From 5920c029d3818a22f591c6aa1ffff4e34b6df234 Mon Sep 17 00:00:00 2001 From: Pamela Dragosh Date: Wed, 17 Feb 2021 15:48:01 -0600 Subject: Utilize time extensions Switched to using the new Time Extensions released in XACML from github v3.0. Added more thorough tests for it as well as the flexibility of specifying the current time etc. More syntax checking on the inputs from the policy. Issue-ID: POLICY-2810 Change-Id: I1b4ec885c706e37949e5dabe14c63b0d7456cd4f Signed-off-by: Pamela Dragosh --- .../common/ToscaPolicyTranslatorUtils.java | 32 +++++++++++++-- .../common/ToscaPolicyTranslatorUtilsTest.java | 46 +++++++++++++++++++++- 2 files changed, 73 insertions(+), 5 deletions(-) (limited to 'applications/common/src') diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java index 796499d4..a5e804e0 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtils.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP * ================================================================================ - * Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,9 +29,11 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.ApplyType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeDesignatorType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.ConditionType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory; import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.VariableReferenceType; import org.apache.commons.lang3.StringUtils; /** @@ -114,7 +116,7 @@ public final class ToscaPolicyTranslatorUtils { * @param end ISO8601 timestamp * @return ApplyType */ - public static ApplyType generateTimeInRange(String start, String end) { + public static ApplyType generateTimeInRange(String start, String end, boolean useRecurringFunction) { if (StringUtils.isBlank(start) || StringUtils.isBlank(end)) { return null; } @@ -140,7 +142,11 @@ public final class ToscaPolicyTranslatorUtils { ApplyType applyTimeInRange = new ApplyType(); applyTimeInRange.setDescription("return true if current time is in range."); - applyTimeInRange.setFunctionId(XACML3.ID_FUNCTION_TIME_IN_RANGE.stringValue()); + if (useRecurringFunction) { + applyTimeInRange.setFunctionId(XACML3.ID_FUNCTION_TIME_IN_RECURRING_RANGE.stringValue()); + } else { + applyTimeInRange.setFunctionId(XACML3.ID_FUNCTION_TIME_IN_RANGE.stringValue()); + } applyTimeInRange.getExpression().add(factory.createApply(applyOneAndOnly)); applyTimeInRange.getExpression().add(factory.createAttributeValue(valueStart)); applyTimeInRange.getExpression().add(factory.createAttributeValue(valueEnd)); @@ -214,4 +220,24 @@ public final class ToscaPolicyTranslatorUtils { } return target; } + + /** + * For an existing ConditionType, this method adds in a check for a variable. You must specify + * the function that compares the existing ConditionType's expression against the Variable. + * + * @param condition Existing ConditionType to use + * @param variable VariableReferenceType to use + * @param functionId XACML 3.0 identifier for the function + * @return a new ConditionType + */ + public static ConditionType addVariableToCondition(ConditionType condition, VariableReferenceType variable, + Identifier functionId) { + ApplyType applyFunction = new ApplyType(); + applyFunction.setFunctionId(functionId.stringValue()); + applyFunction.getExpression().add(condition.getExpression()); + applyFunction.getExpression().add(factory.createVariableReference(variable)); + ConditionType newCondition = new ConditionType(); + newCondition.setExpression(factory.createApply(applyFunction)); + return newCondition; + } } diff --git a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtilsTest.java b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtilsTest.java index 5d451e2c..99627f67 100644 --- a/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtilsTest.java +++ b/applications/common/src/test/java/org/onap/policy/pdp/xacml/application/common/ToscaPolicyTranslatorUtilsTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP * ================================================================================ - * Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,15 +25,23 @@ package org.onap.policy.pdp.xacml.application.common; import static org.assertj.core.api.Assertions.assertThat; import static org.junit.Assert.assertTrue; +import com.att.research.xacml.api.XACML3; import java.lang.reflect.Constructor; import java.lang.reflect.Modifier; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AllOfType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.ApplyType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeDesignatorType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.ConditionType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory; import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.VariableReferenceType; import org.junit.Test; public class ToscaPolicyTranslatorUtilsTest { + private static final ObjectFactory factory = new ObjectFactory(); @Test public void test() throws NoSuchMethodException, SecurityException { @@ -45,7 +53,9 @@ public class ToscaPolicyTranslatorUtilsTest { @Test public void testTimeInRange() { - assertThat(ToscaPolicyTranslatorUtils.generateTimeInRange("T00:00:00Z", "T08:00:00Z")).isNotNull(); + ApplyType apply = ToscaPolicyTranslatorUtils.generateTimeInRange("00:00:00Z", "08:00:00Z", true); + assertThat(apply).isNotNull(); + assertThat(apply.getExpression()).hasSize(3); } @Test @@ -68,4 +78,36 @@ public class ToscaPolicyTranslatorUtilsTest { assertThat(ToscaPolicyTranslatorUtils.parseInteger("1")).isEqualTo(1); assertThat(ToscaPolicyTranslatorUtils.parseInteger("1.0")).isEqualTo(1); } + + @Test + public void testAddingVariables() { + ApplyType applyType = new ApplyType(); + applyType.setFunctionId(XACML3.ID_FUNCTION_STRING_EQUAL.stringValue()); + + AttributeValueType value = new AttributeValueType(); + value.setDataType(XACML3.ID_DATATYPE_STRING.stringValue()); + value.getContent().add("1"); + applyType.getExpression().add(factory.createAttributeValue(value)); + + AttributeDesignatorType designator = new AttributeDesignatorType(); + designator.setAttributeId(XACML3.ID_RESOURCE.stringValue()); + designator.setCategory(XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE.stringValue()); + designator.setDataType(XACML3.ID_DATATYPE_STRING.stringValue()); + applyType.getExpression().add(factory.createAttributeDesignator(designator)); + + ConditionType condition = new ConditionType(); + condition.setExpression(factory.createApply(applyType)); + + VariableReferenceType variable = new VariableReferenceType(); + + variable.setVariableId("my-variable-id"); + + ConditionType newCondition = ToscaPolicyTranslatorUtils.addVariableToCondition(condition, variable, + XACML3.ID_FUNCTION_AND); + + assertThat(newCondition.getExpression().getValue()).isInstanceOf(ApplyType.class); + Object obj = newCondition.getExpression().getValue(); + assertThat(((ApplyType) obj).getFunctionId()).isEqualTo(XACML3.ID_FUNCTION_AND.stringValue()); + assertThat(((ApplyType) obj).getExpression()).hasSize(2); + } } -- cgit 1.2.3-korg