diff options
Diffstat (limited to 'applications/native')
4 files changed, 103 insertions, 11 deletions
diff --git a/applications/native/src/main/java/org/onap/policy/xacml/pdp/application/nativ/NativePdpApplicationTranslator.java b/applications/native/src/main/java/org/onap/policy/xacml/pdp/application/nativ/NativePdpApplicationTranslator.java index 546c29eb..5ce25fac 100644 --- a/applications/native/src/main/java/org/onap/policy/xacml/pdp/application/nativ/NativePdpApplicationTranslator.java +++ b/applications/native/src/main/java/org/onap/policy/xacml/pdp/application/nativ/NativePdpApplicationTranslator.java @@ -27,11 +27,9 @@ import com.att.research.xacml.api.Response; import com.att.research.xacml.util.XACMLPolicyScanner; import java.io.ByteArrayInputStream; import java.io.IOException; -import java.io.InputStream; import java.nio.charset.StandardCharsets; import java.util.Base64; import java.util.Map; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; @@ -56,7 +54,7 @@ public class NativePdpApplicationTranslator implements ToscaPolicyTranslator { } @Override - public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException { + public Object convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException { // // Extract the Base64 encoded policy xml string and decode it // @@ -67,16 +65,19 @@ public class NativePdpApplicationTranslator implements ToscaPolicyTranslator { } catch (IllegalArgumentException exc) { throw new ToscaPolicyConversionException("error on Base64 decoding the native policy", exc); } - LOGGER.debug("Decoded xacml policy {}",decodedXacmlPolicy); + LOGGER.debug("Decoded xacml policy {}", decodedXacmlPolicy); // // Scan the string and convert to xacml PolicyType // - try (InputStream is = new ByteArrayInputStream(decodedXacmlPolicy.getBytes(StandardCharsets.UTF_8))) { + try (ByteArrayInputStream is = new ByteArrayInputStream(decodedXacmlPolicy.getBytes(StandardCharsets.UTF_8))) { // - // Here we assume it is PolicyType, not PolicySetType - // PolicySetType will be addressed later + // Read the Policy In // - return (PolicyType) XACMLPolicyScanner.readPolicy(is); + Object policy = XACMLPolicyScanner.readPolicy(is); + if (policy == null) { + throw new ToscaPolicyConversionException("Invalid XACML Policy"); + } + return policy; } catch (IOException exc) { throw new ToscaPolicyConversionException("Failed to read policy", exc); } diff --git a/applications/native/src/test/java/org/onap/policy/xacml/pdp/application/nativ/NativePdpApplicationTest.java b/applications/native/src/test/java/org/onap/policy/xacml/pdp/application/nativ/NativePdpApplicationTest.java index b25c2a31..a11c1b14 100644 --- a/applications/native/src/test/java/org/onap/policy/xacml/pdp/application/nativ/NativePdpApplicationTest.java +++ b/applications/native/src/test/java/org/onap/policy/xacml/pdp/application/nativ/NativePdpApplicationTest.java @@ -23,6 +23,7 @@ package org.onap.policy.xacml.pdp.application.nativ; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import com.att.research.xacml.api.Decision; import com.att.research.xacml.api.Request; @@ -30,6 +31,7 @@ import com.att.research.xacml.api.Response; import com.att.research.xacml.std.dom.DOMRequest; import com.att.research.xacml.std.dom.DOMResponse; import java.io.File; +import