import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
+import java.sql.Date;
+import java.time.Instant;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.ServiceLoader;
import java.util.UUID;
+import javax.persistence.EntityManager;
+import javax.persistence.Persistence;
+
+import org.junit.AfterClass;
+import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.FixMethodOrder;
import org.onap.policy.common.utils.resources.TextFileUtils;
import org.onap.policy.models.decisions.concepts.DecisionRequest;
import org.onap.policy.models.decisions.concepts.DecisionResponse;
+import org.onap.policy.models.tosca.authorative.concepts.ToscaPolicyTypeIdentifier;
+import org.onap.policy.pdp.xacml.application.common.OnapOperationsHistoryDbao;
+import org.onap.policy.pdp.xacml.application.common.XacmlApplicationException;
import org.onap.policy.pdp.xacml.application.common.XacmlApplicationServiceProvider;
import org.onap.policy.pdp.xacml.application.common.XacmlPolicyUtils;
import org.slf4j.Logger;
private static Properties properties = new Properties();
private static File propertiesFile;
private static XacmlApplicationServiceProvider service;
- private static DecisionRequest requestGuardPermit;
- private static DecisionRequest requestGuardDeny;
- private static DecisionRequest requestGuardDeny2;
+ private static DecisionRequest requestVfCount1;
+ private static DecisionRequest requestVfCount3;
+ private static DecisionRequest requestVfCount6;
private static StandardCoder gson = new StandardCoder();
+ private static EntityManager em;
+ private static final String DENY = "Deny";
+ private static final String PERMIT = "Permit";
@ClassRule
public static final TemporaryFolder policyFolder = new TemporaryFolder();
*/
@BeforeClass
public static void setUp() throws Exception {
+ LOGGER.info("Setting up class");
//
// Setup our temporary folder
//
strDump.append(application.supportedPolicyTypes());
strDump.append(System.lineSeparator());
}
- LOGGER.debug("{}", strDump);
+ LOGGER.info("{}", strDump);
//
// Tell it to initialize based on the properties file
// we just built for it.
//
service.initialize(propertiesFile.toPath().getParent());
- }
-
- @Test
- public void test1Basics() throws CoderException, IOException {
//
- // Load Single Decision Request
+ // Load Decision Requests
//
- requestGuardPermit = gson.decode(
+ requestVfCount1 = gson.decode(
+ TextFileUtils.getTextFileAsString(
+ "../../main/src/test/resources/decisions/decision.guard.vfCount.1.input.json"),
+ DecisionRequest.class);
+ requestVfCount3 = gson.decode(
TextFileUtils.getTextFileAsString(
- "../../main/src/test/resources/decisions/decision.guard.shouldpermit.input.json"),
+ "../../main/src/test/resources/decisions/decision.guard.vfCount.3.input.json"),
DecisionRequest.class);
+ requestVfCount6 = gson.decode(
+ TextFileUtils.getTextFileAsString(
+ "../../main/src/test/resources/decisions/decision.guard.vfCount.6.input.json"),
+ DecisionRequest.class);
+ //
+ // Create EntityManager for manipulating DB
//
- // Load Single Decision Request
+ em = Persistence.createEntityManagerFactory(
+ GuardPdpApplicationTest.properties.getProperty("historydb.persistenceunit"), properties)
+ .createEntityManager();
+ }
+
+ /**
+ * Clears the database before each test.
+ *
+ */
+ @Before
+ public void startClean() throws Exception {
+ em.getTransaction().begin();
+ em.createQuery("DELETE FROM OnapOperationsHistoryDbao").executeUpdate();
+ em.getTransaction().commit();
+ }
+
+ /**
+ * Check that decision matches expectation.
+ *
+ * @param expected from the response
+ * @param response received
+ *
+ **/
+ public void checkDecision(String expected, DecisionResponse response) throws CoderException {
+ LOGGER.info("Looking for {} Decision", expected);
+ assertThat(response).isNotNull();
+ assertThat(response.getStatus()).isNotNull();
+ assertThat(response.getStatus()).isEqualTo(expected);
+ //
+ // Dump it out as Json
+ //
+ LOGGER.info(gson.encode(response));
+ }
+
+ /**
+ * Request a decision and check that it matches expectation.
