ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/DecisionPolicy.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * ONAP-PAP-REST
   4  * ================================================================================
   5  * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.onap.policy.pap.xacml.rest.components;
  22
  23 import java.io.ByteArrayInputStream;
  24 import java.io.File;
  25 import java.io.IOException;
  26 import java.net.URI;
  27 import java.net.URISyntaxException;
  28 import java.nio.charset.StandardCharsets;
  29 import java.nio.file.Files;
  30 import java.nio.file.Path;
  31 import java.nio.file.Paths;
  32 import java.util.ArrayList;
  33 import java.util.Arrays;
  34 import java.util.HashMap;
  35 import java.util.LinkedList;
  36 import java.util.List;
  37 import java.util.Map;
  38 import java.util.UUID;
  39
  40 import javax.persistence.EntityManager;
  41 import javax.persistence.Query;
  42
  43 import org.onap.policy.common.logging.eelf.MessageCodes;
  44 import org.onap.policy.common.logging.eelf.PolicyLogger;
  45 import org.onap.policy.common.logging.flexlogger.FlexLogger;
  46 import org.onap.policy.common.logging.flexlogger.Logger;
  47 import org.onap.policy.controlloop.policy.builder.BuilderException;
  48 import org.onap.policy.controlloop.policy.builder.Results;
  49 import org.onap.policy.controlloop.policy.guard.Constraint;
  50 import org.onap.policy.controlloop.policy.guard.ControlLoopGuard;
  51 import org.onap.policy.controlloop.policy.guard.Guard;
  52 import org.onap.policy.controlloop.policy.guard.GuardPolicy;
  53 import org.onap.policy.controlloop.policy.guard.MatchParameters;
  54 import org.onap.policy.controlloop.policy.guard.builder.ControlLoopGuardBuilder;
  55 import org.onap.policy.pap.xacml.rest.XACMLPapServlet;
  56 import org.onap.policy.rest.adapter.PolicyRestAdapter;
  57 import org.onap.policy.rest.dao.CommonClassDao;
  58 import org.onap.policy.rest.jpa.DecisionSettings;
  59 import org.onap.policy.rest.jpa.FunctionDefinition;
  60 import org.onap.policy.utils.PolicyUtils;
  61 import org.onap.policy.xacml.api.XACMLErrorConstants;
  62 import org.onap.policy.xacml.std.pip.engines.aaf.AAFEngine;
  63 import org.onap.policy.xacml.util.XACMLPolicyScanner;
  64
  65 import com.att.research.xacml.api.XACML3;
  66 import com.att.research.xacml.api.pap.PAPException;
  67 import com.att.research.xacml.std.IdentifierImpl;
  68
  69 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AdviceExpressionType;
  70 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AdviceExpressionsType;
  71 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AllOfType;
  72 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AnyOfType;
  73 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ApplyType;
  74 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeAssignmentExpressionType;
  75 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeDesignatorType;
  76 import oasis.names.tc.xacml._3_0.core.schema.wd_17.AttributeValueType;
  77 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ConditionType;
  78 import oasis.names.tc.xacml._3_0.core.schema.wd_17.EffectType;
  79 import oasis.names.tc.xacml._3_0.core.schema.wd_17.MatchType;
  80 import oasis.names.tc.xacml._3_0.core.schema.wd_17.ObjectFactory;
  81 import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType;
  82 import oasis.names.tc.xacml._3_0.core.schema.wd_17.RuleType;
  83 import oasis.names.tc.xacml._3_0.core.schema.wd_17.TargetType;
  84 import oasis.names.tc.xacml._3_0.core.schema.wd_17.VariableDefinitionType;
  85 import oasis.names.tc.xacml._3_0.core.schema.wd_17.VariableReferenceType;
  86
  87 public class DecisionPolicy extends Policy {
  88
  89     private static final Logger LOGGER  = FlexLogger.getLogger(DecisionPolicy.class);
  90
  91     public static final String FUNCTION_NOT = "urn:oasis:names:tc:xacml:1.0:function:not";
  92     private static final String AAFPROVIDER = "AAF";
  93     public static final String GUARD_YAML = "GUARD_YAML";
  94     public static final String GUARD_BL_YAML = "GUARD_BL_YAML";
  95     public static final String RAINY_DAY = "Rainy_Day";
  96     private static final String XACML_GUARD_TEMPLATE = "Decision_GuardPolicyTemplate.xml";
  97     private static final String XACML_BLGUARD_TEMPLATE = "Decision_GuardBLPolicyTemplate.xml";
  98
  99     private static final String ONAPNAME = "ONAPName";
 100     private static final String POLICY_NAME = "PolicyName";
 101     private static final String DESCRIPTION = "description";
 102
 103
 104     List<String> dynamicLabelRuleAlgorithms = new LinkedList<>();
 105     List<String> dynamicFieldComboRuleAlgorithms = new LinkedList<>();
 106     List<String> dynamicFieldOneRuleAlgorithms = new LinkedList<>();
 107     List<String> dynamicFieldTwoRuleAlgorithms = new LinkedList<>();
 108     List<String> dataTypeList = new LinkedList<>();
 109
 110     private CommonClassDao commonClassDao;
 111
 112     public DecisionPolicy() {
 113         super();
 114     }
 115
 116     public DecisionPolicy(PolicyRestAdapter policyAdapter, CommonClassDao commonClassDao){
 117         this.policyAdapter = policyAdapter;
 118         this.commonClassDao = commonClassDao;
 119     }
 120
 121     @Override
 122     public Map<String, String> savePolicies() throws PAPException {
 123
 124         Map<String, String> successMap = new HashMap<>();
 125         if(isPolicyExists()){
 126             successMap.put("EXISTS", "This Policy already exist on the PAP");
 127             return successMap;
 128         }
 129
 130         if(!isPreparedToSave()){
 131             //Prep and configure the policy for saving
 132             prepareToSave();
 133         }
 134
 135         // Until here we prepared the data and here calling the method to create xml.
