gerrit.onap Code Review - policy/xacml-pdp.git/blob

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
   4  * Modifications Copyright (C) 2023-2024 Nordix Foundation.
   5  * ================================================================================
   6  * Licensed under the Apache License, Version 2.0 (the "License");
   7  * you may not use this file except in compliance with the License.
   8  * You may obtain a copy of the License at
   9  *
  10  *      http://www.apache.org/licenses/LICENSE-2.0
  11  *
  12  * Unless required by applicable law or agreed to in writing, software
  13  * distributed under the License is distributed on an "AS IS" BASIS,
  14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15  * See the License for the specific language governing permissions and
  16  * limitations under the License.
  17  *
  18  * SPDX-License-Identifier: Apache-2.0
  19  * ============LICENSE_END=========================================================
  20  */
  21
  22 package org.onap.policy.pdp.xacml.application.common.std;
  23
  24 import static org.assertj.core.api.Assertions.assertThat;
  25 import static org.junit.jupiter.api.Assertions.assertEquals;
  26 import static org.junit.jupiter.api.Assertions.assertNotNull;
  27 import static org.junit.jupiter.api.Assertions.assertTrue;
  28 import static org.mockito.Mockito.mock;
  29 import static org.mockito.Mockito.when;
  30
  31 import com.att.research.xacml.api.AttributeAssignment;
  32 import com.att.research.xacml.api.Decision;
  33 import com.att.research.xacml.api.IdReference;
  34 import com.att.research.xacml.api.Obligation;
  35 import com.att.research.xacml.api.Request;
  36 import com.att.research.xacml.std.StdStatusCode;
  37 import jakarta.ws.rs.Consumes;
  38 import jakarta.ws.rs.GET;
  39 import jakarta.ws.rs.HeaderParam;
  40 import jakarta.ws.rs.Path;
  41 import jakarta.ws.rs.PathParam;
  42 import jakarta.ws.rs.Produces;
  43 import jakarta.ws.rs.core.Response;
  44 import java.io.IOException;
  45 import java.text.ParseException;
  46 import java.util.ArrayList;
  47 import java.util.Arrays;
  48 import java.util.Collection;
  49 import java.util.HashMap;
  50 import java.util.List;
  51 import java.util.Map;
  52 import java.util.Properties;
  53 import java.util.UUID;
  54 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType;
  55 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObligationExpressionType;
  56 import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
  57 import org.junit.jupiter.api.AfterAll;
  58 import org.junit.jupiter.api.BeforeAll;
  59 import org.junit.jupiter.api.Test;
  60 import org.junit.jupiter.api.io.TempDir;
  61 import org.onap.policy.common.endpoints.http.client.HttpClient;
  62 import org.onap.policy.common.endpoints.http.client.HttpClientFactoryInstance;
  63 import org.onap.policy.common.endpoints.http.server.HttpServletServer;
  64 import org.onap.policy.common.endpoints.http.server.HttpServletServerFactoryInstance;
  65 import org.onap.policy.common.endpoints.parameters.RestClientParameters;
  66 import org.onap.policy.common.endpoints.properties.PolicyEndPointProperties;
  67 import org.onap.policy.common.gson.GsonMessageBodyHandler;
  68 import org.onap.policy.common.utils.coder.CoderException;
  69 import org.onap.policy.common.utils.coder.StandardYamlCoder;
  70 import org.onap.policy.common.utils.network.NetworkUtil;
  71 import org.onap.policy.common.utils.resources.ResourceUtils;
  72 import org.onap.policy.models.decisions.concepts.DecisionRequest;
  73 import org.onap.policy.models.decisions.concepts.DecisionResponse;
  74 import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicy;
  75 import org.onap.policy.models.tosca.authorative.concepts.ToscaServiceTemplate;
  76 import org.onap.policy.models.tosca.simple.concepts.JpaToscaServiceTemplate;
  77 import org.onap.policy.pdp.xacml.application.common.TestUtilsCommon;
  78 import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
  79 import org.onap.policy.pdp.xacml.application.common.ToscaPolicyConversionException;
  80 import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
  81 import org.slf4j.Logger;
  82 import org.slf4j.LoggerFactory;
  83
  84 public class StdMatchableTranslatorTest {
  85
  86     private static final Logger logger = LoggerFactory.getLogger(StdMatchableTranslatorTest.class);
  87     private static final String CLIENT_NAME = "policy-api";
  88     private static final StandardYamlCoder yamlCoder = new StandardYamlCoder();
  89     private static int port;
  90     private static RestClientParameters clientParams;
  91     private static ToscaServiceTemplate testTemplate;
  92     private static HttpClient apiClient;
  93
  94     @TempDir
  95     static java.nio.file.Path policyFolder;
  96
  97     /**
  98      * Initializes {@link #clientParams} and starts a simple REST server to handle the
  99      * test requests.
