From 027d34b558876f78681c79715466b5b612004339 Mon Sep 17 00:00:00 2001 From: Pamela Dragosh Date: Thu, 29 Oct 2020 08:57:09 -0400 Subject: Update Tutorial Documentation Point to actual code and remove the eclipse instructions as developers should look elsewhere for these instructions. Adding enforcement tutorial. Issue-ID: POLICY-2876 Change-Id: I793c1fae72f832afe7098be57a94f4929e9deb9a Signed-off-by: Pamela Dragosh --- ...licyApplicationTutorial.postman_collection.json | 723 --------------------- docs/xacml/tutorial/app/pom.xml | 106 --- docs/xacml/tutorial/app/src/main/docker/Dockerfile | 7 - docs/xacml/tutorial/app/src/main/docker/README.txt | 36 - .../tutorial/app/src/main/docker/config/db/db.conf | 20 - .../tutorial/app/src/main/docker/config/db/db.sh | 26 - .../app/src/main/docker/docker-compose.yml | 102 --- .../tutorial/app/src/main/docker/xacml.properties | 31 - .../tutorial/tutorial/TutorialApplication.java | 57 -- .../policy/tutorial/tutorial/TutorialRequest.java | 91 --- .../tutorial/tutorial/TutorialTranslator.java | 156 ----- ...lication.common.XacmlApplicationServiceProvider | 1 - .../tutorial/tutorial/TutorialApplicationTest.java | 120 ---- .../test/resources/tutorial-decision-request.json | 12 - .../app/src/test/resources/tutorial-policies.yaml | 34 - .../src/test/resources/tutorial-policy-type.yaml | 32 - .../app/src/test/resources/xacml.properties | 31 - .../xacml/tutorial/images/eclipse-create-junit.png | Bin 207857 -> 0 bytes .../xacml/tutorial/images/eclipse-create-maven.png | Bin 145746 -> 0 bytes .../tutorial/images/eclipse-create-request.png | Bin 200651 -> 0 bytes docs/xacml/tutorial/images/eclipse-import.png | Bin 194499 -> 0 bytes docs/xacml/tutorial/images/eclipse-inherit-app.png | Bin 303278 -> 0 bytes .../tutorial/images/eclipse-maven-project.png | Bin 172701 -> 0 bytes docs/xacml/tutorial/images/eclipse-meta-inf.png | Bin 107983 -> 0 bytes docs/xacml/tutorial/tutorial-decision-request.json | 12 + docs/xacml/tutorial/tutorial-policies.yaml | 34 + docs/xacml/tutorial/tutorial-policy-type.yaml | 32 + docs/xacml/tutorial/tutorial.tar | Bin 9949 -> 0 bytes 28 files changed, 78 insertions(+), 1585 deletions(-) delete mode 100644 docs/xacml/tutorial/PolicyApplicationTutorial.postman_collection.json delete mode 100644 docs/xacml/tutorial/app/pom.xml delete mode 100644 docs/xacml/tutorial/app/src/main/docker/Dockerfile delete mode 100644 docs/xacml/tutorial/app/src/main/docker/README.txt delete mode 100644 docs/xacml/tutorial/app/src/main/docker/config/db/db.conf delete mode 100644 docs/xacml/tutorial/app/src/main/docker/config/db/db.sh delete mode 100644 docs/xacml/tutorial/app/src/main/docker/docker-compose.yml delete mode 100644 docs/xacml/tutorial/app/src/main/docker/xacml.properties delete mode 100644 docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java delete mode 100644 docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java delete mode 100644 docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java delete mode 100644 docs/xacml/tutorial/app/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider delete mode 100644 docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java delete mode 100644 docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json delete mode 100644 docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml delete mode 100644 docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml delete mode 100644 docs/xacml/tutorial/app/src/test/resources/xacml.properties delete mode 100644 docs/xacml/tutorial/images/eclipse-create-junit.png delete mode 100644 docs/xacml/tutorial/images/eclipse-create-maven.png delete mode 100644 docs/xacml/tutorial/images/eclipse-create-request.png delete mode 100644 docs/xacml/tutorial/images/eclipse-import.png delete mode 100644 docs/xacml/tutorial/images/eclipse-inherit-app.png delete mode 100644 docs/xacml/tutorial/images/eclipse-maven-project.png delete mode 100644 docs/xacml/tutorial/images/eclipse-meta-inf.png create mode 100644 docs/xacml/tutorial/tutorial-decision-request.json create mode 100644 docs/xacml/tutorial/tutorial-policies.yaml create mode 100644 docs/xacml/tutorial/tutorial-policy-type.yaml delete mode 100644 docs/xacml/tutorial/tutorial.tar (limited to 'docs/xacml/tutorial') diff --git a/docs/xacml/tutorial/PolicyApplicationTutorial.postman_collection.json b/docs/xacml/tutorial/PolicyApplicationTutorial.postman_collection.json deleted file mode 100644 index 23aa0eb8..00000000 --- a/docs/xacml/tutorial/PolicyApplicationTutorial.postman_collection.json +++ /dev/null @@ -1,723 +0,0 @@ -{ - "info": { - "_postman_id": "20eb42db-f0a7-4b65-8ccd-c3a5f56cb526", - "name": "Policy Application Tutorial", - "description": "Collection of Postman API calls to support the Policy Enforcement Tutorial", - "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" - }, - "item": [ - { - "name": "Api Healthcheck", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - }, - { - "key": "Accept", - "type": "text", - "value": "application/json" - } - ], - "url": { - "raw": "{{POLICY-API-URL}}/policy/api/v1/healthcheck", - "host": [ - "{{POLICY-API-URL}}" - ], - "path": [ - "policy", - "api", - "v1", - "healthcheck" - ] - } - }, - "response": [] - }, - { - "name": "Create Authorization Policy Type", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Accept", - "type": "text", - "value": "application/yaml" - }, - { - "key": "Content-Type", - "type": "text", - "value": "application/yaml" - } - ], - "body": { - "mode": "raw", - "raw": "tosca_definitions_version: