summaryrefslogtreecommitdiffstats
path: root/applications/common/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'applications/common/src/main')
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapOperationsHistoryPipEngine.java353
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java54
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/CountRecentOperationsPip.java221
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/Dbao.java (renamed from applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapOperationsHistoryDbao.java)10
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/GetOperationOutcomePip.java160
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdOnapPip.java183
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java9
7 files changed, 603 insertions, 387 deletions
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapOperationsHistoryPipEngine.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapOperationsHistoryPipEngine.java
deleted file mode 100644
index 3d316b9a..00000000
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapOperationsHistoryPipEngine.java
+++ /dev/null
@@ -1,353 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * SPDX-License-Identifier: Apache-2.0
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.pdp.xacml.application.common;
-
-import com.att.research.xacml.api.Attribute;
-import com.att.research.xacml.api.AttributeValue;
-import com.att.research.xacml.api.Identifier;
-import com.att.research.xacml.api.XACML3;
-import com.att.research.xacml.api.pip.PIPException;
-import com.att.research.xacml.api.pip.PIPFinder;
-import com.att.research.xacml.api.pip.PIPRequest;
-import com.att.research.xacml.api.pip.PIPResponse;
-import com.att.research.xacml.std.StdMutableAttribute;
-import com.att.research.xacml.std.datatypes.DataTypes;
-import com.att.research.xacml.std.pip.StdMutablePIPResponse;
-import com.att.research.xacml.std.pip.StdPIPRequest;
-import com.att.research.xacml.std.pip.StdPIPResponse;
-import com.att.research.xacml.std.pip.engines.StdConfigurableEngine;
-import com.google.common.base.Strings;
-
-import java.math.BigInteger;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.Properties;
-
-import javax.persistence.EntityManager;
-import javax.persistence.Persistence;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class OnapOperationsHistoryPipEngine extends StdConfigurableEngine {
- private static Logger logger = LoggerFactory.getLogger(OnapOperationsHistoryPipEngine.class);
-
- private static final PIPRequest PIP_REQUEST_ACTOR = new StdPIPRequest(
- XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
- ToscaDictionary.ID_RESOURCE_GUARD_ACTOR,
- XACML3.ID_DATATYPE_STRING);
-
- private static final PIPRequest PIP_REQUEST_RECIPE = new StdPIPRequest(
- XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
- ToscaDictionary.ID_RESOURCE_GUARD_RECIPE,
- XACML3.ID_DATATYPE_STRING);
-
- private static final PIPRequest PIP_REQUEST_TARGET = new StdPIPRequest(
- XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
- ToscaDictionary.ID_RESOURCE_GUARD_TARGETID,
- XACML3.ID_DATATYPE_STRING);
-
- private Properties properties;
-
- public OnapOperationsHistoryPipEngine() {
- super();
- }
-
- @Override
- public Collection<PIPRequest> attributesRequired() {
- return Arrays.asList(PIP_REQUEST_ACTOR, PIP_REQUEST_RECIPE, PIP_REQUEST_TARGET);
- }
-
- @Override
- public Collection<PIPRequest> attributesProvided() {
- return Collections.emptyList();
- }
-
- @Override
- public PIPResponse getAttributes(PIPRequest pipRequest, PIPFinder pipFinder) throws PIPException {
- logger.debug("getAttributes requesting attribute {} of type {} for issuer {}",
- pipRequest.getAttributeId(), pipRequest.getDataTypeId(), pipRequest.getIssuer());
- //
- // Determine if the issuer is correct
- //
- if (Strings.isNullOrEmpty(pipRequest.getIssuer())) {
- logger.debug("issuer is null - returning empty response");
- //
- // We only respond to ourself as the issuer
- //
- return StdPIPResponse.PIP_RESPONSE_EMPTY;
- }
- if (! pipRequest.getIssuer().startsWith(ToscaDictionary.GUARD_ISSUER)) {
- logger.debug("Issuer does not start with guard");
- //
- // We only respond to ourself as the issuer
- //
- return StdPIPResponse.PIP_RESPONSE_EMPTY;
- }
- //
- // Parse out the issuer which denotes the time window
- //
- // Eg: urn:org:onapxacml:guard:historydb:tw:10:minute
- //
- String[] s1 = pipRequest.getIssuer().split("tw:");
- String[] s2 = s1[1].split(":");
- int timeWindowVal = Integer.parseInt(s2[0]);
- String timeWindowScale = s2[1];
- //
- // Grab other attribute values
- //
- String actor = getActor(pipFinder);
- String operation = getRecipe(pipFinder);
- String target = getTarget(pipFinder);
- String timeWindow = timeWindowVal + " " + timeWindowScale;
- logger.info("Going to query DB about: actor {} operation {} target {} time window {}",
- actor, operation, target, timeWindow);
- //
- // Sanity check
- //
- if (actor == null || operation == null || target == null) {