 100      *
 101      * @throws IOException if an error occurs
 102      */
 103     @BeforeAll
 104     static void setUpBeforeClass() throws Exception {
 105         System.setProperty("org.eclipse.jetty.util.log.class", "org.eclipse.jetty.util.log.StdErrLog");
 106         System.setProperty("org.eclipse.jetty.LEVEL", "OFF");
 107         //
 108         // Setup our api server simulator
 109         //
 110         port = NetworkUtil.allocPort();
 111
 112         clientParams = mock(RestClientParameters.class);
 113         when(clientParams.getClientName()).thenReturn("apiClient");
 114         when(clientParams.getHostname()).thenReturn("localhost");
 115         when(clientParams.getPort()).thenReturn(port);
 116
 117         Properties props = getProperties();
 118
 119         HttpServletServerFactoryInstance.getServerFactory().build(props).forEach(HttpServletServer::start);
 120         apiClient = HttpClientFactoryInstance.getClientFactory().build(clientParams);
 121
 122         assertTrue(NetworkUtil.isTcpPortOpen(clientParams.getHostname(), clientParams.getPort(), 100, 100));
 123         //
 124         // Load our test policy type
 125         //
 126         String policyYaml = ResourceUtils.getResourceAsString("matchable/onap.policies.Test-1.0.0.yaml");
 127         //
 128         // Serialize it into a class
 129         //
 130         ToscaServiceTemplate serviceTemplate = yamlCoder.decode(policyYaml, ToscaServiceTemplate.class);
 131         //
 132         // Make sure all the fields are set up properly
 133         //
 134         JpaToscaServiceTemplate jtst = new JpaToscaServiceTemplate();
 135         jtst.fromAuthorative(serviceTemplate);
 136         testTemplate = jtst.toAuthorative();
 137         //
 138         // Make sure the Policy Types are there
 139         //
 140         assertEquals(3, testTemplate.getPolicyTypes().size());
 141         assertNotNull(testTemplate.getPolicyTypes().get("onap.policies.Base"));
 142         assertNotNull(testTemplate.getPolicyTypes().get("onap.policies.base.Middle"));
 143         assertNotNull(testTemplate.getPolicyTypes().get("onap.policies.base.middle.Test"));
 144         logger.info("Test Policy Type {}{}", XacmlPolicyUtils.LINE_SEPARATOR, testTemplate);
 145     }
 146
 147     private static Properties getProperties() {
 148         Properties props = new Properties();
 149         props.setProperty(PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES, CLIENT_NAME);
 150
 151         final String svcpfx =
 152             PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "." + CLIENT_NAME;
 153
 154         props.setProperty(svcpfx + PolicyEndPointProperties.PROPERTY_HTTP_HOST_SUFFIX, clientParams.getHostname());
 155         props.setProperty(svcpfx + PolicyEndPointProperties.PROPERTY_HTTP_PORT_SUFFIX,
 156             Integer.toString(clientParams.getPort()));
 157         props.setProperty(svcpfx + PolicyEndPointProperties.PROPERTY_HTTP_REST_CLASSES_SUFFIX,
 158             ApiRestController.class.getName());
 159         props.setProperty(svcpfx + PolicyEndPointProperties.PROPERTY_MANAGED_SUFFIX, "true");
 160         props.setProperty(svcpfx + PolicyEndPointProperties.PROPERTY_HTTP_HTTPS_SUFFIX, "false");
 161         props.setProperty(svcpfx + PolicyEndPointProperties.PROPERTY_HTTP_SERIALIZATION_PROVIDER,
 162             GsonMessageBodyHandler.class.getName());
 163         return props;
 164     }
 165
 166     @AfterAll
 167     public static void tearDownAfterClass() {
 168         HttpServletServerFactoryInstance.getServerFactory().destroy();
 169     }
 170
 171     @Test
 172      void testMatchableTranslator() throws CoderException, ToscaPolicyConversionException, ParseException {
 173         //
 174         // Create our translator
 175         //
 176         StdMatchableTranslator translator = new StdMatchableTranslator();
 177         assertNotNull(translator);
 178         //
 179         // Set it up
 180         //
 181         translator.setPathForData(policyFolder.getRoot().toAbsolutePath());
 182         translator.setApiClient(apiClient);
 183         //
 184         // Load policies to test
 185         //
 186         String policyYaml = ResourceUtils.getResourceAsString(
 187             "src/test/resources/matchable/test.policies.input.tosca.yaml");
 188         //
 189         // Serialize it into a class
 190         //
 191         ToscaServiceTemplate serviceTemplate = yamlCoder.decode(policyYaml, ToscaServiceTemplate.class);
 192         //
 193         // Make sure all the fields are set up properly
 194         //
 195         JpaToscaServiceTemplate jtst = new JpaToscaServiceTemplate();
 196         jtst.fromAuthorative(serviceTemplate);
 197         ToscaServiceTemplate completedJtst = jtst.toAuthorative();
 198         //
 199         // Convert the policy
 200         //
 201         for (Map<String, ToscaPolicy> policies : completedJtst.getToscaTopologyTemplate().getPolicies()) {
 202             for (ToscaPolicy policy : policies.values()) {
 203                 //
 204                 // Test that we can convert the policy - assuming PolicyType
 205                 //
 206                 PolicyType translatedPolicy = (PolicyType) translator.convertPolicy(policy);
 207                 assertNotNull(translatedPolicy);
 208                 assertThat(translatedPolicy.getObligationExpressions().getObligationExpression()).hasSize(1);
 209                 logger.info("Translated policy {} {}", XacmlPolicyUtils.LINE_SEPARATOR, translatedPolicy);
 210                 //
 211                 // Shortcut to create an obligation, we are just going to steal
 212                 // the attributes from the translated policy.
