diff options
author | Pamela Dragosh <pdragosh@research.att.com> | 2019-04-12 11:03:44 -0400 |
---|---|---|
committer | Pamela Dragosh <pdragosh@research.att.com> | 2019-04-12 20:28:17 -0400 |
commit | 70736cfbf6ad1a068f8ee53adddd4faa3b6fa8a8 (patch) | |
tree | 6f883bb4cf79cd18eaac33c46446ac86a42934ce /applications/guard/src/main/java | |
parent | a5b035d9bb633cf5d520a62c451250db4b018a13 (diff) |
Add statistics and sonar cleanup and blacklist
* Adding in the statistics for decisions and errors.
* Cleaned up sonar issues and added code coverage.
* Sped up JUnit tests
* Fix JUnit issues with not finding application path
* Fix TestDecision not finding persistence.xml
* Fix for lingering statistics from previous runs. That
needs to be addressed at a later time.
* Changed persistence to use properties for configuration
of database rather than hard coding the persistence.xml
* Fix for Josh's comment to use else-if
* Changed to use apache Pair
* Added blacklist guard policy
Issue-ID: POLICY-1440
Change-Id: I56af8c3dcc82463f7381f1eaea7f1440b76200bd
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'applications/guard/src/main/java')
4 files changed, 140 insertions, 18 deletions
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationGuardTranslator.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationGuardTranslator.java index c296526b..10456e9f 100644 --- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationGuardTranslator.java +++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationGuardTranslator.java @@ -36,7 +36,6 @@ import java.nio.file.Files; import java.nio.file.Paths; import java.util.List; import java.util.Map; -import java.util.Map.Entry; import java.util.UUID; import java.util.stream.Collectors; import java.util.stream.Stream; diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java index 55568c36..0073f74e 100644 --- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java +++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java @@ -39,7 +39,6 @@ import org.slf4j.LoggerFactory; * */ public class GuardPdpApplication extends StdXacmlApplicationServiceProvider { - private static final Logger LOGGER = LoggerFactory.getLogger(GuardPdpApplication.class); private static final String STRING_VERSION100 = "1.0.0"; private List<ToscaPolicyTypeIdentifier> supportedPolicyTypes = new ArrayList<>(); @@ -47,7 +46,8 @@ public class GuardPdpApplication extends StdXacmlApplicationServiceProvider { private CoordinationGuardTranslator coordinationTranslator = new CoordinationGuardTranslator(); - /** Constructor. + /** + * Constructor. * */ public GuardPdpApplication() { @@ -58,6 +58,9 @@ public class GuardPdpApplication extends StdXacmlApplicationServiceProvider { "onap.policies.controlloop.guard.MinMax", STRING_VERSION100)); this.supportedPolicyTypes.add(new ToscaPolicyTypeIdentifier( + "onap.policies.controlloop.guard.Blacklist", + STRING_VERSION100)); + this.supportedPolicyTypes.add(new ToscaPolicyTypeIdentifier( "onap.policies.controlloop.guard.coordination.FirstBlocksSecond", STRING_VERSION100)); } diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardPolicyRequest.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardPolicyRequest.java index 7b6c37a6..bfbe4f64 100644 --- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardPolicyRequest.java +++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardPolicyRequest.java @@ -34,7 +34,6 @@ import lombok.Setter; import lombok.ToString; import org.onap.policy.models.decisions.concepts.DecisionRequest; -import org.onap.policy.pdp.xacml.application.common.ToscaDictionary; @Getter @Setter @@ -43,7 +42,6 @@ import org.onap.policy.pdp.xacml.application.common.ToscaDictionary; public class LegacyGuardPolicyRequest { private static final String STR_GUARD = "guard"; - private static final String URN_ONAP = ToscaDictionary.URN_ONAP; @XACMLSubject(includeInResults = true) private String onapName; diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardTranslator.