diff options
Diffstat (limited to 'applications/common/src')
6 files changed, 230 insertions, 205 deletions
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/TestUtils.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/TestUtils.java new file mode 100644 index 00000000..fa32516d --- /dev/null +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/TestUtils.java @@ -0,0 +1,68 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common; + +import java.util.Map; +import java.util.Map.Entry; + +import org.onap.policy.common.utils.coder.CoderException; +import org.onap.policy.common.utils.coder.StandardCoder; +import org.onap.policy.common.utils.resources.ResourceUtils; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; +import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate; +import org.yaml.snakeyaml.Yaml; + +public class TestUtils { + private static final StandardCoder standardCoder = new StandardCoder(); + + private TestUtils() { + super(); + } + + /** + * Load the policies from a resource file into the given the application. + * + * @param resourceFile resource file + * @param service XacmlApplicationServiceProvider + * @throws CoderException exception if it cannot be decoded + * @throws XacmlApplicationException If the application cannot load the policy + */ + public static void loadPolicies(String resourceFile, XacmlApplicationServiceProvider service) + throws CoderException, XacmlApplicationException { + String policyYaml = ResourceUtils.getResourceAsString(resourceFile); + Yaml yaml = new Yaml(); + Object yamlObject = yaml.load(policyYaml); + String yamlAsJsonString = standardCoder.encode(yamlObject); + ToscaServiceTemplate serviceTemplate = standardCoder.decode(yamlAsJsonString, ToscaServiceTemplate.class); + // + // Get the policies + // + for (Map<String, ToscaPolicy> policies : serviceTemplate.getToscaTopologyTemplate().getPolicies()) { + for (Entry<String, ToscaPolicy> entrySet : policies.entrySet()) { + service.loadPolicy(entrySet.getValue()); + } + } + + } + +} diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java index f5f77d24..47ff70f6 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java @@ -25,24 +25,22 @@ package org.onap.policy.pdp.xacml.application.common; import com.att.research.xacml.api.Request; import com.att.research.xacml.api.Response; -import java.util.List; -import java.util.Map; - import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; public interface ToscaPolicyTranslator { /** * Implement this method to translate policies. * - * @param toscaObject Incoming Tosca Policies object - * @return List of translated policies + * @param toscaPolicy Incoming Tosca Policy object + * @return Xacml PolicyType object * @throws ToscaPolicyConversionException Exception */ - List<PolicyType> scanAndConvertPolicies(Map<String, Object> toscaObject) throws ToscaPolicyConversionException; + PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException; /** * Implement this method to convert an ONAP DecisionRequest into diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java index cf9b15cc..c1682fb7 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java @@ -23,10 +23,10 @@ package org.onap.policy.pdp.xacml.application.common; import java.nio.file.Path; import java.util.List; -import java.util.Map; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; /** @@ -79,11 +79,11 @@ public interface XacmlApplicationServiceProvider { boolean canSupportPolicyType(ToscaPolicyTypeIdentifier toscaPolicyId); /** - * Load a Map representation of a Tosca Policy. + * Load a Tosca Policy. * - * @param toscaPolicies Map of Tosca Policy Objects + * @param toscaPolicy object */ - void loadPolicies(Map<String, Object> toscaPolicies) throws XacmlApplicationException; + void loadPolicy(ToscaPolicy toscaPolicy) throws XacmlApplicationException; /** * Makes a decision given the incoming request and returns a response. diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java index 16798379..20b34006 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java @@ -31,16 +31,11 @@ import com.att.research.xacml.api.Response; import com.att.research.xacml.api.Result; import com.att.research.xacml.api.XACML3; import com.att.research.xacml.std.annotations.RequestParser; -import com.att.research.xacml.util.XACMLPolicyWriter; import com.google.gson.Gson; -import java.io.ByteArrayOutputStream; -import java.io.IOException; import java.util.ArrayList; import java.util.Collection; -import java.util.List; import java.util.Map; -import