2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.openecomp.sdc.be.distribution.servlet;
22 import com.jcabi.aspects.Loggable;
23 import fj.data.Either;
24 import io.swagger.v3.oas.annotations.Operation;
25 import io.swagger.v3.oas.annotations.Parameter;
26 import io.swagger.v3.oas.annotations.Parameters;
27 import io.swagger.v3.oas.annotations.media.ArraySchema;
28 import io.swagger.v3.oas.annotations.media.Content;
29 import io.swagger.v3.oas.annotations.media.Schema;
30 import io.swagger.v3.oas.annotations.responses.ApiResponse;
31 import io.swagger.v3.oas.annotations.servers.Server;
32 import io.swagger.v3.oas.annotations.servers.Servers;
33 import io.swagger.v3.oas.annotations.tags.Tag;
34 import io.swagger.v3.oas.annotations.tags.Tags;
35 import javax.inject.Inject;
36 import javax.servlet.http.HttpServletRequest;
37 import javax.ws.rs.Consumes;
38 import javax.ws.rs.GET;
39 import javax.ws.rs.HeaderParam;
40 import javax.ws.rs.POST;
41 import javax.ws.rs.Path;
42 import javax.ws.rs.Produces;
43 import javax.ws.rs.core.Context;
44 import javax.ws.rs.core.MediaType;
45 import javax.ws.rs.core.Response;
46 import org.openecomp.sdc.be.components.impl.aaf.AafPermission;
47 import org.openecomp.sdc.be.components.impl.aaf.PermissionAllowed;
48 import org.openecomp.sdc.be.config.BeEcompErrorManager;
49 import org.openecomp.sdc.be.dao.api.ActionStatus;
50 import org.openecomp.sdc.be.distribution.AuditHandler;
51 import org.openecomp.sdc.be.distribution.DistributionBusinessLogic;
52 import org.openecomp.sdc.be.distribution.api.client.RegistrationRequest;
53 import org.openecomp.sdc.be.distribution.api.client.ServerListResponse;
54 import org.openecomp.sdc.be.distribution.api.client.TopicRegistrationResponse;
55 import org.openecomp.sdc.be.distribution.api.client.TopicUnregistrationResponse;
56 import org.openecomp.sdc.be.impl.ComponentsUtils;
57 import org.openecomp.sdc.be.model.operations.api.StorageOperationStatus;
58 import org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum;
59 import org.openecomp.sdc.be.servlets.BeGenericServlet;
60 import org.openecomp.sdc.be.user.UserBusinessLogic;
61 import org.openecomp.sdc.common.api.ArtifactTypeEnum;
62 import org.openecomp.sdc.common.api.Constants;
63 import org.openecomp.sdc.common.datastructure.Wrapper;
64 import org.openecomp.sdc.common.log.wrappers.Logger;
65 import org.openecomp.sdc.common.util.HttpUtil;
66 import org.openecomp.sdc.exception.ResponseFormat;
67 import org.springframework.stereotype.Controller;
70 * This Servlet serves external users for distribution purposes.
