Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Adds new method to return attributes in a decision, which
can be configurable.
By default it is turned off which ensures that the current
functionality is maintained for our client applications.
Enhanced the JUnits for the applications to ensure that no
extra information is passed, thus maintaining backward
compatibility.
Issue-ID: POLICY-2865
Change-Id: Ia533e5462c0cb475cb1f72f34e95f128d6c52678
Signed-off-by: Pamela Dragosh <pd1248@att.com>
|
|
Replaced generic BusTopicParams with more specific RestClientParameters.
Also modified code to pass the HttpClient around instead of passing the
client parameters around.
Issue-ID: POLICY-3456
Change-Id: Ic07b710645eeab696e6df0a015171578ad08ca83
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Adds the exclusions parameter to exclude applications
that are in the java classpath. This allows overriding
default packaged applications with another that can
support new policy types and/or modify existing
functionality.
Issue-ID: POLICY-3326
Change-Id: Iaad8d26fc4122ad17226ad1e83b72c9f284e6ebd
Signed-off-by: Pamela Dragosh <pd1248@att.com>
|
|
Also:
- changed a few fields to private/protected.
- swwapped out gson for coder
Issue-ID: POLICY-3400
Change-Id: I9a4dba939b77078f78583ada00af182b1a7d95c5
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Application and common code in xacml-pdp is meant to be
available for developers to re-use and/or extend as desired.
Private methods are unnecessary at this time, but could be
re-visited in a later release.
For Honolulu, simply moving to protected to keep functionality
the same. Possibly for Istanbul we can make more changes to
support mixing of ONAP application with custom applications
during runtime.
Issue-ID: POLICY-3305
Change-Id: I6db23bda3c81fdbbf86e39cc2cd2e706d8bee63d
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
(cherry picked from commit 8e0aa0ffa5cef537de1c841acf38300832c52a56)
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Now that the bean validator uses the serialized field name in its error
messages, updated the junits to use the serialized names, too.
Issue-ID: POLICY-3333
Change-Id: I017aa654480baef06f2869116d4b5264bb32c721
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Instead of having code to validate various values, created POJOs to
represent the decoded data so that bean validation annotations could be
used instead.
Didn't see any obvious ways to use annotations in the Optimization code,
but did notice a bug (passed role instead of provisions). Extracted a
common method which fixed the bug as a side-effect.
Issue-ID: POLICY-2418
Change-Id: I9ef589086fc8f7f66810b66405fbf302d7570e5a
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Fixed:
- use "var" instead of actual type
Issue-ID: POLICY-3285
Change-Id: Id17142d1f2e3e5f9dfbffcb96aff7fe76321a56b
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
HTTP client parameters should be based on BusTopicParams instead of
RestServerParameters, modified the policyApiParameters.
Issue-ID: POLICY-3147
Change-Id: I73aa34bec3ab7e27e7a3474260f411ed55b6f933
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Switched to using the new Time Extensions released in XACML
from github v3.0. Added more thorough tests for it as well as
the flexibility of specifying the current time etc.
More syntax checking on the inputs from the policy.
Issue-ID: POLICY-2810
Change-Id: I1b4ec885c706e37949e5dabe14c63b0d7456cd4f
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
The category is wrong, and will not work. So fixing this bug first before
working in the changes for use new Time Extensions. I may make it all configurable.
Issue-ID: POLICY-2810
Change-Id: I4a338242dd4ec35f9b45fa1f46609dea93e286a1
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Updated properties to work with the new version of eclipselink.
Issue-ID: POLICY-3005
Change-Id: I88091a90387e235ef5c168de7a3275056327d83e
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
The policy models tosca classes ToscaPolicyIdentifier and
ToscaPolicyIdentifierOptVersion can be used to identify any TOSCA
concept, not just TOSCA policies so they are renamed to
ToscaConceptIdentifier and ToscaCinceptIdentifierOptVersion
respectively.
