2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * Copyright © 2017-2018 Amdocs
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
21 package org.onap.crud.service;
23 import java.security.cert.X509Certificate;
24 import java.util.ArrayList;
25 import java.util.Arrays;
26 import java.util.HashMap;
27 import java.util.HashSet;
28 import java.util.List;
31 import javax.security.auth.x500.X500Principal;
32 import javax.servlet.http.HttpServletRequest;
33 import javax.ws.rs.Consumes;
34 import javax.ws.rs.DELETE;
35 import javax.ws.rs.Encoded;
36 import javax.ws.rs.GET;
37 import javax.ws.rs.POST;
38 import javax.ws.rs.PUT;
39 import javax.ws.rs.Path;
40 import javax.ws.rs.PathParam;
41 import javax.ws.rs.Produces;
42 import javax.ws.rs.core.Context;
43 import javax.ws.rs.core.EntityTag;
44 import javax.ws.rs.core.HttpHeaders;
45 import javax.ws.rs.core.MediaType;
46 import javax.ws.rs.core.Response;
47 import javax.ws.rs.core.Response.ResponseBuilder;
48 import javax.ws.rs.core.Response.Status;
49 import javax.ws.rs.core.UriInfo;
51 import org.apache.commons.lang3.tuple.ImmutablePair;
52 import org.apache.cxf.jaxrs.ext.PATCH;
53 import org.onap.aai.cl.api.Logger;
54 import org.onap.aai.cl.eelf.LoggerFactory;
55 import org.onap.aaiauth.auth.Auth;
56 import org.onap.crud.exception.CrudException;
57 import org.onap.crud.logging.CrudServiceMsgs;
58 import org.onap.crud.logging.LoggingUtil;
59 import org.onap.crud.util.CrudProperties;
60 import org.onap.crud.util.CrudServiceConstants;
61 import org.onap.crud.util.CrudServiceUtil;
64 import com.google.gson.JsonElement;
66 import io.swagger.annotations.ApiImplicitParam;
67 import io.swagger.annotations.ApiImplicitParams;
68 import io.swagger.annotations.ApiOperation;
69 import io.swagger.annotations.ApiParam;
70 import io.swagger.annotations.ApiResponse;
71 import io.swagger.annotations.ApiResponses;
74 public class CrudRestService {
76 private AbstractGraphDataService graphDataService;
77 Logger logger = LoggerFactory.getInstance().getLogger(CrudRestService.class.getName());
78 Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(CrudRestService.class.getName());
80 private boolean authorizationEnabled;
82 private String mediaType = MediaType.APPLICATION_JSON;
83 public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override";
84 public static final String TRANSACTIONID_HEADER = "X-TransactionId";
86 public CrudRestService(AbstractGraphDataService graphDataService) throws Exception {
87 this.graphDataService = graphDataService;
89 this.authorizationEnabled = Boolean.parseBoolean(
90 CrudProperties.get(CrudServiceConstants.CRD_AUTHORIZATION_ENABLED, "true"));
93 if (this.authorizationEnabled) {
94 this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);
99 public CrudRestService(AbstractGraphDataService graphDataService, Auth auth) throws Exception {
100 this.graphDataService = graphDataService;
105 POST, GET, PUT, DELETE, PATCH
108 public void startup() {
112 @ApiOperation(value = "Get Vertex" , notes="For example : https://<host>:9520/services/inventory/v11/pserver/<id>")
114 @ApiResponse(code = 200, message = "Success"),
115 @ApiResponse(code = 403, message = "Forbidden"),
116 @ApiResponse(code = 404, message = "Not Found"),
117 @ApiResponse(code = 500, message = "Internal Server Error") })
119 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
120 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
123 @Path("/{version}/{type}/{id}")
124 @Consumes({MediaType.APPLICATION_JSON})
125 @Produces({MediaType.APPLICATION_JSON})
126 public Response getVertex(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
127 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
128 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
130 LoggingUtil.initMdcContext(req, headers);
131 logger.debug("Incoming request..." + content);
133 ResponseBuilder responseBuilder;
134 Map<String, String> params = addParams(uriInfo, false, type, version);
137 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
138 ImmutablePair<EntityTag, String> result = graphDataService.getVertex(version, id, type, params);
140 Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType);
142 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
144 } catch (CrudException ce) {
145 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
146 } catch (Exception e) {
147 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
151 setTxIdOnResponseHeader(headers, responseBuilder);
153 Response response = responseBuilder.build();
154 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
158 @ApiOperation(value = "Get Vertices" , notes="For example : https://<host>:9520/services/inventory/v11/pserver/")
160 @ApiResponse(code = 200, message = "Success"),
161 @ApiResponse(code = 403, message = "Forbidden"),
162 @ApiResponse(code = 404, message = "Not Found"),