74 @Loggable(prepend = true, value = Loggable.DEBUG, trim = false)
76 @Tags({@Tag(name = "SDCE-6 APIs")})
77 @Servers({@Server(url = "/sdc")})
79 public class DistributionServlet extends BeGenericServlet {
81 private static final String START_HANDLE_REQUEST_OF = "Start handle request of {}";
82 private static final Logger log = Logger.getLogger(DistributionServlet.class);
83 private final DistributionBusinessLogic distributionLogic;
85 private HttpServletRequest request;
88 public DistributionServlet(UserBusinessLogic userBusinessLogic, ComponentsUtils componentsUtils, DistributionBusinessLogic distributionLogic) {
89 super(userBusinessLogic, componentsUtils);
90 this.distributionLogic = distributionLogic;
97 * @param authorization
101 @Path("/distributionUebCluster")
102 @Consumes(MediaType.APPLICATION_JSON)
103 @Produces(MediaType.APPLICATION_JSON)
104 @Operation(description = "UEB Server List", method = "GET", summary = "return the available UEB Server List", responses = {
105 @ApiResponse(responseCode = "200", description = "ECOMP component is authenticated and list of Cambria API server’s FQDNs is returned", content = @Content(array = @ArraySchema(schema = @Schema(implementation = ServerListResponse.class)))),
106 @ApiResponse(responseCode = "400", description = "Missing 'X-ECOMP-InstanceID' HTTP header - POL5001"),
107 @ApiResponse(responseCode = "401", description = "ECOMP component should authenticate itself and to re-send again HTTP request with its credentials for Basic Authentication - POL5002"),
108 @ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"),
109 @ApiResponse(responseCode = "405", description = "Method Not Allowed: Invalid HTTP method type used ( PUT,DELETE,POST will be rejected) - POL4050"),
110 @ApiResponse(responseCode = "500", description = "The GET request failed either due to internal SDC problem or Cambria Service failure. ECOMP Component should continue the attempts to get the needed information - POL5000")})
111 //TODO Tal G fix response headers
113 /*responseHeaders = {
114 @ResponseHeader(name = Constants.CONTENT_TYPE_HEADER, description = "Determines the format of the response body", response = String.class),
115 @ResponseHeader(name = "Content-Length", description = "Length of the response body", response = String.class)})*/
116 @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
117 public Response getUebServerList(
118 @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
119 @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId,
120 @Parameter(description = "Determines the format of the body of the response", required = false) @HeaderParam(value = Constants.ACCEPT_HEADER) String accept,
121 @Parameter(description = "The username and password", required = true) @HeaderParam(value = Constants.AUTHORIZATION_HEADER) String authorization) {
122 String url = request.getMethod() + " " + request.getRequestURI();
123 log.debug(START_HANDLE_REQUEST_OF, url);
124 Response response = null;
125 ResponseFormat responseFormat = null;
126 if (instanceId == null) {
127 responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.MISSING_X_ECOMP_INSTANCE_ID);
128 response = buildErrorResponse(responseFormat);
129 getComponentsUtils().auditGetUebCluster(null, responseFormat.getStatus().toString(), responseFormat.getFormattedMessage());
133 Either<ServerListResponse, ResponseFormat> actionResponse = distributionLogic.getUebServerList();
134 if (actionResponse.isRight()) {
135 responseFormat = actionResponse.right().value();
136 response = buildErrorResponse(responseFormat);
138 responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.OK);
139 response = buildOkResponse(responseFormat, actionResponse.left().value());
141 getComponentsUtils().auditGetUebCluster(instanceId, responseFormat.getStatus().toString(), responseFormat.getFormattedMessage());
143 } catch (Exception e) {
144 BeEcompErrorManager.getInstance().logBeRestApiGeneralError("failed to get ueb serbver list from cofiguration");
145 log.debug("failed to get ueb serbver list from cofiguration", e);
146 responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR);
147 getComponentsUtils().auditGetUebCluster(instanceId, responseFormat.getStatus().toString(), responseFormat.getFormattedMessage());
148 return buildErrorResponse(responseFormat);
157 * @param contenLength
158 * @param authorization
163 @Path("/registerForDistribution")
