2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.policy.pap.xacml.rest.components;
23 import java.io.ByteArrayInputStream;
25 import java.io.IOException;
27 import java.net.URISyntaxException;
28 import java.nio.charset.StandardCharsets;
29 import java.nio.file.Files;
30 import java.nio.file.Path;
31 import java.nio.file.Paths;
32 import java.util.ArrayList;
33 import java.util.Arrays;
34 import java.util.HashMap;
35 import java.util.LinkedList;
36 import java.util.List;
38 import java.util.UUID;
40 import javax.persistence.EntityManager;
41 import javax.persistence.Query;
43 import org.onap.policy.common.logging.eelf.MessageCodes;
44 import org.onap.policy.common.logging.eelf.PolicyLogger;
45 import org.onap.policy.common.logging.flexlogger.FlexLogger;
46 import org.onap.policy.common.logging.flexlogger.Logger;
47 import org.onap.policy.controlloop.policy.builder.BuilderException;
48 import org.onap.policy.controlloop.policy.builder.Results;
49 import org.onap.policy.controlloop.policy.guard.Constraint;
50 import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
51 import org.onap.policy.controlloop.policy.guard.Guard;
52 import org.onap.policy.controlloop.policy.guard.GuardPolicy;
53 import org.onap.policy.controlloop.policy.guard.MatchParameters;
54 import org.onap.policy.controlloop.policy.guard.builder.ControlLoopGuardBuilder;
55 import org.onap.policy.pap.xacml.rest.XACMLPapServlet;
56 import org.onap.policy.rest.adapter.PolicyRestAdapter;
57 import org.onap.policy.rest.dao.CommonClassDao;
58 import org.onap.policy.rest.jpa.DecisionSettings;
59 import org.onap.policy.rest.jpa.FunctionDefinition;
60 import org.onap.policy.utils.PolicyUtils;
61 import org.onap.policy.xacml.api.XACMLErrorConstants;
62 import org.onap.policy.xacml.std.pip.engines.aaf.AAFEngine;
63 import org.onap.policy.xacml.util.XACMLPolicyScanner;
65 import com.att.research.xacml.api.XACML3;
66 import com.att.research.xacml.api.pap.PAPException;
67 import com.att.research.xacml.std.IdentifierImpl;
69 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AdviceExpressionType;
70 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AdviceExpressionsType;
71 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AllOfType;
72 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType;
73 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ApplyType;
74 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeAssignmentExpressionType;
75 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeDesignatorType;
76 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType;
77 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ConditionType;
78 import oasis.names.tc.xacml._3_0.core.schema.wd_17.EffectType;
79 import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType;
80 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory;
81 import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
82 import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType;
83 import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType;
84 import oasis.names.tc.xacml._3_0.core.schema.wd_17.VariableDefinitionType;
85 import oasis.names.tc.xacml._3_0.core.schema.wd_17.VariableReferenceType;
87 public class DecisionPolicy extends Policy {
89 private static final Logger LOGGER = FlexLogger.getLogger(DecisionPolicy.class);
91 public static final String FUNCTION_NOT = "urn:oasis:names:tc:xacml:1.0:function:not";
92 private static final String AAFPROVIDER = "AAF";
93 public static final String GUARD_YAML = "GUARD_YAML";
94 public static final String GUARD_BL_YAML = "GUARD_BL_YAML";
95 public static final String RAINY_DAY = "Rainy_Day";
96 private static final String XACML_GUARD_TEMPLATE = "Decision_GuardPolicyTemplate.xml";
97 private static final String XACML_BLGUARD_TEMPLATE = "Decision_GuardBLPolicyTemplate.xml";
99 private static final String ONAPNAME = "ONAPName";
100 private static final String POLICY_NAME = "PolicyName";
101 private static final String DESCRIPTION = "description";
104 List<String> dynamicLabelRuleAlgorithms = new LinkedList<>();
105 List<String> dynamicFieldComboRuleAlgorithms = new LinkedList<>();
106 List<String> dynamicFieldOneRuleAlgorithms = new LinkedList<>();
107 List<String> dynamicFieldTwoRuleAlgorithms = new LinkedList<>();
108 List<String> dataTypeList = new LinkedList<>();
110 private CommonClassDao commonClassDao;
112 public DecisionPolicy() {
116 public DecisionPolicy(PolicyRestAdapter policyAdapter, CommonClassDao commonClassDao){
117 this.policyAdapter = policyAdapter;
118 this.commonClassDao = commonClassDao;
122 public Map<String, String> savePolicies() throws PAPException {
124 Map<String, String> successMap = new HashMap<>();
125 if(isPolicyExists()){
126 successMap.put("EXISTS", "This Policy already exist on the PAP");
130 if(!isPreparedToSave()){
131 //Prep and configure the policy for saving
135 // Until here we prepared the data and here calling the method to create xml.