tosca_simple_yaml_1_1_0\npolicy_types:\n onap.policies.Authorization:\n derived_from: tosca.policies.Root\n version: 1.0.0\n description: Example tutorial policy type for doing user authorization\n properties:\n user:\n type: string\n required: true\n description: The unique user name\n permissions:\n type: list\n required: true\n description: A list of resource permissions\n entry_schema:\n type: onap.datatypes.Tutorial\ndata_types:\n onap.datatypes.Tutorial:\n derived_from: tosca.datatypes.Root\n version: 1.0.0\n properties:\n entity:\n type: string\n required: true\n description: The resource\n permission:\n type: string\n required: true\n description: The permission level\n constraints:\n - valid_values: [read, write, delete]\n", - "options": { - "raw": { - "language": "text" - } - } - }, - "url": { - "raw": "{{POLICY-API-URL}}/policy/api/v1/policytypes", - "host": [ - "{{POLICY-API-URL}}" - ], - "path": [ - "policy", - "api", - "v1", - "policytypes" - ] - } - }, - "response": [] - }, - { - "name": "Create policies", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Accept", - "type": "text", - "value": "application/yaml" - }, - { - "key": "Content-Type", - "type": "text", - "value": "application/yaml" - } - ], - "body": { - "mode": "raw", - "raw": "tosca_definitions_version: tosca_simple_yaml_1_1_0\ntopology_template:\n policies:\n -\n onap.policy.tutorial.demo:\n type: onap.policies.Authorization\n type_version: 1.0.0\n version: 1.0.0\n metadata:\n policy-id: onap.policy.tutorial.demo\n policy-version: 1\n properties:\n user: demo\n permissions:\n -\n entity: foo\n permission: read\n -\n entity: foo\n permission: write\n -\n onap.policy.tutorial.audit:\n type: onap.policies.Authorization\n version: 1.0.0\n type_version: 1.0.0\n metadata:\n policy-id: onap.policy.tutorial.bar\n policy-version: 1\n properties:\n user: audit\n permissions:\n -\n entity: foo\n permission: read\n", - "options": { - "raw": { - "language": "text" - } - } - }, - "url": { - "raw": "{{POLICY-API-URL}}/policy/api/v1/policytypes/onap.policies.Authorization/versions/1.0.0/policies", - "host": [ - "{{POLICY-API-URL}}" - ], - "path": [ - "policy", - "api", - "v1", - "policytypes", - "onap.policies.Authorization", - "versions", - "1.0.0", - "policies" - ] - } - }, - "response": [] - }, - { - "name": "PAP Healthcheck", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - }, - { - "key": "Accept", - "type": "text", - "value": "application/json" - } - ], - "url": { - "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/healthcheck", - "host": [ - "{{POLICY-PAP-URL}}" - ], - "path": [ - "policy", - "pap", - "v1", - "healthcheck" - ] - } - }, - "response": [] - }, - { - "name": "PAP Get PDPs", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Accept", - "type": "text", - "value": "application/json" - }, - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "url": { - "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps", - "host": [ - "{{POLICY-PAP-URL}}" - ], - "path": [ - "policy", - "pap", - "v1", - "pdps" - ] - } - }, - "response": [] - }, - { - "name": "PdpGroup State Change PASSIVE", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "value": "application/json", - "type": "text" - }, - { - "key": "Accept", - "value": "application/json", - "type": "text" - } - ], - "url": { - "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/groups/defaultGroup?state=PASSIVE", - "host": [ - "{{POLICY-PAP-URL}}" - ], - "path": [ - "policy", - "pap", - "v1", - "pdps", - "groups", - "defaultGroup" - ], - "query": [ - { - "key": "state", - "value": "PASSIVE" - } - ] - }, - "description": "This is an API to change the current state of a PdpGroup (example - \"defaultGroup\") resulting in changing state of all the PDP instances registered with the PdpGroup. As of now, the allowed states are ACTIVE and PASSIVE." - }, - "response": [] - }, - { - "name": "Delete PdpGroup", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Accept", - "type": "text", - "value": "application/json" - }, - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - } - ], - "url": { - "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/groups/defaultGroup", - "host": [ - "{{POLICY-PAP-URL}}" - ], - "path": [ - "policy", - "pap", - "v1", - "pdps", - "groups", - "defaultGroup" - ] - }, - "description": "This is an API to delete a specific PdpGroup (example - \"SampleGroup\") currently available in Policy DB, resulting in removing all the PDP instances registered with the group." - }, - "response": [] - }, - { - "name": "Create/Update PdpGroup", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - }, - { - "key": "Accept", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"groups\": [\n {\n \"name\": \"defaultGroup\",\n \"pdpGroupState\": \"ACTIVE\",\n \"properties\": {},\n \"pdpSubgroups\": [\n {\n \"pdpType\": \"xacml\",\n \"desiredInstanceCount\": 1,\n \"properties\": {},\n \"supportedPolicyTypes\": [\n {\n \"name\": \"onap.policies.Authorization\",\n \"version\": \"1.0.0\"\n }\n ],\n \"policies\": []\n }\n ]\n }\n ]\n}" - }, - "url": { - "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/groups/batch", - "host": [ - "{{POLICY-PAP-URL}}" - ], - "path": [ - "policy", - "pap", - "v1", - "pdps", - "groups", - "batch" - ] - }, - "description": "This is a generic API to create/update PdpGroups in Policy DB. However, the supportedPolicyTypes field of PdpSubGroup cannot be