163 @ApiResponse(code = 500, message = "Internal Server Error") })
165 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
166 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
169 @Path("/{version}/{type}/")
170 @Consumes({MediaType.APPLICATION_JSON})
171 @Produces({MediaType.APPLICATION_JSON})
172 public Response getVertices(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
173 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
174 @Context HttpServletRequest req) {
176 LoggingUtil.initMdcContext(req, headers);
177 logger.debug("Incoming request..." + content);
179 ResponseBuilder responseBuilder;
181 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
182 String propertiesKey = CrudProperties.get(CrudServiceConstants.CRD_COLLECTION_PROPERTIES_KEY);
183 Map<String, String> filter = addParams(uriInfo, true, type, version);
185 HashSet<String> properties;
186 if (uriInfo.getQueryParameters().containsKey(propertiesKey)) {
187 properties = new HashSet<>(uriInfo.getQueryParameters().get(propertiesKey));
189 properties = new HashSet<>();
192 ImmutablePair<EntityTag, String> result =
193 graphDataService.getVertices(version, type, filter, properties);
195 Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType);
197 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
199 } catch (CrudException ce) {
200 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
201 } catch (Exception e) {
202 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
206 setTxIdOnResponseHeader(headers, responseBuilder);
208 Response response = responseBuilder.build();
209 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
213 @ApiOperation(value = "Get Edge" , notes="For example : https://<host>:9520/services/inventory/relationships/v11/tosca.relationships.HostedOn/<id>")
215 @ApiResponse(code = 200, message = "Success"),
216 @ApiResponse(code = 403, message = "Forbidden"),
217 @ApiResponse(code = 404, message = "Not Found"),
218 @ApiResponse(code = 500, message = "Internal Server Error") })
220 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
221 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
224 @Path("/relationships/{version}/{type}/{id}")
225 @Consumes({MediaType.APPLICATION_JSON})
226 @Produces({MediaType.APPLICATION_JSON})
227 public Response getEdge(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
228 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
229 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
231 LoggingUtil.initMdcContext(req, headers);
232 logger.debug("Incoming request..." + content);
234 ResponseBuilder responseBuilder;
235 Map<String, String> params = addParams(uriInfo, false, type, version);
238 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
240 ImmutablePair<EntityTag, String> result = graphDataService.getEdge(version, id, type, params);
242 Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType);
244 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
246 } catch (CrudException ce) {
247 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
248 } catch (Exception e) {
249 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
252 setTxIdOnResponseHeader(headers, responseBuilder);
254 Response response = responseBuilder.build();
255 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
259 @ApiOperation(value = "Get Edges" , notes="For example : https://<host>:9520/services/inventory/relationships/v11/tosca.relationships.HostedOn/")
261 @ApiResponse(code = 200, message = "Success"),
262 @ApiResponse(code = 403, message = "Forbidden"),
263 @ApiResponse(code = 404, message = "Not Found"),
264 @ApiResponse(code = 500, message = "Internal Server Error") })
266 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
267 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
270 @Path("/relationships/{version}/{type}/")
271 @Consumes({MediaType.APPLICATION_JSON})
272 @Produces({MediaType.APPLICATION_JSON})
273 public Response getEdges(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
274 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
275 @Context HttpServletRequest req) {
277 LoggingUtil.initMdcContext(req, headers);
278 logger.debug("Incoming request..." + content);
280 ResponseBuilder responseBuilder;
281 Map<String, String> filter = addParams(uriInfo, true, type, version);
284 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
285 ImmutablePair<EntityTag, String> result = graphDataService.getEdges(version, type, filter);
287 Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType);
289 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
291 } catch (CrudException ce) {
292 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
293 } catch (Exception e) {
294 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
297 setTxIdOnResponseHeader(headers, responseBuilder);
299 Response response = responseBuilder.build();
300 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
