2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * Copyright © 2017-2018 Amdocs
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
21 package org.onap.crud.service;
23 import java.security.cert.X509Certificate;
24 import java.util.ArrayList;
25 import java.util.Arrays;
26 import java.util.HashMap;
27 import java.util.HashSet;
28 import java.util.List;
31 import javax.security.auth.x500.X500Principal;
32 import javax.servlet.http.HttpServletRequest;
33 import javax.ws.rs.Consumes;
34 import javax.ws.rs.DELETE;
35 import javax.ws.rs.Encoded;
36 import javax.ws.rs.GET;
37 import javax.ws.rs.POST;
38 import javax.ws.rs.PUT;
39 import javax.ws.rs.Path;
40 import javax.ws.rs.PathParam;
41 import javax.ws.rs.Produces;
42 import javax.ws.rs.core.Context;
43 import javax.ws.rs.core.EntityTag;
44 import javax.ws.rs.core.HttpHeaders;
45 import javax.ws.rs.core.MediaType;
46 import javax.ws.rs.core.Response;
47 import javax.ws.rs.core.Response.ResponseBuilder;
48 import javax.ws.rs.core.Response.Status;
49 import javax.ws.rs.core.UriInfo;
51 import org.apache.commons.lang3.tuple.ImmutablePair;
52 import org.apache.cxf.jaxrs.ext.PATCH;
53 import org.onap.aai.cl.api.Logger;
54 import org.onap.aai.cl.eelf.LoggerFactory;
55 import org.onap.aaiauth.auth.Auth;
56 import org.onap.crud.exception.CrudException;
57 import org.onap.crud.logging.CrudServiceMsgs;
58 import org.onap.crud.logging.LoggingUtil;
59 import org.onap.crud.parser.BulkPayload;
60 import org.onap.crud.parser.EdgePayload;
61 import org.onap.crud.parser.VertexPayload;
62 import org.onap.crud.util.CrudProperties;
63 import org.onap.crud.util.CrudServiceConstants;
64 import org.onap.crud.util.CrudServiceUtil;
67 import com.google.gson.JsonElement;
69 import io.swagger.annotations.ApiImplicitParam;
70 import io.swagger.annotations.ApiImplicitParams;
71 import io.swagger.annotations.ApiOperation;
72 import io.swagger.annotations.ApiParam;
73 import io.swagger.annotations.ApiResponse;
74 import io.swagger.annotations.ApiResponses;
77 public class CrudRestService {
79 private AbstractGraphDataService graphDataService;
80 Logger logger = LoggerFactory.getInstance().getLogger(CrudRestService.class.getName());
81 Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(CrudRestService.class.getName());
84 private String mediaType = MediaType.APPLICATION_JSON;
85 public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override";
86 public static final String TRANSACTIONID_HEADER = "X-TransactionId";
88 public CrudRestService(AbstractGraphDataService graphDataService) throws Exception {
89 this.graphDataService = graphDataService;
90 this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);
94 public CrudRestService(AbstractGraphDataService graphDataService, Auth auth) throws Exception {
95 this.graphDataService = graphDataService;
100 POST, GET, PUT, DELETE, PATCH
103 public void startup() {
107 @ApiOperation(value = "Get Vertex" , notes="For example : https://<host>:9520/services/inventory/v11/pserver/<id>")
109 @ApiResponse(code = 200, message = "Success"),
110 @ApiResponse(code = 403, message = "Forbidden"),
111 @ApiResponse(code = 404, message = "Not Found"),
112 @ApiResponse(code = 500, message = "Internal Server Error") })
114 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
115 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
118 @Path("/{version}/{type}/{id}")
119 @Consumes({MediaType.APPLICATION_JSON})
120 @Produces({MediaType.APPLICATION_JSON})
121 public Response getVertex(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
122 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
123 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
125 LoggingUtil.initMdcContext(req, headers);
126 logger.debug("Incoming request..." + content);
128 ResponseBuilder responseBuilder;
129 Map<String, String> params = addParams(uriInfo, false, type, version);
132 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
133 ImmutablePair<EntityTag, String> result = graphDataService.getVertex(version, id, type, params);
135 Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType);
137 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
139 } catch (CrudException ce) {
140 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
141 } catch (Exception e) {
142 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
146 setTxIdOnResponseHeader(headers, responseBuilder);
148 Response response = responseBuilder.build();
149 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
153 @ApiOperation(value = "Get Vertices" , notes="For example : https://<host>:9520/services/inventory/v11/pserver/")
155 @ApiResponse(code = 200, message = "Success"),
156 @ApiResponse(code = 403, message = "Forbidden"),
157 @ApiResponse(code = 404, message = "Not Found"),
158 @ApiResponse(code = 500, message = "Internal Server Error") })
160 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
