExpressionResult res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + Boolean resValue = (Boolean)res.getValue().getValue(); + assertEquals(true, resValue); + + // no match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrUri2); + res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + resValue = (Boolean)res.getValue().getValue(); + assertEquals(false, resValue); + + // object to match not correct type + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrInteger); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:anyURI-regexp-match Expected data type 'anyURI' saw 'integer'", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + } + + + @Test + public void testIpAddress() { + String regexp = new String(".*123.*"); + IPAddress addr1 = null; + IPAddress addr2 = null; + try { + addr1 = IPAddress.newInstance("10.123.45.67"); + addr2 = IPAddress.newInstance("10.12.13.14"); + } catch (Exception e) { + fail("Unable to create IPAddresses, e="+e); + } + + + FunctionArgumentAttributeValue attrRegexp = null; + FunctionArgumentAttributeValue attrAddr1 = null; + FunctionArgumentAttributeValue attrAddr2 = null; + FunctionArgumentAttributeValue attrInteger = null; + try { + attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp)); + attrAddr1 = new FunctionArgumentAttributeValue(DataTypes.DT_IPADDRESS.createAttributeValue(addr1)); + attrAddr2 = new FunctionArgumentAttributeValue(DataTypes.DT_IPADDRESS.createAttributeValue(addr2)); + attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234)); + } catch (Exception e) { + fail("creating attributes e="+ e); + } + + FunctionDefinitionRegexpMatch fd = (FunctionDefinitionRegexpMatch) StdFunctions.FD_IPADDRESS_REGEXP_MATCH; + + // check identity and type of the thing created + assertEquals(XACML3.ID_FUNCTION_IPADDRESS_REGEXP_MATCH, fd.getId()); + assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId()); + + // just to be safe... If tests take too long these can probably be eliminated + assertFalse(fd.returnsBag()); + + + // match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrAddr1); + ExpressionResult res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + Boolean resValue = (Boolean)res.getValue().getValue(); + assertEquals(true, resValue); + + // no match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrAddr2); + res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + resValue = (Boolean)res.getValue().getValue(); + assertEquals(false, resValue); + + // object to match not correct type + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrInteger); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:ipAddress-regexp-match Expected data type 'ipAddress' saw 'integer'", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + } + + + @Test + public void testDnsName() { + String regexp = new String("abc"); + RFC2396DomainName addr1 = null; + RFC2396DomainName addr2 = null; + try { + addr1 = RFC2396DomainName.newInstance("abc"); + addr2 = RFC2396DomainName.newInstance("def"); + } catch (Exception e) { + fail("Unable to create DNSNames, e="+e); + } + + + FunctionArgumentAttributeValue attrRegexp = null; + FunctionArgumentAttributeValue attrAddr1 = null; + FunctionArgumentAttributeValue attrAddr2 = null; + FunctionArgumentAttributeValue attrInteger = null; + try { + attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp)); + attrAddr1 = new FunctionArgumentAttributeValue(DataTypes.DT_DNSNAME.createAttributeValue(addr1)); + attrAddr2 = new FunctionArgumentAttributeValue(DataTypes.DT_DNSNAME.createAttributeValue(addr2)); + attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234)); + } catch (Exception e) { + fail("creating attributes e="+ e); + } + + FunctionDefinitionRegexpMatch fd = (FunctionDefinitionRegexpMatch) StdFunctions.FD_DNSNAME_REGEXP_MATCH; + + // check identity and type of the thing created + assertEquals(XACML3.ID_FUNCTION_DNSNAME_REGEXP_MATCH, fd.getId()); + assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId()); + + // just to be safe... If tests take too long these can probably be eliminated + assertFalse(fd.returnsBag()); + + + // match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrAddr1); + ExpressionResult res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + Boolean resValue = (Boolean)res.getValue().getValue(); + assertEquals(true, resValue); + + // no match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrAddr2); + res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + resValue = (Boolean)res.getValue().getValue(); + assertEquals(false, resValue); + + // object to match not correct type + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrInteger); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:dnsName-regexp-match Expected data type 'dnsName' saw 'integer'", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + } + + + @Test + public void testRfc822Name() { + String regexp = new String(".