Thanks to visit codestin.com
Credit goes to github.com

Skip to content

US77587: Added attribute reader factory and connector to arbitrary attribute store #91

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sanjeevchopra merged 1 commit into from
Feb 28, 2017
Merged

US77587: Added attribute reader factory and connector to arbitrary attribute store #91

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions service/src/main/java/com/ge/predix/acs/attribute/connectors/ResourceAttributeConnector.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
package com.ge.predix.acs.attribute.connectors;

import java.util.Collections;
import java.util.Set;

import com.ge.predix.acs.attribute.readers.ResourceAttributeReader;
import com.ge.predix.acs.model.Attribute;

public class ResourceAttributeConnector implements ResourceAttributeReader {
@Override
public Set<Attribute> getAttributes(final String identifier) {
return Collections.emptySet();
}
}
19 changes: 19 additions & 0 deletions service/src/main/java/com/ge/predix/acs/attribute/connectors/SubjectAttributeConnector.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package com.ge.predix.acs.attribute.connectors;

import java.util.Collections;
import java.util.Set;

import com.ge.predix.acs.attribute.readers.SubjectAttributeReader;
import com.ge.predix.acs.model.Attribute;

public class SubjectAttributeConnector implements SubjectAttributeReader {
@Override
public Set<Attribute> getAttributes(final String identifier) {
return Collections.emptySet();
}

@Override
public Set<Attribute> getAttributesByScope(final String identifier, final Set<Attribute> scopes) {
return Collections.emptySet();
}
}
2 changes: 1 addition & 1 deletion ...attribute/connectors/AttributeReader.java → ...cs/attribute/readers/AttributeReader.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.ge.predix.acs.attribute.connectors;
package com.ge.predix.acs.attribute.readers;

import java.util.Set;

Expand Down
20 changes: 20 additions & 0 deletions service/src/main/java/com/ge/predix/acs/attribute/readers/AttributeReaderFactory.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
package com.ge.predix.acs.attribute.readers;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
public class AttributeReaderFactory {
@Autowired
private ResourceAttributeReader resourceAttributeReader;
@Autowired
private SubjectAttributeReader subjectAttributeReader;

public ResourceAttributeReader getResourceAttributeReader() {
return this.resourceAttributeReader;
}

public SubjectAttributeReader getSubjectAttributeReader() {
return this.subjectAttributeReader;
}
}
4 changes: 2 additions & 2 deletions ...ctors/DefaultResourceAttributeReader.java → ...vilegeServiceResourceAttributeReader.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.ge.predix.acs.attribute.connectors;
package com.ge.predix.acs.attribute.readers;

import java.util.Collections;
import java.util.HashSet;
Expand All @@ -12,7 +12,7 @@
import com.ge.predix.acs.rest.BaseResource;

@Component
public class DefaultResourceAttributeReader implements AttributeReader {
public class PrivilegeServiceResourceAttributeReader implements ResourceAttributeReader {
@Autowired
private PrivilegeManagementService privilegeManagementService;

Expand Down
4 changes: 2 additions & 2 deletions ...ectors/DefaultSubjectAttributeReader.java → ...ivilegeServiceSubjectAttributeReader.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.ge.predix.acs.attribute.connectors;
package com.ge.predix.acs.attribute.readers;

import java.util.Collections;
import java.util.HashSet;
Expand All @@ -12,7 +12,7 @@
import com.ge.predix.acs.rest.BaseSubject;

@Component
public class DefaultSubjectAttributeReader implements SubjectAttributeReader {
public class PrivilegeServiceSubjectAttributeReader implements SubjectAttributeReader {
@Autowired
private PrivilegeManagementService privilegeManagementService;

Expand Down
5 changes: 5 additions & 0 deletions service/src/main/java/com/ge/predix/acs/attribute/readers/ResourceAttributeReader.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
package com.ge.predix.acs.attribute.readers;

//tagging interface to create explicit type for ResourceAttributeReader
public interface ResourceAttributeReader extends AttributeReader {
}
2 changes: 1 addition & 1 deletion ...te/connectors/SubjectAttributeReader.java → ...ibute/readers/SubjectAttributeReader.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.ge.predix.acs.attribute.connectors;
package com.ge.predix.acs.attribute.readers;

import java.util.Set;