161 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
164 @Path("/{version}/{type}/")
165 @Consumes({MediaType.APPLICATION_JSON})
166 @Produces({MediaType.APPLICATION_JSON})
167 public Response getVertices(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
168 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
169 @Context HttpServletRequest req) {
171 LoggingUtil.initMdcContext(req, headers);
172 logger.debug("Incoming request..." + content);
174 ResponseBuilder responseBuilder;
176 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
177 String propertiesKey = CrudProperties.get(CrudServiceConstants.CRD_COLLECTION_PROPERTIES_KEY);
178 Map<String, String> filter = addParams(uriInfo, true, type, version);
180 HashSet<String> properties;
181 if (uriInfo.getQueryParameters().containsKey(propertiesKey)) {
182 properties = new HashSet<>(uriInfo.getQueryParameters().get(propertiesKey));
184 properties = new HashSet<>();
187 ImmutablePair<EntityTag, String> result =
188 graphDataService.getVertices(version, type, filter, properties);
190 Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType);
192 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
194 } catch (CrudException ce) {
195 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
196 } catch (Exception e) {
197 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
201 setTxIdOnResponseHeader(headers, responseBuilder);
203 Response response = responseBuilder.build();
204 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
208 @ApiOperation(value = "Get Edge" , notes="For example : https://<host>:9520/services/inventory/relationships/v11/tosca.relationships.HostedOn/<id>")
210 @ApiResponse(code = 200, message = "Success"),
211 @ApiResponse(code = 403, message = "Forbidden"),
212 @ApiResponse(code = 404, message = "Not Found"),
213 @ApiResponse(code = 500, message = "Internal Server Error") })
215 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
216 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
219 @Path("/relationships/{version}/{type}/{id}")
220 @Consumes({MediaType.APPLICATION_JSON})
221 @Produces({MediaType.APPLICATION_JSON})
222 public Response getEdge(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
223 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
224 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
226 LoggingUtil.initMdcContext(req, headers);
227 logger.debug("Incoming request..." + content);
229 ResponseBuilder responseBuilder;
230 Map<String, String> params = addParams(uriInfo, false, type, version);
233 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
235 ImmutablePair<EntityTag, String> result = graphDataService.getEdge(version, id, type, params);
237 Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType);
239 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
241 } catch (CrudException ce) {
242 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
243 } catch (Exception e) {
244 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
247 setTxIdOnResponseHeader(headers, responseBuilder);
249 Response response = responseBuilder.build();
250 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
254 @ApiOperation(value = "Get Edges" , notes="For example : https://<host>:9520/services/inventory/relationships/v11/tosca.relationships.HostedOn/")
256 @ApiResponse(code = 200, message = "Success"),
257 @ApiResponse(code = 403, message = "Forbidden"),
258 @ApiResponse(code = 404, message = "Not Found"),
259 @ApiResponse(code = 500, message = "Internal Server Error") })
261 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
262 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
265 @Path("/relationships/{version}/{type}/")
266 @Consumes({MediaType.APPLICATION_JSON})
267 @Produces({MediaType.APPLICATION_JSON})
268 public Response getEdges(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
269 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
270 @Context HttpServletRequest req) {
272 LoggingUtil.initMdcContext(req, headers);
273 logger.debug("Incoming request..." + content);
275 ResponseBuilder responseBuilder;
276 Map<String, String> filter = addParams(uriInfo, true, type, version);
279 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
280 ImmutablePair<EntityTag, String> result = graphDataService.getEdges(version, type, filter);
282 Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType);
284 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
286 } catch (CrudException ce) {
287 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
288 } catch (Exception e) {
289 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
292 setTxIdOnResponseHeader(headers, responseBuilder);
294 Response response = responseBuilder.build();
295 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
299 @ApiOperation(value = "Update Edge" , notes = "# Payload \n"
301 " \"properties\":{ \r\n" +
302 " \"prop1\" : \"value\",\r\n" +
