- @Override
- public void run() {
- if (logger.isDebugEnabled()) {
- Date date = new java.util.Date();
- logger.debug("\n\nTransactionTimer.run() - SLEEPING: "
- + "\n sleepTime (ms) = " + sleepTime
- + "\n TimeStamp = " + date.getTime()
- + "\n\n");
- }
- try {
- Thread.sleep(sleepTime);
- } catch (InterruptedException e) {
- //probably, the transaction was completed, the last thing we want to do is roll back
- if (logger.isDebugEnabled()) {
- Date date = new java.util.Date();
- logger.debug("\n\nTransactionTimer.run() - WAKE Interrupt: "
- + "\n TimeStamp = " + date.getTime()
- + "\n\n");
- }
- Thread.currentThread().interrupt();
- return;
- }
- if (logger.isDebugEnabled()) {
- Date date = new java.util.Date();
- logger.debug("\n\nTransactionTimer.run() - WAKE Timeout: "
- + "\n TimeStamp = " + date.getTime()
- + "\n\n");
- }
- rollbackTransaction();
- }
-
- }
-
- transactionTimer = new Thread(new TransactionTimer(transactionTimeout), "transactionTimerThread");
- transactionTimer.start();
-
-
- }
-
- private void checkBeforeOperationRun() {
- checkBeforeOperationRun(false);
- }
-
- private void checkBeforeOperationRun(boolean justCheckOpen) {
- if (!isTransactionOpen()) {
- PolicyLogger.error("There is no transaction currently open");
- throw new IllegalStateException("There is no transaction currently open");
- }
- if (operationRun && !justCheckOpen) {
- PolicyLogger
- .error("An operation has already been performed and the current transaction should be " +
- "committed");
- throw new IllegalStateException(
- "An operation has already been performed and the current transaction should be committed");
- }
- operationRun = true;
- }
-
- @Override
- public void commitTransaction() {
- synchronized (emLock) {
- logger.debug("commitTransaction() as commitTransaction() called");
- if (!isTransactionOpen()) {
- logger.warn("There is no open transaction to commit");
- try {
- em.close();
- } catch (Exception e) {
- logger.error("Exception Occured" + e);
- }
- return;
- }
- try {
- em.getTransaction().commit();
- } catch (RollbackException e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught RollbackException on em.getTransaction().commit()");
- throw new PersistenceException("The commit failed. Message:\n" + e.getMessage());
- }
- em.close();
- // need to revisit
- if (policyId >= 0) {
- if (newGroupId != null) {
- try {
- notifyOthers(policyId, POLICY_NOTIFICATION, newGroupId);
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on notifyOthers(" + policyId + "," + POLICY_NOTIFICATION + "," +
- newGroupId + ")");
- }
- } else {
- try {
- notifyOthers(policyId, POLICY_NOTIFICATION);
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on notifyOthers(" + policyId + "," + POLICY_NOTIFICATION + ")");
- }
- }
- }
- if (groupId >= 0) {
- //we don't want commit to fail just because this does
- if (newGroupId != null) {
- try {
- notifyOthers(groupId, GROUP_NOTIFICATION, newGroupId);
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on notifyOthers(" + groupId + "," + GROUP_NOTIFICATION + "," +
- newGroupId + ")");
- }
- } else {
- try {
- notifyOthers(groupId, GROUP_NOTIFICATION);
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on notifyOthers(" + groupId + "," + GROUP_NOTIFICATION + ")");
- }
- }
- }
- if (pdpId >= 0) {
- //we don't want commit to fail just because this does
- try {
- notifyOthers(pdpId, PDP_NOTIFICATION);
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on notifyOthers(" + pdpId + "," + PDP_NOTIFICATION + ")");
- }
- }
- }
- if (transactionTimer != null) {
- transactionTimer.interrupt();
- }
- }
-
- @Override
- public void rollbackTransaction() {
- logger.debug("rollbackTransaction() as rollbackTransaction() called");
- synchronized (emLock) {
- if (isTransactionOpen()) {
-
- try {
- em.getTransaction().rollback();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Could not rollback transaction");
- }
- try {
- em.close();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Could not close EntityManager");
- }
-
- } else {
- try {
- em.close();
- } catch (Exception e) {
- logger.warn("Could not close already closed transaction", e);
- }
- }
-
- }
- if (transactionTimer != null) {
- transactionTimer.interrupt();
- }
- }
-
- private void createPolicy(PolicyRestAdapter policy, String username, String policyScope, String inputPolicyName,
- String policyDataString) {
- String policyName = inputPolicyName;
- logger.debug(
- "createPolicy(PolicyRestAdapter policy, String username, String policyScope, String policyName, " +
- "String policyDataString) as createPolicy(" +
- policy + ", " + username + ", " + policyScope + ", " + policyName + ", " +
- policyDataString + ") called");
- synchronized (emLock) {
- checkBeforeOperationRun();
- String configName = policyName;
- if (policyName.contains("Config_")) {
- policyName = policyName.replace(".Config_", ":Config_");
- } else if (policyName.contains("Action_")) {
- policyName = policyName.replace(".Action_", ":Action_");
- } else if (policyName.contains("Decision_")) {
- policyName = policyName.replace(".Decision_", ":Decision_");
- }
- policyName = policyName.split(":")[1];
- Query createPolicyQuery = em.createQuery(
- "SELECT p FROM PolicyEntity p WHERE p.scope=:scope AND p.policyName=:policyName");
- createPolicyQuery.setParameter(scope, policyScope);
- createPolicyQuery.setParameter("policyName", policyName);
- List<?> createPolicyQueryList = createPolicyQuery.getResultList();
- PolicyEntity newPolicyEntity;
- boolean update;
- if (createPolicyQueryList.isEmpty()) {
- newPolicyEntity = new PolicyEntity();
- update = false;
- } else if (createPolicyQueryList.size() > 1) {
- PolicyLogger
- .error("Somehow, more than one policy with the same scope, name, and deleted status were " +
- "found in the database");
- throw new PersistenceException(
- "Somehow, more than one policy with the same scope, name, and deleted status were found " +
- "in the database");
- } else {
- newPolicyEntity = (PolicyEntity) createPolicyQueryList.get(0);
- update = true;
- }
-
- ActionBodyEntity newActionBodyEntity = null;
- if (policy.getPolicyType().equals(action)) {
- boolean abupdate = false;
- if (newPolicyEntity.getActionBodyEntity() == null) {
- newActionBodyEntity = new ActionBodyEntity();
- } else {
- newActionBodyEntity = em.find(ActionBodyEntity.class,
- newPolicyEntity.getActionBodyEntity().getActionBodyId());
- abupdate = true;
- }
-
- if (newActionBodyEntity != null) {
- if (!abupdate) {
- em.persist(newActionBodyEntity);
- }
- //build the file path
- //trim the .xml off the end
- String policyNameClean = FilenameUtils.removeExtension(configName);
- String actionBodyName = policyNameClean + ".json";
-
- //get the action body
- String actionBodyString = policy.getActionBody();
- if (actionBodyString == null) {
- actionBodyString = "{}";
- }
- newActionBodyEntity.setActionBody(actionBodyString);
- newActionBodyEntity.setActionBodyName(actionBodyName);
- newActionBodyEntity.setModifiedBy("PolicyDBDao.createPolicy()");
- newActionBodyEntity.setDeleted(false);
- if (!abupdate) {
- newActionBodyEntity.setCreatedBy("PolicyDBDao.createPolicy()");
- }
- if (logger.isDebugEnabled()) {
- logger.debug("\nPolicyDBDao.createPolicy"
- + "\n newActionBodyEntity.getActionBody() = " +
- newActionBodyEntity.getActionBody()
- + "\n newActionBodyEntity.getActionBodyName() = " +
- newActionBodyEntity.getActionBodyName()
- + "\n newActionBodyEntity.getModifiedBy() = " +
- newActionBodyEntity.getModifiedBy()
- + "\n newActionBodyEntity.getCreatedBy() = " + newActionBodyEntity.getCreatedBy()
- + "\n newActionBodyEntity.isDeleted() = " + newActionBodyEntity.isDeleted()
- + "\n FLUSHING to DB");
- }
- //push the actionBodyEntity to the DB
- em.flush();
- } else {
- //newActionBodyEntity == null
- //We have a actionBody in the policy but we found no actionBody in the DB
- String msg = "\n\nPolicyDBDao.createPolicy - Incoming Action policy had an "
- + "actionBody, but it could not be found in the DB for update."
