Utilize time extensions

Switched to using the new Time Extensions released in XACML from github v3.0. Added more thorough tests for it as well as the flexibility of specifying the current time etc. More syntax checking on the inputs from the policy. Issue-ID: POLICY-2810 Change-Id: I1b4ec885c706e37949e5dabe14c63b0d7456cd4f Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
author: Pamela Dragosh <pdragosh@research.att.com> 2021-02-17 15:48:01 -0600
committer: Pamela Dragosh <pdragosh@research.att.com> 2021-02-18 10:28:38 -0600
commit: 5920c029d3818a22f591c6aa1ffff4e34b6df234 (patch)
tree: efaec005974d050c78a48b13a34d4e8916098a77 /applications/common
parent: 8cea7022f62f1dba805564acd3f71525cdf95e23 (diff)
2 files changed, 73 insertions, 5 deletions
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java
index 796499d4..a5e804e0 100644
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java
@@ -2,7 +2,7 @@
  * ============LICENSE_START=======================================================
  * ONAP
  * ================================================================================
- * Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -29,9 +29,11 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ApplyType;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeDesignatorType;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.ConditionType;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.VariableReferenceType;
 import org.apache.commons.lang3.StringUtils;
 
 /**
@@ -114,7 +116,7 @@ public final class ToscaPolicyTranslatorUtils {
      * @param end ISO8601 timestamp
      * @return ApplyType
      */
-    public static ApplyType generateTimeInRange(String start, String end) {
+    public static ApplyType generateTimeInRange(String start, String end, boolean useRecurringFunction) {
         if (StringUtils.isBlank(start) || StringUtils.isBlank(end)) {
             return null;
         }
@@ -140,7 +142,11 @@ public final class ToscaPolicyTranslatorUtils {
 
         ApplyType applyTimeInRange = new ApplyType();
         applyTimeInRange.setDescription("return true if current time is in range.");
-        applyTimeInRange.setFunctionId(XACML3.ID_FUNCTION_TIME_IN_RANGE.stringValue());
+        if (useRecurringFunction) {
+            applyTimeInRange.setFunctionId(XACML3.ID_FUNCTION_TIME_IN_RECURRING_RANGE.stringValue());
+        } else {
+            applyTimeInRange.setFunctionId(XACML3.ID_FUNCTION_TIME_IN_RANGE.stringValue());
+        }
         applyTimeInRange.getExpression().add(factory.createApply(applyOneAndOnly));
         applyTimeInRange.getExpression().add(factory.createAttributeValue(valueStart));
         applyTimeInRange.getExpression().add(factory.createAttributeValue(valueEnd));
@@ -214,4 +220,24 @@ public final class ToscaPolicyTranslatorUtils {
         }
         return target;
     }
+
+    /**
+     * For an existing ConditionType, this method adds in a check for a variable. You must specify
+     * the function that compares the existing ConditionType's expression against the Variable.
+     *
+     * @param condition Existing ConditionType to use
+     * @param variable VariableReferenceType to use
+     * @param functionId XACML 3.0 identifier for the function
+     * @return a new ConditionType
+     */
+    public static ConditionType addVariableToCondition(ConditionType condition, VariableReferenceType variable,
+            Identifier functionId) {
+        ApplyType applyFunction = new ApplyType();
+        applyFunction.setFunctionId(functionId.stringValue());
+        applyFunction.getExpression().add(condition.getExpression());
+        applyFunction.getExpression().add(factory.createVariableReference(variable));
+        ConditionType newCondition = new ConditionType();
+        newCondition.setExpression(factory.createApply(applyFunction));
+        return newCondition;
+    }
 }
diff --git a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtilsTest.java b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtilsTest.java
index 5d451e2c..99627f67 100644
--- a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtilsTest.java
+++ b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtilsTest.java
@@ -2,7 +2,7 @@
  * ============LICENSE_START=======================================================
  * ONAP
  * ================================================================================
- * Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -25,15 +25,23 @@ package org.onap.policy.pdp.xacml.application.common;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.junit.Assert.assertTrue;
 
+import com.att.research.xacml.api.XACML3;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.Modifier;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AllOfType;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.ApplyType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeDesignatorType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.ConditionType;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory;
 import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.VariableReferenceType;
 import org.junit.Test;
 
 public class ToscaPolicyTranslatorUtilsTest {
+    private static final ObjectFactory factory = new ObjectFactory();
 
     @Test
     public void test() throws NoSuchMethodException, SecurityException {
@@ -45,7 +53,9 @@ public class ToscaPolicyTranslatorUtilsTest {
 
     @Test
     public void testTimeInRange() {
-        assertThat(ToscaPolicyTranslatorUtils.generateTimeInRange("T00:00:00Z", "T08:00:00Z")).isNotNull();
+        ApplyType apply = ToscaPolicyTranslatorUtils.generateTimeInRange("00:00:00Z", "08:00:00Z", true);
+        assertThat(apply).isNotNull();
+        assertThat(apply.getExpression()).hasSize(3);
     }
 
     @Test
@@ -68,4 +78,36 @@ public class ToscaPolicyTranslatorUtilsTest {
         assertThat(ToscaPolicyTranslatorUtils.parseInteger("1")).isEqualTo(1);
         assertThat(ToscaPolicyTranslatorUtils.parseInteger("1.0")).isEqualTo(1);
     }
+
+    @Test
+    public void testAddingVariables() {
+        ApplyType applyType = new ApplyType();
+        applyType.setFunctionId(XACML3.ID_FUNCTION_STRING_EQUAL.stringValue());
+
+        AttributeValueType value = new AttributeValueType();
+        value.setDataType(XACML3.ID_DATATYPE_STRING.stringValue());
+        value.getContent().add("1");
+        applyType.getExpression().add(factory.createAttributeValue(value));
+
+        AttributeDesignatorType designator = new AttributeDesignatorType();
+        designator.setAttributeId(XACML3.ID_RESOURCE.stringValue());
+        designator.setCategory(XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE.stringValue());
+        designator.setDataType(XACML3.ID_DATATYPE_STRING.stringValue());
+        applyType.getExpression().add(factory.createAttributeDesignator(designator));
+
+        ConditionType condition = new ConditionType();
+        condition.setExpression(factory.createApply(applyType));
+
+        VariableReferenceType variable = new VariableReferenceType();
+
+        variable.setVariableId("my-variable-id");
+
+        ConditionType newCondition = ToscaPolicyTranslatorUtils.addVariableToCondition(condition, variable,
+                XACML3.ID_FUNCTION_AND);
+
+        assertThat(newCondition.getExpression().getValue()).isInstanceOf(ApplyType.class);
+        Object obj = newCondition.getExpression().getValue();
+        assertThat(((ApplyType) obj).getFunctionId()).isEqualTo(XACML3.ID_FUNCTION_AND.stringValue());
+        assertThat(((ApplyType) obj).getExpression()).hasSize(2);
+    }
 }
author	Pamela Dragosh <pdragosh@research.att.com>	2021-02-17 15:48:01 -0600
committer	Pamela Dragosh <pdragosh@research.att.com>	2021-02-18 10:28:38 -0600
commit	5920c029d3818a22f591c6aa1ffff4e34b6df234 (patch)
tree	efaec005974d050c78a48b13a34d4e8916098a77 /applications/common
parent	8cea7022f62f1dba805564acd3f71525cdf95e23 (diff)