136 Path newPolicyPath = null;
137 newPolicyPath = Paths.get(policyAdapter.getNewFileName());
139 successMap = createPolicy(newPolicyPath,getCorrectPolicyDataObject());
143 //This is the method for preparing the policy for saving. We have broken it out
144 //separately because the fully configured policy is used for multiple things
146 public boolean prepareToSave() throws PAPException{
148 if(isPreparedToSave()){
149 //we have already done this
154 String policyID = policyAdapter.getPolicyID();
155 version = policyAdapter.getHighestVersion();
157 // Create the Instance for pojo, PolicyType object is used in marshalling.
158 if ("Decision".equals(policyAdapter.getPolicyType())) {
159 PolicyType policyConfig = new PolicyType();
161 policyConfig.setVersion(Integer.toString(version));
162 policyConfig.setPolicyId(policyID);
163 policyConfig.setTarget(new TargetType());
164 policyAdapter.setData(policyConfig);
166 policyName = policyAdapter.getNewFileName();
168 if(policyAdapter.getRuleProvider().equals(GUARD_YAML) || policyAdapter.getRuleProvider().equals(GUARD_BL_YAML)){
169 Map<String, String> yamlParams = new HashMap<>();
170 String blackListEntryType = policyAdapter.getBlackListEntryType() !=null ? policyAdapter.getBlackListEntryType(): "Use Manual Entry";
171 String description = policyAdapter.getPolicyDescription() != null? policyAdapter.getPolicyDescription(): "YAML Guard Policy";
172 yamlParams.put(DESCRIPTION, description + "@blEntry@" + blackListEntryType + "@blEntry@");
173 String fileName = policyAdapter.getNewFileName();
174 String name = fileName.substring(fileName.lastIndexOf('\\') + 1, fileName.length());
175 if ((name == null) || ("".equals(name))) {
176 name = fileName.substring(fileName.lastIndexOf('/') + 1, fileName.length());
178 yamlParams.put(POLICY_NAME, name);
179 yamlParams.put(ONAPNAME, policyAdapter.getOnapName());
180 Map<String, String> params = policyAdapter.getDynamicFieldConfigAttributes();
181 yamlParams.putAll(params);
182 // Call YAML to XACML
184 PolicyType decisionPolicy = getGuardPolicy(yamlParams, policyAdapter.getRuleProvider());
185 decisionPolicy.setRuleCombiningAlgId(policyAdapter.getRuleCombiningAlgId());
186 decisionPolicy.setVersion(Integer.toString(version));
187 policyAdapter.setPolicyData(decisionPolicy);
188 policyAdapter.setData(decisionPolicy);
189 } catch (BuilderException e) {
191 throw new PAPException(e);
193 }else if (policyAdapter.getData() != null) {
194 PolicyType decisionPolicy = (PolicyType) policyAdapter.getData();
196 decisionPolicy.setDescription(policyAdapter.getPolicyDescription());
198 decisionPolicy.setRuleCombiningAlgId(policyAdapter.getRuleCombiningAlgId());
199 AllOfType allOfOne = new AllOfType();
200 String fileName = policyAdapter.getNewFileName();
201 String name = fileName.substring(fileName.lastIndexOf('\\') + 1, fileName.length());
202 if ((name == null) || ("".equals(name))) {
203 name = fileName.substring(fileName.lastIndexOf('/') + 1, fileName.length());
205 allOfOne.getMatch().add(createMatch(POLICY_NAME, name));
207 AllOfType allOf = new AllOfType();
210 allOf.getMatch().add(createMatch(ONAPNAME, (policyAdapter.getOnapName())));
212 Map<String, String> dynamicFieldComponentAttributes = policyAdapter.getDynamicFieldConfigAttributes();
213 if(policyAdapter.getRuleProvider()!=null && policyAdapter.getRuleProvider().equals(AAFPROVIDER)){
214 dynamicFieldComponentAttributes = new HashMap<>();
217 // If there is any dynamic field attributes create the matches here
218 for (String keyField : dynamicFieldComponentAttributes.keySet()) {
219 String key = keyField;
220 String value = dynamicFieldComponentAttributes.get(key);
221 MatchType dynamicMatch = createDynamicMatch(key, value);
222 allOf.getMatch().add(dynamicMatch);
225 AnyOfType anyOf = new AnyOfType();
226 anyOf.getAllOf().add(allOfOne);
227 anyOf.getAllOf().add(allOf);
229 TargetType target = new TargetType();
230 target.getAnyOf().add(anyOf);
231 decisionPolicy.setTarget(target);
233 Map<String, String> dynamicFieldDecisionSettings = policyAdapter.getDynamicSettingsMap();
234 if(policyAdapter.getRuleProvider()!=null && (policyAdapter.getRuleProvider().equals(AAFPROVIDER)||
235 policyAdapter.getRuleProvider().equals(RAINY_DAY))){
236 dynamicFieldDecisionSettings = new HashMap<>();
239 // settings are dynamic so check how many rows are added and add all
240 for (String keyField : dynamicFieldDecisionSettings.keySet()) {
241 String key = keyField;
