From a9c7e7322eb09672c8dfba32503653d12e685543 Mon Sep 17 00:00:00 2001 From: Michael Mokry Date: Wed, 10 Apr 2019 09:53:44 -0500 Subject: XACML PDP DmaaP Deploy/UnDeploy Function 1. Added PDPUpdate listener 2. Added PDPUpdate Publisher 3. Added code to handle PdpUpdate messages and load policies being deployed 4. Modified Activator to register listener 5. Provided placeholder code to get policies from pdpx for return PdpStatus response to the PAP 6. Other minor modifications 7. Fix XacmlPdpApplicationManager to only load policy if supports policy type. 8. Checkstyle fixes 9. Updated applications to support loadPolicy(ToscaPolicy) and all the translators, JUnit tests. 10. Consolidated some duplicate code in the applications. Can probably do more in that area. 11. Fixed bug in Properties not really having a copy constructor. Change-Id: Ic29ad426061cbdb79c1339314667bb8ff8decb88 Issue-ID: POLICY-1451 Signed-off-by: Michael Mokry Signed-off-by: Pamela Dragosh --- .../pdp/xacml/application/common/TestUtils.java | 68 ++++++++ .../application/common/ToscaPolicyTranslator.java | 10 +- .../common/XacmlApplicationServiceProvider.java | 8 +- .../std/StdCombinedPolicyResultsTranslator.java | 173 +++++++-------------- .../common/std/StdMatchableTranslator.java | 95 +++-------- .../std/StdXacmlApplicationServiceProvider.java | 81 ++++++++-- 6 files changed, 230 insertions(+), 205 deletions(-) create mode 100644 applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/TestUtils.java (limited to 'applications/common/src/main/java/org') diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/TestUtils.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/TestUtils.java new file mode 100644 index 00000000..fa32516d --- /dev/null +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/TestUtils.java @@ -0,0 +1,68 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common; + +import java.util.Map; +import java.util.Map.Entry; + +import org.onap.policy.common.utils.coder.CoderException; +import org.onap.policy.common.utils.coder.StandardCoder; +import org.onap.policy.common.utils.resources.ResourceUtils; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; +import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate; +import org.yaml.snakeyaml.Yaml; + +public class TestUtils { + private static final StandardCoder standardCoder = new StandardCoder(); + + private TestUtils() { + super(); + } + + /** + * Load the policies from a resource file into the given the application. + * + * @param resourceFile resource file + * @param service XacmlApplicationServiceProvider + * @throws CoderException exception if it cannot be decoded + * @throws XacmlApplicationException If the application cannot load the policy + */ + public static void loadPolicies(String resourceFile, XacmlApplicationServiceProvider service) + throws CoderException, XacmlApplicationException { + String policyYaml = ResourceUtils.getResourceAsString(resourceFile); + Yaml yaml = new Yaml(); + Object yamlObject = yaml.load(policyYaml); + String yamlAsJsonString = standardCoder.encode(yamlObject); + ToscaServiceTemplate serviceTemplate = standardCoder.decode(yamlAsJsonString, ToscaServiceTemplate.class); + // + // Get the policies + // + for (Map policies : serviceTemplate.getToscaTopologyTemplate().getPolicies()) { + for (Entry entrySet : policies.entrySet()) { + service.loadPolicy(entrySet.getValue()); + } + } + + } + +} diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java index f5f77d24..47ff70f6 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslator.java @@ -25,24 +25,22 @@ package org.onap.policy.pdp.xacml.application.common; import com.att.research.xacml.api.Request; import com.att.research.xacml.api.Response; -import java.util.List; -import java.util.Map; - import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; public interface ToscaPolicyTranslator { /** * Implement this method to translate policies. * - * @param toscaObject Incoming Tosca Policies object - * @return List of translated policies + * @param toscaPolicy Incoming Tosca Policy object + * @return Xacml PolicyType object * @throws ToscaPolicyConversionException Exception */ - List scanAndConvertPolicies(Map toscaObject) throws ToscaPolicyConversionException; + PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException; /** * Implement this method to convert an ONAP DecisionRequest into diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java index cf9b15cc..c1682fb7 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/XacmlApplicationServiceProvider.java @@ -23,10 +23,10 @@ package org.onap.policy.pdp.xacml.application.common; import java.nio.file.Path; import java.util.List; -import java.util.Map; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; /** @@ -79,11 +79,11 @@ public interface XacmlApplicationServiceProvider { boolean canSupportPolicyType(ToscaPolicyTypeIdentifier toscaPolicyId); /** - * Load a Map representation of a Tosca Policy. + * Load a Tosca Policy. * - * @param toscaPolicies Map of Tosca Policy Objects + * @param toscaPolicy object */ - void loadPolicies(Map toscaPolicies) throws XacmlApplicationException; + void loadPolicy(ToscaPolicy toscaPolicy) throws XacmlApplicationException; /** * Makes a decision given the incoming request and returns a response. diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java index 16798379..20b34006 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdCombinedPolicyResultsTranslator.java @@ -31,16 +31,11 @@ import com.att.research.xacml.api.Response; import com.att.research.xacml.api.Result; import com.att.research.xacml.api.XACML3; import com.att.research.xacml.std.annotations.RequestParser; -import com.att.research.xacml.util.XACMLPolicyWriter; import com.google.gson.Gson; -import java.io.ByteArrayOutputStream; -import java.io.IOException; import java.util.ArrayList; import java.util.Collection; -import java.util.List; import java.util.Map; -import java.util.Map.Entry; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeAssignmentExpressionType; @@ -54,9 +49,11 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; -import org.json.JSONObject; +import org.onap.policy.common.utils.coder.CoderException; +import org.onap.policy.common.utils.coder.StandardCoder; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.pdp.xacml.application.common.ToscaDictionary; import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; @@ -72,44 +69,61 @@ public class StdCombinedPolicyResultsTranslator implements ToscaPolicyTranslator super(); } - @SuppressWarnings("unchecked") @Override - public List scanAndConvertPolicies(Map toscaObject) - throws ToscaPolicyConversionException { + public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException { // - // Our return object + // Set it as the policy ID // - List scannedPolicies = new ArrayList<>(); + PolicyType newPolicyType = new PolicyType(); + newPolicyType.setPolicyId(toscaPolicy.getMetadata().get("policy-id")); // - // Iterate each of the Policies + // Optional description // - List policies = (List) toscaObject.get("policies"); - for (Object policyObject : policies) { - // - // Get the contents - // - LOGGER.debug("Found policy {}", policyObject.getClass()); - Map policyContents = (Map) policyObject; - for (Entry entrySet : policyContents.entrySet()) { - LOGGER.debug("Entry set {}", entrySet); - // - // Convert this policy - // - PolicyType policy = this.convertPolicy(entrySet); - try (ByteArrayOutputStream os = new ByteArrayOutputStream()) { - XACMLPolicyWriter.writePolicyFile(os, policy); - LOGGER.debug("{}", os); - } catch (IOException e) { - LOGGER.error("Failed to convert {}", e); - } - // - // Convert and add in the new policy - // - scannedPolicies.add(policy); - } + newPolicyType.setDescription(toscaPolicy.getDescription()); + // + // There should be a metadata section + // + this.fillMetadataSection(newPolicyType, toscaPolicy.getMetadata()); + // + // Set the combining rule + // + newPolicyType.setRuleCombiningAlgId(XACML3.ID_RULE_FIRST_APPLICABLE.stringValue()); + // + // Generate the TargetType + // + TargetType target = this.generateTargetType(toscaPolicy.getMetadata().get("policy-id"), + toscaPolicy.getType(), toscaPolicy.getVersion()); + newPolicyType.setTarget(target); + // + // Now create the Permit Rule + // No target since the policy has a target + // With obligations. + // + RuleType rule = new RuleType(); + rule.setDescription("Default is to PERMIT if the policy matches."); + rule.setRuleId(toscaPolicy.getMetadata().get("policy-id") + ":rule"); + rule.setEffect(EffectType.PERMIT); + rule.setTarget(new TargetType()); + // + // Now represent the policy as Json + // + StandardCoder coder = new StandardCoder(); + String jsonPolicy; + try { + jsonPolicy = coder.encode(toscaPolicy); + } catch (CoderException e) { + LOGGER.error("Failed to encode policy to json", e); + throw new ToscaPolicyConversionException(e); } - - return scannedPolicies; + addObligation(rule, jsonPolicy); + // + // Add the rule to the policy + // + newPolicyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule); + // + // Return our new policy + // + return newPolicyType; } @Override @@ -194,99 +208,30 @@ public class StdCombinedPolicyResultsTranslator implements ToscaPolicyTranslator } } - @SuppressWarnings("unchecked") - protected PolicyType convertPolicy(Entry entrySet) throws ToscaPolicyConversionException { - // - // Policy name should be at the root - // - String policyName = entrySet.getKey(); - Map policyDefinition = (Map) entrySet.getValue(); - // - // Set it as the policy ID - // - PolicyType newPolicyType = new PolicyType(); - newPolicyType.setPolicyId(policyName); - // - // Optional