From 5920c029d3818a22f591c6aa1ffff4e34b6df234 Mon Sep 17 00:00:00 2001 From: Pamela Dragosh Date: Wed, 17 Feb 2021 15:48:01 -0600 Subject: Utilize time extensions Switched to using the new Time Extensions released in XACML from github v3.0. Added more thorough tests for it as well as the flexibility of specifying the current time etc. More syntax checking on the inputs from the policy. Issue-ID: POLICY-2810 Change-Id: I1b4ec885c706e37949e5dabe14c63b0d7456cd4f Signed-off-by: Pamela Dragosh --- .../application/guard/GuardPdpApplicationTest.java | 64 +++++++++++++++++++++- .../pdp/application/guard/GuardTranslatorTest.java | 14 +++-- 2 files changed, 73 insertions(+), 5 deletions(-) (limited to 'applications/guard/src/test/java/org/onap') diff --git a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java index 3b1b1c60..5b32b2a8 100644 --- a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java +++ b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP * ================================================================================ - * Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved. * Modifications Copyright (C) 2021 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); @@ -32,6 +32,7 @@ import java.io.FileNotFoundException; import java.io.IOException; import java.sql.Date; import java.time.Instant; +import java.time.OffsetDateTime; import java.util.Iterator; import java.util.List; import java.util.Map; @@ -426,6 +427,67 @@ public class GuardPdpApplicationTest { requestAndCheckDecision(requestVfCount, PERMIT); } + @Test + public void test7TimeInRange() throws Exception { + LOGGER.info("**************** Running test7TimeInRange ****************"); + // + // Re-Load Decision Request - so we can start from scratch + // + DecisionRequest requestInRange = + gson.decode(TextFileUtils.getTextFileAsString("src/test/resources/requests/guard.timeinrange.json"), + DecisionRequest.class); + // + // Load the test policy in with the others. + // + List loadedPolicies = + TestUtils.loadPolicies("src/test/resources/test-time-in-range.yaml", service); + assertThat(loadedPolicies).hasSize(1); + // + // Mock what the current date and time is. Set to 12 Noon + // We actually do not care about time zone or the date yet, but these are here + // for future. + // + OffsetDateTime offsetDateTime = OffsetDateTime.parse("2020-01-01T12:00:00+05:00"); + requestInRange.setCurrentDateTime(offsetDateTime); + requestInRange.setCurrentDate(offsetDateTime.toLocalDate()); + requestInRange.setCurrentTime(offsetDateTime.toOffsetTime()); + requestInRange.setTimeZone(offsetDateTime.getOffset()); + + requestAndCheckDecision(requestInRange, PERMIT); + + offsetDateTime = OffsetDateTime.parse("2020-01-01T07:59:59+05:00"); + requestInRange.setCurrentDateTime(offsetDateTime); + requestInRange.setCurrentDate(offsetDateTime.toLocalDate()); + requestInRange.setCurrentTime(offsetDateTime.toOffsetTime()); + requestInRange.setTimeZone(offsetDateTime.getOffset()); + + requestAndCheckDecision(requestInRange, DENY); + + offsetDateTime = OffsetDateTime.parse("2020-01-01T08:00:00+05:00"); + requestInRange.setCurrentDateTime(offsetDateTime); + requestInRange.setCurrentDate(offsetDateTime.toLocalDate()); + requestInRange.setCurrentTime(offsetDateTime.toOffsetTime()); + requestInRange.setTimeZone(offsetDateTime.getOffset()); + + requestAndCheckDecision(requestInRange, PERMIT); + + offsetDateTime = OffsetDateTime.parse("2020-01-01T23:59:59+05:00"); + requestInRange.setCurrentDateTime(offsetDateTime); + requestInRange.setCurrentDate(offsetDateTime.toLocalDate()); + requestInRange.setCurrentTime(offsetDateTime.toOffsetTime()); + requestInRange.setTimeZone(offsetDateTime.getOffset()); + + requestAndCheckDecision(requestInRange, PERMIT); + + offsetDateTime = OffsetDateTime.parse("2020-01-01T00:00:00+05:00"); + requestInRange.setCurrentDateTime(offsetDateTime); + requestInRange.setCurrentDate(offsetDateTime.toLocalDate()); + requestInRange.setCurrentTime(offsetDateTime.toOffsetTime()); + requestInRange.setTimeZone(offsetDateTime.getOffset()); + + requestAndCheckDecision(requestInRange, DENY); + } + @SuppressWarnings("unchecked") private void insertOperationEvent(DecisionRequest request) { // diff --git a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java index e4c958b9..cf8c0158 100644 --- a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java +++ b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP * ================================================================================ - * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2020-2021 AT&T Intellectual Property. All rights reserved. * Modifications Copyright (C) 2020 Nordix Foundation. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,7 +28,6 @@ import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import com.att.research.xacml.api.Decision; import com.att.research.xacml.api.Request; -import com.att.research.xacml.api.XACML3; import com.att.research.xacml.std.StdMutableResponse; import com.att.research.xacml.std.StdMutableResult; import com.att.research.xacml.std.StdStatus; @@ -43,6 +42,7 @@ import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType; +import oasis.names.tc.xacml._3_0.core.schema.wd_17.VariableDefinitionType; import org.junit.Test; import org.onap.policy.common.utils.coder.StandardCoder; import org.onap.policy.common.utils.coder.StandardYamlCoder; @@ -119,6 +119,9 @@ public class GuardTranslatorTest { final Map name2message = new HashMap<>(); name2message.put("frequency-missing-properties", "Missing property limit"); name2message.put("frequency-timewindow", "timeWindow is not an integer"); + name2message.put("frequency-badtimerange_start", "Invalid timeRange"); + name2message.put("frequency-badtimerange_end", "Invalid timeRange"); + name2message.put("frequency-badtimerange_value", "timestamp 99:99:99 could not be parsed"); name2message.put("minmax-notarget", "Missing target field in minmax policy"); name2message.put("minmax-nominmax", "Missing min or max field in minmax policy"); name2message.put("blacklist-noblacklist", "Missing blacklist"); @@ -223,7 +226,7 @@ public class GuardTranslatorTest { boolean foundOperation = false; boolean foundTarget = false; boolean foundControlLoop = false; - boolean foundTimeRange = false; + //boolean foundTimeRange = false; assertThat(xacmlPolicy.getTarget()).isNotNull(); assertThat(xacmlPolicy.getTarget().getAnyOf()).isNotEmpty(); @@ -257,11 +260,13 @@ public class GuardTranslatorTest { assertThat(policy.getProperties()).containsKey(GuardTranslator.FIELD_CONTROLLOOP); foundControlLoop = true; } + /* if (XACML3.ID_ENVIRONMENT_CURRENT_TIME.toString().equals( match.getAttributeDesignator().getAttributeId())) { assertThat(policy.getProperties()).containsKey(GuardTranslator.FIELD_TIMERANGE); foundTimeRange = true; } + */ } } } @@ -274,7 +279,8 @@ public class GuardTranslatorTest { assertThat(foundControlLoop).isTrue(); } if (policy.getProperties().containsKey(GuardTranslator.FIELD_TIMERANGE)) { - assertThat(foundTimeRange).isTrue(); + assertThat(xacmlPolicy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition()) + .hasAtLeastOneElementOfType(VariableDefinitionType.class); } } -- cgit 1.2.3-korg