- //
- // See if we have all the values
- //
- logger.error("missing attributes return empty");
- return StdPIPResponse.PIP_RESPONSE_EMPTY;
- }
- //
- // Ok do the database query
- //
- int operationCount = doDatabaseQuery(actor, operation, target, timeWindowVal, timeWindowScale);
- //
- // Right now return empty
- //
- StdMutablePIPResponse stdPipResponse = new StdMutablePIPResponse();
- this.addIntegerAttribute(stdPipResponse,
- XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
- ToscaDictionary.ID_RESOURCE_GUARD_OPERATIONCOUNT,
- operationCount,
- pipRequest);
- return new StdPIPResponse(stdPipResponse);
- }
-
- @Override
- public void configure(String id, Properties properties) throws PIPException {
- super.configure(id, properties);
- logger.debug("Configuring historyDb PIP {}", properties);
- this.properties = properties;
- }
-
- private String getActor(PIPFinder pipFinder) {
- //
- // Get the actor value
- //
- PIPResponse pipResponse = this.getAttribute(PIP_REQUEST_ACTOR, pipFinder);
- if (pipResponse == null) {
- logger.error("Need actor attribute which is not found");
- return null;
- }
- //
- // Find the actor
- //
- return findFirstAttributeValue(pipResponse);
- }
-
- private String getRecipe(PIPFinder pipFinder) {
- //
- // Get the actor value
- //
- PIPResponse pipResponse = this.getAttribute(PIP_REQUEST_RECIPE, pipFinder);
- if (pipResponse == null) {
- logger.error("Need recipe attribute which is not found");
- return null;
- }
- //
- // Find the actor
- //
- return findFirstAttributeValue(pipResponse);
- }
-
- private String getTarget(PIPFinder pipFinder) {
- //
- // Get the actor value
- //
- PIPResponse pipResponse = this.getAttribute(PIP_REQUEST_TARGET, pipFinder);
- if (pipResponse == null) {
- logger.error("Need target attribute which is not found");
- return null;
- }
- //
- // Find the actor
- //
- return findFirstAttributeValue(pipResponse);
- }
-
- private PIPResponse getAttribute(PIPRequest pipRequest, PIPFinder pipFinder) {
- PIPResponse pipResponse = null;
- try {
- pipResponse = pipFinder.getMatchingAttributes(pipRequest, this);
- if (pipResponse.getStatus() != null && !pipResponse.getStatus().isOk()) {
- if (logger.isInfoEnabled()) {
- logger.info("get attribute error retrieving {}: {}", pipRequest.getAttributeId().stringValue(),
- pipResponse.getStatus());
- }
- pipResponse = null;
- }
- if (pipResponse != null && pipResponse.getAttributes().isEmpty()) {
- if (logger.isInfoEnabled()) {
- logger.info("No value for {}", pipRequest.getAttributeId().stringValue());
- }
- pipResponse = null;
- }
- } catch (PIPException ex) {
- logger.error("PIPException getting subject-id attribute: " + ex.getMessage(), ex);
- }
- return pipResponse;
- }
-
- private String findFirstAttributeValue(PIPResponse pipResponse) {
- for (Attribute attribute: pipResponse.getAttributes()) {
- Iterator<AttributeValue<String>> iterAttributeValues = attribute.findValues(DataTypes.DT_STRING);
- if (iterAttributeValues != null) {
- while (iterAttributeValues.hasNext()) {
- String value = iterAttributeValues.next().getValue();
- if (value != null) {
- return value;
- }
- }
- }
- }
- return null;
- }
-
- private void addIntegerAttribute(StdMutablePIPResponse stdPipResponse, Identifier category,
- Identifier attributeId, int value, PIPRequest pipRequest) {
- AttributeValue<BigInteger> attributeValue = null;
- try {
- attributeValue = DataTypes.DT_INTEGER.createAttributeValue(value);
- } catch (Exception e) {
- logger.error("Failed to convert {} to integer {}", value, e);
- }
- if (attributeValue != null) {
- stdPipResponse.addAttribute(new StdMutableAttribute(category, attributeId, attributeValue,
- pipRequest.getIssuer(), false));
- }
- }
-
- private int doDatabaseQuery(String actor, String operation, String target, int timeWindowVal,
- String timeWindowScale) {
- logger.info("Querying operations history for {} {} {} {} {}",
- actor, operation, target, timeWindowVal, timeWindowScale);
- //
- // Create our entity manager
- //
- EntityManager em;
- try {
- //
- // In case there are any overloaded properties for the JPA
- //
- Properties emProperties = new Properties(properties);
- //
- // Create the entity manager factory
- //
- em = Persistence.createEntityManagerFactory(
- properties.getProperty("historydb.persistenceunit", "OperationsHistoryPU"),
- emProperties).createEntityManager();
- } catch (Exception e) {
- logger.error("Persistence failed {} operations history db {}", e.getLocalizedMessage(), e);
- return -1;
- }
- //
- // Compute the time window
- //
- if (! "minute".equalsIgnoreCase(timeWindowScale)
- && ! "hour".equalsIgnoreCase(timeWindowScale)
- && ! "day".equalsIgnoreCase(timeWindowScale)
- && ! "week".equalsIgnoreCase(timeWindowScale)
- && ! "month".equalsIgnoreCase(timeWindowScale)
- && ! "year".equalsIgnoreCase(timeWindowScale)) {
- //
- // Unsupported
- //
- logger.error("Unsupported time window scale value {}", timeWindowScale);
- //
- // Throw an exception instead?
