From 70770572844f95a11206ae008dd62e42aedfe04d Mon Sep 17 00:00:00 2001 From: Jim Hahn Date: Mon, 26 Jul 2021 11:11:09 -0400 Subject: Add "configure" operation to xacml Added "configure" operation to xacml simulator and actor.xacml. Issue-ID: POLICY-3502 Change-Id: Ia206303c65ce4e54187d818da9253dabfe864d62 Signed-off-by: Jim Hahn --- .../actor/xacml/ConfigureOperation.java | 83 ++++++++++++ .../policy/controlloop/actor/xacml/XacmlActor.java | 1 + .../actor/xacml/ConfigureOperationTest.java | 150 +++++++++++++++++++++ .../actor/xacml/DecisionActorParamsTest.java | 117 ---------------- .../controlloop/actor/xacml/DecisionActorTest.java | 48 ------- .../actor/xacml/GuardOperationTest.java | 6 +- .../actor/xacml/XacmlActorParamsTest.java | 117 ++++++++++++++++ .../controlloop/actor/xacml/XacmlActorTest.java | 50 +++++++ .../actor.xacml/src/test/resources/service.yaml | 4 + .../resources/xacml.configure.test-policy.json | 22 +++ models-interactions/model-simulators/pom.xml | 7 +- .../policy/simulators/XacmlSimulatorJaxRs.java | 78 +++++++++-- .../onap/policy/simulators/XacmlSimulatorTest.java | 92 +++++++++++-- .../xacml/xacml.configure.invalid-policy.json | 4 + .../xacml/xacml.configure.test-policy.json | 22 +++ 15 files changed, 606 insertions(+), 195 deletions(-) create mode 100644 models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/ConfigureOperation.java create mode 100644 models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/ConfigureOperationTest.java delete mode 100644 models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/DecisionActorParamsTest.java delete mode 100644 models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/DecisionActorTest.java create mode 100644 models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/XacmlActorParamsTest.java create mode 100644 models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/XacmlActorTest.java create mode 100644 models-interactions/model-actors/actor.xacml/src/test/resources/xacml.configure.test-policy.json create mode 100644 models-interactions/model-simulators/src/test/resources/org/onap/policy/simulators/xacml/xacml.configure.invalid-policy.json create mode 100644 models-interactions/model-simulators/src/test/resources/org/onap/policy/simulators/xacml/xacml.configure.test-policy.json (limited to 'models-interactions') diff --git a/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/ConfigureOperation.java b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/ConfigureOperation.java new file mode 100644 index 000000000..ed8e6778b --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/ConfigureOperation.java @@ -0,0 +1,83 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import java.util.Collections; +import java.util.Map; +import java.util.concurrent.CompletableFuture; +import javax.ws.rs.core.Response; +import org.onap.policy.controlloop.actorserviceprovider.OperationOutcome; +import org.onap.policy.controlloop.actorserviceprovider.OperationResult; +import org.onap.policy.controlloop.actorserviceprovider.parameters.ControlLoopOperationParams; +import org.onap.policy.controlloop.actorserviceprovider.parameters.HttpConfig; +import org.onap.policy.models.decisions.concepts.DecisionRequest; +import org.onap.policy.models.decisions.concepts.DecisionResponse; + +public class ConfigureOperation extends DecisionOperation { + + // operation name + public static final String NAME = "Configure"; + + /** + * Constructs the object. + * + * @param params operation parameters + * @param config configuration for this operation + */ + public ConfigureOperation(ControlLoopOperationParams params, HttpConfig config) { + super(params, config, Collections.emptyList()); + } + + @Override + protected DecisionRequest makeRequest() { + if (params.getPayload() == null) { + throw new IllegalArgumentException("missing payload"); + } + + DecisionRequest req = config.makeRequest(); + req.setRequestId(getSubRequestId()); + req.setResource(params.getPayload()); + + return req; + } + + @Override + protected CompletableFuture postProcessResponse(OperationOutcome outcome, String url, + Response rawResponse, DecisionResponse response) { + + outcome.setResponse(response); + + // check for policies + Map