summaryrefslogtreecommitdiffstats
path: root/docs/xacml/tutorial/app
diff options
context:
space:
mode:
authorJorge Hernandez <jorge.hernandez-herrero@att.com>2020-10-30 14:54:46 +0000
committerGerrit Code Review <gerrit@onap.org>2020-10-30 14:54:46 +0000
commit6fe177587d9b37de19a1013c2fada56146e8a017 (patch)
treeb349328a0b16b2222ea46fc62f5aec08b27f52f4 /docs/xacml/tutorial/app
parent04cafa43d8a6502b1c0d57d8f72819820e0633f9 (diff)
parent027d34b558876f78681c79715466b5b612004339 (diff)
Merge "Update Tutorial Documentation"
Diffstat (limited to 'docs/xacml/tutorial/app')
-rw-r--r--docs/xacml/tutorial/app/pom.xml106
-rw-r--r--docs/xacml/tutorial/app/src/main/docker/Dockerfile7
-rw-r--r--docs/xacml/tutorial/app/src/main/docker/README.txt36
-rw-r--r--docs/xacml/tutorial/app/src/main/docker/config/db/db.conf20
-rw-r--r--docs/xacml/tutorial/app/src/main/docker/config/db/db.sh26
-rw-r--r--docs/xacml/tutorial/app/src/main/docker/docker-compose.yml102
-rw-r--r--docs/xacml/tutorial/app/src/main/docker/xacml.properties31
-rw-r--r--docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java57
-rw-r--r--docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java91
-rw-r--r--docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java156
-rw-r--r--docs/xacml/tutorial/app/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider1
-rw-r--r--docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java120
-rw-r--r--docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json12
-rw-r--r--docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml34
-rw-r--r--docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml32
-rw-r--r--docs/xacml/tutorial/app/src/test/resources/xacml.properties31
16 files changed, 0 insertions, 862 deletions
diff --git a/docs/xacml/tutorial/app/pom.xml b/docs/xacml/tutorial/app/pom.xml
deleted file mode 100644
index 380ee512..00000000
--- a/docs/xacml/tutorial/app/pom.xml
+++ /dev/null
@@ -1,106 +0,0 @@
-<!--
- ============LICENSE_START=======================================================
- ONAP Policy Engine - XACML Application Tutorial
- ================================================================================
- Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <groupId>org.onap.policy.tutorial</groupId>
- <artifactId>tutorial</artifactId>
- <version>0.0.1-SNAPSHOT</version>
- <packaging>jar</packaging>
-
- <name>tutorial</name>
-
- <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>4.13</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.onap.policy.xacml-pdp.applications</groupId>
- <artifactId>common</artifactId>
- <version>2.2.2</version>
- </dependency>
- <dependency>
- <groupId>org.onap.policy.xacml-pdp</groupId>
- <artifactId>xacml-test</artifactId>
- <version>2.2.2</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <version>3.8.0</version>
- <configuration>
- <release>11</release>
- </configuration>
- </plugin>
- <plugin>
- <groupId>io.fabric8</groupId>
- <artifactId>docker-maven-plugin</artifactId>
- <version>0.33.0</version>
- <configuration>
- <verbose>true</verbose>
- <images>
- <image>
- <name>onap/policy-xacml-tutorial</name>
- <alias>xacml-pdp</alias>
- <build>
- <contextDir>${project.basedir}/src/main/docker</contextDir>
- <assembly>
- <descriptorRef>artifact-with-dependencies</descriptorRef>
- </assembly>
- </build>
- </image>
- </images>
- </configuration>
- <executions>
- <execution>
- <id>clean-images</id>
- <phase>pre-clean</phase>
- <goals>
- <goal>remove</goal>
- </goals>
- </execution>
-
- <execution>
- <id>generate-images</id>
- <phase>package</phase>
- <goals>
- <goal>build</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- </plugins>
- </build>
-</project>
diff --git a/docs/xacml/tutorial/app/src/main/docker/Dockerfile b/docs/xacml/tutorial/app/src/main/docker/Dockerfile
deleted file mode 100644
index 639e94fb..00000000
--- a/docs/xacml/tutorial/app/src/main/docker/Dockerfile
+++ /dev/null
@@ -1,7 +0,0 @@
-FROM onap/policy-xacml-pdp:2.2.2
-
-ADD maven/${project.build.finalName}.jar /opt/app/policy/pdpx/lib/${project.build.finalName}.jar
-
