diff options
author | Pamela Dragosh <pdragosh@research.att.com> | 2019-04-11 11:26:42 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2019-04-11 11:26:42 +0000 |
commit | f29c828ff0a1479393001e487d5f86a1c8d744ee (patch) | |
tree | 162743d2691936bea7cd3325a11fa262a56edfbb /applications/monitoring/src | |
parent | 74ff8601429337ca0b0ad9039188bb09a5d4a640 (diff) | |
parent | a9c7e7322eb09672c8dfba32503653d12e685543 (diff) |
Merge "XACML PDP DmaaP Deploy/UnDeploy Function"
Diffstat (limited to 'applications/monitoring/src')
5 files changed, 63 insertions, 181 deletions
diff --git a/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java b/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java index 0c928b8c..0661b869 100644 --- a/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java +++ b/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java @@ -22,33 +22,12 @@ package org.onap.policy.xacml.pdp.application.monitoring; -import com.att.research.xacml.api.Request; -import com.att.research.xacml.api.Response; -import com.att.research.xacml.util.XACMLPolicyScanner; -import com.att.research.xacml.util.XACMLPolicyWriter; -import com.att.research.xacml.util.XACMLProperties; - -import java.io.ByteArrayOutputStream; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.nio.file.Path; -import java.nio.file.Paths; import java.util.ArrayList; import java.util.Arrays; import java.util.List; -import java.util.Map; -import java.util.Properties; -import java.util.Set; - -import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySetType; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; -import org.onap.policy.models.decisions.concepts.DecisionRequest; -import org.onap.policy.models.decisions.concepts.DecisionResponse; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; -import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; -import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; import org.onap.policy.pdp.xacml.application.common.std.StdCombinedPolicyResultsTranslator; import org.onap.policy.pdp.xacml.application.common.std.StdXacmlApplicationServiceProvider; import org.slf4j.Logger; @@ -109,106 +88,7 @@ public class MonitoringPdpApplication extends StdXacmlApplicationServiceProvider } @Override - public synchronized void loadPolicies(Map<String, Object> toscaPolicies) { - try { - // - // Convert the policies first - // - List<PolicyType> listPolicies = translator.scanAndConvertPolicies(toscaPolicies); - if (listPolicies.isEmpty()) { - throw new ToscaPolicyConversionException("Converted 0 policies"); - } - // - // Get our properties because we are going to update - // - Properties currentProperties = this.getProperties(); - // - // Read in our Root Policy - // - Set<String> roots = XACMLProperties.getRootPolicyIDs(currentProperties); - if (roots.isEmpty()) { - throw new ToscaPolicyConversionException("There are NO root policies defined"); - } - // - // Really only should be one - // - String rootFile = currentProperties.getProperty(roots.iterator().next() + ".file"); - try (InputStream is = new FileInputStream(rootFile)) { - // - // Read the Root Policy into memory - // - Object policyData = XACMLPolicyScanner.readPolicy(is); - // - // Should be a PolicySet - // - if (policyData instanceof PolicySetType) { - // - // Add the referenced policies into a new Root Policy - // - PolicyType[] newPolicies = listPolicies.toArray(new PolicyType[listPolicies.size()]); - PolicySetType newRootPolicy = XacmlPolicyUtils.addPoliciesToXacmlRootPolicy( - (PolicySetType) policyData, newPolicies); - LOGGER.debug("New ROOT Policy"); - try (ByteArrayOutputStream os = new ByteArrayOutputStream()) { - XACMLPolicyWriter.writePolicyFile(os, newRootPolicy); - LOGGER.debug("{}", os); - } catch (IOException e) { - LOGGER.error("Failed to convert {}", e); - } - // - // Save the new Policies to disk - // - for (PolicyType policy : newPolicies) { - // - // Construct the filename - // - Path refPath = XacmlPolicyUtils.constructUniquePolicyFilename(policy, this.getDataPath()); - // - // Write the policy to disk - // Maybe check for an error - // - XACMLPolicyWriter.writePolicyFile(refPath, policy); - // - // Save it off - // - XacmlPolicyUtils.addReferencedPolicy(currentProperties, refPath); - } - // - // Save the root policy to disk - // - XACMLPolicyWriter.writePolicyFile(Paths.get(rootFile), newRootPolicy); - // - // Write the policies to disk - // - XacmlPolicyUtils.storeXacmlProperties(currentProperties, - XacmlPolicyUtils.getPropertiesPath(this.getDataPath())); - // - // Reload the engine - // - this.createEngine(currentProperties); - } else { - throw new ToscaPolicyConversionException("Root policy isn't a PolicySet"); - } - } - } catch (IOException | ToscaPolicyConversionException e) { - LOGGER.error("Failed to loadPolicies {}", e); - } - } - - @Override - public synchronized DecisionResponse makeDecision(DecisionRequest request) { - // - // Convert to a XacmlRequest - // - Request xacmlRequest = translator.convertRequest(request); - // - // Now get a decision - // - Response xacmlResponse = this.xacmlDecision(xacmlRequest); - // - // Convert to a DecisionResponse - // - return translator.convertResponse(xacmlResponse); + protected ToscaPolicyTranslator getTranslator() { + return translator; } - } diff --git a/applications/monitoring/src/main/resources/save/RootMonitoringPolicy.xml b/applications/monitoring/src/main/resources/save/RootMonitoringPolicy.xml new file mode 100644 index 00000000..5578fda9 --- /dev/null +++ b/applications/monitoring/src/main/resources/save/RootMonitoringPolicy.xml @@ -0,0 +1,32 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<PolicySet xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyCombiningAlgId="urn:com:att:xacml:3.0:policy-combining-algorithm:combined-deny-overrides" PolicySetId="urn:org:onap:monitoring:policy:id" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd"> + <Description>The root policy for supporting in-memory onap.Monitoring policy-type policies.