policies = response.getPolicies(); + if (policies == null || policies.isEmpty()) { + outcome.setResult(OperationResult.FAILURE); + outcome.setMessage("response contains no policies"); + return CompletableFuture.completedFuture(outcome); + } + + outcome.setResult(OperationResult.SUCCESS); + + // set the message + outcome.setMessage(response.getMessage()); + + return CompletableFuture.completedFuture(outcome); + } +} diff --git a/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActor.java b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActor.java index ab7452266..664aae1ec 100644 --- a/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActor.java +++ b/models-interactions/model-actors/actor.xacml/src/main/java/org/onap/policy/controlloop/actor/xacml/XacmlActor.java @@ -35,5 +35,6 @@ public class XacmlActor extends HttpActor { super(NAME, XacmlActorParams.class); addOperator(new DecisionOperator(NAME, GuardOperation.NAME, GuardOperation::new)); + addOperator(new DecisionOperator(NAME, ConfigureOperation.NAME, ConfigureOperation::new)); } } diff --git a/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/ConfigureOperationTest.java b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/ConfigureOperationTest.java new file mode 100644 index 000000000..8d41d121d --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/ConfigureOperationTest.java @@ -0,0 +1,150 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2021 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + +import java.util.Map; +import java.util.function.Consumer; +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.mockito.Mock; +import org.onap.policy.common.endpoints.event.comm.bus.internal.BusTopicParams; +import org.onap.policy.common.endpoints.http.client.HttpClientFactoryInstance; +import org.onap.policy.common.endpoints.http.server.HttpServletServerFactoryInstance; +import org.onap.policy.controlloop.actor.test.BasicHttpOperation; +import org.onap.policy.controlloop.actorserviceprovider.OperationOutcome; +import org.onap.policy.controlloop.actorserviceprovider.OperationResult; +import org.onap.policy.models.decisions.concepts.DecisionRequest; +import org.onap.policy.models.decisions.concepts.DecisionResponse; + +public class ConfigureOperationTest extends BasicHttpOperation { + + @Mock + private Consumer started; + @Mock + private Consumer completed; + + private DecisionConfig operConfig; + private ConfigureOperation oper; + + /** + * Starts the simulator. + */ + @BeforeClass + public static void setUpBeforeClass() throws Exception { + org.onap.policy.simulators.Util.buildXacmlSim(); + + BusTopicParams clientParams = BusTopicParams.builder().clientName(MY_CLIENT).basePath("policy/pdpx/v1/") + .hostname("localhost").managed(true).port(org.onap.policy.simulators.Util.XACMLSIM_SERVER_PORT) + .build(); + HttpClientFactoryInstance.getClientFactory().build(clientParams); + } + + @AfterClass + public static void tearDownAfterClass() { + HttpClientFactoryInstance.getClientFactory().destroy(); + HttpServletServerFactoryInstance.getServerFactory().destroy(); + } + + /** + * Sets up. + */ + @Before + public void setUp() { + super.setUpBasic(); + + operConfig = mock(DecisionConfig.class); + when(operConfig.makeRequest()).thenAnswer(args -> { + DecisionRequest req = new DecisionRequest(); + req.setAction("guard"); + req.setOnapComponent("my-onap-component"); + req.setOnapInstance("my-onap-instance"); + req.setOnapName("my-onap-name"); + return req; + }); + + config = operConfig; + initConfig(); + + params = params.toBuilder().startCallback(started).completeCallback(completed).build(); + + oper = new ConfigureOperation(params, config); + } + + @Test + public void testConstructor() { + assertEquals(DEFAULT_ACTOR, oper.getActorName()); + assertEquals(DEFAULT_OPERATION, oper.getName()); + } + + /** + * Tests "success" case with simulator. + */ + @Test + public void testSuccess() throws Exception { + DecisionParams opParams = + DecisionParams.builder().clientName(MY_CLIENT).path("decision").action("configure").build(); + config = new DecisionConfig(blockingExecutor, opParams, HttpClientFactoryInstance.getClientFactory()); + + params = params.toBuilder().payload(Map.of("policy-id", "test-policy")).retry(0).timeoutSec(5) + .executor(blockingExecutor).build(); + oper = new ConfigureOperation(params, config); + + outcome = oper.start().get(); + assertEquals(OperationResult.SUCCESS, outcome.getResult()); + + DecisionResponse response = outcome.getResponse(); + assertTrue(response instanceof DecisionResponse); + assertNotNull(response.getPolicies()); + assertThat(response.getPolicies()).containsKey("test-policy"); + } + + /** + * Tests "failure" case with simulator. + */ + @Test + public void testFailure() throws Exception { + DecisionParams opParams = + DecisionParams.builder().clientName(MY_CLIENT).path("decision").action("configure").build(); + config = new DecisionConfig(blockingExecutor, opParams, HttpClientFactoryInstance.getClientFactory()); + + params = params.toBuilder().payload(Map.of("policy-id", "nonexistent")).retry(0).timeoutSec(5) + .executor(blockingExecutor).build(); + oper = new ConfigureOperation(params, config); + + outcome = oper.start().get(); + assertEquals(OperationResult.FAILURE, outcome.getResult()); + + DecisionResponse response = outcome.getResponse(); + assertTrue(response instanceof DecisionResponse); + assertNotNull(response.getPolicies()); + assertThat(response.getPolicies()).isEmpty(); + } + +} diff --git a/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/DecisionActorParamsTest.java b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/DecisionActorParamsTest.java deleted file mode 100644 index 0b0495620..000000000 --- a/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/DecisionActorParamsTest.java +++ /dev/null @@ -1,117 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP - * ================================================================================ - * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.controlloop.actor.xacml; - -import static org.assertj.core.api.Assertions.assertThat; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; - -import java.util.Map; -import java.util.TreeMap; -import java.util.function.Consumer; -import org.junit.Before; -import org.junit.Test; -import org.onap.policy.common.parameters.ValidationResult; -import org.onap.policy.controlloop.actor.xacml.XacmlActorParams; -import org.onap.policy.controlloop.actorserviceprovider.Util; -import org.onap.policy.controlloop.actorserviceprovider.parameters.ActorParams; - -public class DecisionActorParamsTest { - private static final String CONTAINER = "my-container"; - private static final String CLIENT = "my-client"; - private static final int TIMEOUT = 10; - private static final String ONAP_NAME = "onap-nap"; - private static final String ONAP_COMP = "onap-component"; - private static final String ONAP_INST = "onap-instance"; - private static final String MY_ACTION = "my-action"; - - private static final String PATH1 = "path #1"; - private static final String PATH2 = "path #2"; - private static final String URI1 = "uri #1"; - private static final String URI2 = "uri #2"; - - private Map> operations; - private XacmlActorParams params; - - /** - * Initializes {@link #operations} with two items and {@link params} with a fully - * populated object. - */ - @Before - public void setUp() { - operations = new TreeMap<>(); - operations.put(PATH1, Map.of("path", URI1)); - operations.put(PATH2, Map.of("path", URI2)); - - params = makeXacmlActorParams(); - } - - @Test - public void testIsDisabled() { - // disabled by default - assertFalse(params.isDisabled()); - } - - @Test - public void testValidate() { - assertTrue(params.validate(CONTAINER).isValid()); - - // only a few fields are required - XacmlActorParams sparse = Util.translate(CONTAINER, Map.of(ActorParams.OPERATIONS_FIELD, operations), - XacmlActorParams.class); - assertTrue(sparse.validate(CONTAINER).isValid()); - - assertEquals(XacmlActorParams.DEFAULT_ACTION, sparse.getAction()); - - // check fields from superclass - testValidateField(ActorParams.OPERATIONS_FIELD, "null", params2 -> params2.setOperations(null)); - testValidateField("timeoutSec", "minimum", params2 -> params2.setTimeoutSec(-1)); - } - - private void testValidateField(String fieldName, String expected, Consumer makeInvalid) { - - // original params should be valid - ValidationResult result = params.validate(CONTAINER); - assertTrue(fieldName, result.isValid()); - - // make invalid params - XacmlActorParams params2 = makeXacmlActorParams(); - makeInvalid.accept(params2); - result = params2.validate(CONTAINER); - assertFalse(fieldName, result.isValid()); - assertThat(result.getResult()).contains(CONTAINER).contains(fieldName).contains(expected); - } - - private XacmlActorParams makeXacmlActorParams() { - XacmlActorParams params2 = new XacmlActorParams(); - params2.setClientName(CLIENT); - params2.setTimeoutSec(TIMEOUT); - params2.setOperations(operations); - - params2.setOnapName(ONAP_NAME); - params2.setOnapComponent(ONAP_COMP); - params2.setOnapInstance(ONAP_INST); - params2.setAction(MY_ACTION); - - return params2; - } -} diff --git a/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/DecisionActorTest.java b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/DecisionActorTest.java deleted file mode 100644 index 47c294c24..000000000 --- a/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/DecisionActorTest.java +++ /dev/null @@ -1,48 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP - * ================================================================================ - * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.controlloop.actor.xacml; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; - -import java.util.Arrays; -import java.util.stream.Collectors; -import org.junit.Test; -import org.onap.policy.controlloop.actor.test.BasicActor; - -public class DecisionActorTest extends BasicActor { - - @Test - public void test() { - final XacmlActor prov = new XacmlActor(); - - // verify that it has the operators we expect - var expected = Arrays.asList(GuardOperation.NAME).stream().sorted().collect(Collectors.toList()); - var actual = prov.getOperationNames().stream().sorted().collect(Collectors.toList()); - - assertEquals(expected.toString(), actual.toString()); - - // verify that it all plugs into the ActorService - verifyActorService(XacmlActor.NAME, "service.yaml"); - - assertTrue(prov.getOperator(GuardOperation.NAME) instanceof DecisionOperator); - } -} diff --git a/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/GuardOperationTest.java b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/GuardOperationTest.java index 2988d695b..28e28fdd4 100644 --- a/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/GuardOperationTest.java +++ b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/GuardOperationTest.java @@ -107,7 +107,8 @@ public class GuardOperationTest extends BasicHttpOperation { */ @Test public void testSuccess() throws Exception { - DecisionParams opParams = DecisionParams.builder().clientName(MY_CLIENT).path("decision").build(); + DecisionParams opParams = + DecisionParams.builder().clientName(MY_CLIENT).path("decision").action("guard").build(); config = new DecisionConfig(blockingExecutor, opParams, HttpClientFactoryInstance.getClientFactory()); params = params.toBuilder().retry(0).timeoutSec(5).executor(blockingExecutor).build(); @@ -123,7 +124,8 @@ public class GuardOperationTest extends BasicHttpOperation { */ @Test public void testFailure() throws Exception { - DecisionParams opParams = DecisionParams.builder().clientName(MY_CLIENT).path("decision").build(); + DecisionParams opParams = + DecisionParams.builder().clientName(MY_CLIENT).path("decision").action("guard").build(); config = new DecisionConfig(blockingExecutor, opParams, HttpClientFactoryInstance.getClientFactory()); params = params.toBuilder().retry(0).timeoutSec(5).executor(blockingExecutor) diff --git a/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/XacmlActorParamsTest.java b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/XacmlActorParamsTest.java new file mode 100644 index 000000000..4e1b9b05d --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/XacmlActorParamsTest.java @@ -0,0 +1,117 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import java.util.Map; +import java.util.TreeMap; +import java.util.function.Consumer; +import org.junit.Before; +import org.junit.Test; +import org.onap.policy.common.parameters.ValidationResult; +import org.onap.policy.controlloop.actor.xacml.XacmlActorParams; +import org.onap.policy.controlloop.actorserviceprovider.Util; +import