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardTranslator.java index 28e62b73..3cbfcf73 100644 --- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardTranslator.java +++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardTranslator.java @@ -67,6 +67,7 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator { private static final String FIELD_GUARD_ACTIVE_START = "guardActiveStart"; private static final String FIELD_GUARD_ACTIVE_END = "guardActiveEnd"; + private static final String FIELD_TARGET = "targets"; public LegacyGuardTranslator() { super(); @@ -96,9 +97,10 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator { // newPolicyType.setRuleCombiningAlgId(XACML3.ID_RULE_DENY_UNLESS_PERMIT.stringValue()); // - // Generate the TargetType + // Generate the TargetType - add true if not blacklist // - newPolicyType.setTarget(this.generateTargetType(toscaPolicy.getProperties())); + newPolicyType.setTarget(this.generateTargetType(toscaPolicy.getProperties(), + ! "onap.policies.controlloop.guard.Blacklist".equals(toscaPolicy.getType()))); // // Now create the Permit Rule // @@ -196,7 +198,7 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator { return policy; } - protected TargetType generateTargetType(Map<String, Object> properties) { + protected TargetType generateTargetType(Map<String, Object> properties, boolean addTargets) { // // Go through potential properties // @@ -207,15 +209,14 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator { if (properties.containsKey("recipe")) { addMatch(allOf, properties.get("recipe"), ToscaDictionary.ID_RESOURCE_GUARD_RECIPE); } - if (properties.containsKey("targets")) { - addMatch(allOf, properties.get("targets"), ToscaDictionary.ID_RESOURCE_GUARD_TARGETID); + if (addTargets) { + if (properties.containsKey("targets")) { + addMatch(allOf, properties.get("targets"), ToscaDictionary.ID_RESOURCE_GUARD_TARGETID); + } } if (properties.containsKey("clname")) { addMatch(allOf, properties.get("clname"), ToscaDictionary.ID_RESOURCE_GUARD_CLNAME); } - if (properties.containsKey("targets")) { - addMatch(allOf, properties.get("targets"), ToscaDictionary.ID_RESOURCE_GUARD_TARGETID); - } // // Create target // @@ -265,6 +266,8 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator { return generateFrequencyPermit(policyName, properties); } else if ("onap.policies.controlloop.guard.MinMax".equals(policyType)) { return generateMinMaxPermit(policyName, properties); + } else if ("onap.policies.controlloop.guard.Blacklist".equals(policyType)) { + return generateBlacklistPermit(policyName, properties); } LOGGER.error("Missing policy type in the policy"); return null; @@ -475,6 +478,82 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator { return permit; } + private static RuleType generateBlacklistPermit(String policyName, Map<String, Object> properties) { + // + // Generate target + // + if (! properties.containsKey(FIELD_TARGET)) { + LOGGER.error("Missing target for blacklist policy"); + return null; + } + final ApplyType targetApply = generateTargetApply(properties.get(FIELD_TARGET)); + // + // Get the properties that are common among guards + // + String guardActiveStart = null; + if (properties.containsKey(FIELD_GUARD_ACTIVE_START)) { + guardActiveStart = properties.get(FIELD_GUARD_ACTIVE_START).toString(); + } + String guardActiveEnd = null; + if (properties.containsKey(FIELD_GUARD_ACTIVE_END)) { + guardActiveEnd = properties.get(FIELD_GUARD_ACTIVE_END).toString(); + } + // + // Generate the time in range + // + final ApplyType timeRange = generateTimeInRange(guardActiveStart, guardActiveEnd); + // + // Create our rule + // + RuleType permit = new RuleType(); + permit.setDescription("Default is to PERMIT if the policy matches."); + permit.setRuleId(policyName + ":rule"); + permit.setEffect(EffectType.PERMIT); + permit.setTarget(new TargetType()); + // + // Create our condition + // + ObjectFactory factory = new ObjectFactory(); + ApplyType innerApply; + if (timeRange != null) { + ApplyType applyAnd = new ApplyType(); + applyAnd.setDescription("Combine the timeRange with target to create