- + "\n policyScope = " + policyScope
- + "\n policyName = " + policyName + "\n\n";
- PolicyLogger
- .error("PolicyDBDao.createPolicy - Incoming Action policy had an actionBody, but it " +
- "could not be found in the DB for update: policyName = " +
- policyName);
- throw new IllegalArgumentException(msg);
- }
- }
-
- ConfigurationDataEntity newConfigurationDataEntity;
- if (policy.getPolicyType().equals(config)) {
- boolean configUpdate;
- if (newPolicyEntity.getConfigurationData() == null) {
- newConfigurationDataEntity = new ConfigurationDataEntity();
- configUpdate = false;
- } else {
- newConfigurationDataEntity = em.find(ConfigurationDataEntity.class,
- newPolicyEntity.getConfigurationData().getConfigurationDataId());
- configUpdate = true;
- }
-
- if (newConfigurationDataEntity != null) {
- if (!configUpdate) {
- em.persist(newConfigurationDataEntity);
- }
- if (!stringEquals(newConfigurationDataEntity.getConfigurationName(),
- getConfigFile(configName, policy))) {
- newConfigurationDataEntity.setConfigurationName(getConfigFile(configName, policy));
- }
- if (newConfigurationDataEntity.getConfigType() == null ||
- !newConfigurationDataEntity.getConfigType().equals(policy.getConfigType())) {
- newConfigurationDataEntity.setConfigType(policy.getConfigType());
- }
- if (!configUpdate) {
- newConfigurationDataEntity.setCreatedBy(username);
- }
- if (newConfigurationDataEntity.getModifiedBy() == null ||
- !newConfigurationDataEntity.getModifiedBy().equals(username)) {
- newConfigurationDataEntity.setModifiedBy(username);
- }
- if (newConfigurationDataEntity.getDescription() == null ||
- !newConfigurationDataEntity.getDescription().equals("")) {
- newConfigurationDataEntity.setDescription("");
- }
- if (newConfigurationDataEntity.getConfigBody() == null ||
- newConfigurationDataEntity.getConfigBody().isEmpty() ||
- (!newConfigurationDataEntity.getConfigBody().equals(policy.getConfigBodyData()))) {
- //hopefully one of these won't be null
- if (policy.getConfigBodyData() == null || policy.getConfigBodyData().isEmpty()) {
- newConfigurationDataEntity.setConfigBody(policy.getJsonBody());
- } else {
- newConfigurationDataEntity.setConfigBody(policy.getConfigBodyData());
- }
- }
- if (newConfigurationDataEntity.isDeleted()) {
- newConfigurationDataEntity.setDeleted(false);
- }
-
- em.flush();
- } else {
- //We have a configurationData body in the policy but we found no configurationData body in
- // the DB
- String msg = "\n\nPolicyDBDao.createPolicy - Incoming Config policy had a "
- + "configurationData body, but it could not be found in the DB for update."
- + "\n policyScope = " + policyScope
- + "\n policyName = " + policyName + "\n\n";
- PolicyLogger
- .error("PolicyDBDao.createPolicy - Incoming Config policy had a configurationData " +
- "body, but it could not be found in the DB for update: policyName = " +
- policyName);
- throw new IllegalArgumentException(msg);
- }
-
- } else {
- newConfigurationDataEntity = null;
- }
- if (!update) {
- em.persist(newPolicyEntity);
- }
-
- policyId = newPolicyEntity.getPolicyId();
-
- if (!stringEquals(newPolicyEntity.getPolicyName(), policyName)) {
- newPolicyEntity.setPolicyName(policyName);
- }
- if (!stringEquals(newPolicyEntity.getCreatedBy(), username)) {
- newPolicyEntity.setCreatedBy(username);
- }
- if (!stringEquals(newPolicyEntity.getDescription(), policy.getPolicyDescription())) {
- newPolicyEntity.setDescription(policy.getPolicyDescription());
- }
- if (!stringEquals(newPolicyEntity.getModifiedBy(), username)) {
- newPolicyEntity.setModifiedBy(username);
- }
- if (!stringEquals(newPolicyEntity.getPolicyData(), policyDataString)) {
- newPolicyEntity.setPolicyData(policyDataString);
- }
- if (!stringEquals(newPolicyEntity.getScope(), policyScope)) {
- newPolicyEntity.setScope(policyScope);
- }
- if (newPolicyEntity.isDeleted() == true) {
- newPolicyEntity.setDeleted(false);
- }
- newPolicyEntity.setConfigurationData(newConfigurationDataEntity);
- newPolicyEntity.setActionBodyEntity(newActionBodyEntity);
-
- em.flush();
- this.policyId = newPolicyEntity.getPolicyId();
- }
- }
-
- @SuppressWarnings("unused")
- public PolicyEntity getPolicy(int policyID) {
- return getPolicy(policyID, null, null);
- }
-
- public PolicyEntity getPolicy(String policyName, String scope) {
- return getPolicy(-1, policyName, scope);
- }
-
- private PolicyEntity getPolicy(int policyID, String policyName, String scope) {
- logger.debug("getPolicy(int policyId, String policyName) as getPolicy(" + policyID + "," + policyName +
- ") called");
- if (policyID < 0 && isNullOrEmpty(policyName, scope)) {
- throw new IllegalArgumentException(
- "policyID must be at least 0 or policyName must be not null or blank");
- }
-
- synchronized (emLock) {
- checkBeforeOperationRun(true);
- //check if group exists
- String policyId;
- Query policyQuery;
- if (!isNullOrEmpty(policyName, scope)) {
- policyId = policyName;
- policyQuery =
- em.createQuery("SELECT p FROM PolicyEntity p WHERE p.policyName=:name AND p.scope=:scope");
- policyQuery.setParameter("name", policyId);
- policyQuery.setParameter("scope", scope);
- } else {
- policyId = String.valueOf(policyID);
- policyQuery = em.createNamedQuery("PolicyEntity.FindById");
- policyQuery.setParameter("id", policyId);
- }
- List<?> policyQueryList;
- try {
- policyQueryList = policyQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to get policy with policyQuery.getResultList()");
- throw new PersistenceException("Query failed trying to get policy " + policyId);
- }
- if (policyQueryList.isEmpty()) {
- PolicyLogger.error("Policy does not exist with id " + policyId);
- throw new PersistenceException("Group policy is being added to does not exist with id " + policyId);
- } else if (policyQueryList.size() > 1) {
- PolicyLogger.error(duplicatePolicyId + policyId + foundInDB);
- throw new PersistenceException(duplicatePolicyId + policyId + foundInDB);
- }
- return (PolicyEntity) policyQueryList.get(0);
- }
- }
-
- @Override
- public GroupEntity getGroup(long groupKey) {