- //
- return -1;
- }
- //
- // Do the query
- //
- Object result = null;
- try {
- //
- //
- //
- String strQuery = "select count(*) as numops from operationshistory"
- + " where outcome<>'Failure_Guard'"
- + " and actor=?"
- + " and operation=?"
- + " and target=?"
- + " and endtime between TIMESTAMPADD("
- + timeWindowScale.toUpperCase()
- + ", ?, CURRENT_TIMESTAMP)"
- + " and CURRENT_TIMESTAMP";
- //
- // We are expecting a single result
- //
- result = em.createNativeQuery(strQuery)
- .setParameter(1, actor)
- .setParameter(2, operation)
- .setParameter(3, target)
- .setParameter(4, timeWindowVal * -1)
- .getSingleResult();
- } catch (Exception e) {
- logger.error("Named query failed ", e);
- }
- //
- // Check our query results
- //
- if (result != null) {
- //
- // Success let's see what JPA returned to us
- //
- logger.info("operations query returned {}", result);
- //
- // Should get back a long
- //
- if (result instanceof Long) {
- return ((Long) result).intValue();
- }
- //
- // We shouldn't really get this result, but just
- // in case we'll do the dirty work of parsing the
- // string representation of the object.
- //
- return Integer.parseInt(result.toString());
- }
- //
- // We get here if we didn't get a result. Should
- // we propagate back an exception?
- //
- return -1;
- }
-
-}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java
index 2d3cebd1..21820b99 100644
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java
@@ -31,17 +31,18 @@ public final class ToscaDictionary {
/*
* These are the ID's for various TOSCA Policy Types we are supporting in the Applications.
*/
- public static final Identifier URN_ONAP =
- new IdentifierImpl("urn:org:onap");
+ public static final String URN_ONAP = "urn:org:onap";
+ public static final Identifier ID_URN_ONAP =
+ new IdentifierImpl(URN_ONAP);
public static final Identifier ID_RESOURCE_POLICY_ID =
XACML3.ID_RESOURCE_RESOURCE_ID;
public static final Identifier ID_RESOURCE_POLICY_TYPE =
- new IdentifierImpl(URN_ONAP, "policy-type");
+ new IdentifierImpl(ID_URN_ONAP, "policy-type");
public static final Identifier ID_RESOURCE_POLICY_TYPE_VERSION =
- new IdentifierImpl(URN_ONAP, "policy-type-version");
+ new IdentifierImpl(ID_URN_ONAP, "policy-type-version");
/*
* These ID's are for identifying Subjects
@@ -51,70 +52,75 @@ public final class ToscaDictionary {
XACML3.ID_SUBJECT_SUBJECT_ID;
public static final Identifier ID_SUBJECT_ONAP_COMPONENT =
- new IdentifierImpl(URN_ONAP, "onap-component");
+ new IdentifierImpl(ID_URN_ONAP, "onap-component");
public static final Identifier ID_SUBJECT_ONAP_INSTANCE =
- new IdentifierImpl(URN_ONAP, "onap-instance");
+ new IdentifierImpl(ID_URN_ONAP, "onap-instance");
/*
* These 2 ID's are for Optimization policies
*/
public static final Identifier ID_RESOURCE_POLICY_SCOPE_PROPERTY =
- new IdentifierImpl(URN_ONAP, "policy-scope-property");
+ new IdentifierImpl(ID_URN_ONAP, "policy-scope-property");
public static final Identifier ID_RESOURCE_POLICY_TYPE_PROPERTY =
- new IdentifierImpl(URN_ONAP, "policy-type-property");
+ new IdentifierImpl(ID_URN_ONAP, "policy-type-property");
/*
* These ID's are for Legacy Guard Policies
*/
public static final Identifier ID_RESOURCE_GUARD_ACTOR =
- new IdentifierImpl(URN_ONAP, "guard:actor:actor-id");
+ new IdentifierImpl(ID_URN_ONAP, "guard:actor:actor-id");
public static final Identifier ID_RESOURCE_GUARD_RECIPE =
- new IdentifierImpl(URN_ONAP, "guard:operation:operation-id");
+ new IdentifierImpl(ID_URN_ONAP, "guard:operation:operation-id");
public static final Identifier ID_RESOURCE_GUARD_CLNAME =
- new IdentifierImpl(URN_ONAP, "guard:clname:clname-id");
+ new IdentifierImpl(ID_URN_ONAP, "guard:clname:clname-id");
public static final Identifier ID_RESOURCE_GUARD_TARGETID =
- new IdentifierImpl(URN_ONAP, "guard:target:target-id");
+ new IdentifierImpl(ID_URN_ONAP, "guard:target:target-id");
public static final Identifier ID_SUBJECT_GUARD_REQUESTID =
- new IdentifierImpl(URN_ONAP, "guard:request:request-id");
+ new IdentifierImpl(ID_URN_ONAP, "guard:request:request-id");
public static final Identifier ID_RESOURCE_GUARD_VFCOUNT =
- new IdentifierImpl(URN_ONAP, "guard:target:vf-count");
+ new IdentifierImpl(ID_URN_ONAP, "guard:target:vf-count");
public static final Identifier ID_RESOURCE_GUARD_MIN =
- new IdentifierImpl(URN_ONAP, "guard:target:min");
+ new IdentifierImpl(ID_URN_ONAP, "guard:target:min");
public static final Identifier ID_RESOURCE_GUARD_MAX =
- new IdentifierImpl(URN_ONAP, "guard:target:max");
+ new IdentifierImpl(ID_URN_ONAP, "guard:target:max");
/*
* This id specifically for guard is provided by the
* operational history database PIP.
