diff options
author | Jim Hahn <jrh3@att.com> | 2020-08-25 15:31:28 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-08-25 15:31:28 +0000 |
commit | b01887963f4b015173d442ce5f53bb8c04e4c758 (patch) | |
tree | a7f4af44ed03b35bf9d4a197fb707b56e1c57a5b /applications | |
parent | 26169c3db78c405f7b58e831c7391fc63ddb935d (diff) | |
parent | f8d2c21bb589303febc11024f3cd667946f44459 (diff) |
Merge "Add new Match application to XACML"
Diffstat (limited to 'applications')
9 files changed, 474 insertions, 2 deletions
diff --git a/applications/match/pom.xml b/applications/match/pom.xml new file mode 100644 index 00000000..29c34ea9 --- /dev/null +++ b/applications/match/pom.xml @@ -0,0 +1,54 @@ +<!-- + ============LICENSE_START======================================================= + ONAP Policy Engine - XACML PDP + ================================================================================ + Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + --> + +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.onap.policy.xacml-pdp.applications</groupId> + <artifactId>applications</artifactId> + <version>2.3.1-SNAPSHOT</version> + </parent> + + <artifactId>match</artifactId> + + <name>${project.artifactId}</name> + <description>This modules contains the Match applications.</description> + + <dependencies> + <dependency> + <groupId>org.powermock</groupId> + <artifactId>powermock-api-mockito2</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.onap.policy.xacml-pdp.applications</groupId> + <artifactId>common</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.onap.policy.xacml-pdp</groupId> + <artifactId>xacml-test</artifactId> + <version>${project.version}</version> + <scope>test</scope> + </dependency> + </dependencies> + +</project> diff --git a/applications/match/src/main/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplication.java b/applications/match/src/main/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplication.java new file mode 100644 index 00000000..5f9cfa1a --- /dev/null +++ b/applications/match/src/main/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplication.java @@ -0,0 +1,85 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.xacml.pdp.application.match; + +import java.nio.file.Path; +import java.util.Arrays; +import java.util.List; +import org.onap.policy.common.endpoints.parameters.RestServerParameters; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; +import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException; +import org.onap.policy.pdp.xacml.application.common.std.StdMatchableTranslator; +import org.onap.policy.pdp.xacml.application.common.std.StdXacmlApplicationServiceProvider; + +public class MatchPdpApplication extends StdXacmlApplicationServiceProvider { + + public static final String ONAP_MATCH_BASE_POLICY_TYPE = "onap.policies.Match"; + public static final String ONAP_MATCH_DERIVED_POLICY_TYPE = "onap.policies.match."; + + private static final ToscaPolicyTypeIdentifier supportedPolicy = new ToscaPolicyTypeIdentifier( + ONAP_MATCH_BASE_POLICY_TYPE, "1.0.0"); + + private StdMatchableTranslator translator = new StdMatchableTranslator(); + + @Override + public String applicationName() { + return "match"; + } + + @Override + public List<String> actionDecisionsSupported() { + return Arrays.asList("match"); + } + + @Override + public void initialize(Path pathForData, RestServerParameters policyApiParameters) + throws XacmlApplicationException { + // + // Store our API parameters and path for translator so it + // can go get Policy Types + // + this.translator.setPathForData(pathForData); + this.translator.setApiRestParameters(policyApiParameters); + // + // Let our super class do its thing + // + super.initialize(pathForData, policyApiParameters); + } + + @Override + public synchronized List<ToscaPolicyTypeIdentifier> supportedPolicyTypes() { + return Arrays.asList(supportedPolicy); + } + + @Override + public boolean canSupportPolicyType(ToscaPolicyTypeIdentifier policyTypeId) { + return policyTypeId.getName().startsWith(ONAP_MATCH_DERIVED_POLICY_TYPE); + } + + @Override + protected ToscaPolicyTranslator getTranslator(String type) { + return translator; + } + +} diff --git a/applications/match/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider b/applications/match/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider new file mode 100644 index 00000000..5b76962e --- /dev/null +++ b/applications/match/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider @@ -0,0 +1 @@ +org.onap.policy.xacml.pdp.application.match.MatchPdpApplication
\ No newline at end of file diff --git a/applications/match/src/test/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplicationTest.java b/applications/match/src/test/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplicationTest.java new file mode 100644 index 00000000..23b3d6ea --- /dev/null +++ b/applications/match/src/test/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplicationTest.java @@ -0,0 +1,255 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.xacml.pdp.application.match; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + +import com.att.research.xacml.api.Response; +import java.io.File; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.util.Map; +import java.util.Map.Entry; +import java.util.Properties; +import java.util.ServiceLoader; +import org.apache.commons.lang3.tuple.Pair; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.FixMethodOrder; +import