diff options
author | Pamela Dragosh <pdragosh@research.att.com> | 2019-03-19 16:08:58 -0400 |
---|---|---|
committer | Pamela Dragosh <pdragosh@research.att.com> | 2019-03-20 09:42:11 -0400 |
commit | 6e55b1d7c3e53fb49c5e94406ff5db4cb9990c87 (patch) | |
tree | 6f88e9e6e15b1a695426ec07b0d3dbb0a4cf0ce2 /applications/common/src/main/java | |
parent | 041240baab6082916e5da69ed190051b7aa60f12 (diff) |
Use Policy Translator abstract class
Instead of applications implementing the converter, use a
protected abstract class that implements common code.
Newer applications could re-use existing application, and
shared code can be put into the base translator class.
Fixed sonar issue and changed guard xml.
Removed Converter and made translator into an implementation
class that is an object in the Application Provider.
Issue-ID: POLICY-1273
Change-Id: I9b48cbcdaf80d6d2ef19ef53e4b7cd4830e7e7b2
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'applications/common/src/main/java')
6 files changed, 805 insertions, 8 deletions
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java index 8852eb08..f5f77d24 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java @@ -25,7 +25,6 @@ package org.onap.policy.pdp.xacml.application.common; import com.att.research.xacml.api.Request; import com.att.research.xacml.api.Response; -import java.io.InputStream; import java.util.List; import java.util.Map; @@ -34,13 +33,33 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; -public interface ToscaPolicyConverter { +public interface ToscaPolicyTranslator { - List<PolicyType> convertPolicies(InputStream isToscaPolicy) throws ToscaPolicyConversionException; - - List<PolicyType> convertPolicies(Map<String, Object> toscaObject) throws ToscaPolicyConversionException; + /** + * Implement this method to translate policies. + * + * @param toscaObject Incoming Tosca Policies object + * @return List of translated policies + * @throws ToscaPolicyConversionException Exception + */ + List<PolicyType> scanAndConvertPolicies(Map<String, Object> toscaObject) throws ToscaPolicyConversionException; + /** + * Implement this method to convert an ONAP DecisionRequest into + * a Xacml request. + * + * @param request Incoming DecisionRequest + * @return Xacml Request object + */ Request convertRequest(DecisionRequest request); - DecisionResponse convertResponse(Response response); + /** + * Implement this method to convert a Xacml Response + * into a ONAP DecisionResponse. + * + * @param xacmlResponse Input Xacml Response + * @return DecisionResponse object + */ + DecisionResponse convertResponse(Response xacmlResponse); + } diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverterUtils.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java index cd197935..cdf5404b 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverterUtils.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java @@ -35,9 +35,9 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType; * @author pameladragosh * */ -public final class ToscaPolicyConverterUtils { +public final class ToscaPolicyTranslatorUtils { - private ToscaPolicyConverterUtils() { + private ToscaPolicyTranslatorUtils() { super(); } diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyRequest.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyRequest.java new file mode 100644 index 00000000..3914ba60 --- /dev/null +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyRequest.java @@ -0,0 +1,84 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common.std; + +import com.att.research.xacml.std.annotations.XACMLAction; +import com.att.research.xacml.std.annotations.XACMLRequest; +import com.att.research.xacml.std.annotations.XACMLResource; +import com.att.research.xacml.std.annotations.XACMLSubject; + +import java.util.Map; +import java.util.Map.Entry; + +import org.onap.policy.models.decisions.concepts.DecisionRequest; + +@XACMLRequest(ReturnPolicyIdList = true) +public class StdCombinedPolicyRequest { + + public StdCombinedPolicyRequest() { + super(); + } + + @XACMLSubject(includeInResults = true) + String onapName = "DCAE"; + + @XACMLResource(includeInResults = true) + String resource = "onap.policies.Monitoring"; + + @XACMLAction() + String action = "configure"; + + + /** + * Parses the DecisionRequest into a MonitoringRequest. + * + * @param decisionRequest Input DecisionRequest + * @return MonitoringRequest + */ + public static StdCombinedPolicyRequest createInstance(DecisionRequest decisionRequest) { + StdCombinedPolicyRequest request = new StdCombinedPolicyRequest(); + request.onapName = decisionRequest.getOnapName(); + request.action = decisionRequest.getAction(); + + Map<String, Object> resources = decisionRequest.getResource(); + for (Entry<String, Object> entry : resources.entrySet()) { + if ("policy-id".equals(entry.getKey())) { + // + // TODO handle lists of policies + // + request.resource = entry.getValue().toString(); + continue; + } + if ("policy-type".equals(entry.getKey())) { + // + // TODO handle lists of policies + // + request.resource = entry.getValue().toString(); + } + } + // + // TODO handle a bad incoming request. Do that here? + // + return request; + } +} diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java new file mode 100644 index 00000000..b39c2e60 --- /dev/null +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java @@ -0,0 +1,373 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common.std; + +import com.att.research.xacml.api.AttributeAssignment; +import com.att.research.xacml.api.DataTypeException; +import com.att.research.xacml.api.Decision; +import com.att.research.xacml.api.Obligation; +import com.att.research.xacml.api.Request; +import com.att.research.xacml.api.Response; +import com.att.research.xacml.api.Result; +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.std.annotations.RequestParser; +import com.att.research.xacml.util.XACMLPolicyWriter; +import com.google.gson.Gson; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeAssignmentExpressionType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.EffectType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObligationExpressionType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObligationExpressionsType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; + +import org.json.JSONObject; +import org.onap.policy.models.decisions.concepts.DecisionRequest; +import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.pdp.xacml.application.common.ToscaDictionary; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslatorUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class StdCombinedPolicyResultsTranslator implements ToscaPolicyTranslator { + + private static final Logger LOGGER = LoggerFactory.getLogger(StdCombinedPolicyResultsTranslator.class); + + public StdCombinedPolicyResultsTranslator() { + super(); + } + + @SuppressWarnings("unchecked") + @Override + public List<PolicyType> scanAndConvertPolicies(Map<String, Object> toscaObject) + throws ToscaPolicyConversionException { + // + // Our return object + // + List<PolicyType> scannedPolicies = new ArrayList<>(); + // + // Iterate each of the Policies + // + List<Object> policies = (List<Object>) toscaObject.get("policies"); + for (Object policyObject : policies) { + // + // Get the contents + // + LOGGER.debug("Found policy {}", policyObject.getClass()); + Map<String, Object> policyContents = (Map<String, Object>) policyObject; + for (Entry<String, Object> entrySet : policyContents.entrySet()) { + LOGGER.debug("Entry set {}", entrySet); + // + // Convert this policy + // + PolicyType policy = this.convertPolicy(entrySet); + try (ByteArrayOutputStream os = new ByteArrayOutputStream()) { + XACMLPolicyWriter.writePolicyFile(os, policy); + LOGGER.debug("{}", os); + } catch (IOException e) { + LOGGER.error("Failed to convert {}", e); + } + // + // Convert and add in the new policy + // + scannedPolicies.add(policy); + } + } + + return scannedPolicies; + } + + @Override + public Request convertRequest(DecisionRequest request) { + LOGGER.debug("Converting Request {}", request); + try { + return RequestParser.parseRequest(StdCombinedPolicyRequest.createInstance(request)); + } catch (IllegalArgumentException | IllegalAccessException | DataTypeException e) { + LOGGER.error("Failed to convert DecisionRequest: {}", e); + } + // + // TODO throw exception + // + return null; + } + + @Override + public DecisionResponse convertResponse(Response xacmlResponse) { + LOGGER.debug("Converting Response {}", xacmlResponse); + DecisionResponse decisionResponse = new DecisionResponse(); + // + // Iterate through all the results + // + for (Result xacmlResult : xacmlResponse.getResults()) { + // + // Check the result + // + if (xacmlResult.getDecision() == Decision.PERMIT) { + // + // Setup policies + // + decisionResponse.setPolicies(new ArrayList<>()); + // + // Go through obligations + // + for (Obligation obligation : xacmlResult.getObligations()) { + LOGGER.debug("Obligation: {}", obligation); + for (AttributeAssignment assignment : obligation.getAttributeAssignments()) { + LOGGER.debug("Attribute Assignment: {}", assignment); + // + // We care about the content attribute + // + if (ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_CONTENTS + .equals(assignment.getAttributeId())) { + // + // The contents are in Json form + // + Object stringContents = assignment.getAttributeValue().getValue(); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("DCAE contents: {}{}", System.lineSeparator(), stringContents); + } + // + // Let's parse it into a map using Gson + // + Gson gson = new Gson(); + @SuppressWarnings("unchecked") + Map<String, Object> result = gson.fromJson(stringContents.toString() ,Map.class); + decisionResponse.getPolicies().add(result); + } + } + } + } else { + decisionResponse.setErrorMessage("A better error message"); + } + } + + return decisionResponse; + } + + @SuppressWarnings("unchecked") + protected PolicyType convertPolicy(Entry<String, Object> entrySet) throws ToscaPolicyConversionException { + // + // Policy name should be at the root + // + String policyName = entrySet.getKey(); + Map<String, Object> policyDefinition = (Map<String, Object>) entrySet.getValue(); + // + // Set it as the policy ID + // + PolicyType newPolicyType = new PolicyType(); + newPolicyType.setPolicyId(policyName); + // + // Optional description + // + if (policyDefinition.containsKey("description")) { + newPolicyType.setDescription(policyDefinition.get("description").toString()); + } + // + // There should be a metadata section + // + if (! policyDefinition.containsKey("metadata")) { + throw new ToscaPolicyConversionException(policyName + " missing metadata section"); + } + this.fillMetadataSection(newPolicyType, + (Map<String, Object>) policyDefinition.get("metadata")); + // + // Set the combining rule + // + newPolicyType.setRuleCombiningAlgId(XACML3.ID_RULE_FIRST_APPLICABLE.stringValue()); + // + // Generate the TargetType + // + // + // There should be a metadata section + // + if (! policyDefinition.containsKey("type")) { + throw new ToscaPolicyConversionException(policyName + " missing type value"); + } + if (! policyDefinition.containsKey("version")) { + throw new ToscaPolicyConversionException(policyName + " missing version value"); + } + TargetType target = this.generateTargetType(policyName, + policyDefinition.get("type").toString(), + policyDefinition.get("version").toString()); + newPolicyType.setTarget(target); + // + // Now create the Permit Rule + // No target since the policy has a target + // With obligations. + // + RuleType rule = new RuleType(); + rule.setDescription("Default is to PERMIT if the policy matches."); + rule.setRuleId(policyName + ":rule"); + rule.setEffect(EffectType.PERMIT); + rule.setTarget(new TargetType()); + // + // Now represent the policy as Json + // + JSONObject jsonObligation = new JSONObject(); + jsonObligation.put(policyName, policyDefinition); + addObligation(rule, jsonObligation); + // + // Add the rule to the policy + // + newPolicyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule); + // + // Return our new policy + // + return newPolicyType; + } + + /** + * From the TOSCA metadata section, pull in values that are needed into the XACML policy. + * + * @param policy Policy Object to store the metadata + * @param metadata The Metadata TOSCA Map + * @return Same Policy Object + * @throws ToscaPolicyConversionException If there is something missing from the metadata + */ + protected PolicyType fillMetadataSection(PolicyType policy, + Map<String, Object> metadata) throws ToscaPolicyConversionException { + if (! metadata.containsKey("policy-id")) { + throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-id"); + } else { + // + // Do nothing here - the XACML PolicyId is used from TOSCA Policy Name field + // + } + if (! metadata.containsKey("policy-version")) { + throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-version"); + } else { + // + // Add in the Policy Version + // + policy.setVersion(metadata.get("policy-version").toString()); + } + return policy; + } + + protected TargetType generateTargetType(String policyId, String policyType, String policyTypeVersion) { + // + // Create all the match's that are possible + // + // This is for the Policy Id + // + MatchType matchPolicyId = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator( + XACML3.ID_FUNCTION_STRING_EQUAL, + policyId, + XACML3.ID_DATATYPE_STRING, + ToscaDictionary.ID_RESOURCE_POLICY_ID, + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE); + // + // This is for the Policy Type + // + MatchType matchPolicyType = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator( + XACML3.ID_FUNCTION_STRING_EQUAL, + policyType, + XACML3.ID_DATATYPE_STRING, + ToscaDictionary.ID_RESOURCE_POLICY_TYPE, + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE); + // + // This is for the Policy Type version + // + MatchType matchPolicyTypeVersion = ToscaPolicyTranslatorUtils.buildMatchTypeDesignator( + XACML3.ID_FUNCTION_STRING_EQUAL, + policyTypeVersion, + XACML3.ID_DATATYPE_STRING, + ToscaDictionary.ID_RESOURCE_POLICY_TYPE_VERSION, + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE); + // + // This is our outer