mirror of
https://github.com/nsacyber/HIRS.git
synced 2025-03-23 12:35:18 +00:00
Removed DeviceGroup. Updated the serviceImpl classes with the retry and
flush methods. Commit latest changes and transitioning to getting the properites linked.
This commit is contained in:
Cyrus
parent
228a5e56bc
commit
74a3cf9e21
@ -14,7 +14,7 @@ import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.EventLogMeasurements;
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
import hirs.data.persist.ReferenceManifest;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.data.persist.SupportReferenceManifest;
|
||||
import hirs.data.persist.SwidResource;
|
||||
|
||||
@ -1,10 +1,8 @@
|
||||
package hirs.attestationca;
|
||||
|
||||
import hirs.appraiser.SupplyChainAppraiser;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
|
||||
import static hirs.attestationca.AbstractAttestationCertificateAuthority.LOG;
|
||||
@ -22,25 +20,13 @@ public final class AcaDbInit {
|
||||
* install of the HIRS_AttestationCA RPM.
|
||||
*
|
||||
* @param appraiserManager the AppraiserManager to use to persist appraisers
|
||||
* @param deviceGroupManager the DeviceGroupManager to use to persist device groups
|
||||
* @param policyManager the PolicyManager to use to persist policies
|
||||
*/
|
||||
public static synchronized void insertDefaultEntries(
|
||||
final AppraiserManager appraiserManager,
|
||||
final DeviceGroupManager deviceGroupManager,
|
||||
final PolicyManager policyManager) {
|
||||
LOG.info("Ensuring default ACA database entries are present.");
|
||||
|
||||
// Ensure the default group exists. It may have already been created by the Server RPM
|
||||
DeviceGroup defaultGroup = deviceGroupManager.getDeviceGroup(DeviceGroup.DEFAULT_GROUP);
|
||||
if (defaultGroup == null) {
|
||||
LOG.info("Default group not found; saving...");
|
||||
defaultGroup = deviceGroupManager.saveDeviceGroup(new DeviceGroup(
|
||||
DeviceGroup.DEFAULT_GROUP,
|
||||
"This is the default group"));
|
||||
LOG.info("Saved default group.");
|
||||
}
|
||||
|
||||
// If the SupplyChainAppraiser exists, do not attempt to re-save the supply chain appraiser
|
||||
// or SupplyChainPolicy
|
||||
SupplyChainAppraiser supplyChainAppraiser = (SupplyChainAppraiser)
|
||||
@ -62,7 +48,7 @@ public final class AcaDbInit {
|
||||
SupplyChainPolicy.DEFAULT_POLICY);
|
||||
policyManager.savePolicy(supplyChainPolicy);
|
||||
policyManager.setDefaultPolicy(supplyChainAppraiser, supplyChainPolicy);
|
||||
policyManager.setPolicy(supplyChainAppraiser, defaultGroup, supplyChainPolicy);
|
||||
policyManager.setPolicy(supplyChainAppraiser, supplyChainPolicy);
|
||||
|
||||
LOG.info("ACA database initialization complete.");
|
||||
}
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
package hirs.attestationca;
|
||||
|
||||
import hirs.attestationca.servicemanager.DBAppraiserManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceGroupManager;
|
||||
import hirs.attestationca.servicemanager.DBPolicyManager;
|
||||
import hirs.utils.HIRSProfiles;
|
||||
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
|
||||
@ -31,7 +30,6 @@ public class InitializationListener implements ServletContextListener {
|
||||
.createEntityManager();
|
||||
AcaDbInit.insertDefaultEntries(
|
||||
new DBAppraiserManager(entityManager),
|
||||
new DBDeviceGroupManager(entityManager),
|
||||
new DBPolicyManager(entityManager)
|
||||
);
|
||||
}
|
||||
|
||||
@ -2,7 +2,6 @@ package hirs.attestationca.configuration;
|
||||
|
||||
import hirs.attestationca.AttestationCertificateAuthorityConfiguration;
|
||||
import hirs.attestationca.servicemanager.DBCertificateManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceGroupManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.attestationca.servicemanager.DBManager;
|
||||
import hirs.attestationca.servicemanager.DBPolicyManager;
|
||||
@ -15,7 +14,6 @@ import hirs.attestationca.servicemanager.DBReportSummaryManager;
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.CrudManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.persist.PortalInfoManager;
|
||||
@ -109,18 +107,6 @@ public class PersistenceConfiguration {
|
||||
return manager;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link hirs.persist.DeviceGroupManager} ready to use.
|
||||
*
|
||||
* @return {@link hirs.persist.DeviceGroupManager}
|
||||
*/
|
||||
@Bean
|
||||
public DeviceGroupManager deviceGroupManager() {
|
||||
DBDeviceGroupManager manager = new DBDeviceGroupManager(entityManager);
|
||||
setDbManagerRetrySettings(manager);
|
||||
return manager;
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a {@link hirs.persist.CertificateManager} ready to use.
|
||||
*
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
package hirs.attestationca.repository;
|
||||
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
|
||||
@ -13,6 +13,8 @@ import hirs.persist.OrderedQuery;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.List;
|
||||
@ -36,7 +38,15 @@ public class CertificateServiceImpl extends DbServiceImpl<Certificate>
|
||||
@Override
|
||||
public Certificate saveCertificate(final Certificate certificate) {
|
||||
LOGGER.debug("Saving certificate: {}", certificate);
|
||||
return certificateRepository.save(certificate);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<Certificate,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public Certificate doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return certificateRepository.save(certificate);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -58,15 +68,21 @@ public class CertificateServiceImpl extends DbServiceImpl<Certificate>
|
||||
|
||||
}
|
||||
|
||||
certificateRepository.save(dbCertificate);
|
||||
|
||||
return dbCertificate;
|
||||
return saveCertificate(dbCertificate);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<Certificate> getList() {
|
||||
LOGGER.debug("Getting all certificates...");
|
||||
return this.certificateRepository.findAll();
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<Certificate>,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public List<Certificate> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return certificateRepository.findAll();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -78,12 +94,23 @@ public class CertificateServiceImpl extends DbServiceImpl<Certificate>
|
||||
this.updateCertificate(certificate, certificate.getId());
|
||||
}
|
||||
});
|
||||
certificateRepository.flush();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteObjectById(final UUID uuid) {
|
||||
LOGGER.debug("Deleting certificate by id: {}", uuid);
|
||||
this.certificateRepository.deleteById(uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
certificateRepository.deleteById(uuid);
|
||||
certificateRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -4,6 +4,7 @@ import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.StaleObjectStateException;
|
||||
import org.hibernate.exception.LockAcquisitionException;
|
||||
import org.springframework.retry.RetryListener;
|
||||
import org.springframework.retry.backoff.FixedBackOffPolicy;
|
||||
import org.springframework.retry.policy.SimpleRetryPolicy;
|
||||
import org.springframework.retry.support.RetryTemplate;
|
||||
@ -36,7 +37,7 @@ public class DbServiceImpl<T> {
|
||||
private RetryTemplate retryTemplate;
|
||||
|
||||
/**
|
||||
* Creates a new <code>DBManager</code> that uses the default database. The
|
||||
* Creates a new <code>DbServiceImpl</code> that uses the default database. The
|
||||
* default database is used to store all of the objects.
|
||||
*
|
||||
*/
|
||||
@ -69,4 +70,20 @@ public class DbServiceImpl<T> {
|
||||
this.retryTemplate.setRetryPolicy(retryPolicy);
|
||||
this.retryTemplate.setBackOffPolicy(backoffPolicy);
|
||||
}
|
||||
|
||||
/**
|
||||
* Accessor method for the retry function.
|
||||
* @return instance of the RetryTemplate
|
||||
*/
|
||||
protected RetryTemplate getRetryTemplate() {
|
||||
return this.retryTemplate;
|
||||
}
|
||||
|
||||
/**
|
||||
* Registers a retry listener to be notified of retry activity.