*/
+ public static final String GUARD_OPERATIONCOUNT = "guard:operation:operation-count";
public static final Identifier ID_RESOURCE_GUARD_OPERATIONCOUNT =
- new IdentifierImpl(URN_ONAP, "guard:operation:operation-count");
+ new IdentifierImpl(ID_URN_ONAP, GUARD_OPERATIONCOUNT);
- public static final String GUARD_ISSUER = URN_ONAP.stringValue() + "xacml:guard:historydb";
+ public static final String GUARD_OPERATIONOUTCOME = "guard:operation:operation-outcome";
+ public static final Identifier ID_RESOURCE_GUARD_OPERATIONOUTCOME =
+ new IdentifierImpl(ID_URN_ONAP, GUARD_OPERATIONOUTCOME);
+
+ public static final String GUARD_ISSUER_PREFIX = URN_ONAP + ":xacml:guard:";
/*
* This id is specifically for advice returned from guard
*/
public static final Identifier ID_ADVICE_GUARD =
- new IdentifierImpl(URN_ONAP, "guard:advice");
+ new IdentifierImpl(ID_URN_ONAP, "guard:advice");
public static final Identifier ID_ADVICE_GUARD_REQUESTID =
- new IdentifierImpl(URN_ONAP, "guard:advice:request-id");
+ new IdentifierImpl(ID_URN_ONAP, "guard:advice:request-id");
/*
* Obligation specific ID's
*/
public static final Identifier ID_OBLIGATION_REST_BODY =
- new IdentifierImpl(URN_ONAP, "rest:body");
+ new IdentifierImpl(ID_URN_ONAP, "rest:body");
public static final Identifier ID_OBLIGATION_POLICY_MONITORING =
- new IdentifierImpl(URN_ONAP, ":obligation:monitoring");
+ new IdentifierImpl(ID_URN_ONAP, ":obligation:monitoring");
public static final Identifier ID_OBLIGATION_POLICY_MONITORING_CONTENTS =
- new IdentifierImpl(URN_ONAP, ":obligation:monitoring:contents");
+ new IdentifierImpl(ID_URN_ONAP, ":obligation:monitoring:contents");
public static final Identifier ID_OBLIGATION_POLICY_MONITORING_CATEGORY =
XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE;
@@ -123,7 +129,7 @@ public final class ToscaDictionary {
XACML3.ID_DATATYPE_STRING;
public static final Identifier ID_OBLIGATION_MONITORING_ISSUER =
- new IdentifierImpl(URN_ONAP, "issuer:monitoring");
+ new IdentifierImpl(ID_URN_ONAP, "issuer:monitoring");
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/CountRecentOperationsPip.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/CountRecentOperationsPip.java
new file mode 100644
index 00000000..c18ad5fa
--- /dev/null
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/CountRecentOperationsPip.java
@@ -0,0 +1,221 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.policy.pdp.xacml.application.common.operationshistory;
+
+import com.att.research.xacml.api.XACML3;
+import com.att.research.xacml.api.pip.PIPException;
+import com.att.research.xacml.api.pip.PIPFinder;
+import com.att.research.xacml.api.pip.PIPRequest;
+import com.att.research.xacml.api.pip.PIPResponse;
+import com.att.research.xacml.std.pip.StdMutablePIPResponse;
+import com.att.research.xacml.std.pip.StdPIPResponse;
+import com.google.common.base.Strings;
+
+import java.sql.Timestamp;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Properties;
+
+import javax.persistence.Persistence;
+
+import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
+import org.onap.policy.pdp.xacml.application.common.std.StdOnapPip;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+public class CountRecentOperationsPip extends StdOnapPip {
+ public static final String ISSUER_NAME = "count-recent-operations";
+ private static Logger logger = LoggerFactory.getLogger(CountRecentOperationsPip.class);
+
+ public CountRecentOperationsPip() {
+ super();
+ }
+
+ @Override
+ public Collection<PIPRequest> attributesRequired() {
+ return Arrays.asList(PIP_REQUEST_ACTOR, PIP_REQUEST_RECIPE, PIP_REQUEST_TARGET);
+ }
+
+ @Override
+ public void configure(String id, Properties properties) throws PIPException {
+ super.configure(id, properties);
+ //
+ // Create our entity manager
+ //
+ em = null;
+ try {
+ //
+ // In case there are any overloaded properties for the JPA
+ //
+ Properties emProperties = new Properties(properties);
+ //
+ // Create the entity manager factory
+ //
+ em = Persistence.createEntityManagerFactory(
+ properties.getProperty(ISSUER_NAME + ".persistenceunit"),
+ emProperties).createEntityManager();
+ } catch (Exception e) {
+ logger.error("Persistence failed {} operations history db {}", e.getLocalizedMessage(), e);
+ }
+ }
+
+ /**
+ * getAttributes.