AND"); + applyAnd.setFunctionId(XACML3.ID_FUNCTION_AND.stringValue()); + applyAnd.getExpression().add(factory.createApply(timeRange)); + applyAnd.getExpression().add(factory.createApply(targetApply)); + // + // Now we need to NOT this so the permit happens + // + ApplyType applyNot = new ApplyType(); + applyNot.setDescription("This should be false for a permit."); + applyNot.setFunctionId(XACML3.ID_FUNCTION_NOT.stringValue()); + applyNot.getExpression().add(factory.createApply(applyAnd)); + innerApply = applyNot; + } else { + // + // Just the target is needed + // + ApplyType applyNot = new ApplyType(); + applyNot.setDescription("This should be false for a permit."); + applyNot.setFunctionId(XACML3.ID_FUNCTION_NOT.stringValue()); + applyNot.getExpression().add(factory.createApply(targetApply)); + innerApply = applyNot; + } + // + // Create our condition + // + final ConditionType condition = new ConditionType(); + // + // Add into the condition + // + condition.setExpression(factory.createApply(innerApply)); + // + // Add the condition + // + permit.setCondition(condition); + return permit; + } + private static ApplyType generateTimeInRange(String start, String end) { if (start == null || end == null) { LOGGER.warn("Missing time range start {} end {}", start, end); @@ -521,11 +600,7 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator { designator.setCategory(XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE.stringValue()); designator.setDataType(XACML3.ID_DATATYPE_INTEGER.stringValue()); // - // TODO Add this back in when the operational database PIP is configured. - // The issuer indicates that the PIP will be providing this attribute during - // the decision making. - // - // Right now I am faking the count value by re-using the request-id field + // Setup issuer // String issuer = ToscaDictionary.GUARD_ISSUER_PREFIX + CountRecentOperationsPip.ISSUER_NAME @@ -627,6 +702,53 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator { return applyLessThanEqual; } + @SuppressWarnings("unchecked") + private static ApplyType generateTargetApply(Object targetObject) { + ObjectFactory factory = new ObjectFactory(); + // + // Create a bag of values + // + ApplyType applyStringBag = new ApplyType(); + applyStringBag.setDescription("Bag the target values"); + applyStringBag.setFunctionId(XACML3.ID_FUNCTION_STRING_BAG.stringValue()); + if (targetObject instanceof Collection) { + for (Object target : ((Collection<Object>) targetObject)) { + if (! (target instanceof String)) { + LOGGER.error("Collection of unsupported objects {}", target.getClass()); + return null; + } + AttributeValueType value = new AttributeValueType(); + value.setDataType(XACML3.ID_DATATYPE_STRING.stringValue()); + value.getContent().add(target.toString()); + applyStringBag.getExpression().add(factory.createAttributeValue(value)); + } + } else if (targetObject instanceof String) { + AttributeValueType value = new AttributeValueType(); + value.setDataType(XACML3.ID_DATATYPE_STRING.stringValue()); + value.getContent().add(targetObject.toString()); + applyStringBag.getExpression().add(factory.createAttributeValue(value)); + } else { + LOGGER.warn("Unsupported object for target {}", targetObject.getClass()); + return null; + } + // + // Create our designator + // + AttributeDesignatorType designator = new AttributeDesignatorType(); + designator.setAttributeId(ToscaDictionary.ID_RESOURCE_GUARD_TARGETID.stringValue()); + designator.setCategory(XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE.stringValue()); + designator.setDataType(XACML3.ID_DATATYPE_STRING.stringValue()); + // + // Create apply for our AnyOf + // + ApplyType applyAnyOf = new ApplyType(); + applyAnyOf.setDescription("Find designator as anyof the possible values"); + applyAnyOf.setFunctionId(XACML3.ID_FUNCTION_ANY_OF.stringValue()); + applyAnyOf.getExpression().add(factory.createAttributeDesignator(designator)); + applyAnyOf.getExpression().add(factory.createApply(applyStringBag)); + return applyAnyOf; + } + private static Integer parseInteger(String strInteger) { Integer theInt = null; try { |