aboutsummaryrefslogtreecommitdiffstats
path: root/applications/guard
diff options
context:
space:
mode:
authorPamela Dragosh <pdragosh@research.att.com>2019-03-19 16:08:58 -0400
committerPamela Dragosh <pdragosh@research.att.com>2019-03-20 09:42:11 -0400
commit6e55b1d7c3e53fb49c5e94406ff5db4cb9990c87 (patch)
tree6f88e9e6e15b1a695426ec07b0d3dbb0a4cf0ce2 /applications/guard
parent041240baab6082916e5da69ed190051b7aa60f12 (diff)
Use Policy Translator abstract class
Instead of applications implementing the converter, use a protected abstract class that implements common code. Newer applications could re-use existing application, and shared code can be put into the base translator class. Fixed sonar issue and changed guard xml. Removed Converter and made translator into an implementation class that is an object in the Application Provider. Issue-ID: POLICY-1273 Change-Id: I9b48cbcdaf80d6d2ef19ef53e4b7cd4830e7e7b2 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'applications/guard')
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java162
-rw-r--r--applications/guard/src/main/resources/RootGuardPolicy.xml9
2 files changed, 11 insertions, 160 deletions
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
index 2717c279..18385239 100644
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
@@ -24,34 +24,22 @@ package org.onap.policy.xacml.pdp.application.guard;
import com.att.research.xacml.api.Request;
import com.att.research.xacml.api.Response;
-import com.att.research.xacml.api.pdp.PDPEngine;
-import com.att.research.xacml.api.pdp.PDPException;
-import com.att.research.xacml.util.XACMLPolicyWriter;
import com.google.common.collect.Lists;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.file.Path;
-import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.Map.Entry;
-import java.util.Properties;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
import org.onap.policy.models.decisions.concepts.DecisionRequest;
import org.onap.policy.models.decisions.concepts.DecisionResponse;
import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
-import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConverter;
-import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
-import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
+import org.onap.policy.pdp.xacml.application.common.std.StdMetadataTranslator;
+import org.onap.policy.pdp.xacml.application.common.std.StdXacmlApplicationServiceProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.yaml.snakeyaml.Yaml;
/**
* This class implements the onap.policies.controlloop.Guard policy implementations.
@@ -59,14 +47,12 @@ import org.yaml.snakeyaml.Yaml;
* @author pameladragosh
*
*/
-public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicationServiceProvider {
+public class GuardPdpApplication extends StdXacmlApplicationServiceProvider {
private static final Logger LOGGER = LoggerFactory.getLogger(GuardPdpApplication.class);
private static final String STRING_VERSION100 = "1.0.0";
private Map<String, String> supportedPolicyTypes = new HashMap<>();
- private Path pathForData;
- private Properties pdpProperties = null;
- private PDPEngine pdpEngine = null;
+ private StdMetadataTranslator translator = new StdMetadataTranslator();
/** Constructor.
*
@@ -87,31 +73,6 @@ public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicati
}
@Override
- public void initialize(Path pathForData) {
- //
- // Save our path
- //
- this.pathForData = pathForData;
- LOGGER.debug("New Path is {}", this.pathForData.toAbsolutePath());
- //
- // Look for and load the properties object
- //
- try {
- pdpProperties = XacmlPolicyUtils.loadXacmlProperties(XacmlPolicyUtils.getPropertiesPath(pathForData));
- LOGGER.debug("{}", pdpProperties);
- } catch (IOException e) {
- LOGGER.error("{}", e);
- }
- //
- // Create an engine
- //
- PDPEngine newEngine = XacmlPolicyUtils.createEngine(pdpProperties);
- if (newEngine != null) {
- pdpEngine = newEngine;
- }
- }
-
- @Override
public List<String> supportedPolicyTypes() {
return Lists.newArrayList(supportedPolicyTypes.keySet());
}
@@ -137,10 +98,13 @@ public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicati
//
// Convert the policies first
//
- List<PolicyType> listPolicies = this.convertPolicies(toscaPolicies);
+ List<PolicyType> listPolicies = translator.scanAndConvertPolicies(toscaPolicies);
if (listPolicies.isEmpty()) {
throw new ToscaPolicyConversionException("Converted 0 policies");
}
+ //
+ // TODO update properties, save to disk, etc.
