From dda032f8bb161d54eb1f59de2b4a3efb774fc4d1 Mon Sep 17 00:00:00 2001 From: "ITSERVICES\\rb7147" Date: Mon, 8 May 2017 22:20:44 -0400 Subject: Policy 1707 Second commit Change-Id: I18f5b142238733d17280cf17c3d1dd28204d34e9 Signed-off-by: ITSERVICES\rb7147 --- .../install/mysql/data/170204_downgrade_script.sql | 1 + .../install/mysql/data/170204_upgrade_script.sql | 14 +++ .../files/install/servers/brmsgw/config.properties | 16 ++-- .../pap/bin/Decision_GuardPolicyTemplate.xml | 99 ++++++++++++++++++++++ .../install/servers/pap/bin/xacml.pap.properties | 2 +- .../install/servers/pdp/bin/xacml.pdp.properties | 24 +++--- .../install/servers/pypdp/bin/client.properties | 22 ----- .../install/servers/pypdp/bin/config.properties | 51 ----------- .../pypdp/bin/config/policyLogger.properties | 44 ---------- 9 files changed, 135 insertions(+), 138 deletions(-) create mode 100644 packages/base/src/files/install/servers/pap/bin/Decision_GuardPolicyTemplate.xml delete mode 100644 packages/base/src/files/install/servers/pypdp/bin/client.properties delete mode 100644 packages/base/src/files/install/servers/pypdp/bin/config.properties delete mode 100644 packages/base/src/files/install/servers/pypdp/bin/config/policyLogger.properties (limited to 'packages/base/src/files') diff --git a/packages/base/src/files/install/mysql/data/170204_downgrade_script.sql b/packages/base/src/files/install/mysql/data/170204_downgrade_script.sql index d33fde5c6..8fead9cce 100644 --- a/packages/base/src/files/install/mysql/data/170204_downgrade_script.sql +++ b/packages/base/src/files/install/mysql/data/170204_downgrade_script.sql @@ -20,3 +20,4 @@ use ecomp_sdk; drop table if exists brmsgroup_info; drop table if exists brmsgroup_policy; +drop table if exists operationshistory10; diff --git a/packages/base/src/files/install/mysql/data/170204_upgrade_script.sql b/packages/base/src/files/install/mysql/data/170204_upgrade_script.sql index 87b24710d..c474f1b7e 100644 --- a/packages/base/src/files/install/mysql/data/170204_upgrade_script.sql +++ b/packages/base/src/files/install/mysql/data/170204_upgrade_script.sql @@ -36,6 +36,20 @@ controllerName VARCHAR(255) NOT NULL references brmsgroup_info(controllerName), PRIMARY KEY(policyname) ); +drop table if exists operationshistory10; + +create table operationshistory10( +CLNAME varchar(255) not null, +requestID varchar(100), +actor varchar(50) not null, +operation varchar(50) not null, +target varchar(50) not null, +starttime timestamp not null, +outcome varchar(50) not null, +message varchar(255) , +subrequestId varchar(100), +endtime timestamp not null default current_timestamp +); Insert into fn_role (ROLE_ID,ROLE_NAME,ACTIVE_YN,PRIORITY) values (5002,'Policy Super Admin','Y',10); Insert into fn_role (ROLE_ID,ROLE_NAME,ACTIVE_YN,PRIORITY) values (5003,'Policy Super Editor','Y',10); diff --git a/packages/base/src/files/install/servers/brmsgw/config.properties b/packages/base/src/files/install/servers/brmsgw/config.properties index 4f92a0ac7..30b14b1e2 100644 --- a/packages/base/src/files/install/servers/brmsgw/config.properties +++ b/packages/base/src/files/install/servers/brmsgw/config.properties @@ -26,14 +26,14 @@ PDP_URL = ${{REST_PDP_ID}} , ${{PDP_HTTP_USER_ID}} , ${{PDP_HTTP_PASSWORD}} PAP_URL = ${{REST_PAP_URL}} , ${{PDP_PAP_PDP_HTTP_USER_ID}} , ${{PDP_PAP_PDP_HTTP_PASSWORD}} #Notification Properties... type can be either websocket, ueb, or dmaap -NOTIFICATION_TYPE=websocket -NOTIFICATION_SERVERS=${{UEB_URL}} -NOTIFICATION_TOPIC=${{UEB_TOPIC}} -NOTIFICATION_DELAY= -CLIENT_ID=${{CLIENT_ID}} -CLIENT_KEY=${{CLIENT_KEY}} -UEB_API_KEY=${{UEB_API_KEY}} -UEB_API_SECRET=${{UEB_API_SECRET}} +NOTIFICATION_TYPE=${{BRMS_NOTIFICATION_TYPE}} +NOTIFICATION_SERVERS=${{BRMS_UEB_URL}} +NOTIFICATION_TOPIC=${{BRMS_UEB_TOPIC}} +NOTIFICATION_DELAY=${{BRMS_UEB_DELAY}} +CLIENT_ID=${{BRMS_CLIENT_ID}} +CLIENT_KEY=${{BRMS_CLIENT_KEY}} +UEB_API_KEY=${{BRMS_UEB_API_KEY}} +UEB_API_SECRET=${{BRMS_UEB_API_SECRET}} # Environment should be Set either DEV, TEST or PROD diff --git