242 String value = dynamicFieldDecisionSettings.get(key);
243 String dataType = getDataType(key);
244 VariableDefinitionType dynamicVariable = createDynamicVariable(key, value, dataType);
245 decisionPolicy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(dynamicVariable);
248 Map<String, String> dynamicFieldTreatmentAttributes = policyAdapter.getRainydayMap();
249 if(policyAdapter.getRuleProvider().equals(RAINY_DAY)){
250 for(String keyField : dynamicFieldTreatmentAttributes.keySet()) {
251 String errorcode = keyField;
252 String treatment = dynamicFieldTreatmentAttributes.get(errorcode);
253 createRainydayRule(decisionPolicy, errorcode, treatment, true);
256 createRule(decisionPolicy, true);
257 createRule(decisionPolicy, false);
261 setPreparedToSave(true);
265 public PolicyType getGuardPolicy(Map<String, String> yamlParams, String ruleProvider) throws BuilderException{
267 ControlLoopGuardBuilder builder = ControlLoopGuardBuilder.Factory.buildControlLoopGuard(new Guard());
268 MatchParameters matchParameters = new MatchParameters(yamlParams.get("actor"), yamlParams.get("recipe"));
269 matchParameters.setControlLoopName(yamlParams.get("clname"));
270 if(yamlParams.containsKey("targets")){
271 String targetString = yamlParams.get("targets");
272 List<String> targets = null;
273 if(targetString!=null && !targetString.isEmpty()){
274 if (targetString.contains(",")){
275 targets = Arrays.asList(targetString.split(","));
278 targets = new ArrayList<>();
279 targets.add(targetString);
282 matchParameters.setTargets(targets);
284 GuardPolicy policy1 = new GuardPolicy((policyAdapter.getUuid()!=null? policyAdapter.getUuid(): UUID.randomUUID().toString()) ,yamlParams.get(POLICY_NAME), yamlParams.get(DESCRIPTION), matchParameters);
285 builder = builder.addGuardPolicy(policy1);
286 Map<String, String> activeTimeRange = new HashMap<>();
287 activeTimeRange.put("start", yamlParams.get("guardActiveStart"));
288 activeTimeRange.put("end", yamlParams.get("guardActiveEnd"));
289 String blackListString = yamlParams.get("blackList");
290 List<String> blackList = null;
291 if(blackListString!=null && !blackListString.trim().isEmpty()){
292 if (blackListString.contains(",")){
293 blackList = Arrays.asList(blackListString.split(","));
296 blackList = new ArrayList<>();
297 blackList.add(blackListString);
300 if(yamlParams.containsKey("appendBlackList")){
301 String appendBlackListString = yamlParams.get("appendBlackList");
302 List<String> appendBlackList = null;
303 if(appendBlackListString!=null && !appendBlackListString.trim().isEmpty()){
304 appendBlackList = Arrays.asList(appendBlackListString.split(","));
305 for(int i=0; i<appendBlackList.size();i++){
306 blackList.remove(appendBlackList.get(i));
311 Path xacmlTemplatePath;
312 ClassLoader classLoader = getClass().getClassLoader();
313 Constraint cons = new Constraint();
314 switch (ruleProvider){
316 templateFile = new File(classLoader.getResource(XACML_BLGUARD_TEMPLATE).getFile());
317 xacmlTemplatePath = templateFile.toPath();
318 cons.setActive_time_range(activeTimeRange);
319 if(blackList==null || blackList.isEmpty()){
320 throw new BuilderException("blackList is required");
322 cons.setBlacklist(blackList);
325 templateFile = new File(classLoader.getResource(XACML_GUARD_TEMPLATE).getFile());
326 xacmlTemplatePath = templateFile.toPath();
327 Map<String,String> timeWindow = new HashMap<>();
328 if(!PolicyUtils.isInteger(yamlParams.get("timeWindow"))){
329 throw new BuilderException("time window is not in Integer format.");
331 String timeUnits = yamlParams.get("timeUnits");
332 if(timeUnits==null || !(timeUnits.equalsIgnoreCase("minute") || timeUnits.equalsIgnoreCase("hour") || timeUnits.equalsIgnoreCase("day")
333 || timeUnits.equalsIgnoreCase("week") || timeUnits.equalsIgnoreCase("month")||timeUnits.equalsIgnoreCase("year"))){
334 throw new BuilderException("time Units is not in proper format.");
336 timeWindow.put("value", yamlParams.get("timeWindow"));
337 timeWindow.put("units", yamlParams.get("timeUnits"));
338 cons = new Constraint(Integer.parseInt(yamlParams.get("limit")),timeWindow,activeTimeRange);
341 builder = builder.addLimitConstraint(policy1.getId(), cons);
342 // Build the specification
343 Results results = builder.buildSpecification();
345 ControlLoopGuard yamlGuardObject = SafePolicyBuilder.loadYamlGuard(results.getSpecification());
346 String xacmlTemplateContent;
348 xacmlTemplateContent = new String(Files.readAllBytes(xacmlTemplatePath));