Expand Down
8 changes: 4 additions & 4 deletions .../src/main/java/com/ge/predix/acs/service/policy/evaluation/ResourceAttributeResolver.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
import org.apache.commons.lang.StringUtils;
import org.springframework.web.util.UriTemplate;

import com.ge.predix.acs.attribute.connectors.AttributeReader;
import com.ge.predix.acs.attribute.readers.ResourceAttributeReader;
import com.ge.predix.acs.model.Attribute;
import com.ge.predix.acs.model.Policy;
import com.ge.predix.acs.service.policy.matcher.UriTemplateVariableResolver;
Expand All @@ -34,7 +34,7 @@ public class ResourceAttributeResolver {
private static final String ATTRIBUTE_URI_TEMPLATE_VARIABLE = "attribute_uri";

private final Map<String, Set<Attribute>> resourceAttributeMap = new HashMap<>();
private final AttributeReader resourceAttributeReader;
private final ResourceAttributeReader resourceAttributeReader;
private final Set<Attribute> supplementalResourceAttributes;
private final String requestResourceUri;
private final UriTemplateVariableResolver uriTemplateVariableResolver = new UriTemplateVariableResolver();
Expand All @@ -43,8 +43,8 @@ public class ResourceAttributeResolver {
* @param requestResourceUri
* URI of the resource from the policy evaluation request
*/
public ResourceAttributeResolver(final AttributeReader resourceAttributeReader, final String requestResourceUri,
final Set<Attribute> supplementalResourceAttributes) {
public ResourceAttributeResolver(final ResourceAttributeReader resourceAttributeReader,
final String requestResourceUri, final Set<Attribute> supplementalResourceAttributes) {
this.resourceAttributeReader = resourceAttributeReader;
this.requestResourceUri = requestResourceUri;
if (null == supplementalResourceAttributes) {
Expand Down
2 changes: 1 addition & 1 deletion ...e/src/main/java/com/ge/predix/acs/service/policy/evaluation/SubjectAttributeResolver.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
import java.util.Map;
import java.util.Set;

import com.ge.predix.acs.attribute.connectors.SubjectAttributeReader;
import com.ge.predix.acs.attribute.readers.SubjectAttributeReader;
import com.ge.predix.acs.model.Attribute;

public class SubjectAttributeResolver {
Expand Down
15 changes: 6 additions & 9 deletions service/src/main/java/com/ge/predix/acs/service/policy/matcher/PolicyMatcherImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import com.ge.predix.acs.attribute.connectors.DefaultResourceAttributeReader;
import com.ge.predix.acs.attribute.connectors.DefaultSubjectAttributeReader;
import com.ge.predix.acs.attribute.readers.AttributeReaderFactory;
import com.ge.predix.acs.commons.web.UriTemplateUtils;
import com.ge.predix.acs.model.Attribute;
import com.ge.predix.acs.model.Policy;
Expand All @@ -48,10 +47,7 @@ public class PolicyMatcherImpl implements PolicyMatcher {
private static final Logger LOGGER = LoggerFactory.getLogger(PolicyMatcherImpl.class);

@Autowired
private DefaultResourceAttributeReader resourceAttributeReader;

@Autowired
private DefaultSubjectAttributeReader subjectAttributeReader;
private AttributeReaderFactory attributeReaderFactory;

@Override
public List<MatchedPolicy> match(final PolicyMatchCandidate candidate, final List<Policy> policies) {
Expand All @@ -61,10 +57,11 @@ public List<MatchedPolicy> match(final PolicyMatchCandidate candidate, final Lis
@Override
public MatchResult matchForResult(final PolicyMatchCandidate candidate, final List<Policy> policies) {
ResourceAttributeResolver resourceAttributeResolver = new ResourceAttributeResolver(
this.resourceAttributeReader, candidate.getResourceURI(),
this.attributeReaderFactory.getResourceAttributeReader(), candidate.getResourceURI(),
candidate.getSupplementalResourceAttributes());
SubjectAttributeResolver subjectAttributeResolver = new SubjectAttributeResolver(this.subjectAttributeReader,
candidate.getSubjectIdentifier(), candidate.getSupplementalSubjectAttributes());
SubjectAttributeResolver subjectAttributeResolver = new SubjectAttributeResolver(
this.attributeReaderFactory.getSubjectAttributeReader(), candidate.getSubjectIdentifier(),
candidate.getSupplementalSubjectAttributes());

List<MatchedPolicy> matchedPolicies = new ArrayList<>();
Set<String> resolvedResourceUris = new HashSet<>();
Expand Down
3 changes: 2 additions & 1 deletion .../test/java/com/ge/predix/acs/attribute/connectors/DefaultResourceAttributeReaderTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

import com.ge.predix.acs.attribute.readers.PrivilegeServiceResourceAttributeReader;
import com.ge.predix.acs.model.Attribute;
import com.ge.predix.acs.privilege.management.PrivilegeManagementService;
import com.ge.predix.acs.rest.BaseResource;
Expand All @@ -25,7 +26,7 @@ public class DefaultResourceAttributeReaderTest {

@Autowired
@InjectMocks
private DefaultResourceAttributeReader defaultResourceAttributeReader;
private PrivilegeServiceResourceAttributeReader defaultResourceAttributeReader;

