2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * SPDX-License-Identifier: Apache-2.0
20 * ============LICENSE_END=========================================================
23 package org.onap.policy.pdp.xacml.application.common.std;
25 import com.att.research.xacml.api.AttributeAssignment;
26 import com.att.research.xacml.api.Decision;
27 import com.att.research.xacml.api.Obligation;
28 import com.att.research.xacml.api.Request;
29 import com.att.research.xacml.api.Response;
30 import com.att.research.xacml.api.Result;
31 import com.google.gson.Gson;
32 import java.util.Collection;
33 import java.util.HashMap;
35 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeAssignmentExpressionType;
36 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType;
37 import oasis.names.tc.xacml._3_0.core.schema.wd_17.EffectType;
38 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory;
39 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObligationExpressionType;
40 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObligationExpressionsType;
41 import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
42 import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType;
43 import org.onap.policy.models.decisions.concepts.DecisionRequest;
44 import org.onap.policy.models.decisions.concepts.DecisionResponse;
45 import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy;
46 import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
47 import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
48 import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator;
49 import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
50 import org.slf4j.Logger;
51 import org.slf4j.LoggerFactory;
53 public class StdBaseTranslator implements ToscaPolicyTranslator {
54 private static final Logger LOGGER = LoggerFactory.getLogger(StdBaseTranslator.class);
55 private static Gson gson = new Gson();
57 public static final String POLICY_ID = "policy-id";
58 public static final String POLICY_VERSION = "policy-version";
61 public PolicyType convertPolicy(ToscaPolicy toscaPolicy) throws ToscaPolicyConversionException {
62 throw new ToscaPolicyConversionException("Please override converPolicy");
66 public Request convertRequest(DecisionRequest request) {
71 public DecisionResponse convertResponse(Response xacmlResponse) {
72 LOGGER.info("Converting Response {}", xacmlResponse);
73 DecisionResponse decisionResponse = new DecisionResponse();
77 decisionResponse.setPolicies(new HashMap<>());
79 // Iterate through all the results
81 for (Result xacmlResult : xacmlResponse.getResults()) {
85 if (xacmlResult.getDecision() == Decision.PERMIT) {
87 // Go through obligations
89 scanObligations(xacmlResult.getObligations(), decisionResponse);
90 } else if (xacmlResult.getDecision() == Decision.DENY
91 || xacmlResult.getDecision() == Decision.INDETERMINATE) {
93 // TODO we have to return an ErrorResponse object instead
95 decisionResponse.setStatus("A better error message");
99 return decisionResponse;
102 protected void scanObligations(Collection<Obligation> obligations, DecisionResponse decisionResponse) {
103 for (Obligation obligation : obligations) {
104 LOGGER.info("Obligation: {}", obligation);
105 for (AttributeAssignment assignment : obligation.getAttributeAssignments()) {
106 LOGGER.info("Attribute Assignment: {}", assignment);
107 processObligationAttribute(assignment, decisionResponse);
112 @SuppressWarnings("unchecked")
113 protected void processObligationAttribute(AttributeAssignment assignment, DecisionResponse decisionResponse) {
115 // We care about the content attribute
117 if (ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_CONTENTS
118 .equals(assignment.getAttributeId())) {
120 // The contents are in Json form
122 Object stringContents = assignment.getAttributeValue().getValue();
123 LOGGER.info("DCAE contents: {}{}", XacmlPolicyUtils.LINE_SEPARATOR, stringContents);
125 // Let's parse it into a map using Gson
127 Map<String, Object> result;
128 result = gson.fromJson(stringContents.toString(), Map.class);
130 // Find the metadata section
132 Map<String, Object> metadata = (Map<String, Object>) result.get("metadata");
133 if (metadata != null) {
134 decisionResponse.getPolicies().put(metadata.get(POLICY_ID).toString(), result);
136 LOGGER.error("Missing metadata section in policy contained in obligation.");
142 * From the TOSCA metadata section, pull in values that are needed into the XACML policy.
144 * @param policy Policy Object to store the metadata
145 * @param map The Metadata TOSCA Map
146 * @return Same Policy Object
147 * @throws ToscaPolicyConversionException If there is something missing from the metadata
149 protected PolicyType fillMetadataSection(PolicyType policy,
150 Map<String, String> map) throws ToscaPolicyConversionException {
152 // Ensure the policy-id exists - we don't use it here. It
153 // is saved in the TOSCA Policy Name field.
155 if (! map.containsKey(POLICY_ID)) {
156 throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata " + POLICY_ID);
159 // Ensure the policy-version exists
161 if (! map.containsKey(POLICY_VERSION)) {
162 throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata "
166 // Add in the Policy Version
168 policy.setVersion(map.get(POLICY_VERSION));
172 protected RuleType addObligation(RuleType rule, String jsonPolicy) {
174 // Convert the YAML Policy to JSON Object
176 LOGGER.info("JSON Optimization Policy {}{}", XacmlPolicyUtils.LINE_SEPARATOR, jsonPolicy);
178 // Create an AttributeValue for it
180 AttributeValueType value = new AttributeValueType();
181 value.setDataType(ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_DATATYPE.stringValue());
182 value.getContent().add(jsonPolicy);
184 // Create our AttributeAssignmentExpression where we will
185 // store the contents of the policy in JSON format.
187 AttributeAssignmentExpressionType expressionType = new AttributeAssignmentExpressionType();
188 expressionType.setAttributeId(ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_CONTENTS.stringValue());
189 ObjectFactory factory = new ObjectFactory();
190 expressionType.setExpression(factory.createAttributeValue(value));
192 // Create an ObligationExpression for it
194 ObligationExpressionType obligation = new ObligationExpressionType();
195 obligation.setFulfillOn(EffectType.PERMIT);
196 obligation.setObligationId(ToscaDictionary.ID_OBLIGATION_REST_BODY.stringValue());
197 obligation.getAttributeAssignmentExpression().add(expressionType);
199 // Now we can add it into the rule
201 ObligationExpressionsType obligations = new ObligationExpressionsType();
202 obligations.getObligationExpression().add(obligation);
203 rule.setObligationExpressions(obligations);