349 HashMap<String, String> yamlSpecs = new HashMap<>();
350 yamlSpecs.put(POLICY_NAME, yamlParams.get(POLICY_NAME));
351 yamlSpecs.put(DESCRIPTION, yamlParams.get(DESCRIPTION));
352 yamlSpecs.put(ONAPNAME, yamlParams.get(ONAPNAME));
353 yamlSpecs.put("actor", yamlGuardObject.getGuards().getFirst().getMatch_parameters().getActor());
354 yamlSpecs.put("recipe", yamlGuardObject.getGuards().getFirst().getMatch_parameters().getRecipe());
355 yamlSpecs.put("clname", yamlGuardObject.getGuards().getFirst().getMatch_parameters().getControlLoopName());
356 if(yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getFreq_limit_per_target()!=null){
357 yamlSpecs.put("limit", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getFreq_limit_per_target().toString());
359 if(yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getTime_window()!=null){
360 yamlSpecs.put("twValue", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getTime_window().get("value"));
361 yamlSpecs.put("twUnits", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getTime_window().get("units"));
363 yamlSpecs.put("guardActiveStart", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getActive_time_range().get("start"));
364 yamlSpecs.put("guardActiveEnd", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getActive_time_range().get("end"));
365 String xacmlPolicyContent = SafePolicyBuilder.generateXacmlGuard(xacmlTemplateContent,yamlSpecs, yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getBlacklist(), yamlGuardObject.getGuards().getFirst().getMatch_parameters().getTargets());
366 // Convert the Policy into Stream input to Policy Adapter.
367 Object policy = XACMLPolicyScanner.readPolicy(new ByteArrayInputStream(xacmlPolicyContent.getBytes(StandardCharsets.UTF_8)));
368 return (PolicyType) policy;
369 } catch (IOException e) {
370 LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error while creating the policy " + e.getMessage() , e);
372 } catch (BuilderException e) {
373 LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error while creating the policy " + e.getMessage() ,e);
379 private DecisionSettings findDecisionSettingsBySettingId(String settingId) {
380 DecisionSettings decisionSetting = null;
382 EntityManager em = XACMLPapServlet.getEmf().createEntityManager();
383 Query getDecisionSettings = em.createNamedQuery("DecisionSettings.findAll");
384 List<?> decisionSettingsList = getDecisionSettings.getResultList();
386 for (Object id : decisionSettingsList) {
387 decisionSetting = (DecisionSettings) id;
388 if (decisionSetting.getXacmlId().equals(settingId)) {
392 return decisionSetting;
395 private void createRule(PolicyType decisionPolicy, boolean permitRule) {
396 RuleType rule = new RuleType();
398 rule.setRuleId(policyAdapter.getRuleID());
401 rule.setEffect(EffectType.PERMIT);
403 rule.setEffect(EffectType.DENY);
405 rule.setTarget(new TargetType());
407 // Create Target in Rule
408 AllOfType allOfInRule = new AllOfType();
410 // Creating match for ACCESS in rule target
411 MatchType accessMatch = new MatchType();
412 AttributeValueType accessAttributeValue = new AttributeValueType();
413 accessAttributeValue.setDataType(STRING_DATATYPE);
414 accessAttributeValue.getContent().add("DECIDE");
415 accessMatch.setAttributeValue(accessAttributeValue);
416 AttributeDesignatorType accessAttributeDesignator = new AttributeDesignatorType();
417 URI accessURI = null;
419 accessURI = new URI(ACTION_ID);
420 } catch (URISyntaxException e) {
421 PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE, e, "DecisionPolicy", "Exception creating ACCESS URI");
423 accessAttributeDesignator.setCategory(CATEGORY_ACTION);
424 accessAttributeDesignator.setDataType(STRING_DATATYPE);
425 accessAttributeDesignator.setAttributeId(new IdentifierImpl(accessURI).stringValue());
426 accessMatch.setAttributeDesignator(accessAttributeDesignator);
427 accessMatch.setMatchId(FUNCTION_STRING_EQUAL_IGNORE);
429 dynamicLabelRuleAlgorithms = policyAdapter.getDynamicRuleAlgorithmLabels();
430 dynamicFieldComboRuleAlgorithms = policyAdapter.getDynamicRuleAlgorithmCombo();
431 dynamicFieldOneRuleAlgorithms = policyAdapter.getDynamicRuleAlgorithmField1();
432 dynamicFieldTwoRuleAlgorithms = policyAdapter.getDynamicRuleAlgorithmField2();
434 if(policyAdapter.getRuleProvider()!=null && policyAdapter.getRuleProvider().equals(AAFPROVIDER)){
435 // Values for AAF Provider are here for XML Creation.