changed once created." - }, - "response": [] - }, - { - "name": "Simple Deploy Policy - onap.policy.tutorial.demo", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - }, - { - "key": "Accept", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\r\n \"policies\" : [\r\n {\r\n \"policy-id\": \"onap.policy.tutorial.demo\",\r\n \"policy-version\": \"1.0.0\"\r\n },\r\n {\r\n \"policy-id\": \"onap.policy.tutorial.audit\",\r\n \"policy-version\": \"1.0.0\"\r\n }\r\n ]\r\n}" - }, - "url": { - "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/policies", - "host": [ - "{{POLICY-PAP-URL}}" - ], - "path": [ - "policy", - "pap", - "v1", - "pdps", - "policies" - ] - } - }, - "response": [] - }, - { - "name": "Dmaap Simulator - Policy Update Notification", - "protocolProfileBehavior": { - "disableBodyPruning": true - }, - "request": { - "auth": { - "type": "noauth" - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - }, - { - "key": "Accept", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "" - }, - "url": { - "raw": "{{DMAAP-URL}}/events/POLICY-NOTIFICATION/group/id?timeout=5000", - "host": [ - "{{DMAAP-URL}}" - ], - "path": [ - "events", - "POLICY-NOTIFICATION", - "group", - "id" - ], - "query": [ - { - "key": "timeout", - "value": "5000" - } - ] - } - }, - "response": [] - }, - { - "name": "Xacml Healthcheck", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - }, - { - "key": "Accept", - "type": "text", - "value": "application/json" - } - ], - "url": { - "raw": "{{POLICY-XACML-URL}}/policy/pdpx/v1/healthcheck", - "host": [ - "{{POLICY-XACML-URL}}" - ], - "path": [ - "policy", - "pdpx", - "v1", - "healthcheck" - ] - } - }, - "response": [] - }, - { - "name": "Xacml Statistics", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "GET", - "header": [ - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - }, - { - "key": "Accept", - "type": "text", - "value": "application/json" - } - ], - "url": { - "raw": "{{POLICY-XACML-URL}}/policy/pdpx/v1/statistics", - "host": [ - "{{POLICY-XACML-URL}}" - ], - "path": [ - "policy", - "pdpx", - "v1", - "statistics" - ] - } - }, - "response": [] - }, - { - "name": "Xacml Decision - Authorization policy-type", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "type": "text", - "value": "application/json" - }, - { - "key": "Accept", - "type": "text", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"ONAPName\": \"TutorialPEP\",\n \"ONAPComponent\": \"TutorialPEPComponent\",\n \"ONAPInstance\": \"TutorialPEPInstance\",\n \"requestId\": \"unique-request-id-tutorial\",\n \"action\": \"authorize\",\n \"resource\": {\n \"user\": \"audit\",\n \"entity\": \"foo\",\n \"permission\" : \"read\"\n }\n}" - }, - "url": { - "raw": "{{POLICY-XACML-URL}}/policy/pdpx/v1/decision", - "host": [ - "{{POLICY-XACML-URL}}" - ], - "path": [ - "policy", - "pdpx", - "v1", - "decision" - ] - } - }, - "response": [] - }, - { - "name": "Simple Undeploy Policy", - "request": { - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "zb!XztG34", - "type": "string" - }, - { - "key": "username", - "value": "healthcheck", - "type": "string" - } - ] - }, - "method": "DELETE", - "header": [ - { - "key": "Accept", - "value": "application/json", - "type": "text" - }, - { - "key": "Content-Type", - "value": "application/json", - "type": "text" - } - ], - "url": { - "raw": "{{POLICY-PAP-URL}}/policy/pap/v1/pdps/policies/onap.policy.tutorial.demo", - "host": [ - "{{POLICY-PAP-URL}}" - ], - "path": [ - "policy", - "pap", - "v1", - "pdps", - "policies", - "onap.policy.tutorial.demo" - ] - } - }, - "response": [] - } - ], - "auth": { - "type": "basic", - "basic": [ - { - "key": "password", - "value": "", - "type": "string" - }, - { - "key": "username", - "value": "", - "type": "string" - } - ] - }, - "protocolProfileBehavior": {} -} \ No newline at end of file diff --git a/docs/xacml/tutorial/app/pom.xml b/docs/xacml/tutorial/app/pom.xml deleted file mode 100644 index 380ee512..00000000 --- a/docs/xacml/tutorial/app/pom.xml +++ /dev/null @@ -1,106 +0,0 @@ - - - - 4.0.0 - - org.onap.policy.tutorial - tutorial - 0.0.1-SNAPSHOT - jar - - tutorial - - - UTF-8 - - - - - junit - junit - 4.13 - test - - - org.onap.policy.xacml-pdp.applications - common - 2.2.2 - - - org.onap.policy.xacml-pdp - xacml-test - 2.2.2 - test - - - - - - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.0 - - 11 - - - - io.fabric8 - docker-maven-plugin - 0.33.0 - - true - - - onap/policy-xacml-tutorial - xacml-pdp - - ${project.basedir}/src/main/docker - - artifact-with-dependencies - - - - - - - - clean-images - pre-clean - - remove - - - - - generate-images - package - - build - - - - - - - diff --git a/docs/xacml/tutorial/app/src/main/docker/Dockerfile b/docs/xacml/tutorial/app/src/main/docker/Dockerfile deleted file mode 100644 index 639e94fb..00000000 --- a/docs/xacml/tutorial/app/src/main/docker/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM onap/policy-xacml-pdp:2.2.2 - -ADD maven/${project.build.finalName}.jar /opt/app/policy/pdpx/lib/${project.build.finalName}.jar - -RUN mkdir -p /opt/app/policy/pdpx/apps/tutorial - -COPY --chown=policy:policy xacml.properties /opt/app/policy/pdpx/apps/tutorial \ No newline at end of file diff --git a/docs/xacml/tutorial/app/src/main/docker/README.txt b/docs/xacml/tutorial/app/src/main/docker/README.txt deleted file mode 100644 index a29a44b2..00000000 --- a/docs/xacml/tutorial/app/src/main/docker/README.txt +++ /dev/null @@ -1,36 +0,0 @@ -docker-compose -f