java.util.Map.Entry; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeAssignmentExpressionType; @@ -54,9 +49,11 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; -import org.json.JSONObject; +import org.onap.policy.common.utils.coder.CoderException; +import org.onap.policy.common.utils.coder.StandardCoder; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.pdp.xacml.application.common.ToscaDictionary; import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; @@ -72,44 +69,61 @@ public class StdCombinedPolicyResultsTranslator implements ToscaPolicyTranslator super(); } - @SuppressWarnings("unchecked") @Override - public List<PolicyType> scanAndConvertPolicies(Map<String, Object> toscaObject) - throws ToscaPolicyConversionException { + public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException { // - // Our return object + // Set it as the policy ID // - List<PolicyType> scannedPolicies = new ArrayList<>(); + PolicyType newPolicyType = new PolicyType(); + newPolicyType.setPolicyId(toscaPolicy.getMetadata().get("policy-id")); // - // Iterate each of the Policies + // Optional description // - List<Object> policies = (List<Object>) toscaObject.get("policies"); - for (Object policyObject : policies) { - // - // Get the contents - // - LOGGER.debug("Found policy {}", policyObject.getClass()); - Map<String, Object> policyContents = (Map<String, Object>) policyObject; - for (Entry<String, Object> entrySet : policyContents.entrySet()) { - LOGGER.debug("Entry set {}", entrySet); - // - // Convert this policy - // - PolicyType policy = this.convertPolicy(entrySet); - try (ByteArrayOutputStream os = new ByteArrayOutputStream()) { - XACMLPolicyWriter.writePolicyFile(os, policy); - LOGGER.debug("{}", os); - } catch (IOException e) { - LOGGER.error("Failed to convert {}", e); - } - // - // Convert and add in the new policy - // - scannedPolicies.add(policy); - } + newPolicyType.setDescription(toscaPolicy.getDescription()); + // + // There should be a metadata section + // + this.fillMetadataSection(newPolicyType, toscaPolicy.getMetadata()); + // + // Set the combining rule + // + newPolicyType.setRuleCombiningAlgId(XACML3.ID_RULE_FIRST_APPLICABLE.stringValue()); + // + // Generate the TargetType + // + TargetType target = this.generateTargetType(toscaPolicy.getMetadata().get("policy-id"), + toscaPolicy.getType(), toscaPolicy.getVersion()); + newPolicyType.setTarget(target); + // + // Now create the Permit Rule + // No target since the policy has a target + // With obligations. + // + RuleType rule = new RuleType(); + rule.setDescription("Default is to PERMIT if the policy matches."); + rule.setRuleId(toscaPolicy.getMetadata().get("policy-id") + ":rule"); + rule.setEffect(EffectType.PERMIT); + rule.setTarget(new TargetType()); + // + // Now represent the policy as Json + // + StandardCoder coder = new StandardCoder(); + String jsonPolicy; + try { + jsonPolicy = coder.encode(toscaPolicy); + } catch (CoderException e) { + LOGGER.error("Failed to encode policy to json", e); + throw new ToscaPolicyConversionException(e); } - - return scannedPolicies; + addObligation(rule, jsonPolicy); + // + // Add the rule to the policy + // + newPolicyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule); + // + // Return our new policy + // + return newPolicyType; } @Override @@ -194,99 +208,30 @@ public class StdCombinedPolicyResultsTranslator implements ToscaPolicyTranslator } } - @SuppressWarnings("unchecked") - protected PolicyType convertPolicy(Entry<String, Object> entrySet) throws ToscaPolicyConversionException { - // - // Policy name should be at the root - // - String policyName = entrySet.getKey(); - Map<String, Object> policyDefinition = (Map<String, Object>) entrySet.getValue(); - // - // Set it as the policy ID - // - PolicyType newPolicyType = new PolicyType(); - newPolicyType.setPolicyId(policyName); - // - // Optional description - // - if (policyDefinition.containsKey("description")) { - newPolicyType.setDescription(policyDefinition.get("description").toString()); - } - // - // There should be a metadata section - // - if (! policyDefinition.containsKey("metadata")) { - throw new ToscaPolicyConversionException(policyName + " missing metadata section"); - } - this.fillMetadataSection(newPolicyType, - (Map<String, Object>) policyDefinition.get("metadata")); - // - // Set the combining rule - // - newPolicyType.setRuleCombiningAlgId(XACML3.ID_RULE_FIRST_APPLICABLE.stringValue()); - // - // Generate the TargetType - // - if (! policyDefinition.containsKey("type")) { - throw new