+
+ private static final String PUBLISHER_NOT_PERMITTED = "Publisher not permitted for this feed";
+ private static EELFLogger logger = EELFManager.getInstance().getLogger(NodeConfig.class);
+ private HashMap<String, String> params = new HashMap<>();
+ private HashMap<String, Feed> feeds = new HashMap<>();
+ private HashMap<String, DestInfo> nodeinfo = new HashMap<>();
+ private HashMap<String, DestInfo> subinfo = new HashMap<>();
+ private HashMap<String, IsFrom> nodes = new HashMap<>();
+ private HashMap<String, ProvSubscription> provSubscriptions = new HashMap<>();
+ private String myname;
+ private String myauth;
+ private DestInfo[] alldests;
+ private int rrcntr;
+
+ /**
+ * Process the raw provisioning data to configure this node.
+ *
+ * @param pd The parsed provisioning data
+ * @param myname My name as seen by external systems
+ * @param spooldir The directory where temporary files live
+ * @param port The port number for URLs
+ * @param nodeauthkey The keying string used to generate node authentication credentials
+ */
+ public NodeConfig(ProvData pd, String myname, String spooldir, int port, String nodeauthkey) {
+ this.myname = myname;
+ for (ProvParam p : pd.getParams()) {
+ params.put(p.getName(), p.getValue());
+ }
+ ArrayList<DestInfo> destInfos = addDestInfoToNodeConfig(pd, myname, spooldir, port, nodeauthkey);
+ PathFinder pf = new PathFinder(myname, nodeinfo.keySet().toArray(new String[0]), pd.getHops());
+ HashMap<String, ArrayList<Redirection>> rdtab = addSubRedirInfoToNodeConfig(pd);
+ HashMap<String, HashMap<String, String>> pfutab = addFeedUsersToNodeConfig(pd);
+ HashMap<String, String> egrtab = addEgressRoutesToNodeConfig(pd, myname);
+ HashMap<String, ArrayList<SubnetMatcher>> pfstab = addFeedSubnetToNodeConfig(pd);
+ HashSet<String> allfeeds = addFeedsToNodeConfig(pd);
+ HashMap<String, StringBuilder> feedTargets = addSubsToNodeConfig(pd, spooldir, destInfos, pf, egrtab, allfeeds);
+ alldests = destInfos.toArray(new DestInfo[0]);
+ addFeedTargetsToNodeConfig(pd, rdtab, pfutab, pfstab, feedTargets);
+ }
+
+ @NotNull
+ private ArrayList<DestInfo> addDestInfoToNodeConfig(ProvData pd, String myname, String spooldir, int port,
+ String nodeauthkey) {
+ ArrayList<DestInfo> destInfos = new ArrayList<>();
+ myauth = NodeUtils.getNodeAuthHdr(myname, nodeauthkey);
+ for (ProvNode pn : pd.getNodes()) {
+ String commonName = pn.getCName();
+ if (nodeinfo.get(commonName) != null) {
+ continue;
+ }
+ DestInfo di = new DestInfoBuilder().setName("n:" + commonName).setSpool(spooldir + "/n/" + commonName)
+ .setSubid(null)
+ .setLogdata("n2n-" + commonName).setUrl("https://" + commonName + ":" + port + "/internal/publish")
+ .setAuthuser(commonName).setAuthentication(myauth).setMetaonly(false).setUse100(true)
+ .setPrivilegedSubscriber(false).setFollowRedirects(false).setDecompress(false).createDestInfo();
+ (new File(di.getSpool())).mkdirs();
+ String auth = NodeUtils.getNodeAuthHdr(commonName, nodeauthkey);
+ destInfos.add(di);
+ nodeinfo.put(commonName, di);
+ nodes.put(auth, new IsFrom(commonName));
+ }
+ return destInfos;
+ }
+
+ @NotNull
+ private HashMap<String, ArrayList<Redirection>> addSubRedirInfoToNodeConfig(ProvData pd) {
+ HashMap<String, ArrayList<Redirection>> rdtab = new HashMap<>();
+ for (ProvForceIngress pfi : pd.getForceIngress()) {
+ ArrayList<Redirection> redirections = rdtab.get(pfi.getFeedId());
+ if (redirections == null) {
+ redirections = new ArrayList<>();
+ rdtab.put(pfi.getFeedId(), redirections);
+ }
+ Redirection redirection = new Redirection();
+ if (pfi.getSubnet() != null) {
+ redirection.snm = new SubnetMatcher(pfi.getSubnet());
+ }
+ redirection.user = pfi.getUser();
+ redirection.nodes = pfi.getNodes();
+ redirections.add(redirection);
+ }
+ return rdtab;
+ }
+
+ @NotNull
+ private HashMap<String, HashMap<String, String>> addFeedUsersToNodeConfig(ProvData pd) {
+ HashMap<String, HashMap<String, String>> pfutab = new HashMap<>();
+ for (ProvFeedUser pfu : pd.getFeedUsers()) {
+ HashMap<String, String> userInfo = pfutab.get(pfu.getFeedId());