docker-compose.yml run --rm start_dependencies - -docker-compose -f docker-compose.yml run --rm start_all - - -curl -X POST http://0.0.0.0:3904/events/POLICY-PDP-PAP - -Should return JSON similar to this: -{"serverTimeMs":0,"count":0} - - -curl -k -u 'healthcheck:zb!XztG34' 'https://0.0.0.0:6969/policy/pdpx/v1/healthcheck' - -Should return JSON similar to this: -{"name":"Policy Xacml PDP","url":"self","healthy":true,"code":200,"message":"alive"} - - -curl -k -u 'healthcheck:zb!XztG34' 'https://0.0.0.0:6767/policy/api/v1/healthcheck' -Should return JSON similar to this: -{ - "name": "Policy API", - "url": "policy-api", - "healthy": true, - "code": 200, - "message": "alive" -} - -curl -k -u 'healthcheck:zb!XztG34' 'https://0.0.0.0:6868/policy/pap/v1/healthcheck' -Should return JSON similar to this: -{ - "name": "Policy PAP", - "url": "policy-pap", - "healthy": true, - "code": 200, - "message": "alive" -} \ No newline at end of file diff --git a/docs/xacml/tutorial/app/src/main/docker/config/db/db.conf b/docs/xacml/tutorial/app/src/main/docker/config/db/db.conf deleted file mode 100644 index 42f35844..00000000 --- a/docs/xacml/tutorial/app/src/main/docker/config/db/db.conf +++ /dev/null @@ -1,20 +0,0 @@ -# ============LICENSE_START======================================================= -# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -MYSQL_ROOT_PASSWORD=secret -MYSQL_USER=policy_user -MYSQL_PASSWORD=policy_user \ No newline at end of file diff --git a/docs/xacml/tutorial/app/src/main/docker/config/db/db.sh b/docs/xacml/tutorial/app/src/main/docker/config/db/db.sh deleted file mode 100644 index 499764df..00000000 --- a/docs/xacml/tutorial/app/src/main/docker/config/db/db.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -xv -# ============LICENSE_START======================================================= -# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= - -for db in policyadmin operationshistory -do - mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" - mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;" -done - -mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;" diff --git a/docs/xacml/tutorial/app/src/main/docker/docker-compose.yml b/docs/xacml/tutorial/app/src/main/docker/docker-compose.yml deleted file mode 100644 index b65098c1..00000000 --- a/docs/xacml/tutorial/app/src/main/docker/docker-compose.yml +++ /dev/null @@ -1,102 +0,0 @@ -# ============LICENSE_START======================================================= -# Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -version: '2' -services: - mariadb: - image: mariadb:10.2.14 - container_name: mariadb - hostname: mariadb - command: ['--lower-case-table-names=1', '--wait_timeout=28800'] - env_file: config/db/db.conf - volumes: - - ./config/db:/docker-entrypoint-initdb.d - expose: - - 3306 - message-router: - image: dmaap/simulator - container_name: dmaap-simulator - hostname: dmaap-simulator - ports: - - "3904:3904" - expose: - - 3904 - api: - image: nexus3.onap.org:10001/onap/policy-api:2.2.4 - container_name: policy-api - depends_on: - - mariadb - hostname: policy-api - ports: - - "6767:6969" - expose: - - 6767 - pap: - image: nexus3.onap.org:10001/onap/policy-pap:2.2.3 - container_name: policy-pap - depends_on: - - mariadb - - message-router - - api - hostname: policy-pap - ports: - - "6868:6969" - expose: - - 6868 - xacml-pdp: - image: onap/policy-xacml-tutorial - container_name: policy-xacml-pdp - depends_on: - - mariadb - - message-router - - api - - pap - hostname: policy-xacml-pdp - ports: - - "6969:6969" - expose: - - 6969 - start_dependencies: - image: dadarek/wait-for-dependencies - environment: - TIMEOUT_LENGTH: 60 - container_name: policy-wait - depends_on: - - mariadb - - message-router - hostname: policy-wait - command: - mariadb:3306 - message-router:3904 - start_all: - image: dadarek/wait-for-dependencies - environment: - TIMEOUT_LENGTH: 60 - container_name: policy-wait-all - depends_on: - - mariadb - - message-router - - api - - pap - - xacml-pdp - hostname: policy-wait-all - command: - mariadb:3306 - message-router:3904 - api:6969 - pap:6969 - xacml-pdp:6969 diff --git a/docs/xacml/tutorial/app/src/main/docker/xacml.properties b/docs/xacml/tutorial/app/src/main/docker/xacml.properties deleted file mode 100644 index 277b098e..00000000 --- a/docs/xacml/tutorial/app/src/main/docker/xacml.properties +++ /dev/null @@ -1,31 +0,0 @@ -# -# Properties that the embedded PDP engine uses to configure and load -# -# Standard API Factories -# -xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory -xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory -xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory -xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory -xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory -# -# AT&T PDP Implementation Factories -# -xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory -xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory -xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory -# -# ONAP PDP Implementation Factories -# -xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory - -# -# Use a root combining algorithm -# -xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides - -# -# Policies to load -# -xacml.rootPolicies= -xacml.referencedPolicies= \ No newline at end of file diff --git a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java deleted file mode 100644 index 5727f1c1..00000000 --- a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialApplication.java +++ /dev/null @@ -1,57 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.tutorial.tutorial; - -import java.util.Arrays; -import java.util.List; -import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; -import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; -import org.onap.policy.pdp.xacml.application.common.std.StdXacmlApplicationServiceProvider; - -public class TutorialApplication extends StdXacmlApplicationServiceProvider { - - private final ToscaPolicyTypeIdentifier supportedPolicyType = new ToscaPolicyTypeIdentifier("onap.policies.Authorization", "1.0.0"); - private final TutorialTranslator translator = new TutorialTranslator(); - - @Override - public String applicationName() { - return "tutorial"; - } - - @Override - public List actionDecisionsSupported() { - return Arrays.asList("authorize"); - } - - @Override - public synchronized List supportedPolicyTypes() { - return Arrays.asList(supportedPolicyType); - } - - @Override - public boolean canSupportPolicyType(ToscaPolicyTypeIdentifier policyTypeId) { - return supportedPolicyType.equals(policyTypeId); - } - - @Override - protected ToscaPolicyTranslator getTranslator(String type) { - return translator; - } - -} diff --git a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java deleted file mode 100644 index 31aace69..00000000 --- a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialRequest.java +++ /dev/null @@ -1,91 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.tutorial.tutorial; - -import java.util.Map; -import java.util.Map.Entry; -import org.onap.policy.models.decisions.concepts.DecisionRequest; -import com.att.research.xacml.std.annotations.XACMLAction; -import com.att.research.xacml.std.annotations.XACMLRequest; -import com.att.research.xacml.std.annotations.XACMLResource; -import com.att.research.xacml.std.annotations.XACMLSubject; -import lombok.Getter; -import lombok.Setter; -import lombok.ToString; - -@Getter -@Setter -@ToString -@XACMLRequest(ReturnPolicyIdList = true) -public class TutorialRequest { - @XACMLSubject(includeInResults = true) - private String onapName; - - @XACMLSubject(attributeId = "urn:org:onap:onap-component", includeInResults = true) - private String onapComponent; - - @XACMLSubject(attributeId = "urn:org:onap:onap-instance", includeInResults = true) - private String onapInstance; - - @XACMLAction() - private String action; - - @XACMLResource(attributeId = "urn:org:onap:tutorial-user", includeInResults = true) - private String user; - - @XACMLResource(attributeId = "urn:org:onap:tutorial-entity", includeInResults = true) - private String entity; - - @XACMLResource(attributeId = "urn:org:onap:tutorial-permission", includeInResults = true) - private String permission; - - public static TutorialRequest createRequest(DecisionRequest decisionRequest) { - // - // Create our object - // - TutorialRequest request = new TutorialRequest(); - // - // Add the subject attributes - // - request.onapName = decisionRequest.getOnapName(); - request.onapComponent = decisionRequest.getOnapComponent(); - request.onapInstance = decisionRequest.getOnapInstance(); - // - // Add the action attribute - // - request.action = decisionRequest.getAction(); - // - // Add the resource attributes - // - Map resources = decisionRequest.getResource(); - for (Entry entrySet : resources.entrySet()) { - if ("user".equals(entrySet.getKey())) { - request.user = entrySet.getValue().toString(); - } - if ("entity".equals(entrySet.getKey())) { - request.entity = entrySet.getValue().toString(); - } - if ("permission".equals(entrySet.getKey())) { - request.permission = entrySet.getValue().toString(); - } - } - - return request; - } -} diff --git a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java b/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java deleted file mode 100644 index 600c6214..00000000 --- a/docs/xacml/tutorial/app/src/main/java/org/onap/policy/tutorial/tutorial/TutorialTranslator.java +++ /dev/null @@ -1,156 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.tutorial.tutorial; - -import java.util.List; -import java.util.Map; -import org.onap.policy.models.decisions.concepts.DecisionRequest; -import org.onap.policy.models.decisions.concepts.DecisionResponse; -import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; -import org.onap.policy.pdp.xacml.application.common.ToscaDictionary; -import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; -import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; -import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslatorUtils; -import com.att.research.xacml.api.DataTypeException; -import com.att.research.xacml.api.Decision; -import com.att.research.xacml.api.Identifier; -import com.att.research.xacml.api.Request; -import com.att.research.xacml.api.Response; -import com.att.research.xacml.api.Result; -import com.att.research.xacml.api.XACML3; -import com.att.research.xacml.std.IdentifierImpl; -import com.att.research.xacml.std.annotations.RequestParser; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.EffectType; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; - -public class TutorialTranslator implements ToscaPolicyTranslator { - - private static final Identifier ID_TUTORIAL_USER = new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-user"); - private static final Identifier ID_TUTORIAL_ENTITY = - new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-entity"); - private