304 @ApiOperation(value = "Update Edge" , notes = "# Payload \n"
306 " \"properties\":{ \r\n" +
307 " \"prop1\" : \"value\",\r\n" +
308 " \"prop2\" :\"value\",\r\n" +
312 @ApiResponse(code = 200, message = "Success"),
313 @ApiResponse(code = 403, message = "Forbidden"),
314 @ApiResponse(code = 404, message = "Not Found"),
315 @ApiResponse(code = 400, message = "Bad Request"),
316 @ApiResponse(code = 500, message = "Internal Server Error") })
318 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
319 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
322 @Path("/relationships/{version}/{type}/{id}")
323 @Consumes({MediaType.APPLICATION_JSON})
324 @Produces({MediaType.APPLICATION_JSON})
325 public Response updateEdge(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
326 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
327 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
329 LoggingUtil.initMdcContext(req, headers);
330 logger.debug("Incoming request..." + content);
332 ResponseBuilder responseBuilder;
335 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
336 EdgePayload payload = EdgePayload.fromJson(content);
337 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
338 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
340 if (payload.getId() != null && !payload.getId().equals(id)) {
341 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
343 ImmutablePair<EntityTag, String> result;
344 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
345 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
346 result = graphDataService.patchEdge(version, id, type, payload);
348 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
350 result = graphDataService.updateEdge(version, id, type, payload);
352 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
356 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
358 } catch (CrudException ce) {
359 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
360 } catch (Exception e) {
361 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
364 setTxIdOnResponseHeader(headers, responseBuilder);
366 Response response = responseBuilder.build();
367 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
371 @ApiOperation(value = "Patch Edge" , notes = "# Payload \n"
373 " \"properties\":{ \r\n" +
374 " \"prop1\" : \"value\",\r\n" +
375 " \"prop2\" :\"value\",\r\n" +
379 @ApiResponse(code = 200, message = "Success"),
380 @ApiResponse(code = 403, message = "Forbidden"),
381 @ApiResponse(code = 400, message = "Bad Request"),
382 @ApiResponse(code = 404, message = "Not Found"),
383 @ApiResponse(code = 500, message = "Internal Server Error") })
385 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
386 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
389 @Path("/relationships/{version}/{type}/{id}")
390 @Consumes({"application/merge-patch+json"})
391 @Produces({MediaType.APPLICATION_JSON})
392 public Response patchEdge(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
393 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
394 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
396 LoggingUtil.initMdcContext(req, headers);
397 logger.debug("Incoming request..." + content);
399 ResponseBuilder responseBuilder;
402 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
403 EdgePayload payload = EdgePayload.fromJson(content);
404 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
405 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
407 if (payload.getId() != null && !payload.getId().equals(id)) {
408 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
411 ImmutablePair<EntityTag, String> result = graphDataService.patchEdge(version, id, type, payload);
413 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
415 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
417 } catch (CrudException ce) {
418 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
419 } catch (Exception e) {
420 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
423 setTxIdOnResponseHeader(headers, responseBuilder);
425 Response response = responseBuilder.build();
426 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
430 @ApiOperation(value = "Update Vertex" , notes = "# Payload \n"
432 " \"type\" :\"vertex type from oxm like comcast.nodes.sdwan.vpn\",\r\n" +
433 " \"properties\": {\r\n" +
434 " \"prop1\" : \"value\",\r\n" +
435 " \"prop2\" :\"value\",\r\n" +
439 @ApiResponse(code = 200, message = "Success"),
440 @ApiResponse(code = 403, message = "Forbidden"),
441 @ApiResponse(code = 400, message = "Bad Request"),
442 @ApiResponse(code = 404, message = "Not Found"),
443 @ApiResponse(code = 500, message = "Internal Server Error") })
445 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
446 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
449 @Path("/{version}/{type}/{id}")
450 @Consumes({MediaType.APPLICATION_JSON})