description - // - if (policyDefinition.containsKey("description")) { - newPolicyType.setDescription(policyDefinition.get("description").toString()); - } - // - // There should be a metadata section - // - if (! policyDefinition.containsKey("metadata")) { - throw new ToscaPolicyConversionException(policyName + " missing metadata section"); - } - this.fillMetadataSection(newPolicyType, - (Map) policyDefinition.get("metadata")); - // - // Set the combining rule - // - newPolicyType.setRuleCombiningAlgId(XACML3.ID_RULE_FIRST_APPLICABLE.stringValue()); - // - // Generate the TargetType - // - if (! policyDefinition.containsKey("type")) { - throw new ToscaPolicyConversionException(policyName + " missing type value"); - } - if (! policyDefinition.containsKey("version")) { - throw new ToscaPolicyConversionException(policyName + " missing version value"); - } - TargetType target = this.generateTargetType(policyName, - policyDefinition.get("type").toString(), - policyDefinition.get("version").toString()); - newPolicyType.setTarget(target); - // - // Now create the Permit Rule - // No target since the policy has a target - // With obligations. - // - RuleType rule = new RuleType(); - rule.setDescription("Default is to PERMIT if the policy matches."); - rule.setRuleId(policyName + ":rule"); - rule.setEffect(EffectType.PERMIT); - rule.setTarget(new TargetType()); - // - // Now represent the policy as Json - // - JSONObject jsonObligation = new JSONObject(); - jsonObligation.put(policyName, policyDefinition); - addObligation(rule, jsonObligation); - // - // Add the rule to the policy - // - newPolicyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule); - // - // Return our new policy - // - return newPolicyType; - } - /** * From the TOSCA metadata section, pull in values that are needed into the XACML policy. * * @param policy Policy Object to store the metadata - * @param metadata The Metadata TOSCA Map + * @param map The Metadata TOSCA Map * @return Same Policy Object * @throws ToscaPolicyConversionException If there is something missing from the metadata */ protected PolicyType fillMetadataSection(PolicyType policy, - Map metadata) throws ToscaPolicyConversionException { - if (! metadata.containsKey("policy-id")) { + Map map) throws ToscaPolicyConversionException { + if (! map.containsKey("policy-id")) { throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-id"); } else { // // Do nothing here - the XACML PolicyId is used from TOSCA Policy Name field // } - if (! metadata.containsKey("policy-version")) { + if (! map.containsKey("policy-version")) { throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-version"); } else { // // Add in the Policy Version // - policy.setVersion(metadata.get("policy-version").toString()); + policy.setVersion(map.get("policy-version").toString()); } return policy; } @@ -346,7 +291,7 @@ public class StdCombinedPolicyResultsTranslator implements ToscaPolicyTranslator return target; } - protected RuleType addObligation(RuleType rule, JSONObject jsonPolicy) { + protected RuleType addObligation(RuleType rule, String jsonPolicy) { // // Convert the YAML Policy to JSON Object // @@ -358,7 +303,7 @@ public class StdCombinedPolicyResultsTranslator implements ToscaPolicyTranslator // AttributeValueType value = new AttributeValueType(); value.setDataType(ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_DATATYPE.stringValue()); - value.getContent().add(jsonPolicy.toString()); + value.getContent().add(jsonPolicy); // // Create our AttributeAssignmentExpression where we will // store the contents of the policy in JSON format. diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMatchableTranslator.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMatchableTranslator.java index 6ff1566b..9d3c6264 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMatchableTranslator.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdMatchableTranslator.java @@ -32,15 +32,11 @@ import com.att.research.xacml.api.Response; import com.att.research.xacml.api.Result; import com.att.research.xacml.api.XACML3; import com.att.research.xacml.std.annotations.RequestParser; -import com.att.research.xacml.util.XACMLPolicyWriter; import com.google.gson.Gson; -import java.io.ByteArrayOutputStream; -import java.io.IOException; import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; -import java.util.List; import java.util.Map; import java.util.Map.Entry; @@ -56,9 +52,11 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; -import org.json.JSONObject; +import org.onap.policy.common.utils.coder.CoderException; +import org.onap.policy.common.utils.coder.StandardCoder; import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.pdp.xacml.application.common.ToscaDictionary; import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; @@ -74,46 +72,6 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { super(); } - @SuppressWarnings("unchecked") - @Override - public List scanAndConvertPolicies(Map toscaObject) - throws ToscaPolicyConversionException { - // - // Our return object - // - List scannedPolicies = new ArrayList<>(); - // - // Iterate each of the Policies - // - List policies = (List) toscaObject.get("policies"); - for (Object policyObject : policies) { - // - // Get the contents - // - LOGGER.debug("Found policy {}", policyObject.getClass()); - Map policyContents = (Map) policyObject; - for (Entry entrySet : policyContents.entrySet()) { - LOGGER.debug("Entry set {}", entrySet); - // - // Convert this policy - // - PolicyType policy = this.convertPolicy(entrySet); - try (ByteArrayOutputStream os = new ByteArrayOutputStream()) { - XACMLPolicyWriter.writePolicyFile(os, policy); - LOGGER.debug("{}", os); - } catch (IOException e) { - LOGGER.error("Failed to convert {}", e); - } - // - // Convert and add in the new policy - // - scannedPolicies.add(policy); - } - } - - return scannedPolicies; - } - @Override public Request convertRequest(DecisionRequest request) { LOGGER.debug("Converting Request {}", request); @@ -197,13 +155,12 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { } - @SuppressWarnings("unchecked") - protected PolicyType convertPolicy(Entry entrySet) throws ToscaPolicyConversionException { + @Override + public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException { // // Policy name should be at the root // - String policyName = entrySet.getKey(); - Map policyDefinition = (Map) entrySet.getValue(); + String policyName = toscaPolicy.getMetadata().get("policy-id"); // // Set it as the policy ID // @@ -212,17 +169,11 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { // // Optional description // - if (policyDefinition.containsKey("description")) { - newPolicyType.setDescription(policyDefinition.get("description").toString()); - } + newPolicyType.setDescription(toscaPolicy.getDescription()); // // There should be a metadata section // - if (! policyDefinition.containsKey("metadata")) { - throw new ToscaPolicyConversionException(policyName + " missing metadata section"); - } - this.fillMetadataSection(newPolicyType, - (Map) policyDefinition.get("metadata")); + this.fillMetadataSection(newPolicyType, toscaPolicy.getMetadata()); // // Set the combining rule // @@ -230,11 +181,7 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { // // Generate the TargetType // - if (! policyDefinition.containsKey("properties")) { - throw new ToscaPolicyConversionException(policyName + " missing properties section"); - } - policyDefinition.get("properties"); - newPolicyType.setTarget(generateTargetType((Map) policyDefinition.get("properties"))); + newPolicyType.setTarget(generateTargetType(toscaPolicy.getProperties())); // // Now create the Permit Rule // No target since the policy has a target @@ -248,9 +195,15 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { // // Now represent the policy as Json // - JSONObject jsonObligation = new JSONObject(); - jsonObligation.put(policyName, policyDefinition); - addObligation(rule, jsonObligation); + StandardCoder coder = new StandardCoder(); + String jsonPolicy; + try { + jsonPolicy = coder.encode(toscaPolicy); + } catch (CoderException e) { + LOGGER.error("Failed to encode policy to json", e); + throw new ToscaPolicyConversionException(e); + } + addObligation(rule, jsonPolicy); // // Add the rule to the policy // @@ -265,26 +218,26 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { * From the TOSCA metadata section, pull in values that are needed into the XACML policy. * * @param policy Policy Object to store the metadata - * @param metadata The Metadata TOSCA Map + * @param map The Metadata TOSCA Map * @return Same Policy Object * @throws ToscaPolicyConversionException If there is something missing from the metadata */ protected PolicyType fillMetadataSection(PolicyType policy, - Map metadata) throws ToscaPolicyConversionException { - if (! metadata.containsKey("policy-id")) { + Map map) throws ToscaPolicyConversionException { + if (! map.containsKey("policy-id")) { throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-id"); } else { // // Do nothing here - the XACML PolicyId is used from TOSCA Policy Name field // } - if (! metadata.containsKey("policy-version")) { + if (! map.containsKey("policy-version")) { throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-version"); } else { // // Add in the Policy Version // - policy.setVersion(metadata.get("policy-version").toString()); + policy.setVersion(map.get("policy-version").toString()); } return policy; } @@ -360,7 +313,7 @@ public class StdMatchableTranslator implements ToscaPolicyTranslator { return anyOf; } - protected RuleType addObligation(RuleType