@BeforeMethod
public void beforeMethod() {
Expand Down
3 changes: 2 additions & 1 deletion ...c/test/java/com/ge/predix/acs/attribute/connectors/DefaultSubjectAttributeReaderTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

import com.ge.predix.acs.attribute.readers.PrivilegeServiceSubjectAttributeReader;
import com.ge.predix.acs.model.Attribute;
import com.ge.predix.acs.privilege.management.PrivilegeManagementService;
import com.ge.predix.acs.rest.BaseSubject;
Expand All @@ -27,7 +28,7 @@ public class DefaultSubjectAttributeReaderTest {

@Autowired
@InjectMocks
private DefaultSubjectAttributeReader defaultSubjectAttributeReader;
private PrivilegeServiceSubjectAttributeReader defaultSubjectAttributeReader;

@BeforeMethod
public void beforeMethod() {
Expand Down
122 changes: 122 additions & 0 deletions ...m/ge/predix/acs/service/policy/evaluation/PolicyEvaluationWithAttributeConnectorTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,122 @@
package com.ge.predix.acs.service.policy.evaluation;

import static org.mockito.Matchers.any;
import static org.mockito.Matchers.anySetOf;
import static org.mockito.Matchers.anyString;
import static org.mockito.Mockito.when;

import java.io.File;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;

import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
import org.mockito.internal.util.reflection.Whitebox;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.testng.AbstractTestNGSpringContextTests;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.ge.predix.acs.PolicyContextResolver;
import com.ge.predix.acs.attribute.connectors.ResourceAttributeConnector;
import com.ge.predix.acs.attribute.connectors.SubjectAttributeConnector;
import com.ge.predix.acs.attribute.readers.AttributeReaderFactory;
import com.ge.predix.acs.commons.policy.condition.groovy.GroovyConditionCache;
import com.ge.predix.acs.model.Attribute;
import com.ge.predix.acs.model.Effect;
import com.ge.predix.acs.model.PolicySet;
import com.ge.predix.acs.policy.evaluation.cache.PolicyEvaluationCacheCircuitBreaker;
import com.ge.predix.acs.policy.evaluation.cache.PolicyEvaluationRequestCacheKey;
import com.ge.predix.acs.rest.BaseResource;
import com.ge.predix.acs.rest.BaseSubject;
import com.ge.predix.acs.rest.PolicyEvaluationRequestV1;
import com.ge.predix.acs.rest.PolicyEvaluationResult;
import com.ge.predix.acs.service.policy.admin.PolicyManagementService;
import com.ge.predix.acs.service.policy.matcher.PolicyMatcherImpl;
import com.ge.predix.acs.service.policy.validation.PolicySetValidator;
import com.ge.predix.acs.service.policy.validation.PolicySetValidatorImpl;
import com.ge.predix.acs.zone.management.dao.ZoneEntity;
import com.ge.predix.acs.zone.resolver.ZoneResolver;

@ContextConfiguration(classes = { GroovyConditionCache.class, PolicySetValidatorImpl.class })
public class PolicyEvaluationWithAttributeConnectorTest extends AbstractTestNGSpringContextTests {
@InjectMocks
private PolicyEvaluationServiceImpl evaluationService;
@Mock
private PolicyManagementService policyService;
@Mock
private PolicyContextResolver policyScopeResolver;
@Mock
private ZoneResolver zoneResolver;
@Mock
private PolicyEvaluationCacheCircuitBreaker cache;
@Mock
private AttributeReaderFactory attributeReaderFactory;
@Mock
private ResourceAttributeConnector resourceAttributeConnector;
@Mock
private SubjectAttributeConnector subjectAttributeConnector;
@Autowired
private PolicySetValidator policySetValidator;

private final PolicyMatcherImpl policyMatcher = new PolicyMatcherImpl();

@BeforeClass
public void setupClass() {
((PolicySetValidatorImpl) this.policySetValidator)
.setValidAcsPolicyHttpActions("GET, POST, PUT, DELETE, PATCH");
((PolicySetValidatorImpl) this.policySetValidator).init();
}

@BeforeMethod
public void setupMethod() throws Exception {
this.evaluationService = new PolicyEvaluationServiceImpl();
MockitoAnnotations.initMocks(this);
Whitebox.setInternalState(this.policyMatcher, "attributeReaderFactory", this.attributeReaderFactory);
Whitebox.setInternalState(this.evaluationService, "policyMatcher", this.policyMatcher);
Whitebox.setInternalState(this.evaluationService, "policySetValidator", this.policySetValidator);
when(this.zoneResolver.getZoneEntityOrFail()).thenReturn(new ZoneEntity(0L, "testzone"));
when(this.cache.get(any(PolicyEvaluationRequestCacheKey.class))).thenReturn(null);
}

@Test
public void testPolicyEvaluation() throws Exception {
PolicySet policySet = new ObjectMapper().readValue(
new File("src/test/resources/policy-set-with-one-policy-one-condition-using-res-attributes.json"),
PolicySet.class);
when(this.policyService.getAllPolicySets()).thenReturn(Arrays.asList(policySet));