static final Identifier ID_TUTORIAL_PERM = new IdentifierImpl(ToscaDictionary.ID_URN_ONAP, "tutorial-permission"); - - @SuppressWarnings("unchecked") - public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException { - // - // Here is our policy with a version and default combining algo - // - PolicyType newPolicyType = new PolicyType(); - newPolicyType.setPolicyId(toscaPolicy.getMetadata().get("policy-id")); - newPolicyType.setVersion(toscaPolicy.getMetadata().get("policy-version")); - // - // When choosing the rule combining algorithm, be sure to be mindful of the - // setting xacml.att.policyFinderFactory.combineRootPolicies in the - // xacml.properties file. As that choice for ALL the policies together may have - // an impact on the decision rendered from each individual policy. - // - // In this case, we will only produce XACML rules for permissions. If no permission - // combo exists, then the default is to deny. - // - newPolicyType.setRuleCombiningAlgId(XACML3.ID_RULE_DENY_UNLESS_PERMIT.stringValue()); - // - // Create the target for the Policy. - // - // For simplicity, let's just match on the action "authorize" and the user - // - MatchType matchAction = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator(XACML3.ID_FUNCTION_STRING_EQUAL, - "authorize", XACML3.ID_DATATYPE_STRING, XACML3.ID_ACTION_ACTION_ID, XACML3.ID_ATTRIBUTE_CATEGORY_ACTION); - Map props = toscaPolicy.getProperties(); - String user = props.get("user").toString(); - MatchType matchUser = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator(XACML3.ID_FUNCTION_STRING_EQUAL, user, - XACML3.ID_DATATYPE_STRING, ID_TUTORIAL_USER, XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE); - AnyOfType anyOf = new AnyOfType(); - // - // Create AllOf (AND) of just Policy Id - // - anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchAction, matchUser)); - TargetType target = new TargetType(); - target.getAnyOf().add(anyOf); - newPolicyType.setTarget(target); - // - // Now add the rule for each permission - // - int ruleNumber = 0; - List permissions = (List) props.get("permissions"); - for (Object permission : permissions) { - - MatchType matchEntity = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator(XACML3.ID_FUNCTION_STRING_EQUAL, - ((Map) permission).get("entity"), XACML3.ID_DATATYPE_STRING, ID_TUTORIAL_ENTITY, - XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE); - - MatchType matchPermission = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator( - XACML3.ID_FUNCTION_STRING_EQUAL, ((Map) permission).get("permission"), - XACML3.ID_DATATYPE_STRING, ID_TUTORIAL_PERM, XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE); - anyOf = new AnyOfType(); - anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchEntity, matchPermission)); - target = new TargetType(); - target.getAnyOf().add(anyOf); - - RuleType rule = new RuleType(); - rule.setDescription("Default is to PERMIT if the policy matches."); - rule.setRuleId(newPolicyType.getPolicyId() + ":rule" + ruleNumber); - - rule.setEffect(EffectType.PERMIT); - rule.setTarget(target); - - newPolicyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule); - - ruleNumber++; - } - return newPolicyType; - } - - public Request convertRequest(DecisionRequest request) { - try { - return RequestParser.parseRequest(TutorialRequest.createRequest(request)); - } catch (IllegalArgumentException | IllegalAccessException | DataTypeException e) { - } - return null; - } - - public DecisionResponse convertResponse(Response xacmlResponse) { - DecisionResponse decisionResponse = new DecisionResponse(); - // - // Iterate through all the results - // - for (Result xacmlResult : xacmlResponse.getResults()) { - // - // Check the result - // - if (xacmlResult.getDecision() == Decision.PERMIT) { - // - // Just simply return a Permit response - // - decisionResponse.setStatus(Decision.PERMIT.toString()); - } else { - // - // Just simply return a Deny response - // - decisionResponse.setStatus(Decision.DENY.toString()); - } - } - - return decisionResponse; - } - -} diff --git a/docs/xacml/tutorial/app/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider b/docs/xacml/tutorial/app/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider deleted file mode 100644 index 942cc596..00000000 --- a/docs/xacml/tutorial/app/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider +++ /dev/null @@ -1 +0,0 @@ -org.onap.policy.tutorial.tutorial.TutorialApplication \ No newline at end of file diff --git a/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java b/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java deleted file mode 100644 index d20c1b38..00000000 --- a/docs/xacml/tutorial/app/src/test/java/org/onap/policy/tutorial/tutorial/TutorialApplicationTest.java +++ /dev/null @@ -1,120 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.tutorial.tutorial; - -import static org.junit.Assert.assertEquals; - -import java.io.File; -import java.io.IOException; -import java.util.Iterator; -import java.util.Properties; -import java.util.ServiceLoader; - -import org.apache.commons.lang3.tuple.Pair; -import org.junit.BeforeClass; -import org.junit.ClassRule; -import org.junit.Test; -import org.junit.rules.TemporaryFolder; -import org.onap.policy.common.endpoints.parameters.RestServerParameters; -import org.onap.policy.common.utils.coder.CoderException; -import org.onap.policy.common.utils.coder.StandardCoder; -import