import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InvalidObjectException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;
-
import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
import org.onap.dmaap.datarouter.provisioning.beans.Feed;
public class FeedServlet extends ProxyServlet {
- //Adding EELF Logger Rally:US664892
- private static EELFLogger eelfLogger = EELFManager.getInstance().getLogger(FeedServlet.class);
+ private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(FeedServlet.class);
/**
* Delete the Feed at the address /feed/<feednumber>.
sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);
return;
}
- /*
- * START - AAF changes
- * TDP EPIC US# 307413
- * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove feed
- */
- String aafInstance = feed.getAafInstance();
- if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {
- AuthorizationResponse aresp = authz.decide(req);
- if (! aresp.isAuthorized()) {
- message = POLICY_ENGINE;
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
- } else {
- String permission = getFeedPermission(aafInstance, BaseServlet.DELETE_PERMISSION);
- eventlogger.info("FeedServlet.doDelete().. Permission String - " + permission);
- if (!req.isUserInRole(permission)) {
- message = "AAF disallows access to permission - " + permission;
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
- }
- /*
- * END - AAF changes
- */
// Delete FEED table entry (set DELETED flag)
feed.setDeleted(true);
if (doUpdate(feed)) {
sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
return;
}
- if (intlogger.isDebugEnabled()) {
- intlogger.debug(jo.toString());
- }
Feed feed;
try {
feed = new Feed(jo);
return;
}
- /*
- * START - AAF changes
- * TDP EPIC US# 307413
- * CADI code - check on permissions based on Legacy/AAF users to allow feed edit/update/modify
- */
- String aafInstance = feed.getAafInstance();
- if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {
- // Check with the Authorizer
- AuthorizationResponse aresp = authz.decide(req);
- if (!aresp.isAuthorized()) {
- message = POLICY_ENGINE;
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
- } else {
- String permission = getFeedPermission(aafInstance, BaseServlet.EDIT_PERMISSION);
- eventlogger.info("FeedServlet.doPut().. Permission String - " + permission);
- if (!req.isUserInRole(permission)) {
- message = "AAF disallows access to permission - " + permission;
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
- }
- /*
- * END - AAF changes
- */
-
// Update FEEDS table entries
if (doUpdate(feed)) {
// send response
Code Review / dmaap / datarouter.git / blobdiff