+ *
+ * @param pipRequest the request
+ * @param pipFinder the pip finder
+ * @return PIPResponse
+ */
+ @Override
+ public PIPResponse getAttributes(PIPRequest pipRequest, PIPFinder pipFinder) throws PIPException {
+ logger.debug("getAttributes requesting attribute {} of type {} for issuer {}",
+ pipRequest.getAttributeId(), pipRequest.getDataTypeId(), pipRequest.getIssuer());
+ //
+ // Determine if the issuer is correct
+ //
+ if (Strings.isNullOrEmpty(pipRequest.getIssuer())) {
+ logger.debug("issuer is null - returning empty response");
+ //
+ // We only respond to ourself as the issuer
+ //
+ return StdPIPResponse.PIP_RESPONSE_EMPTY;
+ }
+ if (! pipRequest.getIssuer().startsWith(ToscaDictionary.GUARD_ISSUER_PREFIX)) {
+ logger.debug("Issuer does not start with guard");
+ //
+ // We only respond to ourself as the issuer
+ //
+ return StdPIPResponse.PIP_RESPONSE_EMPTY;
+ }
+ //
+ // Parse out the issuer which denotes the time window
+ // Eg: any-prefix:tw:10:minute
+ //
+ String[] s1 = pipRequest.getIssuer().split("tw:");
+ String[] s2 = s1[1].split(":");
+ int timeWindowVal = Integer.parseInt(s2[0]);
+ String timeWindowScale = s2[1];
+ //
+ // Grab other attribute values
+ //
+ String actor = getAttribute(pipFinder, PIP_REQUEST_ACTOR);
+ String operation = getAttribute(pipFinder, PIP_REQUEST_RECIPE);
+ String target = getAttribute(pipFinder, PIP_REQUEST_TARGET);
+ String timeWindow = timeWindowVal + " " + timeWindowScale;
+ logger.info("Going to query DB about: actor {} operation {} target {} time window {}",
+ actor, operation, target, timeWindow);
+ //
+ // Sanity check
+ //
+ if (actor == null || operation == null || target == null) {
+ //
+ // See if we have all the values
+ //
+ logger.error("missing attributes return empty");
+ return StdPIPResponse.PIP_RESPONSE_EMPTY;
+ }
+ //
+ // Ok do the database query
+ //
+ long operationCount = doDatabaseQuery(actor, operation, target, timeWindowVal, timeWindowScale);
+ //
+ // Create and return PipResponse
+ //
+ StdMutablePIPResponse pipResponse = new StdMutablePIPResponse();
+ this.addLongAttribute(pipResponse,
+ XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
+ ToscaDictionary.ID_RESOURCE_GUARD_OPERATIONCOUNT,
+ operationCount,
+ pipRequest);
+ return new StdPIPResponse(pipResponse);
+ }
+
+ private long doDatabaseQuery(String actor, String operation, String target, int timeWindowVal,
+ String timeWindowScale) {
+ logger.info("Querying operations history for {} {} {} {} {}",
+ actor, operation, target, timeWindowVal, timeWindowScale);
+ //
+ // Only can query if we have an EntityManager
+ //
+ if (em == null) {
+ logger.error("No EntityManager available");
+ return -1;
+ }
+ //
+ // Do the query
+ //
+ try {
+ //
+ // We are expecting a single result
+ //
+ return em.createQuery("select count(e) from Dbao e"
+ + " where e.outcome<>'Failure_Guard'"
+ + " and e.actor= ?1"
+ + " and e.operation= ?2"
+ + " and e.target= ?3"
+ + " and e.endtime between"
+ + " ?4 and CURRENT_TIMESTAMP",
+ Long.class)
+ .setParameter(1, actor)
+ .setParameter(2, operation)
+ .setParameter(3, target)
+ .setParameter(4, Timestamp.from(Instant.now()
+ .minus(timeWindowVal,
+ stringToChronoUnit(timeWindowScale))))
+ .getSingleResult();
+ } catch (Exception e) {
+ logger.error("Typed query failed ", e);
+ return -1;
+ }
+ }
+
+ private ChronoUnit stringToChronoUnit(String scale) {
+ //
+ // Compute the time window
+ //
+ switch (scale.toLowerCase()) {
+ case "second":
+ return ChronoUnit.SECONDS;
+ case "minute":
+ return ChronoUnit.MINUTES;
+ case "hour":
+ return ChronoUnit.HOURS;
+ case "day":
+ return ChronoUnit.DAYS;
+ case "week":
+ return ChronoUnit.WEEKS;
+ case "month":
+ return ChronoUnit.MONTHS;
+ case "year":
