package org.onap.dmaap.datarouter.provisioning;
+import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
import static com.att.eelf.configuration.Configuration.MDC_SERVER_FQDN;
-
import static com.att.eelf.configuration.Configuration.MDC_SERVER_IP_ADDRESS;
import static com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME;
-import java.io.IOException;
-import java.io.InputStream;
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.cert.X509Certificate;
import java.sql.Connection;
import java.sql.SQLException;
+import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
+import java.util.List;
import java.util.Map;
+import java.util.Properties;
import java.util.Set;
-import java.util.List;
-import java.util.ArrayList;
-
+import java.util.UUID;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
-
-import org.apache.log4j.Logger;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.jetbrains.annotations.Nullable;
+import org.json.JSONArray;
+import org.json.JSONException;
import org.json.JSONObject;
import org.json.JSONTokener;
import org.onap.dmaap.datarouter.authz.Authorizer;
import org.onap.dmaap.datarouter.provisioning.beans.Parameters;
import org.onap.dmaap.datarouter.provisioning.beans.Subscription;
import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
-import org.onap.dmaap.datarouter.provisioning.utils.DB;
+import org.onap.dmaap.datarouter.provisioning.utils.Poker;
+import org.onap.dmaap.datarouter.provisioning.utils.ProvDbUtils;
+import org.onap.dmaap.datarouter.provisioning.utils.SynchronizerTask;
import org.onap.dmaap.datarouter.provisioning.utils.ThrottleFilter;
-import org.json.JSONException;
import org.slf4j.MDC;
-import java.util.Properties;
-import java.util.regex.Pattern;
-import javax.mail.Message;
-import javax.mail.MessagingException;
-import javax.mail.Multipart;
-import javax.mail.Session;
-import javax.mail.Transport;
-import javax.mail.internet.AddressException;
-import javax.mail.internet.InternetAddress;
-import javax.mail.internet.MimeBodyPart;
-import javax.mail.internet.MimeMessage;
-import javax.mail.internet.MimeMultipart;
/**
* This is the base class for all Servlets in the provisioning code. It provides standard constants and some common
@SuppressWarnings("serial")
public class BaseServlet extends HttpServlet implements ProvDataProvider {
- public static final String BEHALF_HEADER = "X-ATT-DR-ON-BEHALF-OF";
- static final String FEED_BASECONTENT_TYPE = "application/vnd.att-dr.feed";
- public static final String FEED_CONTENT_TYPE = "application/vnd.att-dr.feed; version=2.0";
- public static final String FEEDFULL_CONTENT_TYPE = "application/vnd.att-dr.feed-full; version=2.0";
- public static final String FEEDLIST_CONTENT_TYPE = "application/vnd.att-dr.feed-list; version=1.0";
- static final String SUB_BASECONTENT_TYPE = "application/vnd.att-dr.subscription";
- public static final String SUB_CONTENT_TYPE = "application/vnd.att-dr.subscription; version=2.0";
- public static final String SUBFULL_CONTENT_TYPE = "application/vnd.att-dr.subscription-full; version=2.0";
- static final String SUBLIST_CONTENT_TYPE = "application/vnd.att-dr.subscription-list; version=1.0";
-
+ public static final String BEHALF_HEADER = "X-DMAAP-DR-ON-BEHALF-OF";
+
+ public static final String EXCLUDE_AAF_HEADER = "X-EXCLUDE-AAF";
+
+ private static final String AAF_CADI_FEED_TYPE = "org.onap.dmaap.datarouter.provserver.aaf.feed.type";
+ private static final String AAF_CADI_SUB_TYPE = "org.onap.dmaap.datarouter.provserver.aaf.sub.type";
+ private static final String AAF_INSTANCE = "org.onap.dmaap.datarouter.provserver.aaf.instance";
+ private static final String AAF_CADI_FEED = "org.onap.dmaap-dr.feed";
+ private static final String AAF_CADI_SUB = "org.onap.dmaap-dr.sub";
+
+ static final String CREATE_PERMISSION = "create";
+ static final String EDIT_PERMISSION = "edit";
+ static final String DELETE_PERMISSION = "delete";
+ private static final String PUBLISH_PERMISSION = "publish";
+ private static final String SUSPEND_PERMISSION = "suspend";
+ private static final String RESTORE_PERMISSION = "restore";
+ private static final String SUBSCRIBE_PERMISSION = "subscribe";
+ static final String APPROVE_SUB_PERMISSION = "approveSub";
+
+ static final String FEED_BASECONTENT_TYPE = "application/vnd.dmaap-dr.feed";
+ public static final String FEED_CONTENT_TYPE = "application/vnd.dmaap-dr.feed; version=2.0";
+ public static final String FEEDFULL_CONTENT_TYPE = "application/vnd.dmaap-dr.feed-full; version=2.0";
+ public static final String FEEDLIST_CONTENT_TYPE = "application/vnd.dmaap-dr.feed-list; version=1.0";
+ static final String SUB_BASECONTENT_TYPE = "application/vnd.dmaap-dr.subscription";
+ public static final String SUB_CONTENT_TYPE = "application/vnd.dmaap-dr.subscription; version=2.0";
+ public static final String SUBFULL_CONTENT_TYPE = "application/vnd.dmaap-dr.subscription-full; version=2.0";
+ static final String SUBLIST_CONTENT_TYPE = "application/vnd.dmaap-dr.subscription-list; version=1.0";
//Adding groups functionality, ...1610
- static final String GROUP_BASECONTENT_TYPE = "application/vnd.att-dr.group";
- public static final String GROUP_CONTENT_TYPE = "application/vnd.att-dr.group; version=2.0";
