2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * SPDX-License-Identifier: Apache-2.0
20 * ============LICENSE_END=========================================================
23 package org.onap.policy.pdp.xacml.application.common.std;
25 import com.att.research.xacml.api.Request;
26 import com.att.research.xacml.api.Response;
27 import com.att.research.xacml.api.pdp.PDPEngine;
28 import com.att.research.xacml.api.pdp.PDPEngineFactory;
29 import com.att.research.xacml.api.pdp.PDPException;
30 import com.att.research.xacml.util.FactoryException;
31 import com.att.research.xacml.util.XACMLPolicyWriter;
32 import java.io.IOException;
33 import java.nio.charset.StandardCharsets;
34 import java.nio.file.Files;
35 import java.nio.file.Path;
36 import java.util.Collections;
37 import java.util.HashMap;
38 import java.util.List;
40 import java.util.Properties;
42 import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
43 import org.apache.commons.lang3.tuple.Pair;
44 import org.onap.policy.common.endpoints.parameters.RestServerParameters;
45 import org.onap.policy.models.decisions.concepts.DecisionRequest;
46 import org.onap.policy.models.decisions.concepts.DecisionResponse;
47 import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy;
48 import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier;
49 import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
50 import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator;
51 import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException;
52 import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
53 import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
54 import org.slf4j.Logger;
55 import org.slf4j.LoggerFactory;
57 public abstract class StdXacmlApplicationServiceProvider implements XacmlApplicationServiceProvider {
59 private static final Logger LOGGER = LoggerFactory.getLogger(StdXacmlApplicationServiceProvider.class);
60 private Path pathForData = null;
62 private RestServerParameters policyApiParameters;
63 private Properties pdpProperties = null;
64 private PDPEngine pdpEngine = null;
65 private Map<ToscaPolicy, Path> mapLoadedPolicies = new HashMap<>();
67 public StdXacmlApplicationServiceProvider() {
72 public String applicationName() {
73 return "Please Override";
77 public List<String> actionDecisionsSupported() {
78 return Collections.emptyList();
82 public void initialize(Path pathForData, RestServerParameters policyApiParameters)
83 throws XacmlApplicationException {
87 this.pathForData = pathForData;
88 LOGGER.info("New Path is {}", this.pathForData.toAbsolutePath());
92 this.policyApiParameters = policyApiParameters;
94 // Look for and load the properties object
97 pdpProperties = XacmlPolicyUtils.loadXacmlProperties(XacmlPolicyUtils.getPropertiesPath(pathForData));
98 LOGGER.info("{}", pdpProperties);
99 } catch (IOException e) {
100 throw new XacmlApplicationException("Failed to load " + XacmlPolicyUtils.XACML_PROPERTY_FILE, e);
105 createEngine(pdpProperties);
109 public List<ToscaPolicyTypeIdentifier> supportedPolicyTypes() {
110 throw new UnsupportedOperationException("Please override and implement supportedPolicyTypes");
114 public boolean canSupportPolicyType(ToscaPolicyTypeIdentifier policyTypeId) {
115 throw new UnsupportedOperationException("Please override and implement canSupportPolicyType");
119 public synchronized void loadPolicy(ToscaPolicy toscaPolicy) throws XacmlApplicationException {
122 // Convert the policies first
124 PolicyType xacmlPolicy = this.getTranslator(toscaPolicy.getType()).convertPolicy(toscaPolicy);
125 if (xacmlPolicy == null) {
126 throw new ToscaPolicyConversionException("Failed to convert policy");
129 // Create a copy of the properties object
131 Properties newProperties = this.getProperties();
133 // Construct the filename
135 Path refPath = XacmlPolicyUtils.constructUniquePolicyFilename(xacmlPolicy, this.getDataPath());
137 // Write the policy to disk
138 // Maybe check for an error
140 XACMLPolicyWriter.writePolicyFile(refPath, xacmlPolicy);
141 if (LOGGER.isInfoEnabled()) {
142 LOGGER.info("Xacml Policy is {}{}", XacmlPolicyUtils.LINE_SEPARATOR,
143 new String(Files.readAllBytes(refPath), StandardCharsets.UTF_8));
146 // Add root policy to properties object