+ *
+ * @param request to send to Xacml PDP
+ * @param expected from the response
+ *
+ **/
+ public void requestAndCheckDecision(DecisionRequest request, String expected) throws CoderException {
+ //
+ // Ask for a decision
//
- requestGuardDeny = gson.decode(TextFileUtils.getTextFileAsString(
- "../../main/src/test/resources/decisions/decision.guard.shoulddeny.input.json"),
- DecisionRequest.class);
+ DecisionResponse response = service.makeDecision(request);
//
- // Load Single Decision Request
+ // Check decision
//
- requestGuardDeny2 = gson.decode(TextFileUtils.getTextFileAsString(
- "../../main/src/test/resources/decisions/decision.guard.shoulddeny.input2.json"),
- DecisionRequest.class);
+ checkDecision(expected, response);
+ }
+
+ @Test
+ public void test1Basics() throws CoderException, IOException {
+ LOGGER.info("**************** Running test1 ****************");
//
// Make sure there's an application name
//
//
assertThat(service.supportedPolicyTypes()).isNotEmpty();
assertThat(service.supportedPolicyTypes().size()).isEqualTo(2);
- assertThat(service.canSupportPolicyType("onap.policies.controlloop.guard.FrequencyLimiter", "1.0.0"))
- .isTrue();
- assertThat(service.canSupportPolicyType("onap.policies.controlloop.guard.FrequencyLimiter", "1.0.1"))
- .isFalse();
- assertThat(service.canSupportPolicyType("onap.policies.controlloop.guard.MinMax", "1.0.0")).isTrue();
- assertThat(service.canSupportPolicyType("onap.policies.controlloop.guard.MinMax", "1.0.1")).isFalse();
- assertThat(service.canSupportPolicyType("onap.foo", "1.0.1")).isFalse();
+ assertThat(service.canSupportPolicyType(new ToscaPolicyTypeIdentifier(
+ "onap.policies.controlloop.guard.FrequencyLimiter", "1.0.0"))).isTrue();
+ assertThat(service.canSupportPolicyType(new ToscaPolicyTypeIdentifier(
+ "onap.policies.controlloop.guard.FrequencyLimiter", "1.0.1"))).isFalse();
+ assertThat(service.canSupportPolicyType(new ToscaPolicyTypeIdentifier(
+ "onap.policies.controlloop.guard.MinMax", "1.0.0"))).isTrue();
+ assertThat(service.canSupportPolicyType(new ToscaPolicyTypeIdentifier(
+ "onap.policies.controlloop.guard.MinMax", "1.0.1"))).isFalse();
+ assertThat(service.canSupportPolicyType(new ToscaPolicyTypeIdentifier("onap.foo", "1.0.1"))).isFalse();
}
@Test
- public void test2NoPolicies() {
- //
- // Ask for a decision
- //
- DecisionResponse response = service.makeDecision(requestGuardPermit);
- LOGGER.info("Decision {}", response);
-
- assertThat(response).isNotNull();
- assertThat(response.getStatus()).isEqualTo("Permit");
+ public void test2NoPolicies() throws CoderException {
+ LOGGER.info("**************** Running test2 ****************");
+ requestAndCheckDecision(requestVfCount1,PERMIT);
}
@Test
- public void test3FrequencyLimiter() throws CoderException, FileNotFoundException, IOException {
+ public void test3FrequencyLimiter() throws CoderException, FileNotFoundException, IOException,
+ XacmlApplicationException {
+ LOGGER.info("**************** Running test3 ****************");
//
// Now load the vDNS frequency limiter Policy - make sure
// the pdp can support it and have it load
// Load the policies
//
service.loadPolicies(toscaObject);
- //
- // Ask for a decision - should get permit
- //
- DecisionResponse response = service.makeDecision(requestGuardPermit);
- LOGGER.info("Looking for Permit Decision {}", response);
-
- assertThat(response).isNotNull();
- assertThat(response.getStatus()).isNotNull();
- assertThat(response.getStatus()).isEqualTo("Permit");
- //
- // Dump it out as Json
- //
- LOGGER.info(gson.encode(response));
- //
- // Ask for a decision - should get deny
- //
- response = service.makeDecision(requestGuardDeny2);
- LOGGER.info("Looking for Deny Decision {}", response);
- assertThat(response).isNotNull();
- assertThat(response.getStatus()).isNotNull();
- assertThat(response.getStatus()).isEqualTo("Deny");
- //
- // Dump it out as Json
- //
- LOGGER.info(gson.encode(response));
}
+ //