-RUN mkdir -p /opt/app/policy/pdpx/apps/tutorial
-
-COPY --chown=policy:policy xacml.properties /opt/app/policy/pdpx/apps/tutorial \ No newline at end of file
diff --git a/docs/xacml/tutorial/app/src/main/docker/README.txt b/docs/xacml/tutorial/app/src/main/docker/README.txt
deleted file mode 100644
index a29a44b2..00000000
--- a/docs/xacml/tutorial/app/src/main/docker/README.txt
+++ /dev/null
@@ -1,36 +0,0 @@
-docker-compose -f docker-compose.yml run --rm start_dependencies
-
-docker-compose -f docker-compose.yml run --rm start_all
-
-
-curl -X POST http://0.0.0.0:3904/events/POLICY-PDP-PAP
-
-Should return JSON similar to this:
-{"serverTimeMs":0,"count":0}
-
-
-curl -k -u 'healthcheck:zb!XztG34' 'https://0.0.0.0:6969/policy/pdpx/v1/healthcheck'
-
-Should return JSON similar to this:
-{"name":"Policy Xacml PDP","url":"self","healthy":true,"code":200,"message":"alive"}
-
-
-curl -k -u 'healthcheck:zb!XztG34' 'https://0.0.0.0:6767/policy/api/v1/healthcheck'
-Should return JSON similar to this:
-{
- "name": "Policy API",
- "url": "policy-api",
- "healthy": true,
- "code": 200,
- "message": "alive"
-}
-
-curl -k -u 'healthcheck:zb!XztG34' 'https://0.0.0.0:6868/policy/pap/v1/healthcheck'
-Should return JSON similar to this:
-{
- "name": "Policy PAP",
- "url": "policy-pap",
- "healthy": true,
- "code": 200,
- "message": "alive"
-} \ No newline at end of file
diff --git a/docs/xacml/tutorial/app/src/main/docker/config/db/db.conf b/docs/xacml/tutorial/app/src/main/docker/config/db/db.conf
deleted file mode 100644
index 42f35844..00000000
--- a/docs/xacml/tutorial/app/src/main/docker/config/db/db.conf
+++ /dev/null
@@ -1,20 +0,0 @@
-# ============LICENSE_START=======================================================
-# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-MYSQL_ROOT_PASSWORD=secret
-MYSQL_USER=policy_user
-MYSQL_PASSWORD=policy_user \ No newline at end of file
diff --git a/docs/xacml/tutorial/app/src/main/docker/config/db/db.sh b/docs/xacml/tutorial/app/src/main/docker/config/db/db.sh
deleted file mode 100644
index 499764df..00000000
--- a/docs/xacml/tutorial/app/src/main/docker/config/db/db.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash -xv
-# ============LICENSE_START=======================================================
-# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-
-for db in policyadmin operationshistory
-do
- mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
- mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;"
-done
-
-mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;"
diff --git a/docs/xacml/tutorial/app/src/main/docker/docker-compose.yml b/docs/xacml/tutorial/app/src/main/docker/docker-compose.yml
deleted file mode 100644
index b65098c1..00000000
--- a/docs/xacml/tutorial/app/src/main/docker/docker-compose.yml
+++ /dev/null
@@ -1,102 +0,0 @@
-# ============LICENSE_START=======================================================
-# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-version: '2'
-services:
- mariadb:
- image: mariadb:10.2.14
- container_name: mariadb
- hostname: mariadb
- command: ['--lower-case-table-names=1', '--wait_timeout=28800']
- env_file: config/db/db.conf
- volumes:
- - ./config/db:/docker-entrypoint-initdb.d
- expose:
- - 3306
- message-router:
- image: dmaap/simulator
- container_name: dmaap-simulator
- hostname: dmaap-simulator
- ports:
- - "3904:3904"
- expose:
- - 3904
- api:
- image: nexus3.onap.org:10001/onap/policy-api:2.2.4
- container_name: policy-api
- depends_on:
- - mariadb
- hostname: policy-api
- ports:
- - "6767:6969"
- expose:
- - 6767
- pap:
- image: nexus3.onap.org:10001/onap/policy-pap:2.2.3
- container_name: policy-pap
- depends_on:
- - mariadb
- - message-router
- - api
- hostname: policy-pap
- ports:
- - "6868:6969"
- expose:
- - 6868
- xacml-pdp:
- image: onap/policy-xacml-tutorial
- container_name: policy-xacml-pdp
- depends_on:
- - mariadb
- - message-router
- - api
- - pap
- hostname: policy-xacml-pdp
- ports:
- - "6969:6969"
- expose:
- - 6969
- start_dependencies:
- image: dadarek/wait-for-dependencies
- environment:
- TIMEOUT_LENGTH: 60
