2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.policy.pdp.test;
23 import static org.junit.Assert.assertEquals;
24 import static org.junit.Assert.assertFalse;
25 import static org.junit.Assert.assertTrue;
26 import static org.junit.Assert.fail;
29 import java.util.ArrayList;
30 import java.util.List;
32 import javax.security.auth.x500.X500Principal;
34 import org.junit.Test;
36 import com.att.research.xacml.api.XACML3;
37 import com.att.research.xacml.std.datatypes.DataTypes;
38 import com.att.research.xacml.std.datatypes.IPAddress;
39 import com.att.research.xacml.std.datatypes.RFC2396DomainName;
40 import com.att.research.xacml.std.datatypes.RFC822Name;
41 import com.att.research.xacmlatt.pdp.policy.ExpressionResult;
42 import com.att.research.xacmlatt.pdp.policy.FunctionArgument;
43 import com.att.research.xacmlatt.pdp.policy.FunctionArgumentAttributeValue;
44 import com.att.research.xacmlatt.pdp.std.StdFunctions;
45 import com.att.research.xacmlatt.pdp.std.functions.*;
48 * Test of PDP Functions (See XACML core spec section A.3)
51 * In Eclipse select this file or the enclosing directory, right-click and select Run As/JUnit Test
55 public class FunctionDefinitionRegexpMatchTest {
59 * variables useful in the following tests
61 List<FunctionArgument> arguments = new ArrayList<>();
65 public void testString() {
66 String v1 = new String("abc");
67 String v2 = new String("def");
70 FunctionArgumentAttributeValue attrV1 = null;
71 FunctionArgumentAttributeValue attrV2 = null;
72 FunctionArgumentAttributeValue attrNull = null;
73 FunctionArgumentAttributeValue attrInteger = null;
75 attrV1 = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(v1));
76 attrV2 = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(v2));
77 attrNull = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(null));
78 attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234));
79 } catch (Exception e) {
80 fail("creating attributes e="+ e);
83 FunctionDefinitionRegexpMatch<?> fd = (FunctionDefinitionRegexpMatch<?>) StdFunctions.FD_STRING_REGEXP_MATCH;
85 // check identity and type of the thing created
86 assertEquals(XACML3.ID_FUNCTION_STRING_REGEXP_MATCH, fd.getId());
87 assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId());
89 // just to be safe... If tests take too long these can probably be eliminated
90 assertFalse(fd.returnsBag());
95 arguments.add(attrV1);
96 arguments.add(attrV1);
97 ExpressionResult res = fd.evaluate(null, arguments);
98 assertTrue(res.isOk());
99 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
100 Boolean resValue = (Boolean)res.getValue().getValue();
101 assertEquals(true, resValue);
105 arguments.add(attrV1);
106 arguments.add(attrV2);
107 res = fd.evaluate(null, arguments);
108 assertTrue(res.isOk());
109 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
110 resValue = (Boolean)res.getValue().getValue();
111 assertEquals(false, resValue);
116 arguments.add(attrV2);
117 res = fd.evaluate(null, arguments);
118 assertFalse(res.isOk());
119 assertEquals("function:string-regexp-match Got null argument", res.getStatus().getStatusMessage());
120 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
124 arguments.add(attrNull);
125 arguments.add(attrV2);
126 res = fd.evaluate(null, arguments);
127 assertFalse(res.isOk());
128 assertEquals("function:string-regexp-match Got null attribute", res.getStatus().getStatusMessage());
129 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
131 // null object to match
133 arguments.add(attrV1);
135 res = fd.evaluate(null, arguments);
136 assertFalse(res.isOk());
137 assertEquals("function:string-regexp-match Got null argument", res.getStatus().getStatusMessage());
138 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
141 arguments.add(attrV1);
142 arguments.add(attrNull);
143 res = fd.evaluate(null, arguments);
144 assertFalse(res.isOk());
145 assertEquals("function:string-regexp-match Got null attribute", res.getStatus().getStatusMessage());
146 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
151 arguments.add(attrInteger);