451 @Produces({MediaType.APPLICATION_JSON})
452 public Response updateVertex(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
453 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
454 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
456 LoggingUtil.initMdcContext(req, headers);
457 logger.debug("Incoming request..." + content);
459 ResponseBuilder responseBuilder;
462 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
463 VertexPayload payload = VertexPayload.fromJson(content);
464 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
465 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
467 if (payload.getId() != null && !payload.getId().equals(id)) {
468 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
471 payload.setProperties(
472 CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
474 ImmutablePair<EntityTag, String> result;
475 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
476 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
477 result = graphDataService.patchVertex(version, id, type, payload);
479 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
481 result = graphDataService.updateVertex(version, id, type, payload);
483 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
487 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
489 } catch (CrudException ce) {
490 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
491 } catch (Exception e) {
492 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
495 setTxIdOnResponseHeader(headers, responseBuilder);
497 Response response = responseBuilder.build();
498 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
502 @ApiOperation(value = "Patch Vertex" , notes = "# Payload \n"
504 " \"type\" :\"vertex type from oxm like comcast.nodes.sdwan.vpn\",\r\n" +
505 " \"properties\": {\r\n" +
506 " \"prop1\" : \"true\",\r\n" +
507 " \"prop2\" :\"name1\",\r\n" +
511 @ApiResponse(code = 200, message = "Success"),
512 @ApiResponse(code = 403, message = "Forbidden"),
513 @ApiResponse(code = 400, message = "Bad Request"),
514 @ApiResponse(code = 404, message = "Not Found"),
515 @ApiResponse(code = 500, message = "Internal Server Error") })
517 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
518 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
521 @Path("/{version}/{type}/{id}")
522 @Consumes({"application/merge-patch+json"})
523 @Produces({MediaType.APPLICATION_JSON})
524 public Response patchVertex(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
525 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
526 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
528 LoggingUtil.initMdcContext(req, headers);
529 logger.debug("Incoming request..." + content);
531 ResponseBuilder responseBuilder;
534 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
535 VertexPayload payload = VertexPayload.fromJson(content);
536 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
537 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
539 if (payload.getId() != null && !payload.getId().equals(id)) {
540 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
543 payload.setProperties(
544 CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
546 ImmutablePair<EntityTag, String> result = graphDataService.patchVertex(version, id, type, payload);
548 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
550 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
552 } catch (CrudException ce) {
553 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
554 } catch (Exception e) {
555 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
558 setTxIdOnResponseHeader(headers, responseBuilder);
560 Response response = responseBuilder.build();
561 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
565 @ApiOperation(value = "Create Vertex" , notes = "# Payload \n"
567 " \"properties\": {\r\n" +
568 " \"prop1\" : \"value\",\r\n" +
569 " \"prop2\" :\"value\",\r\n" +
573 @ApiResponse(code = 201, message = "Created"),
574 @ApiResponse(code = 403, message = "Forbidden"),
575 @ApiResponse(code = 400, message = "Bad Request"),
576 @ApiResponse(code = 404, message = "Not Found"),
577 @ApiResponse(code = 500, message = "Internal Server Error") })
579 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
580 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
583 @Path("/{version}/{type}/")
584 @Consumes({MediaType.APPLICATION_JSON})
585 @Produces({MediaType.APPLICATION_JSON})
586 public Response addVertex(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
587 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
588 @Context HttpServletRequest req) {
590 LoggingUtil.initMdcContext(req, headers);
591 logger.debug("Incoming request..." + content);
593 ResponseBuilder responseBuilder;
596 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
597 VertexPayload payload = VertexPayload.fromJson(content);
598 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