303 " \"prop2\" :\"value\",\r\n" +
307 @ApiResponse(code = 200, message = "Success"),
308 @ApiResponse(code = 403, message = "Forbidden"),
309 @ApiResponse(code = 404, message = "Not Found"),
310 @ApiResponse(code = 400, message = "Bad Request"),
311 @ApiResponse(code = 500, message = "Internal Server Error") })
313 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
314 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
317 @Path("/relationships/{version}/{type}/{id}")
318 @Consumes({MediaType.APPLICATION_JSON})
319 @Produces({MediaType.APPLICATION_JSON})
320 public Response updateEdge(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
321 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
322 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
324 LoggingUtil.initMdcContext(req, headers);
325 logger.debug("Incoming request..." + content);
327 ResponseBuilder responseBuilder;
330 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
331 EdgePayload payload = EdgePayload.fromJson(content);
332 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
333 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
335 if (payload.getId() != null && !payload.getId().equals(id)) {
336 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
338 ImmutablePair<EntityTag, String> result;
339 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
340 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
341 result = graphDataService.patchEdge(version, id, type, payload);
343 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
345 result = graphDataService.updateEdge(version, id, type, payload);
347 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
351 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
353 } catch (CrudException ce) {
354 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
355 } catch (Exception e) {
356 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
359 setTxIdOnResponseHeader(headers, responseBuilder);
361 Response response = responseBuilder.build();
362 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
366 @ApiOperation(value = "Patch Edge" , notes = "# Payload \n"
368 " \"properties\":{ \r\n" +
369 " \"prop1\" : \"value\",\r\n" +
370 " \"prop2\" :\"value\",\r\n" +
374 @ApiResponse(code = 200, message = "Success"),
375 @ApiResponse(code = 403, message = "Forbidden"),
376 @ApiResponse(code = 400, message = "Bad Request"),
377 @ApiResponse(code = 404, message = "Not Found"),
378 @ApiResponse(code = 500, message = "Internal Server Error") })
380 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
381 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
384 @Path("/relationships/{version}/{type}/{id}")
385 @Consumes({"application/merge-patch+json"})
386 @Produces({MediaType.APPLICATION_JSON})
387 public Response patchEdge(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
388 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
389 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
391 LoggingUtil.initMdcContext(req, headers);
392 logger.debug("Incoming request..." + content);
394 ResponseBuilder responseBuilder;
397 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
398 EdgePayload payload = EdgePayload.fromJson(content);
399 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
400 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
402 if (payload.getId() != null && !payload.getId().equals(id)) {
403 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
406 ImmutablePair<EntityTag, String> result = graphDataService.patchEdge(version, id, type, payload);
408 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
410 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
412 } catch (CrudException ce) {
413 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
414 } catch (Exception e) {
415 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
418 setTxIdOnResponseHeader(headers, responseBuilder);
420 Response response = responseBuilder.build();
421 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
425 @ApiOperation(value = "Update Vertex" , notes = "# Payload \n"
427 " \"type\" :\"vertex type from oxm like comcast.nodes.sdwan.vpn\",\r\n" +
428 " \"properties\": {\r\n" +
429 " \"prop1\" : \"value\",\r\n" +
430 " \"prop2\" :\"value\",\r\n" +
434 @ApiResponse(code = 200, message = "Success"),
435 @ApiResponse(code = 403, message = "Forbidden"),
436 @ApiResponse(code = 400, message = "Bad Request"),
437 @ApiResponse(code = 404, message = "Not Found"),
438 @ApiResponse(code = 500, message = "Internal Server Error") })
440 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
441 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
444 @Path("/{version}/{type}/{id}")
445 @Consumes({MediaType.APPLICATION_JSON})
446 @Produces({MediaType.APPLICATION_JSON})
447 public Response updateVertex(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
448 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
