2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * Copyright © 2017-2018 Amdocs
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
21 package org.onap.aai.sa.rest;
23 import java.security.cert.X509Certificate;
24 import javax.security.auth.x500.X500Principal;
25 import javax.servlet.http.HttpServletRequest;
26 import javax.servlet.http.HttpServletResponse;
27 import org.onap.aai.sa.auth.SearchDbServiceAuth;
28 import org.onap.aai.sa.rest.ApiUtils.Action;
29 import org.onap.aai.sa.searchdbabstraction.elasticsearch.dao.DocumentStoreInterface;
30 import org.onap.aai.sa.searchdbabstraction.elasticsearch.dao.ElasticSearchHttpController;
31 import org.springframework.http.HttpHeaders;
32 import org.springframework.http.ResponseEntity;
33 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
34 import org.springframework.stereotype.Component;
35 import org.springframework.web.bind.annotation.PathVariable;
36 import org.springframework.web.bind.annotation.RequestBody;
37 import org.springframework.web.bind.annotation.RequestHeader;
38 import org.springframework.web.bind.annotation.RequestMapping;
39 import org.springframework.web.bind.annotation.RequestMethod;
40 import org.springframework.web.bind.annotation.RestController;
45 @RequestMapping("/services/search-data-service/v1/search")
46 public class SearchServiceApi {
49 * The Data Access Object that we will use to interact with the document store.
51 protected DocumentStoreInterface documentStore = null;
52 protected ApiUtils apiUtils = null;
55 * Create a new instance of the end point.
57 public SearchServiceApi() {
59 // Perform one-time initialization.
65 * Performs all one-time initialization required for the end point.
68 // Instantiate our Document Store DAO.
69 documentStore = ElasticSearchHttpController.getInstance();
72 @RequestMapping(value = "/indexes/{index}", method = RequestMethod.PUT, produces = {"application/json"})
73 public ResponseEntity<String> processCreateIndex(@RequestBody String requestBody, HttpServletRequest request,
74 @RequestHeader HttpHeaders headers, @PathVariable("index") String index) {
76 // Forward the request to our index API to create the index.
77 IndexApi indexApi = new IndexApi(this);
78 return indexApi.processCreateIndex(requestBody, request, headers, index, documentStore);
81 @RequestMapping(value = "/indexes/{index}", method = RequestMethod.DELETE, consumes = {"application/json"},
82 produces = {"application/json"})
83 public ResponseEntity<String> processDeleteIndex(HttpServletRequest request, @RequestHeader HttpHeaders headers,
84 @PathVariable("index") String index) {
86 // Forward the request to our index API to delete the index.
87 IndexApi indexApi = new IndexApi(this);
88 return indexApi.processDelete(index, request, headers, documentStore);
92 @RequestMapping(value = "/indexes/{index}/documents", method = RequestMethod.POST, consumes = {"application/json"})
93 public ResponseEntity<String> processCreateDocWithoutId(@RequestBody String requestBody, HttpServletRequest request,
94 HttpServletResponse httpResponse, @RequestHeader HttpHeaders headers, @PathVariable("index") String index) {
96 // Forward the request to our document API to create the document.
97 DocumentApi documentApi = new DocumentApi(this);
98 return documentApi.processPost(requestBody, request, headers, httpResponse, index, documentStore);
101 @RequestMapping(value = "/indexes/{index}/documents/{id}", method = RequestMethod.PUT,
102 consumes = {"application/json"})
103 public ResponseEntity<String> processUpsertDoc(@RequestBody String requestBody, HttpServletRequest request,
104 HttpServletResponse httpResponse, @RequestHeader HttpHeaders headers, @PathVariable("index") String index,
105 @PathVariable("id") String id) {
107 // Forward the request to our document API to upsert the document.
108 DocumentApi documentApi = new DocumentApi(this);
109 return documentApi.processPut(requestBody, request, headers, httpResponse, index, id, documentStore);
112 @RequestMapping(value = "/indexes/{index}/documents/{id}", method = RequestMethod.GET)
113 public ResponseEntity<String> processGetDocument(HttpServletRequest request, HttpServletResponse httpResponse,
114 @RequestHeader HttpHeaders headers, @PathVariable("index") String index, @PathVariable("id") String id) {
116 // Forward the request to our document API to retrieve the document.
