summaryrefslogtreecommitdiffstats
path: root/applications/guard/src/main
diff options
context:
space:
mode:
authorJoshua Reich <jreich@research.att.com>2019-04-08 09:41:36 -0700
committerJoshua Reich <jreich@research.att.com>2019-04-11 16:50:54 -0700
commitfca3dd7b4bdc33b579750004c9d3bc163d20a2a7 (patch)
treed82b7935f724cd2370789bb77c3bab036ec85147 /applications/guard/src/main
parent4013653daa38a7fe1b9ffcae02e27d0bc411ac8f (diff)
Add Control Loop Coordination policy.
Refactor code to support multiple pip engines. Add pip engine for outcome. Modify LegacyGuardTranslator to use coordination translator's convertPolicy function when processing coordination guard. This version of convertPolicy intentionally uses string replacement on template-like xacml coordination guard to enable future support for API-based creation of new coordination guard types. Bug fixes and code cleanup. * Unused imports, sonar problems. * Consolidation of getAttribute method * Only use TypedQuery for Pips Issue-ID: POLICY-1471 Change-Id: I4e9365b7f23bee96cf438dad44feda97c65f6ecc Signed-off-by: Joshua Reich <jreich@research.att.com> Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'applications/guard/src/main')
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationDirective.java43
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationGuardTranslator.java166
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java25
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardPolicyRequest.java3
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardTranslator.java6
-rw-r--r--applications/guard/src/main/resources/coordination/function/onap.policies.controlloop.guard.coordination.FirstBlocksSecond.xml63
6 files changed, 299 insertions, 7 deletions
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationDirective.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationDirective.java
new file mode 100644
index 00000000..91f8ed2d
--- /dev/null
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationDirective.java
@@ -0,0 +1,43 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * guard
+ * ================================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.policy.xacml.pdp.application.guard;
+
+import java.io.Serializable;
+import java.util.List;
+
+import lombok.Data;
+
+@Data
+public class CoordinationDirective implements Serializable {
+ private static final long serialVersionUID = 6897293694639777548L;
+ private List<String> controlLoop;
+ private String coordinationFunction;
+
+ /**
+ * gets the ith control loop.
+ *
+ * @param index the control loop's index
+ * @return the CoordinationDirective's string representation
+ */
+ public String getControlLoop(int index) {
+ return controlLoop.get(index);
+ }
+}
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationGuardTranslator.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationGuardTranslator.java
new file mode 100644
index 00000000..c296526b
--- /dev/null
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/CoordinationGuardTranslator.java
@@ -0,0 +1,166 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP
+ * ================================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.policy.xacml.pdp.application.guard;
+
+import com.att.research.xacml.api.Request;
+import com.att.research.xacml.api.Response;
+import com.att.research.xacml.util.XACMLPolicyScanner;
+
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.UUID;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
+
+import org.apache.commons.io.IOUtils;
+import org.onap.policy.models.decisions.concepts.DecisionRequest;
+import org.onap.policy.models.decisions.concepts.DecisionResponse;
+import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy;
+import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
+import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.Constructor;
+
+public class CoordinationGuardTranslator implements ToscaPolicyTranslator {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(CoordinationGuardTranslator.class);
+
+ public CoordinationGuardTranslator() {
+ super();
+ }
+
+ @Override
+ public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException {
+ LOGGER.debug("Using CoordinationGuardTranslator.convertPolicy");
+ //
+ // Policy name should be at the root
+ //
+ String policyName = toscaPolicy.getMetadata().get("policy-id");
+ String type = toscaPolicy.getType();
+ String coordinationFunctionPath = "src/main/resources/coordination/function";
+ Map<String, Object> policyProps = toscaPolicy.getProperties();
+ LOGGER.debug("path = {}", coordinationFunctionPath);
+ LOGGER.debug("props = {}", policyProps);
+ List<String> controlLoop = (List<String>) policyProps.get("controlLoop");
+ CoordinationDirective cd = new CoordinationDirective();
+ cd.setCoordinationFunction(type);
+ cd.setControlLoop(controlLoop);
+ LOGGER.debug("CoordinationDirective = {}", cd);
+
+ String xacmlStr = generateXacmlFromCoordinationDirective(cd, coordinationFunctionPath);
+
+ LOGGER.debug("xacmlStr\n{}", xacmlStr);
+ PolicyType scannedPolicy = null;
+ try (InputStream is = new ByteArrayInputStream(xacmlStr.getBytes(StandardCharsets.UTF_8))) {
+ scannedPolicy = (PolicyType) XACMLPolicyScanner.readPolicy(is);
+ } catch (IOException e) {
+ LOGGER.error("Failed to read policy", e);
+ }
+ return scannedPolicy;
+ }
+
+ @Override
+ public Request convertRequest(DecisionRequest request) {
+ LOGGER.info("this convertRequest shouldn't be used");
+ return null;
+ }
+
+ @Override
+ public DecisionResponse convertResponse(Response xacmlResponse) {
+ LOGGER.info("this convertRequest shouldn't be used");
+ return null;
+ }
+
+ /**
+ * Load YAML coordination directive.