- static final String GROUPFULL_CONTENT_TYPE = "application/vnd.att-dr.group-full; version=2.0";
- public static final String GROUPLIST_CONTENT_TYPE = "application/vnd.att-dr.fegrouped-list; version=1.0";
-
-
- public static final String LOGLIST_CONTENT_TYPE = "application/vnd.att-dr.log-list; version=1.0";
- public static final String PROVFULL_CONTENT_TYPE1 = "application/vnd.att-dr.provfeed-full; version=1.0";
- public static final String PROVFULL_CONTENT_TYPE2 = "application/vnd.att-dr.provfeed-full; version=2.0";
+ static final String GROUP_BASECONTENT_TYPE = "application/vnd.dmaap-dr.group";
+ static final String GROUP_CONTENT_TYPE = "application/vnd.dmaap-dr.group; version=2.0";
+ static final String GROUPFULL_CONTENT_TYPE = "application/vnd.dmaap-dr.group-full; version=2.0";
+ public static final String GROUPLIST_CONTENT_TYPE = "application/vnd.dmaap-dr.fegrouped-list; version=1.0";
+
+ public static final String LOGLIST_CONTENT_TYPE = "application/vnd.dmaap-dr.log-list; version=1.0";
+ public static final String PROVFULL_CONTENT_TYPE1 = "application/vnd.dmaap-dr.provfeed-full; version=1.0";
+ public static final String PROVFULL_CONTENT_TYPE2 = "application/vnd.dmaap-dr.provfeed-full; version=2.0";
public static final String CERT_ATTRIBUTE = "javax.servlet.request.X509Certificate";
- static final String DB_PROBLEM_MSG = "There has been a problem with the DB. It is suggested you try the operation again.";
+ static final String DB_PROBLEM_MSG = "There has been a problem with the DB. It is suggested you "
+ + "try the operation again.";
private static final int DEFAULT_MAX_FEEDS = 10000;
private static final int DEFAULT_MAX_SUBS = 100000;
private static final int DEFAULT_POKETIMER1 = 5;
private static final int DEFAULT_POKETIMER2 = 30;
- private static final String DEFAULT_DOMAIN = "onap";
private static final String DEFAULT_PROVSRVR_NAME = "dmaap-dr-prov";
- private static final String STATIC_ROUTING_NODES = ""; //Adding new param for static Routing - Rally:US664862-1610
+
+ //Common Errors
+ static final String MISSING_ON_BEHALF = "Missing X-DMAAP-DR-ON-BEHALF-OF header.";
+ static final String MISSING_FEED = "Missing or bad feed number.";
+ static final String POLICY_ENGINE = "Policy Engine disallows access.";
+ static final String UNAUTHORIZED = "Unauthorized.";
+ static final String BAD_SUB = "Missing or bad subscription number.";
+ static final String BAD_JSON = "Badly formed JSON";
+ static final String BAD_URL = "Bad URL.";
+
+ public static final String API = "/api/";
+ static final String LOGS = "/logs/";
+ public static final String TEXT_CT = "text/plain";
+ static final String INGRESS = "/ingress/";
+ static final String EGRESS = "/egress/";
+ static final String NETWORK = "/network/";
+ static final String GROUPID = "groupid";
+ public static final String FEEDID = "feedid";
+ static final String FEEDIDS = "feedids";
+ static final String SUBID = "subid";
+ static final String EVENT_TYPE = "eventType";
+ static final String OUTPUT_TYPE = "output_type";
+ static final String START_TIME = "start_time";
+ static final String END_TIME = "end_time";
+ static final String REASON_SQL = "reasonSQL";
+ static final String JSON_HASH_STRING = "password";
/**
- * A boolean to trigger one time "provisioning changed" event on startup
+ * A boolean to trigger one time "provisioning changed" event on startup.
*/
private static boolean startmsgFlag = true;
/**
- * This POD should require SSL connections from clients; pulled from the DB (PROV_REQUIRE_SECURE)
+ * This POD should require SSL connections from clients; pulled from the DB (PROV_REQUIRE_SECURE).
*/
private static boolean requireSecure = true;
/**
- * This POD should require signed, recognized certificates from clients; pulled from the DB (PROV_REQUIRE_CERT)
+ * This POD should require signed, recognized certificates from clients; pulled from the DB (PROV_REQUIRE_CERT).
*/
private static boolean requireCert = true;
/**
- * The set of authorized addresses and networks; pulled from the DB (PROV_AUTH_ADDRESSES)
+ * The set of authorized addresses and networks; pulled from the DB (PROV_AUTH_ADDRESSES).
*/
private static Set<String> authorizedAddressesAndNetworks = new HashSet<>();
/**
- * The set of authorized names; pulled from the DB (PROV_AUTH_SUBJECTS)
+ * The set of authorized names; pulled from the DB (PROV_AUTH_SUBJECTS).
*/
private static Set<String> authorizedNames = new HashSet<>();
/**
- * The FQDN of the initially "active" provisioning server in this Data Router ecosystem
+ * The FQDN of the initially "active" provisioning server in this Data Router ecosystem.
*/
private static String initialActivePod;
/**
- * The FQDN of the initially "standby" provisioning server in this Data Router ecosystem
+ * The FQDN of the initially "standby" provisioning server in this Data Router ecosystem.
*/
private static String initialStandbyPod;
/**
- * The FQDN of this provisioning server in this Data Router ecosystem
+ * The FQDN of this provisioning server in this Data Router ecosystem.
*/
private static String thisPod;
/**
- * "Timer 1" - used to determine when to notify nodes of provisioning changes
+ * "Timer 1" - used to determine when to notify nodes of provisioning changes.
