diff options
author | Pamela Dragosh <pdragosh@research.att.com> | 2019-03-15 14:30:00 -0400 |
---|---|---|
committer | Pamela Dragosh <pdragosh@research.att.com> | 2019-03-18 12:25:32 -0400 |
commit | 59c38b6b3dfbd43c876f85ffb1e4b484951ced44 (patch) | |
tree | 99120b17e967d8497c03fb038c664fa0063b3871 /applications/common/src/main/java/org | |
parent | 934c39bcdb5ff9a095331f60ef1b279ec91875a9 (diff) |
Started with test decision JSON objects.
Added new Policy Finder Factory that ONAP will use and
got the code working with new policy/models (see other
review which will have to be merged first).
Added some new conversion methods to convert from a
Xacml request to an Onap request.
Added some property methods for XACML Properties objects
and JUnit tests.
Started filling in some Guard application details and
combining code.
Issue-ID: POLICY-1602
Change-Id: I5235b74f3b036dcf05779b655a03ac290d594354
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'applications/common/src/main/java/org')
7 files changed, 415 insertions, 126 deletions
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactory.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactory.java index 1e47c5b5..7da455c0 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactory.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactory.java @@ -18,7 +18,6 @@ * ============LICENSE_END========================================================= */ - package org.onap.policy.pdp.xacml.application.common; import com.att.research.xacml.std.StdStatusCode; @@ -64,18 +63,16 @@ public class OnapPolicyFinderFactory extends PolicyFinderFactory { private List<PolicyDef> referencedPolicies; private boolean needsInit = true; - private Properties properties = null; + private Properties properties; /** - * Empty constructor. + * Empty private constructor. We do not want to create + * an instance of this without giving Properties object. + * + * @throws OnapPolicyFinderFactoryException Exception will be thrown */ - public OnapPolicyFinderFactory() { - logger.debug("Constructed without properties"); - // - // Here we differ from the StdPolicyFinderFactory in that we initialize right away. - // We do not wait for a policy request to happen to look for and load policies. - // - this.init(); + public OnapPolicyFinderFactory() throws OnapPolicyFinderFactoryException { + throw new OnapPolicyFinderFactoryException("Please use the constructor with Properties object."); } /** @@ -106,12 +103,7 @@ public class OnapPolicyFinderFactory extends PolicyFinderFactory { * @return a <code>PolicyDef</code> loaded from the given identifier */ protected PolicyDef loadPolicyDef(String policyId) { - String propLocation = null; - if (this.properties == null) { - propLocation = XACMLProperties.getProperty(policyId + PROP_FILE); - } else { - propLocation = this.properties.getProperty(policyId + PROP_FILE); - } + String propLocation = this.properties.getProperty(policyId + PROP_FILE); if (propLocation != null) { // // Try to load it from the file @@ -121,11 +113,8 @@ public class OnapPolicyFinderFactory extends PolicyFinderFactory { return policy; } } - if (this.properties == null) { - propLocation = XACMLProperties.getProperty(policyId + PROP_URL); - } else { - propLocation = this.properties.getProperty(policyId + PROP_URL); - } + + propLocation = this.properties.getProperty(policyId + PROP_URL); if (propLocation != null) { PolicyDef policy = this.loadPolicyUrlDef(propLocation); if (policy != null) { @@ -200,12 +189,7 @@ public class OnapPolicyFinderFactory extends PolicyFinderFactory { * @return a <code>List</code> of <code>PolicyDef</code>s loaded from the given property name */ protected List<PolicyDef> getPolicyDefs(String propertyName) { - String policyIds; - if (this.properties != null) { - policyIds = this.properties.getProperty(propertyName); - } else { - policyIds = XACMLProperties.getProperty(propertyName); - } + String policyIds = this.properties.getProperty(propertyName); if (Strings.isNullOrEmpty(policyIds)) { return Collections.emptyList(); } diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryException.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryException.java new file mode 100644 index 00000000..a42b3a5f --- /dev/null +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryException.java @@ -0,0 +1,48 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common; + +public class OnapPolicyFinderFactoryException extends Exception { + + private static final long serialVersionUID = -1643639780835366726L; + + public OnapPolicyFinderFactoryException() { + super(); + } + + public OnapPolicyFinderFactoryException(String message) { + super(message); + } + + public OnapPolicyFinderFactoryException(Throwable cause) { + super(cause); + } + + public OnapPolicyFinderFactoryException(String message, Throwable cause) { + super(message, cause); + } + + public OnapPolicyFinderFactoryException(String message, Throwable cause, boolean enableSuppression, + boolean