summaryrefslogtreecommitdiffstats
path: root/applications
diff options
context:
space:
mode:
Diffstat (limited to 'applications')
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactory.java38
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryException.java48
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java7
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java10
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java12
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtils.java338
-rw-r--r--applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtils.java88
-rw-r--r--applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryExceptionTest.java35
-rw-r--r--applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryTest.java38
-rw-r--r--applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtilsTest.java (renamed from applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtilsTest.java)162
-rw-r--r--applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java172
-rw-r--r--applications/guard/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider1
-rw-r--r--applications/guard/src/main/resources/RootGuardPolicy.xml28
-rw-r--r--applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java166
-rw-r--r--applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java (renamed from applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/engine/OnapXacmlPdpEngine.java)292
-rw-r--r--applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringRequest.java78
-rw-r--r--applications/monitoring/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider2
-rw-r--r--applications/monitoring/src/main/resources/RootMonitoringPolicy.xml4
-rw-r--r--applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java (renamed from applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/engine/OnapXacmlPdpEngineTest.java)131
-rw-r--r--applications/monitoring/src/test/resources/vDNS.policy.input.yaml49
20 files changed, 1274 insertions, 425 deletions
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactory.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactory.java
index 1e47c5b5..7da455c0 100644
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactory.java
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactory.java
@@ -18,7 +18,6 @@
* ============LICENSE_END=========================================================
*/
-
package org.onap.policy.pdp.xacml.application.common;
import com.att.research.xacml.std.StdStatusCode;
@@ -64,18 +63,16 @@ public class OnapPolicyFinderFactory extends PolicyFinderFactory {
private List<PolicyDef> referencedPolicies;
private boolean needsInit = true;
- private Properties properties = null;
+ private Properties properties;
/**
- * Empty constructor.
+ * Empty private constructor. We do not want to create
+ * an instance of this without giving Properties object.
+ *
+ * @throws OnapPolicyFinderFactoryException Exception will be thrown
*/
- public OnapPolicyFinderFactory() {
- logger.debug("Constructed without properties");
- //
- // Here we differ from the StdPolicyFinderFactory in that we initialize right away.
- // We do not wait for a policy request to happen to look for and load policies.
- //
- this.init();
+ public OnapPolicyFinderFactory() throws OnapPolicyFinderFactoryException {
+ throw new OnapPolicyFinderFactoryException("Please use the constructor with Properties object.");
}
/**
@@ -106,12 +103,7 @@ public class OnapPolicyFinderFactory extends PolicyFinderFactory {
* @return a <code>PolicyDef</code> loaded from the given identifier
*/
protected PolicyDef loadPolicyDef(String policyId) {
- String propLocation = null;
- if (this.properties == null) {
- propLocation = XACMLProperties.getProperty(policyId + PROP_FILE);
- } else {
- propLocation = this.properties.getProperty(policyId + PROP_FILE);
- }
+ String propLocation = this.properties.getProperty(policyId + PROP_FILE);
if (propLocation != null) {
//
// Try to load it from the file
@@ -121,11 +113,8 @@ public class OnapPolicyFinderFactory extends PolicyFinderFactory {
return policy;
}
}
- if (this.properties == null) {
- propLocation = XACMLProperties.getProperty(policyId + PROP_URL);
- } else {
- propLocation = this.properties.getProperty(policyId + PROP_URL);
- }
+
+ propLocation = this.properties.getProperty(policyId + PROP_URL);
if (propLocation != null) {
PolicyDef policy = this.loadPolicyUrlDef(propLocation);
if (policy != null) {
@@ -200,12 +189,7 @@ public class OnapPolicyFinderFactory extends PolicyFinderFactory {
* @return a <code>List</code> of <code>PolicyDef</code>s loaded from the given property name
*/
protected List<PolicyDef> getPolicyDefs(String propertyName) {
- String policyIds;
- if (this.properties != null) {
- policyIds = this.properties.getProperty(propertyName);
- } else {
- policyIds = XACMLProperties.getProperty(propertyName);
- }
+ String policyIds = this.properties.getProperty(propertyName);
if (Strings.isNullOrEmpty(policyIds)) {
return Collections.emptyList();
}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryException.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryException.java
new file mode 100644
index 00000000..a42b3a5f
--- /dev/null
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryException.java
@@ -0,0 +1,48 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.policy.pdp.xacml.application.common;
+
+public class OnapPolicyFinderFactoryException extends Exception {
+
+ private static final long serialVersionUID = -1643639780835366726L;
+
+ public OnapPolicyFinderFactoryException() {
+ super();
+ }
+
+ public OnapPolicyFinderFactoryException(String message) {
+ super(message);
+ }
+
+ public OnapPolicyFinderFactoryException(Throwable cause) {
+ super(cause);
+ }
+
+ public OnapPolicyFinderFactoryException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public OnapPolicyFinderFactoryException(String message, Throwable cause, boolean enableSuppression,
+ boolean writableStackTrace) {
+ super(message, cause, enableSuppression, writableStackTrace);
+ }
+
+}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java
index c65d7a17..785ed9a8 100644
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionary.java
@@ -28,10 +28,6 @@ import com.att.research.xacml.std.IdentifierImpl;
public final class ToscaDictionary {
- private ToscaDictionary() {
- super();
- }
-
/*
* These are the ID's for various TOSCA Policy Types we are supporting in the Applications.
*/
@@ -65,5 +61,8 @@ public final class ToscaDictionary {
public static final Identifier ID_OBLIGATION_ISSUER =
new IdentifierImpl(URN_ONAP, "issuer:monitoring");
+ private ToscaDictionary() {
+ super();
+ }
}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java
index f6f75a4c..8852eb08 100644
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverter.java
@@ -22,15 +22,25 @@
package org.onap.policy.pdp.xacml.application.common;
+import com.att.research.xacml.api.Request;
+import com.att.research.xacml.api.Response;
+
import java.io.InputStream;
import java.util.List;
import java.util.Map;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
+import org.onap.policy.models.decisions.concepts.DecisionRequest;
+import org.onap.policy.models.decisions.concepts.DecisionResponse;
+
public interface ToscaPolicyConverter {
List<PolicyType> convertPolicies(InputStream isToscaPolicy) throws ToscaPolicyConversionException;
List<PolicyType> convertPolicies(Map<String, Object> toscaObject) throws ToscaPolicyConversionException;
+
+ Request convertRequest(DecisionRequest request);
+
+ DecisionResponse convertResponse(Response response);
}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java
index 65648ea8..2ddcd027 100644
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java
@@ -25,7 +25,8 @@ import java.nio.file.Path;
import java.util.List;
import java.util.Map;
-import org.json.JSONObject;
+import org.onap.policy.models.decisions.concepts.DecisionRequest;
+import org.onap.policy.models.decisions.concepts.DecisionResponse;
/**
* This interface is how the XACML REST controller can communicate
@@ -87,12 +88,9 @@ public interface XacmlApplicationServiceProvider {
/**
* Makes a decision given the incoming request and returns a response.
*
- * <P>NOTE: I may want to change this to an object that represents the
- * schema.
- *
- * @param jsonSchema Incoming Json
- * @return response
+ * @param request Incoming DecisionRequest object
+ * @return response Responding DecisionResponse object
*/
- JSONObject makeDecision(JSONObject jsonSchema);
+ DecisionResponse makeDecision(DecisionRequest request);
}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtils.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtils.java
new file mode 100644
index 00000000..19adaf6c
--- /dev/null
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtils.java
@@ -0,0 +1,338 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP
+ * ================================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.policy.pdp.xacml.application.common;
+
+import com.att.research.xacml.api.Identifier;
+import com.att.research.xacml.api.pdp.PDPEngine;
+import com.att.research.xacml.api.pdp.PDPEngineFactory;
+import com.att.research.xacml.util.FactoryException;
+import com.att.research.xacml.util.XACMLProperties;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.Properties;
+import java.util.Set;
+import java.util.StringJoiner;
+import java.util.stream.Collectors;
+
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.IdReferenceType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySetType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class XacmlPolicyUtils {
+
+ private static final Logger LOGGER = LoggerFactory.getLogger(XacmlPolicyUtils.class);
+
+ private XacmlPolicyUtils() {
+ super();
+ }
+
+ /**
+ * Creates an empty PolicySetType object given the id and combining algorithm. Note,there
+ * will also be an empty Target created. You can easily override that if need be.
+ *
+ * @param policyId Policy Id
+ * @param policyCombiningAlgorithm Policy Combining Algorithm
+ * @return PolicySetType object
+ */
+ public static PolicySetType createEmptyPolicySet(String policyId, Identifier policyCombiningAlgorithm) {
+ PolicySetType policy = new PolicySetType();
+ policy.setPolicySetId(policyId);
+ policy.setPolicyCombiningAlgId(policyCombiningAlgorithm.stringValue());
+ policy.setTarget(new TargetType());
+ return policy;
+ }
+
+ /**
+ * Creates an empty PolicySetType object given the id and combining algorithm. Note,there
+ * will also be an empty Target created. You can easily override that if need be.
+ *
+ * @param policyId Policy Id
+ * @param ruleCombiningAlgorithm Rule Combining Algorithm
+ * @return PolicyType object
+ */
+ public static PolicyType createEmptyPolicy(String policyId, Identifier ruleCombiningAlgorithm) {
+ PolicyType policy = new PolicyType();
+ policy.setPolicyId(policyId);
+ policy.setRuleCombiningAlgId(ruleCombiningAlgorithm.stringValue());
+ policy.setTarget(new TargetType());
+ return policy;
+ }
+
+ /**
+ * This method adds a list of PolicyType objects to a root PolicySetType as
+ * referenced policies.
