aboutsummaryrefslogtreecommitdiffstats
path: root/applications/guard/src/main
AgeCommit message (Collapse)AuthorFilesLines
2021-07-16Add exclusions parameterPamela Dragosh1-2/+2
Adds the exclusions parameter to exclude applications that are in the java classpath. This allows overriding default packaged applications with another that can support new policy types and/or modify existing functionality. Issue-ID: POLICY-3326 Change-Id: Iaad8d26fc4122ad17226ad1e83b72c9f284e6ebd Signed-off-by: Pamela Dragosh <pd1248@att.com>
2021-07-14Use lombok in xacml-pdpJim Hahn3-11/+6
Also: - changed a few fields to private/protected. - swwapped out gson for coder Issue-ID: POLICY-3400 Change-Id: I9a4dba939b77078f78583ada00af182b1a7d95c5 Signed-off-by: Jim Hahn <jrh3@att.com>
2021-06-24Use protected methods vs privatePamela Dragosh2-7/+7
Application and common code in xacml-pdp is meant to be available for developers to re-use and/or extend as desired. Private methods are unnecessary at this time, but could be re-visited in a later release. For Honolulu, simply moving to protected to keep functionality the same. Possibly for Istanbul we can make more changes to support mixing of ONAP application with custom applications during runtime. Issue-ID: POLICY-3305 Change-Id: I6db23bda3c81fdbbf86e39cc2cd2e706d8bee63d Signed-off-by: Pamela Dragosh <pdragosh@research.att.com> (cherry picked from commit 8e0aa0ffa5cef537de1c841acf38300832c52a56) Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2021-05-27Replace validation code with annotationsJim Hahn1-191/+174
Instead of having code to validate various values, created POJOs to represent the decoded data so that bean validation annotations could be used instead. Didn't see any obvious ways to use annotations in the Optimization code, but did notice a bug (passed role instead of provisions). Extracted a common method which fixed the bug as a side-effect. Issue-ID: POLICY-2418 Change-Id: I9ef589086fc8f7f66810b66405fbf302d7570e5a Signed-off-by: Jim Hahn <jrh3@att.com>
2021-05-06Fix sonars in xacml-pdpJim Hahn3-47/+47
Fixed: - use "var" instead of actual type Issue-ID: POLICY-3285 Change-Id: Id17142d1f2e3e5f9dfbffcb96aff7fe76321a56b Signed-off-by: Jim Hahn <jrh3@att.com>
2021-02-18Utilize time extensionsPamela Dragosh2-4/+155
Switched to using the new Time Extensions released in XACML from github v3.0. Added more thorough tests for it as well as the flexibility of specifying the current time etc. More syntax checking on the inputs from the policy. Issue-ID: POLICY-2810 Change-Id: I1b4ec885c706e37949e5dabe14c63b0d7456cd4f Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2021-02-17Fix wrong category for timeRangePamela Dragosh1-2/+2
The category is wrong, and will not work. So fixing this bug first before working in the changes for use new Time Extensions. I may make it all configurable. Issue-ID: POLICY-2810 Change-Id: I4a338242dd4ec35f9b45fa1f46609dea93e286a1 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2021-01-04Changed identifiers to concept identifiersliamfallon1-8/+9
The policy models tosca classes ToscaPolicyIdentifier and ToscaPolicyIdentifierOptVersion can be used to identify any TOSCA concept, not just TOSCA policies so they are renamed to ToscaConceptIdentifier and ToscaCinceptIdentifierOptVersion respectively. The class ToscaPolicyTypeIdentifier is redundant and is replaced by ToscaConceptIdentifier. Issue-ID: POLICY-2900 Change-Id: Id614bbed34ed8897e7e882b70147b98ffe90bf57 Signed-off-by: liamfallon <liam.fallon@est.tech>
2020-12-21XACML to accept properties as nullliamfallon1-1/+8
xacml-pdp expects the property map to exist in all policies, even if it is sometimes empty. Now, the propperty map can be null. The code is updated to cope with a null property map. Issue-ID: POLICY-2900 Change-Id: Ie31a2770aff1435a1d1064512d0c2fa2088d3183 Signed-off-by: liamfallon <liam.fallon@est.tech>
2020-10-02Remove duplicated codePamela Dragosh1-18/+6
Initially, just moving the applicationName and actions as protected fields got rid of the sonar issue. I included also the supportedPolicyTypes also. But that triggered another sonar duplicate code, so I had to rename a few private fields to rid that. Seems like a very sensitive sonar detection that results in kludgy code. Issue-ID: POLICY-2681 Change-Id: Ie79a95786cdb80381cbce4b182e9e66a2776e0dd Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-08-18Fix sonar issue and add code coveragePamela Dragosh2-6/+19