599 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
601 if (payload.getId() != null) {
602 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
605 if (payload.getType() != null && !payload.getType().equals(type)) {
606 throw new CrudException("Vertex Type mismatch", Status.BAD_REQUEST);
609 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
611 ImmutablePair<EntityTag, String> result = graphDataService.addVertex(version, type, payload);
613 Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType);
615 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
617 } catch (CrudException ce) {
618 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
619 } catch (Exception e) {
620 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
623 setTxIdOnResponseHeader(headers, responseBuilder);
625 Response response = responseBuilder.build();
626 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
630 private void validateBulkPayload(BulkPayload payload) throws CrudException {
631 List<String> vertices = new ArrayList<String>();
632 List<String> edges = new ArrayList<String>();
634 for (JsonElement v : payload.getObjects()) {
635 List<Map.Entry<String, JsonElement>> entries =
636 new ArrayList<Map.Entry<String, JsonElement>>(v.getAsJsonObject().entrySet());
638 if (entries.size() != 2) {
639 throw new CrudException("", Status.BAD_REQUEST);
641 Map.Entry<String, JsonElement> opr = entries.get(0);
642 Map.Entry<String, JsonElement> item = entries.get(1);
644 if (vertices.contains(item.getKey())) {
645 throw new CrudException("duplicate vertex in payload: " + item.getKey(), Status.BAD_REQUEST);
647 VertexPayload vertexPayload = VertexPayload.fromJson(item.getValue().getAsJsonObject().toString());
648 if (vertexPayload.getType() == null) {
649 throw new CrudException("Vertex Type cannot be null for: " + item.getKey(), Status.BAD_REQUEST);
652 if (!opr.getKey().equalsIgnoreCase("operation")) {
653 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
656 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
657 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
658 && !opr.getValue().getAsString().equalsIgnoreCase("patch")
659 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
660 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
662 // check if ID is populate for modify/patch/delete operation
663 if ((opr.getValue().getAsString().equalsIgnoreCase("modify")
664 || opr.getValue().getAsString().equalsIgnoreCase("patch")
665 || opr.getValue().getAsString().equalsIgnoreCase("delete")) && (vertexPayload.getId() == null)) {
667 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
671 vertices.add(item.getKey());
674 for (JsonElement v : payload.getRelationships()) {
675 List<Map.Entry<String, JsonElement>> entries =
676 new ArrayList<Map.Entry<String, JsonElement>>(v.getAsJsonObject().entrySet());
678 if (entries.size() != 2) {
679 throw new CrudException("", Status.BAD_REQUEST);
681 Map.Entry<String, JsonElement> opr = entries.get(0);
682 Map.Entry<String, JsonElement> item = entries.get(1);
684 if (edges.contains(item.getKey())) {
685 throw new CrudException("duplicate Edge in payload: " + item.getKey(), Status.BAD_REQUEST);
688 EdgePayload edgePayload = EdgePayload.fromJson(item.getValue().getAsJsonObject().toString());
690 if (!opr.getKey().equalsIgnoreCase("operation")) {
691 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
694 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
695 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
696 && !opr.getValue().getAsString().equalsIgnoreCase("patch")
697 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
698 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
700 // check if ID is populate for modify/patch/delete operation
701 if ((edgePayload.getId() == null) && (opr.getValue().getAsString().equalsIgnoreCase("modify")
702 || opr.getValue().getAsString().equalsIgnoreCase("patch")
703 || opr.getValue().getAsString().equalsIgnoreCase("delete"))) {
705 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
708 if (opr.getValue().getAsString().equalsIgnoreCase("add")) {
709 if (edgePayload.getSource() == null || edgePayload.getTarget() == null) {
710 throw new CrudException("Source/Target cannot be null for edge: " + item.getKey(),
713 if (edgePayload.getSource().startsWith("$")
714 && !vertices.contains(edgePayload.getSource().substring(1))) {
715 throw new CrudException("Source Vertex " + edgePayload.getSource().substring(1)
716 + " not found for Edge: " + item.getKey(), Status.BAD_REQUEST);
719 if (edgePayload.getTarget().startsWith("$")
720 && !vertices.contains(edgePayload.getTarget().substring(1))) {
721 throw new CrudException("Target Vertex " + edgePayload.getSource().substring(1)
722 + " not found for Edge: " + item.getKey(), Status.BAD_REQUEST);
725 edges.add(item.getKey());
