package org.onap.dmaap.datarouter.provisioning;
+import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
+
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
import java.io.IOException;
import java.io.InvalidObjectException;
import java.util.Collection;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import org.json.JSONObject;
import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs;
import org.onap.dmaap.datarouter.provisioning.utils.JSONUtilities;
-import com.att.eelf.configuration.EELFLogger;
-import com.att.eelf.configuration.EELFManager;
-
-import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
/**
* This servlet handles provisioning for the <subscribeURL> which is generated by the provisioning server to
* @version $Id$
*/
@SuppressWarnings("serial")
+
public class SubscribeServlet extends ProxyServlet {
//Adding EELF Logger Rally:US664892
setIpFqdnRequestIDandInvocationIDForEelf("doDelete", req);
eelfLogger.info(EelfMsgs.ENTRY);
try {
- eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");
+ eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID,
+ req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");
String message = "DELETE not allowed for the subscribeURL.";
EventLogRecord elr = new EventLogRecord(req);
elr.setMessage(message);
setIpFqdnRequestIDandInvocationIDForEelf("doGet", req);
eelfLogger.info(EelfMsgs.ENTRY);
try {
- eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");
+ eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID,
+ req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");
EventLogRecord elr = new EventLogRecord(req);
String message = isAuthorizedForProvisioning(req);
if (message != null) {
}
int feedid = getIdFromPath(req);
if (feedid < 0) {
- message = "Missing or bad feed number.";
+ message = MISSING_FEED;
elr.setMessage(message);
elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
eventlogger.error(elr.toString());
}
Feed feed = Feed.getFeedById(feedid);
if (feed == null || feed.isDeleted()) {
- message = "Missing or bad feed number.";
+ message = MISSING_FEED;
elr.setMessage(message);
elr.setResult(HttpServletResponse.SC_NOT_FOUND);
eventlogger.error(elr.toString());
}
// Display a list of URLs
Collection<String> list = Subscription.getSubscriptionUrlList(feedid);
- String t = JSONUtilities.createJSONArray(list);
+ String strList = JSONUtilities.createJSONArray(list);
// send response
elr.setResult(HttpServletResponse.SC_OK);
resp.setStatus(HttpServletResponse.SC_OK);
resp.setContentType(SUBLIST_CONTENT_TYPE);
try {
- resp.getOutputStream().print(t);
+ resp.getOutputStream().print(strList);
} catch (IOException ioe) {
eventlogger.error("PROV0181 SubscribeServlet.doGet: " + ioe.getMessage(), ioe);
}
setIpFqdnRequestIDandInvocationIDForEelf("doPut", req);
eelfLogger.info(EelfMsgs.ENTRY);
try {
- eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");
+ eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID,
+ req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");
String message = "PUT not allowed for the subscribeURL.";
EventLogRecord elr = new EventLogRecord(req);
elr.setMessage(message);
}
int feedid = getIdFromPath(req);
if (feedid < 0) {
- message = "Missing or bad feed number.";
+ message = MISSING_FEED;
elr.setMessage(message);
elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
eventlogger.error(elr.toString());
}
Feed feed = Feed.getFeedById(feedid);
if (feed == null || feed.isDeleted()) {
- message = "Missing or bad feed number.";
+ message = MISSING_FEED;
elr.setMessage(message);
elr.setResult(HttpServletResponse.SC_NOT_FOUND);
eventlogger.error(elr.toString());
// check content type is SUB_CONTENT_TYPE, version 1.0
ContentHeader ch = getContentHeader(req);
String ver = ch.getAttribute("version");
- if (!ch.getType().equals(SUB_BASECONTENT_TYPE) || !(ver.equals("1.0") || ver.equals("2.0"))) {
+ if (!ch.getType().equals(SUB_BASECONTENT_TYPE) || !("1.0".equals(ver) || "2.0".equals(ver))) {
intlogger.debug("Content-type is: " + req.getHeader("Content-Type"));
message = "Incorrect content-type";
elr.setMessage(message);
}
JSONObject jo = getJSONfromInput(req);
if (jo == null) {
- message = "Badly formed JSON";
+ message = BAD_JSON;
elr.setMessage(message);
elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
eventlogger.error(elr.toString());
sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
return;
}
- if (intlogger.isDebugEnabled()) {
- intlogger.debug(jo.toString());
- }
if (++activeSubs > maxSubs) {
activeSubs--;
message = "Cannot create subscription; the maximum number of subscriptions has been configured.";
}
sub.setFeedid(feedid);
sub.setSubscriber(bhdr); // set from X-DMAAP-DR-ON-BEHALF-OF header
- /*
- * START - AAF changes
- * TDP EPIC US# 307413
- * CADI code - check on permissions based on Legacy/AAF users to allow to create/add subscription
- */
- String feedAafInstance = feed.getAafInstance();
- String subAafInstance = sub.getAafInstance();
- boolean subAafLegacyEmptyOrNull = (subAafInstance == null || subAafInstance.equals("") || subAafInstance.equalsIgnoreCase("legacy"));
-
- // This extra check added to verify AAF feed with AAF subscriber having empty aaf instance check
- if (feedAafInstance == null || feedAafInstance.equals("") || feedAafInstance.equalsIgnoreCase("legacy")) {
- if (subAafLegacyEmptyOrNull) {
- AuthorizationResponse aresp = authz.decide(req);
- if (!aresp.isAuthorized()) {
- message = "Policy Engine disallows access";
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
- } else {
- //If Legacy Feed and AAF instance provided in Subscriber JSON
- message = "AAF Subscriber can not be added to legacy Feed- " + feedid;
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
- } else {
- //New AAF Requirement to add legacy subscriber to AAF Feed
- if (subAafLegacyEmptyOrNull) {
- AuthorizationResponse aresp = authz.decide(req);
- if (!aresp.isAuthorized()) {
- message = "Policy Engine disallows access.";
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
- } else {
- //New AAF Requirement to add subscriber by publisher on publisher approval only
- String permission = getSubscriberPermission(subAafInstance, BaseServlet.APPROVE_SUB_PERMISSION);
- eventlogger.info("SubscribeServlet.doPost().. Permission String - " + permission);
- if (!req.isUserInRole(permission)) {
- message = "AAF disallows access to permission - " + permission;
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
- }
- }
- /*
- * END - AAF changes
- */
// Check if this subscription already exists; not an error (yet), just warn
Subscription sub2 = Subscription.getSubscriptionMatching(sub);
if (sub2 != null) {
intlogger.warn(
- "PROV0011 Creating a duplicate subscription: new subid=" + sub.getSubid() + ", old subid=" + sub2.getSubid());
+ "PROV0011 Creating a duplicate subscription: new subid="
+ + sub.getSubid() + ", old subid=" + sub2.getSubid());
}
// Create SUBSCRIPTIONS table entries