 213                 //
 214                 List<AttributeAssignment> listAttributes = new ArrayList<>();
 215                 ObligationExpressionType xacmlObligation = translatedPolicy.getObligationExpressions()
 216                     .getObligationExpression().get(0);
 217                 assertThat(xacmlObligation.getAttributeAssignmentExpression()).hasSize(4);
 218                 //
 219                 // Copy into the list
 220                 //
 221                 xacmlObligation.getAttributeAssignmentExpression().forEach(assignment -> {
 222                     Object value = ((AttributeValueType) assignment.getExpression().getValue()).getContent().get(0);
 223                     listAttributes.add(TestUtilsCommon.createAttributeAssignment(assignment.getAttributeId(),
 224                         assignment.getCategory(), value));
 225                 });
 226                 //
 227                 // Pretend we got multiple policies to match a fictional request
 228                 //
 229                 Obligation obligation1 = TestUtilsCommon.createXacmlObligation(
 230                     ToscaDictionary.ID_OBLIGATION_REST_BODY.stringValue(),
 231                     listAttributes);
 232                 Obligation obligation2 = TestUtilsCommon.createXacmlObligation(
 233                     ToscaDictionary.ID_OBLIGATION_REST_BODY.stringValue(),
 234                     listAttributes);
 235                 //
 236                 // Should ignore this obligation
 237                 //
 238                 Obligation obligation3 = TestUtilsCommon.createXacmlObligation(
 239                     "nobody:cares",
 240                     listAttributes);
 241                 //
 242                 // Create a test XACML Response
 243                 //
 244                 Map<String, String> ids = new HashMap<>();
 245                 ids.put("onap.policies.Test", "1.0.0");
 246                 Collection<IdReference> policyIds = TestUtilsCommon.createPolicyIdList(ids);
 247
 248                 com.att.research.xacml.api.Response xacmlResponse = TestUtilsCommon.createXacmlResponse(
 249                     StdStatusCode.STATUS_CODE_OK, null, Decision.PERMIT,
 250                     Arrays.asList(obligation1, obligation2, obligation3), policyIds);
 251                 //
 252                 // Test the response
 253                 //
 254                 DecisionResponse decisionResponse = translator.convertResponse(xacmlResponse);
 255                 assertNotNull(decisionResponse);
 256                 assertThat(decisionResponse.getPolicies()).hasSize(1);
 257             }
 258         }
 259         //
 260         // Test request decisions
 261         //
 262         DecisionRequest decisionRequest = new DecisionRequest();
 263         decisionRequest.setAction("action");
 264         decisionRequest.setOnapComponent("onap-component");
 265         decisionRequest.setOnapName("onap");
 266         Map<String, Object> resource = new HashMap<>();
 267         resource.put("matchableString", "I should be matched");
 268         decisionRequest.setResource(resource);
 269         Request xacmlRequest = translator.convertRequest(decisionRequest);
 270         assertNotNull(xacmlRequest);
 271         assertThat(xacmlRequest.getRequestAttributes()).hasSize(3);
 272     }
 273
 274     /**
 275      * Simple REST server to handle test requests.
 276      */
 277
 278     @Path("/policy/api/v1")
 279     @Produces({"application/json", "application/yaml"})
 280     @Consumes({"application/json", "application/yaml"})
 281     public static class ApiRestController {
 282
 283         /**
 284          * Retrieves the specified version of a particular policy type.
 285          *
 286          * @param policyTypeId ID of desired policy type
 287          * @param versionId    version of desired policy type
 288          * @param requestId    optional request ID
 289          * @return the Response object containing the results of the API operation
 290          */
 291         @GET
 292         @Path("/policytypes/{policyTypeId}/versions/{versionId}")
 293         public Response getSpecificVersionOfPolicyType(@PathParam("policyTypeId") String policyTypeId,
 294                                                        @PathParam("versionId") String versionId,
 295                                                        @HeaderParam("X-ONAP-RequestID") UUID requestId) {
 296             logger.info("request for policy type={} version={}", policyTypeId, versionId);
 297             return Response.status(Response.Status.OK).entity(testTemplate).build();
 298
 299         }
 300     }
 301 }