Code Review / dmaap / datarouter.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
update link to upper-constraints.txt
[dmaap/datarouter.git] / datarouter-prov / src / main / java / org / onap / dmaap / datarouter / provisioning / SubscriptionServlet.java
diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java
index 03bc983..f4f3c9b 100644 (file)
--- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java
+++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServlet.java
@@ -34,14 +34,15 @@ import java.net.HttpURLConnection;
 import java.net.URL;\r
 import java.util.ArrayList;\r
 import java.util.List;\r
-import javax.servlet.http.HttpServletRequest;\r
-import javax.servlet.http.HttpServletResponse;\r
+import jakarta.servlet.http.HttpServletRequest;\r
+import jakarta.servlet.http.HttpServletResponse;\r
 import org.json.JSONException;\r
 import org.json.JSONObject;\r
 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;\r
 import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;\r
 import org.onap.dmaap.datarouter.provisioning.beans.Subscription;\r
 import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs;\r
+import org.onap.dmaap.datarouter.provisioning.utils.SynchronizerTask;\r
 \r
 /**\r
  * This servlet handles provisioning for the <subscriptionURL> which is generated by the provisioning server to\r
@@ -52,18 +53,13 @@ import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs;
  * @author Robert Eby\r
  * @version $Id$\r
  */\r
-@SuppressWarnings("serial")\r
 public class SubscriptionServlet extends ProxyServlet {\r
 \r
     private static final String SUBCNTRL_CONTENT_TYPE = "application/vnd.dmaap-dr.subscription-control";\r
     //Adding EELF Logger Rally:US664892\r
-    private static EELFLogger eelfLogger = EELFManager.getInstance()\r
+    private static final EELFLogger eelfLogger = EELFManager.getInstance()\r
         .getLogger(SubscriptionServlet.class);\r
 \r
-\r
-\r
-\r
-\r
     /**\r
      * DELETE on the &lt;subscriptionUrl&gt; -- delete a subscription. See the <i>Deleting a Subscription</i> section in\r
      * the <b>Provisioning API</b> document for details on how this method should be invoked.\r
@@ -115,37 +111,6 @@ public class SubscriptionServlet extends ProxyServlet {
                 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);\r
                 return;\r
             }\r
-            /*\r
-             * START - AAF changes\r
-             * TDP EPIC US# 307413\r
-             * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription\r
-             */\r
-            String aafInstance = sub.getAafInstance();\r
-            if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {\r
-                AuthorizationResponse aresp = authz.decide(req);\r
-                if (!aresp.isAuthorized()) {\r
-                    message = POLICY_ENGINE;\r
-                    elr.setMessage(message);\r
-                    elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
-                    eventlogger.error(elr.toString());\r
-                    sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
-                    return;\r
-                }\r
-            } else {\r
-                String permission = getSubscriberPermission(aafInstance, BaseServlet.DELETE_PERMISSION);\r
-                eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission);\r
-                if (!req.isUserInRole(permission)) {\r
-                    message = "AAF disallows access to permission - " + permission;\r
-                    elr.setMessage(message);\r
-                    elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
-                    eventlogger.error(elr.toString());\r
-                    sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
-                    return;\r
-                }\r
-            }\r
-            /*\r
-             * END - AAF changes\r
-             */\r
             // Delete Subscription\r
             if (doDelete(sub)) {\r
                 activeSubs--;\r
@@ -314,10 +279,7 @@ public class SubscriptionServlet extends ProxyServlet {
                 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
                 return;\r
             }\r
-            if (intlogger.isDebugEnabled()) {\r
-                intlogger.debug(jo.toString());\r
-            }\r
-            Subscription sub = null;\r
+            Subscription sub;\r
             try {\r
                 sub = new Subscription(jo);\r
             } catch (InvalidObjectException e) {\r
@@ -328,38 +290,6 @@ public class SubscriptionServlet extends ProxyServlet {
                 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
                 return;\r
             }\r
-\r
-            /*\r
-             * START - AAF changes\r
-             * TDP EPIC US# 307413\r
-             * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription\r
-             */\r
-            String aafInstance = sub.getAafInstance();\r
-            if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {\r
-                AuthorizationResponse aresp = authz.decide(req);\r
-                if (!aresp.isAuthorized()) {\r
-                    message = POLICY_ENGINE;\r
-                    elr.setMessage(message);\r
-                    elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
-                    eventlogger.error(elr.toString());\r
-                    sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
-                    return;\r
-                }\r
-            } else {\r
-                String permission = getSubscriberPermission(aafInstance, BaseServlet.EDIT_PERMISSION);\r
-                eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission);\r
-                if (!req.isUserInRole(permission)) {\r
-                    message = "AAF disallows access to permission - " + permission;\r
-                    elr.setMessage(message);\r
-                    elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
-                    eventlogger.error(elr.toString());\r
-                    sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
-                    return;\r
-                }\r
-            }\r
-            /*\r
-             * END - AAF changes\r
-             */\r
             sub.setSubid(oldsub.getSubid());\r
             sub.setFeedid(oldsub.getFeedid());\r
             sub.setSubscriber(bhdr);    // set from X-DMAAP-DR-ON-BEHALF-OF header\r
The Data Routing System project is intended to provide a common framework by which data producers can make data available to data consumers and a way for potential consumers to find feeds with the data they require. The interface to DR is exposed as a RESTful web service known as the DR Publishing and Delivery API