731 @ApiOperation(value = "Bulk API" , notes="For example : https://<host>:9520/services/inventory/v11/bulk")
733 @ApiResponse(code = 200, message = "Success"),
734 @ApiResponse(code = 403, message = "Forbidden"),
735 @ApiResponse(code = 400, message = "Bad Request"),
736 @ApiResponse(code = 404, message = "Not Found"),
737 @ApiResponse(code = 500, message = "Internal Server Error") })
739 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
740 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
743 @Path("/{version}/bulk/")
744 @Consumes({MediaType.APPLICATION_JSON})
745 @Produces({MediaType.APPLICATION_JSON})
746 public Response addBulk(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version,
747 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
748 @Context HttpServletRequest req) {
750 LoggingUtil.initMdcContext(req, headers);
751 logger.debug("Incoming request..." + content);
753 ResponseBuilder responseBuilder;
756 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
757 BulkPayload payload = BulkPayload.fromJson(content);
758 if ((payload.getObjects() == null && payload.getRelationships() == null)
759 || (payload.getObjects() != null && payload.getObjects().isEmpty()
760 && payload.getRelationships() != null && payload.getRelationships().isEmpty())) {
761 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
764 validateBulkPayload(payload);
765 String result = graphDataService.addBulk(version, payload, headers);
766 responseBuilder = Response.status(Status.OK).entity(result).type(mediaType);
768 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
770 } catch (CrudException ce) {
771 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
772 } catch (Exception e) {
773 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
776 setTxIdOnResponseHeader(headers, responseBuilder);
778 Response response = responseBuilder.build();
779 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
783 @ApiOperation(value = "Create Vertex (typeless endpoint)" , nickname="addVertex-typeless",notes = "# Payload \n"
785 " \"type\" :\"vertex type from oxm like comcast.nodes.sdwan.vpn\",\r\n" +
786 " \"properties\": {\r\n" +
787 " \"prop1\" : \"value\",\r\n" +
788 " \"prop2\" :\"value\",\r\n" +
792 @ApiResponse(code = 201, message = "Created"),
793 @ApiResponse(code = 403, message = "Forbidden"),
794 @ApiResponse(code = 400, message = "Bad Request"),
795 @ApiResponse(code = 404, message = "Not Found"),
796 @ApiResponse(code = 500, message = "Internal Server Error") })
798 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
799 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
803 @Consumes({MediaType.APPLICATION_JSON})
804 @Produces({MediaType.APPLICATION_JSON})
805 public Response addVertex(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version,
806 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
807 @Context HttpServletRequest req) {
809 LoggingUtil.initMdcContext(req, headers);
810 logger.debug("Incoming request..." + content);
812 ResponseBuilder responseBuilder;
816 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
817 VertexPayload payload = VertexPayload.fromJson(content);
818 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
819 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
821 if (payload.getId() != null) {
822 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
825 if (payload.getType() == null || payload.getType().isEmpty()) {
826 throw new CrudException("Missing Vertex Type ", Status.BAD_REQUEST);
829 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
831 ImmutablePair<EntityTag, String> result =
832 graphDataService.addVertex(version, payload.getType(), payload);
834 Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType);
836 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
838 } catch (CrudException ce) {
839 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
840 } catch (Exception e) {
841 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
844 setTxIdOnResponseHeader(headers, responseBuilder);
846 Response response = responseBuilder.build();
847 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
851 @ApiOperation(value = "Create Edge" , notes = "# Payload \n"
853 " \"source\":\"source vertex like : services/inventory/v11/vserver/0\",\r\n" +
854 " \"target\":\"target vertex like : services/inventory/v11/pserver/7\",\r\n" +
855 " \"properties\":{ \r\n" +
856 " \"prop1\" : \"value\",\r\n" +
857 " \"prop2\" :\"value\",\r\n" +
861 @ApiResponse(code = 201, message = "Created"),
862 @ApiResponse(code = 403, message = "Forbidden"),
863 @ApiResponse(code = 400, message = "Bad Request"),
864 @ApiResponse(code = 404, message = "Not Found"),
865 @ApiResponse(code = 500, message = "Internal Server Error") })
868 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
869 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
872 @Path("/relationships/{version}/{type}/")