+ *
+ * @param rootPolicy Root PolicySet being updated
+ * @param referencedPolicies A list of PolicyType being added as a references
+ * @return the rootPolicy PolicySet object
+ */
+ public static PolicySetType addPoliciesToXacmlRootPolicy(PolicySetType rootPolicy,
+ PolicyType... referencedPolicies) {
+ ObjectFactory factory = new ObjectFactory();
+ //
+ // Iterate each policy
+ //
+ for (PolicyType referencedPolicy : referencedPolicies) {
+ IdReferenceType reference = new IdReferenceType();
+ reference.setValue(referencedPolicy.getPolicyId());
+ //
+ // Add it in
+ //
+ rootPolicy.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicyIdReference(reference));
+ }
+ //
+ // Return the updated object
+ //
+ return rootPolicy;
+ }
+
+ /**
+ * This method updates a root PolicySetType by adding in a PolicyType as a reference.
+ *
+ * @param rootPolicy Root PolicySet being updated
+ * @param referencedPolicySets A list of PolicySetType being added as a references
+ * @return the rootPolicy PolicySet object
+ */
+ public static PolicySetType addPolicySetsToXacmlRootPolicy(PolicySetType rootPolicy,
+ PolicySetType... referencedPolicySets) {
+ ObjectFactory factory = new ObjectFactory();
+ //
+ // Iterate each policy
+ //
+ for (PolicySetType referencedPolicySet : referencedPolicySets) {
+ IdReferenceType reference = new IdReferenceType();
+ reference.setValue(referencedPolicySet.getPolicySetId());
+ //
+ // Add it in
+ //
+ rootPolicy.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicySetIdReference(reference));
+ }
+ //
+ // Return the updated object
+ //
+ return rootPolicy;
+ }
+
+ /**
+ * Adds in the referenced policy to the PDP properties object.
+ *
+ * @param properties Input properties
+ * @param refPolicyPath Path to the referenced policy file
+ * @return Properties object
+ */
+ public static Properties addReferencedPolicy(Properties properties, Path refPolicyPath) {
+ //
+ // Get the current set of referenced policy ids
+ //
+ Set<String> referencedPolicies = XACMLProperties.getReferencedPolicyIDs(properties);
+ //
+ // Construct a unique id
+ //
+ int id = 1;
+ while (true) {
+ String refId = "ref" + id;
+ if (referencedPolicies.contains(refId)) {
+ id++;
+ } else {
+ referencedPolicies.add(refId);
+ properties.put(refId + ".file", refPolicyPath.toAbsolutePath().toString());
+ break;
+ }
+ }
+ //
+ // Set the new comma separated list
+ //
+ properties.setProperty(XACMLProperties.PROP_REFERENCEDPOLICIES,
+ referencedPolicies.stream().collect(Collectors.joining(",")));
+ return properties;
+ }
+
+ /**
+ * Removes a referenced policy from the Properties object. Both in the line
+ * that identifies the policy and the .file property that points to the path.
+ *
+ * @param properties Input Properties object to remove
+ * @param refPolicyPath The policy file path
+ * @return Properties object
+ */
+ public static Properties removeReferencedPolicy(Properties properties, Path refPolicyPath) {
+ //
+ // Get the current set of referenced policy ids
+ //
+ StringJoiner join = new StringJoiner(",");
+ boolean found = false;
+ Set<String> referencedPolicies = XACMLProperties.getReferencedPolicyIDs(properties);
+ for (String refPolicy : referencedPolicies) {
+ String refPolicyFile = refPolicy + ".file";
+ //
+ // If the key and value match, then it will return true
+ //
+ if (properties.remove(refPolicyFile, refPolicyPath.toString())) {
+ //
+ // Record that we actually removed it
+ //
+ found = true;
+ } else {
+ //
+ // Retain it
+ //
+ join.add(refPolicy);
+ }
+ }
+ //
+ // Did we remove it?
+ //
+ if (found) {
+ //
+ // Now update the list of referenced properties
+ //
+ properties.setProperty(XACMLProperties.PROP_REFERENCEDPOLICIES, join.toString());
+ }
+ return properties;
+ }
+
+ /**
+ * Does a debug dump of referenced and root policy values.
+ *
+ * @param properties Input Properties object
+ * @param logger Logger object to use
+ */
+ public static void debugDumpPolicyProperties(Properties properties, Logger logger) {
+ //
+ // I hate surrounding this all with an if, but by
+ // doing so I clear sonar issues with passing System.lineSeparator()
+ // as an argument.
+ //
+ if (logger.isDebugEnabled()) {
+ //
+ // Get the current set of referenced policy ids
+ //
+ Set<String> rootPolicies = XACMLProperties.getRootPolicyIDs(properties);
+ logger.debug("Root Policies: {}", properties.getProperty(XACMLProperties.PROP_ROOTPOLICIES));
+ for (String root : rootPolicies) {
+ logger.debug("{}", properties.getProperty(root + ".file", "NOT FOUND"));
+ }
+ //
+ // Get the current set of referenced policy ids
+ //
+ Set<String> referencedPolicies = XACMLProperties.getReferencedPolicyIDs(properties);
+ logger.debug("Referenced Policies: {}", properties.getProperty(XACMLProperties.PROP_REFERENCEDPOLICIES));
+ for (String ref : referencedPolicies) {
+ logger.debug("{}", properties.getProperty(ref + ".file", "NOT FOUND"));
+ }
+ }
+ }
+
+ /**
+ * Constructs a unique policy filename for a given policy.
+ *
+ * <P>It could be dangerous to use policy-id and policy-version if the user
+ * gives us an invalid policy-id and policy-versions.
+ *
+ * <P>Should we append a UUID also to guarantee uniqueness?
+ *
+ * <P>How do we track that in case we need to know what policies we have loaded?
+ *
+ * @param policy PolicyType object
+ * @param path Path for policy
+ * @return Path unique file path for the Policy
+ */
+ public static Path constructUniquePolicyFilename(PolicyType policy, Path path) {
+ //
+ //
+ // Can it be possible to produce an invalid filename?
+ // Should we insert a UUID
+ //
+ String filename = policy.getPolicyId() + "_" + policy.getVersion() + ".xml";
+ //
+ // Construct the Path
+ //
+ return Paths.get(path.toAbsolutePath().toString(), filename);
+ }
+
+ /**
+ * Load properties from given file.
+ *
+ * @throws IOException If unable to read file
+ */
+ public static Properties loadXacmlProperties(Path propertyPath) throws IOException {
+ LOGGER.debug("Loading xacml properties {}", propertyPath);
+ try (InputStream is = Files.newInputStream(propertyPath)) {
+ Properties properties = new Properties();
+ properties.load(is);
+ return properties;
+ }
+ }
+
+ /**
+ * Stores the XACML Properties to the given file location.
+ *
+ * @throws IOException If unable to store the file.
+ */
+ public static void storeXacmlProperties(Properties properties, Path propertyPath) throws IOException {
+ try (OutputStream os = Files.newOutputStream(propertyPath)) {
+ String strComments = "#";
+ properties.store(os, strComments);
+ }
+ }
+
+ /**
+ * Appends 'xacml.properties' to a root Path object
+ *
+ * @param rootPath Root Path object
+ * @return Path to rootPath/xacml.properties file
+ */
+ public static Path getPropertiesPath(Path rootPath) {
+ return Paths.get(rootPath.toAbsolutePath().toString(), "xacml.properties");
+ }
+
+
+ /**
+ * Creates an instance of PDP engine given the Properties object.
+ *
+ * @param properties Incoming Properties object
+ * @return PDPEngine instance or null if failed
+ */
+ public static PDPEngine createEngine(Properties properties) {
+ //
+ // Now initialize the XACML PDP Engine
+ //
+ try {
+ PDPEngineFactory factory = PDPEngineFactory.newInstance();
+ return factory.newEngine(properties);
+ } catch (FactoryException e) {
+ LOGGER.error("Failed to create XACML PDP Engine {}", e);
+ }
+ return null;
+ }
+}
diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtils.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtils.java
deleted file mode 100644
index 957242c5..00000000
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtils.java
+++ /dev/null
@@ -1,88 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * ONAP
- * ================================================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * SPDX-License-Identifier: Apache-2.0
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.policy.pdp.xacml.application.common;
-
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.IdReferenceType;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySetType;
-import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
-
-public class XacmlUpdatePolicyUtils {
-
- private XacmlUpdatePolicyUtils() {
- super();
- }
-
- /**
- * This method updates a root PolicySetType by adding in a PolicyType as a reference.
- *
- * @param rootPolicy Root PolicySet being updated
- * @param referencedPolicies A list of PolicyType being added as a references
- * @return the rootPolicy PolicySet object
- */
- public static PolicySetType updateXacmlRootPolicy(PolicySetType rootPolicy, PolicyType... referencedPolicies) {
- ObjectFactory factory = new ObjectFactory();
- //
- // Iterate each policy
- //
- for (PolicyType referencedPolicy : referencedPolicies) {
- IdReferenceType reference = new IdReferenceType();
- reference.setValue(referencedPolicy.getPolicyId());
- //
- // Add it in
- //
- rootPolicy.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicySetIdReference(reference));
- }
- //
- // Return the updated object
- //
- return rootPolicy;
- }
-
- /**
- * This method updates a root PolicySetType by adding in a PolicyType as a reference.