- logger.debug("getGroup(int groupKey) as getGroup(" + groupKey + ") called");
- if (groupKey < 0) {
- throw new IllegalArgumentException("groupKey must be at least 0");
- }
- synchronized (emLock) {
- checkBeforeOperationRun(true);
- //check if group exists
- Query groupQuery = em.createQuery("SELECT g FROM GroupEntity g WHERE g.groupKey=:groupKey");
- groupQuery.setParameter("groupKey", groupKey);
- List<?> groupQueryList;
- try {
- groupQueryList = groupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to get group with groupQuery.getResultList()");
- throw new PersistenceException(queryFailedToGetGroup + groupKey);
- }
- if (groupQueryList.isEmpty()) {
- PolicyLogger.error("Group does not exist with groupKey " + groupKey);
- throw new PersistenceException("Group does not exist with groupKey " + groupKey);
- } else if (groupQueryList.size() > 1) {
- PolicyLogger.error("Somehow, more than one group with the groupKey " + groupKey + foundInDB);
- throw new PersistenceException(
- "Somehow, more than one group with the groupKey " + groupKey + foundInDB);
- }
- return (GroupEntity) groupQueryList.get(0);
- }
- }
-
- @Override
- public GroupEntity getGroup(String groupId) {
- logger.debug("getGroup(String groupId) as getGroup(" + groupId + ") called");
- if (isNullOrEmpty(groupId)) {
- throw new IllegalArgumentException("groupId must not be null or empty");
- }
- synchronized (emLock) {
- checkBeforeOperationRun(true);
- //check if group exists
- Query groupQuery = em.createQuery("SELECT g FROM GroupEntity g WHERE g.groupId=:groupId");
- groupQuery.setParameter(groupIdVar, groupId);
- List<?> groupQueryList;
- try {
- groupQueryList = groupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to get group with groupQuery.getResultList()");
- throw new PersistenceException(queryFailedToGetGroup + groupId);
- }
- if (groupQueryList.isEmpty()) {
- PolicyLogger.error("Group does not exist with id " + groupId);
- throw new PersistenceException("Group does not exist with id " + groupId);
- } else if (groupQueryList.size() > 1) {
- PolicyLogger.error(duplicateGroupId + groupId + foundInDB);
- throw new PersistenceException(duplicateGroupId + groupId + foundInDB);
- }
- return (GroupEntity) groupQueryList.get(0);
- }
- }
-
- @Override
- public List<?> getPdpsInGroup(long groupKey) {
- logger.debug("getPdpsInGroup(int groupKey) as getPdpsInGroup(" + groupKey + ") called");
- if (groupKey < 0) {
- throw new IllegalArgumentException("groupId must not be < 0");
- }
- synchronized (emLock) {
- checkBeforeOperationRun(true);
- Query pdpsQuery = em.createQuery("SELECT p FROM PdpEntity p WHERE p.groupEntity=:group");
- pdpsQuery.setParameter("group", getGroup(groupKey));
- return pdpsQuery.getResultList();
- }
- }
-
- @Override
- public PdpEntity getPdp(long pdpKey) {
- logger.debug("getPdp(int pdpKey) as getPdp(" + pdpKey + ") called");
- if (pdpKey < 0) {
- throw new IllegalArgumentException("pdpKey must be at least 0");
- }
- synchronized (emLock) {
- checkBeforeOperationRun(true);
- //check if group exists
- Query pdpQuery = em.createQuery("SELECT p FROM PdpEntity p WHERE p.pdpKey=:pdpKey");
- pdpQuery.setParameter("pdpKey", pdpKey);
- List<?> pdpQueryList;
- try {
- pdpQueryList = pdpQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to get pdp with pdpQuery.getResultList()");
- throw new PersistenceException("Query failed trying to get pdp " + pdpKey);
- }
- if (pdpQueryList.isEmpty()) {
- PolicyLogger.error("Pdp does not exist with pdpKey " + pdpKey);
- throw new PersistenceException("Pdp does not exist with pdpKey " + pdpKey);
- } else if (pdpQueryList.size() > 1) {
- PolicyLogger.error("Somehow, more than one pdp with the pdpKey " + pdpKey + foundInDB);
- throw new PersistenceException("Somehow, more than one pdp with the pdpKey " + pdpKey + foundInDB);
- }
- return (PdpEntity) pdpQueryList.get(0);
- }
- }
-
- @Override
- public boolean isTransactionOpen() {
- logger.debug("isTransactionOpen() as isTransactionOpen() called");
- synchronized (emLock) {
- return em.isOpen() && em.getTransaction().isActive();
- }
- }
-
- private String processConfigPath(String inputConfigPath) {
- String configPath = inputConfigPath;
- String webappsPath = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_WEBAPPS);
- if (webappsPath == null) {
- logger.error("Webapps property does not exist");
- throw new IllegalArgumentException("Webapps property does not exist");
- }
- configPath = configPath.replace("$URL", webappsPath);
- //make sure the correct slashes are in
- try {
- configPath = Paths.get(configPath).toString();
- } catch (InvalidPathException e) {
- logger.error("Invalid config path: " + configPath, e);
- throw new IllegalArgumentException("Invalid config path: " + configPath);
- }
- return configPath;
- }
-
- private String readConfigFile(String configPath) {
- String configDataString = null;
- try (InputStream configContentStream = new FileInputStream(configPath);) {
- configDataString = IOUtils.toString(configContentStream);
- } catch (FileNotFoundException e) {
- logger.error("Caught FileNotFoundException on new FileInputStream(" + configPath + ")", e);
- throw new IllegalArgumentException("The config file path does not exist");
- } catch (IOException e2) {
- logger.error("Caught IOException on newIOUtils.toString(configContentStream)", e2);
- throw new IllegalArgumentException("The config file path cannot be read");
- }
- if (configDataString == null) {
- throw new IllegalArgumentException("The config file path cannot be read");
- }
- return configDataString;
- }
-
- @Override
- public void createPolicy(Policy policy, String username) {
-
- try {
- logger.debug("createPolicy(PolicyRestAdapter policy, String username) as createPolicy(" + policy + "," +
- username + ") called");
- String policyScope = policy.policyAdapter.getDomainDir().replace(File.separator, ".");
- //Does not need to be XACMLPolicyWriterWithPapNotify since it is already in the PAP
- //and this transaction is intercepted up stream.