 136         Path newPolicyPath = null;
 137         newPolicyPath = Paths.get(policyAdapter.getNewFileName());
 138
 139         successMap = createPolicy(newPolicyPath,getCorrectPolicyDataObject());
 140         return successMap;
 141     }
 142
 143     //This is the method for preparing the policy for saving.  We have broken it out
 144     //separately because the fully configured policy is used for multiple things
 145     @Override
 146     public boolean prepareToSave() throws PAPException{
 147
 148         if(isPreparedToSave()){
 149             //we have already done this
 150             return true;
 151         }
 152
 153         int version = 0;
 154         String policyID = policyAdapter.getPolicyID();
 155         version = policyAdapter.getHighestVersion();
 156
 157         // Create the Instance for pojo, PolicyType object is used in marshalling.
 158         if ("Decision".equals(policyAdapter.getPolicyType())) {
 159             PolicyType policyConfig = new PolicyType();
 160
 161             policyConfig.setVersion(Integer.toString(version));
 162             policyConfig.setPolicyId(policyID);
 163             policyConfig.setTarget(new TargetType());
 164             policyAdapter.setData(policyConfig);
 165         }
 166         policyName = policyAdapter.getNewFileName();
 167
 168         if(policyAdapter.getRuleProvider().equals(GUARD_YAML) || policyAdapter.getRuleProvider().equals(GUARD_BL_YAML)){
 169             Map<String, String> yamlParams = new HashMap<>();
 170             String blackListEntryType = policyAdapter.getBlackListEntryType() !=null ? policyAdapter.getBlackListEntryType(): "Use Manual Entry";
 171             String description = policyAdapter.getPolicyDescription() != null? policyAdapter.getPolicyDescription(): "YAML Guard Policy";
 172             yamlParams.put(DESCRIPTION, description + "@blEntry@" + blackListEntryType + "@blEntry@");
 173             String fileName = policyAdapter.getNewFileName();
 174             String name = fileName.substring(fileName.lastIndexOf('\\') + 1, fileName.length());
 175             if ((name == null) || ("".equals(name))) {
 176                 name = fileName.substring(fileName.lastIndexOf('/') + 1, fileName.length());
 177             }
 178             yamlParams.put(POLICY_NAME, name);
 179             yamlParams.put(ONAPNAME, policyAdapter.getOnapName());
 180             Map<String, String> params = policyAdapter.getDynamicFieldConfigAttributes();
 181             yamlParams.putAll(params);
 182             // Call YAML to XACML
 183             try {
 184                 PolicyType decisionPolicy = getGuardPolicy(yamlParams, policyAdapter.getRuleProvider());
 185                 decisionPolicy.setRuleCombiningAlgId(policyAdapter.getRuleCombiningAlgId());
 186                 decisionPolicy.setVersion(Integer.toString(version));
 187                 policyAdapter.setPolicyData(decisionPolicy);
 188                 policyAdapter.setData(decisionPolicy);
 189             } catch (BuilderException e) {
 190                 LOGGER.error(e);
 191                 throw new PAPException(e);
 192             }
 193         }else if (policyAdapter.getData() != null) {
 194             PolicyType decisionPolicy = (PolicyType)  policyAdapter.getData();
 195
 196             decisionPolicy.setDescription(policyAdapter.getPolicyDescription());
 197
 198             decisionPolicy.setRuleCombiningAlgId(policyAdapter.getRuleCombiningAlgId());
 199             AllOfType allOfOne = new AllOfType();
 200             String fileName = policyAdapter.getNewFileName();
 201             String name = fileName.substring(fileName.lastIndexOf('\\') + 1, fileName.length());
 202             if ((name == null) || ("".equals(name))) {
 203                 name = fileName.substring(fileName.lastIndexOf('/') + 1, fileName.length());
 204             }
 205             allOfOne.getMatch().add(createMatch(POLICY_NAME, name));
 206
 207             AllOfType allOf = new AllOfType();
 208
 209             // Match for Onap
 210             allOf.getMatch().add(createMatch(ONAPNAME, (policyAdapter.getOnapName())));
 211
 212             Map<String, String> dynamicFieldComponentAttributes = policyAdapter.getDynamicFieldConfigAttributes();
 213             if(policyAdapter.getRuleProvider()!=null && policyAdapter.getRuleProvider().equals(AAFPROVIDER)){
 214                 dynamicFieldComponentAttributes = new HashMap<>();
 215             }
 216
 217             // If there is any dynamic field attributes create the matches here
 218             for (String keyField : dynamicFieldComponentAttributes.keySet()) {
 219                 String key = keyField;
 220                 String value = dynamicFieldComponentAttributes.get(key);
 221                 MatchType dynamicMatch = createDynamicMatch(key, value);
 222                 allOf.getMatch().add(dynamicMatch);
 223             }
 224
 225             AnyOfType anyOf = new AnyOfType();
 226             anyOf.getAllOf().add(allOfOne);
 227             anyOf.getAllOf().add(allOf);
 228
 229             TargetType target = new TargetType();
 230             target.getAnyOf().add(anyOf);
 231             decisionPolicy.setTarget(target);
 232
 233             Map<String, String> dynamicFieldDecisionSettings = policyAdapter.getDynamicSettingsMap();
 234             if(policyAdapter.getRuleProvider()!=null && (policyAdapter.getRuleProvider().equals(AAFPROVIDER)||
 235                     policyAdapter.getRuleProvider().equals(RAINY_DAY))){
 236                 dynamicFieldDecisionSettings = new HashMap<>();
 237             }
 238
 239             // settings are dynamic so check how many rows are added and add all
 240             for (String keyField : dynamicFieldDecisionSettings.keySet()) {
 241                 String key = keyField;
 242                 String value = dynamicFieldDecisionSettings.get(key);