152 arguments.add(attrV2);
153 res = fd.evaluate(null, arguments);
154 assertFalse(res.isOk());
155 assertEquals("function:string-regexp-match Expected data type 'string' saw 'integer'", res.getStatus().getStatusMessage());
156 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
158 // object to match not correct type
160 arguments.add(attrV1);
161 arguments.add(attrInteger);
162 res = fd.evaluate(null, arguments);
163 assertFalse(res.isOk());
164 assertEquals("function:string-regexp-match Expected data type 'string' saw 'integer'", res.getStatus().getStatusMessage());
165 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
170 public void testAnyURI() {
171 String regexp = new String("abc");
175 uri1 = new URI("abc");
176 uri2 = new URI("def");
177 } catch (Exception e) {
178 fail("Unable to create URIs, e="+e);
182 FunctionArgumentAttributeValue attrRegexp = null;
183 FunctionArgumentAttributeValue attrUri1 = null;
184 FunctionArgumentAttributeValue attrUri2 = null;
185 FunctionArgumentAttributeValue attrInteger = null;
187 attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp));
188 attrUri1 = new FunctionArgumentAttributeValue(DataTypes.DT_ANYURI.createAttributeValue(uri1));
189 attrUri2 = new FunctionArgumentAttributeValue(DataTypes.DT_ANYURI.createAttributeValue(uri2));
190 attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234));
191 } catch (Exception e) {
192 fail("creating attributes e="+ e);
195 FunctionDefinitionRegexpMatch<?> fd = (FunctionDefinitionRegexpMatch<?>) StdFunctions.FD_ANYURI_REGEXP_MATCH;
197 // check identity and type of the thing created
198 assertEquals(XACML3.ID_FUNCTION_ANYURI_REGEXP_MATCH, fd.getId());
199 assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId());
201 // just to be safe... If tests take too long these can probably be eliminated
202 assertFalse(fd.returnsBag());
207 arguments.add(attrRegexp);
208 arguments.add(attrUri1);
209 ExpressionResult res = fd.evaluate(null, arguments);
210 assertTrue(res.isOk());
211 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
212 Boolean resValue = (Boolean)res.getValue().getValue();
213 assertEquals(true, resValue);
217 arguments.add(attrRegexp);
218 arguments.add(attrUri2);
219 res = fd.evaluate(null, arguments);
220 assertTrue(res.isOk());
221 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
222 resValue = (Boolean)res.getValue().getValue();
223 assertEquals(false, resValue);
225 // object to match not correct type
227 arguments.add(attrRegexp);
228 arguments.add(attrInteger);
229 res = fd.evaluate(null, arguments);
230 assertFalse(res.isOk());
231 assertEquals("function:anyURI-regexp-match Expected data type 'anyURI' saw 'integer'", res.getStatus().getStatusMessage());
232 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
238 public void testIpAddress() {
239 String regexp = new String(".*123.*");
240 IPAddress addr1 = null;
241 IPAddress addr2 = null;
243 addr1 = IPAddress.newInstance("10.123.13.14");
244 addr2 = IPAddress.newInstance("10.12.13.14");
245 } catch (Exception e) {
246 fail("Unable to create IPAddresses, e="+e);
250 FunctionArgumentAttributeValue attrRegexp = null;
251 FunctionArgumentAttributeValue attrAddr1 = null;
252 FunctionArgumentAttributeValue attrAddr2 = null;
253 FunctionArgumentAttributeValue attrInteger = null;
255 attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp));
256 attrAddr1 = new FunctionArgumentAttributeValue(DataTypes.DT_IPADDRESS.createAttributeValue(addr1));
257 attrAddr2 = new FunctionArgumentAttributeValue(DataTypes.DT_IPADDRESS.createAttributeValue(addr2));
258 attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234));
259 } catch (Exception e) {
260 fail("creating attributes e="+ e);
263 FunctionDefinitionRegexpMatch<?> fd = (FunctionDefinitionRegexpMatch<?>) StdFunctions.FD_IPADDRESS_REGEXP_MATCH;
265 // check identity and type of the thing created
266 assertEquals(XACML3.ID_FUNCTION_IPADDRESS_REGEXP_MATCH, fd.getId());
267 assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId());