873 @Consumes({MediaType.APPLICATION_JSON})
874 @Produces({MediaType.APPLICATION_JSON})
875 public Response addEdge(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
876 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
877 @Context HttpServletRequest req) {
879 LoggingUtil.initMdcContext(req, headers);
880 logger.debug("Incoming request..." + content);
882 ResponseBuilder responseBuilder;
885 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
886 EdgePayload payload = EdgePayload.fromJson(content);
887 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
888 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
890 if (payload.getId() != null) {
891 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
894 if (payload.getType() != null && !payload.getType().equals(type)) {
895 throw new CrudException("Edge Type mismatch", Status.BAD_REQUEST);
897 ImmutablePair<EntityTag, String> result = graphDataService.addEdge(version, type, payload);
899 Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType);
901 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
903 } catch (CrudException ce) {
904 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
905 } catch (Exception e) {
906 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
909 setTxIdOnResponseHeader(headers, responseBuilder);
911 Response response = responseBuilder.build();
912 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
916 @ApiOperation(value = "Create Edge (typeless endpoint)" , nickname="addEdge-typeless",notes = "# Payload \n"
918 " \"type\":\"edge type like : tosca.relationships.HostedOn\",\r\n" +
919 " \"source\":\"source vertex like : services/inventory/v11/vserver/0\",\r\n" +
920 " \"target\":\"target vertex like : services/inventory/v11/pserver/7\",\r\n" +
921 " \"properties\":{ \r\n" +
922 " \"prop1\" : \"value\",\r\n" +
923 " \"prop2\" :\"value\",\r\n" +
927 @ApiResponse(code = 201, message = "Created"),
928 @ApiResponse(code = 403, message = "Forbidden"),
929 @ApiResponse(code = 400, message = "Bad Request"),
930 @ApiResponse(code = 404, message = "Not Found"),
931 @ApiResponse(code = 500, message = "Internal Server Error") })
933 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
934 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
937 @Path("/relationships/{version}/")
938 @Consumes({MediaType.APPLICATION_JSON})
939 @Produces({MediaType.APPLICATION_JSON})
940 public Response addEdge(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri,
941 @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
943 LoggingUtil.initMdcContext(req, headers);
944 logger.debug("Incoming request..." + content);
946 ResponseBuilder responseBuilder;
949 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
950 EdgePayload payload = EdgePayload.fromJson(content);
951 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
952 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
954 if (payload.getId() != null) {
955 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
958 if (payload.getType() == null || payload.getType().isEmpty()) {
959 payload.setType(CrudServiceUtil.determineEdgeType(payload, version));
962 ImmutablePair<EntityTag, String> result = graphDataService.addEdge(version, payload.getType(), payload);
964 Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType);
966 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
968 } catch (CrudException ce) {
969 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
970 } catch (Exception e) {
971 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
974 setTxIdOnResponseHeader(headers, responseBuilder);
976 Response response = responseBuilder.build();
977 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
981 @ApiOperation(value = "Delete Vertex" , notes="For example : https://<host>:9520/services/inventory/v11/pserver/<id>")
983 @ApiResponse(code = 200, message = "Success"),
984 @ApiResponse(code = 403, message = "Forbidden"),
985 @ApiResponse(code = 400, message = "Bad Request"),
986 @ApiResponse(code = 404, message = "Not Found"),
987 @ApiResponse(code = 500, message = "Internal Server Error") })
989 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
990 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
993 @Path("/{version}/{type}/{id}")
994 @Consumes({MediaType.APPLICATION_JSON})
995 @Produces({MediaType.APPLICATION_JSON})
996 public Response deleteVertex(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
997 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
998 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
1000 LoggingUtil.initMdcContext(req, headers);
1001 logger.debug("Incoming request..." + content);
1003 ResponseBuilder responseBuilder;
1006 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
1007 String result = graphDataService.deleteVertex(version, id, type);
1008 responseBuilder = Response.status(Status.OK).entity(result).type(mediaType);