org.onap.policy.controlloop.actorserviceprovider.parameters.ActorParams; + +public class XacmlActorParamsTest { + private static final String CONTAINER = "my-container"; + private static final String CLIENT = "my-client"; + private static final int TIMEOUT = 10; + private static final String ONAP_NAME = "onap-nap"; + private static final String ONAP_COMP = "onap-component"; + private static final String ONAP_INST = "onap-instance"; + private static final String MY_ACTION = "my-action"; + + private static final String PATH1 = "path #1"; + private static final String PATH2 = "path #2"; + private static final String URI1 = "uri #1"; + private static final String URI2 = "uri #2"; + + private Map> operations; + private XacmlActorParams params; + + /** + * Initializes {@link #operations} with two items and {@link params} with a fully + * populated object. + */ + @Before + public void setUp() { + operations = new TreeMap<>(); + operations.put(PATH1, Map.of("path", URI1)); + operations.put(PATH2, Map.of("path", URI2)); + + params = makeXacmlActorParams(); + } + + @Test + public void testIsDisabled() { + // disabled by default + assertFalse(params.isDisabled()); + } + + @Test + public void testValidate() { + assertTrue(params.validate(CONTAINER).isValid()); + + // only a few fields are required + XacmlActorParams sparse = Util.translate(CONTAINER, Map.of(ActorParams.OPERATIONS_FIELD, operations), + XacmlActorParams.class); + assertTrue(sparse.validate(CONTAINER).isValid()); + + assertEquals(XacmlActorParams.DEFAULT_ACTION, sparse.getAction()); + + // check fields from superclass + testValidateField(ActorParams.OPERATIONS_FIELD, "null", params2 -> params2.setOperations(null)); + testValidateField("timeoutSec", "minimum", params2 -> params2.setTimeoutSec(-1)); + } + + private void testValidateField(String fieldName, String expected, Consumer makeInvalid) { + + // original params should be valid + ValidationResult result = params.validate(CONTAINER); + assertTrue(fieldName, result.isValid()); + + // make invalid params + XacmlActorParams params2 = makeXacmlActorParams(); + makeInvalid.accept(params2); + result = params2.validate(CONTAINER); + assertFalse(fieldName, result.isValid()); + assertThat(result.getResult()).contains(CONTAINER).contains(fieldName).contains(expected); + } + + private XacmlActorParams makeXacmlActorParams() { + XacmlActorParams params2 = new XacmlActorParams(); + params2.setClientName(CLIENT); + params2.setTimeoutSec(TIMEOUT); + params2.setOperations(operations); + + params2.setOnapName(ONAP_NAME); + params2.setOnapComponent(ONAP_COMP); + params2.setOnapInstance(ONAP_INST); + params2.setAction(MY_ACTION); + + return params2; + } +} diff --git a/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/XacmlActorTest.java b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/XacmlActorTest.java new file mode 100644 index 000000000..5c32f92bc --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/test/java/org/onap/policy/controlloop/actor/xacml/XacmlActorTest.java @@ -0,0 +1,50 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.controlloop.actor.xacml; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + +import java.util.Arrays; +import java.util.stream.Collectors; +import org.junit.Test; +import org.onap.policy.controlloop.actor.test.BasicActor; + +public class XacmlActorTest extends BasicActor { + + @Test + public void test() { + final XacmlActor prov = new XacmlActor(); + + // verify that it has the operators we expect + var expected = Arrays.asList(GuardOperation.NAME, ConfigureOperation.NAME).stream().sorted() + .collect(Collectors.toList()); + var actual = prov.getOperationNames().stream().sorted().collect(Collectors.toList()); + + assertEquals(expected.toString(), actual.toString()); + + // verify that it all plugs into the ActorService + verifyActorService(XacmlActor.NAME, "service.yaml"); + + assertTrue(prov.getOperator(GuardOperation.NAME) instanceof DecisionOperator); + assertTrue(prov.getOperator(ConfigureOperation.NAME) instanceof DecisionOperator); + } +} diff --git a/models-interactions/model-actors/actor.xacml/src/test/resources/service.yaml b/models-interactions/model-actors/actor.xacml/src/test/resources/service.yaml