From 24446884306a87a1d22fb8d0b28efbf41201a87c Mon Sep 17 00:00:00 2001 From: Pamela Dragosh Date: Mon, 19 Jul 2021 14:37:41 -0400 Subject: Include returned attributes in Decision Adds new method to return attributes in a decision, which can be configurable. By default it is turned off which ensures that the current functionality is maintained for our client applications. Enhanced the JUnits for the applications to ensure that no extra information is passed, thus maintaining backward compatibility. Issue-ID: POLICY-2865 Change-Id: Ia533e5462c0cb475cb1f72f34e95f128d6c52678 Signed-off-by: Pamela Dragosh --- .../application/common/std/StdBaseTranslator.java | 50 ++++++++++++++++++++ .../application/guard/GuardPdpApplicationTest.java | 6 +++ .../application/match/MatchPdpApplicationTest.java | 12 +++++ .../monitoring/MonitoringPdpApplicationTest.java | 55 ++++++++++++++++++++-- .../naming/NamingPdpApplicationTest.java | 12 +++++ .../OptimizationPdpApplicationTest.java | 12 +++++ 6 files changed, 143 insertions(+), 4 deletions(-) (limited to 'applications') diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdBaseTranslator.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdBaseTranslator.java index 61d28f58..58bdafa2 100644 --- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdBaseTranslator.java +++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdBaseTranslator.java @@ -23,6 +23,8 @@ package org.onap.policy.pdp.xacml.application.common.std; import com.att.research.xacml.api.Advice; +import com.att.research.xacml.api.Attribute; +import com.att.research.xacml.api.AttributeCategory; import com.att.research.xacml.api.Decision; import com.att.research.xacml.api.Obligation; import com.att.research.xacml.api.Request; @@ -32,6 +34,8 @@ import com.att.research.xacml.api.XACML3; import java.util.Collection; import java.util.HashMap; import java.util.Map; +import lombok.Getter; +import lombok.Setter; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.ApplyType; import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeDesignatorType; @@ -59,6 +63,14 @@ public abstract class StdBaseTranslator implements ToscaPolicyTranslator { private static final Logger LOGGER = LoggerFactory.getLogger(StdBaseTranslator.class); private static final ObjectFactory factory = new ObjectFactory(); + @Getter + @Setter + protected boolean booleanReturnAttributes = false; + + @Getter + @Setter + protected boolean booleanReturnSingleValueAttributesAsCollection = false; + public static final String POLICY_ID = "policy-id"; public static final String POLICY_VERSION = "policy-version"; @@ -103,6 +115,12 @@ public abstract class StdBaseTranslator implements ToscaPolicyTranslator { decisionResponse.setStatus("error"); decisionResponse.setMessage(xacmlResult.getStatus().getStatusMessage()); } + // + // Add attributes + // + if (booleanReturnAttributes) { + scanAttributes(xacmlResult.getAttributes(), decisionResponse); + } } return decisionResponse; @@ -128,6 +146,38 @@ public abstract class StdBaseTranslator implements ToscaPolicyTranslator { */ protected abstract void scanAdvice(Collection advice, DecisionResponse decisionResponse); + /** + * scanAttributes - scans the attributes that are returned in the XACML Decision and puts them into the + * DecisionResponse object. + * + * @param attributeCategories Collection of AttributeCategory objects + * @param decisionResponse DecisionResponse object used to store any attributes + */ + protected void scanAttributes(Collection attributeCategories, + DecisionResponse decisionResponse) { + var returnedAttributes = new HashMap(); + for (AttributeCategory attributeCategory : attributeCategories) { + var mapCategory = new HashMap(); + for (Attribute attribute : attributeCategory.getAttributes()) { + // + // Most attributes have a single value, thus the collection is not necessary to + // return. However, we will allow this to be configurable. + // + if (! booleanReturnSingleValueAttributesAsCollection && attribute.getValues().size() == 1) { + var iterator = attribute.getValues().iterator(); + var value = iterator.next(); + mapCategory.put(attribute.getAttributeId().stringValue(), value.getValue().toString()); + } else { + mapCategory.put(attribute.getAttributeId().stringValue(), attribute.getValues()); + } + } + returnedAttributes.put(attributeCategory.getCategory().stringValue(), mapCategory); + } + if (! returnedAttributes.isEmpty()) { + decisionResponse.setAttributes(returnedAttributes); + } + } + /** * From the TOSCA metadata section, pull in values that are needed into the XACML policy. * diff --git a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java index f0e82d22..07d1a5ab 100644 --- a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java +++ b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java @@ -182,6 +182,12 @@ public class GuardPdpApplicationTest { // Dump it out as Json // LOGGER.info(gson.encode(response)); + // + // Guard does not return these + // + assertThat(response.getAdvice()).isNull(); + assertThat(response.getObligations()).isNull(); + assertThat(response.getAttributes()).isNull(); } /** diff --git a/applications/match/src/test/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplicationTest.java b/applications/match/src/test/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplicationTest.java index ff154d93..3ceaa097 100644 --- a/applications/match/src/test/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplicationTest.java +++ b/applications/match/src/test/java/org/onap/policy/xacml/pdp/application/match/MatchPdpApplicationTest.java @@ -191,6 +191,12 @@ public class MatchPdpApplicationTest { assertThat(response).isNotNull(); assertThat(response.getPolicies()).isEmpty(); // + // Match applications should not have this information returned + // + assertThat(response.getAdvice()).isNull(); + assertThat(response.getObligations()).isNull(); + assertThat(response.getAttributes()).isNull(); + // // Ask for foo // baseRequest.getResource().put("matchable", "foo"); @@ -201,6 +207,12 @@ public class MatchPdpApplicationTest { assertThat(response).isNotNull(); assertThat(response.getPolicies()).hasSize(1); // + // Match applications should not have this information returned + // + assertThat(response.getAdvice()).isNull(); + assertThat(response.getObligations()).isNull(); + assertThat(response.getAttributes()).isNull(); + // // Validate it // validateDecision(response, baseRequest, "value1"); diff --git a/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java b/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java index a1f18927..40414f56 100644 --- a/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java +++ b/applications/monitoring/src/test/java/org/onap/policy/xacml/pdp/application/monitoring/MonitoringPdpApplicationTest.java @@ -184,6 +184,12 @@ public class MonitoringPdpApplicationTest { assertThat(decision.getKey()).isNotNull(); assertThat(decision.getKey().getPolicies()).isEmpty(); + // + // Monitoring applications should not have this information returned + // + assertThat(decision.getKey().getAdvice()).isNull(); + assertThat(decision.getKey().getObligations()).isNull(); + assertThat(decision.getKey().getAttributes()).isNull(); } @SuppressWarnings("unchecked") @@ -204,10 +210,18 @@ public class MonitoringPdpApplicationTest { // Pair decision = service.makeDecision(requestSinglePolicy, null); LOGGER.info("Decision {}", decision); - + // + // Should have one policy returned + // assertThat(decision.getKey()).isNotNull(); assertThat(decision.getKey().getPolicies()).hasSize(1); // + // Monitoring applications should not have this information returned + // + assertThat(decision.getKey().getAdvice()).isNull(); + assertThat(decision.getKey().getObligations()).isNull(); + assertThat(decision.getKey().getAttributes()).isNull(); + // // Dump it out as Json // LOGGER.info(gson.encode(decision.getKey())); @@ -216,9 +230,20 @@ public class MonitoringPdpApplicationTest { // decision = service.makeDecision(requestPolicyType, null); LOGGER.info("Decision {}", decision); - + // + // Should have one policy returned + // assertThat(decision.getKey()).isNotNull(); assertThat(decision.getKey().getPolicies()).hasSize(1); + // + // Monitoring applications should not have this information returned + // + assertThat(decision.getKey().getAdvice()).isNull(); + assertThat(decision.getKey().getObligations()).isNull(); + assertThat(decision.getKey().getAttributes()).isNull(); + // + // Validate the full policy is returned + // Map jsonPolicy = (Map) decision.getKey().getPolicies().get("onap.scaleout.tca"); assertThat(jsonPolicy).isNotNull(); assertThat(jsonPolicy.get("properties")).isNotNull(); @@ -233,9 +258,20 @@ public class MonitoringPdpApplicationTest { requestQueryParams.put("abbrev", new String[] {"true"}); decision = service.makeDecision(requestPolicyType, requestQueryParams); LOGGER.info("Decision {}", decision); - + // + // Should have one policy returned + // assertThat(decision.getKey()).isNotNull(); assertThat(decision.getKey().getPolicies()).hasSize(1); + // + // Monitoring applications should not have this information returned + // + assertThat(decision.getKey().getAdvice()).isNull(); + assertThat(decision.getKey().getObligations()).isNull(); + assertThat(decision.getKey().getAttributes()).isNull(); + // + // Validate an abbreviated policy is returned + // jsonPolicy = (Map) decision.getKey().getPolicies().get("onap.scaleout.tca"); assertThat(jsonPolicy).isNotNull().doesNotContainKey("properties"); // @@ -245,9 +281,20 @@ public class MonitoringPdpApplicationTest { requestQueryParams.put("abbrev", new String[] {"false"}); decision = service.makeDecision(requestPolicyType, requestQueryParams); LOGGER.info("Decision {}", decision); - + // + // Should have one policy returned + // assertThat(decision.getKey()).isNotNull(); assertThat(decision.getKey().getPolicies()).hasSize(1); + // + // Monitoring applications should not have this information returned + // + assertThat(decision.getKey().getAdvice()).isNull(); + assertThat(decision.getKey().getObligations()).isNull(); + assertThat(decision.getKey().getAttributes()).isNull(); + // + // And should have full policy returned + // jsonPolicy = (Map) decision.getKey().getPolicies().get("onap.scaleout.tca"); assertThat(jsonPolicy).isNotNull(); assertThat(jsonPolicy.get("properties")).isNotNull(); diff --git a/applications/naming/src/test/java/org/onap/policy/xacml/pdp/application/naming/NamingPdpApplicationTest.java b/applications/naming/src/test/java/org/onap/policy/xacml/pdp/application/naming/NamingPdpApplicationTest.java index 841333dc..30199088 100644 --- a/applications/naming/src/test/java/org/onap/policy/xacml/pdp/application/naming/NamingPdpApplicationTest.java +++ b/applications/naming/src/test/java/org/onap/policy/xacml/pdp/application/naming/NamingPdpApplicationTest.java @@ -178,6 +178,12 @@ public class NamingPdpApplicationTest { assertThat(decision.getKey()).isNotNull(); assertThat(decision.getKey().getPolicies()).isEmpty(); + // + // Naming applications should not have this information returned + // + assertThat(decision.getKey().getAdvice()).isNull(); + assertThat(decision.getKey().getObligations()).isNull(); + assertThat(decision.getKey().getAttributes()).isNull(); } @Test @@ -207,6 +213,12 @@ public class NamingPdpApplicationTest { assertThat(response).isNotNull(); assertThat(response.getPolicies()).hasSize(1); // + // Naming applications should not have this information returned + // + assertThat(response.getAdvice()).isNull(); + assertThat(response.getObligations()).isNull(); + assertThat(response.getAttributes()).isNull(); + // // Validate it // validateDecision(response, baseRequest); diff --git a/applications/optimization/src/test/java/org/onap/policy/xacml/pdp/application/optimization/OptimizationPdpApplicationTest.java b/applications/optimization/src/test/java/org/onap/policy/xacml/pdp/application/optimization/OptimizationPdpApplicationTest.java index a3b218c6..00855f40 100644 --- a/applications/optimization/src/test/java/org/onap/policy/xacml/pdp/application/optimization/OptimizationPdpApplicationTest.java +++ b/applications/optimization/src/test/java/org/onap/policy/xacml/pdp/application/optimization/OptimizationPdpApplicationTest.java @@ -209,6 +209,13 @@ public class OptimizationPdpApplicationTest { assertThat(decision.getKey()).isNotNull(); assertThat(decision.getKey().getPolicies()).isEmpty(); + // + // Optimization applications should not have this information returned. Except advice + // for subscriber details, which does get checked in the tests following. + // + assertThat(decision.getKey().getAdvice()).isNull(); + assertThat(decision.getKey().getObligations()).isNull(); + assertThat(decision.getKey().getAttributes()).isNull(); } /** @@ -431,6 +438,11 @@ public class OptimizationPdpApplicationTest { assertThat(response).isNotNull(); assertThat(response.getPolicies()).hasSize(expectedPolicyCount); // + // Optimization applications should not have this information returned + // + assertThat(response.getObligations()).isNull(); + assertThat(response.getAttributes()).isNull(); + // // Validate it // validateDecision(response, baseRequest); -- cgit 1.2.3-korg