java.util.Map; import java.util.Properties; import java.util.ServiceLoader; import org.junit.BeforeClass; @@ -37,7 +39,14 @@ import org.junit.ClassRule; import org.junit.Test; import org.junit.rules.TemporaryFolder; import org.onap.policy.common.endpoints.parameters.RestServerParameters; +import org.onap.policy.common.utils.coder.StandardYamlCoder; +import org.onap.policy.common.utils.resources.ResourceUtils; import org.onap.policy.common.utils.resources.TextFileUtils; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; +import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate; +import org.onap.policy.models.tosca.simple.concepts.JpaToscaServiceTemplate; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider; import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; import org.onap.policy.pdp.xacml.xacmltest.TestUtils; @@ -48,6 +57,7 @@ public class NativePdpApplicationTest { private static final Logger LOGGER = LoggerFactory.getLogger(NativePdpApplicationTest.class); private static final String PERMIT = "Permit"; + private static final StandardYamlCoder yamlCoder = new StandardYamlCoder(); private static Properties properties = new Properties(); private static File propertiesFile; private static RestServerParameters clientParams = new RestServerParameters(); @@ -111,6 +121,59 @@ public class NativePdpApplicationTest { } @Test + public void testUncommon() { + NativePdpApplicationTranslator translator = new NativePdpApplicationTranslator(); + assertThatExceptionOfType(ToscaPolicyConversionException.class).isThrownBy(() -> + translator.convertRequest(null) + ).withMessageContaining("Do not call native convertRequest"); + + assertThat(translator.convertResponse(null)).isNull(); + + NativePdpApplication application = new NativePdpApplication(); + assertThat(application.canSupportPolicyType(new ToscaPolicyTypeIdentifier( + "onap.policies.native.Xacml", "1.0.0"))).isTrue(); + assertThat(application.canSupportPolicyType(new ToscaPolicyTypeIdentifier( + "onap.policies.native.SomethingElse", "1.0.0"))).isFalse(); + assertThat(application.actionDecisionsSupported()).contains("native"); + } + + @Test + public void testBadPolicies() throws Exception { + NativePdpApplicationTranslator translator = new NativePdpApplicationTranslator(); + String policyYaml = ResourceUtils.getResourceAsString("src/test/resources/policies/bad.native.policies.yaml"); + // + // Serialize it into a class + // + ToscaServiceTemplate serviceTemplate = yamlCoder.decode(policyYaml, ToscaServiceTemplate.class); + // + // Make sure all the fields are setup properly + // + JpaToscaServiceTemplate jtst = new JpaToscaServiceTemplate(); + jtst.fromAuthorative(serviceTemplate); + ToscaServiceTemplate completedJtst = jtst.toAuthorative(); + // + // Get the policies + // + for (Map<String, ToscaPolicy> policies : completedJtst.getToscaTopologyTemplate().getPolicies()) { + for (ToscaPolicy policy : policies.values()) { + if ("bad.base64".equals(policy.getName())) { + assertThatExceptionOfType(ToscaPolicyConversionException.class).isThrownBy(() -> + translator.convertPolicy(policy) + ).withMessageContaining("error on Base64 decoding the native policy"); + } else if ("bad.noproperties".equals(policy.getName())) { + assertThatExceptionOfType(ToscaPolicyConversionException.class).isThrownBy(() -> + translator.convertPolicy(policy) + ).withMessageContaining("no