|
||||
* @param retryListener the retry listener
|
||||
*/
|
||||
public void addRetryListener(final RetryListener retryListener) {
|
||||
retryTemplate.registerListener(retryListener);
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,6 +10,8 @@ import hirs.persist.OrderedQuery;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.List;
|
||||
@ -32,7 +34,15 @@ public class DeviceServiceImpl extends DbServiceImpl<Device> implements DefaultS
|
||||
@Override
|
||||
public final Device saveDevice(final Device device) throws DeviceManagerException {
|
||||
LOGGER.debug("Saving device: {}", device);
|
||||
return deviceRepository.save(device);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<Device,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public Device doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return deviceRepository.save(device);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -50,19 +60,22 @@ public class DeviceServiceImpl extends DbServiceImpl<Device> implements DefaultS
|
||||
|
||||
// run through things that aren't equal and update
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
deviceRepository.save(dbDevice);
|
||||
|
||||
return dbDevice;
|
||||
return saveDevice(dbDevice);
|
||||
}
|
||||
|
||||
@Override
|
||||
public final List<Device> getList() {
|
||||
LOGGER.debug("Getting all devices...");
|
||||
return deviceRepository.findAll();
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<Device>, DBManagerException>() {
|
||||
@Override
|
||||
public List<Device> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return deviceRepository.findAll();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -74,13 +87,23 @@ public class DeviceServiceImpl extends DbServiceImpl<Device> implements DefaultS
|
||||
this.updateDevice(device, device.getId());
|
||||
}
|
||||
});
|
||||
deviceRepository.flush();
|
||||
}
|
||||
|
||||
@Override
|
||||
public final void deleteObjectById(final UUID uuid)
|
||||
throws DeviceManagerException {
|
||||
LOGGER.debug("Deleting deviceById: {}", uuid);
|
||||
deviceRepository.deleteById(uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
deviceRepository.deleteById(uuid);
|
||||
deviceRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
package hirs.attestationca.service;
|
||||
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
|
||||
@ -2,13 +2,15 @@ package hirs.attestationca.service;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.attestationca.repository.PolicyRepository;
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.OrderedQuery;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.List;
|
||||
@ -31,7 +33,15 @@ public class PolicyServiceImpl extends DbServiceImpl<Policy> implements DefaultS
|
||||
@Override
|
||||
public List<Policy> getList() {
|
||||
LOGGER.debug("Getting all policies...");
|
||||
return this.policyRepository.findAll();
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<Policy>, DBManagerException>() {
|
||||
@Override
|
||||
public List<Policy> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
policyRepository.findAll();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -43,18 +53,35 @@ public class PolicyServiceImpl extends DbServiceImpl<Policy> implements DefaultS
|
||||
this.updatePolicy(policy, policy.getId());
|
||||
}
|
||||
});
|
||||
policyRepository.flush();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteObjectById(final UUID uuid) {
|
||||
LOGGER.debug("Deleting policy by id: {}", uuid);
|
||||
this.policyRepository.deleteById(uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
policyRepository.deleteById(uuid);
|
||||
policyRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public Policy savePolicy(final Policy policy) {
|
||||
LOGGER.debug("Saving policy: {}", policy);
|
||||
return policyRepository.save(policy);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<Policy, DBManagerException>() {
|
||||
@Override
|
||||
public Policy doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return policyRepository.save(policy);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -70,12 +97,9 @@ public class PolicyServiceImpl extends DbServiceImpl<Policy> implements DefaultS
|
||||
dbPolicy = policyRepository.getReferenceById(uuid);
|
||||
|
||||
// run through things that aren't equal and update
|
||||
|
||||
}
|
||||
|
||||
policyRepository.save(dbPolicy);
|
||||
|
||||
return dbPolicy;
|
||||
return savePolicy(dbPolicy);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -9,6 +9,8 @@ import hirs.persist.OrderedQuery;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.List;
|
||||
@ -52,18 +54,36 @@ public class ReferenceDigestValueServiceImpl extends DbServiceImpl<ReferenceDige
|
||||
this.updateDigestValue(values, values.getId());
|
||||
}
|
||||
});
|
||||
referenceDigestValueRepository.flush();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteObjectById(final UUID uuid) {
|
||||
LOGGER.debug("Deleting reference digest values by id: {}", uuid);
|
||||
this.referenceDigestValueRepository.deleteById(uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
referenceDigestValueRepository.deleteById(uuid);
|
||||
referenceDigestValueRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
public ReferenceDigestValue saveDigestValue(final ReferenceDigestValue digestValue) {
|
||||
LOGGER.debug("Saving reference digest value: {}", digestValue);
|
||||
return this.referenceDigestValueRepository.save(digestValue);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<ReferenceDigestValue,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public ReferenceDigestValue doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return referenceDigestValueRepository.save(digestValue);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -88,9 +108,7 @@ public class ReferenceDigestValueServiceImpl extends DbServiceImpl<ReferenceDige
|
||||
}
|
||||
}
|
||||
|
||||
this.referenceDigestValueRepository.save(dbDigestValue);
|
||||
|
||||
return dbDigestValue;
|
||||
return saveDigestValue(dbDigestValue);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -9,6 +9,8 @@ import hirs.persist.OrderedQuery;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.retry.RetryCallback;
|
||||
import org.springframework.retry.RetryContext;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.List;
|
||||
@ -32,7 +34,15 @@ public class ReferenceManifestServiceImpl extends DbServiceImpl<ReferenceManifes
|
||||
@Override
|
||||
public ReferenceManifest saveRIM(final ReferenceManifest rim) {
|
||||
LOGGER.debug("Saving reference manifest: {}", rim);
|
||||
return referenceManifestRepository.save(rim);
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<ReferenceManifest,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public ReferenceManifest doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return referenceManifestRepository.save(rim);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -52,15 +62,21 @@ public class ReferenceManifestServiceImpl extends DbServiceImpl<ReferenceManifes
|
||||
|
||||
}
|
||||
|
||||
referenceManifestRepository.save(dbRim);
|
||||
|
||||
return dbRim;
|
||||
return saveRIM(dbRim);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ReferenceManifest> getList() {
|
||||
LOGGER.debug("Getting all reference manifest...");
|
||||
return this.referenceManifestRepository.findAll();
|
||||
|
||||
return getRetryTemplate().execute(new RetryCallback<List<ReferenceManifest>,
|
||||
DBManagerException>() {
|
||||
@Override
|
||||
public List<ReferenceManifest> doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
return referenceManifestRepository.findAll();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -77,7 +93,16 @@ public class ReferenceManifestServiceImpl extends DbServiceImpl<ReferenceManifes
|
||||
@Override
|
||||
public void deleteObjectById(final UUID uuid) {
|
||||
LOGGER.debug("Deleting reference manifest by id: {}", uuid);
|
||||
this.referenceManifestRepository.deleteById(uuid);
|
||||
|
||||
getRetryTemplate().execute(new RetryCallback<Void, DBManagerException>() {
|
||||
@Override
|
||||
public Void doWithRetry(final RetryContext context)
|
||||
throws DBManagerException {
|
||||
referenceManifestRepository.deleteById(uuid);
|
||||
referenceManifestRepository.flush();
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -3,7 +3,7 @@ package hirs.attestationca.service;
|
||||
import java.util.Set;
|
||||
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
|
||||
@ -9,10 +9,10 @@ import hirs.data.persist.BaseReferenceManifest;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.EventLogMeasurements;
|
||||
import hirs.data.persist.PCRPolicy;
|
||||
import hirs.data.persist.policy.PCRPolicy;
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
import hirs.data.persist.ReferenceManifest;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.data.persist.SupplyChainValidation;
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.data.persist.SupportReferenceManifest;
|
||||
|
||||
@ -1,275 +0,0 @@
|
||||
package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceGroupManagerException;
|
||||
import hirs.persist.PolicyMapper;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Criteria;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.Transaction;
|
||||
import org.hibernate.query.Query;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.persistence.EntityManager;
|
||||
import javax.persistence.criteria.CriteriaBuilder;
|
||||
import javax.persistence.criteria.CriteriaQuery;
|
||||
import javax.persistence.criteria.Predicate;
|
||||
import javax.persistence.criteria.Root;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* This class defines the <code>DBDeviceGroupManager</code> that is used to
|
||||
* store <code>DeviceGroup</code>s in the database.
|
||||
*/
|
||||
@Service
|
||||
public class DBDeviceGroupManager extends DBManager<DeviceGroup> implements DeviceGroupManager {
|
||||
|
||||
private static final Logger LOGGER = LogManager.getLogger(DBDeviceGroupManager.class);
|
||||
|
||||
/**
|
||||
* Creates a new <code>DBDeviceGroupManager</code> and sets the
|
||||
* <code>SessionFactory</code> to the given instance.
|
||||
*
|
||||
* @param em session factory used to access database connections
|
||||
*/
|
||||
public DBDeviceGroupManager(final EntityManager em) {
|
||||
super(DeviceGroup.class, em);
|
||||
}
|
||||
|
||||
/**
|
||||
* Saves the <code>DeviceGroup</code> in the database. This creates a new
|
||||
* database session and saves the device group. If the
|
||||
* <code>DeviceGroup</code> had been previously saved, then a
|
||||
* <code>DeviceGroupManagerException</code> is thrown.
|
||||
*
|
||||
* @param deviceGroup
|
||||
* device group to save
|
||||
* @return reference to saved device group
|
||||
* @throws hirs.persist.DeviceGroupManagerException
|
||||
* if device group had been previously saved or an error occurs
|
||||
* while trying to save it to the database
|
||||
*/
|
||||
@Override
|
||||
public final DeviceGroup saveDeviceGroup(final DeviceGroup deviceGroup)
|
||||
throws DeviceGroupManagerException {
|
||||
LOGGER.debug("saving device group: {}", deviceGroup);
|
||||
try {
|
||||
return super.save(deviceGroup);
|
||||
} catch (DBManagerException e) {
|
||||
throw new DeviceGroupManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates a <code>DeviceGroup</code>. This updates the database entries to
|
||||
* reflect the new values that should be set.