449 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
451 LoggingUtil.initMdcContext(req, headers);
452 logger.debug("Incoming request..." + content);
454 ResponseBuilder responseBuilder;
457 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
458 VertexPayload payload = VertexPayload.fromJson(content);
459 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
460 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
462 if (payload.getId() != null && !payload.getId().equals(id)) {
463 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
466 payload.setProperties(
467 CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
469 ImmutablePair<EntityTag, String> result;
470 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
471 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
472 result = graphDataService.patchVertex(version, id, type, payload);
474 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
476 result = graphDataService.updateVertex(version, id, type, payload);
478 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
482 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
484 } catch (CrudException ce) {
485 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
486 } catch (Exception e) {
487 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
490 setTxIdOnResponseHeader(headers, responseBuilder);
492 Response response = responseBuilder.build();
493 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
497 @ApiOperation(value = "Patch Vertex" , notes = "# Payload \n"
499 " \"type\" :\"vertex type from oxm like comcast.nodes.sdwan.vpn\",\r\n" +
500 " \"properties\": {\r\n" +
501 " \"prop1\" : \"true\",\r\n" +
502 " \"prop2\" :\"name1\",\r\n" +
506 @ApiResponse(code = 200, message = "Success"),
507 @ApiResponse(code = 403, message = "Forbidden"),
508 @ApiResponse(code = 400, message = "Bad Request"),
509 @ApiResponse(code = 404, message = "Not Found"),
510 @ApiResponse(code = 500, message = "Internal Server Error") })
512 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
513 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
516 @Path("/{version}/{type}/{id}")
517 @Consumes({"application/merge-patch+json"})
518 @Produces({MediaType.APPLICATION_JSON})
519 public Response patchVertex(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
520 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
521 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
523 LoggingUtil.initMdcContext(req, headers);
524 logger.debug("Incoming request..." + content);
526 ResponseBuilder responseBuilder;
529 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
530 VertexPayload payload = VertexPayload.fromJson(content);
531 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
532 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
534 if (payload.getId() != null && !payload.getId().equals(id)) {
535 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
538 payload.setProperties(
539 CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
541 ImmutablePair<EntityTag, String> result = graphDataService.patchVertex(version, id, type, payload);
543 Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey());
545 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
547 } catch (CrudException ce) {
548 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
549 } catch (Exception e) {
550 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
553 setTxIdOnResponseHeader(headers, responseBuilder);
555 Response response = responseBuilder.build();
556 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
560 @ApiOperation(value = "Create Vertex" , notes = "# Payload \n"
562 " \"properties\": {\r\n" +
563 " \"prop1\" : \"value\",\r\n" +
564 " \"prop2\" :\"value\",\r\n" +
568 @ApiResponse(code = 201, message = "Created"),
569 @ApiResponse(code = 403, message = "Forbidden"),
570 @ApiResponse(code = 400, message = "Bad Request"),
571 @ApiResponse(code = 404, message = "Not Found"),
572 @ApiResponse(code = 500, message = "Internal Server Error") })
574 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
575 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
578 @Path("/{version}/{type}/")
579 @Consumes({MediaType.APPLICATION_JSON})
580 @Produces({MediaType.APPLICATION_JSON})
581 public Response addVertex(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
582 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
583 @Context HttpServletRequest req) {
585 LoggingUtil.initMdcContext(req, headers);
586 logger.debug("Incoming request..." + content);
588 ResponseBuilder responseBuilder;
591 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
592 VertexPayload payload = VertexPayload.fromJson(content);
593 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
594 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
596 if (payload.getId() != null) {
597 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