269 // just to be safe... If tests take too long these can probably be eliminated
270 assertFalse(fd.returnsBag());
275 arguments.add(attrRegexp);
276 arguments.add(attrAddr1);
277 ExpressionResult res = fd.evaluate(null, arguments);
278 assertTrue(res.isOk());
279 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
280 Boolean resValue = (Boolean)res.getValue().getValue();
281 assertEquals(true, resValue);
285 arguments.add(attrRegexp);
286 arguments.add(attrAddr2);
287 res = fd.evaluate(null, arguments);
288 assertTrue(res.isOk());
289 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
290 resValue = (Boolean)res.getValue().getValue();
291 assertEquals(false, resValue);
293 // object to match not correct type
295 arguments.add(attrRegexp);
296 arguments.add(attrInteger);
297 res = fd.evaluate(null, arguments);
298 assertFalse(res.isOk());
299 assertEquals("function:ipAddress-regexp-match Expected data type 'ipAddress' saw 'integer'", res.getStatus().getStatusMessage());
300 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
306 public void testDnsName() {
307 String regexp = new String("abc");
308 RFC2396DomainName addr1 = null;
309 RFC2396DomainName addr2 = null;
311 addr1 = RFC2396DomainName.newInstance("abc");
312 addr2 = RFC2396DomainName.newInstance("def");
313 } catch (Exception e) {
314 fail("Unable to create DNSNames, e="+e);
318 FunctionArgumentAttributeValue attrRegexp = null;
319 FunctionArgumentAttributeValue attrAddr1 = null;
320 FunctionArgumentAttributeValue attrAddr2 = null;
321 FunctionArgumentAttributeValue attrInteger = null;
323 attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp));
324 attrAddr1 = new FunctionArgumentAttributeValue(DataTypes.DT_DNSNAME.createAttributeValue(addr1));
325 attrAddr2 = new FunctionArgumentAttributeValue(DataTypes.DT_DNSNAME.createAttributeValue(addr2));
326 attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234));
327 } catch (Exception e) {
328 fail("creating attributes e="+ e);
331 FunctionDefinitionRegexpMatch<?> fd = (FunctionDefinitionRegexpMatch<?>) StdFunctions.FD_DNSNAME_REGEXP_MATCH;
333 // check identity and type of the thing created
334 assertEquals(XACML3.ID_FUNCTION_DNSNAME_REGEXP_MATCH, fd.getId());
335 assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId());
337 // just to be safe... If tests take too long these can probably be eliminated
338 assertFalse(fd.returnsBag());
343 arguments.add(attrRegexp);
344 arguments.add(attrAddr1);
345 ExpressionResult res = fd.evaluate(null, arguments);
346 assertTrue(res.isOk());
347 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
348 Boolean resValue = (Boolean)res.getValue().getValue();
349 assertEquals(true, resValue);
353 arguments.add(attrRegexp);
354 arguments.add(attrAddr2);
355 res = fd.evaluate(null, arguments);
356 assertTrue(res.isOk());
357 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
358 resValue = (Boolean)res.getValue().getValue();
359 assertEquals(false, resValue);
361 // object to match not correct type
363 arguments.add(attrRegexp);
364 arguments.add(attrInteger);
365 res = fd.evaluate(null, arguments);
366 assertFalse(res.isOk());
367 assertEquals("function:dnsName-regexp-match Expected data type 'dnsName' saw 'integer'", res.getStatus().getStatusMessage());
368 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
374 public void testRfc822Name() {
375 String regexp = new String(".*abc.*");
376 RFC822Name addr1 = null;
377 RFC822Name addr2 = null;
379 addr1 = RFC822Name.newInstance("abc@somewhere");
380 addr2 = RFC822Name.newInstance("def@somewhere");
381 } catch (Exception e) {
382 fail("Unable to create RFC822Names, e="+e);
386 FunctionArgumentAttributeValue attrRegexp = null;
387 FunctionArgumentAttributeValue attrAddr1 = null;
388 FunctionArgumentAttributeValue attrAddr2 = null;
389 FunctionArgumentAttributeValue attrInteger = null;
391 attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp));
392 attrAddr1 = new FunctionArgumentAttributeValue(DataTypes.DT_RFC822NAME.createAttributeValue(addr1));
393 attrAddr2 = new FunctionArgumentAttributeValue(DataTypes.DT_RFC822NAME.createAttributeValue(addr2));