*/
private static long pokeTimer1;
/**
- * "Timer 2" - used to determine when to notify nodes of provisioning changes
+ * "Timer 2" - used to determine when to notify nodes of provisioning changes.
*/
private static long pokeTimer2;
/**
- * Array of nodes names and/or FQDNs
+ * Array of nodes names and/or FQDNs.
*/
private static String[] nodes = new String[0];
/**
- * Array of node IP addresses
+ * Array of node IP addresses.
*/
private static InetAddress[] nodeAddresses = new InetAddress[0];
/**
- * Array of POD IP addresses
+ * Array of POD IP addresses.
*/
private static InetAddress[] podAddresses = new InetAddress[0];
/**
- * The maximum number of feeds allowed; pulled from the DB (PROV_MAXFEED_COUNT)
+ * The maximum number of feeds allowed; pulled from the DB (PROV_MAXFEED_COUNT).
*/
static int maxFeeds = 0;
/**
- * The maximum number of subscriptions allowed; pulled from the DB (PROV_MAXSUB_COUNT)
+ * The maximum number of subscriptions allowed; pulled from the DB (PROV_MAXSUB_COUNT).
*/
static int maxSubs = 0;
/**
- * The current number of feeds in the system
+ * The current number of feeds in the system.
*/
static int activeFeeds = 0;
/**
- * The current number of subscriptions in the system
+ * The current number of subscriptions in the system.
*/
static int activeSubs = 0;
+
/**
- * The domain used to generate a FQDN from the "bare" node names
- */
- private static String provDomain = "web.att.com";
- /**
- * The standard FQDN of the provisioning server in this Data Router ecosystem
+ * The standard FQDN of the provisioning server in this Data Router ecosystem.
*/
private static String provName = "feeds-drtr.web.att.com";
/**
- * The standard FQDN of the ACTIVE provisioning server in this Data Router ecosystem
+ * The standard FQDN of the ACTIVE_POD provisioning server in this Data Router ecosystem.
*/
private static String activeProvName = "feeds-drtr.web.att.com";
- private static String staticRoutingNodes = STATIC_ROUTING_NODES; //Adding new param for static Routing - Rally:US664862-1610
-
/**
- * This logger is used to log provisioning events
+ * This logger is used to log provisioning events.
*/
- protected static Logger eventlogger;
+ protected static EELFLogger eventlogger;
/**
* This logger is used to log internal events (errors, etc.)
*/
- protected static Logger intlogger;
+ protected static EELFLogger intlogger;
/**
- * Authorizer - interface to the Policy Engine
+ * Authorizer - interface to the Policy Engine.
*/
protected static Authorizer authz;
/**
- * The Synchronizer used to sync active DB to standby one
+ * The Synchronizer used to sync active DB to standby one.
*/
private static SynchronizerTask synctask = null;
//Data Router Subscriber HTTPS Relaxation feature USERSTORYID:US674047.
private InetAddress thishost;
private InetAddress loopback;
- private static Boolean mailSendFlag = false;
-
- private static final String MAILCONFIG_FILE = "mail.properties";
- private static Properties mailprops;
//DMAAP-597 (Tech Dept) REST request source IP auth relaxation to accommodate OOM kubernetes deploy
- private static String isAddressAuthEnabled = (new DB()).getProperties()
+ private static String isAddressAuthEnabled = ProvRunner.getProvProperties()
.getProperty("org.onap.dmaap.datarouter.provserver.isaddressauthenabled", "false");
+ static String isCadiEnabled = ProvRunner.getProvProperties()
+ .getProperty("org.onap.dmaap.datarouter.provserver.cadi.enabled", "false");
+
/**
* Initialize data common to all the provisioning server servlets.
*/
protected BaseServlet() {
+ setUpFields();
+ if (authz == null) {
+ authz = new ProvAuthorizer(this);
+ }
+ String name = this.getClass().getName();
+ intlogger.info("PROV0002 Servlet " + name + " started.");
+ }
+
+ private static void setUpFields() {
if (eventlogger == null) {
- eventlogger = Logger.getLogger("org.onap.dmaap.datarouter.provisioning.events");
+ eventlogger = EELFManager.getInstance().getLogger("EventLog");
}
if (intlogger == null) {
- intlogger = Logger.getLogger("org.onap.dmaap.datarouter.provisioning.internal");
- }
- if (authz == null) {
- authz = new ProvAuthorizer(this);
+ intlogger = EELFManager.getInstance().getLogger("InternalLog");
}
if (startmsgFlag) {
startmsgFlag = false;
if (synctask == null) {
synctask = SynchronizerTask.getSynchronizer();
}
- String name = this.getClass().getName();
- intlogger.info("PROV0002 Servlet " + name + " started.");
}
@Override
try {
thishost = InetAddress.getLocalHost();
loopback = InetAddress.getLoopbackAddress();
- //checkHttpsRelaxation(); //Data Router Subscriber HTTPS Relaxation feature USERSTORYID:US674047.
} catch (UnknownHostException e) {
- // ignore
+ intlogger.info("BaseServlet.init: " + e.getMessage(), e);
}
}
- int getIdFromPath(HttpServletRequest req) {
+ /**
+ * Get ID from Path.
+ * @param req HTTPServletRequest
+ * @return int ID
+ */
+ public static int getIdFromPath(HttpServletRequest req) {
String path = req.getPathInfo();
if (path == null || path.length() < 2) {
return -1;
}
/**
- * Read the request's input stream and return a JSONObject from it
+ * Read the request's input stream and return a JSONObject from it.