+ if (userInfo == null) {
+ userInfo = new HashMap<>();
+ pfutab.put(pfu.getFeedId(), userInfo);
+ }
+ userInfo.put(pfu.getCredentials(), pfu.getUser());
+ }
+ return pfutab;
+ }
+
+ @NotNull
+ private HashMap<String, String> addEgressRoutesToNodeConfig(ProvData pd, String myname) {
+ HashMap<String, String> egrtab = new HashMap<>();
+ for (ProvForceEgress pfe : pd.getForceEgress()) {
+ if (pfe.getNode().equals(myname) || nodeinfo.get(pfe.getNode()) == null) {
+ continue;
+ }
+ egrtab.put(pfe.getSubId(), pfe.getNode());
+ }
+ return egrtab;
+ }
+
+ @NotNull
+ private HashMap<String, ArrayList<SubnetMatcher>> addFeedSubnetToNodeConfig(ProvData pd) {
+ HashMap<String, ArrayList<SubnetMatcher>> pfstab = new HashMap<>();
+ for (ProvFeedSubnet pfs : pd.getFeedSubnets()) {
+ ArrayList<SubnetMatcher> subnetMatchers = pfstab.get(pfs.getFeedId());
+ if (subnetMatchers == null) {
+ subnetMatchers = new ArrayList<>();
+ pfstab.put(pfs.getFeedId(), subnetMatchers);
+ }
+ subnetMatchers.add(new SubnetMatcher(pfs.getCidr()));
+ }
+ return pfstab;
+ }
+
+ @NotNull
+ private HashSet<String> addFeedsToNodeConfig(ProvData pd) {
+ HashSet<String> allfeeds = new HashSet<>();
+ for (ProvFeed pfx : pd.getFeeds()) {
+ if (pfx.getStatus() == null) {
+ allfeeds.add(pfx.getId());
+ }
+ }
+ return allfeeds;
+ }
+
+ @NotNull
+ private HashMap<String, StringBuilder> addSubsToNodeConfig(ProvData pd, String spooldir,
+ ArrayList<DestInfo> destInfos, PathFinder pf, HashMap<String, String> egrtab, HashSet<String> allfeeds) {
+ HashMap<String, StringBuilder> feedTargets = new HashMap<>();
+ for (ProvSubscription provSubscription : pd.getSubscriptions()) {
+ String subId = provSubscription.getSubId();
+ String feedId = provSubscription.getFeedId();
+ if (isFeedOrSubKnown(allfeeds, subId, feedId)) {
+ continue;
+ }
+ int sididx = 999;
+ try {
+ sididx = Integer.parseInt(subId);
+ sididx -= sididx % 100;
+ } catch (Exception e) {
+ logger.error("NODE0517 Exception NodeConfig: " + e);
+ }
+ String subscriptionDirectory = sididx + "/" + subId;
+ DestInfo destinationInfo = new DestInfo("s:" + subId,
+ spooldir + "/s/" + subscriptionDirectory, provSubscription);
+ (new File(destinationInfo.getSpool())).mkdirs();
+ destInfos.add(destinationInfo);
+ provSubscriptions.put(subId, provSubscription);
+ subinfo.put(subId, destinationInfo);
+ String egr = egrtab.get(subId);
+ if (egr != null) {
+ subId = pf.getPath(egr) + subId;
+ }
+ StringBuilder sb = feedTargets.get(feedId);
+ if (sb == null) {
+ sb = new StringBuilder();
+ feedTargets.put(feedId, sb);
+ }
+ sb.append(' ').append(subId);
+ }
+ return feedTargets;
+ }
+
+ private void addFeedTargetsToNodeConfig(ProvData pd, HashMap<String, ArrayList<Redirection>> rdtab,
+ HashMap<String, HashMap<String, String>> pfutab, HashMap<String, ArrayList<SubnetMatcher>> pfstab,
+ HashMap<String, StringBuilder> feedTargets) {
+ for (ProvFeed pfx : pd.getFeeds()) {
+ String fid = pfx.getId();
+ Feed feed = feeds.get(fid);
+ if (feed != null) {
+ continue;
+ }
+ feed = new Feed();
+ feeds.put(fid, feed);
+ feed.createdDate = pfx.getCreatedDate();
+ feed.loginfo = pfx.getLogData();
+ feed.status = pfx.getStatus();
+ /*
+ * AAF changes: TDP EPIC US# 307413
+ * Passing aafInstance from ProvFeed to identify legacy/AAF feeds
+ */
+ feed.aafInstance = pfx.getAafInstance();
+ ArrayList<SubnetMatcher> v1 = pfstab.get(fid);
+ if (v1 == null) {
+ feed.subnets = new SubnetMatcher[0];
+ } else {
+ feed.subnets = v1.toArray(new SubnetMatcher[0]);
+ }
+ HashMap<String, String> h1 = pfutab.get(fid);
+ if (h1 == null) {
+ h1 = new HashMap();
+ }
+ feed.authusers = h1;
+ ArrayList<Redirection> v2 = rdtab.get(fid);
+ if (v2 == null) {
+ feed.redirections = new Redirection[0];
+ } else {
+ feed.redirections = v2.toArray(new Redirection[0]);
+ }
+ StringBuilder sb = feedTargets.get(fid);
+ if (sb == null) {
+ feed.targets = new Target[0];
+ } else {
+ feed.targets = parseRouting(sb.toString());
+ }
+ }
+ }
+
+ /**
+ * Parse a target string into an array of targets.
