2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * SPDX-License-Identifier: Apache-2.0
20 * ============LICENSE_END=========================================================
23 package org.onap.policy.pdp.xacml.application.common.std;
25 import com.att.research.xacml.api.Request;
26 import com.att.research.xacml.api.Response;
27 import com.att.research.xacml.api.pdp.PDPEngine;
28 import com.att.research.xacml.api.pdp.PDPEngineFactory;
29 import com.att.research.xacml.api.pdp.PDPException;
30 import com.att.research.xacml.util.FactoryException;
31 import com.att.research.xacml.util.XACMLPolicyWriter;
32 import java.io.IOException;
33 import java.nio.charset.StandardCharsets;
34 import java.nio.file.Files;
35 import java.nio.file.Path;
36 import java.util.Collections;
37 import java.util.HashMap;
38 import java.util.List;
40 import java.util.Properties;
42 import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
43 import org.apache.commons.lang3.tuple.Pair;
44 import org.onap.policy.common.endpoints.parameters.RestServerParameters;
45 import org.onap.policy.models.decisions.concepts.DecisionRequest;
46 import org.onap.policy.models.decisions.concepts.DecisionResponse;
47 import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy;
48 import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier;
49 import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
50 import org.onap.policy.pdp.xacml.application.common.ToscaPolicyTranslator;
51 import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException;
52 import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
53 import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
54 import org.slf4j.Logger;
55 import org.slf4j.LoggerFactory;
57 public abstract class StdXacmlApplicationServiceProvider implements XacmlApplicationServiceProvider {
59 private static final Logger LOGGER = LoggerFactory.getLogger(StdXacmlApplicationServiceProvider.class);
60 private Path pathForData = null;
62 private RestServerParameters policyApiParameters;
63 private Properties pdpProperties = null;
64 private PDPEngine pdpEngine = null;
65 private Map<ToscaPolicy, Path> mapLoadedPolicies = new HashMap<>();
67 public StdXacmlApplicationServiceProvider() {
72 public String applicationName() {
73 return "Please Override";
77 public List<String> actionDecisionsSupported() {
78 return Collections.emptyList();
82 public void initialize(Path pathForData, RestServerParameters policyApiParameters)
83 throws XacmlApplicationException {
87 this.pathForData = pathForData;
88 LOGGER.info("New Path is {}", this.pathForData.toAbsolutePath());
92 this.policyApiParameters = policyApiParameters;
94 // Look for and load the properties object
97 pdpProperties = XacmlPolicyUtils.loadXacmlProperties(XacmlPolicyUtils.getPropertiesPath(pathForData));
98 LOGGER.info("{}", pdpProperties);
99 } catch (IOException e) {
100 throw new XacmlApplicationException("Failed to load " + XacmlPolicyUtils.XACML_PROPERTY_FILE, e);
105 createEngine(pdpProperties);
109 public List<ToscaPolicyTypeIdentifier> supportedPolicyTypes() {
110 throw new UnsupportedOperationException("Please override and implement supportedPolicyTypes");
114 public boolean canSupportPolicyType(ToscaPolicyTypeIdentifier policyTypeId) {
115 throw new UnsupportedOperationException("Please override and implement canSupportPolicyType");
119 public synchronized void loadPolicy(ToscaPolicy toscaPolicy) throws XacmlApplicationException {
122 // Convert the policies first
124 PolicyType xacmlPolicy = this.getTranslator(toscaPolicy.getType()).convertPolicy(toscaPolicy);
125 if (xacmlPolicy == null) {
126 throw new ToscaPolicyConversionException("Failed to convert policy");
129 // Create a copy of the properties object
131 Properties newProperties = this.getProperties();
133 // Construct the filename
135 Path refPath = XacmlPolicyUtils.constructUniquePolicyFilename(xacmlPolicy, this.getDataPath());
137 // Write the policy to disk
138 // Maybe check for an error
140 XACMLPolicyWriter.writePolicyFile(refPath, xacmlPolicy);
141 if (LOGGER.isInfoEnabled()) {
142 LOGGER.info("Xacml Policy is {}{}", XacmlPolicyUtils.LINE_SEPARATOR,