ToscaPolicyConversionException(policyName + " missing type value"); - } - if (! policyDefinition.containsKey("version")) { - throw new ToscaPolicyConversionException(policyName + " missing version value"); - } - TargetType target = this.generateTargetType(policyName, - policyDefinition.get("type").toString(), - policyDefinition.get("version").toString()); - newPolicyType.setTarget(target); - // - // Now create the Permit Rule - // No target since the policy has a target - // With obligations. - // - RuleType rule = new RuleType(); - rule.setDescription("Default is to PERMIT if the policy matches."); - rule.setRuleId(policyName + ":rule"); - rule.setEffect(EffectType.PERMIT); - rule.setTarget(new TargetType()); - // - // Now represent the policy as Json - // - JSONObject jsonObligation = new JSONObject(); - jsonObligation.put(policyName, policyDefinition); - addObligation(rule, jsonObligation); - // - // Add the rule to the policy - // - newPolicyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule); - // - // Return our new policy - // - return newPolicyType; - } - /** * From the TOSCA metadata section, pull in values that are needed into the XACML policy. * * @param policy Policy Object to store the metadata - * @param metadata The Metadata TOSCA Map + * @param map The Metadata TOSCA Map * @return Same Policy Object * @throws ToscaPolicyConversionException If there is something missing from the metadata */ protected PolicyType fillMetadataSection(PolicyType policy, - Map<String, Object> metadata) throws ToscaPolicyConversionException { - if (! metadata.containsKey("policy-id")) { + Map<String, String> map) throws ToscaPolicyConversionException { + if (! map.containsKey("policy-id")) { throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-id"); } else { // // Do nothing here - the XACML PolicyId is used from TOSCA Policy Name field // } - if (! metadata.containsKey("policy-version")) { + if (! map.containsKey("policy-version")) { throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-version"); } else { // // Add in the Policy Version // - policy.setVersion(metadata.get("policy-version").toString()); + policy.setVersion(map.get("policy-version").toString()); } return policy; } @@ -346,7 +291,7 @@ public class StdCombinedPolicyResultsTranslator implements ToscaPolicyTranslator return target; } - protected RuleType addObligation(RuleType rule, JSONObject jsonPolicy) { + protected RuleType addObligation(RuleType rule, String jsonPolicy) { // // Convert the YAML Policy to JSON Object // @@ -358,7 +303,7 @@ public class StdCombinedPolicyResultsTranslator implements ToscaPolicyTranslator // AttributeValueType value = new AttributeValueType(); value.setDataType(ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_DATATYPE.stringValue()); - value.getContent().add(jsonPolicy.toString()); + value.getContent().add(jsonPolicy); // // Create our AttributeAssignmentExpression where we will // store the contents of the policy in JSON format. diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMatchableTranslator.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMatchableTranslator.java index 6ff1566b..9d3c6264 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMatchableTranslator.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMatchableTranslator.java @@ -32,15 +32,11 @@ import com.att.research.xacml.api.Response; import com.att.research.xacml.api.Result; import com.att.research.xacml.api.XACML3; import com.att.research.xacml.std.annotations.RequestParser; -import com.att.research.xacml.util.XACMLPolicyWriter; import com.google.gson.Gson; -import java.io.ByteArrayOutputStream; -import java.io.IOException; import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; -import java.util.List; import java.util.Map; import java.util.Map.Entry; @@ -56,9 +52,11 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; -import org.json.JSONObject; +import org.onap.policy.common.utils.coder.CoderException; +import org.onap.policy.common.utils.coder.StandardCoder; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.pdp.xacml.application.common.ToscaDictionary; import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; @@ -74,46 +72,6 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { super(); } - @SuppressWarnings("unchecked") - @Override - public List<PolicyType> scanAndConvertPolicies(Map<String, Object> toscaObject) - throws ToscaPolicyConversionException { - // - // Our return object - // - List<PolicyType> scannedPolicies = new ArrayList<>(); - // - // Iterate each of the Policies - // - List<Object> policies = (List<Object>) toscaObject.get("policies"); - for (Object policyObject : policies) { - // - // Get the contents - // - LOGGER.debug("Found policy {}", policyObject.getClass()); - Map<String, Object> policyContents = (Map<String, Object>) policyObject; - for (Entry<String, Object> entrySet : policyContents.entrySet()) { - LOGGER.debug("Entry set {}", entrySet); - // - // Convert this policy - // - PolicyType policy = this.convertPolicy(entrySet); - try (ByteArrayOutputStream os = new ByteArrayOutputStream()) { - XACMLPolicyWriter.writePolicyFile(os, policy); - LOGGER.debug("{}", os); - } catch (IOException e) { - LOGGER.error("Failed to convert {}", e); - } - // - // Convert and add in the new policy - // - scannedPolicies.add(policy); - } - } - - return scannedPolicies; - } - @Override public Request convertRequest(DecisionRequest request) { LOGGER.debug("Converting Request {}", request); @@ -197,13 +155,12 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { } - @SuppressWarnings("unchecked") - protected PolicyType convertPolicy(Entry<String, Object> entrySet) throws ToscaPolicyConversionException { + @Override + public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException { // // Policy name should be at the root // - String policyName = entrySet.getKey(); - Map<String, Object> policyDefinition = (Map<String, Object>) entrySet.getValue(); + String policyName = toscaPolicy.getMetadata().get("policy-id"); // // Set it as the policy ID // @@ -212,17 +169,11 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { // // Optional description // - if (policyDefinition.containsKey("description")) { - newPolicyType.setDescription(policyDefinition.get("description").toString()); - } + newPolicyType.setDescription(toscaPolicy.getDescription()); // // There should be a metadata section // - if (! policyDefinition.containsKey("metadata")) { - throw new ToscaPolicyConversionException(policyName + " missing metadata section"); - } - this.fillMetadataSection(newPolicyType, - (Map<String, Object>) policyDefinition.get("metadata")); + this.fillMetadataSection(newPolicyType, toscaPolicy.getMetadata()); // // Set the combining rule // @@ -230,11 +181,7 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { // // Generate the TargetType // - if (! policyDefinition.containsKey("properties")) { - throw new ToscaPolicyConversionException(policyName + " missing properties section"); - } - policyDefinition.get("properties"); - newPolicyType.setTarget(generateTargetType((Map<String, Object>) policyDefinition.get("properties"))); + newPolicyType.setTarget(generateTargetType(toscaPolicy.getProperties())); // // Now create the Permit Rule // No target since the policy has a target @@ -248,9 +195,15 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { // // Now represent the policy as Json // - JSONObject jsonObligation = new JSONObject(); - jsonObligation.put(policyName, policyDefinition); - addObligation(rule, jsonObligation); + StandardCoder coder = new StandardCoder(); + String jsonPolicy; + try { + jsonPolicy = coder.encode(toscaPolicy); + } catch (CoderException e) { + LOGGER.error("Failed to encode policy to json", e); + throw new ToscaPolicyConversionException(e); + } + addObligation(rule, jsonPolicy); // // Add the rule to the policy // @@ -265,26 +218,26 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { * From the TOSCA metadata section, pull in values that are needed into the XACML policy. * * @param policy Policy Object to store the metadata - * @param metadata The Metadata TOSCA Map + * @param map The Metadata TOSCA Map * @return Same Policy Object * @throws ToscaPolicyConversionException If there is something missing from the metadata */ protected PolicyType fillMetadataSection(PolicyType policy, - Map<String, Object> metadata) throws ToscaPolicyConversionException { - if (! metadata.containsKey("policy-id")) { + Map<String, String> map) throws ToscaPolicyConversionException { + if (! map.containsKey("policy-id")) { throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-id"); } else { // // Do nothing here - the XACML PolicyId is used from TOSCA Policy Name field // } - if (! metadata.containsKey("policy-version")) { + if (! map.containsKey("policy-version")) { throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-version"); } else { // // Add in the Policy Version // - policy.setVersion(metadata.get("policy-version").toString()); + policy.setVersion(map.get("policy-version").toString()); } return policy; } @@ -360,7 +313,7 