-
- String policyDataString = getPolicyDataString((PolicyType) policy.getCorrectPolicyDataObject());
- if (isJunit) {
- //Using parentPath object to set policy data.
- policyDataString = policy.policyAdapter.getParentPath();
- }
- String configPath = "";
- if (policy.policyAdapter.getPolicyType().equalsIgnoreCase(config)) {
- configPath = evaluateXPath(
- "/Policy/Rule/AdviceExpressions/AdviceExpression[contains(@AdviceId,'ID')" +
- "]/AttributeAssignmentExpression[@AttributeId='URLID']/AttributeValue/text()",
- policyDataString);
- } else if (policy.policyAdapter.getPolicyType().equalsIgnoreCase(action)) {
- configPath = evaluateXPath(
- "/Policy/Rule/ObligationExpressions/ObligationExpression[contains(@ObligationId, " +
- policy.policyAdapter.getActionAttribute() +
- ")]/AttributeAssignmentExpression[@AttributeId='body']/AttributeValue/text()",
- policyDataString);
- }
-
- String prefix = null;
- if (policy.policyAdapter.getPolicyType().equalsIgnoreCase(config)) {
-
- prefix = configPath
- .substring(configPath.indexOf(policyScope + ".") + policyScope.concat(".").length(),
- configPath.lastIndexOf(policy.policyAdapter.getPolicyName()));
- if (isNullOrEmpty(policy.policyAdapter.getConfigBodyData())) {
- policy.policyAdapter.setConfigBodyData(getConfigData(configPath));
- }
- } else if (action.equalsIgnoreCase(policy.policyAdapter.getPolicyType())) {
- prefix = "Action_";
- } else if ("Decision".equalsIgnoreCase(policy.policyAdapter.getPolicyType())) {
- prefix = "Decision_";
- }
-
- if (!(policy.policyAdapter.getData() instanceof PolicyType)) {
- PolicyLogger.error("The data field is not an instance of PolicyType");
- throw new IllegalArgumentException("The data field is not an instance of PolicyType");
- }
- String finalName = policyScope + "." + prefix + policy.policyAdapter.getPolicyName() + "." +
- ((PolicyType) policy.policyAdapter.getData()).getVersion() + ".xml";
- if (policy.policyAdapter.getConfigType() == null || "".equals(policy.policyAdapter.getConfigType())) {
- //get the config file extension
- String ext = "";
- if (configPath != null && !"".equalsIgnoreCase(configPath)) {
- ext = configPath.substring(configPath.lastIndexOf('.'), configPath.length());
- ;
- }
-
- if (ext.contains("txt")) {
- policy.policyAdapter.setConfigType(OTHER_CONFIG);
- } else if (ext.contains("json")) {
- policy.policyAdapter.setConfigType(JSON_CONFIG);
- } else if (ext.contains("xml")) {
- policy.policyAdapter.setConfigType(XML_CONFIG);
- } else if (ext.contains("properties")) {
- policy.policyAdapter.setConfigType(PROPERTIES_CONFIG);
- } else {
- if (policy.policyAdapter.getPolicyType().equalsIgnoreCase(action)) {
- policy.policyAdapter.setConfigType(JSON_CONFIG);
- }
- }
- }
- createPolicy(policy.policyAdapter, username, policyScope, finalName, policyDataString);
- } catch (Exception e) {
- logger.error("Could not create policy for " + policy, e);
- throw e;
- }
- }
-
- private String getConfigData(String configPath) {
- String configData = "";
- try {
- configData = getConfigPath(configPath);
- } catch (Exception e) {
- logger.error("Could not read config body data for " + configPath, e);
- }
- return configData;
- }
-
- private String getConfigPath(String configPath) {
- try {
- String newConfigPath = processConfigPath(configPath);
- return readConfigFile(newConfigPath);
- } catch (IllegalArgumentException e2) {
- logger.error("Could not process config path: " + configPath, e2);
- }
- return "";
- }
-
- private String getPolicyDataString(PolicyType policyType) {
- try (InputStream policyXmlStream = XACMLPolicyWriter.getXmlAsInputStream(policyType)) {
- return IOUtils.toString(policyXmlStream, StandardCharsets.UTF_8);
- } catch (IOException e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught IOException on IOUtils.toString(policyXmlStream)");
- throw new IllegalArgumentException("Cannot parse the policy xml from the PolicyRestAdapter.", e);
- }
- }
-
- @Override
- public void close() {
- synchronized (emLock) {
- if (em.isOpen()) {
- if (em.getTransaction().isActive()) {
- em.getTransaction().rollback();
- }
- em.close();
- }
- if (transactionTimer != null) {
- transactionTimer.interrupt();
- }
- }
- }
-
- @Override
- public void createGroup(String groupId, String groupName, String inputGroupDescription, String username) {
- String groupDescription = inputGroupDescription;
- logger.debug("deletePolicy(String policyToDeletes) as createGroup(" + groupId + ", " + groupName + ", " +
- groupDescription + ") called");
- if (isNullOrEmpty(groupId, groupName, username)) {
- throw new IllegalArgumentException("groupId, groupName, and username must not be null or empty");
- }
- if (groupDescription == null) {
- groupDescription = "";
- }
-
- synchronized (emLock) {
- checkBeforeOperationRun();
- Query checkGroupQuery = em.createQuery(groupEntitySelectQuery);
- checkGroupQuery.setParameter(groupIdVar, groupId);
- checkGroupQuery.setParameter(deletedVar, false);
- List<?> checkGroupQueryList;
- try {
- checkGroupQueryList = checkGroupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on checkGroupQuery.getResultList()");
- throw new PersistenceException(queryFailedToCheckExisting);
- }
- if (!checkGroupQueryList.isEmpty()) {
- PolicyLogger.error("The group being added already exists with id " + groupId);
- throw new PersistenceException("The group being added already exists with id " + groupId);
- }
- GroupEntity newGroup = new GroupEntity();
- em.persist(newGroup);
- newGroup.setCreatedBy(username);
- newGroup.setModifiedBy(username);
- newGroup.setGroupName(groupName);
- newGroup.setGroupId(groupId);
- newGroup.setDescription(groupDescription);
-
- em.flush();
- this.groupId = newGroup.getGroupKey();
- }
- }
-
- @Override
- public void updateGroup(OnapPDPGroup group, String username) {
- logger.info(
- "PolicyDBDao: updateGroup(PDPGroup group) as updateGroup(" + group + "," + username + ") called");
- if (group == null) {
- throw new IllegalArgumentException("PDPGroup group must not be null");
- }
- if (isNullOrEmpty(group.getId(), username)) {
- throw new IllegalArgumentException("group.getId() and username must not be null or empty");
- }
-
- synchronized (emLock) {
- checkBeforeOperationRun();
- Query getGroupQuery = em.createQuery(groupEntitySelectQuery);
- getGroupQuery.setParameter(groupIdVar, group.getId());
- getGroupQuery.setParameter(deletedVar, false);
- List<?> getGroupQueryList;
- try {
- getGroupQueryList = getGroupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on getGroupQuery.getResultList()");
- throw new PersistenceException(queryFailedToGetGroup + group.getId() + " for editing");
- }
- if (getGroupQueryList.isEmpty()) {
- PolicyLogger.error("The group cannot be found to update with id " + group.getId());
- throw new PersistenceException("The group cannot be found to update with id " + group.getId());
- } else if (getGroupQueryList.size() > 1) {
- PolicyLogger.error(duplicateGroupId + group.getId() + deletedStatusFound);
- throw new PersistenceException(duplicateGroupId + group.getId() + deletedStatusFound);
- }
- GroupEntity groupToUpdateInDB = (GroupEntity) getGroupQueryList.get(0);
- if (!stringEquals(groupToUpdateInDB.getModifiedBy(), username)) {
- groupToUpdateInDB.setModifiedBy(username);
- }
- if (group.getDescription() != null &&
- !stringEquals(group.getDescription(), groupToUpdateInDB.getDescription())) {
- groupToUpdateInDB.setDescription(group.getDescription());
- }
- //let's find out what policies have been deleted
- StdPDPGroup oldGroup = null;
- try {
- oldGroup = (StdPDPGroup) papEngine.getGroup(group.getId());
- } catch (PAPException e1) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e1, policyDBDaoVar,
- "We cannot get the group from the papEngine to delete policies");
- }
- if (oldGroup == null) {
- PolicyLogger.error("We cannot get the group from the papEngine to delete policies");
- } else {
- Set<String> newPolicySet = new HashSet<>(group.getPolicies().size());
- //a multiple of n runtime is faster than n^2, so I am using a hashset to do the comparison
- for (PDPPolicy pol : group.getPolicies()) {
- newPolicySet.add(pol.getId());
- }
- for (PDPPolicy pol : oldGroup.getPolicies()) {
- //should be fast since getPolicies uses a HashSet in StdPDPGroup
- if (!newPolicySet.contains(pol.getId())) {
- String[] scopeAndName = getNameScopeAndVersionFromPdpPolicy(pol.getId());
- deletePolicyInScope(username, groupToUpdateInDB, pol, scopeAndName);
- }
- }
- }
-
- if (group.getName() != null && !stringEquals(group.getName(), groupToUpdateInDB.getgroupName())) {
- //we need to check if the new id exists in the database
- String newGroupId = createNewPDPGroupId(group.getName());
- Query checkGroupQuery = em.createQuery(groupEntitySelectQuery);
- checkGroupQuery.setParameter(groupIdVar, newGroupId);
- checkGroupQuery.setParameter(deletedVar, false);
- List<?> checkGroupQueryList;
- try {
- checkGroupQueryList = checkGroupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on checkGroupQuery.getResultList()");
- throw new PersistenceException(queryFailedToCheckExisting);
- }
- if (!checkGroupQueryList.isEmpty()) {
- PolicyLogger.error("The new group name already exists, group id " + newGroupId);
- throw new PersistenceException("The new group name already exists, group id " + newGroupId);
- }
- groupToUpdateInDB.setGroupId(newGroupId);
- groupToUpdateInDB.setGroupName(group.getName());
- this.newGroupId = group.getId();
- }
- em.flush();
- this.groupId = groupToUpdateInDB.getGroupKey();
- }
- }
-
- private void deletePolicyInScope(String username, GroupEntity groupToUpdateInDB, PDPPolicy pol,
- String[] scopeAndName) {
- PolicyEntity policyToDelete;
- if (scopeAndName == null) {
- return;
- }
- try {
- policyToDelete = getPolicy(scopeAndName[0], scopeAndName[1]);
- if ("XACMLPapServlet.doDelete".equals(username)) {
- Iterator<PolicyEntity> dbPolicyIt = groupToUpdateInDB.getPolicies().iterator();
- String policyName = getPolicyNameAndVersionFromPolicyFileName(policyToDelete.getPolicyName())[0];
-
- logger.info("PolicyDBDao: delete policy from GroupEntity");
- deletePolicyFromGroupEntity(groupToUpdateInDB, policyToDelete, dbPolicyIt, policyName);
- }
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Could not get policy to remove: " + pol.getId());
- throw new PersistenceException("Could not get policy to remove: " + pol.getId());
- }
- }
-
- private void deletePolicyFromGroupEntity(GroupEntity groupToUpdateInDB, PolicyEntity policyToDelete,
- Iterator<PolicyEntity> dbPolicyIt, String policyName) {
- try {
- while (dbPolicyIt.hasNext()) {
- PolicyEntity dbpolicy = dbPolicyIt.next();
- if (policyToDelete.getScope().equals(dbpolicy.getScope()) &&
- getPolicyNameAndVersionFromPolicyFileName(dbpolicy.getPolicyName())[0].equals(policyName)) {
- dbPolicyIt.remove();
-
- logger.info("PolicyDBDao: deleting policy from the existing group:\n "
- + "policyName is " + policyToDelete.getScope() + "." + policyToDelete.getPolicyName() +
- "\n"
- + "group is " + groupToUpdateInDB.getGroupId());
- }
- }
- } catch (Exception e) {
- logger.debug(e);
- PolicyLogger.error("Could not delete policy with name: " + policyToDelete.getScope() + "." +
- policyToDelete.getPolicyName() + "\n ID: " + policyToDelete.getPolicyId());
- }
- }
-
- @Override
- public void addPdpToGroup(String pdpID, String groupID, String pdpName, String pdpDescription, int pdpJmxPort,
- String username) {
- logger.debug(
- "addPdpToGroup(String pdpID, String groupID, String pdpName, String pdpDescription, int " +
- "pdpJmxPort, String username) as addPdpToGroup(" +
- pdpID + ", " + groupID + ", " + pdpName + ", " + pdpDescription + ", " + pdpJmxPort + ", " +
- username + ") called");
- if (isNullOrEmpty(pdpID, groupID, pdpName, username)) {
- throw new IllegalArgumentException("pdpID, groupID, pdpName, and username must not be null or empty");
- }
- synchronized (emLock) {
- checkBeforeOperationRun();
- Query checkGroupQuery = em.createQuery(groupEntitySelectQuery);
- checkGroupQuery.setParameter(groupIdVar, groupID);
- checkGroupQuery.setParameter(deletedVar, false);
- List<?> checkGroupQueryList;
- try {
- checkGroupQueryList = checkGroupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to check for existing group on checkGroupQuery.getResultList()");
- throw new PersistenceException(queryFailedToCheckExisting);
- }
- if (checkGroupQueryList.size() != 1) {
- PolicyLogger.error("The group does not exist");
- throw new PersistenceException("The group does not exist");
- }
- Query checkDuplicateQuery = em.createQuery(pdpEntitySelectQuery);
- checkDuplicateQuery.setParameter(pdpIdVariable, pdpID);
