ignore plugins in bootstrapping (#208)

joshua-roberts · web-flow · commit 9ac1797571fd · 2025-10-01T10:31:14.000-04:00
diff --git a/src/main/java/gov/nist/csd/pm/core/pap/PAP.java b/src/main/java/gov/nist/csd/pm/core/pap/PAP.java
@@ -220,12 +220,19 @@ private boolean isPolicyEmpty() throws PMException {
         boolean obligationsEmpty = query().obligations().getObligations().isEmpty();
         boolean resOpsEmpty = query().operations().getResourceOperations().isEmpty();
 
-        boolean adminOpsEmpty =  query().operations().getAdminOperationNames().isEmpty();
-        boolean routinesEmpty = query().routines().getAdminRoutineNames().isEmpty();
-
         // ignore admin nodes
         nodes.removeIf(n -> AdminPolicyNode.isAdminPolicyNode(n.getId()));
 
+        // ignore plugin registry ops and routines
+        Collection<String> adminOperationNames = query().operations().getAdminOperationNames();
+        Collection<String> adminRoutineNames = query().routines().getAdminRoutineNames();
+
+        adminOperationNames.removeAll(pluginRegistry.getOperationNames());
+        adminRoutineNames.removeAll(pluginRegistry.getRoutineNames());
+
+        boolean adminOpsEmpty = adminOperationNames.isEmpty();
+        boolean routinesEmpty = adminRoutineNames.isEmpty();
+
         return nodes.isEmpty()
             && prohibitionsEmpty
             && obligationsEmpty
diff --git a/src/main/java/gov/nist/csd/pm/core/pdp/bootstrap/PMLBootstrapper.java b/src/main/java/gov/nist/csd/pm/core/pdp/bootstrap/PMLBootstrapper.java
@@ -2,6 +2,7 @@
 
 import gov.nist.csd.pm.core.common.exception.PMException;
 import gov.nist.csd.pm.core.pap.PAP;
+import gov.nist.csd.pm.core.pap.function.PluginRegistry;
 import gov.nist.csd.pm.core.pap.function.op.Operation;
 import gov.nist.csd.pm.core.pap.function.routine.Routine;
 
@@ -11,35 +12,16 @@
 
 public class PMLBootstrapper extends PolicyBootstrapper {
 
-    private List<Operation<?, ?>> operations;
-    private List<Routine<?, ?>> routines;
     private final String bootstrapUser;
     private final String pml;
 
-    public PMLBootstrapper(List<Operation<?, ?>> operations, List<Routine<?, ?>> routines, String bootstrapUser, String pml) {
-        this.operations = operations;
-        this.routines = routines;
-        this.bootstrapUser = bootstrapUser;
-        this.pml = pml;
-    }
-
     public PMLBootstrapper(String bootstrapUser, String pml) {
-        this.operations = new ArrayList<>();
-        this.routines = new ArrayList<>();
         this.bootstrapUser = bootstrapUser;
         this.pml = pml;
     }
 
     @Override
     public void bootstrap(PAP pap) throws PMException {
-        for (Operation<?, ?> op : operations) {
-            pap.plugins().registerOperation(op);
-        }
-
-        for (Routine<?, ?> r : routines) {
-            pap.plugins().registerRoutine(r);
-        }
-
         pap.runTx(tx -> {
             // create bootstrap policy and user
             long pc = tx.modify().graph().createPolicyClass("bootstrap");
diff --git a/src/test/java/gov/nist/csd/pm/core/pap/PAPTest.java b/src/test/java/gov/nist/csd/pm/core/pap/PAPTest.java
@@ -6,13 +6,15 @@
 import gov.nist.csd.pm.core.common.graph.node.NodeType;
 import gov.nist.csd.pm.core.common.graph.relationship.AccessRightSet;
 import gov.nist.csd.pm.core.common.graph.relationship.Association;
+import gov.nist.csd.pm.core.pap.function.PluginRegistry;
 import gov.nist.csd.pm.core.pap.function.arg.FormalParameter;
 import gov.nist.csd.pm.core.pap.function.arg.Args;
 import gov.nist.csd.pm.core.pap.function.op.Operation;
 import gov.nist.csd.pm.core.impl.memory.pap.MemoryPAP;
 import gov.nist.csd.pm.core.pap.admin.AdminPolicyNode;
 import gov.nist.csd.pm.core.pap.function.routine.Routine;
 import gov.nist.csd.pm.core.pap.query.model.context.UserContext;
+import gov.nist.csd.pm.core.pdp.bootstrap.PMLBootstrapper;
 import gov.nist.csd.pm.core.pdp.bootstrap.PolicyBootstrapper;
 import gov.nist.csd.pm.core.util.SamplePolicy;
 import gov.nist.csd.pm.core.util.TestPAP;
@@ -81,7 +83,7 @@ void testTx() throws PMException {
         assertTrue(pap.query().graph().nodeExists("pc1"));
         assertTrue(pap.query().graph().nodeExists("oa1"));
         assertTrue(pap.query().graph().nodeExists("ua1"));
-	    assertEquals(pap.query().graph().getAssociationsWithSource(id("ua1")).iterator().next(), new Association(id("ua1"), id("oa1"), new AccessRightSet()));
+        assertEquals(pap.query().graph().getAssociationsWithSource(id("ua1")).iterator().next(), new Association(id("ua1"), id("oa1"), new AccessRightSet()));
 