index 81f4b8413..77a87b72e 100644 --- a/models-interactions/model-actors/actor.xacml/src/test/resources/service.yaml +++ b/models-interactions/model-actors/actor.xacml/src/test/resources/service.yaml @@ -33,3 +33,7 @@ actors: operations: Guard: path: decide + action: guard + Configure: + path: decision + action: configure diff --git a/models-interactions/model-actors/actor.xacml/src/test/resources/xacml.configure.test-policy.json b/models-interactions/model-actors/actor.xacml/src/test/resources/xacml.configure.test-policy.json new file mode 100644 index 000000000..214a447da --- /dev/null +++ b/models-interactions/model-actors/actor.xacml/src/test/resources/xacml.configure.test-policy.json @@ -0,0 +1,22 @@ +{ + "tosca_definitions_version": "tosca_simple_yaml_1_1_0", + "topology_template": { + "policies": [ + { + "test-policy": { + "type": "onap.policies.monitoring.test", + "type_version": "1.0.0", + "version": "1.0.0", + "name": "test-policy", + "metadata": { + "policy-id": "test-policy", + "policy-version": 1 + }, + "properties": { + "test": "test" + } + } + } + ] + } +} diff --git a/models-interactions/model-simulators/pom.xml b/models-interactions/model-simulators/pom.xml index 8f7d35aaf..f778b07d4 100644 --- a/models-interactions/model-simulators/pom.xml +++ b/models-interactions/model-simulators/pom.xml @@ -2,7 +2,7 @@ ============LICENSE_START======================================================= ONAP ================================================================================ - Copyright (C) 2017-2020 AT&T Intellectual Property. All rights reserved. + Copyright (C) 2017-2021 AT&T Intellectual Property. All rights reserved. Modifications Copyright (C) 2019 Nordix Foundation. ================================================================================ Licensed under the Apache License, Version 2.0 (the "License"); @@ -90,6 +90,11 @@ gson provided + + org.onap.policy.models + policy-models-tosca + ${project.version} + org.onap.policy.models policy-models-decisions diff --git a/models-interactions/model-simulators/src/main/java/org/onap/policy/simulators/XacmlSimulatorJaxRs.java b/models-interactions/model-simulators/src/main/java/org/onap/policy/simulators/XacmlSimulatorJaxRs.java index f25b65c04..54023f6e5 100644 --- a/models-interactions/model-simulators/src/main/java/org/onap/policy/simulators/XacmlSimulatorJaxRs.java +++ b/models-interactions/model-simulators/src/main/java/org/onap/policy/simulators/XacmlSimulatorJaxRs.java @@ -22,21 +22,41 @@ package org.onap.policy.simulators; import java.util.Collections; +import java.util.HashMap; import java.util.Map; +import java.util.function.Function; import javax.ws.rs.Consumes; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; +import org.onap.policy.common.utils.coder.Coder; +import org.onap.policy.common.utils.coder.CoderException; +import org.onap.policy.common.utils.coder.StandardCoder; +import org.onap.policy.common.utils.resources.ResourceUtils; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; @Path("/policy/pdpx/v1") public class XacmlSimulatorJaxRs { + private static final Logger logger = LoggerFactory.getLogger(XacmlSimulatorJaxRs.class); + + public static final String POLICY_CONFIG_OPER_PREFIX = "org/onap/policy/simulators/xacml/xacml.configure."; public static final String DENY_CLNAME = "denyGuard"; + public static final Coder coder = new StandardCoder(); + + // @formatter:off + private Map> action2method = Map.of( + "guard", this::guardDecision, + "configure", this::configureDecision + ); + // @formatter:on /** - * Get a guard decision. + * Get a XACML decision. * * @param req the request * @return the response @@ -45,23 +65,55 @@ public class XacmlSimulatorJaxRs { @Path("/decision") @Consumes(MediaType.APPLICATION_JSON) @Produces("application/json") - public DecisionResponse getGuardDecision(DecisionRequest req) { + public DecisionResponse getDecision(DecisionRequest req) { + Function func = action2method.get(req.getAction()); + if (func != null) { + return func.apply(req); + } + + DecisionResponse response = new DecisionResponse(); + response.setMessage("unsupported action: " + req.getAction()); + return response; + } + + private DecisionResponse