600 if (payload.getType() != null && !payload.getType().equals(type)) {
601 throw new CrudException("Vertex Type mismatch", Status.BAD_REQUEST);
604 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
606 ImmutablePair<EntityTag, String> result = graphDataService.addVertex(version, type, payload);
608 Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType);
610 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
612 } catch (CrudException ce) {
613 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
614 } catch (Exception e) {
615 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
618 setTxIdOnResponseHeader(headers, responseBuilder);
620 Response response = responseBuilder.build();
621 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
625 private void validateBulkPayload(BulkPayload payload) throws CrudException {
626 List<String> vertices = new ArrayList<String>();
627 List<String> edges = new ArrayList<String>();
629 for (JsonElement v : payload.getObjects()) {
630 List<Map.Entry<String, JsonElement>> entries =
631 new ArrayList<Map.Entry<String, JsonElement>>(v.getAsJsonObject().entrySet());
633 if (entries.size() != 2) {
634 throw new CrudException("", Status.BAD_REQUEST);
636 Map.Entry<String, JsonElement> opr = entries.get(0);
637 Map.Entry<String, JsonElement> item = entries.get(1);
639 if (vertices.contains(item.getKey())) {
640 throw new CrudException("duplicate vertex in payload: " + item.getKey(), Status.BAD_REQUEST);
642 VertexPayload vertexPayload = VertexPayload.fromJson(item.getValue().getAsJsonObject().toString());
643 if (vertexPayload.getType() == null) {
644 throw new CrudException("Vertex Type cannot be null for: " + item.getKey(), Status.BAD_REQUEST);
647 if (!opr.getKey().equalsIgnoreCase("operation")) {
648 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
651 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
652 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
653 && !opr.getValue().getAsString().equalsIgnoreCase("patch")
654 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
655 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
657 // check if ID is populate for modify/patch/delete operation
658 if ((opr.getValue().getAsString().equalsIgnoreCase("modify")
659 || opr.getValue().getAsString().equalsIgnoreCase("patch")
660 || opr.getValue().getAsString().equalsIgnoreCase("delete")) && (vertexPayload.getId() == null)) {
662 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
666 vertices.add(item.getKey());
669 for (JsonElement v : payload.getRelationships()) {
670 List<Map.Entry<String, JsonElement>> entries =
671 new ArrayList<Map.Entry<String, JsonElement>>(v.getAsJsonObject().entrySet());
673 if (entries.size() != 2) {
674 throw new CrudException("", Status.BAD_REQUEST);
676 Map.Entry<String, JsonElement> opr = entries.get(0);
677 Map.Entry<String, JsonElement> item = entries.get(1);
679 if (edges.contains(item.getKey())) {
680 throw new CrudException("duplicate Edge in payload: " + item.getKey(), Status.BAD_REQUEST);
683 EdgePayload edgePayload = EdgePayload.fromJson(item.getValue().getAsJsonObject().toString());
685 if (!opr.getKey().equalsIgnoreCase("operation")) {
686 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
689 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
690 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
691 && !opr.getValue().getAsString().equalsIgnoreCase("patch")
692 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
693 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
695 // check if ID is populate for modify/patch/delete operation
696 if ((edgePayload.getId() == null) && (opr.getValue().getAsString().equalsIgnoreCase("modify")
697 || opr.getValue().getAsString().equalsIgnoreCase("patch")
698 || opr.getValue().getAsString().equalsIgnoreCase("delete"))) {
700 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
703 if (opr.getValue().getAsString().equalsIgnoreCase("add")) {
704 if (edgePayload.getSource() == null || edgePayload.getTarget() == null) {
705 throw new CrudException("Source/Target cannot be null for edge: " + item.getKey(),
708 if (edgePayload.getSource().startsWith("$")
709 && !vertices.contains(edgePayload.getSource().substring(1))) {
710 throw new CrudException("Source Vertex " + edgePayload.getSource().substring(1)
711 + " not found for Edge: " + item.getKey(), Status.BAD_REQUEST);
714 if (edgePayload.getTarget().startsWith("$")
715 && !vertices.contains(edgePayload.getTarget().substring(1))) {
716 throw new CrudException("Target Vertex " + edgePayload.getSource().substring(1)
717 + " not found for Edge: " + item.getKey(), Status.BAD_REQUEST);
720 edges.add(item.getKey());
726 @ApiOperation(value = "Bulk API" , notes="For example : https://<host>:9520/services/inventory/v11/bulk")
728 @ApiResponse(code = 200, message = "Success"),
729 @ApiResponse(code = 403, message = "Forbidden"),