org.junit.Test; +import org.junit.rules.TemporaryFolder; +import org.junit.runners.MethodSorters; +import org.onap.policy.common.endpoints.parameters.RestServerParameters; +import org.onap.policy.common.utils.coder.CoderException; +import org.onap.policy.common.utils.coder.StandardCoder; +import org.onap.policy.common.utils.resources.ResourceUtils; +import org.onap.policy.common.utils.resources.TextFileUtils; +import org.onap.policy.models.decisions.concepts.DecisionRequest; +import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; +import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException; +import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider; +import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; +import org.onap.policy.pdp.xacml.xacmltest.TestUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +@FixMethodOrder(MethodSorters.NAME_ASCENDING) +public class MatchPdpApplicationTest { + private static final Logger LOGGER = LoggerFactory.getLogger(MatchPdpApplicationTest.class); + private static Properties properties = new Properties(); + private static File propertiesFile; + private static XacmlApplicationServiceProvider service; + private static StandardCoder gson = new StandardCoder(); + private static DecisionRequest baseRequest; + private static RestServerParameters clientParams; + + @ClassRule + public static final TemporaryFolder policyFolder = new TemporaryFolder(); + + /** + * Copies the xacml.properties and policies files into + * temporary folder and loads the service provider saving + * instance of provider off for other tests to use. + */ + @BeforeClass + public static void setUp() throws Exception { + clientParams = mock(RestServerParameters.class); + when(clientParams.getHost()).thenReturn("localhost"); + when(clientParams.getPort()).thenReturn(6969); + // + // Load Single Decision Request + // + baseRequest = gson.decode( + TextFileUtils + .getTextFileAsString( + "src/test/resources/decision.match.input.json"), + DecisionRequest.class); + // + // Setup our temporary folder + // + XacmlPolicyUtils.FileCreator myCreator = (String filename) -> policyFolder.newFile(filename); + propertiesFile = XacmlPolicyUtils.copyXacmlPropertiesContents("src/test/resources/xacml.properties", + properties, myCreator); + // + // Copy the test policy types into data area + // + String policy = "onap.policies.match.Test"; + String policyType = ResourceUtils.getResourceAsString("src/test/resources/" + policy + ".yaml"); + LOGGER.info("Copying {}", policyType); + Files.write(Paths.get(policyFolder.getRoot().getAbsolutePath(), policy + "-1.0.0.yaml"), + policyType.getBytes()); + // + // Load service + // + ServiceLoader<XacmlApplicationServiceProvider> applicationLoader = + ServiceLoader.load(XacmlApplicationServiceProvider.class); + // + // Iterate through Xacml application services and find + // the optimization service. Save it for use throughout + // all the Junit tests. + // + StringBuilder strDump = new StringBuilder("Loaded applications:" + XacmlPolicyUtils.LINE_SEPARATOR); + for (XacmlApplicationServiceProvider application : applicationLoader) { + // + // Is it our service? + // + if (application instanceof MatchPdpApplication) { + // + // Should be the first and only one + // + assertThat(service).isNull(); + service = application; + } + strDump.append(application.applicationName()); + strDump.append(" supports "); + strDump.append(application.supportedPolicyTypes()); + strDump.append(XacmlPolicyUtils.LINE_SEPARATOR); + } + LOGGER.debug("{}", strDump); + assertThat(service).isNotNull(); + // + // Tell it to initialize based on the properties file + // we just built for it. + // + service.initialize(propertiesFile.toPath().getParent(), clientParams); + } + + @Test + public void test01Basics() { + // + // Make sure there's an application name + // + assertThat(service.applicationName()).isNotEmpty(); + // + // Decisions + // + assertThat(service.actionDecisionsSupported().size()).isEqualTo(1); + assertThat(service.actionDecisionsSupported()).contains("match"); + // + // Ensure it has the supported policy types and + // can support the correct policy types. + // + assertThat(service.canSupportPolicyType(new ToscaPolicyTypeIdentifier( + "onap.policies.match.Test", "1.0.0"))).isTrue(); + assertThat(service.canSupportPolicyType(new ToscaPolicyTypeIdentifier( + "onap.foobar", "1.0.0"))).isFalse(); + } + + @Test + public void test02NoPolicies() throws CoderException { + // + // Ask for a decision when there are no policies loaded + // + LOGGER.info("Request {}", gson.encode(baseRequest)); + Pair<DecisionResponse, Response> decision = service.makeDecision(baseRequest, null); + LOGGER.info("Decision {}", decision.getKey()); + + assertThat(decision.getKey()).isNotNull(); + assertThat(decision.getKey().getPolicies()).isEmpty(); + } + + @Test + public void test03Match() throws CoderException, FileNotFoundException, IOException, + XacmlApplicationException { + // + // Now load all the test match policies + // + TestUtils.loadPolicies("src/test/resources/test-match-policies.yaml", service); + // + // Ask for a decision + // + DecisionResponse response = makeDecision(); + // + // There is no default policy + // + assertThat(response).isNotNull(); + assertThat(response.getPolicies()).isEmpty(); + // + // Ask for foo + // + baseRequest.getResource().put("matchable", "foo"); + // + // Get the decision + // + response = makeDecision(); + assertThat(response).isNotNull(); + assertThat(response.getPolicies()).hasSize(1); + // + // Validate it + // + validateDecision(response, baseRequest, "value1"); + // + // Ask for bar + // + baseRequest.getResource().put("matchable", "bar"); + // + // Get the decision + // + response = makeDecision(); + assertThat(response).isNotNull(); + assertThat(response.getPolicies()).hasSize(1); + // + // Validate it + // + validateDecision(response, baseRequest, "value2"); + // + // Ask for hello (should return nothing) + // + baseRequest.getResource().put("matchable", "hello"); + // + // Get the decision + // + response = makeDecision(); + assertThat(response).isNotNull(); + assertThat(response.getPolicies()).isEmpty(); + } + + private DecisionResponse makeDecision() { + Pair<DecisionResponse, Response> decision = service.makeDecision(baseRequest, null); + LOGGER.info("Request Resources {}", baseRequest.getResource()); + LOGGER.info("Decision {}", decision.getKey()); + for (Entry<String, Object> entrySet : decision.getKey().getPolicies().entrySet()) { + LOGGER.info("Policy {}", entrySet.getKey()); + } + return decision.getKey(); + } + + @SuppressWarnings("unchecked") + private void validateDecision(DecisionResponse decision, DecisionRequest request, String value) { + for (Entry<String, Object> entrySet : decision.getPolicies().entrySet()) { + LOGGER.info("Decision Returned Policy {}", entrySet.getKey()); + assertThat(entrySet.getValue()).isInstanceOf(Map.class); + Map<String, Object> policyContents = (Map<String, Object>) entrySet.getValue(); + assertThat(policyContents).containsKey("properties"); + assertThat(policyContents.get("properties")).isInstanceOf(Map.class); + Map<String, Object> policyProperties = (Map<String, Object>) policyContents.get("properties"); + + assertThat(policyProperties.get("nonmatchable").toString()).hasToString(value); + } + } +} diff --git a/applications/match/src/test/resources/decision.match.input.json b/applications/match/src/test/resources/decision.match.input.json new file mode 100644 index 00000000..403d0155 --- /dev/null +++ b/applications/match/src/test/resources/decision.match.input.json @@ -0,0 +1,10 @@ +{ + "ONAPName": "my-ONAP", + "ONAPComponent": "my-component", + "ONAPInstance": "my-instance", + "requestId": "unique-request-1", + "action": "match", + "resource": { + "matchable": "" + } +}
\ No newline at end of file diff --git a/applications/match/src/test/resources/onap.policies.match.Test.yaml b/applications/match/src/test/resources/onap.policies.match.Test.yaml new file mode 100644 index 00000000..a131b844 --- /dev/null +++ b/applications/match/src/test/resources/onap.policies.match.Test.yaml @@ -0,0 +1,16 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +policy_types: + onap.policies.match.Test: + derived_from: onap.policies.Match + version: 1.0.0 + name: onap.policies.match.Test + description: Test Matching Policy Type to test matchable policies + properties: + matchable: + type: string + metadata: + matchable: true + required: true + nonmatchable: + type: string + required: true diff --git a/applications/match/src/test/resources/test-match-policies.yaml b/applications/match/src/test/resources/test-match-policies.yaml new file mode 100644 index 00000000..d0e214ca --- /dev/null +++ b/applications/match/src/test/resources/test-match-policies.yaml @@ -0,0 +1,19 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - test_match_1: + type: onap.policies.match.Test + version: 1.0.0 + type_version: 1.0.0 + name: test_match_1 + properties: + matchable: foo + nonmatchable: value1 + - test_match_2: + type: onap.policies.match.Test + version: 1.0.0 + type_version: 1.0.0 + name: test_match_2 + properties: + matchable: bar + nonmatchable: value2
\ No newline at end of file diff --git a/applications/match/src/test/resources/xacml.properties b/applications/match/src/test/resources/xacml.properties new file mode 100644 index 00000000..5ea247cf --- /dev/null +++ b/applications/match/src/test/resources/xacml.properties @@ -0,0 +1,31 @@ +# +# Properties that the embedded PDP engine uses to configure and load +# +# Standard API Factories +# +xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory +xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory +xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory +xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory +xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory +# +# AT&T PDP Implementation Factories +# +xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory +xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory +xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory +# +# ONAP PDP Implementation Factories +# +xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory + +# +# Use a root combining algorithm +# +xacml.att.policyFinderFactory.combineRootPolicies=urn:com:att:xacml:3.0:policy-combining-algorithm:combined-permit-overrides + +# +# Policies to load +# +xacml.rootPolicies= +xacml.referencedPolicies=
\ No newline at end of file diff --git a/applications/pom.xml b/applications/pom.xml index 3175ee85..4d5827bd 100644 --- a/applications/pom.xml +++ b/applications/pom.xml @@ -37,11 +37,12 @@ <modules> <module>common</module> - <module>monitoring</module> <module>guard</module> - <module>optimization</module> + <module>match</module> + <module>monitoring</module> <module>naming</module> <module>native</module> + <module>optimization</module> </modules> |