1010 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
1012 } catch (CrudException ce) {
1013 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
1014 } catch (Exception e) {
1015 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
1018 setTxIdOnResponseHeader(headers, responseBuilder);
1020 Response response = responseBuilder.build();
1021 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
1025 @ApiOperation(value = "Delete Edge" , notes="For example : https://<host>:9520/services/inventory/v11/pserver/<id>")
1027 @ApiResponse(code = 200, message = "Success"),
1028 @ApiResponse(code = 403, message = "Forbidden"),
1029 @ApiResponse(code = 400, message = "Bad Request"),
1030 @ApiResponse(code = 404, message = "Not Found"),
1031 @ApiResponse(code = 500, message = "Internal Server Error") })
1032 @ApiImplicitParams({
1033 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
1034 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
1037 @Path("/relationships/{version}/{type}/{id}")
1038 @Consumes({MediaType.APPLICATION_JSON})
1039 @Produces({MediaType.APPLICATION_JSON})
1040 public Response deleteEdge(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
1041 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
1042 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
1044 LoggingUtil.initMdcContext(req, headers);
1045 logger.debug("Incoming request..." + content);
1047 ResponseBuilder responseBuilder;
1050 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
1051 String result = graphDataService.deleteEdge(version, id, type);
1052 responseBuilder = Response.status(Status.OK).entity(result).type(mediaType);
1054 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
1056 } catch (CrudException ce) {
1057 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
1058 } catch (Exception e) {
1059 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
1062 setTxIdOnResponseHeader(headers, responseBuilder);
1064 Response response = responseBuilder.build();
1065 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
1069 protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action,
1070 String authPolicyFunctionName, HttpHeaders headers) throws CrudException {
1072 if (!authorizationEnabled) {
1073 validateRequestHeader(headers);
1077 boolean isValid = false;
1079 String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
1080 String authUser = null;
1081 if (cipherSuite != null) {
1082 X509Certificate[] certChain =
1083 (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
1084 X509Certificate clientCert = certChain[0];
1085 X500Principal subjectDn = clientCert.getSubjectX500Principal();
1086 authUser = subjectDn.toString();
1088 if (null != authUser) {
1089 isValid = this.auth.validateRequest(authUser.toLowerCase(),
1090 action.toString() + ":" + authPolicyFunctionName);
1092 } catch (Exception e) {
1093 logResult(action, uri, e);
1097 validateRequestHeader(headers);
1102 public void validateRequestHeader(HttpHeaders headers) throws CrudException {
1103 String sourceOfTruth = null;
1104 if (headers.getRequestHeaders().containsKey("X-FromAppId")) {
1105 sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId");
1108 if (sourceOfTruth == null || sourceOfTruth.trim() == "") {
1109 throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST);
1112 String transId = null;
1113 if (headers.getRequestHeaders().containsKey("X-TransactionId")) {
1114 transId = headers.getRequestHeaders().getFirst("X-TransactionId");
1117 if (transId == null || transId.trim() == "") {
1118 throw new CrudException("Invalid request, Missing X-TransactionId header", Status.BAD_REQUEST);
1122 void logResult(Action op, String uri, Exception e) {
1124 logger.error(CrudServiceMsgs.EXCEPTION_DURING_METHOD_CALL, op.toString(), uri,
1125 Arrays.toString(e.getStackTrace()));
1127 // Clear the MDC context so that no other transaction inadvertently
1128 // uses our transaction id.
1132 private Map<String, String> addParams(UriInfo info, boolean filter, String type, String version) {
1133 String propertiesKey = CrudProperties.get(CrudServiceConstants.CRD_COLLECTION_PROPERTIES_KEY);
1134 Map<String, String> params = new HashMap<String, String>();
1135 params.put(CrudServiceConstants.CRD_RESERVED_VERSION, version);
1136 params.put(CrudServiceConstants.CRD_RESERVED_NODE_TYPE, type);
1138 for (Map.Entry<String, List<String>> e : info.getQueryParameters().entrySet()) {
1139 if (!e.getKey().equals(propertiesKey)) {
1140 params.put(e.getKey(), e.getValue().get(0));
1144 for (Map.Entry<String, List<String>> e : info.getQueryParameters().entrySet()) {
1145 params.put(e.getKey(), e.getValue().get(0));
1151 private void setTxIdOnResponseHeader(HttpHeaders headers, ResponseBuilder responseBuilder) {
1152 String txId = headers.getHeaderString(TRANSACTIONID_HEADER);
1154 responseBuilder.header(TRANSACTIONID_HEADER, txId);