diff options
author | Pamela Dragosh <pdragosh@research.att.com> | 2020-04-14 13:20:05 -0400 |
---|---|---|
committer | Pamela Dragosh <pdragosh@research.att.com> | 2020-04-14 13:20:10 -0400 |
commit | de080f40b2e8821c13bb8a54339269248d2d5d17 (patch) | |
tree | 75e08dd5a5c39fdb5d549d74bb73210700df826d /applications/guard/src/main/java/org | |
parent | 0cd930cf733d33662ada0da13d226b82bcc13684 (diff) |
Fix blacklist translator and vs or
The blacklist entries should be treated as an or (AnyOf) vs
an and (AllOf).
Issue-ID: POLICY-2490
Change-Id: Id4eb823e18c59d84d4ca28b13f6a09794d36365f
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'applications/guard/src/main/java/org')
-rw-r--r-- | applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java | 26 |
1 files changed, 19 insertions, 7 deletions
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java index 1e4333ea..854f3260 100644 --- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java +++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java @@ -480,9 +480,25 @@ public class GuardTranslator implements ToscaPolicyTranslator { if (! toscaPolicy.getProperties().containsKey(FIELD_BLACKLIST)) { throw new ToscaPolicyConversionException("Missing blacklist field"); } - final AllOfType allOf = new AllOfType(); - this.addMatch(allOf, toscaPolicy.getProperties().get(FIELD_BLACKLIST), - ToscaDictionary.ID_RESOURCE_GUARD_TARGETID); + // + // Get the blacklist, which should be an array or collection. + // + Object arrayBlacklisted = toscaPolicy.getProperties().get(FIELD_BLACKLIST); + if (!(arrayBlacklisted instanceof Collection)) { + throw new ToscaPolicyConversionException("Blacklist is not a collection"); + } + // + // Iterate the entries and create individual AnyOf so each entry is + // treated as an OR. + // + TargetType target = new TargetType(); + for (Object blacklisted : ((Collection<?>) arrayBlacklisted)) { + AllOfType allOf = new AllOfType(); + this.addMatch(allOf, blacklisted, ToscaDictionary.ID_RESOURCE_GUARD_TARGETID); + AnyOfType anyOf = new AnyOfType(); + anyOf.getAllOf().add(allOf); + target.getAnyOf().add(anyOf); + } // // Create our rule and add the target // @@ -490,10 +506,6 @@ public class GuardTranslator implements ToscaPolicyTranslator { blacklistRule.setEffect(EffectType.DENY); blacklistRule.setDescription("blacklist the entities"); blacklistRule.setRuleId(policyName + ":blacklist"); - TargetType target = new TargetType(); - AnyOfType anyOf = new AnyOfType(); - anyOf.getAllOf().add(allOf); - target.getAnyOf().add(anyOf); blacklistRule.setTarget(target); // // Add the rule to the policy |