diff options
Diffstat (limited to 'models-interactions/model-actors/actor.xacml/src/main/java/org')
6 files changed, 422 insertions, 0 deletions
diff --git a/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/DecisionConfig.java b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/DecisionConfig.java new file mode 100644 index 000000000..1fe16fa13 --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/DecisionConfig.java @@ -0,0 +1,68 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import java.util.concurrent.Executor; +import lombok.Getter; +import org.onap.policy.common.endpoints.http.client.HttpClient; +import org.onap.policy.common.endpoints.http.client.HttpClientFactory; +import org.onap.policy.controlloop.actorserviceprovider.parameters.HttpConfig; +import org.onap.policy.models.decisions.concepts.DecisionRequest; + +/** + * Configuration for Decision Operators. + */ +public class DecisionConfig extends HttpConfig { + private final DecisionRequest defaultRequest = new DecisionRequest(); + + /** + * {@code True} if the associated decision operation is disabled. + */ + @Getter + private boolean disabled; + + /** + * Constructs the object. + * + * @param blockingExecutor executor to be used for tasks that may perform blocking I/O + * @param params operator parameters + * @param clientFactory factory from which to obtain the {@link HttpClient} + */ + public DecisionConfig(Executor blockingExecutor, DecisionParams params, HttpClientFactory clientFactory) { + super(blockingExecutor, params, clientFactory); + + defaultRequest.setOnapComponent(params.getOnapComponent()); + defaultRequest.setOnapInstance(params.getOnapInstance()); + defaultRequest.setOnapName(params.getOnapName()); + defaultRequest.setAction(params.getAction()); + + this.disabled = params.isDisabled(); + } + + /** + * Creates a new request, with the default values. + * + * @return a new request + */ + public DecisionRequest makeRequest() { + return new DecisionRequest(defaultRequest); + } +} diff --git a/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/DecisionOperator.java b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/DecisionOperator.java new file mode 100644 index 000000000..f385764d5 --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/DecisionOperator.java @@ -0,0 +1,52 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import java.util.Map; +import org.onap.policy.common.parameters.ValidationResult; +import org.onap.policy.controlloop.actorserviceprovider.Util; +import org.onap.policy.controlloop.actorserviceprovider.impl.HttpOperation; +import org.onap.policy.controlloop.actorserviceprovider.impl.HttpOperator; +import org.onap.policy.controlloop.actorserviceprovider.impl.OperationMaker; +import org.onap.policy.controlloop.actorserviceprovider.parameters.HttpConfig; +import org.onap.policy.controlloop.actorserviceprovider.parameters.ParameterValidationRuntimeException; + +/** + * Decision Operator. + */ +public class DecisionOperator extends HttpOperator { + + public DecisionOperator(String actorName, String name, + OperationMaker<HttpConfig, HttpOperation<?>> operationMaker) { + super(actorName, name, operationMaker); + } + + @Override + protected HttpConfig makeConfiguration(Map<String, Object> parameters) { + DecisionParams params = Util.translate(getFullName(), parameters, DecisionParams.class); + ValidationResult result = params.validate(getFullName()); + if (!result.isValid()) { + throw new ParameterValidationRuntimeException("invalid parameters", result); + } + + return new DecisionConfig(getBlockingExecutor(), params, getClientFactory()); + } +} diff --git a/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/DecisionParams.java b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/DecisionParams.java new file mode 100644 index 000000000..c154497f1 --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/DecisionParams.java @@ -0,0 +1,48 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import lombok.Data; +import lombok.EqualsAndHashCode; +import lombok.experimental.SuperBuilder; +import org.onap.policy.common.parameters.annotations.NotBlank; +import org.onap.policy.common.parameters.annotations.NotNull; +import org.onap.policy.controlloop.actorserviceprovider.parameters.HttpParams; + +/** + * Decision parameters. + */ +@NotBlank +@NotNull +@Data +@EqualsAndHashCode(callSuper = true) +@SuperBuilder(toBuilder = true) +public class DecisionParams extends HttpParams { + private String onapName; + private String onapComponent; + private String onapInstance; + private String action; + + /** + * {@code True} if the associated decision operation is disabled. + */ + private boolean disabled; +} diff --git a/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/GuardOperation.java b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/GuardOperation.java new file mode 100644 index 000000000..6da970968 --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/GuardOperation.java @@ -0,0 +1,167 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import java.util.Collections; +import java.util.Map; +import java.util.concurrent.CompletableFuture; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import org.onap.policy.common.endpoints.event.comm.Topic.CommInfrastructure; +import org.onap.policy.common.endpoints.utils.NetLoggerUtil.EventType; +import org.onap.policy.controlloop.actorserviceprovider.CallbackManager; +import org.onap.policy.controlloop.actorserviceprovider.OperationOutcome; +import org.onap.policy.controlloop.actorserviceprovider.OperationResult; +import org.onap.policy.controlloop.actorserviceprovider.impl.HttpOperation; +import org.onap.policy.controlloop.actorserviceprovider.parameters.ControlLoopOperationParams; +import org.onap.policy.controlloop.actorserviceprovider.parameters.HttpConfig; +import org.onap.policy.models.decisions.concepts.DecisionRequest; +import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Guard