- *
- * @param rootPolicy Root PolicySet being updated
- * @param referencedPolicySets A list of PolicySetType being added as a references
- * @return the rootPolicy PolicySet object
- */
- public static PolicySetType updateXacmlRootPolicy(PolicySetType rootPolicy, PolicySetType... referencedPolicySets) {
- ObjectFactory factory = new ObjectFactory();
- //
- // Iterate each policy
- //
- for (PolicySetType referencedPolicySet : referencedPolicySets) {
- IdReferenceType reference = new IdReferenceType();
- reference.setValue(referencedPolicySet.getPolicySetId());
- //
- // Add it in
- //
- rootPolicy.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicySetIdReference(reference));
- }
- //
- // Return the updated object
- //
- return rootPolicy;
- }
-
-}
diff --git a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryExceptionTest.java b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryExceptionTest.java
new file mode 100644
index 00000000..86708284
--- /dev/null
+++ b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryExceptionTest.java
@@ -0,0 +1,35 @@
+/*
+ * ============LICENSE_START=======================================================
+ * ONAP
+ * ================================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.policy.pdp.xacml.application.common;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.Test;
+import org.onap.policy.common.utils.test.ExceptionsTester;
+
+public class OnapPolicyFinderFactoryExceptionTest {
+
+ @Test
+ public void test() {
+ assertEquals(5, new ExceptionsTester().test(OnapPolicyFinderFactoryException.class));
+ }
+
+}
diff --git a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryTest.java b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryTest.java
new file mode 100644
index 00000000..5cd1cdc7
--- /dev/null
+++ b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/OnapPolicyFinderFactoryTest.java
@@ -0,0 +1,38 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP
+ * ================================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.policy.pdp.xacml.application.common;
+
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
+
+import org.junit.Test;
+
+public class OnapPolicyFinderFactoryTest {
+
+ @Test
+ public void test() throws NoSuchMethodException, SecurityException {
+ assertThatExceptionOfType(OnapPolicyFinderFactoryException.class).isThrownBy(() -> {
+ new OnapPolicyFinderFactory();
+ }).withMessageContaining("Please use the constructor with Properties object.");
+ }
+
+}
diff --git a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtilsTest.java b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtilsTest.java
index 84fefa5c..57800d9e 100644
--- a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtilsTest.java
+++ b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlPolicyUtilsTest.java
@@ -22,11 +22,11 @@
package org.onap.policy.pdp.xacml.application.common;
+import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatCode;
import com.att.research.xacml.api.XACML3;
import com.att.research.xacml.util.XACMLPolicyWriter;
-import com.att.research.xacml.util.XACMLProperties;
import java.io.ByteArrayOutputStream;
import java.io.File;
@@ -36,8 +36,9 @@ import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.Path;
-import java.util.Map.Entry;
+import java.nio.file.Paths;
import java.util.Properties;
+
import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.EffectType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType;
@@ -46,6 +47,7 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySetType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType;
+
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Test;
@@ -60,22 +62,27 @@ import org.slf4j.LoggerFactory;
* @author pameladragosh
*
*/
-public class XacmlUpdatePolicyUtilsTest {
- private static final Logger LOGGER = LoggerFactory.getLogger(XacmlUpdatePolicyUtilsTest.class);
+public class XacmlPolicyUtilsTest {
+ private static final Logger LOGGER = LoggerFactory.getLogger(XacmlPolicyUtilsTest.class);
static Properties properties;
- static PolicySetType rootPolicy = new PolicySetType();
+ static PolicySetType rootPolicy = XacmlPolicyUtils.createEmptyPolicySet("root", XACML3.ID_POLICY_FIRST_APPLICABLE);
static Path rootPath;
- static PolicyType policy1 = new PolicyType();
- static PolicyType policy2 = new PolicyType();
+ static PolicyType policy1 = XacmlPolicyUtils.createEmptyPolicy("policy1", XACML3.ID_RULE_DENY_UNLESS_PERMIT);
+ static PolicyType policy2 = XacmlPolicyUtils.createEmptyPolicy("policy2", XACML3.ID_RULE_DENY_UNLESS_PERMIT);
+ static PolicyType policy3 = XacmlPolicyUtils.createEmptyPolicy("policy3", XACML3.ID_RULE_DENY_UNLESS_PERMIT);
+ static PolicyType policy4 = XacmlPolicyUtils.createEmptyPolicy("policy4", XACML3.ID_RULE_DENY_UNLESS_PERMIT);
- static PolicySetType policySet3 = new PolicySetType();
+ static PolicySetType policySet5 = XacmlPolicyUtils.createEmptyPolicySet(
+ "policyset1", XACML3.ID_POLICY_FIRST_APPLICABLE);
static Path path1;
static Path path2;
+ static Path path3;
+ static Path path4;
static Path policySetPath;
@@ -86,7 +93,8 @@ public class XacmlUpdatePolicyUtilsTest {
public static TemporaryFolder policyFolder = new TemporaryFolder();
/**
- * Setup the JUnit tests.
+ * Setup the JUnit tests by finishing creating the policies and
+ * writing them out to the temporary folder.
*
* @throws Exception thrown
*/
@@ -101,43 +109,59 @@ public class XacmlUpdatePolicyUtilsTest {
properties.load(is);
}
//
- // Create a very basic Root policy
+ // Save root policy
//
- rootPolicy.setPolicySetId("root");
- rootPolicy.setTarget(new TargetType());
- rootPolicy.setPolicyCombiningAlgId(XACML3.ID_POLICY_FIRST_APPLICABLE.stringValue());
File rootFile = policyFolder.newFile("root.xml");
LOGGER.info("Creating Root Policy {}", rootFile.getAbsolutePath());
rootPath = XACMLPolicyWriter.writePolicyFile(rootFile.toPath(), rootPolicy);
//
- // Create policies
+ // Create policies - Policies 1 and 2 will become references in the
+ // root policy. While Policies 3 and 4 will become references in the
+ // soon to be created PolicySet 5 below.
//
- path1 = createPolicy(policy1, "policy1", "resource1");
+ path1 = createPolicyContents(policy1, "resource1");
LOGGER.info(new String(Files.readAllBytes(path1)));
- path2 = createPolicy(policy2, "policy2", "resource2");
+ path2 = createPolicyContents(policy2, "resource2");
LOGGER.info(new String(Files.readAllBytes(path2)));
+ path3 = createPolicyContents(policy3, "resourc31");
+ LOGGER.info(new String(Files.readAllBytes(path3)));
+ path4 = createPolicyContents(policy4, "resource4");
+ LOGGER.info(new String(Files.readAllBytes(path4)));
//
- // Create another PolicySet
+ // Create our PolicySet
//
- policySet3.setPolicySetId("policyset1");
- policySet3.setTarget(new TargetType());
- policySet3.setPolicyCombiningAlgId(XACML3.ID_POLICY_FIRST_APPLICABLE.stringValue());
+ policySet5.setPolicySetId("policyset5");
+ policySet5.setTarget(new TargetType());
+ policySet5.setPolicyCombiningAlgId(XACML3.ID_POLICY_FIRST_APPLICABLE.stringValue());
ObjectFactory factory = new ObjectFactory();
-
- policySet3.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicy(policy1));
- policySet3.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicy(policy2));
- File policySetFile = policyFolder.newFile("policySet1.xml");
+ //
+ // Add Policies 3 and 4 to the PolicySet
+ //
+ policySet5.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicy(policy1));
+ policySet5.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicy(policy2));
+ assertThat(policySet5.getPolicySetOrPolicyOrPolicySetIdReference()).hasSize(2);
+ //
+ // Save that to disk
+ //
+ File policySetFile = policyFolder.newFile("policySet5.xml");
LOGGER.info("Creating PolicySet {}", policySetFile.getAbsolutePath());
- policySetPath = XACMLPolicyWriter.writePolicyFile(policySetFile.toPath(), policySet3);
+ policySetPath = XACMLPolicyWriter.writePolicyFile(policySetFile.toPath(), policySet5);
}).doesNotThrowAnyException();
}
- private static Path createPolicy(PolicyType policy, String id, String resource) throws IOException {
+ /**
+ * Helper method that creates a very simple Policy and Rule and saves it to disk.