org.onap.policy.common.utils.resources.TextFileUtils; -import org.onap.policy.models.decisions.concepts.DecisionRequest; -import org.onap.policy.models.decisions.concepts.DecisionResponse; -import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException; -import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider; -import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; -import org.onap.policy.pdp.xacml.xacmltest.TestUtils; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.att.research.xacml.api.Response; - -public class TutorialApplicationTest { - private static final Logger LOGGER = LoggerFactory.getLogger(TutorialApplicationTest.class); - private static Properties properties = new Properties(); - private static File propertiesFile; - private static XacmlApplicationServiceProvider service; - private static StandardCoder gson = new StandardCoder(); - - @ClassRule - public static final TemporaryFolder policyFolder = new TemporaryFolder(); - - @BeforeClass - public static void setup() throws Exception { - // - // Setup our temporary folder - // - XacmlPolicyUtils.FileCreator myCreator = (String filename) -> policyFolder.newFile(filename); - propertiesFile = XacmlPolicyUtils.copyXacmlPropertiesContents("src/test/resources/xacml.properties", - properties, myCreator); - // - // Load XacmlApplicationServiceProvider service - // - ServiceLoader applicationLoader = - ServiceLoader.load(XacmlApplicationServiceProvider.class); - // - // Look for our class instance and save it - // - Iterator iterator = applicationLoader.iterator(); - while (iterator.hasNext()) { - XacmlApplicationServiceProvider application = iterator.next(); - // - // Is it our service? - // - if (application instanceof TutorialApplication) { - service = application; - } - } - // - // Tell the application to initialize based on the properties file - // we just built for it. - // - service.initialize(propertiesFile.toPath().getParent(), new RestServerParameters()); - } - - @Test - public void test() throws CoderException, XacmlApplicationException, IOException { - // - // Now load the tutorial policies. - // - TestUtils.loadPolicies("src/test/resources/tutorial-policies.yaml", service); - // - // Load a Decision request - // - DecisionRequest decisionRequest = gson.decode( - TextFileUtils - .getTextFileAsString("src/test/resources/tutorial-decision-request.json"), - DecisionRequest.class); - // - // Test a decision - should start with a permit - // - Pair decision = service.makeDecision(decisionRequest, null); - LOGGER.info(decision.getLeft().toString()); - assertEquals("Permit", decision.getLeft().getStatus()); - // - // This should be a deny - // - decisionRequest.getResource().put("user", "audit"); - decision = service.makeDecision(decisionRequest, null); - LOGGER.info(decision.getLeft().toString()); - assertEquals("Deny", decision.getLeft().getStatus()); - } - -} diff --git a/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json b/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json deleted file mode 100644 index f3a7f9a2..00000000 --- a/docs/xacml/tutorial/app/src/test/resources/tutorial-decision-request.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "ONAPName": "TutorialPEP", - "ONAPComponent": "TutorialPEPComponent", - "ONAPInstance": "TutorialPEPInstance", - "requestId": "unique-request-id-tutorial", - "action": "authorize", - "resource": { - "user": "demo", - "entity": "foo", - "permission" : "write" - } -} diff --git a/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml b/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml deleted file mode 100644 index fa353653..00000000 --- a/docs/xacml/tutorial/app/src/test/resources/tutorial-policies.yaml +++ /dev/null @@ -1,34 +0,0 @@ -tosca_definitions_version: tosca_simple_yaml_1_1_0 -topology_template: - policies: - - - onap.policy.tutorial.demo: - type: onap.policies.Authorization - type_version: 1.0.0 - version: 1.0.0 - metadata: - policy-id: onap.policy.tutorial.demo - policy-version: 1 - properties: - user: demo - permissions: - - - entity: foo - permission: read - - - entity: foo - permission: write - - - onap.policy.tutorial.audit: - type: onap.policies.Authorization - version: 1.0.0 - type_version: 1.0.0 - metadata: - policy-id: onap.policy.tutorial.bar - policy-version: 1 - properties: - user: audit - permissions: - - - entity: foo - permission: read diff --git a/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml b/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml deleted file mode 100644 index 7948bd28..00000000 --- a/docs/xacml/tutorial/app/src/test/resources/tutorial-policy-type.yaml +++ /dev/null @@ -1,32 +0,0 @@ -tosca_definitions_version: tosca_simple_yaml_1_1_0 -policy_types: - onap.policies.Authorization: - derived_from: tosca.policies.Root - version: 1.0.0 - description: Example tutorial policy type for doing user authorization - properties: - user: - type: string - required: true - description: The unique user name - permissions: - type: list - required: true - description: A list of resource permissions - entry_schema: - type: onap.datatypes.Tutorial -data_types: - onap.datatypes.Tutorial: - derived_from: tosca.datatypes.Root - version: 1.0.0 - properties: - entity: - type: string - required: true - description: The resource - permission: - type: string - required: true - description: The permission level - constraints: - - valid_values: [read, write, delete] diff --git a/docs/xacml/tutorial/app/src/test/resources/xacml.properties