+ return ChronoUnit.YEARS;
+ default:
+ //
+ // Unsupported
+ //
+ logger.error("Unsupported time window scale value {}", scale);
+ }
+ return null;
+ }
+
+}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapOperationsHistoryDbao.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/Dbao.java
index 3075a6bd..2b70c9be 100644
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapOperationsHistoryDbao.java
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/Dbao.java
@@ -20,7 +20,7 @@
* ============LICENSE_END=========================================================
*/
-package org.onap.policy.pdp.xacml.application.common;
+package org.onap.policy.pdp.xacml.application.common.operationshistory;
import java.io.Serializable;
import java.util.Date;
@@ -36,7 +36,7 @@ import lombok.Data;
@Entity
@Table(name = "operationshistory")
@Data
-public class OnapOperationsHistoryDbao implements Serializable {
+public class Dbao implements Serializable {
private static final long serialVersionUID = -551420180714993577L;
@@ -46,7 +46,7 @@ public class OnapOperationsHistoryDbao implements Serializable {
private Long id;
@Column(name = "closedLoopName", length = 255)
- private String clName;
+ private String closedLoopName;
@Column(name = "requestId", length = 50)
private String requestId;
@@ -75,8 +75,4 @@ public class OnapOperationsHistoryDbao implements Serializable {
@Column(name = "endtime")
private Date endtime;
- public OnapOperationsHistoryDbao() {
- super();
- }
-
}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/GetOperationOutcomePip.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/GetOperationOutcomePip.java
new file mode 100644
index 00000000..717e537d
--- /dev/null
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/operationshistory/GetOperationOutcomePip.java
@@ -0,0 +1,160 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+
+package org.onap.policy.pdp.xacml.application.common.operationshistory;
+
+import com.att.research.xacml.api.XACML3;
+import com.att.research.xacml.api.pip.PIPException;
+import com.att.research.xacml.api.pip.PIPFinder;
+import com.att.research.xacml.api.pip.PIPRequest;
+import com.att.research.xacml.api.pip.PIPResponse;
+import com.att.research.xacml.std.pip.StdMutablePIPResponse;
+import com.att.research.xacml.std.pip.StdPIPResponse;
+import com.google.common.base.Strings;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Properties;
+
+import javax.persistence.NoResultException;
+import javax.persistence.Persistence;
+
+import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
+import org.onap.policy.pdp.xacml.application.common.std.StdOnapPip;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+public class GetOperationOutcomePip extends StdOnapPip {
+ public static final String ISSUER_NAME = "get-operation-outcome";
+ private static Logger logger = LoggerFactory.getLogger(GetOperationOutcomePip.class);
+
+ public GetOperationOutcomePip() {
+ super();
+ }
+
+ @Override
+ public Collection<PIPRequest> attributesRequired() {
+ return Arrays.asList(PIP_REQUEST_TARGET);
+ }
+
+ @Override
+ public void configure(String id, Properties properties) throws PIPException {
+ super.configure(id, properties);
+ //
+ // Create our entity manager
+ //
+ em = null;
+ try {
+ //
+ // In case there are any overloaded properties for the JPA
+ //
+ Properties emProperties = new Properties(properties);
+ //
+ // Create the entity manager factory
+ //
+ em = Persistence.createEntityManagerFactory(
+ properties.getProperty(ISSUER_NAME + ".persistenceunit"),
+ emProperties).createEntityManager();
+ } catch (Exception e) {
+ logger.error("Persistence failed {} operations history db {}", e.getLocalizedMessage(), e);
+ }
+ }
+
+ /**
+ * getAttributes.