164 @Consumes(MediaType.APPLICATION_JSON)
165 @Produces(MediaType.APPLICATION_JSON)
166 @Operation(parameters = {
167 @Parameter(name = "requestJson", required = true, schema = @Schema(implementation = org.openecomp.sdc.be.distribution.api.client.RegistrationRequest.class))}, description = "Subscription status", method = "POST", summary = "Subscribes for distribution notifications", responses = {
168 @ApiResponse(responseCode = "200", description = "ECOMP component is successfully registered for distribution", content = @Content(array = @ArraySchema(schema = @Schema(implementation = TopicRegistrationResponse.class)))),
169 @ApiResponse(responseCode = "400", description = "Missing 'X-ECOMP-InstanceID' HTTP header - POL5001"),
170 @ApiResponse(responseCode = "400", description = "Missing Body - POL4500"),
171 @ApiResponse(responseCode = "400", description = "Invalid Body : missing mandatory parameter 'apiPublicKey' - POL4501"),
172 @ApiResponse(responseCode = "400", description = "Invalid Body : missing mandatory parameter 'distrEnvName' - POL4502"),
173 @ApiResponse(responseCode = "400", description = "Invalid Body : Specified 'distrEnvName' doesn’t exist - POL4137"),
174 @ApiResponse(responseCode = "401", description = "ECOMP component should authenticate itself and to re-send again HTTP request with its Basic Authentication credentials - POL5002"),
175 @ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"),
176 @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used to register for distribution ( PUT,DELETE,GET will be rejected) - POL4050"),
177 @ApiResponse(responseCode = "500", description = "The registration failed due to internal SDC problem or Cambria Service failure ECOMP Component should continue the attempts to register for distribution - POL5000")})
178 @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
179 public Response registerForDistribution(
180 @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
181 @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId,
182 @Parameter(description = "Determines the format of the body of the response", required = false) @HeaderParam(value = Constants.ACCEPT_HEADER) String accept,
183 @Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType,
184 @Parameter(description = "Length of the request body", required = true) @HeaderParam(value = Constants.CONTENT_LENGTH_HEADER) String contenLength,
185 @Parameter(description = "The username and password", required = true) @HeaderParam(value = Constants.AUTHORIZATION_HEADER) String authorization,
186 @Parameter(hidden = true) String requestJson) {
187 String url = request.getMethod() + " " + request.getRequestURI();
188 log.debug(START_HANDLE_REQUEST_OF, url);
189 Wrapper<Response> responseWrapper = new Wrapper<>();
190 Wrapper<RegistrationRequest> registrationRequestWrapper = new Wrapper<>();
191 validateHeaders(responseWrapper, request, AuditingActionEnum.ADD_KEY_TO_TOPIC_ACL);
192 if (responseWrapper.isEmpty()) {
193 validateJson(responseWrapper, registrationRequestWrapper, requestJson);
195 if (responseWrapper.isEmpty()) {
196 validateEnv(responseWrapper);
198 if (responseWrapper.isEmpty()) {
199 distributionLogic.handleRegistration(responseWrapper, registrationRequestWrapper.getInnerElement(),
200 buildAuditHandler(request, registrationRequestWrapper.getInnerElement()));
202 BeEcompErrorManager.getInstance()
203 .logBeDistributionEngineSystemError(DistributionBusinessLogic.REGISTER_IN_DISTRIBUTION_ENGINE, "registration validation failed");
205 return responseWrapper.getInnerElement();
209 * Returns list of valid artifact types for validation done in the distribution client.<br> The list is the representation of the values of the
210 * enum ArtifactTypeEnum.
213 @Path("/artifactTypes")
214 @Consumes(MediaType.APPLICATION_JSON)
215 @Produces(MediaType.APPLICATION_JSON)
216 @Operation(description = "Artifact types list", method = "GET", summary = "Fetches available artifact types list", responses = {
217 @ApiResponse(responseCode = "200", description = "Artifact types list fetched successfully", content = @Content(array = @ArraySchema(schema = @Schema(implementation = String.class)))),
218 @ApiResponse(responseCode = "400", description = "Missing 'X-ECOMP-InstanceID' HTTP header - POL5001"),
219 @ApiResponse(responseCode = "401", description = "ECOMP component should authenticate itself and to re-send again HTTP request with its Basic Authentication credentials - POL5002"),