xacml native policy found in the tosca policy"); + } else if ("bad.policy".equals(policy.getName())) { + assertThatExceptionOfType(ToscaPolicyConversionException.class).isThrownBy(() -> + translator.convertPolicy(policy) + ).withMessageContaining("Invalid XACML Policy"); + } + } + } + } + + @Test public void testNativePolicy() throws Exception { LOGGER.info("*********** Running native policy test *************"); @@ -152,7 +215,7 @@ public class NativePdpApplicationTest { * @throws Exception on errors checking the decision * **/ - public void checkDecision(String expected, Response response) throws Exception { + private void checkDecision(String expected, Response response) throws Exception { LOGGER.info("Looking for {} Decision", expected); assertThat(response).isNotNull(); Decision decision = response.getResults().iterator().next().getDecision(); diff --git a/applications/native/src/test/resources/policies/bad.native.policies.yaml b/applications/native/src/test/resources/policies/bad.native.policies.yaml new file mode 100644 index 00000000..318b3209 --- /dev/null +++ b/applications/native/src/test/resources/policies/bad.native.policies.yaml @@ -0,0 +1,28 @@ +tosca_definitions_version: tosca_simple_yaml_1_1_0 +topology_template: + policies: + - + bad.base64: + type: onap.policies.native.Xacml + version: 1.0.0 + metadata: + policy-id: bad.base64 + policy-version: 1.0.0 + properties: + policy: "%%%%%%" + - + bad.noproperties: + type: onap.policies.native.Xacml + version: 1.0.0 + metadata: + policy-id: bad.noproperties + policy-version: 1.0.0 + - + bad.policy: + type: onap.policies.native.Xacml + version: 1.0.0 + metadata: + policy-id: bad.policy + policy-version: 1.0.0 + properties: + policy: ABC123
\ No newline at end of file diff --git a/applications/native/src/test/resources/policies/native.policy.yaml b/applications/native/src/test/resources/policies/native.policy.yaml index 00bc5db9..b9e8d60d 100644 --- a/applications/native/src/test/resources/policies/native.policy.yaml +++ b/applications/native/src/test/resources/policies/native.policy.yaml @@ -1,4 +1,4 @@ -tosca_definitions_version: tosca_simple_yaml_1_0_0 +tosca_definitions_version: tosca_simple_yaml_1_1_0 topology_template: policies: - @@ -7,6 +7,6 @@ topology_template: version: 1.0.0 metadata: policy-id: native.access.control - policy-version: 1 + policy-version: 1.0.0 properties: policy: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjxQb2xpY3kgeG1sbnM9InVybjpvYXNpczpuYW1lczp0Yzp4YWNtbDozLjA6Y29yZTpzY2hlbWE6d2QtMTciIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIFBvbGljeUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6Mi4wOmNvbmZvcm1hbmNlLXRlc3Q6SUlBMTpwb2xpY3kiIFJ1bGVDb21iaW5pbmdBbGdJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjMuMDpydWxlLWNvbWJpbmluZy1hbGdvcml0aG06ZGVueS1vdmVycmlkZXMiIFZlcnNpb249IjEuMCIgeHNpOnNjaGVtYUxvY2F0aW9uPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6My4wOnBvbGljeTpzY2hlbWE6b3MgYWNjZXNzX2NvbnRyb2wteGFjbWwtMi4wLXBvbGljeS1zY2hlbWEtb3MueHNkIj4KICAgIDxEZXNjcmlwdGlvbj4KICAgICAgICBQb2xpY3kgZm9yIENvbmZvcm1hbmNlIFRlc3QgSUlBMDAxLgogICAgPC9EZXNjcmlwdGlvbj4KICAgIDxUYXJnZXQvPgogICAgPFJ1bGUgRWZmZWN0PSJQZXJtaXQiIFJ1bGVJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjIuMDpjb25mb3JtYW5jZS10ZXN0OklJQTE6cnVsZSI+CiAgICAgICAgPERlc2NyaXB0aW9uPgogICAgICAgICAgICBKdWxpdXMgSGliYmVydCBjYW4gcmVhZCBvciB3cml0ZSBCYXJ0IFNpbXBzb24ncyBtZWRpY2FsIHJlY29yZC4KICAgICAgICA8L0Rlc2NyaXB0aW9uPgogICAgICAgIDxUYXJnZXQ+CiAgICAgICAgICAgIDxBbnlPZj4KICAgICAgICAgICAgICAgIDxBbGxPZj4KICAgICAgICAgICAgICAgICAgICA8TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmctZXF1YWwiPgogICAgICAgICAgICAgICAgICAgICAgICA8QXR0cmlidXRlVmFsdWUgRGF0YVR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyI+SnVsaXVzIEhpYmJlcnQ8L0F0dHJpYnV0ZVZhbHVlPgogICAgICAgICAgICAgICAgICAgICAgICA8QXR0cmlidXRlRGVzaWduYXRvciBBdHRyaWJ1dGVJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpzdWJqZWN0OnN1YmplY3QtaWQiIENhdGVnb3J5PSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOnN1YmplY3QtY2F0ZWdvcnk6YWNjZXNzLXN1YmplY3QiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciIE11c3RCZVByZXNlbnQ9ImZhbHNlIi8+CiAgICAgICAgICAgICAgICAgICAgPC9NYXRjaD4KICAgICAgICAgICAgICAgIDwvQWxsT2Y+CiAgICAgICAgICAgIDwvQW55T2Y+CiAgICAgICAgICAgIDxBbnlPZj4KICAgICAgICAgICAgICAgIDxBbGxPZj4KICAgICAgICAgICAgICAgICAgICA8TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjphbnlVUkktZXF1YWwiPgogICAgICAgICAgICAgICAgICAgICAgICA8QXR0cmlidXRlVmFsdWUgRGF0YVR5cGU9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI2FueVVSSSI+aHR0cDovL21lZGljby5jb20vcmVjb3JkL3BhdGllbnQvQmFydFNpbXBzb248L0F0dHJpYnV0ZVZhbHVlPgogICAgICAgICAgICAgICAgICAgICAgICA8QXR0cmlidXRlRGVzaWduYXRvciBBdHRyaWJ1dGVJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpyZXNvdXJjZTpyZXNvdXJjZS1pZCIgQ2F0ZWdvcnk9InVybjpvYXNpczpuYW1lczp0Yzp4YWNtbDozLjA6YXR0cmlidXRlLWNhdGVnb3J5OnJlc291cmNlIiBEYXRhVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiBNdXN0QmVQcmVzZW50PSJmYWxzZSIvPgogICAgICAgICAgICAgICAgICAgIDwvTWF0Y2g+CiAgICAgICAgICAgICAgICA8L0FsbE9mPgogICAgICAgICAgICA8L0FueU9mPgogICAgICAgICAgICA8QW55T2Y+CiAgICAgICAgICAgICAgICA8QWxsT2Y+CiAgICAgICAgICAgICAgICAgICAgPE1hdGNoIE1hdGNoSWQ9InVybjpvYXNpczpuYW1lczp0Yzp4YWNtbDoxLjA6ZnVuY3Rpb246c3RyaW5nLWVxdWFsIj4KICAgICAgICAgICAgICAgICAgICAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPnJlYWQ8L0F0dHJpYnV0ZVZhbHVlPgogICAgICAgICAgICAgICAgICAgICAgICA8QXR0cmlidXRlRGVzaWduYXRvciBBdHRyaWJ1dGVJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDphY3Rpb246YWN0aW9uLWlkIiBDYXRlZ29yeT0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjMuMDphdHRyaWJ1dGUtY2F0ZWdvcnk6YWN0aW9uIiBEYXRhVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIiBNdXN0QmVQcmVzZW50PSJmYWxzZSIvPgogICAgICAgICAgICAgICAgICAgIDwvTWF0Y2g+CiAgICAgICAgICAgICAgICA8L0FsbE9mPgogICAgICAgICAgICAgICAgPEFsbE9mPgogICAgICAgICAgICAgICAgICAgIDxNYXRjaCBNYXRjaElkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+CiAgICAgICAgICAgICAgICAgICAgICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj53cml0ZTwvQXR0cmlidXRlVmFsdWU+CiAgICAgICAgICAgICAgICAgICAgICAgIDxBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjphY3Rpb24taWQiIENhdGVnb3J5PSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6My4wOmF0dHJpYnV0ZS1jYXRlZ29yeTphY3Rpb24iIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciIE11c3RCZVByZXNlbnQ9ImZhbHNlIi8+CiAgICAgICAgICAgICAgICAgICAgPC9NYXRjaD4KICAgICAgICAgICAgICAgIDwvQWxsT2Y+CiAgICAgICAgICAgIDwvQW55T2Y+CiAgICAgICAgPC9UYXJnZXQ+CiAgICA8L1J1bGU+CjwvUG9saWN5Pgo=
\ No newline at end of file |