+ *
+ * @param directiveFilename yaml directive file to load
+ * @return the CoordinationDirective
+ */
+ public static CoordinationDirective loadCoordinationDirectiveFromFile(String directiveFilename) {
+ try (InputStream is = new FileInputStream(new File(directiveFilename))) {
+ String contents = IOUtils.toString(is, StandardCharsets.UTF_8);
+ //
+ // Read the yaml into our Java Object
+ //
+ Yaml yaml = new Yaml(new Constructor(CoordinationDirective.class));
+ Object obj = yaml.load(contents);
+
+ LOGGER.debug(contents);
+
+ return (CoordinationDirective) obj;
+ } catch (IOException e) {
+ LOGGER.error("Error while loading YAML coordination directive", e);
+ }
+ return null;
+ }
+
+ /**
+ * Generate Xacml rule implementing specified CoordinationDirective.
+ *
+ * @param cd the CoordinationDirective
+ * @param protoDir the directory containing Xacml implementation prototypes
+ * @return the generated Xacml policy
+ */
+ public static String generateXacmlFromCoordinationDirective(CoordinationDirective cd,
+ String protoDir) {
+ /*
+ * Determine file names
+ */
+ String xacmlProtoFilename = protoDir + File.separator + cd.getCoordinationFunction() + ".xml";
+ LOGGER.debug("xacmlProtoFilename={}", xacmlProtoFilename);
+ /*
+ * Values to be used for placeholders
+ */
+ final String uniqueId = UUID.randomUUID().toString();
+ final String cLOne = cd.getControlLoop(0);
+ final String cLTwo = cd.getControlLoop(1);
+ /*
+ * Replace prototype placeholders with appropriate values
+ */
+ String xacmlPolicy = null;
+ try (Stream<String> stream = Files.lines(Paths.get(xacmlProtoFilename))) {
+ xacmlPolicy = stream.map(s -> s.replaceAll("UNIQUE_ID", uniqueId))
+ .map(s -> s.replaceAll("CONTROL_LOOP_ONE", cLOne))
+ .map(s -> s.replaceAll("CONTROL_LOOP_TWO", cLTwo))
+ .collect(Collectors.joining(System.lineSeparator()));
+ } catch (IOException e) {
+ LOGGER.error("Error while generating XACML policy for coordination directive", e);
+ }
+ return xacmlPolicy;
+ }
+
+}
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
index 0b3b1542..55568c36 100644
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
@@ -43,15 +43,22 @@ public class GuardPdpApplication extends StdXacmlApplicationServiceProvider {
private static final Logger LOGGER = LoggerFactory.getLogger(GuardPdpApplication.class);
private static final String STRING_VERSION100 = "1.0.0";
private List<ToscaPolicyTypeIdentifier> supportedPolicyTypes = new ArrayList<>();
- private LegacyGuardTranslator translator = new LegacyGuardTranslator();
+ private LegacyGuardTranslator legacyTranslator = new LegacyGuardTranslator();
+ private CoordinationGuardTranslator coordinationTranslator = new CoordinationGuardTranslator();
+
/** Constructor.