Operation. The outcome message is set to the guard response. If the guard is + * permitted or indeterminate, then the outcome is set to SUCCESS. + * <p/> + * The input to the request is taken from the payload, where properties are mapped to the + * field names in the {@link DecisionRequest} object. Properties whose names begin with + * "resource." are placed into the "resource" field of the {@link DecisionRequest}. The + * following will be provided, if not specified in the payload: + * <dl> + * <dt>action</dt> + * <dd>"guard"</dd> + * <dt>request ID</dt> + * <dd>generated</dd> + * </dl> + */ +public class GuardOperation extends HttpOperation<DecisionResponse> { + private static final Logger logger = LoggerFactory.getLogger(GuardOperation.class); + + // operation name + public static final String NAME = "Guard"; + + public static final String PERMIT = "Permit"; + public static final String DENY = "Deny"; + public static final String INDETERMINATE = "Indeterminate"; + + /** + * Prefix for properties in the payload that should be copied to the "resource" field + * of the request. + */ + public static final String RESOURCE_PREFIX = "resource."; + + private final DecisionConfig config; + + + /** + * Constructs the object. + * + * @param params operation parameters + * @param config configuration for this operation + */ + public GuardOperation(ControlLoopOperationParams params, HttpConfig config) { + super(params, config, DecisionResponse.class, Collections.emptyList()); + this.config = (DecisionConfig) config; + } + + @Override + public CompletableFuture<OperationOutcome> start() { + if (!config.isDisabled()) { + // enabled - do full guard operation + return super.start(); + } + + // guard is disabled, thus it is always treated as a success + logger.info("{}: guard disabled, always succeeds for {}", getFullName(), params.getRequestId()); + + final var executor = params.getExecutor(); + final var callbacks = new CallbackManager(); + + return CompletableFuture.completedFuture(makeOutcome()) + .whenCompleteAsync(callbackStarted(callbacks), executor) + .whenCompleteAsync(callbackCompleted(callbacks), executor); + } + + @Override + protected CompletableFuture<OperationOutcome> startOperationAsync(int attempt, OperationOutcome outcome) { + DecisionRequest request = makeRequest(); + + Map<String, Object> headers = makeHeaders(); + + headers.put("Accept", MediaType.APPLICATION_JSON); + String url = getUrl(); + + String strRequest = prettyPrint(request); + logMessage(EventType.OUT, CommInfrastructure.REST, url, strRequest); + + Entity<String> entity = Entity.entity(strRequest, MediaType.APPLICATION_JSON); + + // @formatter:off + return handleResponse(outcome, url, + callback -> getClient().post(callback, getPath(), entity, headers)); + // @formatter:on + } + + /** + * Makes a request from the payload. + * + * @return a new request + */ + protected DecisionRequest makeRequest() { + if (params.getPayload() == null) { + throw new IllegalArgumentException("missing payload"); + } + + DecisionRequest req = config.makeRequest(); + req.setRequestId(getSubRequestId()); + req.setResource(Map.of("guard", params.getPayload())); + + return req; + } + + @Override + protected CompletableFuture<OperationOutcome> postProcessResponse(OperationOutcome outcome, String url, + Response rawResponse, DecisionResponse response) { + + outcome.setResponse(response); + + // determine the result + String status = response.getStatus(); + if (status == null) { + outcome.setResult(OperationResult.FAILURE); + outcome.setMessage("response contains no status"); + return CompletableFuture.completedFuture(outcome); + } + + if (PERMIT.equalsIgnoreCase(status) || INDETERMINATE.equalsIgnoreCase(status)) { + outcome.setResult(OperationResult.SUCCESS); + } else { + outcome.setResult(OperationResult.FAILURE); + } + + // set the message + outcome.setMessage(response.getStatus()); + + return CompletableFuture.completedFuture(outcome); + } +} diff --git a/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActor.java b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActor.java new file mode 100644 index 000000000..ab7452266 --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActor.java @@ -0,0 +1,39 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2018-2019 Huawei Intellectual Property. All rights reserved. + * Modifications Copyright (C) 2019 Nordix Foundation. + * Modifications Copyright (C) 2019-2021 AT&T Intellectual Property. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import org.onap.policy.controlloop.actorserviceprovider.impl.HttpActor; + +public class XacmlActor extends HttpActor<XacmlActorParams> { + // actor name + public static final String NAME = "XACML"; + + /** + * Constructs the object. + */ + public XacmlActor() { + super(NAME, XacmlActorParams.class); + + addOperator(new DecisionOperator(NAME, GuardOperation.NAME, GuardOperation::new)); + } +} diff --git a/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActorParams.java b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActorParams.java new file mode 100644 index 000000000..e668fa3db --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActorParams.java @@ -0,0 +1,48 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import lombok.EqualsAndHashCode; +import lombok.Getter; +import lombok.Setter; +import org.onap.policy.controlloop.actorserviceprovider.parameters.HttpActorParams; + +@Getter +@Setter +@EqualsAndHashCode(callSuper = true) +public class XacmlActorParams extends HttpActorParams { + public static final String DEFAULT_ACTION = "guard"; + + /* + * Optional, default values that are used if missing from the operation-specific + * parameters. + */ + + private String onapName; + private String onapComponent; + private String onapInstance; + private String action = DEFAULT_ACTION; + + /** + * {@code True} if xacml operations are disabled. + */ + private boolean disabled = false; +} |