2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
7 * Modifications Copyright (C) 2019 IBM.
8 * ================================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 * ============LICENSE_END=========================================================
23 package org.onap.dmaap.dbcapi.service;
25 import org.onap.dmaap.dbcapi.aaf.AafService;
26 import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
27 import org.onap.dmaap.dbcapi.aaf.AafUserRole;
28 import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
29 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
30 import org.onap.dmaap.dbcapi.client.MrProvConnection;
31 import org.onap.dmaap.dbcapi.database.DatabaseClass;
32 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
33 import org.onap.dmaap.dbcapi.model.ApiError;
34 import org.onap.dmaap.dbcapi.model.DcaeLocation;
35 import org.onap.dmaap.dbcapi.model.DmaapObject.DmaapObject_Status;
36 import org.onap.dmaap.dbcapi.model.MR_Client;
37 import org.onap.dmaap.dbcapi.model.MR_Cluster;
38 import org.onap.dmaap.dbcapi.model.Topic;
39 import org.onap.dmaap.dbcapi.util.DmaapConfig;
41 import javax.ws.rs.core.Response.Status;
42 import java.util.ArrayList;
43 import java.util.List;
46 public class MR_ClientService extends BaseLoggingClass {
48 private static final String MR_CLIENT_ID = "mrClientId";
49 private int deleteLevel;
50 private Map<String, MR_Client> mr_clients = DatabaseClass.getMr_clients();
51 private Map<String, MR_Cluster> clusters = DatabaseClass.getMr_clusters();
52 private Map<String, DcaeLocation> locations = DatabaseClass.getDcaeLocations();
53 private DmaapService dmaap = new DmaapService();
54 private String centralCname;
56 public MR_ClientService() {
57 DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
59 centralCname = p.getProperty("MR.CentralCname", "MRcname.not.set");
60 deleteLevel = Integer.valueOf(p.getProperty("MR.ClientDeleteLevel", "0"));
63 public List<MR_Client> getAllMr_Clients() {
64 return new ArrayList<>(mr_clients.values());
67 List<MR_Client> getAllMrClients(String fqtn) {
68 ArrayList<MR_Client> results = new ArrayList<>();
69 for (Map.Entry<String, MR_Client> entry : mr_clients.entrySet()) {
70 MR_Client client = entry.getValue();
71 if (fqtn.equals(client.getFqtn())) {
78 List<MR_Client> getClientsByLocation(String location) {
79 List<MR_Client> results = new ArrayList<>();
80 for (Map.Entry<String, MR_Client> entry : mr_clients.entrySet()) {
81 MR_Client client = entry.getValue();
82 if (location.equals(client.getDcaeLocationName())) {
90 public MR_Client getMr_Client(String key, ApiError apiError) {
91 MR_Client c = mr_clients.get(key);
93 apiError.setCode(Status.NOT_FOUND.getStatusCode());
94 apiError.setFields(MR_CLIENT_ID);
95 apiError.setMessage(MR_CLIENT_ID + " " + key + " not found");
97 apiError.setCode(200);
102 public MR_Client addMr_Client(MR_Client client, Topic topic, ApiError err) {
103 if (client.getDcaeLocationName().isEmpty()) {
104 logger.info("Client dcaeLocation that doesn't exist or not specified");
107 // original style: clients specified Role. This has precedence for backwards
109 // ONAP style: clients specify Identity to be assigned to generated Role
110 String role = client.getClientRole();
112 grantClientRolePerms(client, err);
113 } else if (client.hasClientIdentity()) {
114 if (client.isSubscriber()) {
115 role = topic.getSubscriberRole();
116 assignIdentityToRole(client, role, err);
118 if (client.isPublisher()) {
119 role = topic.getPublisherRole();
120 assignIdentityToRole(client, role, err);
123 if (!client.isStatusValid()) {
126 String centralFqdn = null;
127 DcaeLocation candidate = locations.get(client.getDcaeLocationName());
129 MR_Cluster cluster = clusters.get(client.getDcaeLocationName());
130 if (cluster != null && candidate != null) {
131 if (candidate.isCentral() && !topic.getReplicationCase().involvesFQDN()) {
132 centralFqdn = centralCname;
134 client.setTopicURL(cluster.genTopicURL(centralFqdn, client.getFqtn()));
135 if (centralFqdn == null) {
136 client.setStatus(addTopicToCluster(cluster, topic, err));
137 if (!err.is2xx() && err.getCode() != 409) {
138 topic.setFqtn(err.getMessage());
143 MR_ClusterService clusters = new MR_ClusterService();
144 // MM should only exist for edge-to-central