Fixing too much complexity for GuardPolicyRequest by breaking it up into methods. Added more code coverage to guard translator. Added missing code coverage for coordination guard, it was below 66% and there were some trivial fixes that were needed. Seems that a test resource was never really used, or perhaps got omitted in a previous review. Issue-ID: POLICY-2590 Change-Id: I1be4ff166e6c43c1c4ea54fdf7e761e22adcaa2d Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-08-17Add new guard filter policy type featurePamela Dragosh3-1/+223
* Added new Policy Guard filter Policy type. * Enhanced translator tests to ensure bad filter policies are detected. * Added new filter application test to ensure new guard propertly creates xacml policies. Issue-ID: POLICY-2590 Change-Id: Ifc047a33084ce45b67be98a61f660d7a8c9d8615 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-06-19Changes for Checkstyle 8.32Taka Cho4-8/+2
Issue-ID: POLICY-2188 Change-Id: I64a115240a71e5014db9cfb66747887e156afb50 Signed-off-by: Taka Cho <takamune.cho@att.com>
2020-05-26Change CLC logic for updated OPHist DB entries.pramod.jamkhedkar1-1/+1
Change the CLC policy logic to match the udpate Operations History DB rules. Now if a record has outcome = Started, it is considered to be in progress. Else it is considered to be complete. Issue-ID: POLICY-2583 Change-Id: If3f626bfec2d0656e43a26929107f68ff27af020 Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
2020-05-20Changed cd path.pramod.jamkhedkar1-1/+1
Changed the path of coordination directive by removing src/main/resources Issue-ID: POLICY-2573 Change-Id: I46613e50ef464e0a61e0f177008520575c391c00 Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
2020-05-19Removing unused imports.pramod.jamkhedkar1-5/+0
Issue-ID: POLICY-2573 Change-Id: I0fd392cb7027c56bb8fd4a6d9a0b3fd558dba495 Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
2020-05-19Change CLC granularity to CL level.pramod.jamkhedkar1-8/+10
Change CLC granularity from target level to CL level. Remove the target matching for the db query at PIP level. Issue-ID: POLICY-2573 Change-Id: If9ba1a4d22c3b8bc5dfce0632f7037ad085f6ea6 Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
2020-05-08Final blacklist fix for multiple entriesPamela Dragosh1-2/+2
The last change wasn't quite right, this has multiple AndOf's under a single AnyOf. Multiple AnyOf's are treated as AND's, but what we really want is a set of OR's. Issue-ID: POLICY-2490 Change-Id: I7336643302ccf7982c91a9c082d17bcf0adb4ac8 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-04-14Fix blacklist translator and vs orPamela Dragosh1-7/+19
The blacklist entries should be treated as an or (AnyOf) vs an and (AllOf). Issue-ID: POLICY-2490 Change-Id: Id4eb823e18c59d84d4ca28b13f6a09794d36365f Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-03-23Point to released artifacts and use operationPamela Dragosh1-5/+5
Minor fix to use "operation" vs "recipe" in the guard request. parent, common and models are released. Issue-ID: POLICY-2378 Change-Id: I4c5005c08fef2e184ce2dccefdef0c2c2ea2dc08 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-03-16Missing support for PolicySetTypePamela Dragosh2-6/+6
Adds support for PolicySetType specifically for Native policies. When/If the other applications change to support they can easily do so. Adding some more code coverage for Native application and translator. Issue-ID: POLICY-2433 Change-Id: I463ca9f04928d759624a2176598b463057d386bd Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-03-12Better error handling for decisionsPamela Dragosh3-17/+14
Throw exceptions when requests cannot be created and return error information back. Consolidated some code to avoid sonar duplication issues. Companion review to https://gerrit.onap.org/r/c/policy/models/+/103548 Issue-ID: POLICY-2242 Change-Id: Ic873af933dab82e3aeef6335f55939666be20385 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-03-11Fix sonar logging bugsPamela Dragosh1-1/+1
These did not show up locally - sonarqube must have a new version or rules to pick these up. Issue-ID: POLICY-2242 Change-Id: I3df5aee84f696cde6b07c68913bbd55e95c8ba3b Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-03-09Updates to support fixed guard policy typesPamela Dragosh4-812/+521
