summaryrefslogtreecommitdiffstats
path: root/applications/guard
diff options
context:
space:
mode:
authorPamela Dragosh <pdragosh@research.att.com>2020-04-14 13:20:05 -0400
committerPamela Dragosh <pdragosh@research.att.com>2020-04-14 13:20:10 -0400
commitde080f40b2e8821c13bb8a54339269248d2d5d17 (patch)
tree75e08dd5a5c39fdb5d549d74bb73210700df826d /applications/guard
parent0cd930cf733d33662ada0da13d226b82bcc13684 (diff)
Fix blacklist translator and vs or
The blacklist entries should be treated as an or (AnyOf) vs an and (AllOf). Issue-ID: POLICY-2490 Change-Id: Id4eb823e18c59d84d4ca28b13f6a09794d36365f Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'applications/guard')
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java26
-rw-r--r--applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java16
2 files changed, 30 insertions, 12 deletions
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
index 1e4333ea..854f3260 100644
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
@@ -480,9 +480,25 @@ public class GuardTranslator implements ToscaPolicyTranslator {
if (! toscaPolicy.getProperties().containsKey(FIELD_BLACKLIST)) {
throw new ToscaPolicyConversionException("Missing blacklist field");
}
- final AllOfType allOf = new AllOfType();
- this.addMatch(allOf, toscaPolicy.getProperties().get(FIELD_BLACKLIST),
- ToscaDictionary.ID_RESOURCE_GUARD_TARGETID);
+ //
+ // Get the blacklist, which should be an array or collection.
+ //
+ Object arrayBlacklisted = toscaPolicy.getProperties().get(FIELD_BLACKLIST);
+ if (!(arrayBlacklisted instanceof Collection)) {
+ throw new ToscaPolicyConversionException("Blacklist is not a collection");
+ }
+ //
+ // Iterate the entries and create individual AnyOf so each entry is
+ // treated as an OR.
+ //
+ TargetType target = new TargetType();
+ for (Object blacklisted : ((Collection<?>) arrayBlacklisted)) {
+ AllOfType allOf = new AllOfType();
+ this.addMatch(allOf, blacklisted, ToscaDictionary.ID_RESOURCE_GUARD_TARGETID);
+ AnyOfType anyOf = new AnyOfType();
+ anyOf.getAllOf().add(allOf);
+ target.getAnyOf().add(anyOf);
+ }
//
// Create our rule and add the target
//
@@ -490,10 +506,6 @@ public class GuardTranslator implements ToscaPolicyTranslator {
blacklistRule.setEffect(EffectType.DENY);
blacklistRule.setDescription("blacklist the entities");
blacklistRule.setRuleId(policyName + ":blacklist");
- TargetType target = new TargetType();
- AnyOfType anyOf = new AnyOfType();
- anyOf.getAllOf().add(allOf);
- target.getAnyOf().add(anyOf);
blacklistRule.setTarget(target);
//
// Add the rule to the policy
diff --git a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java
index c785a50c..a48e3c93 100644
--- a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java
+++ b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java
@@ -300,16 +300,22 @@ public class GuardTranslatorTest {
if (! (rule instanceof RuleType)) {
continue;
}
+ assertThat(((RuleType) rule).getTarget()).isNotNull();
+ assertThat(((RuleType) rule).getTarget().getAnyOf()).hasSize(2);
for (AnyOfType anyOf : ((RuleType)rule).getTarget().getAnyOf()) {
assertThat(anyOf.getAllOf()).isNotEmpty();
for (AllOfType allOf : anyOf.getAllOf()) {
assertThat(allOf.getMatch()).isNotEmpty();
+ assertThat(allOf.getMatch()).hasSize(1);
for (MatchType match : allOf.getMatch()) {
- if (ToscaDictionary.ID_RESOURCE_GUARD_TARGETID.toString().equals(
- match.getAttributeDesignator().getAttributeId())) {
- assertThat(policy.getProperties()).containsKey(GuardTranslator.FIELD_BLACKLIST);
- foundBlacklist = true;
- }
+ assertThat(match.getAttributeDesignator().getAttributeId())
+ .isEqualTo(ToscaDictionary.ID_RESOURCE_GUARD_TARGETID.toString());
+ assertThat(match.getAttributeValue().getContent()).containsAnyOf("vnf1", "vnf2");
+ //
+ // This just checks that policy did have a blacklist in it.
+ //
+ assertThat(policy.getProperties()).containsKey(GuardTranslator.FIELD_BLACKLIST);
+ foundBlacklist = true;
}
}
}