*
* @param req the HTTP request
* @return the JSONObject, or null if the stream cannot be parsed
try {
jo = new JSONObject(new JSONTokener(req.getInputStream()));
if (intlogger.isDebugEnabled()) {
- intlogger.debug("JSON: " + jo.toString());
+ intlogger.debug("JSON: " + hashPasswords(new JSONObject(jo.toString())).toString());
}
} catch (Exception e) {
intlogger.info("Error reading JSON: " + e);
return jo;
}
+ public static JSONObject hashPasswords(JSONObject jo) {
+ if (!jo.isNull("authorization")) {
+ JSONArray endpointIds = jo.getJSONObject("authorization").getJSONArray("endpoint_ids");
+ for (int index = 0; index < endpointIds.length(); index++) {
+ if ((!endpointIds.getJSONObject(index).isNull(JSON_HASH_STRING))) {
+ String password = endpointIds.getJSONObject(index).get(JSON_HASH_STRING).toString();
+ processPassword(endpointIds, index, password);
+ }
+ }
+ }
+ if (!jo.isNull("delivery")) {
+ JSONObject deliveryObj = jo.getJSONObject("delivery");
+ String password = deliveryObj.get(JSON_HASH_STRING).toString();
+ processPassword(deliveryObj, password);
+ }
+ return jo;
+ }
+
+ private static void processPassword(JSONArray endpointIds, int index, String password) {
+ try {
+ endpointIds.getJSONObject(index).put(JSON_HASH_STRING, DigestUtils.sha256Hex(password));
+ } catch (JSONException e) {
+ intlogger.info("Error reading JSON while hashing: " + e);
+ }
+ }
+
+ private static void processPassword(JSONObject deliveryObj, String password) {
+ try {
+ deliveryObj.put(JSON_HASH_STRING, DigestUtils.sha256Hex(password));
+ } catch (JSONException e) {
+ intlogger.info("Error reading JSON while hashing: " + e);
+ }
+ }
+
/**
* Check if the remote host is authorized to perform provisioning. Is the request secure? Is it coming from an
* authorized IP address or network (configured via PROV_AUTH_ADDRESSES)? Does it have a valid client certificate
if (requireSecure && !request.isSecure()) {
return "Request must be made over an HTTPS connection.";
}
+ String remoteHostCheck = checkRemoteHostAuthorization(request);
+ if (remoteHostCheck != null) {
+ return remoteHostCheck;
+ }
+ // Does remote have a valid certificate?
+ if (requireCert) {
+ X509Certificate[] certs = (X509Certificate[]) request.getAttribute(CERT_ATTRIBUTE);
+ if (certs == null || certs.length == 0) {
+ return "Client certificate is missing.";
+ }
+ // cert[0] is the client cert
+ // see http://www.proto.research.att.com/java/java7/api/javax/net/ssl/SSLSession.html#getPeerCertificates()
+ String name = certs[0].getSubjectX500Principal().getName();
+ if (!authorizedNames.contains(name)) {
+ return "No authorized certificate found.";
+ }
+ }
+ // No problems!
+ return null;
+ }
+ @Nullable
+ private String checkRemoteHostAuthorization(HttpServletRequest request) {
// Is remote IP authorized?
String remote = request.getRemoteAddr();
try {
return "Unauthorized address: " + remote;
}
} catch (UnknownHostException e) {
+ intlogger.error("PROV0051 BaseServlet.isAuthorizedForProvisioning: " + e.getMessage(), e);
return "Unauthorized address: " + remote;
}
-
- // Does remote have a valid certificate?
- if (requireCert) {
- X509Certificate certs[] = (X509Certificate[]) request.getAttribute(CERT_ATTRIBUTE);
- if (certs == null || certs.length == 0) {
- return "Client certificate is missing.";
- }
- // cert[0] is the client cert
- // see http://www.proto.research.att.com/java/java7/api/javax/net/ssl/SSLSession.html#getPeerCertificates()
- String name = certs[0].getSubjectX500Principal().getName();
- if (!authorizedNames.contains(name)) {
- return "No authorized certificate found.";
- }
- }
-
- // No problems!
return null;
}
* @return true iff authorized
*/
boolean isAuthorizedForInternal(HttpServletRequest request) {
-
try {
if (!Boolean.parseBoolean(isAddressAuthEnabled)) {
return true;
}
InetAddress ip = InetAddress.getByName(request.getRemoteAddr());
for (InetAddress node : getNodeAddresses()) {
- if (node != null && ip.equals(node)) {
+ if (ip.equals(node)) {
return true;
}
}
for (InetAddress pod : getPodAddresses()) {
- if (pod != null && ip.equals(pod)) {
+ if (ip.equals(pod)) {
return true;
}
}
- if (thishost != null && ip.equals(thishost)) {
+ if (ip.equals(thishost)) {
return true;
}
- if (loopback != null && ip.equals(loopback)) {
+ if (ip.equals(loopback)) {
return true;
}
} catch (UnknownHostException e) {
- // ignore
+ intlogger.error("PROV0052 BaseServlet.isAuthorizedForInternal: " + e.getMessage(), e);
}
return false;
}
* Check if an IP address matches a network address.