- container_name: policy-wait
- depends_on:
- - mariadb
- - message-router
- hostname: policy-wait
- command:
- mariadb:3306
- message-router:3904
- start_all:
- image: dadarek/wait-for-dependencies
- environment:
- TIMEOUT_LENGTH: 60
- container_name: policy-wait-all
- depends_on:
- - mariadb
- - message-router
- - api
- - pap
- - xacml-pdp
- hostname: policy-wait-all
- command:
- mariadb:3306
- message-router:3904
- api:6969
- pap:6969
- xacml-pdp:6969
diff --git a/docs/xacml/tutorial/app/src/main/docker/xacml.properties b/docs/xacml/tutorial/app/src/main/docker/xacml.properties
deleted file mode 100644
index 277b098e..00000000
--- a/docs/xacml/tutorial/app/src/main/docker/xacml.properties
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# Properties that the embedded PDP engine uses to configure and load
-#
-# Standard API Factories
-#
-xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory
-xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory
-xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory
-xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory
-xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory
-#
-# AT&T PDP Implementation Factories
-#
-xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory
-xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory
-xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory
-#
-# ONAP PDP Implementation Factories
-#
-xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory
-
-#
-# Use a root combining algorithm
-#
-xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides
-
-#
-# Policies to load
-#
-xacml.rootPolicies=
-xacml.referencedPolicies= \ No newline at end of file
diff --git a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java
deleted file mode 100644
index 5727f1c1..00000000
--- a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.tutorial.tutorial;
-
-import java.util.Arrays;
-import java.util.List;
-import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier;
-import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator;
-import org.onap.policy.pdp.xacml.application.common.std.StdXacmlApplicationServiceProvider;
-
-public class TutorialApplication extends StdXacmlApplicationServiceProvider {
-
- private final ToscaPolicyTypeIdentifier supportedPolicyType = new ToscaPolicyTypeIdentifier("onap.policies.Authorization", "1.0.0");
- private final TutorialTranslator translator = new TutorialTranslator();
-
- @Override
- public String applicationName() {
- return "tutorial";
- }
-
- @Override
- public List<String> actionDecisionsSupported() {
- return Arrays.asList("authorize");
- }
-
- @Override
- public synchronized List<ToscaPolicyTypeIdentifier> supportedPolicyTypes() {
- return Arrays.asList(supportedPolicyType);
- }
-
- @Override
- public boolean canSupportPolicyType(ToscaPolicyTypeIdentifier policyTypeId) {
- return supportedPolicyType.equals(policyTypeId);
- }
-
- @Override
- protected ToscaPolicyTranslator getTranslator(String type) {
- return translator;
- }
-
-}
diff --git a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java
deleted file mode 100644
index 31aace69..00000000
--- a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.tutorial.tutorial;
-
-import java.util.Map;
-import java.util.Map.Entry;
-import org.onap.policy.models.decisions.concepts.DecisionRequest;
-import com.att.research.xacml.std.annotations.XACMLAction;
-import com.att.research.xacml.std.annotations.XACMLRequest;
-import com.att.research.xacml.std.annotations.XACMLResource;
-import com.att.research.xacml.std.annotations.XACMLSubject;
-import lombok.Getter;
-import lombok.Setter;
-import lombok.ToString;
-
-@Getter
-@Setter
-@ToString
-@XACMLRequest(ReturnPolicyIdList = true)
-public class TutorialRequest {
- @XACMLSubject(includeInResults = true)
- private String onapName;
-
- @XACMLSubject(attributeId = "urn:org:onap:onap-component", includeInResults = true)
- private String onapComponent;
-
- @XACMLSubject(attributeId = "urn:org:onap:onap-instance", includeInResults = true)
- private String onapInstance;
-
- @XACMLAction()