</Description> + <Target> + <AnyOf> + <AllOf> + <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case"> + <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">configure</AttributeValue> + <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/> + </Match> + </AllOf> + </AnyOf> + </Target> + <!-- + + New Policies created from TOSCA policies can be stored like this. + + <PolicyIdReference>onap.scaleout.tca</PolicyIdReference> + <PolicySetIdReference>urn:oasis:names:tc:xacml:2.0:conformance-test:IIE001:policyset1</PolicySetIdReference> + --> + <Policy PolicyId="default" Version="1.0" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny" > + <Description>Default is to allow a permit - returning 0 obligations</Description> + <Target/> + <Rule RuleId="default" Effect="Permit"> + <Target/> + </Rule> + </Policy> +</PolicySet>
\ No newline at end of file diff --git a/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java b/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java index 8099ffdd..cc11dcf6 100644 --- a/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java +++ b/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java @@ -25,13 +25,8 @@ package org.onap.policy.xacml.pdp.application.monitoring; import static org.assertj.core.api.Assertions.assertThat; import java.io.File; -import java.io.FileInputStream; import java.io.IOException; -import java.io.InputStream; import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; import java.util.Properties; import java.util.ServiceLoader; @@ -47,12 +42,12 @@ import org.onap.policy.common.utils.resources.TextFileUtils; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; +import org.onap.policy.pdp.xacml.application.common.TestUtils; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider; import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.yaml.snakeyaml.Yaml; @FixMethodOrder(MethodSorters.NAME_ASCENDING) public class MonitoringPdpApplicationTest { @@ -156,7 +151,6 @@ public class MonitoringPdpApplicationTest { assertThat(response.getPolicies().size()).isEqualTo(0); } - @SuppressWarnings("unchecked") @Test public void test3AddvDnsPolicy() throws IOException, CoderException, XacmlApplicationException { // @@ -164,52 +158,22 @@ public class MonitoringPdpApplicationTest { // the pdp can support it and have it load // into the PDP. // - try (InputStream is = new FileInputStream("src/test/resources/vDNS.policy.input.yaml")) { - // - // Have yaml parse it - // - Yaml yaml = new Yaml(); - Map<String, Object> toscaObject = yaml.load(is); - List<Object> policies = (List<Object>) toscaObject.get("policies"); - // - // Sanity check to ensure the policy type and version are supported - // - for (Object policyObject : policies) { - // - // Get the contents - // - Map<String, Object> policyContents = (Map<String, Object>) policyObject; - for (Entry<String, Object> entrySet : policyContents.entrySet()) { - LOGGER.info("Entry set {}", entrySet.getKey()); - Map<String, Object> policyDefinition = (Map<String, Object>) entrySet.getValue(); - // - // Find the type and make sure the engine supports it - // - assertThat(policyDefinition.containsKey("type")).isTrue(); - assertThat(service.canSupportPolicyType( - new ToscaPolicyTypeIdentifier( - policyDefinition.get("type").toString(), - policyDefinition.get("version").toString()))) - .isTrue(); - } - } - // - // Load the policies - // - service.loadPolicies(toscaObject); - // - // Ask for a decision - // - DecisionResponse response = service.makeDecision(requestSinglePolicy); - LOGGER.info("Decision {}", response); + // + // Now load the optimization policies + // + TestUtils.loadPolicies("src/test/resources/vDNS.policy.input.yaml", service); + // + // Ask for a decision + // + DecisionResponse response = service.makeDecision(requestSinglePolicy); + LOGGER.info("Decision {}", response); - assertThat(response).isNotNull(); - assertThat(response.getPolicies().size()).isEqualTo(1); - // - // Dump it out as Json - // - LOGGER.info(gson.encode(response)); - } + assertThat(response).isNotNull(); + assertThat(response.getPolicies().size()).isEqualTo(1); + // + // Dump it out as Json + // + LOGGER.info(gson.encode(response)); } @Test diff --git a/applications/monitoring/src/test/resources/vDNS.policy.input.yaml b/applications/monitoring/src/test/resources/vDNS.policy.input.yaml index 763af75f..7d8120e5 100644 --- a/applications/monitoring/src/test/resources/vDNS.policy.input.yaml +++ b/applications/monitoring/src/test/resources/vDNS.policy.input.yaml @@ -1,7 +1,8 @@ tosca_definitions_version: tosca_simple_yaml_1_0_0 -policies: - - - onap.scaleout.tca: +topology_template: + policies: + - + onap.scaleout.tca: type: onap.policies.monitoring.cdap.tca.hi.lo.app version: 1.0.0 metadata: diff --git a/applications/monitoring/src/test/resources/xacml.properties b/applications/monitoring/src/test/resources/xacml.properties index 36eac3cd..5ea247cf 100644 --- a/applications/monitoring/src/test/resources/xacml.properties +++ b/applications/monitoring/src/test/resources/xacml.properties @@ -19,8 +19,13 @@ xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctio # xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory -# Policies to load # -xacml.rootPolicies=monitoring -monitoring.file=../../packages/policy-xacmlpdp-tarball/src/main/resources/apps/monitoring/RootMonitoringPolicy.xml +# Use a root combining algorithm +# +xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-permit-overrides +# +# Policies to load +# +xacml.rootPolicies= +xacml.referencedPolicies=
\ No newline at end of file |