1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
25 package org.onap.dmaap.datarouter.provisioning;
27 import java.io.IOException;
28 import java.io.InvalidObjectException;
30 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpServletResponse;
33 import org.json.JSONException;
34 import org.json.JSONObject;
35 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
36 import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
37 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
38 import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs;
40 import com.att.eelf.configuration.EELFLogger;
41 import com.att.eelf.configuration.EELFManager;
43 import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
46 * This servlet handles provisioning for the <feedURL> which is generated by the provisioning
47 * server to handle a particular feed. It supports DELETE to mark the feed as deleted,
48 * and GET to retrieve information about the feed, and PUT to modify the feed.
53 @SuppressWarnings("serial")
54 public class FeedServlet extends ProxyServlet {
56 //Adding EELF Logger Rally:US664892
57 private static EELFLogger eelflogger = EELFManager.getInstance().getLogger(FeedServlet.class);
60 * Delete the Feed at the address /feed/<feednumber>.
61 * See the <i>Deleting a Feed</i> section in the <b>Provisioning API</b>
62 * document for details on how this method should be invoked.
65 public void doDelete(HttpServletRequest req, HttpServletResponse resp) {
66 setIpFqdnRequestIDandInvocationIDForEelf("doDelete", req);
67 eelflogger.info(EelfMsgs.ENTRY);
69 eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(BEHALF_HEADER),getIdFromPath(req)+"");
70 EventLogRecord elr = new EventLogRecord(req);
71 String message = isAuthorizedForProvisioning(req);
72 if (message != null) {
73 elr.setMessage(message);
74 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
75 eventlogger.info(elr);
76 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
79 if (isProxyServer()) {
80 super.doDelete(req, resp);
83 String bhdr = req.getHeader(BEHALF_HEADER);
85 message = "Missing "+BEHALF_HEADER+" header.";
86 elr.setMessage(message);
87 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
88 eventlogger.info(elr);
89 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
92 int feedid = getIdFromPath(req);
94 message = "Missing or bad feed number.";
95 elr.setMessage(message);
96 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
97 eventlogger.info(elr);
98 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
101 Feed feed = Feed.getFeedById(feedid);
102 if (feed == null || feed.isDeleted()) {
103 message = "Missing or bad feed number.";
104 elr.setMessage(message);
105 elr.setResult(HttpServletResponse.SC_NOT_FOUND);
106 eventlogger.info(elr);
107 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);
110 // Check with the Authorizer
111 AuthorizationResponse aresp = authz.decide(req);
112 if (! aresp.isAuthorized()) {
113 message = "Policy Engine disallows access.";
114 elr.setMessage(message);
115 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
116 eventlogger.info(elr);
117 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
121 // Delete FEED table entry (set DELETED flag)
122 feed.setDeleted(true);
123 if (doUpdate(feed)) {
126 elr.setResult(HttpServletResponse.SC_NO_CONTENT);
127 eventlogger.info(elr);
128 resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
129 provisioningDataChanged();
131 // Something went wrong with the UPDATE
132 elr.setResult(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
133 eventlogger.info(elr);
134 sendResponseError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, DB_PROBLEM_MSG, eventlogger);
137 eelflogger.info(EelfMsgs.EXIT);
141 * Get information on the feed at the address /feed/<feednumber>.
142 * See the <i>Retrieving Information about a Feed</i> section in the <b>Provisioning API</b>
143 * document for details on how this method should be invoked.
146 public void doGet(HttpServletRequest req, HttpServletResponse resp) {
147 setIpFqdnRequestIDandInvocationIDForEelf("doGet", req);
148 eelflogger.info(EelfMsgs.ENTRY);
150 eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(BEHALF_HEADER),getIdFromPath(req)+"");
151 EventLogRecord elr = new EventLogRecord(req);
152 String message = isAuthorizedForProvisioning(req);
153 if (message != null) {
154 elr.setMessage(message);
155 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
156 eventlogger.info(elr);
157 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
160 if (isProxyServer()) {
161 super.doGet(req, resp);
164 String bhdr = req.getHeader(BEHALF_HEADER);
166 message = "Missing "+BEHALF_HEADER+" header.";
167 elr.setMessage(message);
168 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
169 eventlogger.info(elr);
170 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
173 int feedid = getIdFromPath(req);
175 message = "Missing or bad feed number.";
176 elr.setMessage(message);
177 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
178 eventlogger.info(elr);
179 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
182 Feed feed = Feed.getFeedById(feedid);
183 if (feed == null || feed.isDeleted()) {
184 message = "Missing or bad feed number.";
185 elr.setMessage(message);
186 elr.setResult(HttpServletResponse.SC_NOT_FOUND);
187 eventlogger.info(elr);
188 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);
191 // Check with the Authorizer
192 AuthorizationResponse aresp = authz.decide(req);
193 if (! aresp.isAuthorized()) {
194 message = "Policy Engine disallows access.";
195 elr.setMessage(message);
196 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
197 eventlogger.info(elr);
198 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
203 elr.setResult(HttpServletResponse.SC_OK);
204 eventlogger.info(elr);
205 resp.setStatus(HttpServletResponse.SC_OK);
206 resp.setContentType(FEEDFULL_CONTENT_TYPE);
208 resp.getOutputStream().print(feed.asJSONObject(true).toString());
209 } catch (IOException ioe) {
210 eventlogger.error("IOException" + ioe.getMessage());
213 eelflogger.info(EelfMsgs.EXIT);
217 * PUT on the <feedURL> for a feed.