+ // Zero recent actions: should get permit
+ //
+ requestAndCheckDecision(requestVfCount1,PERMIT);
+ //
+ // Add entry into operations history DB
+ //
+ insertOperationEvent(requestVfCount1);
+ //
+ // Only one recent actions: should get permit
+ //
+ requestAndCheckDecision(requestVfCount1,PERMIT);
+ //
+ // Add entry into operations history DB
+ //
+ insertOperationEvent(requestVfCount1);
+ //
+ // Two recent actions, more than specified limit of 2: should get deny
+ //
+ requestAndCheckDecision(requestVfCount1,DENY);
}
@Test
- public void test4MinMax() throws CoderException, FileNotFoundException, IOException {
+ public void test4MinMax() throws CoderException, FileNotFoundException, IOException, XacmlApplicationException {
+ LOGGER.info("**************** Running test4 ****************");
//
// Now load the vDNS min max Policy - make sure
// the pdp can support it and have it load
// Load the policies
//
service.loadPolicies(toscaObject);
- //
- // Ask for a decision - should get permit
- //
- DecisionResponse response = service.makeDecision(requestGuardPermit);
- LOGGER.info("Looking for Permit Decision {}", response);
-
- assertThat(response).isNotNull();
- assertThat(response.getStatus()).isNotNull();
- assertThat(response.getStatus()).isEqualTo("Permit");
- //
- // Dump it out as Json
- //
- LOGGER.info(gson.encode(response));
- //
- // Ask for a decision - should get deny
- //
- response = service.makeDecision(requestGuardDeny);
- LOGGER.info("Looking for Deny Decision {}", response);
- assertThat(response).isNotNull();
- assertThat(response.getStatus()).isNotNull();
- assertThat(response.getStatus()).isEqualTo("Deny");
- //
- // Dump it out as Json
- //
- LOGGER.info(gson.encode(response));
}
+ //
+ // vfcount=1 below min of 2: should get a Deny
+ //
+ requestAndCheckDecision(requestVfCount1, DENY);
+ //
+ // vfcount=3 between min of 2 and max of 5: should get a Permit
+ //
+ requestAndCheckDecision(requestVfCount3, PERMIT);
+ //
+ // vfcount=6 above max of 5: should get a Deny
+ //
+ requestAndCheckDecision(requestVfCount6,DENY);
+ //
+ // Add two entry into operations history DB
+ //
+ insertOperationEvent(requestVfCount1);
+ insertOperationEvent(requestVfCount1);
+ //
+ // vfcount=3 between min of 2 and max of 5, but 2 recent actions is above frequency limit: should get a Deny
+ //
+ requestAndCheckDecision(requestVfCount3, DENY);
+ //
+ // vfcount=6 above max of 5: should get a Deny
+ //
+ requestAndCheckDecision(requestVfCount6, DENY);
}
@Test
- public void test5MissingFields() throws FileNotFoundException, IOException {
- LOGGER.debug("Running test5");
+ public void test5MissingFields() throws FileNotFoundException, IOException, XacmlApplicationException {
+ LOGGER.info("**************** Running test5 ****************");
//
// Most likely we would not get a policy with missing fields passed to
// us from the API. But in case that happens, or we decide that some fields
assertThat(response.getStatus()).isEqualTo("Deny");
}
}
+
+ @SuppressWarnings("unchecked")
+ private void insertOperationEvent(DecisionRequest request) {
+ //
+ // Get the properties
+ //
+ Map<String, Object> properties = (Map<String, Object>) request.getResource().get("guard");
+ assertThat(properties).isNotNull();
+ //
+ // Add an entry
+ //
+ OnapOperationsHistoryDbao newEntry = new OnapOperationsHistoryDbao();
+ newEntry.setActor(properties.get("actor").toString());
+ newEntry.setOperation(properties.get("recipe").toString());
+ newEntry.setClName(properties.get("clname").toString());
+ newEntry.setOutcome("SUCCESS");
+ newEntry.setStarttime(Date.from(Instant.now().minusMillis(20000)));
+ newEntry.setEndtime(Date.from(Instant.now()));
+ newEntry.setRequestId(UUID.randomUUID().toString());
+ newEntry.setTarget(properties.get("target").toString());
+ em.getTransaction().begin();
+ em.persist(newEntry);
+ em.getTransaction().commit();
+ }
+
+ @AfterClass
+ public static void cleanup() throws Exception {
+ em.close();
+ }
}