220 @ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"),
221 @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used to register for distribution ( POST,PUT,DELETE will be rejected) - POL4050"),
222 @ApiResponse(responseCode = "500", description = "The registration failed due to internal SDC problem or Cambria Service failure ECOMP Component should continue the attempts to register for distribution - POL5000")})
223 @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
224 public Response getValidArtifactTypes(
225 @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
226 @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId,
227 @Parameter(description = "The username and password", required = true) @HeaderParam(value = Constants.AUTHORIZATION_HEADER) String authorization,
228 @Parameter(description = "The username and password", required = true) @HeaderParam(value = Constants.ACCEPT_HEADER) String accept) {
229 String url = request.getMethod() + " " + request.getRequestURI();
230 log.debug(START_HANDLE_REQUEST_OF, url);
231 Wrapper<Response> responseWrapper = new Wrapper<>();
232 //TODO check if in use
233 validateHeaders(responseWrapper, request, AuditingActionEnum.GET_VALID_ARTIFACT_TYPES);
234 if (responseWrapper.isEmpty()) {
235 return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), ArtifactTypeEnum.values());
237 return responseWrapper.getInnerElement();
242 * Removes from subscription for distribution notifications
248 * @param contenLength
249 * @param authorization
254 @Path("/unRegisterForDistribution")
255 @Consumes(MediaType.APPLICATION_JSON)
256 @Produces(MediaType.APPLICATION_JSON)
257 @Operation(parameters = @Parameter(name = "requestJson", required = true), description = "Subscription status", method = "POST", summary = "Removes from subscription for distribution notifications", responses = {
258 @ApiResponse(responseCode = "204", description = "ECOMP component is successfully unregistered", content = @Content(array = @ArraySchema(schema = @Schema(implementation = TopicUnregistrationResponse.class)))),
259 @ApiResponse(responseCode = "400", description = "Missing 'X-ECOMP-InstanceID' HTTP header - POL5001"),
260 @ApiResponse(responseCode = "400", description = "Missing Body - POL4500"),
261 @ApiResponse(responseCode = "400", description = "Invalid Body : missing mandatory parameter 'apiPublicKey' - POL4501"),
262 @ApiResponse(responseCode = "400", description = "Invalid Body : missing mandatory parameter 'distrEnvName' - SVC4506"),
263 @ApiResponse(responseCode = "400", description = "Invalid Body : Specified 'distrEnvName' doesn’t exist - POL4137"),
264 @ApiResponse(responseCode = "401", description = "ECOMP component should authenticate itself and to re-send again HTTP request with its Basic Authentication credentials - POL5002"),
265 @ApiResponse(responseCode = "403", description = "ECOMP component is not authorized - POL5003"),
266 @ApiResponse(responseCode = "405", description = "Method Not Allowed : Invalid HTTP method type used to register for distribution ( PUT,DELETE,GET will be rejected) - POL4050"),
267 @ApiResponse(responseCode = "500", description = "The registration failed due to internal SDC problem or Cambria Service failure ECOMP Component should continue the attempts to register for distribution - POL5000")})
268 //TODO Edit the responses
270 @Parameter(name = "requestJson", required = true, schema = @Schema(implementation = org.openecomp.sdc.be.distribution.api.client.RegistrationRequest.class), description = "json describe the artifact")})
271 @PermissionAllowed({AafPermission.PermNames.READ_VALUE})
272 public Response unRegisterForDistribution(
273 @Parameter(description = "X-ECOMP-RequestID header", required = false) @HeaderParam(value = Constants.X_ECOMP_REQUEST_ID_HEADER) String requestId,
274 @Parameter(description = "X-ECOMP-InstanceID header", required = true) @HeaderParam(value = Constants.X_ECOMP_INSTANCE_ID_HEADER) String instanceId,
275 @Parameter(description = "Determines the format of the body of the response", required = false) @HeaderParam(value = Constants.ACCEPT_HEADER) String accept,
276 @Parameter(description = "Determines the format of the body of the request", required = true) @HeaderParam(value = Constants.CONTENT_TYPE_HEADER) String contentType,
277 @Parameter(description = "Length of the request body", required = true) @HeaderParam(value = Constants.CONTENT_LENGTH_HEADER) String contenLength,
