summaryrefslogtreecommitdiffstats
path: root/applications/guard/src/main/java
diff options
context:
space:
mode:
authorPamela Dragosh <pdragosh@research.att.com>2020-04-14 13:20:05 -0400
committerPamela Dragosh <pdragosh@research.att.com>2020-04-14 13:20:10 -0400
commitde080f40b2e8821c13bb8a54339269248d2d5d17 (patch)
tree75e08dd5a5c39fdb5d549d74bb73210700df826d /applications/guard/src/main/java
parent0cd930cf733d33662ada0da13d226b82bcc13684 (diff)
Fix blacklist translator and vs or
The blacklist entries should be treated as an or (AnyOf) vs an and (AllOf). Issue-ID: POLICY-2490 Change-Id: Id4eb823e18c59d84d4ca28b13f6a09794d36365f Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'applications/guard/src/main/java')
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java26
1 files changed, 19 insertions, 7 deletions
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
index 1e4333ea..854f3260 100644
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
@@ -480,9 +480,25 @@ public class GuardTranslator implements ToscaPolicyTranslator {
if (! toscaPolicy.getProperties().containsKey(FIELD_BLACKLIST)) {
throw new ToscaPolicyConversionException("Missing blacklist field");
}
- final AllOfType allOf = new AllOfType();
- this.addMatch(allOf, toscaPolicy.getProperties().get(FIELD_BLACKLIST),
- ToscaDictionary.ID_RESOURCE_GUARD_TARGETID);
+ //
+ // Get the blacklist, which should be an array or collection.
+ //
+ Object arrayBlacklisted = toscaPolicy.getProperties().get(FIELD_BLACKLIST);
+ if (!(arrayBlacklisted instanceof Collection)) {
+ throw new ToscaPolicyConversionException("Blacklist is not a collection");
+ }
+ //
+ // Iterate the entries and create individual AnyOf so each entry is
+ // treated as an OR.
+ //
+ TargetType target = new TargetType();
+ for (Object blacklisted : ((Collection<?>) arrayBlacklisted)) {
+ AllOfType allOf = new AllOfType();
+ this.addMatch(allOf, blacklisted, ToscaDictionary.ID_RESOURCE_GUARD_TARGETID);
+ AnyOfType anyOf = new AnyOfType();
+ anyOf.getAllOf().add(allOf);
+ target.getAnyOf().add(anyOf);
+ }
//
// Create our rule and add the target
//
@@ -490,10 +506,6 @@ public class GuardTranslator implements ToscaPolicyTranslator {
blacklistRule.setEffect(EffectType.DENY);
blacklistRule.setDescription("blacklist the entities");
blacklistRule.setRuleId(policyName + ":blacklist");
- TargetType target = new TargetType();
- AnyOfType anyOf = new AnyOfType();
- anyOf.getAllOf().add(allOf);
- target.getAnyOf().add(anyOf);
blacklistRule.setTarget(target);
//
// Add the rule to the policy