+ *
+ * @param policy Policy to store contents in
+ * @param resource A simple resource id for the Target
+ * @return Path object of the policy
+ * @throws IOException If unable to write to disk
+ */
+ private static Path createPolicyContents(PolicyType policy, String resource) throws IOException {
//
- // Create Policy 1
+ // Create The Match
//
- policy.setPolicyId(id);
MatchType matchPolicyId = ToscaPolicyConverterUtils.buildMatchTypeDesignator(
XACML3.ID_FUNCTION_STRING_EQUAL,
resource,
@@ -164,7 +188,7 @@ public class XacmlUpdatePolicyUtilsTest {
//
policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule);
//
- // Create a file
+ // Save it to disk
//
File file = policyFolder.newFile(policy.getPolicyId() + ".xml");
LOGGER.info("Creating Policy {}", file.getAbsolutePath());
@@ -172,55 +196,69 @@ public class XacmlUpdatePolicyUtilsTest {
}
@Test
- public void test() {
+ public void testUpdatingPolicies() {
assertThatCode(() -> {
//
// Just update root and policies
//
- XacmlUpdatePolicyUtils.updateXacmlRootPolicy(rootPolicy, policy1, policy2);
- try (OutputStream os = new ByteArrayOutputStream()) {
- XACMLPolicyWriter.writePolicyFile(os, rootPolicy);
- LOGGER.debug("New Root Policy:{}{}", System.lineSeparator(), os.toString());
- }
+ XacmlPolicyUtils.addPoliciesToXacmlRootPolicy(rootPolicy, policy1, policy2);
//
- // Test updating the properties
+ // Make sure it is correct
//
- XACMLProperties.setXacmlRootProperties(properties, rootPath);
- XACMLProperties.setXacmlReferencedProperties(properties, path1, path2);
+ assertThat(rootPolicy.getPolicySetOrPolicyOrPolicySetIdReference()).hasSize(2);
//
- // Dump this out so I can see what I'm doing
+ // Save to disk
//
- for (Entry<Object, Object> entry : properties.entrySet()) {
- LOGGER.info("{}={}", entry.getKey(), entry.getValue());
+ try (OutputStream os = new ByteArrayOutputStream()) {
+ XACMLPolicyWriter.writePolicyFile(os, rootPolicy);
+ LOGGER.debug("New Root Policy:{}{}", System.lineSeparator(), os.toString());
}
- LOGGER.info("Properties {}", properties.toString());
- //
- // Somehow I have to figure out how to test this in assertj
- //
//
// Just update root and PolicySet
//
- XacmlUpdatePolicyUtils.updateXacmlRootPolicy(rootPolicy, policySet3);
+ XacmlPolicyUtils.addPolicySetsToXacmlRootPolicy(rootPolicy, policySet5);
try (OutputStream os = new ByteArrayOutputStream()) {
XACMLPolicyWriter.writePolicyFile(os, rootPolicy);
LOGGER.debug("New Root Policy:{}{}", System.lineSeparator(), os.toString());
}
- //
- // Test updating the properties
- //
- XACMLProperties.setXacmlRootProperties(properties, rootPath);
- XACMLProperties.setXacmlReferencedProperties(properties, policySetPath);
- //
- // Dump this out so I can see what I'm doing
- //
- for (Entry<Object, Object> entry : properties.entrySet()) {
- LOGGER.info("{}={}", entry.getKey(), entry.getValue());
- }
- LOGGER.info("Properties {}", properties.toString());
- //
- // Somehow I have to figure out how to test this in assertj
- //
-
}).doesNotThrowAnyException();
}
+
+ @Test
+ public void testRemovingProperties() {
+ //
+ // Dump what we are starting with
+ //
+ XacmlPolicyUtils.debugDumpPolicyProperties(properties, LOGGER);
+ //
+ // Remove referenced policies
+ //
+ Path ref = Paths.get("src/test/resources/ref1.xml");
+ XacmlPolicyUtils.removeReferencedPolicy(properties, ref);
+ XacmlPolicyUtils.debugDumpPolicyProperties(properties, LOGGER);
+ assertThat(properties.getProperty("refstart1.file")).isNullOrEmpty();
+
+ ref = Paths.get("src/test/resources/ref2.xml");
+ XacmlPolicyUtils.removeReferencedPolicy(properties, ref);
+ XacmlPolicyUtils.debugDumpPolicyProperties(properties, LOGGER);
+ assertThat(properties.getProperty("refstart2.file")).isNullOrEmpty();
+
+ //
+ // Test one that isn't in there
+ //
+ ref = Paths.get("src/test/resources/NotThere.xml");
+ XacmlPolicyUtils.removeReferencedPolicy(properties, ref);
+ XacmlPolicyUtils.debugDumpPolicyProperties(properties, LOGGER);
+ assertThat(properties.getProperty("refstart3.file")).isNotBlank();
+
+ ref = Paths.get("src/test/resources/ref3.xml");
+ XacmlPolicyUtils.removeReferencedPolicy(properties, ref);
+ XacmlPolicyUtils.debugDumpPolicyProperties(properties, LOGGER);
+ assertThat(properties.getProperty("refstart3.file")).isNullOrEmpty();
+
+ ref = Paths.get("src/test/resources/ref4.xml");
+ XacmlPolicyUtils.removeReferencedPolicy(properties, ref);
+ XacmlPolicyUtils.debugDumpPolicyProperties(properties, LOGGER);
+ assertThat(properties.getProperty("refstart4.file")).isNullOrEmpty();
+ }
}
diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
index e8a51136..2717c279 100644
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplication.java
@@ -22,18 +22,36 @@
package org.onap.policy.xacml.pdp.application.guard;
+import com.att.research.xacml.api.Request;
+import com.att.research.xacml.api.Response;
+import com.att.research.xacml.api.pdp.PDPEngine;
+import com.att.research.xacml.api.pdp.PDPException;
+import com.att.research.xacml.util.XACMLPolicyWriter;
import com.google.common.collect.Lists;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
import java.nio.file.Path;
+import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Properties;
-import org.json.JSONObject;
+import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
+
+import org.onap.policy.models.decisions.concepts.DecisionRequest;
+import org.onap.policy.models.decisions.concepts.DecisionResponse;
+import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
+import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConverter;
import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
+import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.yaml.snakeyaml.Yaml;
/**
* This class implements the onap.policies.controlloop.Guard policy implementations.
@@ -41,12 +59,14 @@ import org.slf4j.LoggerFactory;
* @author pameladragosh
*
*/
-public class GuardPdpApplication implements XacmlApplicationServiceProvider {
+public class GuardPdpApplication implements ToscaPolicyConverter, XacmlApplicationServiceProvider {
private static final Logger LOGGER = LoggerFactory.getLogger(GuardPdpApplication.class);
private static final String STRING_VERSION100 = "1.0.0";
private Map<String, String> supportedPolicyTypes = new HashMap<>();
private Path pathForData;
+ private Properties pdpProperties = null;
+ private PDPEngine pdpEngine = null;
/** Constructor.
*
@@ -69,10 +89,26 @@ public class GuardPdpApplication implements XacmlApplicationServiceProvider {
@Override
public void initialize(Path pathForData) {
//
- // Save the path
+ // Save our path
//
this.pathForData = pathForData;
LOGGER.debug("New Path is {}", this.pathForData.toAbsolutePath());
+ //
+ // Look for and load the properties object
+ //
+ try {
+ pdpProperties = XacmlPolicyUtils.loadXacmlProperties(XacmlPolicyUtils.getPropertiesPath(pathForData));
+ LOGGER.debug("{}", pdpProperties);
+ } catch (IOException e) {
+ LOGGER.error("{}", e);
+ }
+ //
+ // Create an engine
+ //
+ PDPEngine newEngine = XacmlPolicyUtils.createEngine(pdpProperties);
+ if (newEngine != null) {
+ pdpEngine = newEngine;
+ }
}
@Override
@@ -97,11 +133,139 @@ public class GuardPdpApplication implements XacmlApplicationServiceProvider {
@Override
public void loadPolicies(Map<String, Object> toscaPolicies) {
+ try {
+ //
+ // Convert the policies first
+ //
+ List<PolicyType> listPolicies = this.convertPolicies(toscaPolicies);
+ if (listPolicies.isEmpty()) {
+ throw new ToscaPolicyConversionException("Converted 0 policies");
+ }
+ } catch (ToscaPolicyConversionException e) {
+ LOGGER.error("Failed to loadPolicies {}", e);
+ }
+ }
+
+ @Override
+ public DecisionResponse makeDecision(DecisionRequest request) {
+ //
+ // Convert to a XacmlRequest
+ //
+ Request xacmlRequest = this.convertRequest(request);
+ //
+ // Now get a decision
+ //
+ Response xacmlResponse = this.xacmlDecision(xacmlRequest);
+ //
+ // Convert to a DecisionResponse
+ //
+ return this.convertResponse(xacmlResponse);
+ }
+
+ @Override
+ public List<PolicyType> convertPolicies(InputStream isToscaPolicy) throws ToscaPolicyConversionException {
+ //
+ // Have snakeyaml parse the object
+ //
+ Yaml yaml = new Yaml();
+ Map<String, Object> toscaObject = yaml.load(isToscaPolicy);
+ //
+ // Return the policies
+ //
+ return scanAndConvertPolicies(toscaObject);
+ }
+
+ @Override
+ public List<PolicyType> convertPolicies(Map<String, Object> toscaObject) throws ToscaPolicyConversionException {
+ //
+ // Return the policies
+ //
+ return scanAndConvertPolicies(toscaObject);
}
@Override
- public JSONObject makeDecision(JSONObject jsonSchema) {
+ public Request convertRequest(DecisionRequest request) {
+ // TODO Auto-generated method stub
return null;
}
+ @Override
+ public DecisionResponse convertResponse(Response response) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ private List<PolicyType> scanAndConvertPolicies(Map<String, Object> toscaObject)
+ throws ToscaPolicyConversionException {
+ //
+ // Our return object
+ //
+ List<PolicyType> scannedPolicies = new ArrayList<>();
+ //
+ // Iterate each of the Policies
+ //
+ List<Object> policies = (List<Object>) toscaObject.get("policies");
+ for (Object policyObject : policies) {
+ //
+ // Get the contents
+ //
+ LOGGER.debug("Found policy {}", policyObject.getClass());
+ Map<String, Object> policyContents = (Map<String, Object>) policyObject;
+ for (Entry<String, Object> entrySet : policyContents.entrySet()) {
+ LOGGER.debug("Entry set {}", entrySet);
+ //
+ // Convert this policy
+ //
+ PolicyType policy = this.convertPolicy(entrySet);
+ try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
+ XACMLPolicyWriter.writePolicyFile(os, policy);
+ LOGGER.debug("{}", os);
+ } catch (IOException e) {
+ LOGGER.error("Failed to convert {}", e);
+ }
+ //
+ // Convert and add in the new policy
+ //
+ scannedPolicies.add(policy);
+ }
+ }
+
+ return scannedPolicies;
+ }
+
+ private PolicyType convertPolicy(Entry<String, Object> entrySet) throws ToscaPolicyConversionException {
+
+ return null;
+ }
+
+ /**
+ * Make a decision call.
