From b909b14fe88c5fe8f096cf8b471a2aa799d84739 Mon Sep 17 00:00:00 2001 From: Pamela Dragosh Date: Sat, 9 Mar 2019 11:48:44 -0500 Subject: Monitoring policy creation foundation Upgrde to xacml v2.0.0 release artifact. Some re-arrangement of classes. New class to support a common dictionary among the monitoring applications. I may move it to a common under the main since some of the values are shareable. Created application service provider, so the XACML main knows what policy types are pre-loaded and can report them back to the PAP. struggled with cucumber, which does not create TemporaryFolder although the documentation says its supported. Added a new Policy Finder specific to ONAP which does quicker job to load policies. Issue-ID: POLICY-1273 Change-Id: I4af15a64da3b42d48f29809710421b1649625adc Signed-off-by: Pamela Dragosh --- .../application/common/ToscaDictionaryTest.java | 56 +++++ .../common/ToscaPolicyConversionExceptionTest.java | 35 ++++ .../common/ToscaPolicyConverterUtilsTest.java | 42 ++++ .../common/XacmlUpdatePolicyUtilsTest.java | 226 +++++++++++++++++++++ .../common/src/test/resources/test.properties | 32 +++ 5 files changed, 391 insertions(+) create mode 100644 applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionaryTest.java create mode 100644 applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConversionExceptionTest.java create mode 100644 applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverterUtilsTest.java create mode 100644 applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtilsTest.java create mode 100644 applications/common/src/test/resources/test.properties (limited to 'applications/common/src/test') diff --git a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionaryTest.java b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionaryTest.java new file mode 100644 index 00000000..d427982f --- /dev/null +++ b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaDictionaryTest.java @@ -0,0 +1,56 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common; + +import static org.assertj.core.api.Assertions.assertThatCode; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + +import java.lang.reflect.Constructor; +import java.lang.reflect.Modifier; + +import org.junit.Test; + +public class ToscaDictionaryTest { + + @Test + public void testConstructorIsProtected() throws Exception { + // + // Ensure that this is static class + // + final Constructor constructor = ToscaDictionary.class.getDeclaredConstructor(); + assertTrue(Modifier.isPrivate(constructor.getModifiers())); + // + // Trying to get 100% code coverage + // + assertThatCode(() -> { + constructor.setAccessible(true); + constructor.newInstance(); + }).doesNotThrowAnyException(); + // + // Probably don't need these as these ID's are used by other components + // + assertNotNull(ToscaDictionary.ID_OBLIGATION_ISSUER); + } + +} diff --git a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConversionExceptionTest.java b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConversionExceptionTest.java new file mode 100644 index 00000000..bee4ba3d --- /dev/null +++ b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConversionExceptionTest.java @@ -0,0 +1,35 @@ +/* + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common; + +import static org.junit.Assert.assertEquals; + +import org.junit.Test; +import org.onap.policy.common.utils.test.ExceptionsTester; + +public class ToscaPolicyConversionExceptionTest { + + @Test + public void test() { + assertEquals(5, new ExceptionsTester().test(ToscaPolicyConversionException.class)); + } + +} diff --git a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverterUtilsTest.java b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverterUtilsTest.java new file mode 100644 index 00000000..cc1787c3 --- /dev/null +++ b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyConverterUtilsTest.java @@ -0,0 +1,42 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common; + +import static org.junit.Assert.assertTrue; + +import java.lang.reflect.Constructor; +import java.lang.reflect.Modifier; + +import org.junit.Test; + +public class ToscaPolicyConverterUtilsTest { + + @Test + public void test() throws NoSuchMethodException, SecurityException { + final Constructor constructor + = ToscaPolicyConverterUtils.class.getDeclaredConstructor(); + assertTrue(Modifier.isPrivate(constructor.getModifiers())); + + } + +} diff --git a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtilsTest.java b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtilsTest.java new file mode 100644 index 00000000..84fefa5c --- /dev/null +++ b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/XacmlUpdatePolicyUtilsTest.java @@ -0,0 +1,226 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.pdp.xacml.application.common; + +import static org.assertj.core.api.Assertions.assertThatCode; + +import com.att.research.xacml.api.XACML3; +import com.att.research.xacml.util.XACMLPolicyWriter; +import com.att.research.xacml.util.XACMLProperties; + +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.nio.file.Files; +import java.nio.file.Path; +import java.util.Map.Entry; +import java.util.Properties; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.EffectType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySetType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; +import org.junit.BeforeClass; +import org.junit.ClassRule; +import org.junit.Test; +import org.junit.rules.TemporaryFolder; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Utility methods for storing policies to disk and updating Properties objects + * that reference policies. + * + * @author pameladragosh + * + */ +public class XacmlUpdatePolicyUtilsTest { + private static final Logger LOGGER = LoggerFactory.getLogger(XacmlUpdatePolicyUtilsTest.class); + + static Properties properties; + + static PolicySetType rootPolicy = new PolicySetType(); + + static Path rootPath; + + static PolicyType policy1 = new PolicyType(); + static PolicyType policy2 = new PolicyType(); + + static PolicySetType policySet3 = new PolicySetType(); + + static Path path1; + static Path path2; + + static Path policySetPath; + + /** + * Temporary folder where we will store newly created policies. + */ + @ClassRule + public static TemporaryFolder policyFolder = new TemporaryFolder(); + + /** + * Setup the JUnit tests. + * + * @throws Exception thrown + */ + @BeforeClass + public static void setUp() throws Exception { + assertThatCode(() -> { + // + // Load our test property object + // + try (InputStream is = new FileInputStream("src/test/resources/test.properties")) { + properties = new Properties(); + properties.load(is); + } + // + // Create a very basic Root policy + // + rootPolicy.setPolicySetId("root"); + rootPolicy.setTarget(new TargetType()); + rootPolicy.setPolicyCombiningAlgId(XACML3.ID_POLICY_FIRST_APPLICABLE.stringValue()); + File rootFile = policyFolder.newFile("root.xml"); + LOGGER.info("Creating Root Policy {}", rootFile.getAbsolutePath()); + rootPath = XACMLPolicyWriter.writePolicyFile(rootFile.toPath(), rootPolicy); + // + // Create policies + // + path1 = createPolicy(policy1, "policy1", "resource1"); + LOGGER.info(new String(Files.readAllBytes(path1))); + path2 = createPolicy(policy2, "policy2", "resource2"); + LOGGER.info(new String(Files.readAllBytes(path2))); + // + // Create another PolicySet + // + policySet3.setPolicySetId("policyset1"); + policySet3.setTarget(new TargetType()); + policySet3.setPolicyCombiningAlgId(XACML3.ID_POLICY_FIRST_APPLICABLE.stringValue()); + ObjectFactory factory = new ObjectFactory(); + + policySet3.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicy(policy1)); + policySet3.getPolicySetOrPolicyOrPolicySetIdReference().add(factory.createPolicy(policy2)); + File policySetFile = policyFolder.newFile("policySet1.xml"); + LOGGER.info("Creating PolicySet {}", policySetFile.getAbsolutePath()); + policySetPath = XACMLPolicyWriter.writePolicyFile(policySetFile.toPath(), policySet3); + + }).doesNotThrowAnyException(); + } + + private static Path createPolicy(PolicyType policy, String id, String resource) throws IOException { + // + // Create Policy 1 + // + policy.setPolicyId(id); + MatchType matchPolicyId = ToscaPolicyConverterUtils.buildMatchTypeDesignator( + XACML3.ID_FUNCTION_STRING_EQUAL, + resource, + XACML3.ID_DATATYPE_STRING, + XACML3.ID_RESOURCE_RESOURCE_ID, + XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE); + // + // This is our outer AnyOf - which is an OR + // + AnyOfType anyOf = new AnyOfType(); + // + // Create AllOf (AND) of just Policy Id + // + anyOf.getAllOf().add(ToscaPolicyConverterUtils.buildAllOf(matchPolicyId)); + TargetType target = new TargetType(); + target.getAnyOf().add(anyOf); + policy.setTarget(target); + RuleType rule = new RuleType(); + rule.setRuleId(policy.getPolicyId() + ":rule"); + rule.setEffect(EffectType.PERMIT); + rule.setTarget(new TargetType()); + // + // Add the rule to the policy + // + policy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule); + // + // Create a file + // + File file = policyFolder.newFile(policy.getPolicyId() + ".xml"); + LOGGER.info("Creating Policy {}", file.getAbsolutePath()); + return XACMLPolicyWriter.writePolicyFile(file.toPath(), policy); + } + + @Test + public void test() { + assertThatCode(() -> { + // + // Just update root and policies + // + XacmlUpdatePolicyUtils.updateXacmlRootPolicy(rootPolicy, policy1, policy2); + try (OutputStream os = new ByteArrayOutputStream()) { + XACMLPolicyWriter.writePolicyFile(os, rootPolicy); + LOGGER.debug("New Root Policy:{}{}", System.lineSeparator(), os.toString()); + } + // + // Test updating the properties + // + XACMLProperties.setXacmlRootProperties(properties, rootPath); + XACMLProperties.setXacmlReferencedProperties(properties, path1, path2); + // + // Dump this out so I can see what I'm doing + // + for (Entry entry : properties.entrySet()) { + LOGGER.info("{}={}", entry.getKey(), entry.getValue()); + } + LOGGER.info("Properties {}", properties.toString()); + // + // Somehow I have to figure out how to test this in assertj + // + // + // Just update root and PolicySet + // + XacmlUpdatePolicyUtils.updateXacmlRootPolicy(rootPolicy, policySet3); + try (OutputStream os = new ByteArrayOutputStream()) { + XACMLPolicyWriter.writePolicyFile(os, rootPolicy); + LOGGER.debug("New Root Policy:{}{}", System.lineSeparator(), os.toString()); + } + // + // Test updating the properties + // + XACMLProperties.setXacmlRootProperties(properties, rootPath); + XACMLProperties.setXacmlReferencedProperties(properties, policySetPath); + // + // Dump this out so I can see what I'm doing + // + for (Entry entry : properties.entrySet()) { + LOGGER.info("{}={}", entry.getKey(), entry.getValue()); + } + LOGGER.info("Properties {}", properties.toString()); + // + // Somehow I have to figure out how to test this in assertj + // + + }).doesNotThrowAnyException(); + } +} diff --git a/applications/common/src/test/resources/test.properties b/applications/common/src/test/resources/test.properties new file mode 100644 index 00000000..efe90d82 --- /dev/null +++ b/applications/common/src/test/resources/test.properties @@ -0,0 +1,32 @@ +# +# Properties that the embedded PDP engine uses to configure and load +# +# Standard API Factories +# +xacml.dataTypeFactory=com.att.research.xacml.std.StdDataTypeFactory +xacml.pdpEngineFactory=com.att.research.xacmlatt.pdp.ATTPDPEngineFactory +xacml.pepEngineFactory=com.att.research.xacml.std.pep.StdEngineFactory +xacml.pipFinderFactory=com.att.research.xacml.std.pip.StdPIPFinderFactory +xacml.traceEngineFactory=com.att.research.xacml.std.trace.LoggingTraceEngineFactory +# +# AT&T PDP Implementation Factories +# +xacml.att.evaluationContextFactory=com.att.research.xacmlatt.pdp.std.StdEvaluationContextFactory +xacml.att.combiningAlgorithmFactory=com.att.research.xacmlatt.pdp.std.StdCombiningAlgorithmFactory +xacml.att.functionDefinitionFactory=com.att.research.xacmlatt.pdp.std.StdFunctionDefinitionFactory +# +# ONAP PDP Implementation Factories +# +xacml.att.policyFinderFactory=org.onap.policy.pdp.xacml.application.common.OnapPolicyFinderFactory + +# +# +# +xacml.rootPolicies=rootstart +rootstart.file=src/test/resources/root.xml + +xacml.referencedPolicies=refstart1,refstart2,refstart3,refstart4 +refstart1.file=src/test/resources/ref1.xml +refstart2.file=src/test/resources/ref2.xml +refstart3.file=src/test/resources/ref3.xml +refstart4.file=src/test/resources/ref4.xml -- cgit 1.2.3-korg