 243                 String dataType = getDataType(key);
 244                 VariableDefinitionType dynamicVariable = createDynamicVariable(key, value, dataType);
 245                 decisionPolicy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(dynamicVariable);
 246             }
 247
 248             Map<String, String> dynamicFieldTreatmentAttributes = policyAdapter.getRainydayMap();
 249             if(policyAdapter.getRuleProvider().equals(RAINY_DAY)){
 250                 for(String keyField : dynamicFieldTreatmentAttributes.keySet()) {
 251                     String errorcode = keyField;
 252                     String treatment = dynamicFieldTreatmentAttributes.get(errorcode);
 253                     createRainydayRule(decisionPolicy, errorcode, treatment, true);
 254                 }
 255             } else {
 256                 createRule(decisionPolicy, true);
 257                 createRule(decisionPolicy, false);
 258             }
 259
 260         }
 261         setPreparedToSave(true);
 262         return true;
 263     }
 264
 265     public PolicyType getGuardPolicy(Map<String, String> yamlParams, String ruleProvider) throws BuilderException{
 266         try {
 267             ControlLoopGuardBuilder builder = ControlLoopGuardBuilder.Factory.buildControlLoopGuard(new Guard());
 268             MatchParameters matchParameters = new MatchParameters(yamlParams.get("actor"), yamlParams.get("recipe"));
 269             matchParameters.setControlLoopName(yamlParams.get("clname"));
 270             if(yamlParams.containsKey("targets")){
 271                 String targetString = yamlParams.get("targets");
 272                 List<String> targets = null;
 273                 if(targetString!=null && !targetString.isEmpty()){
 274                     if (targetString.contains(",")){
 275                         targets = Arrays.asList(targetString.split(","));
 276                     }
 277                     else{
 278                         targets = new ArrayList<>();
 279                         targets.add(targetString);
 280                     }
 281                 }
 282                 matchParameters.setTargets(targets);
 283             }
 284             GuardPolicy policy1 = new GuardPolicy((policyAdapter.getUuid()!=null? policyAdapter.getUuid(): UUID.randomUUID().toString()) ,yamlParams.get(POLICY_NAME), yamlParams.get(DESCRIPTION), matchParameters);
 285             builder = builder.addGuardPolicy(policy1);
 286             Map<String, String> activeTimeRange = new HashMap<>();
 287             activeTimeRange.put("start", yamlParams.get("guardActiveStart"));
 288             activeTimeRange.put("end", yamlParams.get("guardActiveEnd"));
 289             String blackListString = yamlParams.get("blackList");
 290             List<String> blackList = null;
 291             if(blackListString!=null && !blackListString.trim().isEmpty()){
 292                 if (blackListString.contains(",")){
 293                     blackList = Arrays.asList(blackListString.split(","));
 294                 }
 295                 else{
 296                     blackList = new ArrayList<>();
 297                     blackList.add(blackListString);
 298                 }
 299             }
 300             if(yamlParams.containsKey("appendBlackList")){
 301                 String appendBlackListString = yamlParams.get("appendBlackList");
 302                 List<String> appendBlackList = null;
 303                 if(appendBlackListString!=null && !appendBlackListString.trim().isEmpty()){
 304                     appendBlackList = Arrays.asList(appendBlackListString.split(","));
 305                     for(int i=0; i<appendBlackList.size();i++){
 306                         blackList.remove(appendBlackList.get(i));
 307                     }
 308                 }
 309             }
 310             File templateFile;
 311             Path xacmlTemplatePath;
 312             ClassLoader classLoader = getClass().getClassLoader();
 313             Constraint cons = new Constraint();
 314             switch (ruleProvider){
 315             case GUARD_BL_YAML:
 316                 templateFile = new File(classLoader.getResource(XACML_BLGUARD_TEMPLATE).getFile());
 317                 xacmlTemplatePath = templateFile.toPath();
 318                 cons.setActive_time_range(activeTimeRange);
 319                 if(blackList==null || blackList.isEmpty()){
 320                     throw new BuilderException("blackList is required");
 321                 }
 322                 cons.setBlacklist(blackList);
 323                 break;
 324             default:
 325                 templateFile = new File(classLoader.getResource(XACML_GUARD_TEMPLATE).getFile());
 326                 xacmlTemplatePath = templateFile.toPath();
 327                 Map<String,String> timeWindow = new HashMap<>();
 328                 if(!PolicyUtils.isInteger(yamlParams.get("timeWindow"))){
 329                     throw new BuilderException("time window is not in Integer format.");
 330                 }
 331                 String timeUnits = yamlParams.get("timeUnits");
 332                 if(timeUnits==null || !(timeUnits.equalsIgnoreCase("minute") || timeUnits.equalsIgnoreCase("hour") || timeUnits.equalsIgnoreCase("day")
 333                         || timeUnits.equalsIgnoreCase("week") || timeUnits.equalsIgnoreCase("month")||timeUnits.equalsIgnoreCase("year"))){
 334                     throw new BuilderException("time Units is not in proper format.");
 335                 }
 336                 timeWindow.put("value", yamlParams.get("timeWindow"));
 337                 timeWindow.put("units", yamlParams.get("timeUnits"));
 338                 cons = new Constraint(Integer.parseInt(yamlParams.get("limit")),timeWindow,activeTimeRange);
 339                 break;
 340             }
 341             builder = builder.addLimitConstraint(policy1.getId(), cons);