writableStackTrace) { + super(message, cause, enableSuppression, writableStackTrace); + } + +} diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java index c65d7a17..785ed9a8 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java @@ -28,10 +28,6 @@ import com.att.research.xacml.std.IdentifierImpl; public final class ToscaDictionary { - private ToscaDictionary() { - super(); - } - /* * These are the ID's for various TOSCA Policy Types we are supporting in the Applications. */ @@ -65,5 +61,8 @@ public final class ToscaDictionary { public static final Identifier ID_OBLIGATION_ISSUER = new IdentifierImpl(URN_ONAP, "issuer:monitoring"); + private ToscaDictionary() { + super(); + } } diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java index f6f75a4c..8852eb08 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java @@ -22,15 +22,25 @@ package org.onap.policy.pdp.xacml.application.common; +import com.att.research.xacml.api.Request; +import com.att.research.xacml.api.Response; + import java.io.InputStream; import java.util.List; import java.util.Map; import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; +import org.onap.policy.models.decisions.concepts.DecisionRequest; +import org.onap.policy.models.decisions.concepts.DecisionResponse; + public interface ToscaPolicyConverter { List<PolicyType> convertPolicies(InputStream isToscaPolicy) throws ToscaPolicyConversionException; List<PolicyType> convertPolicies(Map<String, Object> toscaObject) throws ToscaPolicyConversionException; + + Request convertRequest(DecisionRequest request); + + DecisionResponse convertResponse(Response response); } diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java index 65648ea8..2ddcd027 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java @@ -25,7 +25,8 @@ import java.nio.file.Path; import java.util.List; import java.util.Map; -import org.json.JSONObject; +import org.onap.policy.models.decisions.concepts.DecisionRequest; +import org.onap.policy.models.decisions.concepts.DecisionResponse; /** * This interface is how the XACML REST controller can communicate @@ -87,12 +88,9 @@ public interface XacmlApplicationServiceProvider { /** * Makes a decision given the incoming request and returns a response. * - * <P>NOTE: I may want to change this to an object that represents the - * schema. - * - * @param jsonSchema Incoming Json - * @return response + * @param request Incoming DecisionRequest object + * @return response Responding DecisionResponse object */ - JSONObject makeDecision(JSONObject jsonSchema); + DecisionResponse makeDecision(DecisionRequest request); } diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtils.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtils.java new file mode 100644 index 00000000..19adaf6c --- /dev/null +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtils.java @@ -0,0 +1,338 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common; + +import com.att.research.xacml.api.Identifier; +import com.att.research.xacml.api.pdp.PDPEngine; +import com.att.research.xacml.api.pdp.PDPEngineFactory; +import com.att.research.xacml.util.FactoryException; +import com.att.research.xacml.util.XACMLProperties; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.Properties; +import java.util.Set; +import java.util.StringJoiner; +import java.util.stream.Collectors; + +import oasis.names.tc.xacml._3_0.core.schema.wd_17.IdReferenceType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySetType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class XacmlPolicyUtils { + + private static final Logger LOGGER = LoggerFactory.getLogger(XacmlPolicyUtils.class); + + private XacmlPolicyUtils() { + super(); + } + + /** + * Creates an empty PolicySetType object given the id and combining algorithm. Note,there + * will also be an empty Target created. You can easily override that if need be. + * + * @param policyId Policy Id + * @param policyCombiningAlgorithm Policy Combining Algorithm + * @return PolicySetType object + */ + public static PolicySetType createEmptyPolicySet(String policyId, Identifier policyCombiningAlgorithm) { + PolicySetType policy = new PolicySetType(); + policy.setPolicySetId(policyId); + policy.setPolicyCombiningAlgId(policyCombiningAlgorithm.stringValue()); + policy.setTarget(new TargetType()); + return policy; + } + + /** + * Creates an empty PolicySetType object given the id and combining algorithm. Note,there + * will also be an empty Target created. You can easily override that if need be. + * + * @param policyId Policy Id + * @param ruleCombiningAlgorithm Rule Combining Algorithm + * @return PolicyType object + */ + public static PolicyType createEmptyPolicy(String policyId, Identifier ruleCombiningAlgorithm) { + PolicyType policy = new PolicyType(); + policy.setPolicyId(policyId); + policy.setRuleCombiningAlgId(ruleCombiningAlgorithm.stringValue()); + policy.setTarget(new TargetType()); + return policy; + } + + /** + * This method adds a list of PolicyType objects to a root PolicySetType as + * referenced policies. + * + * @param rootPolicy Root PolicySet being updated + * @param referencedPolicies A list of PolicyType being added as a references + * @return the rootPolicy PolicySet object + */ + public static PolicySetType addPoliciesToXacmlRootPolicy(PolicySetType rootPolicy, + PolicyType... referencedPolicies) { + ObjectFactory factory = new ObjectFactory(); + // + // Iterate each policy + // + for (PolicyType referencedPolicy : referencedPolicies) { + IdReferenceType reference = new IdReferenceType(); + reference.setValue(referencedPolicy.getPolicyId()); + // + // Add it in + // + rootPolicy.