148 XacmlPolicyUtils.addRootPolicy(newProperties, refPath);
150 // Write the properties to disk
152 XacmlPolicyUtils.storeXacmlProperties(newProperties,
153 XacmlPolicyUtils.getPropertiesPath(this.getDataPath()));
157 this.createEngine(newProperties);
159 // Save the properties
161 this.pdpProperties = newProperties;
165 this.mapLoadedPolicies.put(toscaPolicy, refPath);
166 } catch (IOException | ToscaPolicyConversionException e) {
167 throw new XacmlApplicationException("loadPolicy failed", e);
172 public synchronized boolean unloadPolicy(ToscaPolicy toscaPolicy) throws XacmlApplicationException {
174 // Find it in our map
176 Path refPolicy = this.mapLoadedPolicies.get(toscaPolicy);
177 if (refPolicy == null) {
178 LOGGER.error("Failed to find ToscaPolicy {} in our map size {}", toscaPolicy.getMetadata(),
179 this.mapLoadedPolicies.size());
183 // Create a copy of the properties object
185 Properties newProperties = this.getProperties();
187 // Remove it from the properties
189 XacmlPolicyUtils.removeRootPolicy(newProperties, refPolicy);
191 // We can delete the file
194 Files.delete(refPolicy);
195 } catch (IOException e) {
196 LOGGER.error("Failed to delete policy {} from disk {}", toscaPolicy.getMetadata(),
197 refPolicy.toAbsolutePath(), e);
200 // Write the properties to disk
203 XacmlPolicyUtils.storeXacmlProperties(newProperties,
204 XacmlPolicyUtils.getPropertiesPath(this.getDataPath()));
205 } catch (IOException e) {
206 LOGGER.error("Failed to save the properties to disk {}", newProperties, e);
211 this.createEngine(newProperties);
213 // Save the properties
215 this.pdpProperties = newProperties;
219 if (this.mapLoadedPolicies.remove(toscaPolicy) == null) {
220 LOGGER.error("Failed to remove toscaPolicy {} from internal map size {}", toscaPolicy.getMetadata(),
221 this.mapLoadedPolicies.size());
224 // Not sure if any of the errors above warrant returning false
230 public Pair<DecisionResponse, Response> makeDecision(DecisionRequest request,
231 Map<String, String[]> requestQueryParams) {
233 // Convert to a XacmlRequest
235 Request xacmlRequest;
237 xacmlRequest = this.getTranslator().convertRequest(request);
238 } catch (ToscaPolicyConversionException e) {
239 LOGGER.error("Failed to convert request", e);
240 DecisionResponse response = new DecisionResponse();
241 response.setStatus("error");
242 response.setMessage(e.getLocalizedMessage());
243 return Pair.of(response, null);
246 // Now get a decision
248 Response xacmlResponse = this.xacmlDecision(xacmlRequest);
250 // Convert to a DecisionResponse
252 return Pair.of(this.getTranslator().convertResponse(xacmlResponse), xacmlResponse);
255 protected abstract ToscaPolicyTranslator getTranslator(String type);
257 protected ToscaPolicyTranslator getTranslator() {
258 return this.getTranslator("");
261 protected synchronized PDPEngine getEngine() {
262 return this.pdpEngine;
265 protected synchronized Properties getProperties() {
266 Properties newProperties = new Properties();
267 newProperties.putAll(pdpProperties);
268 return newProperties;
271 protected synchronized Path getDataPath() {
276 * Creates an instance of PDP engine given the Properties object.
278 protected synchronized void createEngine(Properties properties) {
280 // Now initialize the XACML PDP Engine
283 PDPEngineFactory factory = getPdpEngineFactory();
284 PDPEngine engine = factory.newEngine(properties);
285 if (engine != null) {
286 this.pdpEngine = engine;
288 } catch (FactoryException e) {
289 LOGGER.error("Failed to create XACML PDP Engine", e);
294 * Make a decision call.
296 * @param request Incoming request object
297 * @return Response object
299 protected synchronized Response xacmlDecision(Request request) {
301 // This is what we need to return
303 Response response = null;
307 long timeStart = System.currentTimeMillis();
309 response = this.pdpEngine.decide(request);
310 } catch (PDPException e) {
311 LOGGER.error("Xacml PDP Engine decide failed", e);
314 // Track the end of timing
316 long timeEnd = System.currentTimeMillis();
317 LOGGER.info("Elapsed Time: {}ms", (timeEnd - timeStart));
322 // these may be overridden by junit tests
324 protected PDPEngineFactory getPdpEngineFactory() throws FactoryException {
325 return PDPEngineFactory.newInstance();