+ //
} catch (ToscaPolicyConversionException e) {
LOGGER.error("Failed to loadPolicies {}", e);
}
@@ -151,7 +115,7 @@ public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicati
//
// Convert to a XacmlRequest
//
- Request xacmlRequest = this.convertRequest(request);
+ Request xacmlRequest = translator.convertRequest(request);
//
// Now get a decision
//
@@ -159,113 +123,7 @@ public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicati
//
// Convert to a DecisionResponse
//
- return this.convertResponse(xacmlResponse);
- }
-
- @Override
- public List<PolicyType> convertPolicies(InputStream isToscaPolicy) throws ToscaPolicyConversionException {
- //
- // Have snakeyaml parse the object
- //
- Yaml yaml = new Yaml();
- Map<String, Object> toscaObject = yaml.load(isToscaPolicy);
- //
- // Return the policies
- //
- return scanAndConvertPolicies(toscaObject);
- }
-
- @Override
- public List<PolicyType> convertPolicies(Map<String, Object> toscaObject) throws ToscaPolicyConversionException {
- //
- // Return the policies
- //
- return scanAndConvertPolicies(toscaObject);
- }
-
- @Override
- public Request convertRequest(DecisionRequest request) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public DecisionResponse convertResponse(Response response) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @SuppressWarnings("unchecked")
- private List<PolicyType> scanAndConvertPolicies(Map<String, Object> toscaObject)
- throws ToscaPolicyConversionException {
- //
- // Our return object
- //
- List<PolicyType> scannedPolicies = new ArrayList<>();
- //
- // Iterate each of the Policies
- //
- List<Object> policies = (List<Object>) toscaObject.get("policies");
- for (Object policyObject : policies) {
- //
- // Get the contents
- //
- LOGGER.debug("Found policy {}", policyObject.getClass());
- Map<String, Object> policyContents = (Map<String, Object>) policyObject;
- for (Entry<String, Object> entrySet : policyContents.entrySet()) {
- LOGGER.debug("Entry set {}", entrySet);
- //
- // Convert this policy
- //
- PolicyType policy = this.convertPolicy(entrySet);
- try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
- XACMLPolicyWriter.writePolicyFile(os, policy);
- LOGGER.debug("{}", os);
- } catch (IOException e) {
- LOGGER.error("Failed to convert {}", e);
- }
- //
- // Convert and add in the new policy
- //
- scannedPolicies.add(policy);
- }
- }
-
- return scannedPolicies;
- }
-
- private PolicyType convertPolicy(Entry<String, Object> entrySet) throws ToscaPolicyConversionException {
-
- return null;
- }
-
- /**
- * Make a decision call.
- *
- * @param request Incoming request object
- * @return Response object
- */
- private synchronized Response xacmlDecision(Request request) {
- //
- // This is what we need to return
- //
- Response response = null;
- //
- // Track some timing
- //
- long timeStart = System.currentTimeMillis();
- try {
- response = this.pdpEngine.decide(request);
- } catch (PDPException e) {
- LOGGER.error("Xacml PDP Engine failed {}", e);
- } finally {
- //
- // Track the end of timing
- //
- long timeEnd = System.currentTimeMillis();
- LOGGER.info("Elapsed Time: {}ms", (timeEnd - timeStart));
- }
- return response;
+ return translator.convertResponse(xacmlResponse);
}
}
diff --git a/applications/guard/src/main/resources/RootGuardPolicy.xml b/applications/guard/src/main/resources/RootGuardPolicy.xml
index f9f47265..cc63792f 100644
--- a/applications/guard/src/main/resources/RootGuardPolicy.xml
+++ b/applications/guard/src/main/resources/RootGuardPolicy.xml
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<PolicySet xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides" PolicySetId="urn:org:onap:guard:policy:id" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd">
+<PolicySet xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny" PolicySetId="urn:org:onap:guard:policy:id" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd">
<Description>The root policy for supporting onap.Guard policies.</Description>
<Target>
<AnyOf>
@@ -18,11 +18,4 @@
<PolicyIdReference>onap.scaleout.tca</PolicyIdReference>
<PolicySetIdReference>urn:oasis:names:tc:xacml:2.0:conformance-test:IIE001:policyset1</PolicySetIdReference>
-->
- <Policy PolicyId="default" Version="1.0" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny" >
- <Description>Default is to allow a permit - returning 0 obligations</Description>
- <Target/>
- <Rule RuleId="default" Effect="Permit">
- <Target/>
- </Rule>
- </Policy>
</PolicySet> \ No newline at end of file