 342             // Build the specification
 343             Results results = builder.buildSpecification();
 344             // YAML TO XACML
 345             ControlLoopGuard yamlGuardObject = SafePolicyBuilder.loadYamlGuard(results.getSpecification());
 346             String xacmlTemplateContent;
 347             try {
 348                 xacmlTemplateContent = new String(Files.readAllBytes(xacmlTemplatePath));
 349                 HashMap<String, String> yamlSpecs = new HashMap<>();
 350                 yamlSpecs.put(POLICY_NAME, yamlParams.get(POLICY_NAME));
 351                 yamlSpecs.put(DESCRIPTION, yamlParams.get(DESCRIPTION));
 352                 yamlSpecs.put(ONAPNAME, yamlParams.get(ONAPNAME));
 353                 yamlSpecs.put("actor", yamlGuardObject.getGuards().getFirst().getMatch_parameters().getActor());
 354                 yamlSpecs.put("recipe", yamlGuardObject.getGuards().getFirst().getMatch_parameters().getRecipe());
 355                 yamlSpecs.put("clname", yamlGuardObject.getGuards().getFirst().getMatch_parameters().getControlLoopName());
 356                 if(yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getFreq_limit_per_target()!=null){
 357                     yamlSpecs.put("limit", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getFreq_limit_per_target().toString());
 358                 }
 359                 if(yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getTime_window()!=null){
 360                     yamlSpecs.put("twValue", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getTime_window().get("value"));
 361                     yamlSpecs.put("twUnits", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getTime_window().get("units"));
 362                 }
 363                 yamlSpecs.put("guardActiveStart", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getActive_time_range().get("start"));
 364                 yamlSpecs.put("guardActiveEnd", yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getActive_time_range().get("end"));
 365                 String xacmlPolicyContent = SafePolicyBuilder.generateXacmlGuard(xacmlTemplateContent,yamlSpecs, yamlGuardObject.getGuards().getFirst().getLimit_constraints().getFirst().getBlacklist(), yamlGuardObject.getGuards().getFirst().getMatch_parameters().getTargets());
 366                // Convert the  Policy into Stream input to Policy Adapter.
 367                 Object policy = XACMLPolicyScanner.readPolicy(new ByteArrayInputStream(xacmlPolicyContent.getBytes(StandardCharsets.UTF_8)));
 368                 return (PolicyType) policy;
 369             } catch (IOException e) {
 370                 LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error while creating the policy " + e.getMessage() , e);
 371             }
 372         } catch (BuilderException e) {
 373             LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error while creating the policy " + e.getMessage() ,e);
 374             throw e;
 375         }
 376         return null;
 377     }
 378
 379     private DecisionSettings findDecisionSettingsBySettingId(String settingId) {
 380         DecisionSettings decisionSetting = null;
 381
 382         EntityManager em = XACMLPapServlet.getEmf().createEntityManager();
 383         Query getDecisionSettings = em.createNamedQuery("DecisionSettings.findAll");
 384         List<?> decisionSettingsList = getDecisionSettings.getResultList();
 385
 386         for (Object id : decisionSettingsList) {
 387             decisionSetting = (DecisionSettings) id;
 388             if (decisionSetting.getXacmlId().equals(settingId)) {
 389                 break;
 390             }
 391         }
 392         return decisionSetting;
 393     }
 394
 395     private void createRule(PolicyType decisionPolicy, boolean permitRule) {
 396         RuleType rule = new RuleType();
 397
 398         rule.setRuleId(policyAdapter.getRuleID());
 399
 400         if (permitRule) {
 401             rule.setEffect(EffectType.PERMIT);
 402         } else {
 403             rule.setEffect(EffectType.DENY);
 404         }
 405         rule.setTarget(new TargetType());
 406
 407         // Create Target in Rule
 408         AllOfType allOfInRule = new AllOfType();
 409
 410         // Creating match for ACCESS in rule target
 411         MatchType accessMatch = new MatchType();
 412         AttributeValueType accessAttributeValue = new AttributeValueType();
 413         accessAttributeValue.setDataType(STRING_DATATYPE);
 414         accessAttributeValue.getContent().add("DECIDE");
 415         accessMatch.setAttributeValue(accessAttributeValue);
 416         AttributeDesignatorType accessAttributeDesignator = new AttributeDesignatorType();
 417         URI accessURI = null;
 418         try {
 419             accessURI = new URI(ACTION_ID);
 420         } catch (URISyntaxException e) {
 421             PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE, e, "DecisionPolicy", "Exception creating ACCESS URI");
 422         }
 423         accessAttributeDesignator.setCategory(CATEGORY_ACTION);
 424         accessAttributeDesignator.setDataType(STRING_DATATYPE);
 425         accessAttributeDesignator.setAttributeId(new IdentifierImpl(accessURI).stringValue());
 426         accessMatch.setAttributeDesignator(accessAttributeDesignator);
 427         accessMatch.setMatchId(FUNCTION_STRING_EQUAL_IGNORE);
 428
 429         dynamicLabelRuleAlgorithms = policyAdapter.getDynamicRuleAlgorithmLabels();
 430         dynamicFieldComboRuleAlgorithms = policyAdapter.getDynamicRuleAlgorithmCombo();
 431         dynamicFieldOneRuleAlgorithms = policyAdapter.getDynamicRuleAlgorithmField1();
 432         dynamicFieldTwoRuleAlgorithms = policyAdapter.getDynamicRuleAlgorithmField2();
 433
 434         if(policyAdapter.getRuleProvider()!=null && policyAdapter.getRuleProvider().equals(AAFPROVIDER)){
 435             // Values for AAF Provider are here for XML Creation.