*
* @param ip the IP address
- * @param s the network address; a bare IP address may be matched also
+ * @param str the network address; a bare IP address may be matched also
* @return true if they intersect
*/
- private static boolean addressMatchesNetwork(InetAddress ip, String s) {
+ private static boolean addressMatchesNetwork(InetAddress ip, String str) {
int mlen = -1;
- int n = s.indexOf("/");
- if (n >= 0) {
- mlen = Integer.parseInt(s.substring(n + 1));
- s = s.substring(0, n);
+ int substr = str.indexOf('/');
+ if (substr >= 0) {
+ mlen = Integer.parseInt(str.substring(substr + 1));
+ str = str.substring(0, substr);
}
try {
- InetAddress i2 = InetAddress.getByName(s);
+ InetAddress i2 = InetAddress.getByName(str);
byte[] b1 = ip.getAddress();
byte[] b2 = i2.getAddress();
if (b1.length != b2.length) {
(byte) 0xF0, (byte) 0xF8, (byte) 0xFC, (byte) 0xFE
};
byte mask = masks[mlen % 8];
- for (n = mlen / 8; n < b1.length; n++) {
- b1[n] &= mask;
- b2[n] &= mask;
+ for (substr = mlen / 8; substr < b1.length; substr++) {
+ b1[substr] &= mask;
+ b2[substr] &= mask;
mask = 0;
}
}
- for (n = 0; n < b1.length; n++) {
- if (b1[n] != b2[n]) {
+ for (substr = 0; substr < b1.length; substr++) {
+ if (b1[substr] != b2[substr]) {
return false;
}
}
} catch (UnknownHostException e) {
+ intlogger.error("PROV0053 BaseServlet.addressMatchesNetwork: " + e.getMessage(), e);
return false;
}
return true;
*/
public static void provisioningDataChanged() {
long now = System.currentTimeMillis();
- Poker p = Poker.getPoker();
- p.setTimers(now + (pokeTimer1 * 1000L), now + (pokeTimer2 * 1000L));
+ Poker pkr = Poker.getPoker();
+ pkr.setTimers(now + (pokeTimer1 * 1000L), now + (pokeTimer2 * 1000L));
}
/**
maxSubs = getInt(map, Parameters.PROV_MAXSUB_COUNT, DEFAULT_MAX_SUBS);
pokeTimer1 = getInt(map, Parameters.PROV_POKETIMER1, DEFAULT_POKETIMER1);
pokeTimer2 = getInt(map, Parameters.PROV_POKETIMER2, DEFAULT_POKETIMER2);
- provDomain = getString(map, Parameters.PROV_DOMAIN, DEFAULT_DOMAIN);
+
+ // The domain used to generate a FQDN from the "bare" node names
provName = getString(map, Parameters.PROV_NAME, DEFAULT_PROVSRVR_NAME);
activeProvName = getString(map, Parameters.PROV_ACTIVE_NAME, provName);
- staticRoutingNodes = getString(map, Parameters.STATIC_ROUTING_NODES,
- ""); //Adding new param for static Routing - Rally:US664862-1610
initialActivePod = getString(map, Parameters.ACTIVE_POD, "");
initialStandbyPod = getString(map, Parameters.STANDBY_POD, "");
- staticRoutingNodes = getString(map, Parameters.STATIC_ROUTING_NODES,
- ""); //Adding new param for static Routing - Rally:US664862-1610
+
+ //Adding new param for static Routing - Rally:US664862-1610
+ String staticRoutingNodes = getString(map, Parameters.STATIC_ROUTING_NODES, "");
activeFeeds = Feed.countActiveFeeds();
activeSubs = Subscription.countActiveSubscriptions();
try {
thisPod = InetAddress.getLocalHost().getHostName();
} catch (UnknownHostException e) {
thisPod = "";
- intlogger.warn("PROV0014 Cannot determine the name of this provisioning server.");
+ intlogger.warn("PROV0014 Cannot determine the name of this provisioning server.", e);
}
// Normalize the nodes, and fill in nodeAddresses
intlogger.debug("PROV0003 DNS lookup: " + nodes[i] + " => " + na[i].toString());
} catch (UnknownHostException e) {
na[i] = null;
- intlogger.warn("PROV0004 Cannot lookup " + nodes[i] + ": " + e);
+ intlogger.warn("PROV0004 Cannot lookup " + nodes[i] + ": " + e.getMessage(), e);
}
}
filterNodes.add(node);
}
}
- nodes = filterNodes.toArray(new String[filterNodes.size()]);
+ nodes = filterNodes.toArray(new String[0]);
nodeAddresses = na;
NodeClass.setNodes(nodes); // update NODES table
intlogger.debug("PROV0003 DNS lookup: " + pods[i] + " => " + na[i].toString());
} catch (UnknownHostException e) {
na[i] = null;
- intlogger.warn("PROV0004 Cannot lookup " + pods[i] + ": " + e);
+ intlogger.warn("PROV0004 Cannot lookup " + pods[i] + ": " + e.getMessage(), e);
}
}
podAddresses = na;
}
}
-
- /**
- * Data Router Subscriber HTTPS Relaxation feature USERSTORYID:US674047. Load mail properties.
- *
- * @author vs215k
- **/
- private void loadMailProperties() {
- if (mailprops == null) {
- mailprops = new Properties();
- InputStream inStream = getClass().getClassLoader().getResourceAsStream(MAILCONFIG_FILE);
- try {
- mailprops.load(inStream);
- } catch (IOException e) {
- intlogger.fatal("PROV9003 Opening properties: " + e.getMessage());
- System.exit(1);
- } finally {
- try {
- inStream.close();
- } catch (IOException e) {
- }
- }
- }
- }
-
- /**
- * Data Router Subscriber HTTPS Relaxation feature USERSTORYID:US674047. Check if HTTPS Relexaction is enabled
- *
- * @author vs215k
- **/
- private void checkHttpsRelaxation() {
- if (!mailSendFlag) {
- Properties p = (new DB()).getProperties();
- intlogger.info("HTTPS relaxation: " + p.get("org.onap.dmaap.datarouter.provserver.https.relaxation"));
-
- if (p.get("org.onap.dmaap.datarouter.provserver.https.relaxation").equals("true")) {
- try {
- notifyPSTeam(p.get("org.onap.dmaap.datarouter.provserver.https.relax.notify").toString());
- } catch (Exception e) {
- intlogger.warn("Exception: " + e.getMessage());
- }
- }
- mailSendFlag = true;
- }
- }
-
- /**
- * Data Router Subscriber HTTPS Relaxation feature USERSTORYID:US674047.