The class ToscaPolicyTypeIdentifier is redundant and is replaced by
ToscaConceptIdentifier.
Issue-ID: POLICY-2900
Change-Id: Id614bbed34ed8897e7e882b70147b98ffe90bf57
Signed-off-by: liamfallon <liam.fallon@est.tech>
|
|
xacml-pdp expects the property map to exist in all policies, even if it
is sometimes empty. Now, the propperty map can be null. The code is
updated to cope with a null property map.
Issue-ID: POLICY-2900
Change-Id: Ie31a2770aff1435a1d1064512d0c2fa2088d3183
Signed-off-by: liamfallon <liam.fallon@est.tech>
|
|
Initially, just moving the applicationName and actions as protected
fields got rid of the sonar issue. I included also the supportedPolicyTypes
also. But that triggered another sonar duplicate code, so I had to rename
a few private fields to rid that. Seems like a very sensitive sonar detection
that results in kludgy code.
Issue-ID: POLICY-2681
Change-Id: Ie79a95786cdb80381cbce4b182e9e66a2776e0dd
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Addressed the following sonar issues:
- extract common test method
- too many assertions in a test method
Issue-ID: POLICY-2681
Change-Id: I7438be8286d52cd8479c66542fc785b27448972b
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Fixing too much complexity for GuardPolicyRequest by breaking
it up into methods.
Added more code coverage to guard translator.
Added missing code coverage for coordination guard, it was below
66% and there were some trivial fixes that were needed. Seems that
a test resource was never really used, or perhaps got omitted in a
previous review.
Issue-ID: POLICY-2590
Change-Id: I1be4ff166e6c43c1c4ea54fdf7e761e22adcaa2d
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
* Added new Policy Guard filter Policy type.
* Enhanced translator tests to ensure bad filter policies
are detected.
* Added new filter application test to ensure new guard
propertly creates xacml policies.
Issue-ID: POLICY-2590
Change-Id: Ifc047a33084ce45b67be98a61f660d7a8c9d8615
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Issue-ID: POLICY-2188
Change-Id: I64a115240a71e5014db9cfb66747887e156afb50
Signed-off-by: Taka Cho <takamune.cho@att.com>
|
|
Deleted Dbao and replaced it with the shared class in policy-models.
Also had to update the queries and the persistence.xml accordingly.
Issue-ID: POLICY-2581
Change-Id: I59dfa2f37c272796ccebc0f578c9f4e8e1b9c8ab
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Change the CLC policy logic to match the udpate Operations History DB
rules. Now if a record has outcome = Started, it is considered
to be in progress. Else it is considered to be complete.
Issue-ID: POLICY-2583
Change-Id: If3f626bfec2d0656e43a26929107f68ff27af020
Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
|
|
Changed the path of coordination directive by removing src/main/resources
Issue-ID: POLICY-2573
Change-Id: I46613e50ef464e0a61e0f177008520575c391c00
Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
|
|
Issue-ID: POLICY-2573
Change-Id: I0fd392cb7027c56bb8fd4a6d9a0b3fd558dba495
Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
|
|
Change CLC granularity from target level to CL level. Remove the target
matching for the db query at PIP level.
Issue-ID: POLICY-2573
Change-Id: If9ba1a4d22c3b8bc5dfce0632f7037ad085f6ea6
Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
|
|
The last change wasn't quite right, this has multiple AndOf's under
a single AnyOf. Multiple AnyOf's are treated as AND's, but what we
really want is a set of OR's.
Issue-ID: POLICY-2490
Change-Id: I7336643302ccf7982c91a9c082d17bcf0adb4ac8
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Per this review: https://gerrit.onap.org/r/c/policy/models/+/107250
Issue-ID: POLICY-2538
Change-Id: I0b7711c1adc73295092996cd3a1ec7979fd2b4ba
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
The blacklist entries should be treated as an or (AnyOf) vs
an and (AllOf).