 436             ConditionType condition = new ConditionType();
 437             ApplyType decisionApply = new ApplyType();
 438
 439             AttributeValueType value1 = new AttributeValueType();
 440             value1.setDataType(BOOLEAN_DATATYPE);
 441             value1.getContent().add("true");
 442
 443             AttributeDesignatorType value2 = new AttributeDesignatorType();
 444             value2.setAttributeId(AAFEngine.AAF_RESULT);
 445             value2.setCategory(CATEGORY_RESOURCE);
 446             value2.setDataType(BOOLEAN_DATATYPE);
 447             value2.setMustBePresent(false);
 448
 449             ApplyType innerDecisionApply = new ApplyType();
 450             innerDecisionApply.setFunctionId(FUNCTION_BOOLEAN_ONE_AND_ONLY);
 451             innerDecisionApply.getExpression().add(new ObjectFactory().createAttributeDesignator(value2));
 452
 453             decisionApply.setFunctionId(XACML3.ID_FUNCTION_BOOLEAN_EQUAL.stringValue());
 454             decisionApply.getExpression().add(new ObjectFactory().createAttributeValue(value1));
 455             decisionApply.getExpression().add(new ObjectFactory().createApply(innerDecisionApply));
 456             condition.setExpression(new ObjectFactory().createApply(decisionApply));
 457             if (!permitRule) {
 458                 ApplyType notOuterApply = new ApplyType();
 459                 notOuterApply.setFunctionId(FUNCTION_NOT);
 460                 notOuterApply.getExpression().add(condition.getExpression());
 461                 condition.setExpression(new ObjectFactory().createApply(notOuterApply));
 462             }
 463             rule.setCondition(condition);
 464             allOfInRule.getMatch().add(accessMatch);
 465
 466             AnyOfType anyOfInRule = new AnyOfType();
 467             anyOfInRule.getAllOf().add(allOfInRule);
 468
 469             TargetType targetInRule = new TargetType();
 470             targetInRule.getAnyOf().add(anyOfInRule);
 471
 472             rule.setTarget(targetInRule);
 473             if(!permitRule){
 474                 AdviceExpressionsType adviceExpressions = new AdviceExpressionsType();
 475                 AdviceExpressionType adviceExpression = new AdviceExpressionType();
 476                 adviceExpression.setAdviceId(AAFPROVIDER);
 477                 adviceExpression.setAppliesTo(EffectType.DENY);
 478                 AttributeAssignmentExpressionType assignment = new AttributeAssignmentExpressionType();
 479                 assignment.setAttributeId("aaf.response");
 480                 assignment.setCategory(CATEGORY_RESOURCE);
 481                 AttributeDesignatorType value = new AttributeDesignatorType();
 482                 value.setAttributeId(AAFEngine.AAF_RESPONSE);
 483                 value.setCategory(CATEGORY_RESOURCE);
 484                 value.setDataType(STRING_DATATYPE);
 485                 value.setMustBePresent(false);
 486                 assignment.setExpression(new ObjectFactory().createAttributeDesignator(value));
 487                 adviceExpression.getAttributeAssignmentExpression().add(assignment);
 488                 adviceExpressions.getAdviceExpression().add(adviceExpression);
 489                 rule.setAdviceExpressions(adviceExpressions);
 490             }
 491             decisionPolicy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule);
 492             policyAdapter.setPolicyData(decisionPolicy);
 493
 494         }else if (dynamicLabelRuleAlgorithms != null && !dynamicLabelRuleAlgorithms.isEmpty()) {
 495             boolean isCompound = false;
 496             ConditionType condition = new ConditionType();
 497             int index = dynamicFieldOneRuleAlgorithms.size() - 1;
 498
 499             for (String labelAttr : dynamicLabelRuleAlgorithms) {
 500                 // if the rule algorithm as a label means it is a compound
 501                 if (dynamicFieldOneRuleAlgorithms.get(index).equals(labelAttr)) {
 502                     ApplyType decisionApply = new ApplyType();
 503
 504                     String selectedFunction = dynamicFieldComboRuleAlgorithms.get(index);
 505                     String value1 = dynamicFieldOneRuleAlgorithms.get(index);
 506                     String value2 = dynamicFieldTwoRuleAlgorithms.get(index);
 507                     decisionApply.setFunctionId(getFunctionDefinitionId(selectedFunction));
 508                     decisionApply.getExpression().add(new ObjectFactory().createApply(getInnerDecisionApply(value1)));
 509                     decisionApply.getExpression().add(new ObjectFactory().createApply(getInnerDecisionApply(value2)));
 510                     condition.setExpression(new ObjectFactory().createApply(decisionApply));
 511                     isCompound = true;
 512                 }
 513
 514                 // if rule algorithm not a compound
 515                 if (!isCompound) {
 516                     condition.setExpression(new ObjectFactory().createApply(getInnerDecisionApply(dynamicLabelRuleAlgorithms.get(index))));
 517                 }
 518             }
 519             if (!permitRule) {
 520                 ApplyType notOuterApply = new ApplyType();
 521                 notOuterApply.setFunctionId(FUNCTION_NOT);
 522                 notOuterApply.getExpression().add(condition.getExpression());