- checkDuplicateQuery.setParameter(deletedVar, false);
- List<?> checkDuplicateList;
- try {
- checkDuplicateList = checkDuplicateQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to check for duplicate PDP " + pdpID +
- " on checkDuplicateQuery.getResultList()");
- throw new PersistenceException("Query failed trying to check for duplicate PDP " + pdpID);
- }
- PdpEntity newPdp;
- if (!checkDuplicateList.isEmpty()) {
- logger.warn("PDP already exists with id " + pdpID);
- newPdp = (PdpEntity) checkDuplicateList.get(0);
- } else {
- newPdp = new PdpEntity();
- em.persist(newPdp);
- }
-
- newPdp.setCreatedBy(username);
- newPdp.setDeleted(false);
- newPdp.setDescription(pdpDescription);
- newPdp.setGroup((GroupEntity) checkGroupQueryList.get(0));
- newPdp.setJmxPort(pdpJmxPort);
- newPdp.setModifiedBy(username);
- newPdp.setPdpId(pdpID);
- newPdp.setPdpName(pdpName);
-
- em.flush();
- this.pdpId = newPdp.getPdpKey();
- }
- }
-
-
- @Override
- public void updatePdp(OnapPDP pdp, String username) {
- logger.debug("updatePdp(PDP pdp, String username) as updatePdp(" + pdp + "," + username + ") called");
- if (pdp == null) {
- throw new IllegalArgumentException("PDP pdp must not be null");
- }
- if (isNullOrEmpty(pdp.getId(), username)) {
- throw new IllegalArgumentException("pdp.getId() and username must not be null or empty");
- }
-
- synchronized (emLock) {
- checkBeforeOperationRun();
- Query getPdpQuery = em.createQuery(pdpEntitySelectQuery);
- getPdpQuery.setParameter(pdpIdVariable, pdp.getId());
- getPdpQuery.setParameter(deletedVar, false);
- List<?> getPdpQueryList;
- try {
- getPdpQueryList = getPdpQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on getPdpQuery.getResultList()");
- throw new PersistenceException("Query failed trying to get PDP " + pdp.getId());
- }
- if (getPdpQueryList.isEmpty()) {
- PolicyLogger.error("The pdp cannot be found to update with id " + pdp.getId());
- throw new PersistenceException("The pdp cannot be found to update with id " + pdp.getId());
- } else if (getPdpQueryList.size() > 1) {
- PolicyLogger.error(moreThanOnePDP + pdp.getId() + deletedStatusFound);
- throw new PersistenceException(moreThanOnePDP + pdp.getId() + deletedStatusFound);
- }
- PdpEntity pdpToUpdate = (PdpEntity) getPdpQueryList.get(0);
- if (!stringEquals(pdpToUpdate.getModifiedBy(), username)) {
- pdpToUpdate.setModifiedBy(username);
- }
- if (pdp.getDescription() != null && !stringEquals(pdp.getDescription(), pdpToUpdate.getDescription())) {
- pdpToUpdate.setDescription(pdp.getDescription());
- }
- if (pdp.getName() != null && !stringEquals(pdp.getName(), pdpToUpdate.getPdpName())) {
- pdpToUpdate.setPdpName(pdp.getName());
- }
- if (pdp.getJmxPort() != null && !pdp.getJmxPort().equals(pdpToUpdate.getJmxPort())) {
- pdpToUpdate.setJmxPort(pdp.getJmxPort());
- }
-
- em.flush();
- this.pdpId = pdpToUpdate.getPdpKey();
- }
- }
-
- @Override
- public void movePdp(OnapPDP pdp, OnapPDPGroup group, String username) {
- logger.debug("movePdp(PDP pdp, PDPGroup group, String username) as movePdp(" + pdp + "," + group + "," +
- username + ") called");
- if (pdp == null || group == null) {
- throw new IllegalArgumentException("PDP pdp and PDPGroup group must not be null");
- }
- if (isNullOrEmpty(username, pdp.getId(), group.getId())) {
- throw new IllegalArgumentException(
- "pdp.getId(), group.getId(), and username must not be null or empty");
- }
-
- synchronized (emLock) {
- checkBeforeOperationRun();
- //check if pdp exists
- Query getPdpQuery = em.createQuery(pdpEntitySelectQuery);
- getPdpQuery.setParameter(pdpIdVariable, pdp.getId());
- getPdpQuery.setParameter(deletedVar, false);
- List<?> getPdpQueryList;
- try {
- getPdpQueryList = getPdpQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on getPdpQuery.getResultList()");
- throw new PersistenceException("Query failed trying to get pdp to move with id " + pdp.getId());
- }
- if (getPdpQueryList.isEmpty()) {
- PolicyLogger.error("The pdp cannot be found to move with id " + pdp.getId());
- throw new PersistenceException("The pdp cannot be found to move with id " + pdp.getId());
- } else if (getPdpQueryList.size() > 1) {
- PolicyLogger.error(moreThanOnePDP + pdp.getId() + deletedStatusFound);
- throw new PersistenceException(moreThanOnePDP + pdp.getId() + deletedStatusFound);
- }
-
- //check if new group exists
- Query checkGroupQuery = em.createQuery(groupEntitySelectQuery);
- checkGroupQuery.setParameter(groupIdVar, group.getId());
- checkGroupQuery.setParameter(deletedVar, false);
- List<?> checkGroupQueryList;
- try {
- checkGroupQueryList = checkGroupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to get group on checkGroupQuery.getResultList()");
- throw new PersistenceException("Query failed trying to get new group " + group.getId());
- }
- if (checkGroupQueryList.size() != 1) {
- PolicyLogger.error("The group " + group.getId() + " does not exist");
- throw new PersistenceException("The group " + group.getId() + " does not exist");
- }
- GroupEntity groupToMoveInto = (GroupEntity) checkGroupQueryList.get(0);
- PdpEntity pdpToUpdate = (PdpEntity) getPdpQueryList.get(0);
- pdpToUpdate.setGroup(groupToMoveInto);
- if (!stringEquals(pdpToUpdate.getModifiedBy(), username)) {
- pdpToUpdate.setModifiedBy(username);
- }
-
- em.flush();
- this.pdpId = pdpToUpdate.getPdpKey();
- }
- }
-
- @Override
- public void changeDefaultGroup(OnapPDPGroup group, String username) {
- logger.debug("changeDefaultGroup(PDPGroup group, String username) as changeDefaultGroup(" + group + "," +
- username + ") called");
- if (group == null) {
- throw new IllegalArgumentException("PDPGroup group must not be null");
- }
- if (isNullOrEmpty(group.getId(), username)) {
- throw new IllegalArgumentException("group.getId() and username must not be null or empty");
- }
-
- synchronized (emLock) {
- checkBeforeOperationRun();
- Query getGroupQuery = em.createQuery(groupEntitySelectQuery);
- getGroupQuery.setParameter(groupIdVar, group.getId());
- getGroupQuery.setParameter(deletedVar, false);
- List<?> getGroupQueryList;
- try {
- getGroupQueryList = getGroupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on getGroupQuery.getResultList()");
- throw new PersistenceException(queryFailedToGetGroup + group.getId());
- }
- if (getGroupQueryList.isEmpty()) {
