2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.policy.pap.xacml.rest.controller;
22 import java.io.BufferedWriter;
24 import java.io.FileWriter;
25 import java.io.IOException;
26 import java.io.ObjectOutputStream;
28 import java.util.List;
29 import java.util.UUID;
31 import javax.persistence.EntityManager;
32 import javax.persistence.Query;
33 import javax.servlet.http.HttpServletRequest;
34 import javax.servlet.http.HttpServletResponse;
36 import org.onap.policy.common.logging.eelf.MessageCodes;
37 import org.onap.policy.common.logging.eelf.PolicyLogger;
38 import org.onap.policy.common.logging.flexlogger.FlexLogger;
39 import org.onap.policy.common.logging.flexlogger.Logger;
40 import org.onap.policy.pap.xacml.rest.XACMLPapServlet;
41 import org.onap.policy.rest.dao.CommonClassDao;
42 import org.onap.policy.rest.jpa.PolicyEntity;
43 import org.onap.policy.rest.jpa.PolicyVersion;
44 import org.onap.policy.xacml.std.pap.StdPDPGroup;
45 import org.onap.policy.xacml.std.pap.StdPDPPolicy;
46 import org.springframework.beans.factory.annotation.Autowired;
47 import org.springframework.stereotype.Controller;
48 import org.springframework.web.bind.annotation.RequestMapping;
49 import org.springframework.web.bind.annotation.RequestMethod;
51 import com.att.research.xacml.api.pap.PAPException;
52 import com.fasterxml.jackson.databind.DeserializationFeature;
53 import com.fasterxml.jackson.databind.JsonNode;
54 import com.fasterxml.jackson.databind.ObjectMapper;
57 public class PushPolicyController {
58 private static final Logger LOGGER = FlexLogger.getLogger(PushPolicyController.class);
60 private static CommonClassDao commonClassDao;
61 private static String policyNames = "policyName";
62 private static String errorMsg = "error";
63 private static String operation = "operation";
64 private static String messageContent = "message";
66 public PushPolicyController(CommonClassDao commonClassDao){
67 PushPolicyController.commonClassDao = commonClassDao;
70 public void setCommonClassDao(CommonClassDao commonClassDao){
71 PushPolicyController.commonClassDao = commonClassDao;
74 * This is an empty constructor
76 public PushPolicyController(){}
78 @RequestMapping(value="/pushPolicy", method=RequestMethod.POST)
79 public void pushPolicy(HttpServletRequest request, HttpServletResponse response){
80 ObjectMapper mapper = new ObjectMapper();
81 mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
83 JsonNode root = mapper.readTree(request.getInputStream());
84 String policyScope = root.get("policyScope").asText();
85 String filePrefix = root.get("filePrefix").asText();
86 String policyName = root.get(policyNames).asText();
87 String pdpGroup = root.get("pdpGroup").asText();
88 String requestID = request.getHeader("X-ECOMP-RequestID");
90 requestID = UUID.randomUUID().toString();
91 LOGGER.info("No request ID provided, sending generated ID: " + requestID);
93 LOGGER.info("Push policy Request to get the selectedPolicy : " + root.asText());
94 String policyVersionName = policyScope.replace(".", File.separator) + File.separator
95 + filePrefix + policyName;
96 List<?> policyVersionObject = commonClassDao.getDataById(PolicyVersion.class, policyNames, policyVersionName);
97 if(policyVersionObject!=null){
98 PolicyVersion policyVersion = (PolicyVersion) policyVersionObject.get(0);
99 String policyID = policyVersionName.replace(File.separator, "."); // This is before adding version.
100 policyVersionName += "." + policyVersion.getActiveVersion() + ".xml";
101 addPolicyToGroup(policyScope, policyID, policyVersionName.replace(File.separator, "."), pdpGroup, response);
103 String message = "Unknown Policy '" + policyName + "'";
104 PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + " " + message);
105 response.addHeader(errorMsg, "unknownPolicy");
106 response.addHeader(operation, "push");
107 response.addHeader(messageContent, message);
108 response.setStatus(HttpServletResponse.SC_NOT_FOUND);
111 } catch (NullPointerException | IOException e) {
113 response.setStatus(HttpServletResponse.SC_NOT_FOUND);
114 response.addHeader(errorMsg, "unknown");
115 response.addHeader(operation, "push");
120 private void addPolicyToGroup(String policyScope, String policyID, String policyName, String pdpGroup, HttpServletResponse response) {
121 StdPDPGroup selectedPDPGroup = null;
122 StdPDPPolicy selectedPolicy = null;
123 //Get the selected PDP Group to push the policy
125 selectedPDPGroup = (StdPDPGroup) XACMLPapServlet.getPAPEngine().getGroup(pdpGroup);
126 } catch (PAPException e1) {
127 PolicyLogger.error(e1);
129 if(selectedPDPGroup==null){
130 String message = "Unknown groupId '" + selectedPDPGroup + "'";
131 PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + " " + message);
132 response.addHeader(errorMsg, "unknownGroupId");
133 response.addHeader(operation, "push");
134 //for fixing Header Manipulation of Fortify issue
135 message = message.replace("\n", "");
136 message = message.replace("\r", "");
137 response.addHeader(messageContent, message);
138 response.setStatus(HttpServletResponse.SC_NOT_FOUND);
141 //Get PolicyEntity from DB;
142 EntityManager em = XACMLPapServlet.getEmf().createEntityManager();
143 Query createPolicyQuery = em.createQuery("SELECT p FROM PolicyEntity p WHERE p.scope=:scope AND p.policyName=:policyName");
144 createPolicyQuery.setParameter("scope", policyScope);
145 createPolicyQuery.setParameter(policyNames, policyName.substring(policyScope.length()+1));
146 List<?> createPolicyQueryList = createPolicyQuery.getResultList();
147 PolicyEntity policyEntity = null;
148 if(!createPolicyQueryList.isEmpty()){
149 policyEntity = (PolicyEntity)createPolicyQueryList.get(0);
151 PolicyLogger.error("Somehow, more than one policy with the same scope, name, and deleted status were found in the database");
152 String message = "Unknown Policy '" + policyName + "'";
153 PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + " " + message);
154 response.addHeader(errorMsg, "unknownPolicy");
155 response.addHeader(operation, "push");
156 response.addHeader(messageContent, message);
157 response.setStatus(HttpServletResponse.SC_NOT_FOUND);
160 File temp = new File(policyName);
162 BufferedWriter bw = new BufferedWriter(new FileWriter(temp));
163 bw.write(policyEntity.getPolicyData());
165 URI selectedURI = temp.toURI();
166 // Create the policy Object
167 selectedPolicy = new StdPDPPolicy(policyName, true, policyID, selectedURI);
168 } catch (IOException e) {
169 LOGGER.error("Unable to get policy '" + policyName + "': "+ e.getMessage(),e);
172 new ObjectOutputStream(response.getOutputStream()).writeObject(selectedPolicy);
173 } catch (IOException e) {
175 response.addHeader(errorMsg, "policyCopyError");
176 response.addHeader(messageContent, e.getMessage());
177 response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
180 response.addHeader("Content-Type","application/json");
181 response.setStatus(HttpServletResponse.SC_ACCEPTED);
182 response.addHeader(operation, "push");
183 response.addHeader("policyId", policyName);
185 // TODO : Check point to push policies within PAP.