Because the new TOSCA compliant policy types support required fields, we can simplify the guard translator to utilize Match in the target vs the previous complicated Condition usage. Added test coverage to bump above 90% specifically for the guard and coordination code. Added a sonar exclusion for the test module. Issue-ID: POLICY-2244 Change-Id: Ia90d117bd7b86d28a2268fd5ab8315dce7bf0c12 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2020-02-28XACML pdp support for clc.pramod.jamkhedkar1-7/+18
Added policies for SON and PCI to support each blocking the other, with test cases and appropriate requests Issue-ID: POLICY-2163 Change-Id: I8153f9cd973a7cd6824fcd6c9787628a74148d46 Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
2019-12-02Clear some simple xacml sonarPamela Dragosh1-3/+3
Missing assertions in JUnit test cases. Use replace vs replaceAll Swapping arguments Issue-ID: POLICY-2079 Change-Id: I5accd462eab3d4f6b3321e375d4ba1084caf4b8c Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-10-23Consolidate common translatable code some sonarPamela Dragosh2-9/+2
There is duplicate code for some common translation of policy decision responses and for scanning obligations. Removed some TODO items (left others because I want to look at them more closely). Stored System.lineSeparator into a static var so that I can remove some unnecessary ifs. There's still one left that I am not worried about. Gson as a static variable. Issue-ID: POLICY-2066 Change-Id: I9c8162d5ad1c5f884be347dd94631fa74ca76f85 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-09-13Upgrade to Tosca derivedFrom fixPamela Dragosh1-65/+67
Upgrade to models fix for derivedFrom() append of 0.0.0 And some sonar fixes for: Exceptions should be either logged or rethrown but not both Preconditions" and logging arguments should not require evaluation Reduced cognitive complexity Issue-ID: POLICY-2079 Change-Id: Ied8630020e8a737c33b1484db953df133c89398f Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-09-12Add yaml support to xacml-pdp rest serverJim Hahn1-6/+5
Also modified code to use StandardYamlCoder. Change-Id: I0596c8b054339ac68ef8c4250cd25b9ff88d47e4 Issue-ID: POLICY-2085 Signed-off-by: Jim Hahn <jrh3@att.com>
2019-06-19Update totalPoliciesCount statisticJim Hahn2-0/+2
Modified the code to set the policy count statistic at start-up and whenever the policy list is changed. Also fixed a couple of checkstyle issues in guard. Change-Id: I92017fe64cd5d19c36908347193cc21d183f051e Issue-ID: POLICY-1844 Signed-off-by: Jim Hahn <jrh3@att.com>
2019-05-08Change debug to info logsPamela Dragosh1-4/+4
A lot of debug should really be info for logs. To assist with debugging but also really need to be there for auditing. Issue-ID: POLICY-1730 Change-Id: I5c41e056775c24797d257504e9c6495fa3127e45 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-04-15Fix a couple of sonar issues one blockerMichael Mokry1-16/+14
1. fixed nullpointer blocker issue in CoordinationGuardTranslator.java 2. fixed "log or rethrow exception" critical issue 3. throw exceptions instead of returning null values Change-Id: I2d567fe566c6f761ec2699016c4a868f203c9a01 Issue-ID: POLICY-1451 Signed-off-by: Michael Mokry <michael.mokry@att.com> Signed-off-by: Joshua Reich <jreich@research.att.com>
2019-04-12Add statistics and sonar cleanup and blacklistPamela Dragosh5-58/+140
* Adding in the statistics for decisions and errors. * Cleaned up sonar issues and added code coverage. * Sped up JUnit tests * Fix JUnit issues with not finding application path * Fix TestDecision not finding persistence.xml * Fix for lingering statistics from previous runs. That needs to be addressed at a later time. * Changed persistence to use properties for configuration of database rather than hard coding the persistence.xml * Fix for Josh's comment to use else-if * Changed to use apache Pair * Added blacklist guard policy Issue-ID: POLICY-1440 Change-Id: I56af8c3dcc82463f7381f1eaea7f1440b76200bd Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-04-11Add Control Loop Coordination policy.Joshua Reich6-7/+299
Refactor code to support multiple pip engines. Add pip engine for outcome. Modify LegacyGuardTranslator to use coordination translator's convertPolicy function when processing coordination guard. This version of convertPolicy intentionally uses string replacement on template-like xacml coordination guard to enable future support for API-based creation of new coordination guard types. Bug fixes and code cleanup. * Unused imports, sonar problems. * Consolidation of getAttribute method * Only use TypedQuery for Pips Issue-ID: POLICY-1471 Change-Id: I4e9365b7f23bee96cf438dad44feda97c65f6ecc Signed-off-by: Joshua Reich <jreich@research.att.com> Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-04-10XACML PDP DmaaP Deploy/UnDeploy FunctionMichael Mokry2-215/+77