436 ConditionType condition = new ConditionType();
437 ApplyType decisionApply = new ApplyType();
439 AttributeValueType value1 = new AttributeValueType();
440 value1.setDataType(BOOLEAN_DATATYPE);
441 value1.getContent().add("true");
443 AttributeDesignatorType value2 = new AttributeDesignatorType();
444 value2.setAttributeId(AAFEngine.AAF_RESULT);
445 value2.setCategory(CATEGORY_RESOURCE);
446 value2.setDataType(BOOLEAN_DATATYPE);
447 value2.setMustBePresent(false);
449 ApplyType innerDecisionApply = new ApplyType();
450 innerDecisionApply.setFunctionId(FUNCTION_BOOLEAN_ONE_AND_ONLY);
451 innerDecisionApply.getExpression().add(new ObjectFactory().createAttributeDesignator(value2));
453 decisionApply.setFunctionId(XACML3.ID_FUNCTION_BOOLEAN_EQUAL.stringValue());
454 decisionApply.getExpression().add(new ObjectFactory().createAttributeValue(value1));
455 decisionApply.getExpression().add(new ObjectFactory().createApply(innerDecisionApply));
456 condition.setExpression(new ObjectFactory().createApply(decisionApply));
458 ApplyType notOuterApply = new ApplyType();
459 notOuterApply.setFunctionId(FUNCTION_NOT);
460 notOuterApply.getExpression().add(condition.getExpression());
461 condition.setExpression(new ObjectFactory().createApply(notOuterApply));
463 rule.setCondition(condition);
464 allOfInRule.getMatch().add(accessMatch);
466 AnyOfType anyOfInRule = new AnyOfType();
467 anyOfInRule.getAllOf().add(allOfInRule);
469 TargetType targetInRule = new TargetType();
470 targetInRule.getAnyOf().add(anyOfInRule);
472 rule.setTarget(targetInRule);
474 AdviceExpressionsType adviceExpressions = new AdviceExpressionsType();
475 AdviceExpressionType adviceExpression = new AdviceExpressionType();
476 adviceExpression.setAdviceId(AAFPROVIDER);
477 adviceExpression.setAppliesTo(EffectType.DENY);
478 AttributeAssignmentExpressionType assignment = new AttributeAssignmentExpressionType();
479 assignment.setAttributeId("aaf.response");
480 assignment.setCategory(CATEGORY_RESOURCE);
481 AttributeDesignatorType value = new AttributeDesignatorType();
482 value.setAttributeId(AAFEngine.AAF_RESPONSE);
483 value.setCategory(CATEGORY_RESOURCE);
484 value.setDataType(STRING_DATATYPE);
485 value.setMustBePresent(false);
486 assignment.setExpression(new ObjectFactory().createAttributeDesignator(value));
487 adviceExpression.getAttributeAssignmentExpression().add(assignment);
488 adviceExpressions.getAdviceExpression().add(adviceExpression);
489 rule.setAdviceExpressions(adviceExpressions);
491 decisionPolicy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule);
492 policyAdapter.setPolicyData(decisionPolicy);
494 }else if (dynamicLabelRuleAlgorithms != null && !dynamicLabelRuleAlgorithms.isEmpty()) {
495 boolean isCompound = false;
496 ConditionType condition = new ConditionType();
497 int index = dynamicFieldOneRuleAlgorithms.size() - 1;
499 for (String labelAttr : dynamicLabelRuleAlgorithms) {
500 // if the rule algorithm as a label means it is a compound
501 if (dynamicFieldOneRuleAlgorithms.get(index).equals(labelAttr)) {
502 ApplyType decisionApply = new ApplyType();
504 String selectedFunction = dynamicFieldComboRuleAlgorithms.get(index);
505 String value1 = dynamicFieldOneRuleAlgorithms.get(index);
506 String value2 = dynamicFieldTwoRuleAlgorithms.get(index);
507 decisionApply.setFunctionId(getFunctionDefinitionId(selectedFunction));
508 decisionApply.getExpression().add(new ObjectFactory().createApply(getInnerDecisionApply(value1)));
509 decisionApply.getExpression().add(new ObjectFactory().createApply(getInnerDecisionApply(value2)));
510 condition.setExpression(new ObjectFactory().createApply(decisionApply));
514 // if rule algorithm not a compound
516 condition.setExpression(new ObjectFactory().createApply(getInnerDecisionApply(dynamicLabelRuleAlgorithms.get(index))));
520 ApplyType notOuterApply = new ApplyType();
521 notOuterApply.setFunctionId(FUNCTION_NOT);
522 notOuterApply.getExpression().add(condition.getExpression());
523 condition.setExpression(new ObjectFactory().createApply(notOuterApply));
525 rule.setCondition(condition);
526 allOfInRule.getMatch().add(accessMatch);