+ *
+ * @param request Incoming request object
+ * @return Response object
+ */
+ private synchronized Response xacmlDecision(Request request) {
+ //
+ // This is what we need to return
+ //
+ Response response = null;
+ //
+ // Track some timing
+ //
+ long timeStart = System.currentTimeMillis();
+ try {
+ response = this.pdpEngine.decide(request);
+ } catch (PDPException e) {
+ LOGGER.error("Xacml PDP Engine failed {}", e);
+ } finally {
+ //
+ // Track the end of timing
+ //
+ long timeEnd = System.currentTimeMillis();
+ LOGGER.info("Elapsed Time: {}ms", (timeEnd - timeStart));
+ }
+ return response;
+ }
+
}
diff --git a/applications/guard/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider b/applications/guard/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider
new file mode 100644
index 00000000..93084459
--- /dev/null
+++ b/applications/guard/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider
@@ -0,0 +1 @@
+org.onap.policy.xacml.pdp.application.guard.GuardPdpApplication \ No newline at end of file
diff --git a/applications/guard/src/main/resources/RootGuardPolicy.xml b/applications/guard/src/main/resources/RootGuardPolicy.xml
new file mode 100644
index 00000000..f9f47265
--- /dev/null
+++ b/applications/guard/src/main/resources/RootGuardPolicy.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<PolicySet xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" PolicyCombiningAlgId="urn:oasis:names:tc:xacml:3.0:policy-combining-algorithm:deny-overrides" PolicySetId="urn:org:onap:guard:policy:id" Version="1.0" xsi:schemaLocation="urn:oasis:names:tc:xacml:3.0:policy:schema:os access_control-xacml-2.0-policy-schema-os.xsd">
+ <Description>The root policy for supporting onap.Guard policies.</Description>
+ <Target>
+ <AnyOf>
+ <AllOf>
+ <Match MatchId="urn:oasis:names:tc:xacml:3.0:function:string-equal-ignore-case">
+ <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">guard</AttributeValue>
+ <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
+ </Match>
+ </AllOf>
+ </AnyOf>
+ </Target>
+ <!--
+
+ New Policies created from TOSCA policies can be stored like this.
+
+ <PolicyIdReference>onap.scaleout.tca</PolicyIdReference>
+ <PolicySetIdReference>urn:oasis:names:tc:xacml:2.0:conformance-test:IIE001:policyset1</PolicySetIdReference>
+ -->
+ <Policy PolicyId="default" Version="1.0" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:permit-unless-deny" >
+ <Description>Default is to allow a permit - returning 0 obligations</Description>
+ <Target/>
+ <Rule RuleId="default" Effect="Permit">
+ <Target/>
+ </Rule>
+ </Policy>
+</PolicySet> \ No newline at end of file
diff --git a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java
index 656c7275..ae4193d3 100644
--- a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java
+++ b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java
@@ -25,37 +25,46 @@ package org.onap.policy.xacml.pdp.application.guard;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatCode;
-import com.att.research.xacml.std.annotations.XACMLAction;
-import com.att.research.xacml.std.annotations.XACMLRequest;
-import com.att.research.xacml.std.annotations.XACMLResource;
-import com.att.research.xacml.std.annotations.XACMLSubject;
+import com.att.research.xacml.util.XACMLProperties;
+import com.google.common.io.Files;
+import com.google.gson.Gson;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.Iterator;
+import java.util.Properties;
+import java.util.ServiceLoader;
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;
+import org.onap.policy.common.utils.resources.TextFileUtils;
+import org.onap.policy.models.decisions.concepts.DecisionRequest;
+import org.onap.policy.models.decisions.serialization.DecisionRequestMessageBodyHandler;
+import org.onap.policy.models.decisions.serialization.DecisionResponseMessageBodyHandler;
+import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class GuardPdpApplicationTest {
- @ClassRule
- public static final TemporaryFolder policyFolder = new TemporaryFolder();
-
- /**
- * This is a simple annotation class to simulate
- * requests coming in.
- */
- @XACMLRequest(ReturnPolicyIdList = true)
- public class MyXacmlRequest {
-
- @XACMLSubject(includeInResults = true)
- String onapName = "Drools";
+ private static final Logger LOGGER = LoggerFactory.getLogger(GuardPdpApplicationTest.class);
+ private static Properties properties = new Properties();
+ private static File propertiesFile;
+ private static XacmlApplicationServiceProvider service;
+ private static DecisionRequest requestSinglePolicy;
- @XACMLResource(includeInResults = true)
- String resource = "onap.policies.Guard";
+ private static Gson gsonDecisionRequest;
+ private static Gson gsonDecisionResponse;
- @XACMLAction()
- String action = "guard";
- }
+ @ClassRule
+ public static final TemporaryFolder policyFolder = new TemporaryFolder();
@Before
public void setUp() throws Exception {
@@ -65,32 +74,117 @@ public class GuardPdpApplicationTest {
@Test
public void testBasics() {
assertThatCode(() -> {
- GuardPdpApplication guard = new GuardPdpApplication();
//
- // Set the path
+ // Create our Gson builder
+ //
+ gsonDecisionRequest = new DecisionRequestMessageBodyHandler().getGson();
+ gsonDecisionResponse = new DecisionResponseMessageBodyHandler().getGson();
+ //
+ // Load Single Decision Request
+ //
+ requestSinglePolicy = gsonDecisionRequest.fromJson(
+ TextFileUtils
+ .getTextFileAsString("../../main/src/test/resources/decisions/decision.single.input.json"),
+ DecisionRequest.class);
//
- guard.initialize(policyFolder.getRoot().toPath());
+ // Copy all the properties and root policies to the temporary folder
//
- // Application name
+ try (InputStream is = new FileInputStream("src/test/resources/xacml.properties")) {
+ //
+ // Load it in
+ //
+ properties.load(is);
+ propertiesFile = policyFolder.newFile("xacml.properties");
+ //
+ // Copy the root policies
+ //
+ for (String root : XACMLProperties.getRootPolicyIDs(properties)) {
+ //
+ // Get a file
+ //
+ Path rootPath = Paths.get(properties.getProperty(root + ".file"));
+ LOGGER.debug("Root file {} {}", rootPath, rootPath.getFileName());
+ //
+ // Construct new file name
+ //
+ File newRootPath = policyFolder.newFile(rootPath.getFileName().toString());
+ //
+ // Copy it
+ //
+ Files.copy(rootPath.toFile(), newRootPath);
+ assertThat(newRootPath).exists();
+ //
+ // Point to where the new policy is in the temp dir
+ //
+ properties.setProperty(root + ".file", newRootPath.getAbsolutePath());
+ }
+ try (OutputStream os = new FileOutputStream(propertiesFile.getAbsolutePath())) {
+ properties.store(os, "");
+ assertThat(propertiesFile).exists();
+ }
+ }
//
- assertThat(guard.applicationName()).isNotEmpty();
+ // Load service
+ //
+ ServiceLoader<XacmlApplicationServiceProvider> applicationLoader =
+ ServiceLoader.load(XacmlApplicationServiceProvider.class);
+ //
+ // Iterate through them - I could store the object as
+ // XacmlApplicationServiceProvider pointer.
+ //
+ // Try this later.
+ //
+ StringBuilder strDump = new StringBuilder("Loaded applications:" + System.lineSeparator());
+ Iterator<XacmlApplicationServiceProvider> iterator = applicationLoader.iterator();
+ while (iterator.hasNext()) {
+ XacmlApplicationServiceProvider application = iterator.next();
+ //
+ // Is it our service?
+ //
+ if (application instanceof GuardPdpApplication) {
+ //
+ // Should be the first and only one
+ //
+ assertThat(service).isNull();
+ service = application;
+ }
+ strDump.append(application.applicationName());
+ strDump.append(" supports ");
+ strDump.append(application.supportedPolicyTypes());
+ strDump.append(System.lineSeparator());
+ }
+ LOGGER.debug("{}", strDump);
+ //
+ // Tell it to initialize based on the properties file
+ // we just built for it.
+ //
+ service.initialize(propertiesFile.toPath().getParent());
+ //
+ // Make sure there's an application name
+ //
+ assertThat(service.applicationName()).isNotEmpty();
//
// Decisions
//
- assertThat(guard.actionDecisionsSupported().size()).isEqualTo(1);
- assertThat(guard.actionDecisionsSupported()).contains("guard");
+ assertThat(service.actionDecisionsSupported().size()).isEqualTo(1);
+ assertThat(service.actionDecisionsSupported()).contains("guard");
//
- // Supported policy types
+ // Ensure it has the supported policy types and
+ // can support the correct policy types.
//
- assertThat(guard.supportedPolicyTypes()).isNotEmpty();
- assertThat(guard.supportedPolicyTypes().size()).isEqualTo(2);
- assertThat(guard.canSupportPolicyType("onap.policies.controlloop.guard.FrequencyLimiter", "1.0.0"))
+ assertThat(service.supportedPolicyTypes()).isNotEmpty();
+ assertThat(service.supportedPolicyTypes().size()).isEqualTo(2);
+ assertThat(service.canSupportPolicyType("onap.policies.controlloop.guard.FrequencyLimiter", "1.0.0"))
.isTrue();
- assertThat(guard.canSupportPolicyType("onap.policies.controlloop.guard.FrequencyLimiter", "1.0.1"))
+ assertThat(service.canSupportPolicyType("onap.policies.controlloop.guard.FrequencyLimiter", "1.0.1"))
.isFalse();
- assertThat(guard.canSupportPolicyType("onap.policies.controlloop.guard.MinMax", "1.0.0")).isTrue();
- assertThat(guard.canSupportPolicyType("onap.policies.controlloop.guard.MinMax", "1.0.1")).isFalse();
- assertThat(guard.canSupportPolicyType("onap.foo", "1.0.1")).isFalse();
+ assertThat(service.canSupportPolicyType("onap.policies.controlloop.guard.MinMax", "1.0.0")).isTrue();
+ assertThat(service.canSupportPolicyType("onap.policies.controlloop.guard.MinMax", "1.0.1")).isFalse();
+ assertThat(service.canSupportPolicyType("onap.foo", "1.0.1")).isFalse();
+ //
+ // Ensure it supports decisions
+ //
+ assertThat(service.actionDecisionsSupported()).contains("guard");
}).doesNotThrowAnyException();
}
}
diff --git a/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/engine/OnapXacmlPdpEngine.java b/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java
index 6c53566a..ab48d134 100644
--- a/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/engine/OnapXacmlPdpEngine.java
+++ b/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplication.java
@@ -20,24 +20,29 @@
* ============LICENSE_END=========================================================
*/
-package org.onap.policy.xacml.pdp.engine;
+package org.onap.policy.xacml.pdp.application.monitoring;
+import com.att.research.xacml.api.AttributeAssignment;
+import com.att.research.xacml.api.DataTypeException;
+import com.att.research.xacml.api.Decision;
+import com.att.research.xacml.api.Obligation;
import com.att.research.xacml.api.Request;
import com.att.research.xacml.api.Response;
+import com.att.research.xacml.api.Result;
import com.att.research.xacml.api.XACML3;
import com.att.research.xacml.api.pdp.PDPEngine;
-import com.att.research.xacml.api.pdp.PDPEngineFactory;
import com.att.research.xacml.api.pdp.PDPException;
-import com.att.research.xacml.util.FactoryException;
+import com.att.research.xacml.std.annotations.RequestParser;
import com.att.research.xacml.util.XACMLPolicyScanner;
+import com.att.research.xacml.util.XACMLPolicyWriter;
import com.att.research.xacml.util.XACMLProperties;
import com.google.common.collect.Lists;
+import com.google.gson.Gson;
+import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
-import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
-import java.io.OutputStream;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.ArrayList;
@@ -63,12 +68,14 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType;
import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType;
import org.json.JSONObject;
+import org.onap.policy.models.decisions.concepts.DecisionRequest;
+import org.onap.policy.models.decisions.concepts.DecisionResponse;
import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConverter;
import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConverterUtils;
import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
-import org.onap.policy.pdp.xacml.application.common.XacmlUpdatePolicyUtils;
+import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.yaml.snakeyaml.Yaml;
@@ -82,13 +89,12 @@ import org.yaml.snakeyaml.Yaml;
* @author pameladragosh
*
*/
-public class OnapXacmlPdpEngine implements ToscaPolicyConverter, XacmlApplicationServiceProvider {
+public class MonitoringPdpApplication implements ToscaPolicyConverter, XacmlApplicationServiceProvider {
- private static final Logger LOGGER = LoggerFactory.getLogger(OnapXacmlPdpEngine.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(MonitoringPdpApplication.class);
private static final String ONAP_MONITORING_BASE_POLICY_TYPE = "onap.Monitoring";
private static final String ONAP_MONITORING_DERIVED_POLICY_TYPE = "onap.policies.monitoring";
-
private Path pathForData = null;
private Properties pdpProperties = null;
private PDPEngine pdpEngine = null;
@@ -97,67 +103,13 @@ public class OnapXacmlPdpEngine implements ToscaPolicyConverter, XacmlApplicatio
/**
* Constructor.