- private String action;
-
- @XACMLResource(attributeId = "urn:org:onap:tutorial-user", includeInResults = true)
- private String user;
-
- @XACMLResource(attributeId = "urn:org:onap:tutorial-entity", includeInResults = true)
- private String entity;
-
- @XACMLResource(attributeId = "urn:org:onap:tutorial-permission", includeInResults = true)
- private String permission;
-
- public static TutorialRequest createRequest(DecisionRequest decisionRequest) {
- //
- // Create our object
- //
- TutorialRequest request = new TutorialRequest();
- //
- // Add the subject attributes
- //
- request.onapName = decisionRequest.getOnapName();
- request.onapComponent = decisionRequest.getOnapComponent();
- request.onapInstance = decisionRequest.getOnapInstance();
- //
- // Add the action attribute
- //
- request.action = decisionRequest.getAction();
- //
- // Add the resource attributes
- //
- Map<String, Object> resources = decisionRequest.getResource();
- for (Entry<String, Object> entrySet : resources.entrySet()) {
- if ("user".equals(entrySet.getKey())) {
- request.user = entrySet.getValue().toString();
- }
- if ("entity".equals(entrySet.getKey())) {
- request.entity = entrySet.getValue().toString();
- }
- if ("permission".equals(entrySet.getKey())) {
- request.permission = entrySet.getValue().toString();
- }
- }
-
- return request;
- }
-}
diff --git a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java
deleted file mode 100644
index 600c6214..00000000
--- a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java
+++ /dev/null
@@ -1,156 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.tutorial.tutorial;
-
-import java.util.List;
-import java.util.Map;
-import org.onap.policy.models.decisions.concepts.DecisionRequest;
-import org.onap.policy.models.decisions.concepts.DecisionResponse;
-import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy;
-import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
-import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
-import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator;
-import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslatorUtils;
-import com.att.research.xacml.api.DataTypeException;
-import com.att.research.xacml.api.Decision;
-import com.att.research.xacml.api.Identifier;
-import com.att.research.xacml.api.Request;
-import com.att.research.xacml.api.Response;
-import com.att.research.xacml.api.Result;
-import com.att.research.xacml.api.XACML3;
-import com.att.research.xacml.std.IdentifierImpl;
-import com.att.research.xacml.std.annotations.RequestParser;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.EffectType;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType;
-
-public class TutorialTranslator implements ToscaPolicyTranslator {
-
- private static final Identifier ID_TUTORIAL_USER = new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-user");
- private static final Identifier ID_TUTORIAL_ENTITY =
- new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-entity");
- private static final Identifier ID_TUTORIAL_PERM = new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-permission");
-
- @SuppressWarnings("unchecked")
- public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException {
- //
- // Here is our policy with a version and default combining algo
- //
- PolicyType newPolicyType = new PolicyType();
- newPolicyType.setPolicyId(toscaPolicy.getMetadata().get("policy-id"));
- newPolicyType.setVersion(toscaPolicy.getMetadata().get("policy-version"));
- //
- // When choosing the rule combining algorithm, be sure to be mindful of the
- // setting xacml.att.policyFinderFactory.combineRootPolicies in the
- // xacml.properties file. As that choice for ALL the policies together may have
- // an impact on the decision rendered from each individual policy.
- //
- // In this case, we will only produce XACML rules for permissions. If no permission
- // combo exists, then the default is to deny.
- //
- newPolicyType.setRuleCombiningAlgId(XACML3.ID_RULE_DENY_UNLESS_PERMIT.stringValue());
- //
- // Create the target for the Policy.