|
||||
*
|
||||
* @param deviceGroup
|
||||
* device group
|
||||
* @throws DeviceGroupManagerException
|
||||
* if device group has not been previously saved or an error
|
||||
* occurs while trying to save it to the database
|
||||
*
|
||||
*/
|
||||
@Override
|
||||
public final void updateDeviceGroup(final DeviceGroup deviceGroup)
|
||||
throws DeviceGroupManagerException {
|
||||
LOGGER.debug("updating device group: {}", deviceGroup);
|
||||
try {
|
||||
super.update(deviceGroup);
|
||||
} catch (DBManagerException e) {
|
||||
throw new DeviceGroupManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a set of all <code>DeviceGroup</code>s.
|
||||
*
|
||||
* @return set of <code>DeviceGroup</code>s
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to search the database
|
||||
*/
|
||||
@Override
|
||||
public final Set<DeviceGroup> getDeviceGroupSet()
|
||||
throws DeviceGroupManagerException {
|
||||
LOGGER.debug("getting device group list");
|
||||
try {
|
||||
final List<DeviceGroup> deviceGroupList =
|
||||
super.getList(DeviceGroup.class);
|
||||
return new HashSet<>(deviceGroupList);
|
||||
} catch (DBManagerException e) {
|
||||
throw new DeviceGroupManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves a <code>DeviceGroup</code> from the database. This searches the
|
||||
* database for an entry whose name matches <code>name</code>.
|
||||
*
|
||||
* @param name
|
||||
* name of the device group
|
||||
* @return device group if found, otherwise null
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to search the database
|
||||
*/
|
||||
@Override
|
||||
public final DeviceGroup getDeviceGroup(final String name)
|
||||
throws DeviceGroupManagerException {
|
||||
LOGGER.debug("getting device group: {}", name);
|
||||
try {
|
||||
return super.get(name);
|
||||
} catch (DBManagerException e) {
|
||||
throw new DeviceGroupManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks whether or not a {@link Policy} is currently associated with
|
||||
* a group. The only instance at this time makes a determination whether
|
||||
* or not the provided Policy is safe for deletion.
|
||||
*
|
||||
* @param policy
|
||||
* {@link Policy} that has been selected for deletion.
|
||||
* @return
|
||||
* whether or not the provided policy is the member of a group
|
||||
* @throws DeviceGroupManagerException
|
||||
* if policy is null or unable to return query {@link Policy}
|
||||
*/
|
||||
@Override
|
||||
public final Set<DeviceGroup> getGroupsAssignedToPolicy(final Policy policy)
|
||||
throws DeviceGroupManagerException {
|
||||
|
||||
if (policy == null) {
|
||||
LOGGER.error("policy provided was null");
|
||||
throw new DeviceGroupManagerException("policy provided was null");
|
||||
}
|
||||
|
||||
Set<DeviceGroup> groups = new HashSet<>();
|
||||
|
||||
Session session = getSession();
|
||||
Transaction tx = session.beginTransaction();
|
||||
|
||||
try {
|
||||
LOGGER.debug("retrieving policy mapper from db where policy = {}", policy);
|
||||
CriteriaBuilder criteriaBuilder = session.getCriteriaBuilder();
|
||||
CriteriaQuery<PolicyMapper> criteriaQuery = criteriaBuilder
|
||||
.createQuery(PolicyMapper.class);
|
||||
Root<PolicyMapper> root = criteriaQuery.from(PolicyMapper.class);
|
||||
Predicate recordPredicate = criteriaBuilder.and(
|
||||
criteriaBuilder.equal(root.get("policy"), policy));
|
||||
criteriaQuery.select(root).where(recordPredicate);
|
||||
Query<PolicyMapper> query = session.createQuery(criteriaQuery);
|
||||
List<PolicyMapper> results = query.getResultList();
|
||||
|
||||
//Retrieves a list of PolicyMapper objects that are unique per group
|
||||
// List policyMapperList = session.createCriteria(PolicyMapper.class)
|
||||
// .add(Restrictions.eq("policy", policy)).list();
|
||||
|
||||
session.getTransaction().commit();
|
||||
|
||||
if (results == null) {
|
||||
LOGGER.debug("no policy mapper found for policy {}", policy);
|
||||
|
||||
} else {
|
||||
for (PolicyMapper policyMapper : results) {
|
||||
groups.add(policyMapper.getDeviceGroup());
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
|
||||
final String msg = "unable to get default policy";
|
||||
LOGGER.error(msg, e);
|
||||
|
||||
LOGGER.debug("rolling back transaction");
|
||||
tx.rollback();
|
||||
|
||||
throw new DeviceGroupManagerException(msg, e);
|
||||
|
||||
}
|
||||
return groups;
|
||||
}
|
||||
/**
|
||||
* Deletes the <code>DeviceGroup</code> from the database. This removes all
|
||||
* of the database entries that stored information with regards to the
|
||||
* <code>DeviceGroup</code>.
|
||||
* <p>
|
||||
* If the <code>DeviceGroup</code> is referenced by any other tables then
|
||||
* this will throw a <code>DeviceGroupManagerException</code>.
|
||||
*
|
||||
* @param name
|
||||
* name of the device group
|
||||
* @return true if successfully found and deleted, false if otherwise
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to find the device group or delete it from the
|
||||
* database
|
||||
*/
|
||||
@Override
|
||||
public final boolean deleteDeviceGroup(final String name)
|
||||
throws DeviceGroupManagerException {
|
||||
LOGGER.debug("deleting device group: {}", name);
|
||||
try {
|
||||
return super.delete(name);
|
||||
} catch (DBManagerException e) {
|
||||
throw new DeviceGroupManagerException(e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a list of all <code>Device</code>s that are ordered by a column
|
||||
* and direction (ASC, DESC) that is provided by the user. This method
|
||||
* helps support the server-side processing in the JQuery DataTables.
|
||||
*
|
||||
* @param columnToOrder Column to be ordered
|
||||
* @param ascending direction of sort
|
||||
* @param firstResult starting point of first result in set
|
||||
* @param maxResults total number we want returned for display in table
|
||||
* @param search string of criteria to be matched to visible columns
|
||||
*
|
||||
* @return FilteredRecordsList object with fields for DataTables
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to create the list
|
||||
*/
|
||||
@Override
|
||||
public final FilteredRecordsList<DeviceGroup> getOrderedDeviceGroupList(
|
||||
final String columnToOrder, final boolean ascending, final int firstResult,
|
||||
final int maxResults, final String search)
|
||||
throws DeviceGroupManagerException {
|
||||
|
||||
if (columnToOrder == null) {
|
||||
LOGGER.debug("null object argument");
|
||||
throw new NullPointerException("object");
|
||||
}
|
||||
|
||||
//Maps object types and their ability to be searched by Hibernate
|
||||
//without modification
|
||||
Map<String, Boolean> searchableColumns = new HashMap<>();
|
||||
searchableColumns.put("name", true);
|
||||
searchableColumns.put("description", true);
|
||||
|
||||
CriteriaModifier modifier = new CriteriaModifier() {
|
||||
@Override
|
||||
public void modify(final Criteria criteria) {
|
||||
//criteria.createAlias("deviceGroup", "group");
|
||||
}
|
||||
};
|
||||
|
||||
try {
|
||||
LOGGER.debug("Getting baseline list");
|
||||
return super.getOrderedList(DeviceGroup.class, columnToOrder, ascending, firstResult,
|
||||
maxResults, search, searchableColumns, modifier);
|
||||
} catch (DBManagerException e) {
|
||||
LOGGER.error(e);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -2,7 +2,6 @@ package hirs.attestationca.servicemanager;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.persist.CriteriaModifier;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.DeviceManager;
|
||||
|
||||
@ -3,8 +3,7 @@ package hirs.attestationca.servicemanager;
|
||||
import com.google.common.base.Preconditions;
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.persist.PolicyManagerException;
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
package hirs.attestationca.data.persist;
|
||||
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.enums.HealthStatus;
|
||||
import hirs.persist.ScheduledJobInfo;
|
||||
import org.testng.Assert;
|
||||
|
||||
@ -1,10 +1,8 @@
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.attestationca.servicemanager.DBCertificateManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceGroupManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.data.persist.certificate.CertificateTest;
|
||||
@ -17,7 +15,6 @@ import hirs.data.persist.certificate.PlatformCredentialTest;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.CertificateSelector;
|
||||
import hirs.persist.DBManagerException;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
|
||||
@ -3,19 +3,15 @@ package hirs.attestationca.persist;
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.appraiser.TestAppraiser;
|
||||
import hirs.attestationca.servicemanager.DBAppraiserManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceGroupManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.attestationca.servicemanager.DBPolicyManager;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.attestationca.data.persist.DeviceTest;
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import hirs.data.persist.TestPolicy;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.DBUtility;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceGroupManagerException;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.persist.PolicyMapper;
|
||||
|
||||
@ -1,16 +1,13 @@
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.attestationca.servicemanager.DBDeviceGroupManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.attestationca.servicemanager.DBReportManager;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.attestationca.data.persist.DeviceTest;