528 AnyOfType anyOfInRule = new AnyOfType();
529 anyOfInRule.getAllOf().add(allOfInRule);
531 TargetType targetInRule = new TargetType();
532 targetInRule.getAnyOf().add(anyOfInRule);
534 rule.setTarget(targetInRule);
536 decisionPolicy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule);
537 policyAdapter.setPolicyData(decisionPolicy);
540 PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + "Unsupported data object."+ policyAdapter.getData().getClass().getCanonicalName());
545 private void createRainydayRule(PolicyType decisionPolicy, String errorcode, String treatment, boolean permitRule) {
546 RuleType rule = new RuleType();
548 rule.setRuleId(UUID.randomUUID().toString());
551 rule.setEffect(EffectType.PERMIT);
553 rule.setEffect(EffectType.DENY);
555 rule.setTarget(new TargetType());
557 // Create Target in Rule
558 AllOfType allOfInRule = new AllOfType();
560 // Creating match for DECIDE in rule target
561 MatchType accessMatch = new MatchType();
562 AttributeValueType accessAttributeValue = new AttributeValueType();
563 accessAttributeValue.setDataType(STRING_DATATYPE);
564 accessAttributeValue.getContent().add("DECIDE");
565 accessMatch.setAttributeValue(accessAttributeValue);
566 AttributeDesignatorType accessAttributeDesignator = new AttributeDesignatorType();
567 URI accessURI = null;
569 accessURI = new URI(ACTION_ID);
570 } catch (URISyntaxException e) {
571 PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE, e, "DecisionPolicy", "Exception creating ACCESS URI");
573 accessAttributeDesignator.setCategory(CATEGORY_ACTION);
574 accessAttributeDesignator.setDataType(STRING_DATATYPE);
575 accessAttributeDesignator.setAttributeId(new IdentifierImpl(accessURI).stringValue());
576 accessMatch.setAttributeDesignator(accessAttributeDesignator);
577 accessMatch.setMatchId(FUNCTION_STRING_EQUAL_IGNORE);
579 allOfInRule.getMatch().add(accessMatch);
581 // Creating match for ErrorCode in rule target
582 MatchType errorcodeMatch = new MatchType();
583 AttributeValueType errorcodeAttributeValue = new AttributeValueType();
584 errorcodeAttributeValue.setDataType(STRING_DATATYPE);
585 errorcodeAttributeValue.getContent().add(errorcode);
586 errorcodeMatch.setAttributeValue(errorcodeAttributeValue);
587 AttributeDesignatorType errorcodeAttributeDesignator = new AttributeDesignatorType();
588 errorcodeAttributeDesignator.setCategory(CATEGORY_RESOURCE);
589 errorcodeAttributeDesignator.setDataType(STRING_DATATYPE);
590 errorcodeAttributeDesignator.setAttributeId("ErrorCode");
591 errorcodeMatch.setAttributeDesignator(errorcodeAttributeDesignator);
592 errorcodeMatch.setMatchId(FUNCTION_STRING_REGEXP_MATCH);
594 allOfInRule.getMatch().add(errorcodeMatch);
596 AnyOfType anyOfInRule = new AnyOfType();
597 anyOfInRule.getAllOf().add(allOfInRule);
599 TargetType targetInRule = new TargetType();
600 targetInRule.getAnyOf().add(anyOfInRule);
602 rule.setTarget(targetInRule);
604 AdviceExpressionsType adviceExpressions = new AdviceExpressionsType();
605 AdviceExpressionType adviceExpression = new AdviceExpressionType();
606 adviceExpression.setAdviceId(RAINY_DAY);
607 adviceExpression.setAppliesTo(EffectType.PERMIT);
609 AttributeAssignmentExpressionType assignment = new AttributeAssignmentExpressionType();
610 assignment.setAttributeId("treatment");
611 assignment.setCategory(CATEGORY_RESOURCE);
613 AttributeValueType treatmentAttributeValue = new AttributeValueType();
614 treatmentAttributeValue.setDataType(STRING_DATATYPE);
615 treatmentAttributeValue.getContent().add(treatment);
616 assignment.setExpression(new ObjectFactory().createAttributeValue(treatmentAttributeValue));
618 adviceExpression.getAttributeAssignmentExpression().add(assignment);
619 adviceExpressions.getAdviceExpression().add(adviceExpression);
620 rule.setAdviceExpressions(adviceExpressions);
621 decisionPolicy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule);
622 policyAdapter.setPolicyData(decisionPolicy);
626 // if compound setting the inner apply here
627 protected ApplyType getInnerDecisionApply(String value1Label) {
628 ApplyType decisionApply = new ApplyType();
630 // check the index for the label.
