POLICY-3263 - Getting issue details... STATUS
Related Jiras: POLICY-2112 - Getting issue details... STATUS POLICY-3170 - Getting issue details... STATUS POLICY-3187 - Getting issue details... STATUS POLICY-3188 - Getting issue details... STATUS
Description: As part of the work in POLICY-2112 - it was decided that PAP would be enhanced to send two additional lists of delta policies (policesToBeDeployed & policiesToBeUndeployed) to the PDPs. Sending these lists of delta policies, eliminates the need for the PDPs to filter through a full list of policies sent from PAP in order to determine what policies need to be deployed or undeployed. The PAP component now does this work for the PDPs. This means that the PDPs need to be modified to handle these delta policy lists to remove the need to filter through the entire list.
As part of the work for POLICY-3170 - it was decided that APEX-PDP would send back just the policies to be deployed in the response message. This would mean a slight change in PAP to check that these deployed policies list are included in the full list of policies.
Current approach: APEX-PDP sends policies to be deployed in the response message to PAP. PAP has yet to be modified to check these policies are in the full list of policies.
Drools-PDP sends back a full list of policies as per the old approach.
XACML-PDP has yet to be modified to handle the delta policies.
Maybe below we can add some proposed solutions to this below.
Proposed approach(es):
1. Add an additional check in PAP to check that the delta policies are a subset of the full list of policies.