gerrit.onap Code Review - ccsdk/oran.git/blob

   1 /*-
   2  * ========================LICENSE_START=================================
   3  * ONAP : ccsdk oran
   4  * ======================================================================
   5  * Copyright (C) 2023 Nordix Foundation. All rights reserved.
   6  * ======================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ========================LICENSE_END===================================
  19  */
  20
  21 package org.onap.ccsdk.oran.a1policymanagementservice.controllers;
  22
  23 import com.google.gson.Gson;
  24 import com.google.gson.GsonBuilder;
  25
  26 import io.swagger.v3.oas.annotations.Operation;
  27 import io.swagger.v3.oas.annotations.media.Content;
  28 import io.swagger.v3.oas.annotations.media.Schema;
  29 import io.swagger.v3.oas.annotations.responses.ApiResponse;
  30 import io.swagger.v3.oas.annotations.responses.ApiResponses;
  31 import io.swagger.v3.oas.annotations.tags.Tag;
  32
  33 import java.lang.invoke.MethodHandles;
  34 import java.util.ArrayList;
  35 import java.util.Collections;
  36 import java.util.List;
  37 import java.util.Map;
  38
  39 import lombok.Getter;
  40
  41 import org.onap.ccsdk.oran.a1policymanagementservice.controllers.authorization.AuthorizationConsts;
  42 import org.onap.ccsdk.oran.a1policymanagementservice.controllers.authorization.AuthorizationResult;
  43 import org.onap.ccsdk.oran.a1policymanagementservice.controllers.authorization.PolicyAuthorizationRequest;
  44 import org.slf4j.Logger;
  45 import org.slf4j.LoggerFactory;
  46 import org.springframework.http.HttpStatus;
  47 import org.springframework.http.MediaType;
  48 import org.springframework.http.ResponseEntity;
  49 import org.springframework.web.bind.annotation.PostMapping;
  50 import org.springframework.web.bind.annotation.RequestBody;
  51 import org.springframework.web.bind.annotation.RequestHeader;
  52 import org.springframework.web.bind.annotation.RestController;
  53
  54 @RestController("OpenPolicyAgentSimulatorController")
  55 @Tag(name = AuthorizationConsts.AUTH_API_NAME, description = AuthorizationConsts.AUTH_API_DESCRIPTION)
  56 public class OpenPolicyAgentSimulatorController {
  57     private static Gson gson = new GsonBuilder().disableHtmlEscaping().create();
  58
  59     private final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
  60
  61     public static final String ACCESS_CONTROL_URL = "/example-authz-check";
  62     public static final String ACCESS_CONTROL_URL_REJECT = "/example-authz-check-reject";
  63
  64     public static class TestResults {
  65
  66         public List<PolicyAuthorizationRequest> receivedRequests =
  67                 Collections.synchronizedList(new ArrayList<PolicyAuthorizationRequest>());
  68
  69         public TestResults() {}
  70
  71         public void reset() {
  72             receivedRequests.clear();
  73
  74         }
  75     }
  76
  77     @Getter
  78     private TestResults testResults = new TestResults();
  79
  80     @PostMapping(path = ACCESS_CONTROL_URL, produces = MediaType.APPLICATION_JSON_VALUE)
  81     @Operation(summary = AuthorizationConsts.GRANT_ACCESS_SUMMARY,
  82             description = AuthorizationConsts.GRANT_ACCESS_DESCRIPTION)
  83     @ApiResponses(value = { //
  84             @ApiResponse(responseCode = "200", description = "OK", //
  85                     content = @Content(schema = @Schema(implementation = AuthorizationResult.class))) //
  86     })
  87     public ResponseEntity<Object> performAccessControl( //
  88             @RequestHeader Map<String, String> headers, //
  89             @RequestBody PolicyAuthorizationRequest request) {
  90         logger.debug("Auth {}", request);
  91         testResults.receivedRequests.add(request);
  92
  93         String res = gson.toJson(AuthorizationResult.builder().result(true).build());
  94         return new ResponseEntity<>(res, HttpStatus.OK);
  95     }
  96
  97     @PostMapping(path = ACCESS_CONTROL_URL_REJECT, produces = MediaType.APPLICATION_JSON_VALUE)
  98     @Operation(summary = "Rejecting", description = "", hidden = true)
  99     @ApiResponses(value = { //
 100             @ApiResponse(responseCode = "200", description = "OK", //
 101                     content = @Content(schema = @Schema(implementation = VoidResponse.class))) //
 102     })
 103     public ResponseEntity<Object> performAccessControlReject( //
 104             @RequestHeader Map<String, String> headers, //
 105             @RequestBody PolicyAuthorizationRequest request) {
 106         logger.debug("Auth Reject {}", request);
 107         testResults.receivedRequests.add(request);
 108         String res = gson.toJson(AuthorizationResult.builder().result(false).build());
 109         return new ResponseEntity<>(res, HttpStatus.OK);
 110     }
 111
 112 }