117 DocumentApi documentApi = new DocumentApi(this);
118 return documentApi.processGet("", request, headers, httpResponse, index, id, documentStore);
121 @RequestMapping(value = "/indexes/{index}/documents/{id}", method = RequestMethod.DELETE,
122 consumes = {"application/json"})
123 public ResponseEntity<String> processDeleteDoc(HttpServletRequest request, HttpServletResponse httpResponse,
124 @RequestHeader HttpHeaders headers, @PathVariable("index") String index, @PathVariable("id") String id) {
126 // Forward the request to our document API to delete the document.
127 DocumentApi documentApi = new DocumentApi(this);
128 return documentApi.processDelete("", request, headers, httpResponse, index, id, documentStore);
131 @RequestMapping(value = "/indexes/{index}/query/{queryText}", method = RequestMethod.GET)
132 public ResponseEntity<String> processInlineQuery(HttpServletRequest request, @RequestHeader HttpHeaders headers,
133 @PathVariable("index") String index, @PathVariable("queryText") String queryText) {
135 // Forward the request to our document API to delete the document.
136 DocumentApi documentApi = new DocumentApi(this);
137 return documentApi.processSearchWithGet("", request, headers, index, queryText, documentStore);
140 @RequestMapping(value = "/indexes/{index}/query", method = RequestMethod.GET, consumes = {"application/json"})
141 public ResponseEntity<String> processQueryWithGet(@RequestBody String requestBody, HttpServletRequest request,
142 @RequestHeader HttpHeaders headers, @PathVariable("index") String index) {
144 // Forward the request to our document API to delete the document.
145 DocumentApi documentApi = new DocumentApi(this);
146 return documentApi.queryWithGetWithPayload(requestBody, request, headers, index, documentStore);
149 @RequestMapping(value = "/indexes/{index}/query", method = RequestMethod.POST, consumes = {"application/json"})
150 public ResponseEntity<String> processQuery(@RequestBody String requestBody, HttpServletRequest request,
151 @RequestHeader HttpHeaders headers, @PathVariable("index") String index) {
153 // Forward the request to our document API to delete the document.
154 DocumentApi documentApi = new DocumentApi(this);
155 return documentApi.processSearchWithPost(requestBody, request, headers, index, documentStore);
158 @RequestMapping(value = "/indexes/{index}/suggest", method = RequestMethod.POST, consumes = {"application/json"})
159 public ResponseEntity<String> processSuggestQuery(@RequestBody String requestBody, HttpServletRequest request,
160 @RequestHeader HttpHeaders headers, @PathVariable("index") String index) {
161 // Forward the request to our document API to query suggestions in the
163 DocumentApi documentApi = new DocumentApi(this);
164 return documentApi.processSuggestQueryWithPost(requestBody, request, headers, index, documentStore);
167 @RequestMapping(value = "/indexes/dynamic/{index}", method = RequestMethod.PUT, consumes = {"application/json"})
168 public ResponseEntity<String> processCreateDynamicIndex(@RequestBody String requestBody, HttpServletRequest request,
169 @RequestHeader HttpHeaders headers, @PathVariable("index") String index) {
171 // Forward the request to our index API to create the index.
172 IndexApi indexApi = new IndexApi(this);
173 return indexApi.processCreateDynamicIndex(requestBody, request, headers, index, documentStore);
176 @RequestMapping(value = "/bulk", method = RequestMethod.POST, consumes = {"application/json"},
177 produces = {"application/json"})
178 public ResponseEntity<String> processBulkRequest(@RequestBody String requestBody, HttpServletRequest request,
179 @RequestHeader HttpHeaders headers) {
181 // Forward the request to our document API to delete the document.
182 BulkApi bulkApi = new BulkApi(this);
183 return bulkApi.processPost(requestBody, request, headers, documentStore);
186 protected boolean validateRequest(HttpHeaders headers, HttpServletRequest req, Action action,
187 String authPolicyFunctionName) {
189 boolean isUserAuthEnabled = ((ElasticSearchHttpController)documentStore).getElasticSearchConfig().useAuthorizationUser();
190 if(! isUserAuthEnabled) {
194 SearchDbServiceAuth serviceAuth = new SearchDbServiceAuth();
196 String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
197 String authUser = null;
198 if (cipherSuite != null) {
199 Object x509CertAttribute = req.getAttribute("javax.servlet.request.X509Certificate");
200 if (x509CertAttribute != null) {
201 X509Certificate[] certChain = (X509Certificate[]) x509CertAttribute;
202 X509Certificate clientCert = certChain[0];
203 X500Principal subjectDn = clientCert.getSubjectX500Principal();
204 authUser = subjectDn.toString();
208 if (authUser == null) {
213 serviceAuth.authUser(headers, authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
214 return status.equals("OK");