import com.att.research.xacml.std.annotations.RequestParser;
import com.google.gson.Gson;
-import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
+import java.util.HashMap;
import java.util.Map;
import java.util.Map.Entry;
public class StdMatchableTranslator implements ToscaPolicyTranslator {
private static final Logger LOGGER = LoggerFactory.getLogger(StdMatchableTranslator.class);
+ private static final String POLICY_ID = "policy-id";
public StdMatchableTranslator() {
super();
@Override
public Request convertRequest(DecisionRequest request) {
- LOGGER.debug("Converting Request {}", request);
+ LOGGER.info("Converting Request {}", request);
try {
return RequestParser.parseRequest(StdMatchablePolicyRequest.createInstance(request));
} catch (IllegalArgumentException | IllegalAccessException | DataTypeException e) {
@Override
public DecisionResponse convertResponse(Response xacmlResponse) {
- LOGGER.debug("Converting Response {}", xacmlResponse);
+ LOGGER.info("Converting Response {}", xacmlResponse);
DecisionResponse decisionResponse = new DecisionResponse();
//
+ // Setup policies
+ //
+ decisionResponse.setPolicies(new HashMap<>());
+ //
// Iterate through all the results
//
for (Result xacmlResult : xacmlResponse.getResults()) {
// Check the result
//
if (xacmlResult.getDecision() == Decision.PERMIT) {
- //
- // Setup policies
- //
- decisionResponse.setPolicies(new ArrayList<>());
//
// Go through obligations
//
scanObligations(xacmlResult.getObligations(), decisionResponse);
}
- if (xacmlResult.getDecision() == Decision.NOTAPPLICABLE) {
- //
- // There is no policy
- //
- decisionResponse.setPolicies(new ArrayList<>());
- }
if (xacmlResult.getDecision() == Decision.DENY
|| xacmlResult.getDecision() == Decision.INDETERMINATE) {
//
protected void scanObligations(Collection<Obligation> obligations, DecisionResponse decisionResponse) {
for (Obligation obligation : obligations) {
- LOGGER.debug("Obligation: {}", obligation);
+ LOGGER.info("Obligation: {}", obligation);
for (AttributeAssignment assignment : obligation.getAttributeAssignments()) {
- LOGGER.debug("Attribute Assignment: {}", assignment);
+ LOGGER.info("Attribute Assignment: {}", assignment);
//
// We care about the content attribute
//
// The contents are in Json form
//
Object stringContents = assignment.getAttributeValue().getValue();
- if (LOGGER.isDebugEnabled()) {
- LOGGER.debug("Policy contents: {}{}", System.lineSeparator(), stringContents);
+ if (LOGGER.isInfoEnabled()) {
+ LOGGER.info("Policy contents: {}{}", System.lineSeparator(), stringContents);
}
//
// Let's parse it into a map using Gson
Gson gson = new Gson();
@SuppressWarnings("unchecked")
Map<String, Object> result = gson.fromJson(stringContents.toString() ,Map.class);
- decisionResponse.getPolicies().add(result);
+ //
+ // Find the metadata section
+ //
+ @SuppressWarnings("unchecked")
+ Map<String, Object> metadata = (Map<String, Object>) result.get("metadata");
+ if (metadata != null) {
+ decisionResponse.getPolicies().put(metadata.get(POLICY_ID).toString(), result);
+ } else {
+ LOGGER.error("Missing metadata section in policy contained in obligation.");
+ }
}
}
}
//
// Policy name should be at the root
//
- String policyName = toscaPolicy.getMetadata().get("policy-id");
+ String policyName = toscaPolicy.getMetadata().get(POLICY_ID);
//
// Set it as the policy ID
//
try {
jsonPolicy = coder.encode(toscaPolicy);
} catch (CoderException e) {
- LOGGER.error("Failed to encode policy to json", e);
- throw new ToscaPolicyConversionException(e);
+ throw new ToscaPolicyConversionException("Failed to encode policy to json", e);
}
addObligation(rule, jsonPolicy);
//
*/
protected PolicyType fillMetadataSection(PolicyType policy,
Map<String, String> map) throws ToscaPolicyConversionException {
- if (! map.containsKey("policy-id")) {
+ if (! map.containsKey(POLICY_ID)) {
throw new ToscaPolicyConversionException(policy.getPolicyId() + " missing metadata policy-id");
} else {
//
//
// Add in the Policy Version
//
- policy.setVersion(map.get("policy-version").toString());
+ policy.setVersion(map.get("policy-version"));
}
return policy;
}
// Find policyScope and policyType
//
if (entrySet.getKey().equals("policyScope")) {
- LOGGER.debug("Found policyScope: {}", entrySet.getValue());
+ LOGGER.info("Found policyScope: {}", entrySet.getValue());
if (entrySet.getValue() instanceof Collection) {
targetType.getAnyOf().add(generateMatches((Collection<Object>) entrySet.getValue(),
ToscaDictionary.ID_RESOURCE_POLICY_SCOPE_PROPERTY));
}
}
if (entrySet.getKey().equals("policyType")) {
- LOGGER.debug("Found policyType: {}", entrySet.getValue());
+ LOGGER.info("Found policyType: {}", entrySet.getValue());
if (entrySet.getValue() instanceof Collection) {
targetType.getAnyOf().add(generateMatches((Collection<Object>) entrySet.getValue(),
ToscaDictionary.ID_RESOURCE_POLICY_TYPE_PROPERTY));
//
// Convert the YAML Policy to JSON Object
//
- if (LOGGER.isDebugEnabled()) {
- LOGGER.debug("JSON Optimization Policy {}{}", System.lineSeparator(), jsonPolicy);
+ if (LOGGER.isInfoEnabled()) {
+ LOGGER.info("JSON Optimization Policy {}{}", System.lineSeparator(), jsonPolicy);
}
//
// Create an AttributeValue for it
//
AttributeValueType value = new AttributeValueType();
value.setDataType(ToscaDictionary.ID_OBLIGATION_POLICY_MONITORING_DATATYPE.stringValue());
- value.getContent().add(jsonPolicy.toString());
+ value.getContent().add(jsonPolicy);
//
// Create our AttributeAssignmentExpression where we will
// store the contents of the policy in JSON format.