+ *
+ * @param pipRequest the request
+ * @param pipFinder the pip finder
+ * @return PIPResponse
+ */
+ @Override
+ public PIPResponse getAttributes(PIPRequest pipRequest, PIPFinder pipFinder) throws PIPException {
+ logger.debug("getAttributes requesting attribute {} of type {} for issuer {}",
+ pipRequest.getAttributeId(), pipRequest.getDataTypeId(), pipRequest.getIssuer());
+ //
+ // Determine if the issuer is correct
+ //
+ if (Strings.isNullOrEmpty(pipRequest.getIssuer())) {
+ logger.debug("issuer is null - returning empty response");
+ //
+ // We only respond to ourself as the issuer
+ //
+ return StdPIPResponse.PIP_RESPONSE_EMPTY;
+ }
+ if (! pipRequest.getIssuer().startsWith(ToscaDictionary.GUARD_ISSUER_PREFIX)) {
+ logger.debug("Issuer does not start with guard");
+ //
+ // We only respond to ourself as the issuer
+ //
+ return StdPIPResponse.PIP_RESPONSE_EMPTY;
+ }
+ //
+ // Parse out the issuer which denotes the time window
+ // Eg: any-prefix:clname:some-controlloop-name
+ //
+ String[] s1 = pipRequest.getIssuer().split("clname:");
+ String clname = s1[1];
+ String target = null;
+ target = getAttribute(pipFinder, PIP_REQUEST_TARGET);
+
+ logger.debug("Going to query DB about: clname={}, target={}", clname, target);
+ String outcome = doDatabaseQuery(clname, target);
+ logger.debug("Query result is: {}", outcome);
+
+ StdMutablePIPResponse pipResponse = new StdMutablePIPResponse();
+ this.addStringAttribute(pipResponse,
+ XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
+ ToscaDictionary.ID_RESOURCE_GUARD_OPERATIONOUTCOME,
+ outcome,
+ pipRequest);
+ return new StdPIPResponse(pipResponse);
+ }
+
+ private String doDatabaseQuery(String clname, String target) {
+ logger.info("Querying operations history for {} {}", clname, target);
+ //
+ // Only can query if we have an EntityManager
+ //
+ if (em == null) {
+ logger.error("No EntityManager available");
+ return null;
+ }
+ //
+ // Do the query
+ //
+ try {
+ //
+ // We are expecting a single result
+ //
+ return em.createQuery("select e.outcome from Dbao e"
+ + " where e.closedLoopName= ?1"
+ + " and e.target= ?2"
+ + " order by e.endtime desc",
+ String.class)
+ .setParameter(1, clname)
+ .setParameter(2, target)
+ .setMaxResults(1)
+ .getSingleResult();
+ } catch (Exception e) {
+ logger.error("Typed query failed ", e);
+ return null;
+ }
+ }
+}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdOnapPip.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdOnapPip.java
new file mode 100644
index 00000000..70d49418
--- /dev/null
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdOnapPip.java
@@ -0,0 +1,183 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.policy.pdp.xacml.application.common.std;
+
+import com.att.research.xacml.api.Attribute;
+import com.att.research.xacml.api.AttributeValue;
+import com.att.research.xacml.api.Identifier;
+import com.att.research.xacml.api.XACML3;
+import com.att.research.xacml.api.pip.PIPException;
+import com.att.research.xacml.api.pip.PIPFinder;
+import com.att.research.xacml.api.pip.PIPRequest;
+import com.att.research.xacml.api.pip.PIPResponse;
+import com.att.research.xacml.std.StdMutableAttribute;
+import com.att.research.xacml.std.datatypes.DataTypes;
+import com.att.research.xacml.std.pip.StdMutablePIPResponse;
+import com.att.research.xacml.std.pip.StdPIPRequest;
+import com.att.research.xacml.std.pip.engines.StdConfigurableEngine;
+
+import java.math.BigInteger;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.Properties;
+
+import javax.persistence.EntityManager;
+
+import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+public abstract class StdOnapPip extends StdConfigurableEngine {
+ protected static Logger logger = LoggerFactory.getLogger(StdOnapPip.class);
+
+ protected static final PIPRequest PIP_REQUEST_ACTOR = new StdPIPRequest(
+ XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
+ ToscaDictionary.ID_RESOURCE_GUARD_ACTOR,
+ XACML3.ID_DATATYPE_STRING);
+
+ protected static final PIPRequest PIP_REQUEST_RECIPE = new StdPIPRequest(
+ XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
+ ToscaDictionary.ID_RESOURCE_GUARD_RECIPE,
+ XACML3.ID_DATATYPE_STRING);
+
+ protected static final PIPRequest PIP_REQUEST_TARGET = new StdPIPRequest(
+ XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
+ ToscaDictionary.ID_RESOURCE_GUARD_TARGETID,
+ XACML3.ID_DATATYPE_STRING);
+
+ protected Properties properties;
+ protected EntityManager em;
+
+ public StdOnapPip() {
+ super();
+ }
+
+ @Override
+ public Collection<PIPRequest> attributesProvided() {
+ return Collections.emptyList();
+ }
+
+ @Override
+ public void configure(String id, Properties properties) throws PIPException {
+ super.configure(id, properties);