*/
- public OnapXacmlPdpEngine() {
+ public MonitoringPdpApplication() {
//
// By default this supports just Monitoring policy types
//
supportedPolicyTypes.put(ONAP_MONITORING_BASE_POLICY_TYPE, "1.0.0");
}
- /**
- * Load properties from given file.
- *
- * @param location Path and filename
- * @throws IOException If unable to read file
- */
- public synchronized void loadXacmlProperties(String location) throws IOException {
- try (InputStream is = new FileInputStream(location)) {
- pdpProperties.load(is);
- }
- }
-
- /**
- * Stores the XACML Properties to the given file location.
- *
- * @param location File location including name
- * @throws IOException If unable to store the file.
- */
- public synchronized void storeXacmlProperties(String location) throws IOException {
- try (OutputStream os = new FileOutputStream(location)) {
- String strComments = "#";
- pdpProperties.store(os, strComments);
- }
- }
-
- /**
- * Make a decision call.
- *
- * @param request Incoming request object
- * @return Response object
- */
- public synchronized Response decision(Request request) {
- //
- // This is what we need to return
- //
- Response response = null;
- //
- // Track some timing
- //
- long timeStart = System.currentTimeMillis();
- try {
- response = this.pdpEngine.decide(request);
- } catch (PDPException e) {
- LOGGER.error("{}", e);
- } finally {
- //
- // Track the end of timing
- //
- long timeEnd = System.currentTimeMillis();
- LOGGER.info("Elapsed Time: {}ms", (timeEnd - timeStart));
- }
- return response;
- }
-
@Override
public String applicationName() {
return "Monitoring Application";
@@ -178,29 +130,18 @@ public class OnapXacmlPdpEngine implements ToscaPolicyConverter, XacmlApplicatio
//
// Look for and load the properties object
//
- Path propertyPath = Paths.get(this.pathForData.toAbsolutePath().toString(), "xacml.properties");
- LOGGER.debug("Looking for {}", propertyPath.toAbsolutePath());
- try (InputStream is = new FileInputStream(propertyPath.toAbsolutePath().toString()) ) {
- //
- // Create a new properties object
- //
- pdpProperties = new Properties();
- //
- // Load it with our values
- //
- pdpProperties.load(is);
+ try {
+ pdpProperties = XacmlPolicyUtils.loadXacmlProperties(XacmlPolicyUtils.getPropertiesPath(pathForData));
LOGGER.debug("{}", pdpProperties);
} catch (IOException e) {
LOGGER.error("{}", e);
}
//
- // Now initialize the XACML PDP Engine
+ // Create an engine
//
- try {
- PDPEngineFactory factory = PDPEngineFactory.newInstance();
- this.pdpEngine = factory.newEngine(pdpProperties);
- } catch (FactoryException e) {
- LOGGER.error("{}", e);
+ PDPEngine newEngine = XacmlPolicyUtils.createEngine(pdpProperties);
+ if (newEngine != null) {
+ pdpEngine = newEngine;
}
}
@@ -222,9 +163,6 @@ public class OnapXacmlPdpEngine implements ToscaPolicyConverter, XacmlApplicatio
@Override
public synchronized void loadPolicies(Map<String, Object> toscaPolicies) {
- //
- //
- //
try {
//
// Convert the policies first
@@ -245,45 +183,84 @@ public class OnapXacmlPdpEngine implements ToscaPolicyConverter, XacmlApplicatio
//
String rootFile = pdpProperties.getProperty(roots.iterator().next() + ".file");
try (InputStream is = new FileInputStream(rootFile)) {
+ //
+ // Read the Root Policy into memory
+ //
Object policyData = XACMLPolicyScanner.readPolicy(is);
//
// Should be a PolicySet
//
if (policyData instanceof PolicySetType) {
+ //
+ // Add the referenced policies into a new Root Policy
+ //
PolicyType[] newPolicies = listPolicies.toArray(new PolicyType[listPolicies.size()]);
- PolicySetType newRootPolicy =
- XacmlUpdatePolicyUtils.updateXacmlRootPolicy((PolicySetType) policyData, newPolicies);
+ PolicySetType newRootPolicy = XacmlPolicyUtils.addPoliciesToXacmlRootPolicy(
+ (PolicySetType) policyData, newPolicies);
+ LOGGER.debug("New ROOT Policy");
+ try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
+ XACMLPolicyWriter.writePolicyFile(os, newRootPolicy);
+ LOGGER.debug("{}", os);
+ } catch (IOException e) {
+ LOGGER.error("Failed to convert {}", e);
+ }
//
// Save the new Policies to disk
//
-
+ for (PolicyType policy : newPolicies) {
+ //
+ // Construct the filename
+ //
+ Path refPath = XacmlPolicyUtils.constructUniquePolicyFilename(policy, pathForData);
+ //
+ // Write the policy to disk
+ // Maybe check for an error
+ //
+ XACMLPolicyWriter.writePolicyFile(refPath, policy);
+ //
+ // Save it off
+ //
+ XacmlPolicyUtils.addReferencedPolicy(pdpProperties, refPath);
+ }
//
// Save the root policy to disk
//
-
+ XACMLPolicyWriter.writePolicyFile(Paths.get(rootFile), newRootPolicy);
//
- // Update properties to declare the referenced policies
+ // Write the policies to disk
//
-
+ XacmlPolicyUtils.storeXacmlProperties(pdpProperties,
+ XacmlPolicyUtils.getPropertiesPath(pathForData));
//
- // Write the policies to disk
+ // Reload the engine
//
-
+ PDPEngine newEngine = XacmlPolicyUtils.createEngine(pdpProperties);
+ if (newEngine != null) {
+ pdpEngine = newEngine;
+ }
} else {
throw new ToscaPolicyConversionException("Root policy isn't a PolicySet");
}
}
- //
- // Add to the root policy
- //
} catch (IOException | ToscaPolicyConversionException e) {
LOGGER.error("Failed to loadPolicies {}", e);
}
}
@Override
- public synchronized JSONObject makeDecision(JSONObject jsonSchema) {
- return null;
+ public synchronized DecisionResponse makeDecision(DecisionRequest request) {
+ //
+ // Convert to a XacmlRequest
+ //
+ Request xacmlRequest = this.convertRequest(request);
+ //
+ // Now get a decision
+ //
+ Response xacmlResponse = this.xacmlDecision(xacmlRequest);
+ //
+ // Convert to a DecisionResponse
+ //
+ return this.convertResponse(xacmlResponse);
}
@Override
@@ -325,11 +302,17 @@ public class OnapXacmlPdpEngine implements ToscaPolicyConverter, XacmlApplicatio
LOGGER.debug("Found policy {}", policyObject.getClass());
Map<String, Object> policyContents = (Map<String, Object>) policyObject;
for (Entry<String, Object> entrySet : policyContents.entrySet()) {
- LOGGER.info("Entry set {}", entrySet);
+ LOGGER.debug("Entry set {}", entrySet);
//
// Convert this policy
//
PolicyType policy = this.convertPolicy(entrySet);
+ try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
+ XACMLPolicyWriter.writePolicyFile(os, policy);
+ LOGGER.debug("{}", os);
+ } catch (IOException e) {
+ LOGGER.error("Failed to convert {}", e);
+ }
//
// Convert and add in the new policy
//
@@ -397,14 +380,11 @@ public class OnapXacmlPdpEngine implements ToscaPolicyConverter, XacmlApplicatio
rule.setEffect(EffectType.PERMIT);
rule.setTarget(new TargetType());
//
- // There should be properties section - this data ends up as a
- // JSON BLOB that is returned back to calling application.
