Fix blacklist translator and vs or

The blacklist entries should be treated as an or (AnyOf) vs
an and (AllOf).

Issue-ID: POLICY-2490
Change-Id: Id4eb823e18c59d84d4ca28b13f6a09794d36365f
Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>

diff --git a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
index 1e4333e..854f326 100644 (file)
--- a/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
+++ b/applications/guard/src/main/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslator.java
@@ -480,9 +480,25 @@ public class GuardTranslator implements ToscaPolicyTranslator {
         if (! toscaPolicy.getProperties().containsKey(FIELD_BLACKLIST)) {
             throw new ToscaPolicyConversionException("Missing blacklist field");
         }
-        final AllOfType allOf = new AllOfType();
-        this.addMatch(allOf, toscaPolicy.getProperties().get(FIELD_BLACKLIST),
-                ToscaDictionary.ID_RESOURCE_GUARD_TARGETID);
+        //
+        // Get the blacklist, which should be an array or collection.
+        //
+        Object arrayBlacklisted = toscaPolicy.getProperties().get(FIELD_BLACKLIST);
+        if (!(arrayBlacklisted instanceof Collection)) {
+            throw new ToscaPolicyConversionException("Blacklist is not a collection");
+        }
+        //
+        // Iterate the entries and create individual AnyOf so each entry is
+        // treated as an OR.
+        //
+        TargetType target = new TargetType();
+        for (Object blacklisted : ((Collection<?>) arrayBlacklisted)) {
+            AllOfType allOf = new AllOfType();
+            this.addMatch(allOf, blacklisted, ToscaDictionary.ID_RESOURCE_GUARD_TARGETID);
+            AnyOfType anyOf = new AnyOfType();
+            anyOf.getAllOf().add(allOf);
+            target.getAnyOf().add(anyOf);
+        }
         //
         // Create our rule and add the target
         //
@@ -490,10 +506,6 @@ public class GuardTranslator implements ToscaPolicyTranslator {
         blacklistRule.setEffect(EffectType.DENY);
         blacklistRule.setDescription("blacklist the entities");
         blacklistRule.setRuleId(policyName + ":blacklist");
-        TargetType target = new TargetType();
-        AnyOfType anyOf = new AnyOfType();
-        anyOf.getAllOf().add(allOf);
-        target.getAnyOf().add(anyOf);
         blacklistRule.setTarget(target);
         //
         // Add the rule to the policy

diff --git a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java
index c785a50..a48e3c9 100644 (file)
--- a/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java
+++ b/applications/guard/src/test/java/org/onap/policy/xacml/pdp/application/guard/GuardTranslatorTest.java
@@ -300,16 +300,22 @@ public class GuardTranslatorTest {
             if (! (rule instanceof RuleType)) {
                 continue;
             }
+            assertThat(((RuleType) rule).getTarget()).isNotNull();
+            assertThat(((RuleType) rule).getTarget().getAnyOf()).hasSize(2);
             for (AnyOfType anyOf : ((RuleType)rule).getTarget().getAnyOf()) {
                 assertThat(anyOf.getAllOf()).isNotEmpty();
                 for (AllOfType allOf : anyOf.getAllOf()) {
                     assertThat(allOf.getMatch()).isNotEmpty();
+                    assertThat(allOf.getMatch()).hasSize(1);
                     for (MatchType match : allOf.getMatch()) {
-                        if (ToscaDictionary.ID_RESOURCE_GUARD_TARGETID.toString().equals(
-                                match.getAttributeDesignator().getAttributeId())) {
-                            assertThat(policy.getProperties()).containsKey(GuardTranslator.FIELD_BLACKLIST);
-                            foundBlacklist = true;
-                        }
+                        assertThat(match.getAttributeDesignator().getAttributeId())
+                                .isEqualTo(ToscaDictionary.ID_RESOURCE_GUARD_TARGETID.toString());
+                        assertThat(match.getAttributeValue().getContent()).containsAnyOf("vnf1", "vnf2");
+                        //
+                        // This just checks that policy did have a blacklist in it.
+                        //
+                        assertThat(policy.getProperties()).containsKey(GuardTranslator.FIELD_BLACKLIST);
+                        foundBlacklist = true;
                     }
                 }
             }