+ logger.debug("Configuring historyDb PIP {}", properties);
+ this.properties = properties;
+ }
+
+ protected String getAttribute(PIPFinder pipFinder, PIPRequest pipRequest) {
+ //
+ // Get the actor value
+ //
+ PIPResponse pipResponse = this.getAttribute(pipRequest, pipFinder);
+ if (pipResponse == null) {
+ logger.error("Need actor attribute which is not found");
+ return null;
+ }
+ //
+ // Find the actor
+ //
+ return findFirstAttributeValue(pipResponse);
+ }
+
+ protected PIPResponse getAttribute(PIPRequest pipRequest, PIPFinder pipFinder) {
+ PIPResponse pipResponse = null;
+ try {
+ pipResponse = pipFinder.getMatchingAttributes(pipRequest, this);
+ if (pipResponse.getStatus() != null && !pipResponse.getStatus().isOk()) {
+ if (logger.isInfoEnabled()) {
+ logger.info("get attribute error retrieving {}: {}", pipRequest.getAttributeId().stringValue(),
+ pipResponse.getStatus());
+ }
+ pipResponse = null;
+ }
+ if (pipResponse != null && pipResponse.getAttributes().isEmpty()) {
+ if (logger.isInfoEnabled()) {
+ logger.info("No value for {}", pipRequest.getAttributeId().stringValue());
+ }
+ pipResponse = null;
+ }
+ } catch (PIPException ex) {
+ logger.error("PIPException getting subject-id attribute: " + ex.getMessage(), ex);
+ }
+ return pipResponse;
+ }
+
+ protected String findFirstAttributeValue(PIPResponse pipResponse) {
+ for (Attribute attribute: pipResponse.getAttributes()) {
+ Iterator<AttributeValue<String>> iterAttributeValues = attribute.findValues(DataTypes.DT_STRING);
+ if (iterAttributeValues != null) {
+ while (iterAttributeValues.hasNext()) {
+ String value = iterAttributeValues.next().getValue();
+ if (value != null) {
+ return value;
+ }
+ }
+ }
+ }
+ return null;
+ }
+
+ protected void addIntegerAttribute(StdMutablePIPResponse stdPipResponse, Identifier category,
+ Identifier attributeId, int value, PIPRequest pipRequest) {
+ AttributeValue<BigInteger> attributeValue = null;
+ try {
+ attributeValue = DataTypes.DT_INTEGER.createAttributeValue(value);
+ } catch (Exception e) {
+ logger.error("Failed to convert {} to integer {}", value, e);
+ }
+ if (attributeValue != null) {
+ stdPipResponse.addAttribute(new StdMutableAttribute(category, attributeId, attributeValue,
+ pipRequest.getIssuer(), false));
+ }
+ }
+
+ protected void addLongAttribute(StdMutablePIPResponse stdPipResponse, Identifier category,
+ Identifier attributeId, long value, PIPRequest pipRequest) {
+ AttributeValue<BigInteger> attributeValue = null;
+ try {
+ attributeValue = DataTypes.DT_INTEGER.createAttributeValue(value);
+ } catch (Exception e) {
+ logger.error("Failed to convert {} to long {}", value, e);
+ }
+ if (attributeValue != null) {
+ stdPipResponse.addAttribute(new StdMutableAttribute(category, attributeId, attributeValue,
+ pipRequest.getIssuer(), false));
+ }
+ }
+
+ protected void addStringAttribute(StdMutablePIPResponse stdPipResponse, Identifier category, Identifier attributeId,
+ String value, PIPRequest pipRequest) {
+ AttributeValue<String> attributeValue = null;
+ try {
+ attributeValue = DataTypes.DT_STRING.createAttributeValue(value);
+ } catch (Exception ex) {
+ logger.error("Failed to convert {} to an AttributeValue<String>", value, ex);
+ }
+ if (attributeValue != null) {
+ stdPipResponse.addAttribute(new StdMutableAttribute(category, attributeId, attributeValue,
+ pipRequest.getIssuer(), false));
+ }
+ }
+
+}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java
index 7f85d2f0..5f84154f 100644
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java
@@ -129,7 +129,8 @@ public abstract class StdXacmlApplicationServiceProvider implements XacmlApplica
//
// Convert the policies first
//
- PolicyType xacmlPolicy = this.getTranslator().convertPolicy(toscaPolicy);
+ PolicyType xacmlPolicy = this.getTranslator(toscaPolicy.getType())
+ .convertPolicy(toscaPolicy);
if (xacmlPolicy == null) {
throw new ToscaPolicyConversionException("Failed to convert policy");
}
@@ -187,8 +188,11 @@ public abstract class StdXacmlApplicationServiceProvider implements XacmlApplica
return this.getTranslator().convertResponse(xacmlResponse);
}
+ protected abstract ToscaPolicyTranslator getTranslator(String type);
- protected abstract ToscaPolicyTranslator getTranslator();
+ protected ToscaPolicyTranslator getTranslator() {
+ return this.getTranslator("");
+ }
protected synchronized PDPEngine getEngine() {
return this.pdpEngine;
@@ -251,7 +255,6 @@ public abstract class StdXacmlApplicationServiceProvider implements XacmlApplica
PDPEngine engine = factory.newEngine(properties);
if (engine != null) {
this.pdpEngine = engine;
-// this.pdpProperties = new Properties(properties);
}
} catch (FactoryException e) {
LOGGER.error("Failed to create XACML PDP Engine {}", e);