+ // Now represent the policy as Json
//
- if (! policyDefinition.containsKey("properties")) {
- throw new ToscaPolicyConversionException(policyName + " missing properties section");
- }
- addObligation(rule,
- (Map<String, Object>) policyDefinition.get("properties"));
+ JSONObject jsonObligation = new JSONObject();
+ jsonObligation.put(policyName, policyDefinition);
+ addObligation(rule, jsonObligation);
//
// Add the rule to the policy
//
@@ -498,20 +478,19 @@ public class OnapXacmlPdpEngine implements ToscaPolicyConverter, XacmlApplicatio
return target;
}
- private RuleType addObligation(RuleType rule, Map<String, Object> properties) {
+ private RuleType addObligation(RuleType rule, JSONObject jsonPolicy) {
//
// Convert the YAML Policy to JSON Object
//
- JSONObject jsonObject = new JSONObject(properties);
if (LOGGER.isDebugEnabled()) {
- LOGGER.debug("JSON conversion {}{}", System.lineSeparator(), jsonObject);
+ LOGGER.debug("JSON DCAE Policy {}{}", System.lineSeparator(), jsonPolicy);
}
//
// Create an AttributeValue for it
//
AttributeValueType value = new AttributeValueType();
value.setDataType(ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_DATATYPE.stringValue());
- value.getContent().add(jsonObject.toString());
+ value.getContent().add(jsonPolicy.toString());
//
// Create our AttributeAssignmentExpression where we will
// store the contents of the policy in JSON format.
@@ -536,4 +515,99 @@ public class OnapXacmlPdpEngine implements ToscaPolicyConverter, XacmlApplicatio
return rule;
}
+ @Override
+ public Request convertRequest(DecisionRequest request) {
+ LOGGER.debug("Converting Request {}", request);
+ try {
+ return RequestParser.parseRequest(MonitoringRequest.createInstance(request));
+ } catch (IllegalArgumentException | IllegalAccessException | DataTypeException e) {
+ LOGGER.error("Failed to convert DecisionRequest: {}", e);
+ }
+ //
+ // TODO throw exception
+ //
+ return null;
+ }
+
+ @Override
+ public DecisionResponse convertResponse(Response xacmlResponse) {
+ LOGGER.debug("Converting Response {}", xacmlResponse);
+ DecisionResponse decisionResponse = new DecisionResponse();
+ //
+ // Iterate through all the results
+ //
+ for (Result xacmlResult : xacmlResponse.getResults()) {
+ //
+ // Check the result
+ //
+ if (xacmlResult.getDecision() == Decision.PERMIT) {
+ //
+ // Setup policies
+ //
+ decisionResponse.setPolicies(new ArrayList<>());
+ //
+ // Go through obligations
+ //
+ for (Obligation obligation : xacmlResult.getObligations()) {
+ LOGGER.debug("Obligation: {}", obligation);
+ for (AttributeAssignment assignment : obligation.getAttributeAssignments()) {
+ LOGGER.debug("Attribute Assignment: {}", assignment);
+ //
+ // We care about the content attribute
+ //
+ if (ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_CONTENTS
+ .equals(assignment.getAttributeId())) {
+ //
+ // The contents are in Json form
+ //
+ Object stringContents = assignment.getAttributeValue().getValue();
+ if (LOGGER.isDebugEnabled()) {
+ LOGGER.debug("DCAE contents: {}{}", System.lineSeparator(), stringContents);
+ }
+ //
+ // Let's parse it into a map using Gson
+ //
+ Gson gson = new Gson();
+ @SuppressWarnings("unchecked")
+ Map<String, Object> result = gson.fromJson(stringContents.toString() ,Map.class);
+ decisionResponse.getPolicies().add(result);
+ }
+ }
+ }
+ } else {
+ decisionResponse.setErrorMessage("A better error message");
+ }
+ }
+
+ return decisionResponse;
+ }
+
+ /**
+ * Make a decision call.
+ *
+ * @param request Incoming request object
+ * @return Response object
+ */
+ private synchronized Response xacmlDecision(Request request) {
+ //
+ // This is what we need to return
+ //
+ Response response = null;
+ //
+ // Track some timing
+ //
+ long timeStart = System.currentTimeMillis();
+ try {
+ response = this.pdpEngine.decide(request);
+ } catch (PDPException e) {
+ LOGGER.error("Xacml PDP Engine failed {}", e);
+ } finally {
+ //
+ // Track the end of timing
+ //
+ long timeEnd = System.currentTimeMillis();
+ LOGGER.info("Elapsed Time: {}ms", (timeEnd - timeStart));
+ }
+ return response;
+ }
}
diff --git a/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringRequest.java b/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringRequest.java
new file mode 100644
index 00000000..b2e5ff9a
--- /dev/null
+++ b/applications/monitoring/src/main/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringRequest.java
@@ -0,0 +1,78 @@
+/*
+ * ============LICENSE_START=======================================================
+ * ONAP Policy Decision Models
+ * ================================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.policy.xacml.pdp.application.monitoring;
+
+import com.att.research.xacml.std.annotations.XACMLAction;
+import com.att.research.xacml.std.annotations.XACMLRequest;
+import com.att.research.xacml.std.annotations.XACMLResource;
+import com.att.research.xacml.std.annotations.XACMLSubject;
+
+import java.util.Map;
+import java.util.Map.Entry;
+
+import org.onap.policy.models.decisions.concepts.DecisionRequest;
+
+@XACMLRequest(ReturnPolicyIdList = true)
+public class MonitoringRequest {
+
+ @XACMLSubject(includeInResults = true)
+ String onapName = "DCAE";
+
+ @XACMLResource(includeInResults = true)
+ String resource = "onap.policies.Monitoring";
+
+ @XACMLAction()
+ String action = "configure";
+
+
+ /**
+ * Parses the DecisionRequest into a MonitoringRequest.
+ *
+ * @param decisionRequest Input DecisionRequest
+ * @return MonitoringRequest
+ */
+ public static MonitoringRequest createInstance(DecisionRequest decisionRequest) {
+ MonitoringRequest request = new MonitoringRequest();
+ request.onapName = decisionRequest.getOnapName();
+ request.action = decisionRequest.getAction();
+
+ Map<String, Object> resources = decisionRequest.getResource();
+ for (Entry<String, Object> entry : resources.entrySet()) {
+ if (entry.getKey().equals("policy-id")) {
+ //
+ // TODO handle lists of policies
+ //
+ request.resource = entry.getValue().toString();
+ continue;
+ }
+ if (entry.getKey().equals("policy-type")) {
+ //
+ // TODO handle lists of policies
+ //
+ request.resource = entry.getValue().toString();
+ }
+ }
+ //
+ // TODO handle a bad incoming request. Do that here?
+ //
+ return request;
+ }
+}
diff --git a/applications/monitoring/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider b/applications/monitoring/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider
index 5c8dd5e6..29c6b87f 100644
--- a/applications/monitoring/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider
+++ b/applications/monitoring/src/main/resources/META-INF/services/org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider
@@ -1 +1 @@
-org.onap.policy.xacml.pdp.engine.OnapXacmlPdpEngine \ No newline at end of file
+org.onap.policy.xacml.pdp.application.monitoring.MonitoringPdpApplication \ No newline at end of file
diff --git a/applications/monitoring/src/main/resources/RootMonitoringPolicy.xml b/applications/monitoring/src/main/resources/RootMonitoringPolicy.xml
index 33b28815..5578fda9 100644
--- a/applications/monitoring/src/main/resources/RootMonitoringPolicy.xml
+++ b/applications/monitoring/src/main/resources/RootMonitoringPolicy.xml
@@ -5,10 +5,6 @@
<AnyOf>
<AllOf>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
- <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">onap.policies.Monitoring</AttributeValue>
- <AttributeDesignator Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
- </Match>
- <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">DCAE</AttributeValue>
<AttributeDesignator Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="false"/>
</Match>
diff --git a/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/engine/OnapXacmlPdpEngineTest.java b/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java
index 940a974b..af6e6548 100644
--- a/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/engine/OnapXacmlPdpEngineTest.java
+++ b/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java
@@ -20,23 +20,15 @@
* ============LICENSE_END=========================================================
*/
-package org.onap.policy.xacml.pdp.engine;
+package org.onap.policy.xacml.pdp.application.monitoring;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatCode;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
-import static org.junit.Assert.assertEquals;
-import com.att.research.xacml.api.Decision;
-import com.att.research.xacml.api.Response;
-import com.att.research.xacml.api.Result;
-import com.att.research.xacml.std.annotations.RequestParser;
-import com.att.research.xacml.std.annotations.XACMLAction;
-import com.att.research.xacml.std.annotations.XACMLRequest;
-import com.att.research.xacml.std.annotations.XACMLResource;
-import com.att.research.xacml.std.annotations.XACMLSubject;
import com.att.research.xacml.util.XACMLProperties;
import com.google.common.io.Files;
+import com.google.gson.Gson;
import java.io.File;
import java.io.FileInputStream;
@@ -56,46 +48,50 @@ import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;
+import org.onap.policy.common.utils.resources.TextFileUtils;
+import org.onap.policy.models.decisions.concepts.DecisionRequest;
+import org.onap.policy.models.decisions.concepts.DecisionResponse;
+import org.onap.policy.models.decisions.serialization.DecisionRequestMessageBodyHandler;
+import org.onap.policy.models.decisions.serialization.DecisionResponseMessageBodyHandler;
import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.yaml.snakeyaml.Yaml;
-public class OnapXacmlPdpEngineTest {
+public class MonitoringPdpApplicationTest {
- private static final Logger LOGGER = LoggerFactory.getLogger(OnapXacmlPdpEngineTest.class);
- private static OnapXacmlPdpEngine onapPdpEngine;
+ private static final Logger LOGGER = LoggerFactory.getLogger(MonitoringPdpApplicationTest.class);
private static Properties properties = new Properties();
private static File propertiesFile;
+ private static XacmlApplicationServiceProvider service;
+ private static DecisionRequest requestSinglePolicy;
+
+ private static Gson gsonDecisionRequest;
+ private static Gson gsonDecisionResponse;
@ClassRule
public static final TemporaryFolder policyFolder = new TemporaryFolder();
/**
- * This is a simple annotation class to simulate
- * requests coming in.
