2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.policy.pdpx.main.rest;
23 import java.io.IOException;
25 import java.util.concurrent.atomic.AtomicBoolean;
26 import javax.servlet.Filter;
27 import javax.servlet.FilterChain;
28 import javax.servlet.ServletException;
29 import javax.servlet.ServletRequest;
30 import javax.servlet.ServletResponse;
31 import javax.servlet.http.HttpServletRequest;
32 import javax.servlet.http.HttpServletResponse;
35 * Filter that verifies that the API services (i.e., decision services) are enabled
36 * before allowing the request through.
38 public class XacmlPdpServiceFilter implements Filter {
41 * Services the are always available, even when the API is disabled.
43 public static final Set<String> PERMANENT_SERVICES = Set.of("healthcheck", "statistics", "metrics");
46 private static final AtomicBoolean apiDisabled = new AtomicBoolean(true);
50 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
51 throws IOException, ServletException {
53 HttpServletRequest request = (HttpServletRequest) servletRequest;
54 HttpServletResponse response = (HttpServletResponse) servletResponse;
56 if (apiDisabled.get() && !PERMANENT_SERVICES.contains(getUriSuffix(request))) {
57 response.setStatus(HttpServletResponse.SC_CONFLICT);
59 filterChain.doFilter(servletRequest, servletResponse);
63 private String getUriSuffix(HttpServletRequest request) {
64 String uri = request.getRequestURI();
65 int index = uri.lastIndexOf('/');
66 return (index < 0 ? uri : uri.substring(index + 1));
70 * Determines if API services are enabled.
72 * @return {@code true}, if API services are enabled
74 public static boolean isApiEnabled() {
75 return !apiDisabled.get();
79 * Enables the API services.
81 public static void enableApi() {
82 apiDisabled.set(false);
86 * Disables the API services.
88 public static void disableApi() {
89 apiDisabled.set(true);