aboutsummaryrefslogtreecommitdiffstats
path: root/applications/monitoring/src/main
diff options
context:
space:
mode:
authorPamela Dragosh <pdragosh@research.att.com>2019-04-11 11:26:42 +0000
committerGerrit Code Review <gerrit@onap.org>2019-04-11 11:26:42 +0000
commitf29c828ff0a1479393001e487d5f86a1c8d744ee (patch)
tree162743d2691936bea7cd3325a11fa262a56edfbb /applications/monitoring/src/main
parent74ff8601429337ca0b0ad9039188bb09a5d4a640 (diff)
parenta9c7e7322eb09672c8dfba32503653d12e685543 (diff)
Merge "XACML PDP DmaaP Deploy/UnDeploy Function"
Diffstat (limited to 'applications/monitoring/src/main')
-rw-r--r--applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java126
-rw-r--r--applications/monitoring/src/main/resources/save/RootMonitoringPolicy.xml32
2 files changed, 35 insertions, 123 deletions
diff --git a/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java b/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java
index 0c928b8c..0661b869 100644
--- a/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java
+++ b/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java
@@ -22,33 +22,12 @@
package org.onap.policy.xacml.pdp.application.monitoring;
-import com.att.research.xacml.api.Request;
-import com.att.research.xacml.api.Response;
-import com.att.research.xacml.util.XACMLPolicyScanner;
-import com.att.research.xacml.util.XACMLPolicyWriter;
-import com.att.research.xacml.util.XACMLProperties;
-
-import java.io.ByteArrayOutputStream;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.file.Path;
-import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Set;
-
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySetType;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
-import org.onap.policy.models.decisions.concepts.DecisionRequest;
-import org.onap.policy.models.decisions.concepts.DecisionResponse;
import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier;
-import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
-import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
+import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator;
import org.onap.policy.pdp.xacml.application.common.std.StdCombinedPolicyResultsTranslator;
import org.onap.policy.pdp.xacml.application.common.std.StdXacmlApplicationServiceProvider;
import org.slf4j.Logger;
@@ -109,106 +88,7 @@ public class MonitoringPdpApplication extends StdXacmlApplicationServiceProvider
}
@Override
- public synchronized void loadPolicies(Map<String, Object> toscaPolicies) {
- try {
- //
- // Convert the policies first
- //
- List<PolicyType> listPolicies = translator.scanAndConvertPolicies(toscaPolicies);
- if (listPolicies.isEmpty()) {
- throw new ToscaPolicyConversionException("Converted 0 policies");
- }
- //
- // Get our properties because we are going to update
- //
- Properties currentProperties = this.getProperties();
- //
- // Read in our Root Policy
- //
- Set<String> roots = XACMLProperties.getRootPolicyIDs(currentProperties);
- if (roots.isEmpty()) {
- throw new ToscaPolicyConversionException("There are NO root policies defined");
- }
- //
- // Really only should be one
- //
- String rootFile = currentProperties.getProperty(roots.iterator().next() + ".file");
- try (InputStream is = new FileInputStream(rootFile)) {
- //
- // Read the Root Policy into memory
- //
- Object policyData = XACMLPolicyScanner.readPolicy(is);
- //
- // Should be a PolicySet
- //
- if (policyData instanceof PolicySetType) {
- //
- // Add the referenced policies into a new Root Policy
- //
- PolicyType[] newPolicies = listPolicies.toArray(new PolicyType[listPolicies.size()]);
- PolicySetType newRootPolicy = XacmlPolicyUtils.addPoliciesToXacmlRootPolicy(
- (PolicySetType) policyData, newPolicies);
- LOGGER.debug("New ROOT Policy");
- try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
- XACMLPolicyWriter.writePolicyFile(os, newRootPolicy);
- LOGGER.debug("{}", os);
- } catch (IOException e) {
- LOGGER.error("Failed to convert {}", e);
- }
- //
- // Save the new Policies to disk
- //
- for (PolicyType policy : newPolicies) {
- //
- // Construct the filename
- //
- Path refPath = XacmlPolicyUtils.constructUniquePolicyFilename(policy, this.getDataPath());
- //
- // Write the policy to disk
- // Maybe check for an error
- //
- XACMLPolicyWriter.writePolicyFile(refPath, policy);
- //
- // Save it off
- //
- XacmlPolicyUtils.addReferencedPolicy(currentProperties, refPath);
- }
- //
- // Save the root policy to disk
- //
- XACMLPolicyWriter.writePolicyFile(Paths.get(rootFile), newRootPolicy);
- //
- // Write the policies to disk
- //
- XacmlPolicyUtils.storeXacmlProperties(currentProperties,
- XacmlPolicyUtils.getPropertiesPath(this.getDataPath()));
- //
- // Reload the engine
- //
- this.createEngine(currentProperties);
- } else {
- throw new ToscaPolicyConversionException("Root policy isn't a PolicySet");
- }
- }
- } catch (IOException | ToscaPolicyConversionException e) {
- LOGGER.error("Failed to loadPolicies {}", e);
- }
- }
-
- @Override
- public synchronized DecisionResponse makeDecision(DecisionRequest request) {
- //
- // Convert to a XacmlRequest
- //
- Request xacmlRequest = translator.convertRequest(request);
- //
- // Now get a decision
- //
- Response xacmlResponse = this.xacmlDecision(xacmlRequest);
- //
- // Convert to a DecisionResponse
- //
- return translator.convertResponse(xacmlResponse);
+ protected ToscaPolicyTranslator getTranslator() {
+ return translator;
}
-
}
diff --git a/applications/monitoring/src/main/resources/save/RootMonitoringPolicy.xml b/applications/monitoring/src/main/resources/save/RootMonitoringPolicy.xml
new file mode 100644
index 00000000..5578fda9
--- /dev/null
+++ b/applications/monitoring/src/main/resources/save/RootMonitoringPolicy.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<PolicySet xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyCombiningAlgId="urn:com:att:xacml:3.0:policy-combining-algorithm:combined-deny-overrides" PolicySetId="urn:org:onap:monitoring:policy:id" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd">
+ <Description>The root policy for supporting in-memory onap.Monitoring policy-type policies.</Description>
+ <Target>
+ <AnyOf>
+ <AllOf>
+ <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">configure</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ </AllOf>
+ </AnyOf>
+ </Target>
+ <!--
+
+ New Policies created from TOSCA policies can be stored like this.
+
+ <PolicyIdReference>onap.scaleout.tca</PolicyIdReference>
+ <PolicySetIdReference>urn:oasis:names:tc:xacml:2.0:conformance-test:IIE001:policyset1</PolicySetIdReference>
+ -->
+ <Policy PolicyId="default" Version="1.0" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny" >
+ <Description>Default is to allow a permit - returning 0 obligations</Description>
+ <Target/>
+ <Rule RuleId="default" Effect="Permit">
+ <Target/>
+ </Rule>
+ </Policy>
+</PolicySet> \ No newline at end of file