Issue-ID: POLICY-2490
Change-Id: Id4eb823e18c59d84d4ca28b13f6a09794d36365f
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Minor fix to use "operation" vs "recipe" in the guard
request.
parent, common and models are released.
Issue-ID: POLICY-2378
Change-Id: I4c5005c08fef2e184ce2dccefdef0c2c2ea2dc08
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Adds support for PolicySetType specifically for Native policies. When/If
the other applications change to support they can easily do so.
Adding some more code coverage for Native application and translator.
Issue-ID: POLICY-2433
Change-Id: I463ca9f04928d759624a2176598b463057d386bd
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Throw exceptions when requests cannot be created and return
error information back. Consolidated some code to avoid sonar
duplication issues.
Companion review to https://gerrit.onap.org/r/c/policy/models/+/103548
Issue-ID: POLICY-2242
Change-Id: Ic873af933dab82e3aeef6335f55939666be20385
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
These did not show up locally - sonarqube must have a new
version or rules to pick these up.
Issue-ID: POLICY-2242
Change-Id: I3df5aee84f696cde6b07c68913bbd55e95c8ba3b
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Because the new TOSCA compliant policy types support required
fields, we can simplify the guard translator to utilize Match
in the target vs the previous complicated Condition usage.
Added test coverage to bump above 90% specifically for the
guard and coordination code.
Added a sonar exclusion for the test module.
Issue-ID: POLICY-2244
Change-Id: Ia90d117bd7b86d28a2268fd5ab8315dce7bf0c12
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Added policies for SON and PCI to support each blocking the other, with test cases and appropriate requests
Issue-ID: POLICY-2163
Change-Id: I8153f9cd973a7cd6824fcd6c9787628a74148d46
Signed-off-by: pramod.jamkhedkar <pramod@research.att.com>
|
|
Missing assertions in JUnit test cases.
Use replace vs replaceAll
Swapping arguments
Issue-ID: POLICY-2079
Change-Id: I5accd462eab3d4f6b3321e375d4ba1084caf4b8c
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
There is duplicate code for some common translation of policy
decision responses and for scanning obligations.
Removed some TODO items (left others because I want to look
at them more closely).
Stored System.lineSeparator into a static var so that I can
remove some unnecessary ifs. There's still one left that I
am not worried about.
Gson as a static variable.
Issue-ID: POLICY-2066
Change-Id: I9c8162d5ad1c5f884be347dd94631fa74ca76f85
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
decision results
Issue-ID: POLICY-2126
Change-Id: I18d50a8746ede792ec9507ab98125383c5914ba1
Signed-off-by: HOCKLA <ah999m@att.com>
|
|
Issue-ID: POLICY-2090
Change-Id: Id688e305f878f56e374e6bd9047d9d6c75fbe0c6
Signed-off-by: Ali Hockla <ah999m@att.com>
|
|
Upgrade to models fix for derivedFrom() append of 0.0.0
And some sonar fixes for:
Exceptions should be either logged or rethrown but not both
Preconditions" and logging arguments should not require evaluation
Reduced cognitive complexity
Issue-ID: POLICY-2079
Change-Id: Ied8630020e8a737c33b1484db953df133c89398f
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Also modified code to use StandardYamlCoder.
Change-Id: I0596c8b054339ac68ef8c4250cd25b9ff88d47e4
Issue-ID: POLICY-2085
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Utilize's Jim's helper class to pull from API policy types
definitions so that Xacml PDP can determine which properties
are "matchable".
Override initialize to set translator parameters.
Utilize the metadata section of ToscaProperties to store
the matchable field.
Updated Matchable Request to be dynamic with respect to the
incoming resource attributes.
Stored the policy types as JSON.
Issue-ID: POLICY-1899
Change-Id: Icff3605495b0a34ebfcdfa54346095ce2d8468a4
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Modified the code to set the policy count statistic at start-up
and whenever the policy list is changed.
Also fixed a couple of checkstyle issues in guard.