631 for (String labelAttr : dynamicLabelRuleAlgorithms) {
632 if (labelAttr.equals(value1Label)) {
633 String value1 = dynamicFieldOneRuleAlgorithms.get(index);
634 populateDataTypeList(value1);
636 // check if the row contains label again
637 for (String labelValue : dynamicLabelRuleAlgorithms) {
638 if (labelValue.equals(value1)) {
639 return getCompoundDecisionApply(index);
643 // Getting the values from the form.
644 String functionKey = dynamicFieldComboRuleAlgorithms.get(index);
645 String value2 = dynamicFieldTwoRuleAlgorithms.get(index);
646 decisionApply.setFunctionId(getFunctionDefinitionId(functionKey));
647 // if two text field are rule attributes.
648 if ((value1.contains(RULE_VARIABLE)) && (value2.contains(RULE_VARIABLE))) {
649 ApplyType innerDecisionApply1 = new ApplyType();
650 ApplyType innerDecisionApply2 = new ApplyType();
651 AttributeDesignatorType attributeDesignator1 = new AttributeDesignatorType();
652 AttributeDesignatorType attributeDesignator2 = new AttributeDesignatorType();
653 //If selected function is Integer function set integer functionID
654 if(functionKey.toLowerCase().contains("integer")){
655 innerDecisionApply1.setFunctionId(FUNTION_INTEGER_ONE_AND_ONLY );
656 innerDecisionApply2.setFunctionId(FUNTION_INTEGER_ONE_AND_ONLY);
657 attributeDesignator1.setDataType(INTEGER_DATATYPE);
658 attributeDesignator2.setDataType(INTEGER_DATATYPE);
660 //If selected function is not a Integer function set String functionID
661 innerDecisionApply1.setFunctionId(FUNCTION_STRING_ONE_AND_ONLY);
662 innerDecisionApply2.setFunctionId(FUNCTION_STRING_ONE_AND_ONLY);
663 attributeDesignator1.setDataType(STRING_DATATYPE);
664 attributeDesignator2.setDataType(STRING_DATATYPE);
666 attributeDesignator1.setCategory(CATEGORY_RESOURCE);
667 attributeDesignator2.setCategory(CATEGORY_RESOURCE);
668 //Here set actual field values
669 attributeDesignator1.setAttributeId(value1. contains("resource:")?value1.substring( 9):value1.substring(8));
670 attributeDesignator2.setAttributeId(value1. contains("resource:")?value1.substring( 9):value1.substring(8));
671 innerDecisionApply1.getExpression().add(new ObjectFactory().createAttributeDesignator( attributeDesignator1));
672 innerDecisionApply2.getExpression().add(new ObjectFactory().createAttributeDesignator( attributeDesignator2));
673 decisionApply.getExpression().add(new ObjectFactory().createApply(innerDecisionApply1));
674 decisionApply.getExpression().add(new ObjectFactory().createApply(innerDecisionApply2));
676 // if either of one text field is rule attribute.