- *
- * @param email - list of email ids to notify if HTTP relexcation is enabled.
- * @author vs215k
- **/
- private void notifyPSTeam(String email) throws Exception {
- loadMailProperties(); //Load HTTPS Relex mail properties.
- String[] emails = email.split(Pattern.quote("|"));
-
- Properties mailproperties = new Properties();
- mailproperties.put("mail.smtp.host", mailprops.get("com.att.dmaap.datarouter.mail.server"));
- mailproperties.put("mail.transport.protocol", mailprops.get("com.att.dmaap.datarouter.mail.protocol"));
-
- Session session = Session.getDefaultInstance(mailproperties, null);
- Multipart mp = new MimeMultipart();
- MimeBodyPart htmlPart = new MimeBodyPart();
-
- try {
-
- Message msg = new MimeMessage(session);
- msg.setFrom(new InternetAddress(mailprops.get("com.att.dmaap.datarouter.mail.from").toString()));
-
- InternetAddress[] addressTo = new InternetAddress[emails.length];
- for (int x = 0; x < emails.length; x++) {
- addressTo[x] = new InternetAddress(emails[x]);
- }
-
- msg.addRecipients(Message.RecipientType.TO, addressTo);
- msg.setSubject(mailprops.get("com.att.dmaap.datarouter.mail.subject").toString());
- htmlPart.setContent(mailprops.get("com.att.dmaap.datarouter.mail.body").toString()
- .replace("[SERVER]", InetAddress.getLocalHost().getHostName()), "text/html");
- mp.addBodyPart(htmlPart);
- msg.setContent(mp);
-
- System.out.println(mailprops.get("com.att.dmaap.datarouter.mail.body").toString()
- .replace("[SERVER]", InetAddress.getLocalHost().getHostName()));
-
- Transport.send(msg);
- intlogger.info("HTTPS relaxation mail is sent to - : " + email);
-
- } catch (AddressException e) {
- intlogger.error("Invalid email address, unable to send https relaxation mail to - : " + email);
- } catch (MessagingException e) {
- intlogger.error("Invalid email address, unable to send https relaxation mail to - : " + email);
- }
- }
-
public static String getProvName() {
return provName;
}
*
* @return an array of InetAddresses
*/
- public static InetAddress[] getNodeAddresses() {
+ private static InetAddress[] getNodeAddresses() {
return nodeAddresses;
}
}
/**
- * Gets the FQDN of the initially ACTIVE provisioning server (POD). Note: this used to be called isActivePOD(),
+ * Gets the FQDN of the initially ACTIVE_POD provisioning server (POD). Note: this used to be called isActivePOD(),
* however, that is a misnomer, as the active status could shift to the standby POD without these parameters
* changing. Hence, the function names have been changed to more accurately reflect their purpose.
*
}
/**
- * Gets the FQDN of the initially STANDBY provisioning server (POD). Note: this used to be called isStandbyPOD(),
+ * Gets the FQDN of the initially STANDBY_POD provisioning server (POD).Note: this used to be called isStandbyPOD(),
* however, that is a misnomer, as the standby status could shift to the active POD without these parameters
* changing. Hence, the function names have been changed to more accurately reflect their purpose.
*
*/
protected boolean doInsert(Insertable bean) {
boolean rv;
- DB db = new DB();
- Connection conn = null;
- try {
- conn = db.getConnection();
+ try (Connection conn = ProvDbUtils.getInstance().getConnection()) {
rv = bean.doInsert(conn);
} catch (SQLException e) {
rv = false;
- intlogger.warn("PROV0005 doInsert: " + e.getMessage());
- } finally {
- if (conn != null) {
- db.release(conn);
- }
+ intlogger.warn("PROV0005 doInsert: " + e.getMessage(), e);
}
return rv;
}
*/
protected boolean doUpdate(Updateable bean) {
boolean rv;
- DB db = new DB();
- Connection conn = null;
- try {
- conn = db.getConnection();
+ try (Connection conn = ProvDbUtils.getInstance().getConnection()) {
rv = bean.doUpdate(conn);
} catch (SQLException e) {
rv = false;
- intlogger.warn("PROV0006 doUpdate: " + e.getMessage());
- } finally {
- if (conn != null) {
- db.release(conn);
- }
+ intlogger.warn("PROV0006 doUpdate: " + e.getMessage(), e);
}
return rv;
}
*/
protected boolean doDelete(Deleteable bean) {
boolean rv;
- DB db = new DB();
- Connection conn = null;
- try {
- conn = db.getConnection();
+ try (Connection conn = ProvDbUtils.getInstance().getConnection()) {
rv = bean.doDelete(conn);
} catch (SQLException e) {
rv = false;
- intlogger.warn("PROV0007 doDelete: " + e.getMessage());
- } finally {
- if (conn != null) {
- db.release(conn);
- }
+ intlogger.warn("PROV0007 doDelete: " + e.getMessage(), e);
}
return rv;
}
private static boolean getBoolean(Map<String, String> map, String name) {
- String s = map.get(name);
- return (s != null) && s.equalsIgnoreCase("true");
+ String str = map.get(name);
+ return "true".equalsIgnoreCase(str);
}