b/docs/xacml/tutorial/app/src/test/resources/xacml.properties deleted file mode 100644 index 277b098e..00000000 --- a/docs/xacml/tutorial/app/src/test/resources/xacml.properties +++ /dev/null @@ -1,31 +0,0 @@ -# -# Properties that the embedded PDP engine uses to configure and load -# -# Standard API Factories -# -xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory -xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory -xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory -xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory -xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory -# -# AT&T PDP Implementation Factories -# -xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory -xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory -xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory -# -# ONAP PDP Implementation Factories -# -xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory - -# -# Use a root combining algorithm -# -xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides - -# -# Policies to load -# -xacml.rootPolicies= -xacml.referencedPolicies= \ No newline at end of file diff --git a/docs/xacml/tutorial/images/eclipse-create-junit.png b/docs/xacml/tutorial/images/eclipse-create-junit.png deleted file mode 100644 index 63dc0ab0..00000000 Binary files a/docs/xacml/tutorial/images/eclipse-create-junit.png and /dev/null differ diff --git a/docs/xacml/tutorial/images/eclipse-create-maven.png b/docs/xacml/tutorial/images/eclipse-create-maven.png deleted file mode 100644 index 4272f069..00000000 Binary files a/docs/xacml/tutorial/images/eclipse-create-maven.png and /dev/null differ diff --git a/docs/xacml/tutorial/images/eclipse-create-request.png b/docs/xacml/tutorial/images/eclipse-create-request.png deleted file mode 100644 index c8ef5344..00000000 Binary files a/docs/xacml/tutorial/images/eclipse-create-request.png and /dev/null differ diff --git a/docs/xacml/tutorial/images/eclipse-import.png b/docs/xacml/tutorial/images/eclipse-import.png deleted file mode 100644 index 7c8c5383..00000000 Binary files a/docs/xacml/tutorial/images/eclipse-import.png and /dev/null differ diff --git a/docs/xacml/tutorial/images/eclipse-inherit-app.png b/docs/xacml/tutorial/images/eclipse-inherit-app.png deleted file mode 100644 index 637cf499..00000000 Binary files a/docs/xacml/tutorial/images/eclipse-inherit-app.png and /dev/null differ diff --git a/docs/xacml/tutorial/images/eclipse-maven-project.png b/docs/xacml/tutorial/images/eclipse-maven-project.png deleted file mode 100644 index 5e6860fd..00000000 Binary files a/docs/xacml/tutorial/images/eclipse-maven-project.png and /dev/null differ diff --git a/docs/xacml/tutorial/images/eclipse-meta-inf.png b/docs/xacml/tutorial/images/eclipse-meta-inf.png deleted file mode 100644 index 254349bb..00000000 Binary files a/docs/xacml/tutorial/images/eclipse-meta-inf.png and /dev/null differ diff --git a/docs/xacml/tutorial/tutorial-decision-request.json b/docs/xacml/tutorial/tutorial-decision-request.json new file mode 100644 index 00000000..f3a7f9a2 --- /dev/null +++ b/docs/xacml/tutorial/tutorial-decision-request.json @@ -0,0 +1,12 @@ +{ + "ONAPName": "TutorialPEP", + "ONAPComponent": "TutorialPEPComponent", + "ONAPInstance": "TutorialPEPInstance", + "requestId": "unique-request-id-tutorial", + "action": "authorize", + "resource": { + "user": "demo", + "entity": "foo", + "permission" : "write" + } +} diff --git a/docs/xacml/tutorial/tutorial-policies.yaml b/docs/xacml/tutorial/tutorial-policies.yaml new file mode 100644 index 00000000..fa353653 --- /dev/null +++ b/docs/xacml/tutorial/tutorial-policies.yaml @@ -0,0 +1,34 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - + onap.policy.tutorial.demo: + type: onap.policies.Authorization + type_version: 1.0.0 + version: 1.0.0 + metadata: + policy-id: onap.policy.tutorial.demo + policy-version: 1 + properties: + user: demo + permissions: + - + entity: foo + permission: read + - + entity: foo + permission: write + - + onap.policy.tutorial.audit: + type: onap.policies.Authorization + version: 1.0.0 + type_version: 1.0.0 + metadata: + policy-id: onap.policy.tutorial.bar + policy-version: 1 + properties: + user: audit + permissions: + - + entity: foo + permission: read diff --git a/docs/xacml/tutorial/tutorial-policy-type.yaml b/docs/xacml/tutorial/tutorial-policy-type.yaml new file mode 100644 index 00000000..7948bd28 --- /dev/null +++ b/docs/xacml/tutorial/tutorial-policy-type.yaml @@ -0,0 +1,32 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +policy_types: + onap.policies.Authorization: + derived_from: tosca.policies.Root + version: 1.0.0 + description: Example tutorial policy type for doing user authorization + properties: + user: + type: string + required: true + description: The unique user name + permissions: + type: list + required: true + description: A list of resource permissions + entry_schema: + type: onap.datatypes.Tutorial +data_types: + onap.datatypes.Tutorial: + derived_from: tosca.datatypes.Root + version: 1.0.0 + properties: + entity: + type: string + required: true + description: The resource + permission: + type: string + required: true + description: The permission level + constraints: + - valid_values: [read, write, delete] diff --git a/docs/xacml/tutorial/tutorial.tar b/docs/xacml/tutorial/tutorial.tar deleted file mode 100644 index 329041d4..00000000 Binary files a/docs/xacml/tutorial/tutorial.tar and /dev/null differ -- cgit 1.2.3-korg