|
||||
import hirs.data.persist.enums.HealthStatus;
|
||||
import hirs.data.persist.info.NetworkInfo;
|
||||
import hirs.persist.DBUtility;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.DeviceManagerException;
|
||||
import hirs.persist.ReportManager;
|
||||
|
||||
@ -3,15 +3,12 @@ package hirs.attestationca.persist;
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.appraiser.TestAppraiser;
|
||||
import hirs.attestationca.data.persist.DeviceTest;
|
||||
import hirs.attestationca.servicemanager.DBDeviceGroupManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.attestationca.servicemanager.DBPolicyManager;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import hirs.data.persist.TestPolicy;
|
||||
import hirs.data.persist.TestPolicy2;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.persist.PolicyManagerException;
|
||||
|
||||
@ -1,10 +1,8 @@
|
||||
package hirs.attestationca.persist;
|
||||
|
||||
import hirs.attestationca.servicemanager.DBDeviceGroupManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.attestationca.servicemanager.DBReportRequestStateManager;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.attestationca.data.persist.DeviceTest;
|
||||
import hirs.data.persist.ReportRequestState;
|
||||
import hirs.data.persist.type.ReportRequestType;
|
||||
|
||||
@ -4,9 +4,8 @@ import hirs.attestationca.persist.SpringPersistenceTest;
|
||||
import hirs.appraiser.SupplyChainAppraiser;
|
||||
import hirs.data.persist.AppraisalStatus;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.data.persist.SupplyChainValidation;
|
||||
import hirs.data.persist.SupplyChainValidationSummary;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
@ -18,9 +17,7 @@ import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.CrudManager;
|
||||
import hirs.attestationca.servicemanager.DBCertificateManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceGroupManager;
|
||||
import hirs.attestationca.servicemanager.DBDeviceManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.persist.ReferenceDigestManager;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
package hirs.attestationca.portal.model;
|
||||
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
|
||||
/**
|
||||
* PolicyPage model object to demonstrate data exchange between policy.jsp page
|
||||
|
||||
@ -6,7 +6,7 @@ import hirs.attestationca.portal.model.PolicyPageModel;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.PageMessages;
|
||||
import hirs.attestationca.portal.page.params.NoPageParams;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import hirs.persist.PolicyManagerException;
|
||||
|
||||
@ -4,14 +4,12 @@ import hirs.attestationca.portal.page.Page;
|
||||
import hirs.attestationca.portal.page.PageController;
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.CertificateAuthorityCredential;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.IssuedAttestationCertificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
||||
@ -3,12 +3,10 @@ package hirs.attestationca.portal.page.controllers;
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import hirs.data.persist.AppraisalStatus;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
|
||||
@ -2,13 +2,11 @@ package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import hirs.attestationca.portal.page.PageControllerTest;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.certificate.Certificate;
|
||||
import hirs.data.persist.certificate.EndorsementCredential;
|
||||
import hirs.data.persist.certificate.IssuedAttestationCertificate;
|
||||
import hirs.data.persist.certificate.PlatformCredential;
|
||||
import hirs.persist.CertificateManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.test.annotation.DirtiesContext;
|
||||
|
||||
@ -2,10 +2,8 @@ package hirs.attestationca.portal.page.controllers;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.appraiser.SupplyChainAppraiser;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.SupplyChainPolicy;
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import hirs.persist.AppraiserManager;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.PolicyManager;
|
||||
import org.testng.Assert;
|
||||
import static hirs.attestationca.portal.page.Page.POLICY;
|
||||
|
||||
@ -3,7 +3,6 @@ package hirs;
|
||||
import com.fasterxml.jackson.core.JsonGenerator;
|
||||
import com.fasterxml.jackson.databind.JsonSerializer;
|
||||
import com.fasterxml.jackson.databind.SerializerProvider;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Date;
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
package hirs.appraiser;
|
||||
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import org.springframework.plugin.core.Plugin;
|
||||
|
||||
/**
|
||||
|
||||
@ -66,13 +66,6 @@ public class Device extends AbstractEntity {
|
||||
@XmlElement
|
||||
private DeviceInfoReport deviceInfo;
|
||||
|
||||
@XmlTransient
|
||||
@JsonSerialize(using = DeviceGroupSerializer.class)
|
||||
@ManyToOne(cascade = { CascadeType.PERSIST, CascadeType.MERGE }, fetch = FetchType.EAGER,
|
||||
optional = false)
|
||||
@JoinColumn(name = "device_group_id", nullable = false)
|
||||
private DeviceGroup deviceGroup;
|
||||
|
||||
@XmlTransient
|
||||
@Column
|
||||
@Enumerated(EnumType.ORDINAL)
|
||||
@ -189,54 +182,6 @@ public class Device extends AbstractEntity {
|
||||
this.deviceInfo = deviceInfo;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the device group that is set for this device. May return null if
|
||||
* no device group is set. Null represents the "default" device group.
|
||||
*
|
||||
* @return deviceGroup
|
||||
*/
|
||||
public final DeviceGroup getDeviceGroup() {
|
||||
return deviceGroup;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the device group for this device. May be null if the "default"
|
||||
* device group is desired. This method also adds or removes the Device
|
||||
* from the Device Group as appropriate.
|
||||
*
|
||||
* @param deviceGroup
|
||||
* deviceGroup or null
|
||||
*/
|
||||
public final void setDeviceGroup(final DeviceGroup deviceGroup) {
|
||||
if (deviceGroup == null) {
|
||||
LOGGER.error("could not add devicegroup -- null");
|
||||
throw new NullPointerException("deviceGroup");
|
||||
}
|
||||
|
||||
if (this.deviceGroup != null) {
|
||||
if (this.deviceGroup.equals(deviceGroup)) {
|
||||
// Do nothing if the device is already in the group
|
||||
return;
|
||||
}
|
||||
this.deviceGroup.removeDeviceProtected(this);
|
||||
}
|
||||
|
||||
deviceGroup.addDeviceProtected(this);
|
||||
this.deviceGroup = deviceGroup;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the device group for this device. May be null if the "default"
|
||||
* device group is desired.
|
||||
*
|
||||
* @param deviceGroup
|
||||
* deviceGroup or null
|
||||
*/
|
||||
protected final void setOnlyDeviceGroup(
|
||||
final DeviceGroup deviceGroup) {
|
||||
this.deviceGroup = deviceGroup;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an XML string representation of this <code>Device</code>.
|
||||
*
|
||||
|
||||
@ -1,488 +0,0 @@
|
||||
package hirs.data.persist;
|
||||
|
||||
import hirs.data.persist.enums.HealthStatus;
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
import hirs.persist.ScheduledJobInfo;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
|
||||
import javax.persistence.Access;
|
||||
import javax.persistence.AccessType;
|
||||
import javax.persistence.CascadeType;
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Embedded;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.FetchType;
|
||||
import javax.persistence.OneToMany;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* This class represents a device group. A device group is used to manage a collection of devices
|
||||
* and associated measurement policies. Devices associated with a machine group undergo an identical
|
||||
* appraisal process and are expected to comply with the device group measurement policies and
|
||||
* associated measurement baselines.
|
||||
*/
|
||||
@Entity
|
||||
@Access(AccessType.FIELD)
|
||||
public class DeviceGroup extends UserDefinedEntity {
|
||||
|
||||
/**
|
||||
* Name set for default instance of <code>DeviceGroup</code>.
|
||||
*/
|
||||
public static final String DEFAULT_GROUP = "Default Group";
|
||||
private static final Logger LOGGER = LogManager.getLogger(DeviceGroup.class);
|
||||
|
||||
/**
|
||||
* A second period in milliseconds.
|
||||
*/
|
||||
public static final long SECOND_MS_INTERVAL = 1000;
|
||||
|
||||
/**
|
||||
* A minute period in milliseconds.
|
||||
*/
|
||||
public static final long MINUTE_MS_INTERVAL = 60 * SECOND_MS_INTERVAL;
|
||||
|
||||
/**
|
||||
* five minutes period in milliseconds.
|
||||
*/
|
||||
public static final long FIVE_MINUTES_MS_INTERVAL = 5 * MINUTE_MS_INTERVAL;
|
||||
|
||||
/**
|
||||
* An hour period in milliseconds.
|
||||
*/
|
||||
public static final long HOUR_MS_INTERVAL = 60 * MINUTE_MS_INTERVAL;
|
||||
|
||||
/**
|
||||
* A day period in milliseconds.
|
||||
*/
|
||||
public static final long DAY_MS_INTERVAL = 24 * HOUR_MS_INTERVAL;
|
||||
|
||||
/**
|
||||
* The default for on demand and periodic report thresholds.
|
||||
*/
|
||||
public static final long DEFAULT_REPORT_DELAY_THRESHOLD = 12 * HOUR_MS_INTERVAL;
|
||||
|
||||
/**
|
||||
* Minimum Periodic report period is once every 500 millisecond.
|
||||
*/
|
||||
public static final long MINIMUM_PERIODIC_REPORT_INTERVAL = FIVE_MINUTES_MS_INTERVAL;
|
||||
|
||||
/**
|
||||
* Minimum allowed value for any report Threshold.
