Final blacklist fix for multiple entries

The last change wasn't quite right, this has multiple AndOf's under
a single AnyOf. Multiple AnyOf's are treated as AND's, but what we
really want is a set of OR's.

Issue-ID: POLICY-2490
Change-Id: I7336643302ccf7982c91a9c082d17bcf0adb4ac8
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>

diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
index 854f326..8699fec 100644 (file)
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
@@ -492,13 +492,13 @@ public class GuardTranslator implements ToscaPolicyTranslator {
         // treated as an OR.
         //
         TargetType target = new TargetType();
+        AnyOfType anyOf = new AnyOfType();
         for (Object blacklisted : ((Collection<?>) arrayBlacklisted)) {
             AllOfType allOf = new AllOfType();
             this.addMatch(allOf, blacklisted, ToscaDictionary.ID_RESOURCE_GUARD_TARGETID);
-            AnyOfType anyOf = new AnyOfType();
             anyOf.getAllOf().add(allOf);
-            target.getAnyOf().add(anyOf);
         }
+        target.getAnyOf().add(anyOf);
         //
         // Create our rule and add the target
         //

diff --git a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java
index ac45cf3..f5392cf 100644 (file)
--- a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java
+++ b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardPdpApplicationTest.java
@@ -341,6 +341,15 @@ public class GuardPdpApplicationTest {
         // vfcount=0 below min of 1: should get a Deny because target IS blacklisted
         //
         requestAndCheckDecision(requestVfCount, DENY);
+        //
+        // vfcount=1 between min of 1 and max of 2: change the
+        //
+        ((Map<String, Object>) requestVfCount.getResource().get("guard")).put("target",
+                "another-vfmodule-where-root-is-true");
+        //
+        // vfcount=0 below min of 1: should get a Deny because target IS blacklisted
+        //
+        requestAndCheckDecision(requestVfCount, DENY);
     }
 
     @SuppressWarnings("unchecked")

diff --git a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java
index a48e3c9..d5dd16b 100644 (file)
--- a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java
+++ b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java
@@ -301,7 +301,7 @@ public class GuardTranslatorTest {
                 continue;
             }
             assertThat(((RuleType) rule).getTarget()).isNotNull();
-            assertThat(((RuleType) rule).getTarget().getAnyOf()).hasSize(2);
+            assertThat(((RuleType) rule).getTarget().getAnyOf()).hasSize(1);
             for (AnyOfType anyOf : ((RuleType)rule).getTarget().getAnyOf()) {
                 assertThat(anyOf.getAllOf()).isNotEmpty();
                 for (AllOfType allOf : anyOf.getAllOf()) {