- */
- @XACMLRequest(ReturnPolicyIdList = true)
- public class MyXacmlRequest {
-
- @XACMLSubject(includeInResults = true)
- String onapName = "DCAE";
-
- @XACMLResource(includeInResults = true)
- String resource = "onap.policies.Monitoring";
-
- @XACMLAction()
- String action = "configure";
- }
-
- /**
* Load a test engine.
*/
@BeforeClass
public static void setup() {
assertThatCode(() -> {
//
+ // Create our Gson builder
+ //
+ gsonDecisionRequest = new DecisionRequestMessageBodyHandler().getGson();
+ gsonDecisionResponse = new DecisionResponseMessageBodyHandler().getGson();
+ //
+ // Load Single Decision Request
+ //
+ requestSinglePolicy = gsonDecisionRequest.fromJson(
+ TextFileUtils
+ .getTextFileAsString("../../main/src/test/resources/decisions/decision.single.input.json"),
+ DecisionRequest.class);
+ //
// Copy all the properties and root policies to the temporary folder
//
try (InputStream is = new FileInputStream("src/test/resources/xacml.properties")) {
@@ -147,6 +143,16 @@ public class OnapXacmlPdpEngineTest {
Iterator<XacmlApplicationServiceProvider> iterator = applicationLoader.iterator();
while (iterator.hasNext()) {
XacmlApplicationServiceProvider application = iterator.next();
+ //
+ // Is it our service?
+ //
+ if (application instanceof MonitoringPdpApplication) {
+ //
+ // Should be the first and only one
+ //
+ assertThat(service).isNull();
+ service = application;
+ }
strDump.append(application.applicationName());
strDump.append(" supports ");
strDump.append(application.supportedPolicyTypes());
@@ -154,31 +160,27 @@ public class OnapXacmlPdpEngineTest {
}
LOGGER.debug("{}", strDump);
//
- // Create the engine instance
- //
- onapPdpEngine = new OnapXacmlPdpEngine();
- //
// Tell it to initialize based on the properties file
// we just built for it.
//
- onapPdpEngine.initialize(propertiesFile.toPath().getParent());
+ service.initialize(propertiesFile.toPath().getParent());
//
// Make sure there's an application name
//
- assertThat(onapPdpEngine.applicationName()).isNotEmpty();
+ assertThat(service.applicationName()).isNotEmpty();
//
// Ensure it has the supported policy types and
// can support the correct policy types.
//
- assertThat(onapPdpEngine.canSupportPolicyType("onap.Monitoring", "1.0.0")).isTrue();
- assertThat(onapPdpEngine.canSupportPolicyType("onap.Monitoring", "1.5.0")).isTrue();
- assertThat(onapPdpEngine.canSupportPolicyType("onap.policies.monitoring.foobar", "1.0.1")).isTrue();
- assertThat(onapPdpEngine.canSupportPolicyType("onap.foobar", "1.0.0")).isFalse();
- assertThat(onapPdpEngine.supportedPolicyTypes()).contains("onap.Monitoring");
+ assertThat(service.canSupportPolicyType("onap.Monitoring", "1.0.0")).isTrue();
+ assertThat(service.canSupportPolicyType("onap.Monitoring", "1.5.0")).isTrue();
+ assertThat(service.canSupportPolicyType("onap.policies.monitoring.foobar", "1.0.1")).isTrue();
+ assertThat(service.canSupportPolicyType("onap.foobar", "1.0.0")).isFalse();
+ assertThat(service.supportedPolicyTypes()).contains("onap.Monitoring");
//
// Ensure it supports decisions
//
- assertThat(onapPdpEngine.actionDecisionsSupported()).contains("configure");
+ assertThat(service.actionDecisionsSupported()).contains("configure");
}).doesNotThrowAnyException();
}
@@ -188,11 +190,16 @@ public class OnapXacmlPdpEngineTest {
// Make a simple decision - NO policies are loaded
//
assertThatCode(() -> {
- Response response = onapPdpEngine.decision(RequestParser.parseRequest(new MyXacmlRequest()));
- for (Result result : response.getResults()) {
- LOGGER.info("Decision {}", result.getDecision());
- assertEquals(Decision.PERMIT, result.getDecision());
- }
+ //
+ // Ask for a decision
+ //
+ DecisionResponse response = service.makeDecision(requestSinglePolicy);
+ LOGGER.info("Decision {}", response);
+
+ assertThat(response).isNotNull();
+ assertThat(response.getErrorMessage()).isNullOrEmpty();
+ assertThat(response.getPolicies().size()).isEqualTo(0);
+
}).doesNotThrowAnyException();
}
@@ -227,7 +234,7 @@ public class OnapXacmlPdpEngineTest {
// Find the type and make sure the engine supports it
//
assertThat(policyDefinition.containsKey("type")).isTrue();
- assertThat(onapPdpEngine.canSupportPolicyType(
+ assertThat(service.canSupportPolicyType(
policyDefinition.get("type").toString(),
policyDefinition.get("version").toString()))
.isTrue();
@@ -238,18 +245,31 @@ public class OnapXacmlPdpEngineTest {
//
// Assuming all are supported etc.
//
- onapPdpEngine.loadPolicies(toscaObject);
+ service.loadPolicies(toscaObject);
+ //
+ // Ask for a decision
+ //
+ DecisionResponse response = service.makeDecision(requestSinglePolicy);
+ LOGGER.info("Decision {}", response);
- //List<PolicyType> policies = onapPdpEngine.convertPolicies(is);
+ assertThat(response).isNotNull();
+ assertThat(response.getPolicies().size()).isEqualTo(1);
+ //
+ // Dump it out as Json
//
- // Should have a policy
- //// assertThat(policies.isEmpty()).isFalse();
+ LOGGER.info(gsonDecisionResponse.toJson(response));
}
}).doesNotThrowAnyException();
}
@Test
public void testBadPolicies() {
+ //
+ // No need for service, just test some of the methods
+ // for bad policies
+ //
+ MonitoringPdpApplication onapPdpEngine = new MonitoringPdpApplication();
+
assertThatExceptionOfType(ToscaPolicyConversionException.class).isThrownBy(() -> {
try (InputStream is =
new FileInputStream("src/test/resources/test.monitoring.policy.missingmetadata.yaml")) {
@@ -284,13 +304,6 @@ public class OnapXacmlPdpEngineTest {
onapPdpEngine.convertPolicies(is);
}
}).withMessageContaining("missing metadata policy-id");
-
- assertThatExceptionOfType(ToscaPolicyConversionException.class).isThrownBy(() -> {
- try (InputStream is =
- new FileInputStream("src/test/resources/test.monitoring.policy.missingproperties.yaml")) {
- onapPdpEngine.convertPolicies(is);
- }
- }).withMessageContaining("missing properties section");
}
}
diff --git a/applications/monitoring/src/test/resources/vDNS.policy.input.yaml b/applications/monitoring/src/test/resources/vDNS.policy.input.yaml
index ee12c702..763af75f 100644
--- a/applications/monitoring/src/test/resources/vDNS.policy.input.yaml
+++ b/applications/monitoring/src/test/resources/vDNS.policy.input.yaml
@@ -8,27 +8,28 @@ policies:
policy-id: onap.scaleout.tca
policy-version: 1
properties:
- domain: measurementsForVfScaling
- metricsPerEventName:
- -
- eventName: vLoadBalancer
- controlLoopSchemaType: VNF
- policyScope: "type=configuration"
- policyName: "onap.scaleout.tca"
- policyVersion: "v0.0.1"
- thresholds:
- - closedLoopControlName: "CL-LBAL-LOW-TRAFFIC-SIG-FB480F95-A453-6F24-B767-FD703241AB1A"
- closedLoopEventStatus: ONSET
- version: "1.0.2"
- fieldPath: "$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedBroadcastPacketsAccumulated"
- thresholdValue: 500
- direction: LESS_OR_EQUAL
- severity: MAJOR
- -
- closedLoopControlName: "CL-LBAL-LOW-TRAFFIC-SIG-0C5920A6-B564-8035-C878-0E814352BC2B"
- closedLoopEventStatus: ONSET
- version: "1.0.2"
- fieldPath: "$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedBroadcastPacketsAccumulated"
- thresholdValue: 5000
- direction: GREATER_OR_EQUAL
- severity: CRITICAL
+ tca_policy:
+ domain: measurementsForVfScaling
+ metricsPerEventName:
+ -
+ eventName: vLoadBalancer
+ controlLoopSchemaType: VNF
+ policyScope: "type=configuration"
+ policyName: "onap.scaleout.tca"
+ policyVersion: "v0.0.1"
+ thresholds:
+ - closedLoopControlName: "CL-LBAL-LOW-TRAFFIC-SIG-FB480F95-A453-6F24-B767-FD703241AB1A"
+ closedLoopEventStatus: ONSET
+ version: "1.0.2"
+ fieldPath: "$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedBroadcastPacketsAccumulated"
+ thresholdValue: 500
+ direction: LESS_OR_EQUAL
+ severity: MAJOR
+ -
+ closedLoopControlName: "CL-LBAL-LOW-TRAFFIC-SIG-0C5920A6-B564-8035-C878-0E814352BC2B"
+ closedLoopEventStatus: ONSET
+ version: "1.0.2"
+ fieldPath: "$.event.measurementsForVfScalingFields.vNicPerformanceArray[*].receivedBroadcastPacketsAccumulated"
+ thresholdValue: 5000
+ direction: GREATER_OR_EQUAL
+ severity: CRITICAL