 523                 condition.setExpression(new ObjectFactory().createApply(notOuterApply));
 524             }
 525             rule.setCondition(condition);
 526             allOfInRule.getMatch().add(accessMatch);
 527
 528             AnyOfType anyOfInRule = new AnyOfType();
 529             anyOfInRule.getAllOf().add(allOfInRule);
 530
 531             TargetType targetInRule = new TargetType();
 532             targetInRule.getAnyOf().add(anyOfInRule);
 533
 534             rule.setTarget(targetInRule);
 535
 536             decisionPolicy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule);
 537             policyAdapter.setPolicyData(decisionPolicy);
 538
 539         } else {
 540             PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + "Unsupported data object."+ policyAdapter.getData().getClass().getCanonicalName());
 541         }
 542
 543     }
 544
 545     private void createRainydayRule(PolicyType decisionPolicy, String errorcode, String treatment, boolean permitRule) {
 546         RuleType rule = new RuleType();
 547
 548         rule.setRuleId(UUID.randomUUID().toString());
 549
 550         if (permitRule) {
 551             rule.setEffect(EffectType.PERMIT);
 552         } else {
 553             rule.setEffect(EffectType.DENY);
 554         }
 555         rule.setTarget(new TargetType());
 556
 557         // Create Target in Rule
 558         AllOfType allOfInRule = new AllOfType();
 559
 560         // Creating match for DECIDE in rule target
 561         MatchType accessMatch = new MatchType();
 562         AttributeValueType accessAttributeValue = new AttributeValueType();
 563         accessAttributeValue.setDataType(STRING_DATATYPE);
 564         accessAttributeValue.getContent().add("DECIDE");
 565         accessMatch.setAttributeValue(accessAttributeValue);
 566         AttributeDesignatorType accessAttributeDesignator = new AttributeDesignatorType();
 567         URI accessURI = null;
 568         try {
 569             accessURI = new URI(ACTION_ID);
 570         } catch (URISyntaxException e) {
 571             PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE, e, "DecisionPolicy", "Exception creating ACCESS URI");
 572         }
 573         accessAttributeDesignator.setCategory(CATEGORY_ACTION);
 574         accessAttributeDesignator.setDataType(STRING_DATATYPE);
 575         accessAttributeDesignator.setAttributeId(new IdentifierImpl(accessURI).stringValue());
 576         accessMatch.setAttributeDesignator(accessAttributeDesignator);
 577         accessMatch.setMatchId(FUNCTION_STRING_EQUAL_IGNORE);
 578
 579         allOfInRule.getMatch().add(accessMatch);
 580
 581         // Creating match for ErrorCode in rule target
 582         MatchType errorcodeMatch = new MatchType();
 583         AttributeValueType errorcodeAttributeValue = new AttributeValueType();
 584         errorcodeAttributeValue.setDataType(STRING_DATATYPE);
 585         errorcodeAttributeValue.getContent().add(errorcode);
 586         errorcodeMatch.setAttributeValue(errorcodeAttributeValue);
 587         AttributeDesignatorType errorcodeAttributeDesignator = new AttributeDesignatorType();
 588         errorcodeAttributeDesignator.setCategory(CATEGORY_RESOURCE);
 589         errorcodeAttributeDesignator.setDataType(STRING_DATATYPE);
 590         errorcodeAttributeDesignator.setAttributeId("ErrorCode");
 591         errorcodeMatch.setAttributeDesignator(errorcodeAttributeDesignator);
 592         errorcodeMatch.setMatchId(FUNCTION_STRING_REGEXP_MATCH);
 593
 594         allOfInRule.getMatch().add(errorcodeMatch);
 595
 596         AnyOfType anyOfInRule = new AnyOfType();
 597         anyOfInRule.getAllOf().add(allOfInRule);
 598
 599         TargetType targetInRule = new TargetType();
 600         targetInRule.getAnyOf().add(anyOfInRule);
 601
 602         rule.setTarget(targetInRule);
 603
 604         AdviceExpressionsType adviceExpressions = new AdviceExpressionsType();
 605         AdviceExpressionType adviceExpression = new AdviceExpressionType();
 606         adviceExpression.setAdviceId(RAINY_DAY);
 607         adviceExpression.setAppliesTo(EffectType.PERMIT);
 608
 609         AttributeAssignmentExpressionType assignment = new AttributeAssignmentExpressionType();
 610         assignment.setAttributeId("treatment");
 611         assignment.setCategory(CATEGORY_RESOURCE);
 612
 613         AttributeValueType treatmentAttributeValue = new AttributeValueType();
 614         treatmentAttributeValue.setDataType(STRING_DATATYPE);
 615         treatmentAttributeValue.getContent().add(treatment);
 616         assignment.setExpression(new ObjectFactory().createAttributeValue(treatmentAttributeValue));
 617
 618         adviceExpression.getAttributeAssignmentExpression().add(assignment);
 619         adviceExpressions.getAdviceExpression().add(adviceExpression);
 620         rule.setAdviceExpressions(adviceExpressions);
 621         decisionPolicy.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(rule);
 622         policyAdapter.setPolicyData(decisionPolicy);
 623
 624     }
 625
 626     // if compound setting the inner apply here
 627     protected ApplyType getInnerDecisionApply(String value1Label) {
 628         ApplyType decisionApply = new ApplyType();
 629         int index = 0;
 630         // check the index for the label.