a/packages/base/src/files/install/servers/pap/bin/Decision_GuardPolicyTemplate.xml b/packages/base/src/files/install/servers/pap/bin/Decision_GuardPolicyTemplate.xml new file mode 100644 index 000000000..3a7f25008 --- /dev/null +++ b/packages/base/src/files/install/servers/pap/bin/Decision_GuardPolicyTemplate.xml @@ -0,0 +1,99 @@ + + + ${description} + + + + + ${PolicyName} + + + + + + ${ECOMPName} + + + + ${actor} + + + + ${recipe} + + + + + + + + + + + DECIDE + + + + + + + + + + + + + ${guardActiveStart} + ${guardActiveEnd} + + + + + + + ${limit} + + + + + + + + + + DECIDE + + + + + + + + + + + + + + ${guardActiveStart} + ${guardActiveEnd} + + + + + + + ${limit} + + + + + + + + Denied! + + + + + \ No newline at end of file diff --git a/packages/base/src/files/install/servers/pap/bin/xacml.pap.properties b/packages/base/src/files/install/servers/pap/bin/xacml.pap.properties index 2a45ad32a..143aeabce 100644 --- a/packages/base/src/files/install/servers/pap/bin/xacml.pap.properties +++ b/packages/base/src/files/install/servers/pap/bin/xacml.pap.properties @@ -24,7 +24,7 @@ xacml.PAP.papEngineFactory=org.openecomp.policy.xacml.std.pap.StdEngineFactory dictionary.impl.className=org.openecomp.policy.pap.xacml.rest.handler.DictionaryHandlerImpl savePolicy.impl.className=org.openecomp.policy.pap.xacml.rest.handler.SavePolicyHandler -pushPolicy.impl.className=org.openecomp.policy.pap.xacml.rest.handler.PushPolicyHander +pushPolicy.impl.className=org.openecomp.policy.pap.xacml.rest.handler.PushPolicyHandler deletePolicy.impl.className=org.openecomp.policy.pap.xacml.rest.handler.DeleteHandler # # Where we store our PAP PDP Group/Node information diff --git a/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties b/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties index 676eeef31..3b0431958 100644 --- a/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties +++ b/packages/base/src/files/install/servers/pdp/bin/xacml.pdp.properties @@ -47,13 +47,13 @@ xacml.att.policyFinderFactory=org.openecomp.policy.pdp.rest.XACMLPdpPolicyFinder # When set to true, this flag tells the StdPolicyFinderFactory to combined all the root policy files into # into one PolicySet and use the given Policy Algorithm. # -xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-deny-overrides +xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-permit-overrides # # PDP RESTful API properties # -# Set this to the address where the XACML-PAP-REST servlet is running +# Set this to the address or list of addresses where the XACML-PAP-REST servlet is running # http://localhost:9090/pap/ -xacml.rest.pap.url=${{REST_PAP_URL}} +xacml.rest.pap.urls=${{REST_PAP_URL}} #if multiple paps exist, the xacml.rest.pap.url can be removed and they can be defined like this: #xacml.rest.pap.urls=http://localhost:9090/pap/,http://localhost:9091/pap/ # @@ -67,14 +67,14 @@ xacml.jmx.port=${{TOMCAT_JMX_PORT}} # # Notification Properties # Notifcation type: websocket, ueb or dmaap... if left blank websocket is the default -NOTIFICATION_TYPE=websocket,UEB -NOTIFICATION_SERVERS=${{UEB_CLUSTER}} -NOTIFICATION_TOPIC= -NOTIFICATION_DELAY= -UEB_API_KEY=${{UEB_API_KEY}} -UEB_API_SECRET=${{UEB_API_SECRET}} -DMAAP_AAF_LOGIN=${{DMAAP_AAF_LOGIN}} -DMAAP_AAF_PASSWORD=${{DMAAP_AAF_PASSWORD}} +NOTIFICATION_TYPE=${{PDP_NOTIFICATION_TYPE}} +NOTIFICATION_SERVERS=${{PDP_UEB_CLUSTER}} +NOTIFICATION_TOPIC=${{PDP_UEB_TOPIC}} +NOTIFICATION_DELAY=${{PDP_UEB_DELAY}} +UEB_API_KEY=${{PDP_UEB_API_KEY}} +UEB_API_SECRET=${{PDP_UEB_API_SECRET}} +DMAAP_AAF_LOGIN=${{PDP_DMAAP_AAF_LOGIN}} +DMAAP_AAF_PASSWORD=${{PDP_DMAAP_AAF_PASSWORD}} # # Set the directory where the PDP holds its Policy Cache and PIP Configuration # @@ -134,6 +134,6 @@ javax.persistence.jdbc.password=${{JDBC_PASSWORD}} ENVIRONMENT=${{ENVIRONMENT}} #AAF Policy Name space -#Not Mandatory for Open Ecomp +#Required only, when we use AAF policy.aaf.namespace = ${{POLICY_AAF_NAMESPACE}} policy.aaf.resource = ${{POLICY_AAF_RESOURCE}} diff --git a/packages/base/src/files/install/servers/pypdp/bin/client.properties b/packages/base/src/files/install/servers/pypdp/bin/client.properties