278 @Parameter(description = "The username and password", required = true) @HeaderParam(value = Constants.AUTHORIZATION_HEADER) String authorization,
279 @Parameter(hidden = true) String requestJson) {
280 String url = request.getMethod() + " " + request.getRequestURI();
281 log.debug(START_HANDLE_REQUEST_OF, url);
282 Wrapper<Response> responseWrapper = new Wrapper<>();
283 Wrapper<RegistrationRequest> unRegistrationRequestWrapper = new Wrapper<>();
284 validateHeaders(responseWrapper, request, AuditingActionEnum.REMOVE_KEY_FROM_TOPIC_ACL);
285 if (responseWrapper.isEmpty()) {
286 validateJson(responseWrapper, unRegistrationRequestWrapper, requestJson);
288 if (responseWrapper.isEmpty()) {
289 validateEnv(responseWrapper);
291 if (responseWrapper.isEmpty()) {
292 distributionLogic.handleUnRegistration(responseWrapper, unRegistrationRequestWrapper.getInnerElement(),
293 buildAuditHandler(request, unRegistrationRequestWrapper.getInnerElement()));
295 BeEcompErrorManager.getInstance()
296 .logBeDistributionEngineSystemError(DistributionBusinessLogic.UN_REGISTER_IN_DISTRIBUTION_ENGINE, "unregistration validation failed");
298 return responseWrapper.getInnerElement();
301 private void validateEnv(Wrapper<Response> responseWrapper) {
303 StorageOperationStatus environmentStatus = distributionLogic.getDistributionEngine().isEnvironmentAvailable();
304 if (environmentStatus != StorageOperationStatus.OK) {
305 if (environmentStatus == StorageOperationStatus.DISTR_ENVIRONMENT_NOT_FOUND) {
306 Response missingHeaderResponse = buildErrorResponse(
307 distributionLogic.getResponseFormatManager().getResponseFormat(ActionStatus.DISTRIBUTION_ENV_DOES_NOT_EXIST));
308 responseWrapper.setInnerElement(missingHeaderResponse);
310 Response missingHeaderResponse = buildErrorResponse(
311 distributionLogic.getResponseFormatManager().getResponseFormat(ActionStatus.GENERAL_ERROR));
312 responseWrapper.setInnerElement(missingHeaderResponse);
317 private void validateHeaders(Wrapper<Response> responseWrapper, HttpServletRequest request, AuditingActionEnum auditingAction) {
318 if (request.getHeader(Constants.X_ECOMP_INSTANCE_ID_HEADER) == null) {
319 Response missingHeaderResponse = buildErrorResponse(
320 distributionLogic.getResponseFormatManager().getResponseFormat(ActionStatus.MISSING_X_ECOMP_INSTANCE_ID));
321 responseWrapper.setInnerElement(missingHeaderResponse);
322 ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.MISSING_X_ECOMP_INSTANCE_ID);
323 getComponentsUtils().auditMissingInstanceIdAsDistributionEngineEvent(auditingAction, responseFormat.getStatus().toString());
327 private void validateJson(Wrapper<Response> responseWrapper, Wrapper<RegistrationRequest> registrationRequestWrapper, String requestJson) {
328 if (requestJson == null || requestJson.isEmpty()) {
329 Response missingBodyResponse = buildErrorResponse(
330 distributionLogic.getResponseFormatManager().getResponseFormat(ActionStatus.MISSING_BODY));
331 responseWrapper.setInnerElement(missingBodyResponse);
333 Either<RegistrationRequest, Exception> eitherRegistration = HttpUtil.convertJsonStringToObject(requestJson, RegistrationRequest.class);
334 if (eitherRegistration.isLeft()) {
335 RegistrationRequest registrationRequest = eitherRegistration.left().value();
336 if (registrationRequest.getApiPublicKey() == null) {
337 Response missingBodyResponse = buildErrorResponse(
338 distributionLogic.getResponseFormatManager().getResponseFormat(ActionStatus.MISSING_PUBLIC_KEY));
339 responseWrapper.setInnerElement(missingBodyResponse);
340 } else if (registrationRequest.getDistrEnvName() == null) {
341 Response missingBodyResponse = buildErrorResponse(
342 distributionLogic.getResponseFormatManager().getResponseFormat(ActionStatus.MISSING_ENV_NAME));
343 responseWrapper.setInnerElement(missingBodyResponse);
345 registrationRequestWrapper.setInnerElement(registrationRequest);
348 Response missingBodyResponse = buildErrorResponse(
349 distributionLogic.getResponseFormatManager().getResponseFormat(ActionStatus.MISSING_BODY));
350 responseWrapper.setInnerElement(missingBodyResponse);
355 private AuditHandler buildAuditHandler(HttpServletRequest request, RegistrationRequest registrationRequest) {
356 return new AuditHandler(getComponentsUtils(), request.getHeader(Constants.X_ECOMP_INSTANCE_ID_HEADER), registrationRequest);