218 * See the <i>Modifying a Feed</i> section in the <b>Provisioning API</b>
219 * document for details on how this method should be invoked.
222 public void doPut(HttpServletRequest req, HttpServletResponse resp) {
223 setIpFqdnRequestIDandInvocationIDForEelf("doPut", req);
224 eelflogger.info(EelfMsgs.ENTRY);
226 eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(BEHALF_HEADER),getIdFromPath(req)+"");
227 EventLogRecord elr = new EventLogRecord(req);
228 String message = isAuthorizedForProvisioning(req);
229 if (message != null) {
230 elr.setMessage(message);
231 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
232 eventlogger.info(elr);
233 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
236 if (isProxyServer()) {
237 super.doPut(req, resp);
240 String bhdr = req.getHeader(BEHALF_HEADER);
242 message = "Missing "+BEHALF_HEADER+" header.";
243 elr.setMessage(message);
244 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
245 eventlogger.info(elr);
246 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
249 int feedid = getIdFromPath(req);
251 message = "Missing or bad feed number.";
252 elr.setMessage(message);
253 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
254 eventlogger.info(elr);
255 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
258 Feed oldFeed = Feed.getFeedById(feedid);
259 if (oldFeed == null || oldFeed.isDeleted()) {
260 message = "Missing or bad feed number.";
261 elr.setMessage(message);
262 elr.setResult(HttpServletResponse.SC_NOT_FOUND);
263 eventlogger.info(elr);
264 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);
267 // check content type is FEED_CONTENT_TYPE, version 1.0
268 ContentHeader ch = getContentHeader(req);
269 String ver = ch.getAttribute("version");
270 if (!ch.getType().equals(FEED_BASECONTENT_TYPE) || !(ver.equals("1.0") || ver.equals("2.0"))) {
271 message = "Incorrect content-type";
272 elr.setMessage(message);
273 elr.setResult(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE);
274 eventlogger.info(elr);
275 sendResponseError(resp, HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE, message, eventlogger);
278 JSONObject jo = getJSONfromInput(req);
280 message = "Badly formed JSON";
281 elr.setMessage(message);
282 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
283 eventlogger.info(elr);
284 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
287 if (intlogger.isDebugEnabled())
288 intlogger.debug(jo.toString());
292 } catch (InvalidObjectException e) {
293 message = e.getMessage();
294 elr.setMessage(message);
295 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
296 eventlogger.info(elr);
297 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
300 feed.setFeedid(feedid);
301 feed.setPublisher(bhdr); // set from X-DMAAP-DR-ON-BEHALF-OF header
303 String subjectgroup = (req.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")); //Adding for group feature:Rally US708115
304 if (!oldFeed.getPublisher().equals(feed.getPublisher()) && subjectgroup == null) {
305 message = "This feed must be modified by the same publisher that created it.";
306 elr.setMessage(message);
307 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
308 eventlogger.info(elr);
309 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
312 if (!oldFeed.getName().equals(feed.getName())) {
313 message = "The name of the feed may not be updated.";
314 elr.setMessage(message);
315 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
316 eventlogger.info(elr);
317 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
320 if (!oldFeed.getVersion().equals(feed.getVersion())) {
321 message = "The version of the feed may not be updated.";
322 elr.setMessage(message);
323 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
324 eventlogger.info(elr);
325 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
328 // Check with the Authorizer
329 AuthorizationResponse aresp = authz.decide(req);
330 if (! aresp.isAuthorized()) {
331 message = "Policy Engine disallows access.";
332 elr.setMessage(message);
333 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
334 eventlogger.info(elr);
335 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
339 // Update FEEDS table entries
340 if (doUpdate(feed)) {
342 elr.setResult(HttpServletResponse.SC_OK);
343 eventlogger.info(elr);
344 resp.setStatus(HttpServletResponse.SC_OK);
345 resp.setContentType(FEEDFULL_CONTENT_TYPE);
347 resp.getOutputStream().print(feed.asLimitedJSONObject().toString());
348 } catch (IOException ioe) {
349 eventlogger.error("IOException" + ioe.getMessage());
353 /**Change Owner ship of Feed //Adding for group feature:Rally US708115*/
354 if (jo.has("changeowner") && subjectgroup != null) {
356 Boolean changeowner = (Boolean) jo.get("changeowner");
357 if (changeowner != null && changeowner.equals(true)) {
358 feed.setPublisher(req.getHeader(BEHALF_HEADER));
359 feed.changeOwnerShip();
361 } catch (JSONException je) {
362 eventlogger.error("JSONException" + je.getMessage());
365 /***End of change ownership*/
367 provisioningDataChanged();
369 // Something went wrong with the UPDATE
370 elr.setResult(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
371 eventlogger.info(elr);
372 sendResponseError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, DB_PROBLEM_MSG, eventlogger);
375 eelflogger.info(EelfMsgs.EXIT);
379 * POST on the <feedURL> -- not supported.
382 public void doPost(HttpServletRequest req, HttpServletResponse resp) {
383 setIpFqdnRequestIDandInvocationIDForEelf("doPost", req);
384 eelflogger.info(EelfMsgs.ENTRY);
386 eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF, req.getHeader(BEHALF_HEADER));
387 String message = "POST not allowed for the feedURL.";
388 EventLogRecord elr = new EventLogRecord(req);
389 elr.setMessage(message);
390 elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
391 eventlogger.info(elr);
392 sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger);
394 eelflogger.info(EelfMsgs.EXIT);