guardDecision(DecisionRequest req) { @SuppressWarnings("unchecked") Map guard = (Map) req.getResource().get("guard"); String clName = guard.get("clname"); + var response = new DecisionResponse(); - if (DENY_CLNAME.equals(clName)) { - response.setStatus("Deny"); - response.setAdvice(Collections.emptyMap()); - response.setObligations(Collections.emptyMap()); - response.setPolicies(Collections.emptyMap()); - return response; + response.setStatus(DENY_CLNAME.equals(clName) ? "Deny" : "Permit"); + response.setAdvice(Collections.emptyMap()); + response.setObligations(Collections.emptyMap()); + response.setPolicies(Collections.emptyMap()); + return response; + } + + private DecisionResponse configureDecision(DecisionRequest req) { + var response = new DecisionResponse(); + response.setPolicies(new HashMap<>()); + + Map resources = req.getResource(); + var policyId = resources.get("policy-id"); + if (policyId != null) { + String fileName = POLICY_CONFIG_OPER_PREFIX + policyId + ".json"; + try { + var policyJson = ResourceUtils.getResourceAsString(fileName); + var toscaServiceTemplate = coder.decode(policyJson, ToscaServiceTemplate.class); + toscaServiceTemplate.getToscaTopologyTemplate().getPolicies() + .forEach(policyMap -> response.getPolicies().putAll(policyMap)); + } catch (CoderException e) { + logger.warn("cannot decode policy file: {}", fileName, e); + response.setMessage("cannot decode policy"); + } catch (NullPointerException e) { + logger.warn("cannot read policy simulator file", e); + response.setMessage("cannot read policy simulator file"); + } } else { - response.setStatus("Permit"); - response.setAdvice(Collections.emptyMap()); - response.setObligations(Collections.emptyMap()); - response.setPolicies(Collections.emptyMap()); - return response; + // the current simulator only supports searching by policy-id + // future changes may support getting policies by policy-type + response.setMessage("resource must contain policy-id key"); } + return response; } } diff --git a/models-interactions/model-simulators/src/test/java/org/onap/policy/simulators/XacmlSimulatorTest.java b/models-interactions/model-simulators/src/test/java/org/onap/policy/simulators/XacmlSimulatorTest.java index 53b476fb2..e188edc77 100644 --- a/models-interactions/model-simulators/src/test/java/org/onap/policy/simulators/XacmlSimulatorTest.java +++ b/models-interactions/model-simulators/src/test/java/org/onap/policy/simulators/XacmlSimulatorTest.java @@ -21,6 +21,7 @@ package org.onap.policy.simulators; +import static org.assertj.core.api.Assertions.assertThat; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.fail; @@ -60,35 +61,98 @@ public class XacmlSimulatorTest { @Test public void testGuard() throws CoderException { - String request = makeRequest("test_actor_id", "test_op_id", "test_target", "test_clName"); + String request = makeGuardRequest("test_actor_id", "test_op_id", "test_target", "test_clName"); + DecisionResponse decision = sendRequest(request); + assertEquals("Permit", decision.getStatus()); + + request = makeGuardRequest("test_actor_id", "test_op_id", "test_target", "denyGuard"); + decision = sendRequest(request); + assertEquals("Deny", decision.getStatus()); + } + + @Test + public void testConfigure() throws CoderException { + // test retrieving a policy + String request = makeConfigureRequest("policy-id", "test-policy"); + DecisionResponse decision = sendRequest(request); + assertNotNull(decision.getPolicies()); + assertThat(decision.getPolicies()).containsKey("test-policy"); + + // test no policy found + request = makeConfigureRequest("policy-id", "nonexistent"); + decision = sendRequest(request); + assertNotNull(decision.getPolicies()); + assertThat(decision.getPolicies()).doesNotContainKey("nonexistent"); + + // test unsupported operation + request = makeConfigureRequest("policy-type", "test"); + decision = sendRequest(request); + assertEquals("resource must contain policy-id key", decision.getMessage()); + } + + @Test + public void testConfigureMissingFile() throws CoderException { + // test retrieving a policy + String request = makeConfigureRequest("policy-id", "bogus-policy"); + DecisionResponse decision = sendRequest(request); + assertNotNull(decision.getPolicies()); + assertEquals("cannot