rule, JSONObject jsonPolicy) { + protected RuleType addObligation(RuleType rule, String jsonPolicy) { // // Convert the YAML Policy to JSON Object // diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java index 19d8d829..7f85d2f0 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdXacmlApplicationServiceProvider.java @@ -28,6 +28,7 @@ import com.att.research.xacml.api.pdp.PDPEngine; import com.att.research.xacml.api.pdp.PDPEngineFactory; import com.att.research.xacml.api.pdp.PDPException; import com.att.research.xacml.util.FactoryException; +import com.att.research.xacml.util.XACMLPolicyWriter; import java.io.IOException; import java.io.InputStream; @@ -37,19 +38,23 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.util.Collections; import java.util.List; -import java.util.Map; import java.util.Properties; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; + import org.onap.policy.models.decisions.concepts.DecisionRequest; import org.onap.policy.models.decisions.concepts.DecisionResponse; +import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy; import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException; +import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException; import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider; import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -public class StdXacmlApplicationServiceProvider implements XacmlApplicationServiceProvider { +public abstract class StdXacmlApplicationServiceProvider implements XacmlApplicationServiceProvider { private static final Logger LOGGER = LoggerFactory.getLogger(StdXacmlApplicationServiceProvider.class); private Path pathForData = null; @@ -115,28 +120,84 @@ public class StdXacmlApplicationServiceProvider implements XacmlApplicationServi @Override public boolean canSupportPolicyType(ToscaPolicyTypeIdentifier policyTypeId) { - return false; + throw new UnsupportedOperationException("Please override and implement canSupportPolicyType"); } @Override - public void loadPolicies(Map toscaPolicies) throws XacmlApplicationException { - throw new UnsupportedOperationException("Please override and implement loadPolicies"); + public synchronized void loadPolicy(ToscaPolicy toscaPolicy) { + try { + // + // Convert the policies first + // + PolicyType xacmlPolicy = this.getTranslator().convertPolicy(toscaPolicy); + if (xacmlPolicy == null) { + throw new ToscaPolicyConversionException("Failed to convert policy"); + } + // + // Create a copy of the properties object + // + Properties newProperties = this.getProperties(); + // + // Construct the filename + // + Path refPath = XacmlPolicyUtils.constructUniquePolicyFilename(xacmlPolicy, this.getDataPath()); + // + // Write the policy to disk + // Maybe check for an error + // + XACMLPolicyWriter.writePolicyFile(refPath, xacmlPolicy); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Xacml Policy is {}{}", System.lineSeparator(), new String(Files.readAllBytes(refPath))); + } + // + // Add root policy to properties object + // + XacmlPolicyUtils.addRootPolicy(newProperties, refPath); + // + // Write the properties to disk + // + XacmlPolicyUtils.storeXacmlProperties(newProperties, + XacmlPolicyUtils.getPropertiesPath(this.getDataPath())); + // + // Reload the engine + // + this.createEngine(newProperties); + // + // Save the properties + // + this.pdpProperties = newProperties; + } catch (IOException | ToscaPolicyConversionException e) { + LOGGER.error("Failed to loadPolicies {}", e); + } } @Override - public DecisionResponse makeDecision(DecisionRequest request) { + public synchronized DecisionResponse makeDecision(DecisionRequest request) { // - // We should have a standard error response to return + // Convert to a XacmlRequest // - return null; + Request xacmlRequest = this.getTranslator().convertRequest(request); + // + // Now get a decision + // + Response xacmlResponse = this.xacmlDecision(xacmlRequest); + // + // Convert to a DecisionResponse + // + return this.getTranslator().convertResponse(xacmlResponse); } + + protected abstract ToscaPolicyTranslator getTranslator(); + protected synchronized PDPEngine getEngine() { return this.pdpEngine; } protected synchronized Properties getProperties() { - return new Properties(pdpProperties); + Properties newProperties = new Properties(); + newProperties.putAll(pdpProperties); + return newProperties; } protected synchronized Path getDataPath() { @@ -190,7 +251,7 @@ public class StdXacmlApplicationServiceProvider implements XacmlApplicationServi PDPEngine engine = factory.newEngine(properties); if (engine != null) { this.pdpEngine = engine; - this.pdpProperties = new Properties(properties); +// this.pdpProperties = new Properties(properties); } } catch (FactoryException e) { LOGGER.error("Failed to create XACML PDP Engine {}", e); -- cgit 1.2.3-korg