diff options
author | Pamela Dragosh <pdragosh@research.att.com> | 2019-03-27 06:40:18 -0400 |
---|---|---|
committer | Joshua Reich <jreich@research.att.com> | 2019-04-01 15:35:43 -0700 |
commit | d2daf7ef5d003b5c5ae6a7083ccf676cc87a1d7b (patch) | |
tree | 99d83d3772181df83ca48138ca3e86ef757cb443 /applications/guard/src/test | |
parent | d3438454879ec3f3c31ca8af2fc5903b7f8697ae (diff) |
Adding guard PIP
Adding the PIP support into the translator to setup the count
attribute as an attribute generated by PIP and not sent by
calling application.
Added JUnit for OperationsHistoryPipEngine.
Issue-ID: POLICY-1471
Change-Id: I71773ee8ea0e6c02873506d973a604899383d4b5
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'applications/guard/src/test')
6 files changed, 217 insertions, 69 deletions
diff --git a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java index 981afee7..0e5d8593 100644 --- a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java +++ b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java @@ -29,6 +29,8 @@ import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; +import java.sql.Date; +import java.time.Instant; import java.util.HashMap; import java.util.Iterator; import java.util.Map; @@ -36,6 +38,11 @@ import java.util.Properties; import java.util.ServiceLoader; import java.util.UUID; +import javax.persistence.EntityManager; +import javax.persistence.Persistence; + +import org.junit.AfterClass; +import org.junit.Before; import org.junit.BeforeClass; import org.junit.ClassRule; import org.junit.FixMethodOrder; @@ -47,6 +54,7 @@ import org.onap.policy.common.utils.coder.StandardCoder; import org.onap.policy.common.utils.resources.TextFileUtils; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.pdp.xacml.application.common.OnapOperationsHistoryDbao; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider; import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; import org.slf4j.Logger; @@ -60,10 +68,13 @@ public class GuardPdpApplicationTest { private static Properties properties = new Properties(); private static File propertiesFile; private static XacmlApplicationServiceProvider service; - private static DecisionRequest requestGuardPermit; - private static DecisionRequest requestGuardDeny; - private static DecisionRequest requestGuardDeny2; + private static DecisionRequest requestVfCount1; + private static DecisionRequest requestVfCount3; + private static DecisionRequest requestVfCount6; private static StandardCoder gson = new StandardCoder(); + private static EntityManager em; + private static final String DENY = "Deny"; + private static final String PERMIT = "Permit"; @ClassRule public static final TemporaryFolder policyFolder = new TemporaryFolder(); @@ -115,30 +126,79 @@ public class GuardPdpApplicationTest { // we just built for it. // service.initialize(propertiesFile.toPath().getParent()); - } - - @Test - public void test1Basics() throws CoderException, IOException { - LOGGER.info("**************** Running test1 ****************"); // - // Load Single Decision Request + // Load Decision Requests // - requestGuardPermit = gson.decode( + requestVfCount1 = gson.decode( + TextFileUtils.getTextFileAsString( + "../../main/src/test/resources/decisions/decision.guard.vfCount.1.input.json"), + DecisionRequest.class); + requestVfCount3 = gson.decode( + TextFileUtils.getTextFileAsString( + "../../main/src/test/resources/decisions/decision.guard.vfCount.3.input.json"), + DecisionRequest.class); + requestVfCount6 = gson.decode( TextFileUtils.getTextFileAsString( - "../../main/src/test/resources/decisions/decision.guard.shouldpermit.input.json"), + "../../main/src/test/resources/decisions/decision.guard.vfCount.6.input.json"), DecisionRequest.class); // - // Load Single Decision Request + // Create EntityManager for manipulating DB + // + em = Persistence.createEntityManagerFactory( + GuardPdpApplicationTest.properties.getProperty("historydb.persistenceunit"), properties) + .createEntityManager(); + } + + /** + * Clears the database before each test. + * + */ + @Before + public void startClean() throws Exception { + em.getTransaction().begin(); + em.createQuery("DELETE FROM OnapOperationsHistoryDbao").executeUpdate(); + em.getTransaction().commit(); + } + + /** + * Check that decision matches expectation. + * + * @param expected from the response + * @param response received + * + **/ + public void checkDecision(String expected, DecisionResponse response) throws CoderException { + LOGGER.info("Looking for {} Decision", expected); + assertThat(response).isNotNull(); + assertThat(response.getStatus()).isNotNull(); + assertThat(response.getStatus()).isEqualTo(expected); + // + // Dump it out as Json + // + LOGGER.info(gson.encode(response)); + } + + /** + * Request a decision and check that it matches expectation. + * + * @param request to send to Xacml PDP + * @param expected from the response + * + **/ + public void requestAndCheckDecision(DecisionRequest request, String expected) throws CoderException { + // + // Ask for a decision // - requestGuardDeny = gson.decode(TextFileUtils.getTextFileAsString( - "../../main/src/test/resources/decisions/decision.guard.shoulddeny.input.json"), - DecisionRequest.class); + DecisionResponse response = service.makeDecision(request); // - // Load Single Decision Request + // Check decision // - requestGuardDeny2 = gson.decode(TextFileUtils.getTextFileAsString( - "../../main/src/test/resources/decisions/decision.guard.shoulddeny.input2.json"), - DecisionRequest.class); + checkDecision(expected, response); + } + + @Test + public void test1Basics() throws CoderException, IOException { + LOGGER.info("**************** Running test1 ****************"); // // Make sure there's an application name // @@ -164,16 +224,9 @@ public class GuardPdpApplicationTest { } @Test - public void test2NoPolicies() { + public void test2NoPolicies() throws CoderException { LOGGER.info("**************** Running test2 ****************"); - // - // Ask for a decision - // - DecisionResponse response = service.makeDecision(requestGuardPermit); - LOGGER.info("Decision {}", response); - - assertThat(response).isNotNull(); - assertThat(response.getStatus()).isEqualTo("Permit"); + requestAndCheckDecision(requestVfCount1,PERMIT); } @Test @@ -196,30 +249,25 @@ public class GuardPdpApplicationTest { service.loadPolicies(toscaObject); } // - // Ask for a decision - should get permit + // Zero recent actions: should get permit // - DecisionResponse response = service.makeDecision(requestGuardPermit); - LOGGER.info("Looking for Permit Decision {}", response); - - assertThat(response).isNotNull(); - assertThat(response.getStatus()).isNotNull(); - assertThat(response.getStatus()).isEqualTo("Permit"); + requestAndCheckDecision(requestVfCount1,PERMIT); // - // Dump it out as Json + // Add entry into operations history DB // - LOGGER.info(gson.encode(response)); + insertOperationEvent(requestVfCount1); // - // Ask for a decision - should get deny + // Only one recent actions: should get permit // - response = service.makeDecision(requestGuardDeny); - LOGGER.info("Looking for Deny Decision {}", response); - assertThat(response).isNotNull(); - assertThat(response.getStatus()).isNotNull(); - assertThat(response.getStatus()).isEqualTo("Deny"); + requestAndCheckDecision(requestVfCount1,PERMIT); // - // Dump it out as Json + // Add entry into operations history DB // - LOGGER.info(gson.encode(response)); + insertOperationEvent(requestVfCount1); + // + // Two recent actions, more than specified limit of 2: should get deny + // + requestAndCheckDecision(requestVfCount1,DENY); } @Test @@ -240,32 +288,32 @@ public class GuardPdpApplicationTest { // Load the policies // service.loadPolicies(toscaObject); - // - // Ask for a decision - should get permit - // } - DecisionResponse response = service.makeDecision(requestGuardPermit); - LOGGER.info("Looking for Permit Decision {}", response); - - assertThat(response).isNotNull(); - assertThat(response.getStatus()).isNotNull(); - assertThat(response.getStatus()).isEqualTo("Permit"); // - // Dump it out as Json + // vfcount=1 below min of 2: should get a Deny // - LOGGER.info(gson.encode(response)); + requestAndCheckDecision(requestVfCount1, DENY); // - // Ask for a decision - should get deny + // vfcount=3 between min of 2 and max of 5: should get a Permit // - response = service.makeDecision(requestGuardDeny); - LOGGER.info("Looking for Deny Decision {}", response); - assertThat(response).isNotNull(); - assertThat(response.getStatus()).isNotNull(); - assertThat(response.getStatus()).isEqualTo("Deny"); + requestAndCheckDecision(requestVfCount3, PERMIT); // - // Dump it out as Json + // vfcount=6 above max of 5: should get a Deny // - LOGGER.info(gson.encode(response)); + requestAndCheckDecision(requestVfCount6,DENY); + // + // Add two entry into operations history DB + // + insertOperationEvent(requestVfCount1); + insertOperationEvent(requestVfCount1); + // + // vfcount=3 between min of 2 and max of 5, but 2 recent actions is above frequency limit: should get a Deny + // + requestAndCheckDecision(requestVfCount3, DENY); + // + // vfcount=6 above max of 5: should get a Deny + // + requestAndCheckDecision(requestVfCount6, DENY); } @Test @@ -324,4 +372,33 @@ public class GuardPdpApplicationTest { assertThat(response.getStatus()).isEqualTo("Deny"); } } + + @SuppressWarnings("unchecked") + private void insertOperationEvent(DecisionRequest request) { + // + // Get the properties + // + Map<String, Object> properties = (Map<String, Object>) request.getResource().get("guard"); + assertThat(properties).isNotNull(); + // + // Add an entry + // + OnapOperationsHistoryDbao newEntry = new OnapOperationsHistoryDbao(); + newEntry.setActor(properties.get("actor").toString()); + newEntry.setOperation(properties.get("recipe").toString()); + newEntry.setClName(properties.get("clname").toString()); + newEntry.setOutcome("SUCCESS"); + newEntry.setStarttime(Date.from(Instant.now().minusMillis(20000))); + newEntry.setEndtime(Date.from(Instant.now())); + newEntry.setRequestId(UUID.randomUUID().toString()); + newEntry.setTarget(properties.get("target").toString()); + em.getTransaction().begin(); + em.persist(newEntry); + em.getTransaction().commit(); + } + + @AfterClass + public static void cleanup() throws Exception { + em.close(); + } } diff --git a/applications/guard/src/test/resources/META-INF/createtest.sql b/applications/guard/src/test/resources/META-INF/createtest.sql new file mode 100644 index 00000000..c7389f33 --- /dev/null +++ b/applications/guard/src/test/resources/META-INF/createtest.sql @@ -0,0 +1,16 @@ +# +# Create the operations history table +# +CREATE TABLE `operationshistory` + ( + `id` bigint not null, + `closedLoopName` varchar(255) not null, + `requestId` varchar(50) not null, + `subrequestId` varchar(50) not null, + `actor` varchar(50) not null, + `operation` varchar(50) not null, + `target` varchar(50) not null, + `starttime` timestamp not null, + `outcome` varchar(50) not null, + `message` varchar(255) not null, + `endtime` timestamp not null); diff --git a/applications/guard/src/test/resources/META-INF/persistence.xml b/applications/guard/src/test/resources/META-INF/persistence.xml new file mode 100644 index 00000000..de399c48 --- /dev/null +++ b/applications/guard/src/test/resources/META-INF/persistence.xml @@ -0,0 +1,41 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + ============LICENSE_START======================================================= + ONAP + ================================================================================ + Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + --> + +<persistence xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/persistence persistence_1_0.xsd" version="1.0"> + + <persistence-unit name="OperationsHistoryPUTest" transaction-type="RESOURCE_LOCAL"> + <provider>org.eclipse.persistence.jpa.PersistenceProvider</provider> + <class>org.onap.policy.pdp.xacml.application.common.OnapOperationsHistoryDbao</class> + <properties> + <property name="eclipselink.ddl-generation" value="create-tables" /> + <property name="eclipselink.logging.level" value="FINE" /> + <property name="javax.persistence.jdbc.driver" value="org.h2.Driver" /> + <property name="javax.persistence.jdbc.url" value="jdbc:h2:mem:testdb;DATABASE_TO_UPPER=FALSE" /> + <property name="javax.persistence.jdbc.user" value="policy" /> + <property name="javax.persistence.jdbc.password" value="P01icY" /> + <property name="javax.persistence.schema-generation.database.action" value="drop-and-create"/> + <property name="javax.persistence.schema-generation.create-source" value="script"/> + <property name="javax.persistence.schema-generation.create-script-source" value="META-INF/createtest.sql"/> + </properties> + </persistence-unit> + +</persistence> +
\ No newline at end of file diff --git a/applications/guard/src/test/resources/vDNS.policy.guard.frequency.output.tosca.yaml b/applications/guard/src/test/resources/vDNS.policy.guard.frequency.output.tosca.yaml index a0552d42..fd414e13 100644 --- a/applications/guard/src/test/resources/vDNS.policy.guard.frequency.output.tosca.yaml +++ b/applications/guard/src/test/resources/vDNS.policy.guard.frequency.output.tosca.yaml @@ -7,14 +7,14 @@ topology_template: version: 1.0.0 metadata: policy-id: guard.frequency.scaleout - policy-version: 1 + policy-version: 1 properties: actor: SO recipe: VF Module Create targets: .* clname: ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3 - limit: 1 + limit: 2 timeWindow: 10 timeUnits: minute - guardActiveStart: 00:00:01-05:00 + guardActiveStart: 00:00:00-05:00 guardActiveEnd: 23:59:59-05:00 diff --git a/applications/guard/src/test/resources/vDNS.policy.guard.minmax.output.tosca.yaml b/applications/guard/src/test/resources/vDNS.policy.guard.minmax.output.tosca.yaml index 97282a6f..88d2186e 100644 --- a/applications/guard/src/test/resources/vDNS.policy.guard.minmax.output.tosca.yaml +++ b/applications/guard/src/test/resources/vDNS.policy.guard.minmax.output.tosca.yaml @@ -13,7 +13,7 @@ topology_template: recipe: VF Module Create targets: .* clname: ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3 - min: 1 + min: 2 max: 5 - guardActiveStart: 00:00:01-05:00 + guardActiveStart: 00:00:00-05:00 guardActiveEnd: 23:59:59-05:00 diff --git a/applications/guard/src/test/resources/xacml.properties b/applications/guard/src/test/resources/xacml.properties index 9bd7bfb8..d429a32e 100644 --- a/applications/guard/src/test/resources/xacml.properties +++ b/applications/guard/src/test/resources/xacml.properties @@ -24,6 +24,20 @@ xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapP # xacml.att.policyFinderFactory.combineRootPolicies=urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:permit-unless-deny +xacml.pip.engines=historydb + +# +# PIP Engine Definition +# +historydb.classname=org.onap.policy.pdp.xacml.application.common.OnapOperationsHistoryPipEngine +historydb.issuer=urn:org:onap:xacml:guard:historydb +historydb.name=operationHistoryDB +historydb.description=Returns operation counts based on time window + +# +# Database persistence for PIP +# +historydb.persistenceunit=OperationsHistoryPUTest # Policies to load # |