summaryrefslogtreecommitdiffstats
path: root/applications/guard
diff options
context:
space:
mode:
Diffstat (limited to 'applications/guard')
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java162
-rw-r--r--applications/guard/src/main/resources/RootGuardPolicy.xml9
2 files changed, 11 insertions, 160 deletions
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
index 2717c279..18385239 100644
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
@@ -24,34 +24,22 @@ package org.onap.policy.xacml.pdp.application.guard;
import com.att.research.xacml.api.Request;
import com.att.research.xacml.api.Response;
-import com.att.research.xacml.api.pdp.PDPEngine;
-import com.att.research.xacml.api.pdp.PDPException;
-import com.att.research.xacml.util.XACMLPolicyWriter;
import com.google.common.collect.Lists;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.file.Path;
-import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.Map.Entry;
-import java.util.Properties;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
import org.onap.policy.models.decisions.concepts.DecisionRequest;
import org.onap.policy.models.decisions.concepts.DecisionResponse;
import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
-import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConverter;
-import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
-import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
+import org.onap.policy.pdp.xacml.application.common.std.StdMetadataTranslator;
+import org.onap.policy.pdp.xacml.application.common.std.StdXacmlApplicationServiceProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.yaml.snakeyaml.Yaml;
/**
* This class implements the onap.policies.controlloop.Guard policy implementations.
@@ -59,14 +47,12 @@ import org.yaml.snakeyaml.Yaml;
* @author pameladragosh
*
*/
-public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicationServiceProvider {
+public class GuardPdpApplication extends StdXacmlApplicationServiceProvider {
private static final Logger LOGGER = LoggerFactory.getLogger(GuardPdpApplication.class);
private static final String STRING_VERSION100 = "1.0.0";
private Map<String, String> supportedPolicyTypes = new HashMap<>();
- private Path pathForData;
- private Properties pdpProperties = null;
- private PDPEngine pdpEngine = null;
+ private StdMetadataTranslator translator = new StdMetadataTranslator();
/** Constructor.
*
@@ -87,31 +73,6 @@ public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicati
}
@Override
- public void initialize(Path pathForData) {
- //
- // Save our path
- //
- this.pathForData = pathForData;
- LOGGER.debug("New Path is {}", this.pathForData.toAbsolutePath());
- //
- // Look for and load the properties object
- //
- try {
- pdpProperties = XacmlPolicyUtils.loadXacmlProperties(XacmlPolicyUtils.getPropertiesPath(pathForData));
- LOGGER.debug("{}", pdpProperties);
- } catch (IOException e) {
- LOGGER.error("{}", e);
- }
- //
- // Create an engine
- //
- PDPEngine newEngine = XacmlPolicyUtils.createEngine(pdpProperties);
- if (newEngine != null) {
- pdpEngine = newEngine;
- }
- }
-
- @Override
public List<String> supportedPolicyTypes() {
return Lists.newArrayList(supportedPolicyTypes.keySet());
}
@@ -137,10 +98,13 @@ public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicati
//
// Convert the policies first
//
- List<PolicyType> listPolicies = this.convertPolicies(toscaPolicies);
+ List<PolicyType> listPolicies = translator.scanAndConvertPolicies(toscaPolicies);
if (listPolicies.isEmpty()) {
throw new ToscaPolicyConversionException("Converted 0 policies");
}
+ //
+ // TODO update properties, save to disk, etc.