|
||||
*/
|
||||
public static final long MINIMUM_THRESHOLD_INTERVAL_MS = MINUTE_MS_INTERVAL;
|
||||
|
||||
/**
|
||||
* The default job frequency of 1 day in milliseconds.
|
||||
*/
|
||||
public static final long DEFAULT_JOB_FREQUENCY_MS = DAY_MS_INTERVAL;
|
||||
|
||||
/**
|
||||
* Creates a new <code>ScheduledJobInfo</code> with default values.
|
||||
*
|
||||
* @return the default ScheduledJobInfo
|
||||
*/
|
||||
public static ScheduledJobInfo createDefaultScheduledJobInfo() {
|
||||
return new ScheduledJobInfo(DEFAULT_JOB_FREQUENCY_MS);
|
||||
}
|
||||
|
||||
@JsonIgnore
|
||||
@OneToMany(cascade = { CascadeType.PERSIST, CascadeType.MERGE },
|
||||
fetch = FetchType.EAGER, mappedBy = "deviceGroup")
|
||||
private final Set<Device> devices = new HashSet<>();
|
||||
|
||||
@Column(nullable = false)
|
||||
private long periodicReportDelayThreshold = DEFAULT_REPORT_DELAY_THRESHOLD;
|
||||
|
||||
@Column(nullable = false)
|
||||
private boolean enablePeriodicReportDelayAlert = false;
|
||||
|
||||
@Column(nullable = false)
|
||||
private long onDemandReportDelayThreshold = DEFAULT_REPORT_DELAY_THRESHOLD;
|
||||
|
||||
@Column(nullable = false)
|
||||
private boolean enableOnDemandReportDelayAlert = false;
|
||||
|
||||
@Column(nullable = false)
|
||||
private boolean waitForAppraisalCompletionEnabled = false;
|
||||
|
||||
@Embedded
|
||||
private ScheduledJobInfo scheduledJobInfo;
|
||||
|
||||
/**
|
||||
* Creates a new <code>DeviceGroup</code> with a specified name and a null description.
|
||||
*
|
||||
* @param name name of the device group
|
||||
*/
|
||||
public DeviceGroup(final String name) {
|
||||
super(name);
|
||||
scheduledJobInfo = createDefaultScheduledJobInfo();
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new <code>DeviceGroup</code> with a specified name and description. The description
|
||||
* may be null.
|
||||
*
|
||||
* @param name name of the device group
|
||||
* @param description description for the device group
|
||||
*/
|
||||
public DeviceGroup(final String name, final String description) {
|
||||
super(name, description);
|
||||
scheduledJobInfo = createDefaultScheduledJobInfo();
|
||||
}
|
||||
|
||||
/**
|
||||
* Default constructor used by Hibernate.
|
||||
*/
|
||||
protected DeviceGroup() {
|
||||
super();
|
||||
scheduledJobInfo = createDefaultScheduledJobInfo();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an unmodifiable set of the <code>Device</code>s in the <code>DeviceGroup</code>.
|
||||
*
|
||||
* @return an unmodifiable Set of <code>Device</code>s
|
||||
*/
|
||||
public final Set<Device> getDevices() {
|
||||
return Collections.unmodifiableSet(this.devices);
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds a device to this device group. If the device is not already part of the group, then it
|
||||
* is added. If an equal device is already part of the group, then the request to add the device
|
||||
* will be quietly ignored. This method also sets the DeviceGroup field on the Device.
|
||||
*
|
||||
* @param device device to add to the group
|
||||
*/
|
||||
public final void addDevice(final Device device) {
|
||||
device.setDeviceGroup(this);
|
||||
addDeviceProtected(device);
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds a device to this device group. If the device is not already part of the group, then it
|
||||
* is added. If an equal device is already part of the group, then the request to add the device
|
||||
* will be quietly ignored.
|
||||
*
|
||||
* @param device device to add to the group
|
||||
*/
|
||||
protected final void addDeviceProtected(final Device device) {
|
||||
if (device == null) {
|
||||
LOGGER.error("null device");
|
||||
throw new NullPointerException("device");
|
||||
}
|
||||
LOGGER.debug("adding device '{}' to device group '{}'",
|
||||
device.getName(), getName());
|
||||
|
||||
boolean isDeviceSuccessfullyAdded = devices.add(device);
|
||||
if (isDeviceSuccessfullyAdded) {
|
||||
LOGGER.debug(String.format(
|
||||
"added device '%s' to device group '%s'", device.getName(),
|
||||
getName()));
|
||||
} else {
|
||||
LOGGER.info("device '{}' already exists in device group '{}'",
|
||||
device.getName(), getName());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove device from the device group. This method also sets the Device's Device Group to
|
||||
* null.
|
||||
*
|
||||
* @param device device to remove
|
||||
* @return a boolean indicating if the removal was successful
|
||||
*/
|
||||
public final boolean removeDevice(final Device device) {
|
||||
if (device == null) {
|
||||
LOGGER.error("null device");
|
||||
return false;
|
||||
}
|
||||
LOGGER.debug("removing device '{}' from device group '{}'",
|
||||
device.getName(), getName());
|
||||
boolean deviceRemovedSuccessfully = devices.remove(device);
|
||||
if (deviceRemovedSuccessfully) {
|
||||
device.setOnlyDeviceGroup(null);
|
||||
}
|
||||
return deviceRemovedSuccessfully;
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove device from the device group.
|
||||
*
|
||||
* @param device device to remove
|
||||
* @return a boolean indicating if the removal was successful
|
||||
*/
|
||||
protected final boolean removeDeviceProtected(final Device device) {
|
||||
return devices.remove(device);
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove a device from the device group using the device's name. The device name is unique.
|
||||
*
|
||||
* @param deviceName unique name of device to be removed
|
||||
* @return a boolean indicating if the removal was successful
|
||||
*/
|
||||
public final boolean removeDevice(final String deviceName) {
|
||||
if (deviceName == null) {
|
||||
LOGGER.error("null device");
|
||||
return false;
|
||||
}
|
||||
LOGGER.debug("removing device '{}' from device group '{}'", deviceName,
|
||||
getName());
|
||||
for (Device device : devices) {
|
||||
if (device.getName().equals(deviceName)) {
|
||||
return devices.remove(device);
|
||||
}
|
||||
}
|
||||
LOGGER.error(
|
||||
"device with name '{}' was not found in device group '{}'",
|
||||
deviceName, getName());
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the maximum number of milliseconds allowed to elapse without receiving a report from a
|
||||
* client. <p> This period should be greater than two or three times the periodicReportInterval
|
||||
* value. Note: this value should not be allowed to be set to a value less than the regular
|
||||
* periodic report interval for the client (periodicReportInterval); This method prevents
|
||||
* setting this value to very low setting (i.e. under MINIMUM_THRESHOLD_INTERVAL_MS) </p> This
|
||||
* logic does not verify/enforce that limit is lower than periodicReportInterval to avoid
|
||||
* restrictions on the order of setting various parameters of this policy.
|
||||
*
|
||||
* @param milliseconds the desired new threshold value
|
||||
*/
|
||||
public final void setPeriodicReportDelayThreshold(final long milliseconds) {
|
||||
if (milliseconds < MINIMUM_THRESHOLD_INTERVAL_MS) {
|
||||
throw new IllegalArgumentException(
|
||||
"Periodic Report Delay Threshold must be greater than or "
|
||||
+ "equal to "
|
||||
+ String.valueOf(MINIMUM_THRESHOLD_INTERVAL_MS)
|
||||
+ " milliseconds. Received "
|
||||
+ String.valueOf(milliseconds));
|
||||
}
|
||||
periodicReportDelayThreshold = milliseconds;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the maximum milliseconds allowed elapse without receiving a client report before
|
||||
* considering the client periodic report is late.
|
||||
* <p>
|
||||
* HIRS appraiser would issue an alert whenever late periodic report condition is detected and
|
||||
* the policy is configured to allow this type of alerts to be issued.
|
||||
*
|
||||
* @return periodicReportDelayThreshold maximum milliseconds for late periodic report condition
|
||||
*/
|
||||
public final long getPeriodicReportDelayThreshold() {
|
||||
return periodicReportDelayThreshold;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the policy flag that controls if HIRS appraiser will issue a late periodic alert.
|
||||
* <p>
|
||||
* This flag should be set to false when portal user is not sure that it has set
|
||||
* periodicReportDelayThreshold with sufficient tolerance to avoid unnecessary excessive alerts
|
||||
* for clients. For example, if portal sets periodicReportDelayThreshold to value less than or
|
||||
* equal to the periodicReportInterval, this will cause unnecessary excessive alerts.
|
||||
*
|
||||
* @param flag true enables the alert, and false otherwise
|
||||
*/
|
||||
public final void setEnablePeriodicReportDelayAlert(final boolean flag) {
|
||||
enablePeriodicReportDelayAlert = flag;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determines if periodic alert delay alerts should be issued whenever time elapsed since last
|
||||
* received report from a client exceeds the maximum allowed delay interval defined by
|
||||
* periodicReportDelayThreshold period.