- PolicyLogger.error("The group cannot be found to set default with id " + group.getId());
- throw new PersistenceException("The group cannot be found to set default with id " + group.getId());
- } else if (getGroupQueryList.size() > 1) {
- PolicyLogger.error(duplicateGroupId + group.getId() + deletedStatusFound);
- throw new PersistenceException(duplicateGroupId + group.getId() + deletedStatusFound);
- }
- GroupEntity newDefaultGroup = (GroupEntity) getGroupQueryList.get(0);
- newDefaultGroup.setDefaultGroup(true);
- if (!stringEquals(newDefaultGroup.getModifiedBy(), username)) {
- newDefaultGroup.setModifiedBy(username);
- }
-
- em.flush();
- this.groupId = newDefaultGroup.getGroupKey();
- Query setAllGroupsNotDefault = em.createQuery(
- "UPDATE GroupEntity g SET g.defaultGroup=:defaultGroup WHERE g.deleted=:deleted AND g" +
- ".groupKey<>:groupKey");
- //not going to set modified by for all groups
- setAllGroupsNotDefault.setParameter("defaultGroup", false);
- setAllGroupsNotDefault.setParameter(deletedVar, false);
- setAllGroupsNotDefault.setParameter("groupKey", newDefaultGroup.getGroupKey());
- try {
- logger.info("set " + setAllGroupsNotDefault.executeUpdate() + " groups as not default");
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception on setAllGroupsNotDefault.executeUpdate()");
- throw new PersistenceException("Could not set all other groups default to false");
- }
- em.flush();
- }
- }
-
-
- @Override
- public void deleteGroup(OnapPDPGroup group, OnapPDPGroup moveToGroup, String username)
- throws PolicyDBException {
- logger.debug("deleteGroup(PDPGroup group, PDPGroup moveToGroup, String username) as deleteGroup(" + group +
- ", " + moveToGroup + "," + username + ") called");
- if (group == null) {
- throw new IllegalArgumentException("PDPGroup group cannot be null");
- }
- if (isNullOrEmpty(username, group.getId())) {
- throw new IllegalArgumentException("group.getId() and and username must not be null or empty");
- }
-
- if (group.isDefaultGroup()) {
- PolicyLogger
- .error("The default group " + group.getId() + " was attempted to be deleted. It cannot be.");
- throw new PolicyDBException("You cannot delete the default group.");
- }
- synchronized (emLock) {
- checkBeforeOperationRun();
- Query deleteGroupQuery = em.createQuery(groupEntitySelectQuery);
- deleteGroupQuery.setParameter(groupIdVar, group.getId());
- deleteGroupQuery.setParameter(deletedVar, false);
- List<?> deleteGroupQueryList;
- try {
- deleteGroupQueryList = deleteGroupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to check if group exists deleteGroupQuery.getResultList()");
- throw new PersistenceException("Query failed trying to check if group exists");
- }
- if (deleteGroupQueryList.isEmpty()) {
- logger.warn(groupCannotBeFound + group.getId());
- return;
- } else if (deleteGroupQueryList.size() > 1) {
- PolicyLogger.error(duplicateGroupId + group.getId() + foundInDBNotDeleted);
- throw new PersistenceException(duplicateGroupId + group.getId() + foundInDBNotDeleted);
- }
-
- Query pdpsInGroupQuery =
- em.createQuery("SELECT p FROM PdpEntity p WHERE p.groupEntity=:group and p.deleted=:deleted");
- pdpsInGroupQuery.setParameter("group", ((GroupEntity) deleteGroupQueryList.get(0)));
- pdpsInGroupQuery.setParameter(deletedVar, false);
- List<?> pdpsInGroupList;
- try {
- pdpsInGroupList = pdpsInGroupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to get PDPs in group on pdpsInGroupQuery.getResultList()");
- throw new PersistenceException("Query failed trying to get PDPs in group");
- }
- if (!pdpsInGroupList.isEmpty()) {
- if (moveToGroup != null) {
- Query checkMoveToGroupQuery = em.createQuery(
- "SELECT o FROM GroupEntity o WHERE o.groupId=:groupId AND o.deleted=:deleted");
- checkMoveToGroupQuery.setParameter(groupIdVar, moveToGroup.getId());
- checkMoveToGroupQuery.setParameter(deletedVar, false);
- List<?> checkMoveToGroupList;
- try {
- checkMoveToGroupList = checkMoveToGroupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to check if group exists checkMoveToGroupQuery" +
- ".getResultList()");
- throw new PersistenceException("Query failed trying to check if group exists");
- }
- if (checkMoveToGroupList.isEmpty()) {
- PolicyLogger.error(groupCannotBeFound + moveToGroup.getId());
- throw new PersistenceException(groupCannotBeFound + moveToGroup.getId());
- } else if (checkMoveToGroupList.size() > 1) {
- PolicyLogger.error(duplicateGroupId + moveToGroup.getId() + foundInDBNotDeleted);
- throw new PersistenceException(
- duplicateGroupId + moveToGroup.getId() + foundInDBNotDeleted);
- } else {
- GroupEntity newGroup = (GroupEntity) checkMoveToGroupList.get(0);
- for (Object pdpObject : pdpsInGroupList) {
- PdpEntity pdp = (PdpEntity) pdpObject;
- pdp.setGroup(newGroup);
- if (!stringEquals(pdp.getModifiedBy(), username)) {
- pdp.setModifiedBy(username);
- }
- try {
- em.flush();
- this.newGroupId = newGroup.getGroupId();
- } catch (PersistenceException e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught PersistenceException trying to set pdp group to null on em.flush" +
- "()");
- throw new PersistenceException("Query failed trying to set pdp group to ");
- }
- }
- }
- } else {
- PolicyLogger.error("Group " + group.getId() +
- " is trying to be delted with PDPs. No group was provided to move them to");
- throw new PolicyDBException("Group has PDPs. Must provide a group for them to move to");
- }
- }
-
- //delete group here
- GroupEntity groupToDelete = (GroupEntity) deleteGroupQueryList.get(0);
- groupToDelete.setDeleted(true);
- if (!stringEquals(groupToDelete.getModifiedBy(), username)) {
- groupToDelete.setModifiedBy(username);
- }
- em.flush();
- this.groupId = groupToDelete.getGroupKey();
- }
- }
-
- @Override
- public StdPDPGroup addPolicyToGroup(String groupID, String policyID, String username) throws PolicyDBException {
- logger.info(
- "PolicyDBDao: addPolicyToGroup(String groupID, String policyID, String username) as " +
- "addPolicyToGroup(" +
- groupID + ", " + policyID + "," + username + ") called");
- if (isNullOrEmpty(groupID, policyID, username)) {
- throw new IllegalArgumentException("groupID, policyID, and username must not be null or empty");
- }
- synchronized (emLock) {
- checkBeforeOperationRun();
- //check if group exists
- Query groupQuery = em.createQuery(groupEntitySelectQuery);