394 attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234));
395 } catch (Exception e) {
396 fail("creating attributes e="+ e);
399 FunctionDefinitionRegexpMatch<?> fd = (FunctionDefinitionRegexpMatch<?>) StdFunctions.FD_RFC822NAME_REGEXP_MATCH;
401 // check identity and type of the thing created
402 assertEquals(XACML3.ID_FUNCTION_RFC822NAME_REGEXP_MATCH, fd.getId());
403 assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId());
405 // just to be safe... If tests take too long these can probably be eliminated
406 assertFalse(fd.returnsBag());
411 arguments.add(attrRegexp);
412 arguments.add(attrAddr1);
413 ExpressionResult res = fd.evaluate(null, arguments);
414 assertTrue(res.isOk());
415 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
416 Boolean resValue = (Boolean)res.getValue().getValue();
417 assertEquals(true, resValue);
421 arguments.add(attrRegexp);
422 arguments.add(attrAddr2);
423 res = fd.evaluate(null, arguments);
424 assertTrue(res.isOk());
425 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
426 resValue = (Boolean)res.getValue().getValue();
427 assertEquals(false, resValue);
429 // object to match not correct type
431 arguments.add(attrRegexp);
432 arguments.add(attrInteger);
433 res = fd.evaluate(null, arguments);
434 assertFalse(res.isOk());
435 assertEquals("function:rfc822Name-regexp-match Expected data type 'rfc822Name' saw 'integer'", res.getStatus().getStatusMessage());
436 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());
442 public void testX500Name() {
443 String regexp = new String(".*Duke.*");
444 X500Principal addr1 = null;
445 X500Principal addr2 = null;
447 addr1 = new X500Principal("CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US");
448 addr2 = new X500Principal("CN=Policy Engine, OU=Research, O=ATT, C=US");
449 } catch (Exception e) {
450 fail("Unable to create X500Name, e="+e);
454 FunctionArgumentAttributeValue attrRegexp = null;
455 FunctionArgumentAttributeValue attrAddr1 = null;
456 FunctionArgumentAttributeValue attrAddr2 = null;
457 FunctionArgumentAttributeValue attrInteger = null;
459 attrRegexp = new FunctionArgumentAttributeValue(DataTypes.DT_STRING.createAttributeValue(regexp));
460 attrAddr1 = new FunctionArgumentAttributeValue(DataTypes.DT_X500NAME.createAttributeValue(addr1));
461 attrAddr2 = new FunctionArgumentAttributeValue(DataTypes.DT_X500NAME.createAttributeValue(addr2));
462 attrInteger = new FunctionArgumentAttributeValue(DataTypes.DT_INTEGER.createAttributeValue(1234));
463 } catch (Exception e) {
464 fail("creating attributes e="+ e);
467 FunctionDefinitionRegexpMatch<?> fd = (FunctionDefinitionRegexpMatch<?>) StdFunctions.FD_X500NAME_REGEXP_MATCH;
469 // check identity and type of the thing created
470 assertEquals(XACML3.ID_FUNCTION_X500NAME_REGEXP_MATCH, fd.getId());
471 assertEquals(DataTypes.DT_BOOLEAN.getId(), fd.getDataTypeId());
473 // just to be safe... If tests take too long these can probably be eliminated
474 assertFalse(fd.returnsBag());
479 arguments.add(attrRegexp);
480 arguments.add(attrAddr1);
481 ExpressionResult res = fd.evaluate(null, arguments);
482 assertTrue(res.isOk());
483 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
484 Boolean resValue = (Boolean)res.getValue().getValue();
485 assertEquals(true, resValue);
489 arguments.add(attrRegexp);
490 arguments.add(attrAddr2);
491 res = fd.evaluate(null, arguments);
492 assertTrue(res.isOk());
493 assertEquals(java.lang.Boolean.class, res.getValue().getValue().getClass());
494 resValue = (Boolean)res.getValue().getValue();
495 assertEquals(false, resValue);
497 // object to match not correct type
499 arguments.add(attrRegexp);
500 arguments.add(attrInteger);
501 res = fd.evaluate(null, arguments);
502 assertFalse(res.isOk());
503 assertEquals("function:x500Name-regexp-match Expected data type 'x500Name' saw 'integer'", res.getStatus().getStatusMessage());
504 assertEquals("urn:oasis:names:tc:xacml:1.0:status:processing-error", res.getStatus().getStatusCode().getStatusCodeValue().stringValue());