730 @ApiResponse(code = 400, message = "Bad Request"),
731 @ApiResponse(code = 404, message = "Not Found"),
732 @ApiResponse(code = 500, message = "Internal Server Error") })
734 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
735 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
738 @Path("/{version}/bulk/")
739 @Consumes({MediaType.APPLICATION_JSON})
740 @Produces({MediaType.APPLICATION_JSON})
741 public Response addBulk(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version,
742 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
743 @Context HttpServletRequest req) {
745 LoggingUtil.initMdcContext(req, headers);
746 logger.debug("Incoming request..." + content);
748 ResponseBuilder responseBuilder;
751 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
752 BulkPayload payload = BulkPayload.fromJson(content);
753 if ((payload.getObjects() == null && payload.getRelationships() == null)
754 || (payload.getObjects() != null && payload.getObjects().isEmpty()
755 && payload.getRelationships() != null && payload.getRelationships().isEmpty())) {
756 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
759 validateBulkPayload(payload);
760 String result = graphDataService.addBulk(version, payload, headers);
761 responseBuilder = Response.status(Status.OK).entity(result).type(mediaType);
763 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
765 } catch (CrudException ce) {
766 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
767 } catch (Exception e) {
768 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
771 setTxIdOnResponseHeader(headers, responseBuilder);
773 Response response = responseBuilder.build();
774 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
778 @ApiOperation(value = "Create Vertex (typeless endpoint)" , nickname="addVertex-typeless",notes = "# Payload \n"
780 " \"type\" :\"vertex type from oxm like comcast.nodes.sdwan.vpn\",\r\n" +
781 " \"properties\": {\r\n" +
782 " \"prop1\" : \"value\",\r\n" +
783 " \"prop2\" :\"value\",\r\n" +
787 @ApiResponse(code = 201, message = "Created"),
788 @ApiResponse(code = 403, message = "Forbidden"),
789 @ApiResponse(code = 400, message = "Bad Request"),
790 @ApiResponse(code = 404, message = "Not Found"),
791 @ApiResponse(code = 500, message = "Internal Server Error") })
793 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
794 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
798 @Consumes({MediaType.APPLICATION_JSON})
799 @Produces({MediaType.APPLICATION_JSON})
800 public Response addVertex(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version,
801 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
802 @Context HttpServletRequest req) {
804 LoggingUtil.initMdcContext(req, headers);
805 logger.debug("Incoming request..." + content);
807 ResponseBuilder responseBuilder;
811 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
812 VertexPayload payload = VertexPayload.fromJson(content);
813 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
814 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
816 if (payload.getId() != null) {
817 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
820 if (payload.getType() == null || payload.getType().isEmpty()) {
821 throw new CrudException("Missing Vertex Type ", Status.BAD_REQUEST);
824 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
826 ImmutablePair<EntityTag, String> result =
827 graphDataService.addVertex(version, payload.getType(), payload);
829 Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType);
831 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
833 } catch (CrudException ce) {
834 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
835 } catch (Exception e) {
836 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
839 setTxIdOnResponseHeader(headers, responseBuilder);
841 Response response = responseBuilder.build();
842 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
846 @ApiOperation(value = "Create Edge" , notes = "# Payload \n"
848 " \"source\":\"source vertex like : services/inventory/v11/vserver/0\",\r\n" +
849 " \"target\":\"target vertex like : services/inventory/v11/pserver/7\",\r\n" +
850 " \"properties\":{ \r\n" +
851 " \"prop1\" : \"value\",\r\n" +
852 " \"prop2\" :\"value\",\r\n" +
856 @ApiResponse(code = 201, message = "Created"),
857 @ApiResponse(code = 403, message = "Forbidden"),
858 @ApiResponse(code = 400, message = "Bad Request"),
859 @ApiResponse(code = 404, message = "Not Found"),
860 @ApiResponse(code = 500, message = "Internal Server Error") })
863 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
864 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
867 @Path("/relationships/{version}/{type}/")
868 @Consumes({MediaType.APPLICATION_JSON})
869 @Produces({MediaType.APPLICATION_JSON})
870 public Response addEdge(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
871 @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