*abc.*"); + RFC822Name addr1 = null; + RFC822Name addr2 = null; + try { + addr1 = RFC822Name.newInstance("abc@somewhere"); + addr2 = RFC822Name.newInstance("def@somewhere"); + } catch (Exception e) { + fail("Unable to create RFC822Names, e="+e); + } + + + FunctionArgumentAttributeValue attrRegexp = null; + FunctionArgumentAttributeValue attrAddr1 = null; + FunctionArgumentAttributeValue attrAddr2 = null; + FunctionArgumentAttributeValue attrInteger = null; + try { + attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp)); + attrAddr1 = new FunctionArgumentAttributeValue(DataTypes.DT_RFC822NAME.createAttributeValue(addr1)); + attrAddr2 = new FunctionArgumentAttributeValue(DataTypes.DT_RFC822NAME.createAttributeValue(addr2)); + attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234)); + } catch (Exception e) { + fail("creating attributes e="+ e); + } + + FunctionDefinitionRegexpMatch fd = (FunctionDefinitionRegexpMatch) StdFunctions.FD_RFC822NAME_REGEXP_MATCH; + + // check identity and type of the thing created + assertEquals(XACML3.ID_FUNCTION_RFC822NAME_REGEXP_MATCH, fd.getId()); + assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId()); + + // just to be safe... If tests take too long these can probably be eliminated + assertFalse(fd.returnsBag()); + + + // match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrAddr1); + ExpressionResult res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + Boolean resValue = (Boolean)res.getValue().getValue(); + assertEquals(true, resValue); + + // no match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrAddr2); + res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + resValue = (Boolean)res.getValue().getValue(); + assertEquals(false, resValue); + + // object to match not correct type + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrInteger); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:rfc822Name-regexp-match Expected data type 'rfc822Name' saw 'integer'", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + } + + + @Test + public void testX500Name() { + String regexp = new String(".*Duke.*"); + X500Principal addr1 = null; + X500Principal addr2 = null; + try { + addr1 = new X500Principal("CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US"); + addr2 = new X500Principal("CN=Policy Engine, OU=Research, O=ATT, C=US"); + } catch (Exception e) { + fail("Unable to create X500Name, e="+e); + } + + + FunctionArgumentAttributeValue attrRegexp = null; + FunctionArgumentAttributeValue attrAddr1 = null; + FunctionArgumentAttributeValue attrAddr2 = null; + FunctionArgumentAttributeValue attrInteger = null; + try { + attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp)); + attrAddr1 = new FunctionArgumentAttributeValue(DataTypes.DT_X500NAME.createAttributeValue(addr1)); + attrAddr2 = new FunctionArgumentAttributeValue(DataTypes.DT_X500NAME.createAttributeValue(addr2)); + attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234)); + } catch (Exception e) { + fail("creating attributes e="+ e); + } + + FunctionDefinitionRegexpMatch fd = (FunctionDefinitionRegexpMatch) StdFunctions.FD_X500NAME_REGEXP_MATCH; + + // check identity and type of the thing created + assertEquals(XACML3.ID_FUNCTION_X500NAME_REGEXP_MATCH, fd.getId()); + assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId()); + + // just to be safe... If tests take too long these can probably be eliminated + assertFalse(fd.returnsBag()); + + + // match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrAddr1); + ExpressionResult res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + Boolean resValue = (Boolean)res.getValue().getValue(); + assertEquals(true, resValue); + + // no match + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrAddr2); + res = fd.evaluate(null, arguments); + assertTrue(res.isOk()); + assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass()); + resValue = (Boolean)res.getValue().getValue(); + assertEquals(false, resValue); + + // object to match not correct type + arguments.clear(); + arguments.add(attrRegexp); + arguments.add(attrInteger); + res = fd.evaluate(null, arguments); + assertFalse(res.isOk()); + assertEquals("function:x500Name-regexp-match Expected data type 'x500Name' saw 'integer'", res.getStatus().getStatusMessage()); + assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue()); + + } + + + + +} -- cgit 1.2.3-korg