|
||||
*
|
||||
* @return enablePeriodicReportDelayAlert true enables the alert, and false otherwise
|
||||
*/
|
||||
public final boolean isEnablePeriodicReportDelayAlert() {
|
||||
return enablePeriodicReportDelayAlert;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the time threshold that determines the maximum milliseconds allowed to elapse after the
|
||||
* portal initiates a client on-demand report request without receiving a report from the
|
||||
* client. <p> if a report was not received in this milliseconds interval, and the
|
||||
* enableOndemandReportDelayAlert flag was set to true; HIRS appraiser will issue an alert. </p>
|
||||
* This period must be set to a value greater than three times the duration of the client's cron
|
||||
* invocation job that runs periodically to cause the client send ReportRequest query to HIRS
|
||||
* appraiser plus sufficient time for the client to collect and send a report.
|
||||
*
|
||||
* @param milliseconds desired new threshold value
|
||||
* @throws IllegalArgumentException thrown if less than MINIMUM_THRESHOLD_INTERVAL_MS
|
||||
*/
|
||||
|
||||
public final void setOnDemandReportDelayThreshold(final long milliseconds)
|
||||
throws IllegalArgumentException {
|
||||
if (milliseconds < MINIMUM_THRESHOLD_INTERVAL_MS) {
|
||||
throw new IllegalArgumentException(
|
||||
"On Demand Report Delay Threshold must be greater than or "
|
||||
+ "equal to "
|
||||
+ String.valueOf(MINIMUM_THRESHOLD_INTERVAL_MS)
|
||||
+ " milliseconds. Received "
|
||||
+ String.valueOf(milliseconds));
|
||||
}
|
||||
onDemandReportDelayThreshold = milliseconds;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the maximum time HIRS appraiser will wait for a client to send a report after the portal
|
||||
* initiates On-Demand report request.
|
||||
* <p>
|
||||
* If the appraiser does not receive the report on time and the policy is configured to enable
|
||||
* On-demand report delay alert, this alert will be issued.
|
||||
*
|
||||
* @return onDemandReportDelayThreshold milliseconds time limit to trigger on-demand report late
|
||||
* alert
|
||||
*/
|
||||
public final long getOnDemandReportDelayThreshold() {
|
||||
return onDemandReportDelayThreshold;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the policy flag that controls on-Demand client report delay alert.
|
||||
* <p>
|
||||
* This alert will be issued by HIRS appraiser whenever the portal initiates on-demand report
|
||||
* request and no client report is received within the maximum allowed milliseconds interval
|
||||
* defined by the onDemandReportDelayThreshold.
|
||||
*
|
||||
* @param flag true enables the alert, and false otherwise
|
||||
*/
|
||||
public final void setEnableOnDemandReportDelayAlert(final boolean flag) {
|
||||
enableOnDemandReportDelayAlert = flag;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determines if the OnDemand report delay alert is allowed to be issued by HIRS appraiser.
|
||||
*
|
||||
* @return enableOnDemandReportDelayAlert true to enables the alert, and false otherwise
|
||||
*/
|
||||
public final boolean isEnableOnDemandReportDelayAlert() {
|
||||
return enableOnDemandReportDelayAlert;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets flag indicating if devices in this group should wait for appraisal completion.
|
||||
* @return true if devices are waiting for appraisal completion, false otherwise
|
||||
*/
|
||||
public boolean isWaitForAppraisalCompletionEnabled() {
|
||||
return waitForAppraisalCompletionEnabled;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets flag indicating if devices in this group should wait for appraisal completion.
|
||||
* @param waitForAppraisalCompletionEnabled true if devices are waiting for
|
||||
* appraisal completion, false otherwise
|
||||
*/
|
||||
public void setWaitForAppraisalCompletionEnabled(final boolean
|
||||
waitForAppraisalCompletionEnabled) {
|
||||
this.waitForAppraisalCompletionEnabled = waitForAppraisalCompletionEnabled;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the ScheduleJobInfo for this Repository.
|
||||
* @return the SecheduleJobInfo
|
||||
*/
|
||||
public ScheduledJobInfo getScheduledJobInfo() {
|
||||
return scheduledJobInfo;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the ScheduleJobInfo for this Repository.
|
||||
* @param scheduledJobInfo the ScheduleJobInfo
|
||||
*/
|
||||
public void setScheduledJobInfo(final ScheduledJobInfo scheduledJobInfo) {
|
||||
Assert.notNull(scheduledJobInfo, "scheduledJobInfo");
|
||||
this.scheduledJobInfo = scheduledJobInfo;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the health status of this group, which is a summary of the set of devices for this
|
||||
* group. If at least one device is untrusted, then the group is untrusted. If at least one
|
||||
* device has unknown trust, and there are no untrusted devices, then the trust will be
|
||||
* unknown. If there are zero devices in this group, the trust will be unknown.
|
||||
* Otherwise, the group will be trusted.
|
||||
*
|
||||
* @return the group health
|
||||
*/
|
||||
public HealthStatus getHealthStatus() {
|
||||
if (CollectionUtils.isEmpty(devices)) {
|
||||
return HealthStatus.UNKNOWN;
|
||||
}
|
||||
boolean hasUnknownTrusts = false;
|
||||
for (Device device : devices) {
|
||||
switch (device.getHealthStatus()) {
|
||||
case UNTRUSTED:
|
||||
return HealthStatus.UNTRUSTED;
|
||||
case UNKNOWN:
|
||||
hasUnknownTrusts = true;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (hasUnknownTrusts) {
|
||||
return HealthStatus.UNKNOWN;
|
||||
}
|
||||
return HealthStatus.TRUSTED;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the number of devices within the group.
|
||||
*
|
||||
* @return the number of devices
|
||||
*/
|
||||
public int getNumberOfDevices() {
|
||||
int count = 0;
|
||||
|
||||
if (devices != null) {
|
||||
count = devices.size();
|
||||
}
|
||||
|
||||
return count;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the number of devices currently trusted within the group.
|
||||
*
|
||||
* @return the number of trusted devices
|
||||
*/
|
||||
public int getNumberOfTrustedDevices() {
|
||||
int count = 0;
|
||||
|
||||
if (devices != null) {
|
||||
for (final Device device : devices) {
|
||||
if (device.getHealthStatus() == HealthStatus.TRUSTED) {
|
||||
count++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return count;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets only the devices for the device group.
|
||||
* (Return a set of devices without any reference
|
||||
* to the device groups to avoid an infinite loop.)
|
||||
*
|
||||
* @return a set of all the devices
|
||||
*/
|
||||
public Set<Device> getAllDevices() {
|
||||
Set<Device> allDevices = new HashSet<>();
|
||||
|
||||
for (Device device: devices) {
|
||||
device.setOnlyDeviceGroup(null);
|
||||
allDevices.add(device);
|
||||
}
|
||||
return Collections.unmodifiableSet(allDevices);
|
||||
}
|
||||
}
|
||||
@ -1,16 +1,15 @@
|
||||
package hirs.data.persist;
|
||||
package hirs.data.persist.policy;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.persistence.CollectionTable;
|
||||
import javax.persistence.ElementCollection;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.FetchType;
|
||||
import javax.persistence.JoinColumn;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* A <code>HIRSPolicy</code> is a <code>Policy</code> that specifies the
|
||||
@ -84,15 +83,4 @@ public class HIRSPolicy extends Policy {
|
||||
public final Set<Class<? extends Appraiser>> getRequiredAppraisers() {
|
||||
return Collections.unmodifiableSet(requiredAppraisers);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Generates the name for the HIRS Policy.
|
||||
*
|
||||
* @param group The group related to the HIRS Policy
|
||||
* @return The name of the Policy
|
||||
*/
|
||||
public static String nameFromGroup(final DeviceGroup group) {
|
||||
return "hirspolicy_" + group.getId();
|
||||
}
|
||||
}
|
||||
@ -1,5 +1,7 @@
|
||||
package hirs.data.persist;
|
||||
package hirs.data.persist.policy;
|
||||
|
||||
import hirs.data.persist.ReferenceDigestValue;
|
||||
import hirs.data.persist.TPMMeasurementRecord;
|
||||
import hirs.data.persist.tpm.PcrComposite;
|
||||
import hirs.data.persist.tpm.PcrInfoShort;
|
||||
import hirs.data.persist.tpm.PcrSelection;
|
||||
@ -1,4 +1,6 @@
|
||||
package hirs.data.persist;
|
||||
package hirs.data.persist.policy;
|
||||
|
||||
import hirs.data.persist.UserDefinedEntity;
|
||||
|
||||
import javax.persistence.Access;
|
||||
import javax.persistence.AccessType;
|
||||
@ -1,4 +1,4 @@
|
||||
package hirs.data.persist;
|
||||
package hirs.data.persist.policy;
|
||||
|
||||
/**
|
||||
* Represents an exception thrown when a <code>Policy</code> is misconfigured in
|
||||
@ -1,4 +1,4 @@
|
||||
package hirs.data.persist;
|
||||
package hirs.data.persist.policy;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Embedded;
|
||||
@ -1,5 +1,6 @@
|
||||
package hirs.data.persist;
|
||||
package hirs.data.persist.policy;
|
||||
|
||||
import hirs.data.persist.TPMMeasurementRecord;
|
||||
import hirs.data.persist.enums.AlertSeverity;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
@ -0,0 +1,5 @@
|
||||
/**
|
||||
* * This package contains a set of classes that persist policy.