1. Added PDPUpdate listener 2. Added PDPUpdate Publisher 3. Added code to handle PdpUpdate messages and load policies being deployed 4. Modified Activator to register listener 5. Provided placeholder code to get policies from pdpx for return PdpStatus response to the PAP 6. Other minor modifications 7. Fix XacmlPdpApplicationManager to only load policy if supports policy type. 8. Checkstyle fixes 9. Updated applications to support loadPolicy(ToscaPolicy) and all the translators, JUnit tests. 10. Consolidated some duplicate code in the applications. Can probably do more in that area. 11. Fixed bug in Properties not really having a copy constructor. Change-Id: Ic29ad426061cbdb79c1339314667bb8ff8decb88 Issue-ID: POLICY-1451 Signed-off-by: Michael Mokry <michael.mokry@att.com> Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-04-10Test decision from main entryPamela Dragosh4-27/+27
Tests a decision upon startup. This also updates the use of ToscaPolicyTypeIdentifier for all the applications. Very basic packaging for applications and their properties. Added cleaning of unused imports to remove sonar issues. Added production persistence.xml file to guard application. Not sure if we need a copy in the application/common resource directory. Issue-ID: POLICY-1440 Change-Id: If96eef5a9e0a7c6cc5461c0bdb6f0cd708cc41bb Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-04-01Adding guard PIPPamela Dragosh3-25/+51
Adding the PIP support into the translator to setup the count attribute as an attribute generated by PIP and not sent by calling application. Added JUnit for OperationsHistoryPipEngine. Issue-ID: POLICY-1471 Change-Id: I71773ee8ea0e6c02873506d973a604899383d4b5 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-03-25Adding optimization application finish guardPamela Dragosh3-4/+939
Created Optimization application and created a translator for it. The translator makes an assumption that OOF wants to query on policyScope and policyType properties. Rearranged some of the test code for re-usability. Guard policies are now creating for frequency limiter and min max. Probably could use some clean up. Upgraded to xacml 2.0.1 to include a fix for handling null attribute values. Added some code to test missing values. Issue-ID: POLICY-1273 Change-Id: Ia3dbfa992bbe0cbb5aa294c38aa2aff430a3230a Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-03-20Use Policy Translator abstract classPamela Dragosh2-160/+11
Instead of applications implementing the converter, use a protected abstract class that implements common code. Newer applications could re-use existing application, and shared code can be put into the base translator class. Fixed sonar issue and changed guard xml. Removed Converter and made translator into an implementation class that is an object in the Application Provider. Issue-ID: POLICY-1273 Change-Id: I9b48cbcdaf80d6d2ef19ef53e4b7cd4830e7e7b2 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-03-18Started with test decision JSON objects.Pamela Dragosh3-4/+197
Added new Policy Finder Factory that ONAP will use and got the code working with new policy/models (see other review which will have to be merged first). Added some new conversion methods to convert from a Xacml request to an Onap request. Added some property methods for XACML Properties objects and JUnit tests. Started filling in some Guard application details and combining code. Issue-ID: POLICY-1602 Change-Id: I5235b74f3b036dcf05779b655a03ac290d594354 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
2019-03-15Monitoring policy creation foundationPamela Dragosh1-0/+107
Upgrde to xacml v2.0.0 release artifact. Some re-arrangement of classes. New class to support a common dictionary among the monitoring applications. I may move it to a common under the main since some of the values are shareable. Created application service provider, so the XACML main knows what policy types are pre-loaded and can report them back to the PAP. struggled with cucumber, which does not create TemporaryFolder although the documentation says its supported. Added a new Policy Finder specific to ONAP which does quicker job to load policies. Issue-ID: POLICY-1273 Change-Id: I4af15a64da3b42d48f29809710421b1649625adc Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>