 631         for (String labelAttr : dynamicLabelRuleAlgorithms) {
 632             if (labelAttr.equals(value1Label)) {
 633                 String value1 = dynamicFieldOneRuleAlgorithms.get(index);
 634                 populateDataTypeList(value1);
 635
 636                 // check if the row contains label again
 637                 for (String labelValue : dynamicLabelRuleAlgorithms) {
 638                     if (labelValue.equals(value1)) {
 639                         return getCompoundDecisionApply(index);
 640                     }
 641                 }
 642
 643                 // Getting the values from the form.
 644                 String functionKey = dynamicFieldComboRuleAlgorithms.get(index);
 645                 String value2 = dynamicFieldTwoRuleAlgorithms.get(index);
 646                 decisionApply.setFunctionId(getFunctionDefinitionId(functionKey));
 647                 // if two text field are rule attributes.
 648                 if ((value1.contains(RULE_VARIABLE)) && (value2.contains(RULE_VARIABLE))) {
 649                     ApplyType innerDecisionApply1 = new ApplyType();
 650                     ApplyType   innerDecisionApply2      = new  ApplyType();
 651                     AttributeDesignatorType  attributeDesignator1         = new AttributeDesignatorType();
 652                     AttributeDesignatorType  attributeDesignator2         = new AttributeDesignatorType();
 653                     //If selected function is Integer function set integer functionID
 654                     if(functionKey.toLowerCase().contains("integer")){
 655                         innerDecisionApply1.setFunctionId(FUNTION_INTEGER_ONE_AND_ONLY );
 656                         innerDecisionApply2.setFunctionId(FUNTION_INTEGER_ONE_AND_ONLY);
 657                         attributeDesignator1.setDataType(INTEGER_DATATYPE);
 658                         attributeDesignator2.setDataType(INTEGER_DATATYPE);
 659                     } else{
 660                         //If selected function is not a Integer function set String functionID
 661                         innerDecisionApply1.setFunctionId(FUNCTION_STRING_ONE_AND_ONLY);
 662                         innerDecisionApply2.setFunctionId(FUNCTION_STRING_ONE_AND_ONLY);
 663                         attributeDesignator1.setDataType(STRING_DATATYPE);
 664                         attributeDesignator2.setDataType(STRING_DATATYPE);
 665                     }
 666                     attributeDesignator1.setCategory(CATEGORY_RESOURCE);
 667                     attributeDesignator2.setCategory(CATEGORY_RESOURCE);
 668                     //Here set actual field values
 669                     attributeDesignator1.setAttributeId(value1.  contains("resource:")?value1.substring( 9):value1.substring(8));
 670                     attributeDesignator2.setAttributeId(value1.  contains("resource:")?value1.substring( 9):value1.substring(8));
 671                     innerDecisionApply1.getExpression().add(new ObjectFactory().createAttributeDesignator( attributeDesignator1));
 672                     innerDecisionApply2.getExpression().add(new ObjectFactory().createAttributeDesignator( attributeDesignator2));
 673                     decisionApply.getExpression().add(new ObjectFactory().createApply(innerDecisionApply1));
 674                     decisionApply.getExpression().add(new ObjectFactory().createApply(innerDecisionApply2));
 675                 } else {
 676                     // if either of one text field is rule attribute.
 677                     if (!value1.startsWith("S_")) {
 678                         ApplyType innerDecisionApply = new ApplyType();
 679                         AttributeDesignatorType attributeDesignator = new AttributeDesignatorType();
 680                         AttributeValueType decisionConditionAttributeValue = new AttributeValueType();
 681
 682                         if (functionKey.toLowerCase().contains("integer")) {
 683                             innerDecisionApply.setFunctionId(FUNTION_INTEGER_ONE_AND_ONLY);
 684                             decisionConditionAttributeValue.setDataType(INTEGER_DATATYPE);
 685                             attributeDesignator.setDataType(INTEGER_DATATYPE);
 686                         } else {
 687                             innerDecisionApply.setFunctionId(FUNCTION_STRING_ONE_AND_ONLY);
 688                             decisionConditionAttributeValue.setDataType(STRING_DATATYPE);
 689                             attributeDesignator.setDataType(STRING_DATATYPE);
 690                         }
 691
 692                         String attributeId = null;
 693                         String attributeValue = null;
 694
 695                         // Find which textField has rule attribute and set it as
 696                         // attributeId and the other as attributeValue.