145 // we use a cname for the central target (default resiliency with no replicationGroup set)
146 // but still need to provision topics on all central MRs
147 for (MR_Cluster central : clusters.getCentralClusters()) {
148 client.setStatus(addTopicToCluster(central, topic, err));
149 if (!err.is2xx() && err.getCode() != 409) {
150 topic.setFqtn(err.getMessage());
157 logger.warn("Client references a dcaeLocation that doesn't exist:" + client.getDcaeLocationName());
158 client.setStatus(DmaapObject_Status.STAGED);
161 mr_clients.put(client.getMrClientId(), client);
168 private DmaapObject_Status addTopicToCluster(MR_Cluster cluster, Topic topic, ApiError err) {
170 MrProvConnection prov = new MrProvConnection();
171 logger.info("POST topic " + topic.getFqtn() + " to cluster " + cluster.getFqdn() + " in loc " + cluster.getDcaeLocationName());
172 if (prov.makeTopicConnection(cluster)) {
173 prov.doPostTopic(topic, err);
174 logger.info("response code: " + err.getCode());
175 if (err.is2xx() || err.getCode() == 409) {
176 return DmaapObject_Status.VALID;
179 return DmaapObject_Status.INVALID;
182 private void grantClientRolePerms(MR_Client client, ApiError err) {
183 AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
185 String instance = ":topic." + client.getFqtn();
186 client.setStatus(DmaapObject_Status.VALID);
187 String role = client.getClientRole();
188 for (String want : client.getAction()) {
190 DmaapPerm perm = new DmaapPerm(dmaap.getTopicPerm(), instance, want);
192 DmaapGrant g = new DmaapGrant(perm, role);
193 rc = aaf.addGrant(g);
194 if (rc != 201 && rc != 409) {
195 client.setStatus(DmaapObject_Status.INVALID);
197 err.setMessage("Grant of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " failed for " + role);
198 logger.warn(err.getMessage());
202 logger.warn("No Grant of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " because role is null ");
207 private void assignIdentityToRole(MR_Client client, String role, ApiError err) {
208 AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
210 AafUserRole ur = new AafUserRole(client.getClientIdentity(), role);
211 int rc = aaf.addUserRole(ur);
212 if (rc != 201 && rc != 409) {
213 client.setStatus(DmaapObject_Status.INVALID);
215 err.setMessage("Failed to add user " + client.getClientIdentity() + " to " + role);
216 logger.warn(err.getMessage());
219 client.setStatus(DmaapObject_Status.VALID);
223 private void revokeClientPerms(MR_Client client, ApiError err) {
224 AafService aaf = new AafService(ServiceType.AAF_TopicMgr);
226 String instance = ":topic." + client.getFqtn();
227 client.setStatus(DmaapObject_Status.VALID);
228 for (String want : client.getAction()) {
230 DmaapPerm perm = new DmaapPerm(dmaap.getTopicPerm(), instance, want);
231 DmaapGrant g = new DmaapGrant(perm, client.getClientRole());
232 rc = aaf.delGrant(g);
233 if (rc != 200 && rc != 404) {
234 client.setStatus(DmaapObject_Status.INVALID);
236 err.setMessage("Revoke of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " failed for " + client.getClientRole());
237 logger.warn(err.getMessage());
243 public MR_Client updateMr_Client(MR_Client client, ApiError apiError) {
244 MR_Client c = mr_clients.get(client.getMrClientId());
246 apiError.setCode(Status.NOT_FOUND.getStatusCode());
247 apiError.setFields(MR_CLIENT_ID);
248 apiError.setMessage("mrClientId " + client.getMrClientId() + " not found");
250 apiError.setCode(200);
252 mr_clients.put(client.getMrClientId(), client);
256 public void removeMr_Client(String key, boolean updateTopicView, ApiError apiError) {
257 MR_Client client = mr_clients.get(key);
258 if (client == null) {
259 apiError.setCode(Status.NOT_FOUND.getStatusCode());
260 apiError.setFields(MR_CLIENT_ID);
261 apiError.setMessage("mrClientId " + key + " not found");
264 apiError.setCode(200);
267 if (updateTopicView) {
269 TopicService topics = new TopicService();
271 Topic t = topics.getTopic(client.getFqtn(), apiError);
273 List<MR_Client> tc = t.getClients();
274 for (MR_Client c : tc) {
275 if (c.getMrClientId().equals(client.getMrClientId())) {
281 topics.updateTopic(t, apiError);
287 if (deleteLevel >= 2) {
288 revokeClientPerms(client, apiError);
289 if (!apiError.is2xx()) {
294 if (deleteLevel >= 1) {
295 mr_clients.remove(key);