read policy simulator file", decision.getMessage()); + } + + @Test + public void testConfigureInvalidJson() throws CoderException { + // test retrieving a policy + String request = makeConfigureRequest("policy-id", "invalid-policy"); + DecisionResponse decision = sendRequest(request); + assertNotNull(decision.getPolicies()); + assertEquals("cannot decode policy", decision.getMessage()); + } + + @Test + public void testUnknownAction() throws CoderException { + String request = makeGuardRequest("test_actor_id", "test_op_id", "test_target", "test_clName"); + request = request.replace("guard", "bogus-action"); + DecisionResponse decision = sendRequest(request); + assertThat(decision.getStatus()).isNull(); + assertThat(decision.getMessage()).isEqualTo("unsupported action: bogus-action"); + } + + private DecisionResponse sendRequest(String request) throws CoderException { String url = "http://localhost:" + Util.XACMLSIM_SERVER_PORT + "/policy/pdpx/v1/decision"; Pair response = new RestManager().post(url, "testUname", "testPass", null, "application/json", request); - assertNotNull(response); - assertNotNull(response.getLeft()); - assertNotNull(response.getRight()); - DecisionResponse decision = coder.decode(response.getRight(), DecisionResponse.class); - assertEquals("Permit", decision.getStatus()); - - request = makeRequest("test_actor_id", "test_op_id", "test_target", "denyGuard"); - response = new RestManager().post(url, "testUname", "testPass", null, "application/json", request); + // verify the response isn't null assertNotNull(response); assertNotNull(response.getLeft()); assertNotNull(response.getRight()); - decision = coder.decode(response.getRight(), DecisionResponse.class); - assertEquals("Deny", decision.getStatus()); + + return coder.decode(response.getRight(), DecisionResponse.class); } - private static String makeRequest(String actor, String recipe, String target, String clName) throws CoderException { - Map guard = new HashMap(); + private String makeGuardRequest(String actor, String recipe, String target, String clName) throws CoderException { + Map guard = new HashMap<>(); guard.put("actor", actor); guard.put("recipe", recipe); guard.put("target", target); guard.put("clname", clName); - Map resource = new HashMap(); + + Map resource = new HashMap<>(); resource.put("guard", guard); + + DecisionRequest request = new DecisionRequest(); + request.setAction("guard"); + request.setResource(resource); + + return coder.encode(request); + } + + private String makeConfigureRequest(String key, String val) throws CoderException { + Map resource = new HashMap<>(); + resource.put(key, val); + DecisionRequest request = new DecisionRequest(); + request.setAction("configure"); request.setResource(resource); return coder.encode(request); diff --git a/models-interactions/model-simulators/src/test/resources/org/onap/policy/simulators/xacml/xacml.configure.invalid-policy.json b/models-interactions/model-simulators/src/test/resources/org/onap/policy/simulators/xacml/xacml.configure.invalid-policy.json new file mode 100644 index 000000000..5176a668d --- /dev/null +++ b/models-interactions/model-simulators/src/test/resources/org/onap/policy/simulators/xacml/xacml.configure.invalid-policy.json @@ -0,0 +1,4 @@ +{ + "tosca_definitions_version": "tosca_simple_yaml_1_1_0", + "topology_template": { + "policies": [ diff --git a/models-interactions/model-simulators/src/test/resources/org/onap/policy/simulators/xacml/xacml.configure.test-policy.json b/models-interactions/model-simulators/src/test/resources/org/onap/policy/simulators/xacml/xacml.configure.test-policy.json new file mode 100644 index 000000000..214a447da --- /dev/null +++ b/models-interactions/model-simulators/src/test/resources/org/onap/policy/simulators/xacml/xacml.configure.test-policy.json @@ -0,0 +1,22 @@ +{ + "tosca_definitions_version": "tosca_simple_yaml_1_1_0", + "topology_template": { + "policies": [ + { + "test-policy": { + "type": "onap.policies.monitoring.test", + "type_version": "1.0.0", + "version": "1.0.0", + "name": "test-policy", + "metadata": { + "policy-id": "test-policy", + "policy-version": 1 + }, + "properties": { + "test": "test" + } + } + } + ] + } +} -- cgit 1.2.3-korg