|
||||
*/
|
||||
package hirs.data.persist.policy;
|
||||
|
||||
@ -1,9 +1,7 @@
|
||||
package hirs.data.service;
|
||||
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
import org.apache.logging.log4j.LogManager;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
|
||||
@ -1,114 +0,0 @@
|
||||
package hirs.persist;
|
||||
|
||||
import hirs.FilteredRecordsList;
|
||||
import java.util.Set;
|
||||
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.Policy;
|
||||
|
||||
/**
|
||||
* A DeviceGroupManager manages DeviceGroups. It is used to store and manage
|
||||
* device groups. It has support for the basic create, read, update, and delete
|
||||
* methods.
|
||||
*/
|
||||
public interface DeviceGroupManager {
|
||||
|
||||
/**
|
||||
* Stores a new <code>DeviceGroup</code> to be managed by the
|
||||
* <code>DeviceGroupManager</code>. If the <code>DeviceGroup</code> is
|
||||
* successfully saved, then a reference to it is returned.
|
||||
*
|
||||
* @param deviceGroup
|
||||
* device group to save
|
||||
* @return reference to the saved device group
|
||||
* @throws DeviceGroupManagerException
|
||||
* if the device group has been previously saved or an
|
||||
* unexpected error occurs
|
||||
*/
|
||||
DeviceGroup saveDeviceGroup(DeviceGroup deviceGroup)
|
||||
throws DeviceGroupManagerException;
|
||||
|
||||
/**
|
||||
* Updates a <code>DeviceGroup</code> that is managed so subsequent calls to
|
||||
* get this <code>DeviceGroup</code> will return the values set by the
|
||||
* incoming <code>DeviceGroup</code>.
|
||||
*
|
||||
* @param deviceGroup
|
||||
* device group to be updated
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to update the device group
|
||||
*/
|
||||
void updateDeviceGroup(DeviceGroup deviceGroup)
|
||||
throws DeviceGroupManagerException;
|
||||
|
||||
/**
|
||||
* Returns a set of all device groups managed by this manager. Every
|
||||
* <code>DeviceGroup</code> must have a name that users can use to reference
|
||||
* the <code>DeviceGroup</code>.
|
||||
*
|
||||
* @return a set containing the device groups
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to create set
|
||||
*/
|
||||
Set<DeviceGroup> getDeviceGroupSet() throws DeviceGroupManagerException;
|
||||
|
||||
/**
|
||||
* Retrieves the <code>DeviceGroup</code> identified by <code>name</code>.
|
||||
* If the <code>DeviceGroup</code> cannot be found, then null is returned.
|
||||
*
|
||||
* @param name
|
||||
* name of the <code>DeviceGroup</code>
|
||||
* @return <code>DeviceGroup</code> or null if not found
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to retrieve the device group
|
||||
*/
|
||||
DeviceGroup getDeviceGroup(String name) throws DeviceGroupManagerException;
|
||||
|
||||
/**
|
||||
* Checks whether or not a {@link Policy} is currently associated with
|
||||
* a group. The only instance at this time makes a determination whether
|
||||
* or not the provided Policy is safe for deletion.
|
||||
*
|
||||
* @param policy
|
||||
* {@link Policy} that has been selected for deletion.
|
||||
* @return
|
||||
* whether or not the provided policy is the member of a group
|
||||
* @throws DeviceGroupManagerException
|
||||
* if policy is null or unable to return query {@link Policy}
|
||||
*/
|
||||
Set<DeviceGroup> getGroupsAssignedToPolicy(Policy policy)
|
||||
throws DeviceGroupManagerException;
|
||||
|
||||
/**
|
||||
* Delete the <code>DeviceGroup</code> identified by <code>name</code>. If
|
||||
* the deletion is successful, true is returned. Otherwise, false is
|
||||
* returned.
|
||||
*
|
||||
* @param name
|
||||
* name of the <code>DeviceGroup</code> to delete
|
||||
* @return boolean indicating outcome of the deletion
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to delete the device group
|
||||
*/
|
||||
boolean deleteDeviceGroup(String name) throws DeviceGroupManagerException;
|
||||
|
||||
/**
|
||||
* Returns a list of all <code>DeviceGroup</code>s that are ordered by a column
|
||||
* and direction (ASC, DESC) that is provided by the user. This method
|
||||
* helps support the server-side processing in the JQuery DataTables.
|
||||
*
|
||||
* @param columnToOrder Column to be ordered
|
||||
* @param ascending direction of sort
|
||||
* @param firstResult starting point of first result in set
|
||||
* @param maxResults total number we want returned for display in table
|
||||
* @param search string of criteria to be matched to visible columns
|
||||
*
|
||||
* @return FilteredRecordsList object with fields for DataTables
|
||||
* @throws DeviceGroupManagerException
|
||||
* if unable to create the list
|
||||
*/
|
||||
FilteredRecordsList<DeviceGroup> getOrderedDeviceGroupList(
|
||||
String columnToOrder, boolean ascending, int firstResult,
|
||||
int maxResults, String search)
|
||||
throws DeviceGroupManagerException;
|
||||
}
|
||||
@ -1,45 +0,0 @@
|
||||
package hirs.persist;
|
||||
|
||||
/**
|
||||
* This class represents an <code>Exception</code> generated by a
|
||||
* <code>DeviceGroupManager</code>.
|
||||
*/
|
||||
public class DeviceGroupManagerException extends RuntimeException {
|
||||
|
||||
private static final long serialVersionUID = 972152768034191965L;
|
||||
|
||||
/**
|
||||
* Creates a new <code>DeviceGroupManagerException</code> that has the
|
||||
* message <code>msg</code>.
|
||||
*
|
||||
* @param msg
|
||||
* exception message
|
||||
*/
|
||||
public DeviceGroupManagerException(final String msg) {
|
||||
super(msg);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new <code>DeviceGroupManagerException</code> that wraps the
|
||||
* given <code>Throwable</code>.
|
||||
*
|
||||
* @param t
|
||||
* root cause
|
||||
*/
|
||||
public DeviceGroupManagerException(final Throwable t) {
|
||||
super(t);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a new <code>DeviceGroupManagerException</code> that has the
|
||||
* message <code>msg</code> and wraps the root cause.
|
||||
*
|
||||
* @param msg
|
||||
* exception message
|
||||
* @param t
|
||||
* root cause
|
||||
*/
|
||||
public DeviceGroupManagerException(final String msg, final Throwable t) {
|
||||
super(msg, t);
|
||||
}
|
||||
}
|
||||
@ -2,8 +2,7 @@ package hirs.persist;
|
||||
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.List;
|
||||
@ -157,27 +156,23 @@ public interface PolicyManager {
|
||||
*
|
||||
* @param appraiser
|
||||
* appraiser
|
||||
* @param deviceGroup
|
||||
* deviceGroup
|
||||
* @return policy or null if not set
|
||||
*/
|
||||
Policy getPolicy(Appraiser appraiser, DeviceGroup deviceGroup);
|
||||
Policy getPolicy(Appraiser appraiser);
|
||||
|
||||
/**
|
||||
* Sets the <code>Policy</code> for the <code>Appraiser</code> and
|
||||
* <code>DeviceGroup</code>. See {@link #getPolicy(Appraiser, DeviceGroup)}
|
||||
* <code>DeviceGroup</code>. See {@link #getPolicy(Appraiser)}
|
||||
* for more details on the algorithm used. Policy can be null to remove
|
||||
* the policy for the appraiser-deviceGroup pair, which will retrieve the
|
||||
* default policy instead.
|
||||
*
|
||||
* @param appraiser
|
||||
* appraiser
|
||||
* @param deviceGroup
|
||||
* deviceGroup
|
||||
* @param policy
|
||||
* policy
|
||||
*/
|
||||
void setPolicy(Appraiser appraiser, DeviceGroup deviceGroup, Policy policy);
|
||||
void setPolicy(Appraiser appraiser, Policy policy);
|
||||
|
||||
/**
|
||||
* Retrieves the <code>Policy</code> identified by <code>name</code>. If
|
||||
|
||||
@ -2,8 +2,7 @@ package hirs.persist;
|
||||
|
||||
import static org.apache.logging.log4j.LogManager.getLogger;
|
||||
import hirs.appraiser.Appraiser;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
|
||||
@ -1,166 +0,0 @@
|
||||
package hirs;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import hirs.data.persist.AppraisalStatus;
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.info.FirmwareInfo;
|
||||
import hirs.data.persist.info.HardwareInfo;
|
||||
import hirs.data.persist.info.NetworkInfo;
|
||||
import hirs.data.persist.info.OSInfo;
|
||||
import hirs.data.persist.info.TPMInfo;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
import java.net.InetAddress;
|
||||
import java.net.UnknownHostException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.sql.Timestamp;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
/**
|
||||
* Unit tests for the {@link hirs.DeviceGroupSerializer}.