deleted file mode 100644 index 0b8dc258e..000000000 --- a/packages/base/src/files/install/servers/pypdp/bin/client.properties +++ /dev/null @@ -1,22 +0,0 @@ -### -# ============LICENSE_START======================================================= -# ECOMP Policy Engine -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### - -python=test,MASTER -PyPDPServer=test,MASTER \ No newline at end of file diff --git a/packages/base/src/files/install/servers/pypdp/bin/config.properties b/packages/base/src/files/install/servers/pypdp/bin/config.properties deleted file mode 100644 index 93f7b5d41..000000000 --- a/packages/base/src/files/install/servers/pypdp/bin/config.properties +++ /dev/null @@ -1,51 +0,0 @@ -### -# ============LICENSE_START======================================================= -# ECOMP Policy Engine -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### - -#pypdp properties - -PDP_URL=${{PDP_URL}} -PAP_URL=${{PAP_URL}} -PYPDP_ID=${{PYPDP_ID}} -PYPDP_PASSWORD=${{PYPDP_PASSWORD}} - -#Integrity Monitor values -#database driver for Integrity Monitor -javax.persistence.jdbc.driver=${{JDBC_DRIVER}} -#database URL for Integrity Monitor -javax.persistence.jdbc.url=${{JDBC_URL}} -#database username for Integrity Monitor -javax.persistence.jdbc.user=${{JDBC_USER}} -#database password for Integrity Monitor -javax.persistence.jdbc.password=${{JDBC_PASSWORD}} -#resource name -RESOURCE_NAME=${{resource_name}} -#***Properties for IntegrityMonitor integration defined in IntegrityMonitorProperties.java*** -site_name=${{site_name}} -node_type=${{node_type}} -fp_monitor_interval=${{fp_monitor_interval}} -failed_counter_threshold=${{failed_counter_threshold}} -test_trans_interval=${{test_trans_interval}} -write_fpc_interval=${{write_fpc_interval}} -max_fpc_update_interval=${{max_fpc_update_interval}} -test_via_jmx=${{test_via_jmx}} -# Environment should be Set either DEV, TEST or PROD -ENVIRONMENT=${{ENVIRONMENT}} - -CLIENT_FILE=${{CLIENT_FILE}} diff --git a/packages/base/src/files/install/servers/pypdp/bin/config/policyLogger.properties b/packages/base/src/files/install/servers/pypdp/bin/config/policyLogger.properties deleted file mode 100644 index 0deb1b3d6..000000000 --- a/packages/base/src/files/install/servers/pypdp/bin/config/policyLogger.properties +++ /dev/null @@ -1,44 +0,0 @@ -### -# ============LICENSE_START======================================================= -# ECOMP Policy Engine -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### - -################################### Set concurrentHashMap and timer info ####################### -#Timer initial delay and the delay between in milliseconds before task is to be execute. -timer.delay.time=1000 -#Timer scheduleAtFixedRate period - time in milliseconds between successive task executions. -check.interval= 30000 -#Longest time an event info can be stored in the concurrentHashMap for logging - in seconds. -event.expired.time=86400 -#Size of the concurrentHashMap which stores the event starting time, etc - when its size reaches this limit, the Timer gets executed -#to remove all expired records from this concurrentHashMap. -concurrentHashMap.limit=5000 -#Size of the concurrentHashMap - when its size drops to this point, stop the Timer -stop.check.point=2500 -################################### Set logging format ############################################# -# set EELF for EELF logging format, set LOG4J for using log4j, set SYSTEMOUT for using system.out.println -logger.type=EELF -#################################### Set level for EELF or SYSTEMOUT logging ################################## -# Set level for debug file. Set DEBUG to enable .info, .warn and .debug; set INFO for enable .info and .warn; set OFF to disable all -debugLogger.level=INFO -# Set level for metrics file. Set OFF to disable; set ON to enable -metricsLogger.level=ON -# Set level for error file. Set OFF to disable; set ON to enable -error.level=ON -# Set level for audit file. Set OFF to disable; set ON to enable -audit.level=ON -- cgit 1.2.3-korg