+ *
+ * @param routing Target string
+ * @return Array of targets.
+ */
+ public Target[] parseRouting(String routing) {
+ routing = routing.trim();
+ if ("".equals(routing)) {
+ return (new Target[0]);
+ }
+ String[] routingTable = routing.split("\\s+");
+ HashMap<String, Target> tmap = new HashMap<>();
+ HashSet<String> subset = new HashSet<>();
+ ArrayList<Target> targets = new ArrayList<>();
+ for (int i = 0; i < routingTable.length; i++) {
+ String target = routingTable[i];
+ int index = target.indexOf('/');
+ if (index == -1) {
+ addTarget(subset, targets, target);
+ } else {
+ addTargetWithRouting(tmap, targets, target, index);
+ }
+ }
+ return (targets.toArray(new Target[0]));
+ }
+
+ /**
+ * Check whether this is a valid node-to-node transfer.
+ *
+ * @param credentials Credentials offered by the supposed node
+ * @param ip IP address the request came from
+ */
+ public boolean isAnotherNode(String credentials, String ip) {
+ IsFrom node = nodes.get(credentials);
+ return (node != null && node.isFrom(ip));
+ }
+
+ /**
+ * Check whether publication is allowed.
+ *
+ * @param feedid The ID of the feed being requested.
+ * @param credentials The offered credentials
+ * @param ip The requesting IP address
+ */
+ public String isPublishPermitted(String feedid, String credentials, String ip) {
+ Feed feed = feeds.get(feedid);
+ String nf = "Feed does not exist";
+ if (feed != null) {
+ nf = feed.status;
+ }
+ if (nf != null) {
+ return (nf);
+ }
+ String user = feed.authusers.get(credentials);
+ if (user == null) {
+ return (PUBLISHER_NOT_PERMITTED);
+ }
+ if (feed.subnets.length == 0) {
+ return (null);
+ }
+ byte[] addr = NodeUtils.getInetAddress(ip);
+ for (SubnetMatcher snm : feed.subnets) {
+ if (snm.matches(addr)) {
+ return (null);
+ }
+ }
+ return (PUBLISHER_NOT_PERMITTED);
+ }
+
+ /**
+ * Check whether publication is allowed for AAF Feed.
+ *
+ * @param feedid The ID of the feed being requested.
+ * @param ip The requesting IP address
+ */
+ public String isPublishPermitted(String feedid, String ip) {
+ Feed feed = feeds.get(feedid);
+ String nf = "Feed does not exist";
+ if (feed != null) {
+ nf = feed.status;
+ }
+ if (nf != null) {
+ return nf;
+ }
+ if (feed.subnets.length == 0) {
+ return null;
+ }
+ byte[] addr = NodeUtils.getInetAddress(ip);
+ for (SubnetMatcher snm : feed.subnets) {
+ if (snm.matches(addr)) {
+ return null;
+ }
+ }
+ return PUBLISHER_NOT_PERMITTED;
+ }
+
+ /**
+ * Check whether delete file is allowed.
+ *
+ * @param subId The ID of the subscription being requested.
+ */
+ public boolean isDeletePermitted(String subId) {
+ ProvSubscription provSubscription = provSubscriptions.get(subId);
+ return provSubscription.isPrivilegedSubscriber();
+ }
+
+ /**
+ * Get authenticated user.
+ */
+ public String getAuthUser(String feedid, String credentials) {
+ return (feeds.get(feedid).authusers.get(credentials));
+ }
+
+ /**
+ * AAF changes: TDP EPIC US# 307413 Check AAF_instance for feed ID.
+ *
+ * @param feedid The ID of the feed specified
+ */
+ public String getAafInstance(String feedid) {
+ Feed feed = feeds.get(feedid);
+ return feed.aafInstance;
+ }
+
+ /**
+ * Check if the request should be redirected to a different ingress node.
+ */
+ public String getIngressNode(String feedid, String user, String ip) {
+ Feed feed = feeds.get(feedid);
+ if (feed.redirections.length == 0) {
+ return (null);
+ }
+ byte[] addr = NodeUtils.getInetAddress(ip);
+ for (Redirection r : feed.redirections) {
+ if ((r.user != null && !user.equals(r.user)) || (r.snm != null && !r.snm.matches(addr))) {
+ continue;
+ }
+ for (String n : r.nodes) {
+ if (myname.equals(n)) {
+ return (null);
+ }
+ }
+ if (r.nodes.length == 0) {
+ return (null);
+ }
+ return (r.nodes[rrcntr++ % r.nodes.length]);
+ }
+ return (null);
+ }
+
+ /**
+ * Get a provisioned configuration parameter.
+ */
+ public String getProvParam(String name) {
+ return (params.get(name));
+ }
+