872 @Context HttpServletRequest req) {
874 LoggingUtil.initMdcContext(req, headers);
875 logger.debug("Incoming request..." + content);
877 ResponseBuilder responseBuilder;
880 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
881 EdgePayload payload = EdgePayload.fromJson(content);
882 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
883 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
885 if (payload.getId() != null) {
886 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
889 if (payload.getType() != null && !payload.getType().equals(type)) {
890 throw new CrudException("Edge Type mismatch", Status.BAD_REQUEST);
892 ImmutablePair<EntityTag, String> result = graphDataService.addEdge(version, type, payload);
894 Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType);
896 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
898 } catch (CrudException ce) {
899 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
900 } catch (Exception e) {
901 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
904 setTxIdOnResponseHeader(headers, responseBuilder);
906 Response response = responseBuilder.build();
907 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
911 @ApiOperation(value = "Create Edge (typeless endpoint)" , nickname="addEdge-typeless",notes = "# Payload \n"
913 " \"type\":\"edge type like : tosca.relationships.HostedOn\",\r\n" +
914 " \"source\":\"source vertex like : services/inventory/v11/vserver/0\",\r\n" +
915 " \"target\":\"target vertex like : services/inventory/v11/pserver/7\",\r\n" +
916 " \"properties\":{ \r\n" +
917 " \"prop1\" : \"value\",\r\n" +
918 " \"prop2\" :\"value\",\r\n" +
922 @ApiResponse(code = 201, message = "Created"),
923 @ApiResponse(code = 403, message = "Forbidden"),
924 @ApiResponse(code = 400, message = "Bad Request"),
925 @ApiResponse(code = 404, message = "Not Found"),
926 @ApiResponse(code = 500, message = "Internal Server Error") })
928 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
929 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
932 @Path("/relationships/{version}/")
933 @Consumes({MediaType.APPLICATION_JSON})
934 @Produces({MediaType.APPLICATION_JSON})
935 public Response addEdge(String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri,
936 @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
938 LoggingUtil.initMdcContext(req, headers);
939 logger.debug("Incoming request..." + content);
941 ResponseBuilder responseBuilder;
944 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
945 EdgePayload payload = EdgePayload.fromJson(content);
946 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
947 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
949 if (payload.getId() != null) {
950 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
953 if (payload.getType() == null || payload.getType().isEmpty()) {
954 payload.setType(CrudServiceUtil.determineEdgeType(payload, version));
957 ImmutablePair<EntityTag, String> result = graphDataService.addEdge(version, payload.getType(), payload);
959 Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType);
961 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
963 } catch (CrudException ce) {
964 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
965 } catch (Exception e) {
966 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
969 setTxIdOnResponseHeader(headers, responseBuilder);
971 Response response = responseBuilder.build();
972 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
976 @ApiOperation(value = "Delete Vertex" , notes="For example : https://<host>:9520/services/inventory/v11/pserver/<id>")
978 @ApiResponse(code = 200, message = "Success"),
979 @ApiResponse(code = 403, message = "Forbidden"),
980 @ApiResponse(code = 400, message = "Bad Request"),
981 @ApiResponse(code = 404, message = "Not Found"),
982 @ApiResponse(code = 500, message = "Internal Server Error") })
984 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
985 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
988 @Path("/{version}/{type}/{id}")
989 @Consumes({MediaType.APPLICATION_JSON})
990 @Produces({MediaType.APPLICATION_JSON})
991 public Response deleteVertex(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
992 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
993 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
995 LoggingUtil.initMdcContext(req, headers);
996 logger.debug("Incoming request..." + content);
998 ResponseBuilder responseBuilder;
1001 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
1002 String result = graphDataService.deleteVertex(version, id, type);
1003 responseBuilder = Response.status(Status.OK).entity(result).type(mediaType);
1005 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
1007 } catch (CrudException ce) {
1008 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
1009 } catch (Exception e) {
1010 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