private static String getString(Map<String, String> map, String name, String dflt) {
- String s = map.get(name);
- return (s != null) ? s : dflt;
+ String str = map.get(name);
+ return (str != null) ? str : dflt;
}
private static int getInt(Map<String, String> map, String name, int dflt) {
try {
- String s = map.get(name);
- return Integer.parseInt(s);
+ String str = map.get(name);
+ return Integer.parseInt(str);
} catch (NumberFormatException e) {
return dflt;
}
private static Set<String> getSet(Map<String, String> map, String name) {
Set<String> set = new HashSet<>();
- String s = map.get(name);
- if (s != null) {
- String[] pp = s.split("\\|");
+ String str = map.get(name);
+ if (str != null) {
+ String[] pp = str.split("\\|");
if (pp != null) {
for (String t : pp) {
String t2 = t.trim();
*/
public class ContentHeader {
- private String type = "";
+ private String type;
private Map<String, String> map = new HashMap<>();
ContentHeader() {
this("", "1.0");
}
- ContentHeader(String t, String v) {
- type = t.trim();
- map.put("version", v);
+ ContentHeader(String headertype, String version) {
+ type = headertype.trim();
+ map.put("version", version);
}
public String getType() {
return type;
}
- public String getAttribute(String key) {
- String s = map.get(key);
- if (s == null) {
- s = "";
+ String getAttribute(String key) {
+ String str = map.get(key);
+ if (str == null) {
+ str = "";
}
- return s;
+ return str;
}
}
*/
ContentHeader getContentHeader(HttpServletRequest req) {
ContentHeader ch = new ContentHeader();
- String s = req.getHeader("Content-Type");
- if (s != null) {
- String[] pp = s.split(";");
+ String str = req.getHeader("Content-Type");
+ if (str != null) {
+ String[] pp = str.split(";");
ch.type = pp[0].trim();
for (int i = 1; i < pp.length; i++) {
int ix = pp[i].indexOf('=');
if (ix > 0) {
- String k = pp[i].substring(0, ix).trim();
- String v = pp[i].substring(ix + 1).trim();
- ch.map.put(k, v);
+ String type = pp[i].substring(0, ix).trim();
+ String version = pp[i].substring(ix + 1).trim();
+ ch.map.put(type, version);
} else {
ch.map.put(pp[i].trim(), "");
}
@Override
public String getFeedOwner(String feedId) {
try {
- int n = Integer.parseInt(feedId);
- Feed f = Feed.getFeedById(n);
- if (f != null) {
- return f.getPublisher();
+ int intID = Integer.parseInt(feedId);
+ Feed feed = Feed.getFeedById(intID);
+ if (feed != null) {
+ return feed.getPublisher();
}
} catch (NumberFormatException e) {
// ignore
@Override
public String getFeedClassification(String feedId) {
try {
- int n = Integer.parseInt(feedId);
- Feed f = Feed.getFeedById(n);
- if (f != null) {
- return f.getAuthorization().getClassification();
+ int intID = Integer.parseInt(feedId);
+ Feed feed = Feed.getFeedById(intID);
+ if (feed != null) {
+ return feed.getAuthorization().getClassification();
}
} catch (NumberFormatException e) {
// ignore
@Override
public String getSubscriptionOwner(String subId) {
try {
- int n = Integer.parseInt(subId);
- Subscription s = Subscription.getSubscriptionById(n);
- if (s != null) {
- return s.getSubscriber();
+ int intID = Integer.parseInt(subId);
+ Subscription sub = Subscription.getSubscriptionById(intID);
+ if (sub != null) {
+ return sub.getSubscriber();
}
} catch (NumberFormatException e) {
// ignore
private boolean isUserMemberOfGroup(Group group, String user) {
String groupDetails = group.getMembers().replace("]", "").replace("[", "");
- String[] s = groupDetails.split("},");
+ String[] str = groupDetails.split("},");
- for (String value : s) {
+ for (String value : str) {
JSONObject jsonObj;
try {
jsonObj = new JSONObject(value + "}");
return true;
}
} catch (JSONException e) {
- intlogger.error("JSONException: " + e.getMessage());
+ intlogger.error("JSONException: " + e.getMessage(), e);
}
}
return false;
/*
* @Method - getGroupByFeedGroupId- Rally:US708115
* @Params - User to check in group and feedid which is assigned the group.
- * @return - string value grupid/null
+ * @return - string value groupid/null
*/
@Override
public String getGroupByFeedGroupId(String owner, String feedId) {
try {
- int n = Integer.parseInt(feedId);
- Feed f = Feed.getFeedById(n);
- if (f != null) {
- int groupid = f.getGroupid();
+ Feed feed = Feed.getFeedById(Integer.parseInt(feedId));
+ if (feed != null) {
+ int groupid = feed.getGroupid();
if (groupid > 0) {
Group group = Group.getGroupById(groupid);
- assert group != null;
- if (isUserMemberOfGroup(group, owner)) {
+ if (group != null && isUserMemberOfGroup(group, owner)) {
return group.getAuthid();
}
}
/*
* @Method - getGroupBySubGroupId - Rally:US708115
* @Params - User to check in group and subid which is assigned the group.