- //
- // For simplicity, let's just match on the action "authorize" and the user
- //
- MatchType matchAction = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator(XACML3.ID_FUNCTION_STRING_EQUAL,
- "authorize", XACML3.ID_DATATYPE_STRING, XACML3.ID_ACTION_ACTION_ID, XACML3.ID_ATTRIBUTE_CATEGORY_ACTION);
- Map<String, Object> props = toscaPolicy.getProperties();
- String user = props.get("user").toString();
- MatchType matchUser = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator(XACML3.ID_FUNCTION_STRING_EQUAL, user,
- XACML3.ID_DATATYPE_STRING, ID_TUTORIAL_USER, XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE);
- AnyOfType anyOf = new AnyOfType();
- //
- // Create AllOf (AND) of just Policy Id
- //
- anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchAction, matchUser));
- TargetType target = new TargetType();
- target.getAnyOf().add(anyOf);
- newPolicyType.setTarget(target);
- //
- // Now add the rule for each permission
- //
- int ruleNumber = 0;
- List<Object> permissions = (List<Object>) props.get("permissions");
- for (Object permission : permissions) {
-
- MatchType matchEntity = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator(XACML3.ID_FUNCTION_STRING_EQUAL,
- ((Map<String, String>) permission).get("entity"), XACML3.ID_DATATYPE_STRING, ID_TUTORIAL_ENTITY,
- XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE);
-
- MatchType matchPermission = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator(
- XACML3.ID_FUNCTION_STRING_EQUAL, ((Map<String, String>) permission).get("permission"),
- XACML3.ID_DATATYPE_STRING, ID_TUTORIAL_PERM, XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE);
- anyOf = new AnyOfType();
- anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchEntity, matchPermission));
- target = new TargetType();
- target.getAnyOf().add(anyOf);
-
- RuleType rule = new RuleType();
- rule.setDescription("Default is to PERMIT if the policy matches.");
- rule.setRuleId(newPolicyType.getPolicyId() + ":rule" + ruleNumber);
-
- rule.setEffect(EffectType.PERMIT);
- rule.setTarget(target);
-
- newPolicyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule);
-
- ruleNumber++;
- }
- return newPolicyType;
- }
-
- public Request convertRequest(DecisionRequest request) {
- try {
- return RequestParser.parseRequest(TutorialRequest.createRequest(request));
- } catch (IllegalArgumentException | IllegalAccessException | DataTypeException e) {
- }
- return null;
- }
-
- public DecisionResponse convertResponse(Response xacmlResponse) {
- DecisionResponse decisionResponse = new DecisionResponse();
- //
- // Iterate through all the results
- //
- for (Result xacmlResult : xacmlResponse.getResults()) {
- //
- // Check the result
- //
- if (xacmlResult.getDecision() == Decision.PERMIT) {
- //
- // Just simply return a Permit response
- //
- decisionResponse.setStatus(Decision.PERMIT.toString());
- } else {
- //
- // Just simply return a Deny response
- //
- decisionResponse.setStatus(Decision.DENY.toString());
- }
- }
-
- return decisionResponse;
- }
-
-}
diff --git a/docs/xacml/tutorial/app/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider b/docs/xacml/tutorial/app/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider
deleted file mode 100644
index 942cc596..00000000
--- a/docs/xacml/tutorial/app/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider
+++ /dev/null
@@ -1 +0,0 @@
-org.onap.policy.tutorial.tutorial.TutorialApplication \ No newline at end of file
diff --git a/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java b/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java
deleted file mode 100644
index d20c1b38..00000000
--- a/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.tutorial.tutorial;
-
-import static org.junit.Assert.assertEquals;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.Iterator;
-import java.util.Properties;
-import java.util.ServiceLoader;
-
-import org.apache.commons.lang3.tuple.Pair;
-import org.junit.BeforeClass;
-import org.junit.ClassRule;
-import org.junit.Test;
-import org.junit.rules.TemporaryFolder;
-import org.onap.policy.common.endpoints.parameters.RestServerParameters;
-import org.onap.policy.common.utils.coder.CoderException;
-import org.onap.policy.common.utils.coder.StandardCoder;
-import org.onap.policy.common.utils.resources.TextFileUtils;
-import org.onap.policy.models.decisions.concepts.DecisionRequest;
-import org.onap.policy.models.decisions.concepts.DecisionResponse;
-import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException;
-import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
-import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
-import org.onap.policy.pdp.xacml.xacmltest.TestUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.att.research.xacml.api.Response;
-
-public class TutorialApplicationTest {
- private static final Logger LOGGER = LoggerFactory.getLogger(TutorialApplicationTest.class);
- private static Properties properties = new Properties();
- private static File propertiesFile;
- private static XacmlApplicationServiceProvider service;
- private static StandardCoder gson = new StandardCoder();
-
- @ClassRule
- public static final TemporaryFolder policyFolder = new TemporaryFolder();
-
- @BeforeClass
- public static void setup() throws Exception {
- //
- // Setup our temporary folder
- //
- XacmlPolicyUtils.FileCreator myCreator = (String filename) -> policyFolder.newFile(filename);
- propertiesFile = XacmlPolicyUtils.copyXacmlPropertiesContents("src/test/resources/xacml.properties",
- properties, myCreator);
- //
- // Load XacmlApplicationServiceProvider service
- //
- ServiceLoader<XacmlApplicationServiceProvider> applicationLoader =
- ServiceLoader.load(XacmlApplicationServiceProvider.class);
- //
- // Look for our class instance and save it
- //
- Iterator<XacmlApplicationServiceProvider> iterator = applicationLoader.iterator();
- while (iterator.hasNext()) {
- XacmlApplicationServiceProvider application = iterator.next();
- //
- // Is it our service?