Change-Id: I92017fe64cd5d19c36908347193cc21d183f051e
Issue-ID: POLICY-1844
Signed-off-by: Jim Hahn <jrh3@att.com>
|
|
Added code to decode password and set property
Change-Id: Ied806fcceeaa44d53ca39af636da620fb824e41d
Issue-ID: POLICY-1760
Signed-off-by: Michael Mokry <michael.mokry@att.com>
|
|
A lot of debug should really be info for logs. To assist
with debugging but also really need to be there for auditing.
Issue-ID: POLICY-1730
Change-Id: I5c41e056775c24797d257504e9c6495fa3127e45
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
1. fixed nullpointer blocker issue in CoordinationGuardTranslator.java
2. fixed "log or rethrow exception" critical issue
3. throw exceptions instead of returning null values
Change-Id: I2d567fe566c6f761ec2699016c4a868f203c9a01
Issue-ID: POLICY-1451
Signed-off-by: Michael Mokry <michael.mokry@att.com>
Signed-off-by: Joshua Reich <jreich@research.att.com>
|
|
Changed policies to use Z vs -05:00 for timezone since
we cannot guarantee the timezone the VM's run in. The
test should be generalized.
Fixed a sonar issue in the test I was using to debug this.
Issue-ID: POLICY-1639
Change-Id: If3e52d199527a8a7e11c5fa994beb8fb886c93a6
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
* Adding in the statistics for decisions and errors.
* Cleaned up sonar issues and added code coverage.
* Sped up JUnit tests
* Fix JUnit issues with not finding application path
* Fix TestDecision not finding persistence.xml
* Fix for lingering statistics from previous runs. That
needs to be addressed at a later time.
* Changed persistence to use properties for configuration
of database rather than hard coding the persistence.xml
* Fix for Josh's comment to use else-if
* Changed to use apache Pair
* Added blacklist guard policy
Issue-ID: POLICY-1440
Change-Id: I56af8c3dcc82463f7381f1eaea7f1440b76200bd
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Refactor code to support multiple pip engines.
Add pip engine for outcome.
Modify LegacyGuardTranslator to use coordination translator's
convertPolicy function when processing coordination guard.
This version of convertPolicy intentionally uses string
replacement on template-like xacml coordination guard to
enable future support for API-based creation of new coordination
guard types.
Bug fixes and code cleanup.
* Unused imports, sonar problems.
* Consolidation of getAttribute method
* Only use TypedQuery for Pips
Issue-ID: POLICY-1471
Change-Id: I4e9365b7f23bee96cf438dad44feda97c65f6ecc
Signed-off-by: Joshua Reich <jreich@research.att.com>
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
1. Added PDPUpdate listener
2. Added PDPUpdate Publisher
3. Added code to handle PdpUpdate messages and load policies being
deployed
4. Modified Activator to register listener
5. Provided placeholder code to get policies from pdpx for return
PdpStatus response to the PAP
6. Other minor modifications
7. Fix XacmlPdpApplicationManager to only load policy if supports
policy type.
8. Checkstyle fixes
9. Updated applications to support loadPolicy(ToscaPolicy) and
all the translators, JUnit tests.
10. Consolidated some duplicate code in the applications. Can probably
do more in that area.
11. Fixed bug in Properties not really having a copy constructor.
Change-Id: Ic29ad426061cbdb79c1339314667bb8ff8decb88
Issue-ID: POLICY-1451
Signed-off-by: Michael Mokry <michael.mokry@att.com>
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|
|
Tests a decision upon startup. This also updates the use of
ToscaPolicyTypeIdentifier for all the applications.
Very basic packaging for applications and their properties.
Added cleaning of unused imports to remove sonar issues.
Added production persistence.xml file to guard application.
Not sure if we need a copy in the application/common resource
directory.
Issue-ID: POLICY-1440
Change-Id: If96eef5a9e0a7c6cc5461c0bdb6f0cd708cc41bb
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
|