- * @return - string value grupid/null
+ * @return - string value groupid/null
*/
@Override
public String getGroupBySubGroupId(String owner, String subId) {
try {
- int n = Integer.parseInt(subId);
- Subscription s = Subscription.getSubscriptionById(n);
- if (s != null) {
- int groupid = s.getGroupid();
+ int intID = Integer.parseInt(subId);
+ Subscription sub = Subscription.getSubscriptionById(intID);
+ if (sub != null) {
+ int groupid = sub.getGroupid();
if (groupid > 0) {
Group group = Group.getGroupById(groupid);
- assert group != null;
- if (isUserMemberOfGroup(group, owner)) {
+ if (group != null && isUserMemberOfGroup(group, owner)) {
return group.getAuthid();
}
}
}
/*
- * @Method - setIpAndFqdnForEelf - Rally:US664892
+ * @Method - setIpFqdnRequestIDandInvocationIDForEelf
* @Params - method, prints method name in EELF log.
+ * @Params- Req, Request used to get RequestId and InvocationId
*/
- void setIpAndFqdnForEelf(String method) {
+ void setIpFqdnRequestIDandInvocationIDForEelf(String method, HttpServletRequest req) {
+ setIpFqdnForEelf(method);
+ setMDC(req, "X-ONAP-RequestID", MDC_KEY_REQUEST_ID);
+ setMDC(req, "X-InvocationID", "InvocationId");
+ }
+
+ private void setMDC(HttpServletRequest req, String headerName, String keyName) {
+ String mdcId = req.getHeader(headerName);
+ if (StringUtils.isBlank(mdcId)) {
+ mdcId = UUID.randomUUID().toString();
+ }
+ MDC.put(keyName, mdcId);
+ }
+
+ /*
+ * @Method - setIpFqdnRequestIdForEelf - Rally:US664892
+ * @Params - method, prints method name in EELF log.
+ */
+ void setIpFqdnForEelf(String method) {
MDC.clear();
MDC.put(MDC_SERVICE_NAME, method);
try {
MDC.put(MDC_SERVER_FQDN, InetAddress.getLocalHost().getHostName());
MDC.put(MDC_SERVER_IP_ADDRESS, InetAddress.getLocalHost().getHostAddress());
} catch (Exception e) {
- intlogger.error("Exception: " + e.getMessage());
+ intlogger.error("Exception: " + e.getMessage(), e);
+ }
+
+ }
+
+ /*
+ * AAF changes: TDP EPIC US# 307413
+ * @Method - getFeedPermission - Forming permission string for feed part to check AAF access in CADI Framework
+ * @Params - aafInstance Passing aafInstance as it's used in permission string
+ * @Params - userAction Passing CONST values to set different actions in permission string
+ */
+ String getFeedPermission(String aafInstance, String userAction) {
+ try {
+ Properties props = ProvRunner.getProvProperties();
+ String type = props.getProperty(AAF_CADI_FEED_TYPE, AAF_CADI_FEED);
+ String action;
+ switch (userAction) {
+ case CREATE_PERMISSION:
+ action = CREATE_PERMISSION;
+ break;
+ case EDIT_PERMISSION:
+ action = EDIT_PERMISSION;
+ break;
+ case DELETE_PERMISSION:
+ action = DELETE_PERMISSION;
+ break;
+ case PUBLISH_PERMISSION:
+ action = PUBLISH_PERMISSION;
+ break;
+ case SUSPEND_PERMISSION:
+ action = SUSPEND_PERMISSION;
+ break;
+ case RESTORE_PERMISSION:
+ action = RESTORE_PERMISSION;
+ break;
+ default:
+ action = "*";
+ }
+ if (aafInstance == null || "".equals(aafInstance)) {
+ aafInstance = props.getProperty(AAF_INSTANCE, "org.onap.dmaap-dr.NoInstanceDefined");
+ }
+ return type + "|" + aafInstance + "|" + action;
+ } catch (Exception e) {
+ intlogger.error("PROV7005 BaseServlet.getFeedPermission: " + e.getMessage(), e);
}
+ return null;
+ }
+ /*
+ * AAF changes: TDP EPIC US# 307413
+ * @Method - getSubscriberPermission - Forming permission string for subscription part to check
+ * AAF access in CADI Framework
+ * @Params - aafInstance Passing aafInstance as it's used in permission string
+ * @Params - userAction Passing CONST values to set different actions in permission string
+ */
+ String getSubscriberPermission(String aafInstance, String userAction) {
+ try {
+ Properties props = ProvRunner.getProvProperties();
+ String type = props.getProperty(AAF_CADI_SUB_TYPE, AAF_CADI_SUB);
+ String action;
+ switch (userAction) {
+ case SUBSCRIBE_PERMISSION:
+ action = SUBSCRIBE_PERMISSION;
+ type = props.getProperty(AAF_CADI_FEED_TYPE, AAF_CADI_FEED);
+ break;
+ case EDIT_PERMISSION:
+ action = EDIT_PERMISSION;
+ break;
+ case DELETE_PERMISSION:
+ action = DELETE_PERMISSION;
+ break;
+ case RESTORE_PERMISSION:
+ action = RESTORE_PERMISSION;
+ break;
+ case SUSPEND_PERMISSION:
+ action = SUSPEND_PERMISSION;
+ break;
+ case PUBLISH_PERMISSION:
+ action = PUBLISH_PERMISSION;
+ break;
+ case APPROVE_SUB_PERMISSION:
+ action = APPROVE_SUB_PERMISSION;
+ type = props.getProperty(AAF_CADI_FEED_TYPE, AAF_CADI_FEED);
+ break;
+ default:
+ action = "*";
+ }
+ if (aafInstance == null || "".equals(aafInstance)) {
+ aafInstance = props.getProperty(AAF_INSTANCE, "org.onap.dmaap-dr.NoInstanceDefined");
+ }
+ return type + "|" + aafInstance + "|" + action;
+ } catch (Exception e) {
+ intlogger.error("PROV7005 BaseServlet.getSubscriberPermission: " + e.getMessage(), e);
+ }
+ return null;
}
}