677 if (!value1.startsWith("S_")) {
678 ApplyType innerDecisionApply = new ApplyType();
679 AttributeDesignatorType attributeDesignator = new AttributeDesignatorType();
680 AttributeValueType decisionConditionAttributeValue = new AttributeValueType();
682 if (functionKey.toLowerCase().contains("integer")) {
683 innerDecisionApply.setFunctionId(FUNTION_INTEGER_ONE_AND_ONLY);
684 decisionConditionAttributeValue.setDataType(INTEGER_DATATYPE);
685 attributeDesignator.setDataType(INTEGER_DATATYPE);
687 innerDecisionApply.setFunctionId(FUNCTION_STRING_ONE_AND_ONLY);
688 decisionConditionAttributeValue.setDataType(STRING_DATATYPE);
689 attributeDesignator.setDataType(STRING_DATATYPE);
692 String attributeId = null;
693 String attributeValue = null;
695 // Find which textField has rule attribute and set it as
696 // attributeId and the other as attributeValue.
697 attributeId = value1;
698 attributeValue = value2;
700 if (attributeId != null) {
701 attributeDesignator.setCategory(CATEGORY_RESOURCE);
702 attributeDesignator.setAttributeId(attributeId);
704 decisionConditionAttributeValue.getContent().add(attributeValue);
705 innerDecisionApply.getExpression().add(new ObjectFactory().createAttributeDesignator(attributeDesignator));
706 decisionApply.getExpression().add(new ObjectFactory().createAttributeValue(decisionConditionAttributeValue));
707 decisionApply.getExpression().add(new ObjectFactory().createApply(innerDecisionApply));
709 value1 = value1.substring(2, value1.length());
710 VariableReferenceType variableReferenceType = new VariableReferenceType();
711 variableReferenceType.setVariableId(value1);
713 String dataType = dataTypeList.get(index);
715 AttributeValueType decisionConditionAttributeValue = new AttributeValueType();
716 decisionConditionAttributeValue.setDataType(dataType);
717 decisionConditionAttributeValue.getContent().add(value2);
718 decisionApply.getExpression().add(new ObjectFactory().createVariableReference(variableReferenceType));
719 decisionApply.getExpression().add(new ObjectFactory().createAttributeValue(decisionConditionAttributeValue));
725 return decisionApply;
728 // if the rule algorithm is multiple compound one setting the apply
729 protected ApplyType getCompoundDecisionApply(int index) {
730 ApplyType decisionApply = new ApplyType();
731 String selectedFunction = dynamicFieldComboRuleAlgorithms.get(index);
732 String value1 = dynamicFieldOneRuleAlgorithms.get(index);
733 String value2 = dynamicFieldTwoRuleAlgorithms.get(index);
734 decisionApply.setFunctionId(getFunctionDefinitionId(selectedFunction));
735 decisionApply.getExpression().add(new ObjectFactory().createApply(getInnerDecisionApply(value1)));
736 decisionApply.getExpression().add(new ObjectFactory().createApply(getInnerDecisionApply(value2)));
737 return decisionApply;
740 private VariableDefinitionType createDynamicVariable(String key, String value, String dataType) {
741 VariableDefinitionType dynamicVariable = new VariableDefinitionType();
742 AttributeValueType dynamicAttributeValue = new AttributeValueType();
744 dynamicAttributeValue.setDataType(dataType);
745 dynamicAttributeValue.getContent().add(value);
747 dynamicVariable.setVariableId(key);
748 dynamicVariable.setExpression(new ObjectFactory().createAttributeValue(dynamicAttributeValue));
750 return dynamicVariable;
754 private void populateDataTypeList(String value1) {
755 String dataType = null;
756 if(value1.contains("S_")) {
757 value1 = value1.substring(2, value1.length());
758 DecisionSettings decisionSettings = findDecisionSettingsBySettingId(value1.substring(2, value1.length()));
759 if (decisionSettings != null && "string".equals(decisionSettings.getDatatypeBean().getShortName())) {
760 dataType = STRING_DATATYPE;
761 } else if (decisionSettings != null && "boolean".equals(decisionSettings.getDatatypeBean().getShortName())) {
762 dataType = BOOLEAN_DATATYPE;
764 dataType = INTEGER_DATATYPE;
770 dataTypeList.add(dataType);
774 private String getDataType(String key) {
776 DecisionSettings decisionSettings = findDecisionSettingsBySettingId(key);
777 String dataType = null;
779 if (decisionSettings != null && "string".equals(decisionSettings.getDatatypeBean().getShortName())) {
780 dataType = STRING_DATATYPE;
781 } else if (decisionSettings != null && "boolean".equals(decisionSettings.getDatatypeBean().getShortName())) {
782 dataType = BOOLEAN_DATATYPE;
784 dataType = INTEGER_DATATYPE;
791 public Object getCorrectPolicyDataObject() {
792 return policyAdapter.getData();
795 public String getFunctionDefinitionId(String key){
796 FunctionDefinition object = (FunctionDefinition) commonClassDao.getDataById(FunctionDefinition.class, "shortname", key);
798 return object.getXacmlid();