 697                         attributeId = value1;
 698                         attributeValue = value2;
 699
 700                         if (attributeId != null) {
 701                             attributeDesignator.setCategory(CATEGORY_RESOURCE);
 702                             attributeDesignator.setAttributeId(attributeId);
 703                         }
 704                         decisionConditionAttributeValue.getContent().add(attributeValue);
 705                         innerDecisionApply.getExpression().add(new ObjectFactory().createAttributeDesignator(attributeDesignator));
 706                         decisionApply.getExpression().add(new ObjectFactory().createAttributeValue(decisionConditionAttributeValue));
 707                         decisionApply.getExpression().add(new ObjectFactory().createApply(innerDecisionApply));
 708                     } else {
 709                         value1 = value1.substring(2, value1.length());
 710                         VariableReferenceType variableReferenceType = new VariableReferenceType();
 711                         variableReferenceType.setVariableId(value1);
 712
 713                         String dataType = dataTypeList.get(index);
 714
 715                         AttributeValueType decisionConditionAttributeValue = new AttributeValueType();
 716                         decisionConditionAttributeValue.setDataType(dataType);
 717                         decisionConditionAttributeValue.getContent().add(value2);
 718                         decisionApply.getExpression().add(new ObjectFactory().createVariableReference(variableReferenceType));
 719                         decisionApply.getExpression().add(new ObjectFactory().createAttributeValue(decisionConditionAttributeValue));
 720                     }
 721                 }
 722             }
 723             index++;
 724         }
 725         return decisionApply;
 726     }
 727
 728     // if the rule algorithm is multiple compound one setting the apply
 729     protected ApplyType getCompoundDecisionApply(int index) {
 730         ApplyType decisionApply = new ApplyType();
 731         String selectedFunction = dynamicFieldComboRuleAlgorithms.get(index);
 732         String value1 = dynamicFieldOneRuleAlgorithms.get(index);
 733         String value2 = dynamicFieldTwoRuleAlgorithms.get(index);
 734         decisionApply.setFunctionId(getFunctionDefinitionId(selectedFunction));
 735         decisionApply.getExpression().add(new ObjectFactory().createApply(getInnerDecisionApply(value1)));
 736         decisionApply.getExpression().add(new ObjectFactory().createApply(getInnerDecisionApply(value2)));
 737         return decisionApply;
 738     }
 739
 740     private VariableDefinitionType createDynamicVariable(String key, String value, String dataType) {
 741         VariableDefinitionType dynamicVariable = new VariableDefinitionType();
 742         AttributeValueType dynamicAttributeValue = new AttributeValueType();
 743
 744         dynamicAttributeValue.setDataType(dataType);
 745         dynamicAttributeValue.getContent().add(value);
 746
 747         dynamicVariable.setVariableId(key);
 748         dynamicVariable.setExpression(new ObjectFactory().createAttributeValue(dynamicAttributeValue));
 749
 750         return dynamicVariable;
 751
 752     }
 753
 754     private void populateDataTypeList(String value1) {
 755         String dataType = null;
 756         if(value1.contains("S_")) {
 757             value1 = value1.substring(2, value1.length());
 758             DecisionSettings decisionSettings = findDecisionSettingsBySettingId(value1.substring(2, value1.length()));
 759             if (decisionSettings != null && "string".equals(decisionSettings.getDatatypeBean().getShortName())) {
 760                 dataType = STRING_DATATYPE;
 761             } else if (decisionSettings != null && "boolean".equals(decisionSettings.getDatatypeBean().getShortName())) {
 762                 dataType = BOOLEAN_DATATYPE;
 763             } else {
 764                 dataType = INTEGER_DATATYPE;
 765             }
 766         } else {
 767             dataType = "OTHER";
 768         }
 769
 770         dataTypeList.add(dataType);
 771     }
 772
 773
 774     private String getDataType(String key) {
 775
 776         DecisionSettings decisionSettings = findDecisionSettingsBySettingId(key);
 777         String dataType = null;
 778
 779         if (decisionSettings != null && "string".equals(decisionSettings.getDatatypeBean().getShortName())) {
 780             dataType = STRING_DATATYPE;
 781         } else if (decisionSettings != null && "boolean".equals(decisionSettings.getDatatypeBean().getShortName())) {
 782             dataType = BOOLEAN_DATATYPE;
 783         } else {
 784             dataType = INTEGER_DATATYPE;
 785         }
 786
 787         return dataType;
 788     }
 789
 790     @Override
 791     public Object getCorrectPolicyDataObject() {
 792         return policyAdapter.getData();
 793     }
 794
 795     public String getFunctionDefinitionId(String key){
 796         FunctionDefinition object = (FunctionDefinition) commonClassDao.getDataById(FunctionDefinition.class, "shortname", key);
 797         if(object != null){
 798             return object.getXacmlid();
 799         }
 800         return null;
 801     }
 802
 803 }