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { return anyOf; } - protected RuleType addObligation(RuleType rule, JSONObject jsonPolicy) { + protected RuleType addObligation(RuleType rule, String jsonPolicy) { // // Convert the YAML Policy to JSON Object // diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java index 19d8d829..7f85d2f0 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java @@ -28,6 +28,7 @@ import com.att.research.xacml.api.pdp.PDPEngine; import com.att.research.xacml.api.pdp.PDPEngineFactory; import com.att.research.xacml.api.pdp.PDPException; import com.att.research.xacml.util.FactoryException; +import com.att.research.xacml.util.XACMLPolicyWriter; import java.io.IOException; import java.io.InputStream; @@ -37,19 +38,23 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.util.Collections; import java.util.List; -import java.util.Map; import java.util.Properties; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; + import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider; import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -public class StdXacmlApplicationServiceProvider implements XacmlApplicationServiceProvider { +public abstract class StdXacmlApplicationServiceProvider implements XacmlApplicationServiceProvider { private static final Logger LOGGER = LoggerFactory.getLogger(StdXacmlApplicationServiceProvider.class); private Path pathForData = null; @@ -115,28 +120,84 @@ public class StdXacmlApplicationServiceProvider implements XacmlApplicationServi @Override public boolean canSupportPolicyType(ToscaPolicyTypeIdentifier policyTypeId) { - return false; + throw new UnsupportedOperationException("Please override and implement canSupportPolicyType"); } @Override - public void loadPolicies(Map<String, Object> toscaPolicies) throws XacmlApplicationException { - throw new UnsupportedOperationException("Please override and implement loadPolicies"); + public synchronized void loadPolicy(ToscaPolicy toscaPolicy) { + try { + // + // Convert the policies first + // + PolicyType xacmlPolicy = this.getTranslator().convertPolicy(toscaPolicy); + if (xacmlPolicy == null) { + throw new ToscaPolicyConversionException("Failed to convert policy"); + } + // + // Create a copy of the properties object + // + Properties newProperties = this.getProperties(); + // + // Construct the filename + // + Path refPath = XacmlPolicyUtils.constructUniquePolicyFilename(xacmlPolicy, this.getDataPath()); + // + // Write the policy to disk + // Maybe check for an error + // + XACMLPolicyWriter.writePolicyFile(refPath, xacmlPolicy); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Xacml Policy is {}{}", System.lineSeparator(), new String(Files.readAllBytes(refPath))); + } + // + // Add root policy to properties object + // + XacmlPolicyUtils.addRootPolicy(newProperties, refPath); + // + // Write the properties to disk + // + XacmlPolicyUtils.storeXacmlProperties(newProperties, + XacmlPolicyUtils.getPropertiesPath(this.getDataPath())); + // + // Reload the engine + // + this.createEngine(newProperties); + // + // Save the properties + // + this.pdpProperties = newProperties; + } catch (IOException | ToscaPolicyConversionException e) { + LOGGER.error("Failed to loadPolicies {}", e); + } } @Override - public DecisionResponse makeDecision(DecisionRequest request) { + public synchronized DecisionResponse makeDecision(DecisionRequest request) { // - // We should have a standard error response to return + // Convert to a XacmlRequest // - return null; + Request xacmlRequest = this.getTranslator().convertRequest(request); + // + // Now get a decision + // + Response xacmlResponse = this.xacmlDecision(xacmlRequest); + // + // Convert to a DecisionResponse + // + return this.getTranslator().convertResponse(xacmlResponse); } + + protected abstract ToscaPolicyTranslator getTranslator(); + protected synchronized PDPEngine getEngine() { return this.pdpEngine; } protected synchronized Properties getProperties() { - return new Properties(pdpProperties); + Properties newProperties = new Properties(); + newProperties.putAll(pdpProperties); + return newProperties; } protected synchronized Path getDataPath() { @@ -190,7 +251,7 @@ public class StdXacmlApplicationServiceProvider implements XacmlApplicationServi PDPEngine engine = factory.newEngine(properties); if (engine != null) { this.pdpEngine = engine; - this.pdpProperties = new Properties(properties); +// this.pdpProperties = new Properties(properties); } } catch (FactoryException e) { LOGGER.error("Failed to create XACML PDP Engine {}", e); |