AnyOf - which is an OR + // + AnyOfType anyOf = new AnyOfType(); + // + // Create AllOf (AND) of just Policy Id + // + anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchPolicyId)); + // + // Create AllOf (AND) of just Policy Type + // + anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchPolicyType)); + // + // Create AllOf (AND) of Policy Type and Policy Type Version + // + anyOf.getAllOf().add(ToscaPolicyTranslatorUtils.buildAllOf(matchPolicyType, matchPolicyTypeVersion)); + // + // Now we can create the TargetType, add the top-level anyOf (OR), + // and return the value. + // + TargetType target = new TargetType(); + target.getAnyOf().add(anyOf); + return target; + } + + protected RuleType addObligation(RuleType rule, JSONObject jsonPolicy) { + // + // Convert the YAML Policy to JSON Object + // + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("JSON DCAE Policy {}{}", System.lineSeparator(), jsonPolicy); + } + // + // Create an AttributeValue for it + // + AttributeValueType value = new AttributeValueType(); + value.setDataType(ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_DATATYPE.stringValue()); + value.getContent().add(jsonPolicy.toString()); + // + // Create our AttributeAssignmentExpression where we will + // store the contents of the policy in JSON format. + // + AttributeAssignmentExpressionType expressionType = new AttributeAssignmentExpressionType(); + expressionType.setAttributeId(ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_CONTENTS.stringValue()); + ObjectFactory factory = new ObjectFactory(); + expressionType.setExpression(factory.createAttributeValue(value)); + // + // Create an ObligationExpression for it + // + ObligationExpressionType obligation = new ObligationExpressionType(); + obligation.setFulfillOn(EffectType.PERMIT); + obligation.setObligationId(ToscaDictionary.ID_OBLIGATION_REST_BODY.stringValue()); + obligation.getAttributeAssignmentExpression().add(expressionType); + // + // Now we can add it into the rule + // + ObligationExpressionsType obligations = new ObligationExpressionsType(); + obligations.getObligationExpression().add(obligation); + rule.setObligationExpressions(obligations); + return rule; + } + +} diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMetadataTranslator.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMetadataTranslator.java new file mode 100644 index 00000000..11651f4f --- /dev/null +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMetadataTranslator.java @@ -0,0 +1,110 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common.std; + +import com.att.research.xacml.api.Request; +import com.att.research.xacml.api.Response; +import com.att.research.xacml.util.XACMLPolicyWriter; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; + +import org.onap.policy.models.decisions.concepts.DecisionRequest; +import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class StdMetadataTranslator implements ToscaPolicyTranslator { + + private static final Logger LOGGER = LoggerFactory.getLogger(StdMetadataTranslator.class); + + public StdMetadataTranslator() { + super(); + } + + @SuppressWarnings("unchecked") + @Override + public List<PolicyType> scanAndConvertPolicies(Map<String, Object> toscaObject) + throws ToscaPolicyConversionException { + // + // Our return object + // + List<PolicyType> scannedPolicies = new ArrayList<>(); + // + // Iterate each of the Policies + // + List<Object> policies = (List<Object>) toscaObject.get("policies"); + for (Object policyObject : policies) { + // + // Get the contents + // + LOGGER.debug("Found policy {}", policyObject.getClass()); + Map<String, Object> policyContents = (Map<String, Object>) policyObject; + for (Entry<String, Object> entrySet : policyContents.entrySet()) { + LOGGER.debug("Entry set {}", entrySet); + // + // Convert this policy + // + PolicyType policy = this.convertPolicy(entrySet); + try (ByteArrayOutputStream os = new ByteArrayOutputStream()) { + XACMLPolicyWriter.writePolicyFile(os, policy); + LOGGER.debug("{}", os); + } catch (IOException e) { + LOGGER.error("Failed to convert {}", e); + } + // + // Convert and add in the new policy + // + scannedPolicies.add(policy); + } + } + + return scannedPolicies; + } + + @Override + public Request convertRequest(DecisionRequest request) { + // TODO Auto-generated method stub + return null; + } + + @Override + public DecisionResponse convertResponse(Response xacmlResponse) { + // TODO Auto-generated method stub + return null; + } + + private PolicyType convertPolicy(Entry<String, Object> entrySet) throws ToscaPolicyConversionException { + + return null; + } + +} diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java new file mode 100644 index 00000000..826acbc3 --- /dev/null +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java @@ -0,0 +1,211 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common.std; + +import com.att.research.xacml.api.Request; +import com.att.research.xacml.api.Response; +import com.att.research.xacml.api.pdp.PDPEngine; +import com.att.research.xacml.api.pdp.PDPEngineFactory; +import com.att.research.xacml.api.pdp.PDPException; +import com.att.research.xacml.util.FactoryException; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import org.onap.policy.models.decisions.concepts.DecisionRequest; +import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider; +import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class StdXacmlApplicationServiceProvider implements XacmlApplicationServiceProvider { + + private static final Logger LOGGER = LoggerFactory.getLogger(StdXacmlApplicationServiceProvider.class); + private Path pathForData = null; + private Properties pdpProperties = null; + private PDPEngine pdpEngine = null; + + public StdXacmlApplicationServiceProvider() { + super(); + } + + @Override + public String applicationName() { + return "Please Override"; + } + + @Override + public List<String> actionDecisionsSupported() { + return Collections.emptyList(); + } + + @Override + public void initialize(Path pathForData) { + // + // Save our path + // + this.pathForData = pathForData; + LOGGER.debug("New Path is {}", this.pathForData.toAbsolutePath()); + // + // Look for and load the properties object + // + try { + pdpProperties = XacmlPolicyUtils.loadXacmlProperties(XacmlPolicyUtils.getPropertiesPath(pathForData)); + LOGGER.debug("{}", pdpProperties); + } catch (IOException e) { + LOGGER.error("{}", e); + } + // + // Create an engine + // + createEngine(pdpProperties); + } + + @Override + public List<String> supportedPolicyTypes() { + return Collections.emptyList(); + } + + @Override + public boolean canSupportPolicyType(String policyType, String policyTypeVersion) { + return false; + } + + @Override + public void loadPolicies(Map<String, Object> toscaPolicies) { + throw new UnsupportedOperationException("Please override and implement loadPolicies"); + } + + @Override + public DecisionResponse makeDecision(DecisionRequest request) { + // + // We should have a standard error response to return + // + return null; + } + + protected synchronized PDPEngine getEngine() { + return this.pdpEngine; + } + + protected synchronized Properties getProperties() { + return new Properties(pdpProperties); + } + + protected synchronized Path getDataPath() { + return pathForData; + } + + /** + * Load properties from given file. + * + * @throws IOException If unable to read file + */ + protected synchronized Properties loadXacmlProperties() throws IOException { + LOGGER.debug("Loading xacml properties {}", pathForData); + try (InputStream is = Files.newInputStream(pathForData)) { + Properties properties = new Properties(); + properties.load(is); + return properties; + } + } + + /** + * Stores the XACML Properties to the given file location. + * + * @throws IOException If unable to store the file. + */ + protected synchronized void storeXacmlProperties() throws IOException { + try (OutputStream os = Files.newOutputStream(pathForData)) { + String strComments = "#"; + pdpProperties.store(os, strComments); + } + } + + /** + * Appends 'xacml.properties' to a root Path object + * + * @return Path to rootPath/xacml.properties file + */ + protected synchronized Path getPropertiesPath() { + return Paths.get(pathForData.toAbsolutePath().toString(), "xacml.properties"); + } + + /** + * Creates an instance of PDP engine given the Properties object. + */ + protected synchronized void createEngine(Properties properties) { + // + // Now initialize the XACML PDP Engine + // + try { + PDPEngineFactory factory = PDPEngineFactory.newInstance(); + PDPEngine engine = factory.newEngine(properties); + if (engine != null) { + this.pdpEngine = engine; + this.pdpProperties = new Properties(properties); + } + } catch (FactoryException e) { + LOGGER.error("Failed to create XACML PDP Engine {}", e); + } + } + + /** + * Make a decision call. + * + * @param request Incoming request object + * @return Response object + */ + protected synchronized Response xacmlDecision(Request request) { + // + // This is what we need to return + // + Response response = null; + // + // Track some timing + // + long timeStart = System.currentTimeMillis(); + try { + response = this.pdpEngine.decide(request); + } catch (PDPException e) { + LOGGER.error("Xacml PDP Engine failed {}", e); + } finally { + // + // Track the end of timing + // + long timeEnd = System.currentTimeMillis(); + LOGGER.info("Elapsed Time: {}ms", (timeEnd - timeStart)); + } + return response; + } + +} |