*
*/
public GuardPdpApplication() {
- this.supportedPolicyTypes.add(new ToscaPolicyTypeIdentifier("onap.policies.controlloop.guard.FrequencyLimiter",
+ this.supportedPolicyTypes.add(new ToscaPolicyTypeIdentifier(
+ "onap.policies.controlloop.guard.FrequencyLimiter",
+ STRING_VERSION100));
+ this.supportedPolicyTypes.add(new ToscaPolicyTypeIdentifier(
+ "onap.policies.controlloop.guard.MinMax",
STRING_VERSION100));
- this.supportedPolicyTypes.add(new ToscaPolicyTypeIdentifier("onap.policies.controlloop.guard.MinMax",
+ this.supportedPolicyTypes.add(new ToscaPolicyTypeIdentifier(
+ "onap.policies.controlloop.guard.coordination.FirstBlocksSecond",
STRING_VERSION100));
}
@@ -85,7 +92,15 @@ public class GuardPdpApplication extends StdXacmlApplicationServiceProvider {
}
@Override
- protected ToscaPolicyTranslator getTranslator() {
- return translator;
+ protected ToscaPolicyTranslator getTranslator(String type) {
+ LOGGER.debug("Policy type {}", type);
+ if ( type.contains("coordination") ) {
+ LOGGER.debug("returning coordinationTranslator");
+ return coordinationTranslator;
+ } else {
+ LOGGER.debug("returning legacyTranslator");
+ return legacyTranslator;
+ }
}
+
}
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardPolicyRequest.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardPolicyRequest.java
index fa04e6bd..7b6c37a6 100644
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardPolicyRequest.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardPolicyRequest.java
@@ -34,6 +34,7 @@ import lombok.Setter;
import lombok.ToString;
import org.onap.policy.models.decisions.concepts.DecisionRequest;
+import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
@Getter
@Setter
@@ -42,6 +43,7 @@ import org.onap.policy.models.decisions.concepts.DecisionRequest;
public class LegacyGuardPolicyRequest {
private static final String STR_GUARD = "guard";
+ private static final String URN_ONAP = ToscaDictionary.URN_ONAP;
@XACMLSubject(includeInResults = true)
private String onapName;
@@ -79,6 +81,7 @@ public class LegacyGuardPolicyRequest {
@XACMLResource(includeInResults = true, attributeId = "urn:org:onap:guard:target:max")
private Integer max;
+
public LegacyGuardPolicyRequest() {
super();
}
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardTranslator.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardTranslator.java
index 77dbb353..28e62b73 100644
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardTranslator.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/LegacyGuardTranslator.java
@@ -57,6 +57,7 @@ import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator;
import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslatorUtils;
+import org.onap.policy.pdp.xacml.application.common.operationshistory.CountRecentOperationsPip;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -167,7 +168,6 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator {
return decisionResponse;
}
-
/**
* From the TOSCA metadata section, pull in values that are needed into the XACML policy.
*
@@ -527,7 +527,9 @@ public class LegacyGuardTranslator implements ToscaPolicyTranslator {
//
// Right now I am faking the count value by re-using the request-id field
//
- String issuer = ToscaDictionary.GUARD_ISSUER + ":tw:" + timeWindow + ":" + timeUnits;
+ String issuer = ToscaDictionary.GUARD_ISSUER_PREFIX
+ + CountRecentOperationsPip.ISSUER_NAME
+ + ":tw:" + timeWindow + ":" + timeUnits;
designator.setIssuer(issuer);
AttributeValueType valueLimit = new AttributeValueType();
diff --git a/applications/guard/src/main/resources/coordination/function/onap.policies.controlloop.guard.coordination.FirstBlocksSecond.xml b/applications/guard/src/main/resources/coordination/function/onap.policies.controlloop.guard.coordination.FirstBlocksSecond.xml
new file mode 100644
index 00000000..bea05f26
--- /dev/null
+++ b/applications/guard/src/main/resources/coordination/function/onap.policies.controlloop.guard.coordination.FirstBlocksSecond.xml
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+ ============LICENSE_START=======================================================
+ drools-applications
+ ================================================================================
+ Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+
+<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"
+ PolicyId="UNIQUE_ID" Version="1"
+ RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny">
+ <Description>Policy for first_blocks_second coordination (if first
+ running and second requests to run, deny second).</Description>
+ <Target>
+ <AnyOf>
+ <AllOf>
+ <Match
+ MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">CONTROL_LOOP_TWO</AttributeValue>
+ <AttributeDesignator
+ Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
+ AttributeId="urn:org:onap:guard:clname:clname-id"
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ MustBePresent="false" />
+ </Match>
+ </AllOf>
+ </AnyOf>
+ </Target>
+
+ <Rule RuleId="UNIQUE_ID:rule:1" Effect="Deny">
+ <Description>First Is Running</Description>
+ <Condition>
+ <Apply
+ FunctionId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case">
+ <Apply
+ FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
+ <AttributeDesignator
+ Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
+ AttributeId="urn:org:onap:guard:operation:operation-outcome"
+ DataType="http://www.w3.org/2001/XMLSchema#string"
+ Issuer="urn:org:onap:xacml:guard:get-operation-outcome:clname:CONTROL_LOOP_ONE"
+ MustBePresent="false" />
+ </Apply>
+ <AttributeValue
+ DataType="http://www.w3.org/2001/XMLSchema#string">Success</AttributeValue>
+ </Apply>
+ </Condition>
+ </Rule>
+</Policy>