         pap.beginTx();
         pap.modify().graph().deleteNode(id("ua1"));
@@ -120,12 +122,12 @@ public static void testAdminPolicy(PAP pap) throws PMException {
         assertTrue(pap.query().graph().nodeExists(AdminPolicyNode.PM_ADMIN_PC.nodeId()));
         Collection<Long> ascendants = pap.query().graph().getAdjacentAscendants(AdminPolicyNode.PM_ADMIN_PC.nodeId());
         assertEquals(1, ascendants.size());
-	    assertEquals(ascendants.iterator().next(), (AdminPolicyNode.PM_ADMIN_BASE_OA.nodeId()));
+        assertEquals(ascendants.iterator().next(), (AdminPolicyNode.PM_ADMIN_BASE_OA.nodeId()));
 
         assertTrue(pap.query().graph().nodeExists(AdminPolicyNode.PM_ADMIN_BASE_OA.nodeId()));
         Collection<Long> descendants = pap.query().graph().getAdjacentDescendants(AdminPolicyNode.PM_ADMIN_BASE_OA.nodeId());
         assertEquals(1, descendants.size());
-	    assertEquals(descendants.iterator().next(), (AdminPolicyNode.PM_ADMIN_PC.nodeId()));
+        assertEquals(descendants.iterator().next(), (AdminPolicyNode.PM_ADMIN_PC.nodeId()));
     }
 
     @Test
@@ -209,4 +211,30 @@ protected Args prepareArgs(Map<FormalParameter<?>, Object> argsMap) {
         assertTrue(pap.plugins().getOperationNames().contains("op1"));
         assertTrue(pap.plugins().getRoutineNames().contains("routine1"));
     }
+
+    @Test
+    void testBootstrapDoesNotThrowExceptionWhenPluginRegistryHasPlugins() throws PMException {
+        pap.plugins().registerOperation(new Operation<>("op1", List.of()) {
+            @Override
+            public Object execute(PAP pap, Args args) throws PMException {
+                return null;
+            }
+
+            @Override
+            protected Args prepareArgs(Map<FormalParameter<?>, Object> argsMap) {
+                return null;
+            }
+
+            @Override
+            public void canExecute(PAP pap, UserContext userCtx, Args args) throws PMException {
+
+            }
+        });
+
+        assertDoesNotThrow(() -> pap.bootstrap(new PMLBootstrapper("u1", """
+            create pc "pc1"
+            create ua "ua1" in ["pc1"]
+            assign "u1" to ["ua1"]
+            """)));
+    }
 }
diff --git a/src/test/java/gov/nist/csd/pm/core/pap/pml/pattern/subject/SubjectPatternTest.java b/src/test/java/gov/nist/csd/pm/core/pap/pml/pattern/subject/SubjectPatternTest.java
@@ -167,7 +167,7 @@ void testInPatternWhenUserDoesNotMatch() throws PMException {
                 }
                 """;
         MemoryPAP memoryPAP = new MemoryPAP();
-        memoryPAP.bootstrap(new PMLBootstrapper(List.of(), List.of(), "u2", pml));
+        memoryPAP.bootstrap(new PMLBootstrapper("u2", pml));
 
         PDP pdp = new PDP(memoryPAP);
         EPP epp = new EPP(pdp, memoryPAP);
diff --git a/src/test/java/gov/nist/csd/pm/core/pdp/PMLBootstrapperTest.java b/src/test/java/gov/nist/csd/pm/core/pdp/PMLBootstrapperTest.java
@@ -74,7 +74,10 @@ protected Args prepareArgs(Map<FormalParameter<?>, Object> argsMap) {
             }
         };
 
-        pdp.bootstrap(new PMLBootstrapper(List.of(op1), List.of(routine1), "u1", input));
+        pap.plugins().registerOperation(op1);
+        pap.plugins().registerRoutine(routine1);
+
+        pdp.bootstrap(new PMLBootstrapper("u1", input));
 
         assertTrue(pap.query().graph().nodeExists("pc1"));
         assertTrue(pap.query().graph().nodeExists("op1"));
@@ -90,7 +93,7 @@ void testBootstrapThrowsExceptionWhenUserNotAssigned() throws PMException {
         PDP pdp = new PDP(pap);
 
         assertThrows(DisconnectedNodeException.class, () -> pdp.bootstrap(new PMLBootstrapper(
-            List.of(), List.of(), "u1", "create pc \"pc1\""
+            "u1", "create pc \"pc1\""
         )));
     }
 

Original file line number	Diff line number	Diff line change
`@@ -167,7 +167,7 @@ void testInPatternWhenUserDoesNotMatch() throws PMException {`
`167`	`167`	`}`
`168`	`168`	`""";`
`169`	`169`	`MemoryPAP memoryPAP = new MemoryPAP();`
`170`		`- memoryPAP.bootstrap(new PMLBootstrapper(List.of(), List.of(), "u2", pml));`
	`170`	`+ memoryPAP.bootstrap(new PMLBootstrapper("u2", pml));`
`171`	`171`
`172`	`172`	`PDP pdp = new PDP(memoryPAP);`
`173`	`173`	`EPP epp = new EPP(pdp, memoryPAP);`