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicyIdReference(reference)); + } + // + // Return the updated object + // + return rootPolicy; + } + + /** + * This method updates a root PolicySetType by adding in a PolicyType as a reference. + * + * @param rootPolicy Root PolicySet being updated + * @param referencedPolicySets A list of PolicySetType being added as a references + * @return the rootPolicy PolicySet object + */ + public static PolicySetType addPolicySetsToXacmlRootPolicy(PolicySetType rootPolicy, + PolicySetType... referencedPolicySets) { + ObjectFactory factory = new ObjectFactory(); + // + // Iterate each policy + // + for (PolicySetType referencedPolicySet : referencedPolicySets) { + IdReferenceType reference = new IdReferenceType(); + reference.setValue(referencedPolicySet.getPolicySetId()); + // + // Add it in + // + rootPolicy.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicySetIdReference(reference)); + } + // + // Return the updated object + // + return rootPolicy; + } + + /** + * Adds in the referenced policy to the PDP properties object. + * + * @param properties Input properties + * @param refPolicyPath Path to the referenced policy file + * @return Properties object + */ + public static Properties addReferencedPolicy(Properties properties, Path refPolicyPath) { + // + // Get the current set of referenced policy ids + // + Set<String> referencedPolicies = XACMLProperties.getReferencedPolicyIDs(properties); + // + // Construct a unique id + // + int id = 1; + while (true) { + String refId = "ref" + id; + if (referencedPolicies.contains(refId)) { + id++; + } else { + referencedPolicies.add(refId); + properties.put(refId + ".file", refPolicyPath.toAbsolutePath().toString()); + break; + } + } + // + // Set the new comma separated list + // + properties.setProperty(XACMLProperties.PROP_REFERENCEDPOLICIES, + referencedPolicies.stream().collect(Collectors.joining(","))); + return properties; + } + + /** + * Removes a referenced policy from the Properties object. Both in the line + * that identifies the policy and the .file property that points to the path. + * + * @param properties Input Properties object to remove + * @param refPolicyPath The policy file path + * @return Properties object + */ + public static Properties removeReferencedPolicy(Properties properties, Path refPolicyPath) { + // + // Get the current set of referenced policy ids + // + StringJoiner join = new StringJoiner(","); + boolean found = false; + Set<String> referencedPolicies = XACMLProperties.getReferencedPolicyIDs(properties); + for (String refPolicy : referencedPolicies) { + String refPolicyFile = refPolicy + ".file"; + // + // If the key and value match, then it will return true + // + if (properties.remove(refPolicyFile, refPolicyPath.toString())) { + // + // Record that we actually removed it + // + found = true; + } else { + // + // Retain it + // + join.add(refPolicy); + } + } + // + // Did we remove it? + // + if (found) { + // + // Now update the list of referenced properties + // + properties.setProperty(XACMLProperties.PROP_REFERENCEDPOLICIES, join.toString()); + } + return properties; + } + + /** + * Does a debug dump of referenced and root policy values. + * + * @param properties Input Properties object + * @param logger Logger object to use + */ + public static void debugDumpPolicyProperties(Properties properties, Logger logger) { + // + // I hate surrounding this all with an if, but by + // doing so I clear sonar issues with passing System.lineSeparator() + // as an argument. + // + if (logger.isDebugEnabled()) { + // + // Get the current set of referenced policy ids + // + Set<String> rootPolicies = XACMLProperties.getRootPolicyIDs(properties); + logger.debug("Root Policies: {}", properties.getProperty(XACMLProperties.PROP_ROOTPOLICIES)); + for (String root : rootPolicies) { + logger.debug("{}", properties.getProperty(root + ".file", "NOT FOUND")); + } + // + // Get the current set of referenced policy ids + // + Set<String> referencedPolicies = XACMLProperties.getReferencedPolicyIDs(properties); + logger.debug("Referenced Policies: {}", properties.getProperty(XACMLProperties.PROP_REFERENCEDPOLICIES)); + for (String ref : referencedPolicies) { + logger.debug("{}", properties.getProperty(ref + ".file", "NOT FOUND")); + } + } + } + + /** + * Constructs a unique policy filename for a given policy. + * + * <P>It could be dangerous to use policy-id and policy-version if the user + * gives us an invalid policy-id and policy-versions. + * + * <P>Should we append a UUID also to guarantee uniqueness? + * + * <P>How do we track that in case we need to know what policies we have loaded? + * + * @param policy PolicyType object + * @param path Path for policy + * @return Path unique file path for the Policy + */ + public static Path constructUniquePolicyFilename(PolicyType policy, Path path) { + // + // + // Can it be possible to produce an invalid filename? + // Should we insert a UUID + // + String filename = policy.getPolicyId() + "_" + policy.getVersion() + ".xml"; + // + // Construct the Path + // + return Paths.get(path.toAbsolutePath().toString(), filename); + } + + /** + * Load properties from given file. + * + * @throws IOException If unable to read file + */ + public static Properties loadXacmlProperties(Path propertyPath) throws IOException { + LOGGER.debug("Loading xacml properties {}", propertyPath); + try (InputStream is = Files.newInputStream(propertyPath)) { + Properties properties = new Properties(); + properties.load(is); + return properties; + } + } + + /** + * Stores the XACML Properties to the given file location. + * + * @throws IOException If unable to store the file. + */ + public static void storeXacmlProperties(Properties properties, Path propertyPath) throws IOException { + try (OutputStream os = Files.newOutputStream(propertyPath)) { + String strComments = "#"; + properties.store(os, strComments); + } + } + + /** + * Appends 'xacml.properties' to a root Path object + * + * @param rootPath Root Path object + * @return Path to rootPath/xacml.properties file + */ + public static Path getPropertiesPath(Path rootPath) { + return Paths.get(rootPath.toAbsolutePath().toString(), "xacml.properties"); + } + + + /** + * Creates an instance of PDP engine given the Properties object. + * + * @param properties Incoming Properties object + * @return PDPEngine instance or null if failed + */ + public static PDPEngine createEngine(Properties properties) { + // + // Now initialize the XACML PDP Engine + // + try { + PDPEngineFactory factory = PDPEngineFactory.newInstance(); + return factory.newEngine(properties); + } catch (FactoryException e) { + LOGGER.error("Failed to create XACML PDP Engine {}", e); + } + return null; + } +} diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtils.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtils.java deleted file mode 100644 index 957242c5..00000000 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtils.java +++ /dev/null @@ -1,88 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP - * ================================================================================ - * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ - -package org.onap.policy.pdp.xacml.application.common; - -import oasis.names.tc.xacml._3_0.core.schema.wd_17.IdReferenceType; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySetType; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; - -public class XacmlUpdatePolicyUtils { - - private XacmlUpdatePolicyUtils() { - super(); - } - - /** - * This method updates a root PolicySetType by adding in a PolicyType as a reference. - * - * @param rootPolicy Root PolicySet being updated - * @param referencedPolicies A list of PolicyType being added as a references - * @return the rootPolicy PolicySet object - */ - public static PolicySetType updateXacmlRootPolicy(PolicySetType rootPolicy, PolicyType... referencedPolicies) { - ObjectFactory factory = new ObjectFactory(); - // - // Iterate each policy - // - for (PolicyType referencedPolicy : referencedPolicies) { - IdReferenceType reference = new IdReferenceType(); - reference.setValue(referencedPolicy.getPolicyId()); - // - // Add it in - // - rootPolicy.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicySetIdReference(reference)); - } - // - // Return the updated object - // - return rootPolicy; - } - - /** - * This method updates a root PolicySetType by adding in a PolicyType as a reference. - * - * @param rootPolicy Root PolicySet being updated - * @param referencedPolicySets A list of PolicySetType being added as a references - * @return the rootPolicy PolicySet object - */ - public static PolicySetType updateXacmlRootPolicy(PolicySetType rootPolicy, PolicySetType... referencedPolicySets) { - ObjectFactory factory = new ObjectFactory(); - // - // Iterate each policy - // - for (PolicySetType referencedPolicySet : referencedPolicySets) { - IdReferenceType reference = new IdReferenceType(); - reference.setValue(referencedPolicySet.getPolicySetId()); - // - // Add it in - // - rootPolicy.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicySetIdReference(reference)); - } - // - // Return the updated object - // - return rootPolicy; - } - -} |