|
||||
*/
|
||||
public class DeviceGroupSerializerTest {
|
||||
|
||||
private static final int COUNT_OF_ID_FIELD_OUTSIDE_DEVICE_GROUP = 2;
|
||||
private static final int COUNT_OF_CREATION_DATE_FIELD_OUTSIDE_DEVICE_GROUP = 1;
|
||||
private static final int COUNT_OF_NAME_FIELD_OUTSIDE_DEVICE_GROUP = 45;
|
||||
private static final int COUNT_OF_HEALTH_STATUS_FIELD_OUTSIDE_DEVICE_GROUP = 1;
|
||||
|
||||
/**
|
||||
* Tests that Jackson correctly serializes the inner {@link DeviceGroup} on a single Device
|
||||
* using the custom {@link hirs.DeviceGroupSerializer}.
|
||||
*/
|
||||
@Test
|
||||
public void serializeDeviceGroupOnDevice() {
|
||||
Device testDevice = getTestDevice("Device1");
|
||||
assertDeviceSerializedCorrectly(testDevice);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that Jackson correctly serializes the same inner {@link DeviceGroup} on multiple
|
||||
* Devices using the custom {@link hirs.DeviceGroupSerializer}.
|
||||
*/
|
||||
@Test
|
||||
public void serializeSameDeviceGroupOnDevices() {
|
||||
List<Device> testDevices = new ArrayList<>();
|
||||
Device testDevice1 = getTestDevice("Device1");
|
||||
Device testDevice2 = getTestDevice("Device2");
|
||||
Assert.assertTrue(testDevice1.getDeviceGroup().equals(testDevice2.getDeviceGroup()));
|
||||
testDevices.add(testDevice1);
|
||||
testDevices.add(testDevice2);
|
||||
assertDevicesSerializedCorrectly(testDevices);
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests that Jackson correctly serializes different inner {@link DeviceGroup DeviceGroups} on
|
||||
* multiple Devices using the custom {@link hirs.DeviceGroupSerializer}.
|
||||
*/
|
||||
@Test
|
||||
public void serializeDifferentDeviceGroupOnDevices() {
|
||||
List<Device> testDevices = new ArrayList<>();
|
||||
Device testDevice1 = getTestDevice("Device1");
|
||||
Device testDevice2 = getTestDevice("Device2");
|
||||
testDevice2.setDeviceGroup(new DeviceGroup("Non-Default Device Group"));
|
||||
Assert.assertTrue(!testDevice1.getDeviceGroup().equals(testDevice2.getDeviceGroup()));
|
||||
testDevices.add(testDevice1);
|
||||
testDevices.add(testDevice2);
|
||||
assertDevicesSerializedCorrectly(testDevices);
|
||||
}
|
||||
|
||||
private DeviceInfoReport getTestDeviceInfoReport() throws UnknownHostException {
|
||||
NetworkInfo testNetworkInfo = new NetworkInfo("TestHostname",
|
||||
InetAddress.getLocalHost(), "FFFFFF".getBytes(StandardCharsets.UTF_8));
|
||||
OSInfo osInfo = new OSInfo();
|
||||
FirmwareInfo firmwareInfo = new FirmwareInfo();
|
||||
HardwareInfo hardwareInfo = new HardwareInfo();
|
||||
TPMInfo tpmInfo = new TPMInfo();
|
||||
return new DeviceInfoReport(testNetworkInfo, osInfo, firmwareInfo, hardwareInfo, tpmInfo);
|
||||
}
|
||||
|
||||
private Device getTestDevice(final String testDeviceName) {
|
||||
Device testDevice = new Device(testDeviceName);
|
||||
testDevice.setSupplyChainStatus(AppraisalStatus.Status.PASS);
|
||||
testDevice.setLastReportTimestamp(new Timestamp(System.currentTimeMillis()));
|
||||
try {
|
||||
testDevice.setDeviceInfo(getTestDeviceInfoReport());
|
||||
} catch (UnknownHostException uhe) {
|
||||
Assert.fail("Failed to Create Test DeviceInfoReport");
|
||||
}
|
||||
testDevice.setDeviceGroup(new DeviceGroup("Default Device Group"));
|
||||
return testDevice;
|
||||
}
|
||||
|
||||
private int countExactSubstringOccurrences(final String testString, final String substring) {
|
||||
Pattern p = Pattern.compile("\\b" + substring + "\\b");
|
||||
Matcher m = p.matcher(testString);
|
||||
int count = 0;
|
||||
while (m.find()) {
|
||||
count++;
|
||||
}
|
||||
return count;
|
||||
}
|
||||
|
||||
private void assertDeviceSerializedCorrectly(final Device testDevice) {
|
||||
List<Device> testDevices = new ArrayList<>();
|
||||
testDevices.add(testDevice);
|
||||
assertDevicesSerializedCorrectly(testDevices);
|
||||
}
|
||||
|
||||
private void assertDevicesSerializedCorrectly(final List<Device> testDevices) {
|
||||
String serializedDevices = null;
|
||||
try {
|
||||
serializedDevices = new ObjectMapper().writeValueAsString(testDevices);
|
||||
} catch (JsonProcessingException jpe) {
|
||||
Assert.fail("Failed to successfully serialize the Test Devices");
|
||||
}
|
||||
int numSerializedDeviceGroups = testDevices.size();
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"id") - (numSerializedDeviceGroups * COUNT_OF_ID_FIELD_OUTSIDE_DEVICE_GROUP)
|
||||
== numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"createTime")
|
||||
- (numSerializedDeviceGroups * COUNT_OF_CREATION_DATE_FIELD_OUTSIDE_DEVICE_GROUP)
|
||||
== numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"archivedTime") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"archivedDescription") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"name")
|
||||
- (numSerializedDeviceGroups * COUNT_OF_NAME_FIELD_OUTSIDE_DEVICE_GROUP)
|
||||
== numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"description") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"periodicReportDelayThreshold") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"enablePeriodicReportDelayAlert") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"onDemandReportDelayThreshold") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"enableOnDemandReportDelayAlert") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"waitForAppraisalCompletionEnabled") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"scheduledJobInfo") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"numberOfDevices") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"numberOfTrustedDevices") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"healthStatus")
|
||||
- (numSerializedDeviceGroups * COUNT_OF_HEALTH_STATUS_FIELD_OUTSIDE_DEVICE_GROUP)
|
||||
== numSerializedDeviceGroups);
|
||||
Assert.assertTrue(countExactSubstringOccurrences(serializedDevices,
|
||||
"archived") == numSerializedDeviceGroups);
|
||||
Assert.assertTrue(!serializedDevices.contains("devices"));
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,6 +1,6 @@
|
||||
package hirs.appraiser;
|
||||
|
||||
import hirs.data.persist.Policy;
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
|
||||
@ -9,6 +9,7 @@ import hirs.appraiser.TPMAppraiser;
|
||||
|
||||
import java.util.HashSet;
|
||||
|
||||
import hirs.data.persist.policy.HIRSPolicy;
|
||||
import org.apache.logging.log4j.Logger;
|
||||
import org.hibernate.Session;
|
||||
import org.testng.Assert;
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package hirs.data.persist;
|
||||
|
||||
import hirs.data.persist.policy.PCRPolicy;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package hirs.data.persist;
|
||||
|
||||
import hirs.data.persist.policy.Policy;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package hirs.data.persist;
|
||||
|
||||
import hirs.data.persist.policy.SupplyChainPolicy;
|
||||
import org.hibernate.Session;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
package hirs.data.persist;
|
||||
|
||||
import hirs.data.persist.policy.Policy;
|
||||
|
||||
import javax.persistence.Entity;
|
||||
|
||||
/**
|
||||
|
||||
@ -1,5 +1,7 @@
|
||||
package hirs.data.persist;
|
||||
|
||||
import hirs.data.persist.policy.Policy;
|
||||
|
||||
import javax.persistence.Entity;
|
||||
|
||||
/**
|
||||
|
||||
@ -1,14 +1,12 @@
|
||||
package hirs.data.service;
|
||||
|
||||
import hirs.data.persist.Device;
|
||||
import hirs.data.persist.DeviceGroup;
|
||||
import hirs.data.persist.DeviceInfoReport;
|
||||
import hirs.data.persist.info.FirmwareInfo;
|
||||
import hirs.data.persist.info.HardwareInfo;
|
||||
import hirs.data.persist.info.NetworkInfo;
|
||||
import hirs.data.persist.info.OSInfo;
|
||||
import hirs.data.persist.info.TPMInfo;
|
||||
import hirs.persist.DeviceGroupManager;
|
||||
import hirs.persist.DeviceManager;
|
||||
|
||||
import org.testng.annotations.Test;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user