+ //
} catch (ToscaPolicyConversionException e) {
LOGGER.error("Failed to loadPolicies {}", e);
}
@@ -151,7 +115,7 @@ public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicati
//
// Convert to a XacmlRequest
//
- Request xacmlRequest = this.convertRequest(request);
+ Request xacmlRequest = translator.convertRequest(request);
//
// Now get a decision
//
@@ -159,113 +123,7 @@ public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicati
//
// Convert to a DecisionResponse
//
- return this.convertResponse(xacmlResponse);
- }
-
- @Override
- public List<PolicyType> convertPolicies(InputStream isToscaPolicy) throws ToscaPolicyConversionException {
- //
- // Have snakeyaml parse the object
- //
- Yaml yaml = new Yaml();
- Map<String, Object> toscaObject = yaml.load(isToscaPolicy);
- //
- // Return the policies
- //
- return scanAndConvertPolicies(toscaObject);
- }
-
- @Override
- public List<PolicyType> convertPolicies(Map<String, Object> toscaObject) throws ToscaPolicyConversionException {
- //
- // Return the policies
- //
- return scanAndConvertPolicies(toscaObject);
- }
-
- @Override
- public Request convertRequest(DecisionRequest request) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public DecisionResponse convertResponse(Response response) {
- // TODO Auto-generated method stub
- return null;
- }
-
- @SuppressWarnings("unchecked")
- private List<PolicyType> scanAndConvertPolicies(Map<String, Object> toscaObject)
- throws ToscaPolicyConversionException {
- //
- // Our return object
- //
- List<PolicyType> scannedPolicies = new ArrayList<>();
- //
- // Iterate each of the Policies
- //
- List<Object> policies = (List<Object>) toscaObject.get("policies");
- for (Object policyObject : policies) {
- //
- // Get the contents
- //
- LOGGER.debug("Found policy {}", policyObject.getClass());
- Map<String, Object> policyContents = (Map<String, Object>) policyObject;
- for (Entry<String, Object> entrySet : policyContents.entrySet()) {
- LOGGER.debug("Entry set {}", entrySet);
- //
- // Convert this policy
- //
- PolicyType policy = this.convertPolicy(entrySet);
- try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
- XACMLPolicyWriter.writePolicyFile(os, policy);
- LOGGER.debug("{}", os);
- } catch (IOException e) {
- LOGGER.error("Failed to convert {}", e);
- }
- //
- // Convert and add in the new policy
- //
- scannedPolicies.add(policy);
- }
- }
-
- return scannedPolicies;
- }
-
- private PolicyType convertPolicy(Entry<String, Object> entrySet) throws ToscaPolicyConversionException {
-
- return null;
- }
-
- /**
- * Make a decision call.
- *
- * @param request Incoming request object
- * @return Response object
- */
- private synchronized Response xacmlDecision(Request request) {
- //
- // This is what we need to return
- //
- Response response = null;
- //
- // Track some timing
- //
- long timeStart = System.currentTimeMillis();
- try {
- response = this.pdpEngine.decide(request);
- } catch (PDPException e) {
- LOGGER.error("Xacml PDP Engine failed {}", e);
- } finally {
- //
- // Track the end of timing
- //
- long timeEnd = System.currentTimeMillis();
- LOGGER.info("Elapsed Time: {}ms", (timeEnd - timeStart));
- }
- return response;
+ return translator.convertResponse(xacmlResponse);
}
}
diff --git a/applications/guard/src/main/resources/RootGuardPolicy.xml b/applications/guard/src/main/resources/RootGuardPolicy.xml
index f9f47265..cc63792f 100644
--- a/applications/guard/src/main/resources/RootGuardPolicy.xml
+++ b/applications/guard/src/main/resources/RootGuardPolicy.xml
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<PolicySet xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides" PolicySetId="urn:org:onap:guard:policy:id" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd">
+<PolicySet xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny" PolicySetId="urn:org:onap:guard:policy:id" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd">
<Description>The root policy for supporting onap.Guard policies.</Description>
<Target>
<AnyOf>
@@ -18,11 +18,4 @@
<PolicyIdReference>onap.scaleout.tca</PolicyIdReference>
<PolicySetIdReference>urn:oasis:names:tc:xacml:2.0:conformance-test:IIE001:policyset1</PolicySetIdReference>
-->
- <Policy PolicyId="default" Version="1.0" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny" >
- <Description>Default is to allow a permit - returning 0 obligations</Description>
- <Target/>
- <Rule RuleId="default" Effect="Permit">
- <Target/>
- </Rule>
- </Policy>
</PolicySet> \ No newline at end of file