- groupQuery.setParameter(groupIdVar, groupID);
- groupQuery.setParameter(deletedVar, false);
- List<?> groupQueryList;
- try {
- groupQueryList = groupQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to check if group exists groupQuery.getResultList()");
- throw new PersistenceException("Query failed trying to check if group " + groupID + " exists");
- }
- if (groupQueryList.isEmpty()) {
- PolicyLogger.error("Group policy is being added to does not exist with id " + groupID);
- throw new PersistenceException("Group policy is being added to does not exist with id " + groupID);
- } else if (groupQueryList.size() > 1) {
- PolicyLogger.error(duplicateGroupId + groupID + foundInDBNotDeleted);
- throw new PersistenceException(duplicateGroupId + groupID + foundInDBNotDeleted);
- }
-
- //we need to convert the form of the policy id that is used groups into the form that is used
- //for the database. (com.Config_mypol.1.xml) to (Config_mypol.xml)
- String[] policyNameScopeAndVersion = getNameScopeAndVersionFromPdpPolicy(policyID);
- if (policyNameScopeAndVersion == null) {
- throw new IllegalArgumentException("Invalid input - policyID must contain name, scope and version");
- }
- Query policyQuery = em.createQuery(
- "SELECT p FROM PolicyEntity p WHERE p.policyName=:policyName AND p.scope=:scope AND p" +
- ".deleted=:deleted");
- policyQuery.setParameter("policyName", policyNameScopeAndVersion[0]);
- policyQuery.setParameter(scope, policyNameScopeAndVersion[1]);
- policyQuery.setParameter(deletedVar, false);
- List<?> policyQueryList;
- try {
- policyQueryList = policyQuery.getResultList();
- } catch (Exception e) {
- logger.debug(e);
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to check if policy exists policyQuery.getResultList()");
- throw new PersistenceException(
- "Query failed trying to check if policy " + policyNameScopeAndVersion[0] + " exists");
- }
- if (policyQueryList.isEmpty()) {
- PolicyLogger.error("Policy being added to the group does not exist with policy id " +
- policyNameScopeAndVersion[0]);
- throw new PersistenceException("Policy being added to the group does not exist with policy id " +
- policyNameScopeAndVersion[0]);
- } else if (policyQueryList.size() > 1) {
- PolicyLogger.error(duplicatePolicyId + policyNameScopeAndVersion[0] + foundInDBNotDeleted);
- throw new PersistenceException(
- duplicateGroupId + policyNameScopeAndVersion[0] + foundInDBNotDeleted);
- }
- logger.info("PolicyDBDao: Getting group and policy from database");
- GroupEntity group = (GroupEntity) groupQueryList.get(0);
- PolicyEntity policy = (PolicyEntity) policyQueryList.get(0);
- Iterator<PolicyEntity> policyIt = group.getPolicies().iterator();
- String policyName = getPolicyNameAndVersionFromPolicyFileName(policy.getPolicyName())[0];
-
- logger.info("PolicyDBDao: policyName retrieved is " + policyName);
- try {
- while (policyIt.hasNext()) {
- PolicyEntity pol = policyIt.next();
- if (policy.getScope().equals(pol.getScope()) &&
- getPolicyNameAndVersionFromPolicyFileName(pol.getPolicyName())[0].equals(policyName)) {
- policyIt.remove();
- }
- }
- } catch (Exception e) {
- logger.debug(e);
- PolicyLogger.error("Could not delete old versions for policy " + policy.getPolicyName() + ", ID: " +
- policy.getPolicyId());
- }
- group.addPolicyToGroup(policy);
- em.flush();
-
- // After adding policy to the db group we need to make sure the filesytem group is in sync with the db group
- try {
- StdPDPGroup pdpGroup = (StdPDPGroup) papEngine.getGroup(group.getGroupId());
- return synchronizeGroupPoliciesInFileSystem(pdpGroup, group);
- } catch (PAPException e) {
- logger.debug(e);
- PolicyLogger
- .error("PolicyDBDao: Could not synchronize the filesystem group with the database group. " +
- e.getMessage());
- }
- return null;
- }
- }
-
- //this means delete pdp not just remove from group
- @Override
- public void removePdpFromGroup(String pdpID, String username) {
- logger.debug("removePdpFromGroup(String pdpID, String username) as removePdpFromGroup(" + pdpID + "," +
- username + ") called");
- if (isNullOrEmpty(pdpID, username)) {
- throw new IllegalArgumentException("pdpID and username must not be null or empty");
- }
- synchronized (emLock) {
- checkBeforeOperationRun();
- Query pdpQuery = em.createQuery(pdpEntitySelectQuery);
- pdpQuery.setParameter(pdpIdVariable, pdpID);
- pdpQuery.setParameter(deletedVar, false);
- List<?> pdpList;
- try {
- pdpList = pdpQuery.getResultList();
- } catch (Exception e) {
- PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar,
- "Caught Exception trying to check if pdp exists pdpQuery.getResultList()");
- throw new PersistenceException("Query failed trying to check if pdp " + pdpID + " exists");
- }
- if (pdpList.size() > 1) {
- PolicyLogger.error("Somehow, more than one pdp with the id " + pdpID + foundInDBNotDeleted);
- throw new PersistenceException(
- "Somehow, more than one pdp with the id " + pdpID + foundInDBNotDeleted);
- } else if (pdpList.isEmpty()) {
- PolicyLogger.error("Pdp being removed does not exist with id " + pdpID);
- return;
- }
- PdpEntity pdp = (PdpEntity) pdpList.get(0);
- pdp.setGroup(null);
- if (!stringEquals(pdp.getModifiedBy(), username)) {
- pdp.setModifiedBy(username);
- }
- pdp.setDeleted(true);
-
- em.flush();
- this.pdpId = pdp.getPdpKey();
- }
- }
-
- private void notifyOthers(long entityId, String entityType) {
- notifyOthers(entityId, entityType, null);
- }
-
- private void notifyOthers(long entityId, String entityType, String newGroupId) {
- logger.debug("notifyOthers(long entityId, String entityType, long newGroupId) as notifyOthers(" + entityId +
- "," + entityType + "," + newGroupId + ") called");
- LinkedList<Thread> notifyThreads = new LinkedList<>();
-
- //we're going to run notifications in parallel threads to speed things up
- for (Object obj : otherServers) {
- Thread newNotifyThread = new Thread(new NotifyOtherThread(obj, entityId, entityType, newGroupId));
- newNotifyThread.start();
- notifyThreads.add(newNotifyThread);
- }
- //we want to wait for all notifications to complete or timeout before we unlock the interface and allow more changes
- for (Thread t : notifyThreads) {
- try {
- t.join();
- } catch (Exception e) {
- logger.warn("Could not join a notifcation thread" + e);
- }
- }
- }
- }
-
- private PolicyDBDao() {
- //empty constructor