143 new String(Files.readAllBytes(refPath), StandardCharsets.UTF_8));
146 // Add root policy to properties object
148 XacmlPolicyUtils.addRootPolicy(newProperties, refPath);
150 // Write the properties to disk
152 XacmlPolicyUtils.storeXacmlProperties(newProperties,
153 XacmlPolicyUtils.getPropertiesPath(this.getDataPath()));
157 this.createEngine(newProperties);
159 // Save the properties
161 this.pdpProperties = newProperties;
165 this.mapLoadedPolicies.put(toscaPolicy, refPath);
166 } catch (IOException | ToscaPolicyConversionException e) {
167 throw new XacmlApplicationException("loadPolicy failed", e);
172 public synchronized boolean unloadPolicy(ToscaPolicy toscaPolicy) throws XacmlApplicationException {
174 // Find it in our map
176 Path refPolicy = this.mapLoadedPolicies.get(toscaPolicy);
177 if (refPolicy == null) {
178 LOGGER.error("Failed to find ToscaPolicy {} in our map size {}", toscaPolicy.getMetadata(),
179 this.mapLoadedPolicies.size());
183 // Create a copy of the properties object
185 Properties newProperties = this.getProperties();
187 // Remove it from the properties
189 XacmlPolicyUtils.removeRootPolicy(newProperties, refPolicy);
191 // We can delete the file
194 Files.delete(refPolicy);
195 } catch (IOException e) {
196 LOGGER.error("Failed to delete policy {} from disk {}", toscaPolicy.getMetadata(),
197 refPolicy.toAbsolutePath(), e);
200 // Write the properties to disk
203 XacmlPolicyUtils.storeXacmlProperties(newProperties,
204 XacmlPolicyUtils.getPropertiesPath(this.getDataPath()));
205 } catch (IOException e) {
206 LOGGER.error("Failed to save the properties to disk {}", newProperties, e);
211 this.createEngine(newProperties);
213 // Save the properties
215 this.pdpProperties = newProperties;
219 if (this.mapLoadedPolicies.remove(toscaPolicy) == null) {
220 LOGGER.error("Failed to remove toscaPolicy {} from internal map size {}", toscaPolicy.getMetadata(),
221 this.mapLoadedPolicies.size());
224 // Not sure if any of the errors above warrant returning false
230 public Pair<DecisionResponse, Response> makeDecision(DecisionRequest request,
231 Map<String, String[]> requestQueryParams) {
233 // Convert to a XacmlRequest
235 Request xacmlRequest = this.getTranslator().convertRequest(request);
237 // Now get a decision
239 Response xacmlResponse = this.xacmlDecision(xacmlRequest);
241 // Convert to a DecisionResponse
243 return Pair.of(this.getTranslator().convertResponse(xacmlResponse), xacmlResponse);
246 protected abstract ToscaPolicyTranslator getTranslator(String type);
248 protected ToscaPolicyTranslator getTranslator() {
249 return this.getTranslator("");
252 protected synchronized PDPEngine getEngine() {
253 return this.pdpEngine;
256 protected synchronized Properties getProperties() {
257 Properties newProperties = new Properties();
258 newProperties.putAll(pdpProperties);
259 return newProperties;
262 protected synchronized Path getDataPath() {
267 * Creates an instance of PDP engine given the Properties object.
269 protected synchronized void createEngine(Properties properties) {
271 // Now initialize the XACML PDP Engine
274 PDPEngineFactory factory = getPdpEngineFactory();
275 PDPEngine engine = factory.newEngine(properties);
276 if (engine != null) {
277 this.pdpEngine = engine;
279 } catch (FactoryException e) {
280 LOGGER.error("Failed to create XACML PDP Engine", e);
285 * Make a decision call.
287 * @param request Incoming request object
288 * @return Response object
290 protected synchronized Response xacmlDecision(Request request) {
292 // This is what we need to return
294 Response response = null;
298 long timeStart = System.currentTimeMillis();
300 response = this.pdpEngine.decide(request);
301 } catch (PDPException e) {
302 LOGGER.error("Xacml PDP Engine decide failed", e);
305 // Track the end of timing
307 long timeEnd = System.currentTimeMillis();
308 LOGGER.info("Elapsed Time: {}ms", (timeEnd - timeStart));
313 // these may be overridden by junit tests
315 protected PDPEngineFactory getPdpEngineFactory() throws FactoryException {
316 return PDPEngineFactory.newInstance();