1013 setTxIdOnResponseHeader(headers, responseBuilder);
1015 Response response = responseBuilder.build();
1016 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
1020 @ApiOperation(value = "Delete Edge" , notes="For example : https://<host>:9520/services/inventory/v11/pserver/<id>")
1022 @ApiResponse(code = 200, message = "Success"),
1023 @ApiResponse(code = 403, message = "Forbidden"),
1024 @ApiResponse(code = 400, message = "Bad Request"),
1025 @ApiResponse(code = 404, message = "Not Found"),
1026 @ApiResponse(code = 500, message = "Internal Server Error") })
1027 @ApiImplicitParams({
1028 @ApiImplicitParam(name = "X-FromAppId", required = true, dataType = "string", paramType = "header"),
1029 @ApiImplicitParam(name = "X-TransactionId", required = true, dataType = "string", paramType = "header"),
1032 @Path("/relationships/{version}/{type}/{id}")
1033 @Consumes({MediaType.APPLICATION_JSON})
1034 @Produces({MediaType.APPLICATION_JSON})
1035 public Response deleteEdge(@ApiParam(hidden=true) String content, @PathParam("version") @ApiParam(value="oxm model version",defaultValue="v13") String version, @PathParam("type") String type,
1036 @PathParam("id") String id, @PathParam("uri") @Encoded @ApiParam(hidden=true) String uri, @Context HttpHeaders headers,
1037 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
1039 LoggingUtil.initMdcContext(req, headers);
1040 logger.debug("Incoming request..." + content);
1042 ResponseBuilder responseBuilder;
1045 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
1046 String result = graphDataService.deleteEdge(version, id, type);
1047 responseBuilder = Response.status(Status.OK).entity(result).type(mediaType);
1049 responseBuilder = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON);
1051 } catch (CrudException ce) {
1052 responseBuilder = Response.status(ce.getHttpStatus()).entity(ce.getMessage());
1053 } catch (Exception e) {
1054 responseBuilder = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage());
1057 setTxIdOnResponseHeader(headers, responseBuilder);
1059 Response response = responseBuilder.build();
1060 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
1064 protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action,
1065 String authPolicyFunctionName, HttpHeaders headers) throws CrudException {
1066 boolean isValid = false;
1068 String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
1069 String authUser = null;
1070 if (cipherSuite != null) {
1071 X509Certificate[] certChain =
1072 (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
1073 X509Certificate clientCert = certChain[0];
1074 X500Principal subjectDn = clientCert.getSubjectX500Principal();
1075 authUser = subjectDn.toString();
1077 if (null != authUser) {
1078 isValid = this.auth.validateRequest(authUser.toLowerCase(),
1079 action.toString() + ":" + authPolicyFunctionName);
1081 } catch (Exception e) {
1082 logResult(action, uri, e);
1086 validateRequestHeader(headers);
1091 public void validateRequestHeader(HttpHeaders headers) throws CrudException {
1092 String sourceOfTruth = null;
1093 if (headers.getRequestHeaders().containsKey("X-FromAppId")) {
1094 sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId");
1097 if (sourceOfTruth == null || sourceOfTruth.trim() == "") {
1098 throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST);
1101 String transId = null;
1102 if (headers.getRequestHeaders().containsKey("X-TransactionId")) {
1103 transId = headers.getRequestHeaders().getFirst("X-TransactionId");
1106 if (transId == null || transId.trim() == "") {
1107 throw new CrudException("Invalid request, Missing X-TransactionId header", Status.BAD_REQUEST);
1111 void logResult(Action op, String uri, Exception e) {
1113 logger.error(CrudServiceMsgs.EXCEPTION_DURING_METHOD_CALL, op.toString(), uri,
1114 Arrays.toString(e.getStackTrace()));
1116 // Clear the MDC context so that no other transaction inadvertently
1117 // uses our transaction id.
1121 private Map<String, String> addParams(UriInfo info, boolean filter, String type, String version) {
1122 String propertiesKey = CrudProperties.get(CrudServiceConstants.CRD_COLLECTION_PROPERTIES_KEY);
1123 Map<String, String> params = new HashMap<String, String>();
1124 params.put(CrudServiceConstants.CRD_RESERVED_VERSION, version);
1125 params.put(CrudServiceConstants.CRD_RESERVED_NODE_TYPE, type);
1127 for (Map.Entry<String, List<String>> e : info.getQueryParameters().entrySet()) {
1128 if (!e.getKey().equals(propertiesKey)) {
1129 params.put(e.getKey(), e.getValue().get(0));
1133 for (Map.Entry<String, List<String>> e : info.getQueryParameters().entrySet()) {
1134 params.put(e.getKey(), e.getValue().get(0));
1140 private void setTxIdOnResponseHeader(HttpHeaders headers, ResponseBuilder responseBuilder) {
1141 String txId = headers.getHeaderString(TRANSACTIONID_HEADER);
1143 responseBuilder.header(TRANSACTIONID_HEADER, txId);