Set<Attribute> resourceAttributes = new HashSet<>();
resourceAttributes.add(new Attribute("https://acs.attributes.int", "location", "sanramon"));
resourceAttributes.add(new Attribute("https://acs.attributes.int", "role_required", "admin"));
BaseResource testResource = new BaseResource("/sites/1234", resourceAttributes);

Set<Attribute> subjectAttributes = new HashSet<>();
subjectAttributes.add(new Attribute("https://acs.attributes.int", "role", "admin"));
BaseSubject testSubject = new BaseSubject("test-subject", subjectAttributes);

when(this.attributeReaderFactory.getResourceAttributeReader()).thenReturn(this.resourceAttributeConnector);
when(this.resourceAttributeConnector.getAttributes(anyString())).thenReturn(testResource.getAttributes());
when(this.attributeReaderFactory.getSubjectAttributeReader()).thenReturn(this.subjectAttributeConnector);
when(this.subjectAttributeConnector.getAttributesByScope(anyString(), anySetOf(Attribute.class)))
.thenReturn(testSubject.getAttributes());

PolicyEvaluationResult evalResult = this.evaluationService.evalPolicy(
createRequest(testResource.getResourceIdentifier(), testSubject.getSubjectIdentifier(), "GET"));
Assert.assertEquals(evalResult.getEffect(), Effect.PERMIT);
}

private PolicyEvaluationRequestV1 createRequest(final String resource, final String subject, final String action) {
PolicyEvaluationRequestV1 request = new PolicyEvaluationRequestV1();
request.setAction(action);
request.setSubjectIdentifier(subject);
request.setResourceIdentifier(resource);
return request;
}
}
27 changes: 13 additions & 14 deletions ...ge/predix/acs/service/policy/evaluation/PolicyEvaluationWithAttributeUriTemplateTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,9 @@
import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.ge.predix.acs.attribute.connectors.DefaultResourceAttributeReader;
import com.ge.predix.acs.attribute.connectors.DefaultSubjectAttributeReader;
import com.ge.predix.acs.attribute.readers.AttributeReaderFactory;
import com.ge.predix.acs.attribute.readers.PrivilegeServiceResourceAttributeReader;
import com.ge.predix.acs.attribute.readers.PrivilegeServiceSubjectAttributeReader;
import com.ge.predix.acs.model.Attribute;
import com.ge.predix.acs.model.Effect;
import com.ge.predix.acs.model.PolicySet;
Expand All @@ -58,32 +59,30 @@ public class PolicyEvaluationWithAttributeUriTemplateTest {

@InjectMocks
private final PolicyEvaluationService evaluationService = new PolicyEvaluationServiceImpl();

@Mock
private final PolicyManagementService policyService = new PolicyManagementServiceImpl();

@Mock
private DefaultResourceAttributeReader defaultResourceAttributeReader;

private AttributeReaderFactory attributeReaderFactory;
@Mock
private DefaultSubjectAttributeReader defaultSubjectAttributeReader;

private final PolicyMatcherImpl policyMatcher = new PolicyMatcherImpl();

private PrivilegeServiceResourceAttributeReader defaultResourceAttributeReader;
@Mock
private PrivilegeServiceSubjectAttributeReader defaultSubjectAttributeReader;
@Mock
private ZoneResolver zoneResolver;

@Mock
private PolicyEvaluationCacheCircuitBreaker cache;
private PolicyEvaluationCacheCircuitBreaker cache;

private final PolicyMatcherImpl policyMatcher = new PolicyMatcherImpl();

@Test
public void testEvaluateWithURIAttributeTemplate() throws JsonParseException, JsonMappingException, IOException {
MockitoAnnotations.initMocks(this);
Whitebox.setInternalState(this.policyMatcher, "resourceAttributeReader", this.defaultResourceAttributeReader);
Whitebox.setInternalState(this.policyMatcher, "subjectAttributeReader", this.defaultSubjectAttributeReader);
Whitebox.setInternalState(this.policyMatcher, "attributeReaderFactory", this.attributeReaderFactory);
Whitebox.setInternalState(this.evaluationService, "policyMatcher", this.policyMatcher);
when(this.zoneResolver.getZoneEntityOrFail()).thenReturn(new ZoneEntity(0L, "testzone"));
when(this.cache.get(any(PolicyEvaluationRequestCacheKey.class))).thenReturn(null);
when(this.attributeReaderFactory.getResourceAttributeReader()).thenReturn(this.defaultResourceAttributeReader);
when(this.attributeReaderFactory.getSubjectAttributeReader()).thenReturn(this.defaultSubjectAttributeReader);

// set policy
PolicySet policySet = new ObjectMapper()
Expand Down
Loading