- //
- if (application instanceof TutorialApplication) {
- service = application;
- }
- }
- //
- // Tell the application to initialize based on the properties file
- // we just built for it.
- //
- service.initialize(propertiesFile.toPath().getParent(), new RestServerParameters());
- }
-
- @Test
- public void test() throws CoderException, XacmlApplicationException, IOException {
- //
- // Now load the tutorial policies.
- //
- TestUtils.loadPolicies("src/test/resources/tutorial-policies.yaml", service);
- //
- // Load a Decision request
- //
- DecisionRequest decisionRequest = gson.decode(
- TextFileUtils
- .getTextFileAsString("src/test/resources/tutorial-decision-request.json"),
- DecisionRequest.class);
- //
- // Test a decision - should start with a permit
- //
- Pair<DecisionResponse, Response> decision = service.makeDecision(decisionRequest, null);
- LOGGER.info(decision.getLeft().toString());
- assertEquals("Permit", decision.getLeft().getStatus());
- //
- // This should be a deny
- //
- decisionRequest.getResource().put("user", "audit");
- decision = service.makeDecision(decisionRequest, null);
- LOGGER.info(decision.getLeft().toString());
- assertEquals("Deny", decision.getLeft().getStatus());
- }
-
-}
diff --git a/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json b/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json
deleted file mode 100644
index f3a7f9a2..00000000
--- a/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
- "ONAPName": "TutorialPEP",
- "ONAPComponent": "TutorialPEPComponent",
- "ONAPInstance": "TutorialPEPInstance",
- "requestId": "unique-request-id-tutorial",
- "action": "authorize",
- "resource": {
- "user": "demo",
- "entity": "foo",
- "permission" : "write"
- }
-}
diff --git a/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml b/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml
deleted file mode 100644
index fa353653..00000000
--- a/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-tosca_definitions_version: tosca_simple_yaml_1_1_0
-topology_template:
- policies:
- -
- onap.policy.tutorial.demo:
- type: onap.policies.Authorization
- type_version: 1.0.0
- version: 1.0.0
- metadata:
- policy-id: onap.policy.tutorial.demo
- policy-version: 1
- properties:
- user: demo
- permissions:
- -
- entity: foo
- permission: read
- -
- entity: foo
- permission: write
- -
- onap.policy.tutorial.audit:
- type: onap.policies.Authorization
- version: 1.0.0
- type_version: 1.0.0
- metadata:
- policy-id: onap.policy.tutorial.bar
- policy-version: 1
- properties:
- user: audit
- permissions:
- -
- entity: foo
- permission: read
diff --git a/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml b/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml
deleted file mode 100644
index 7948bd28..00000000
--- a/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-tosca_definitions_version: tosca_simple_yaml_1_1_0
-policy_types:
- onap.policies.Authorization:
- derived_from: tosca.policies.Root
- version: 1.0.0
- description: Example tutorial policy type for doing user authorization
- properties:
- user:
- type: string
- required: true
- description: The unique user name
- permissions:
- type: list
- required: true
- description: A list of resource permissions
- entry_schema:
- type: onap.datatypes.Tutorial
-data_types:
- onap.datatypes.Tutorial:
- derived_from: tosca.datatypes.Root
- version: 1.0.0
- properties:
- entity:
- type: string
- required: true
- description: The resource
- permission:
- type: string
- required: true
- description: The permission level
- constraints:
- - valid_values: [read, write, delete]
diff --git a/docs/xacml/tutorial/app/src/test/resources/xacml.properties b/docs/xacml/tutorial/app/src/test/resources/xacml.properties
deleted file mode 100644
index 277b098e..00000000
--- a/docs/xacml/tutorial/app/src/test/resources/xacml.properties
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# Properties that the embedded PDP engine uses to configure and load
-#
-# Standard API Factories
-#
-xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory
-xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory
-xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory
-xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory
-xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory
-#
-# AT&T PDP Implementation Factories
-#
-xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory
-xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory
-xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory
-#
-# ONAP PDP Implementation Factories
-#
-xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory
-
-#
-# Use a root combining algorithm
-#
-xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides
-
-#
-# Policies to load
-#
-xacml.rootPolicies=
-xacml.referencedPolicies= \ No newline at end of file