import java.net.URL;\r
import java.util.ArrayList;\r
import java.util.List;\r
-import javax.servlet.http.HttpServletRequest;\r
-import javax.servlet.http.HttpServletResponse;\r
+import jakarta.servlet.http.HttpServletRequest;\r
+import jakarta.servlet.http.HttpServletResponse;\r
import org.json.JSONException;\r
import org.json.JSONObject;\r
import org.onap.dmaap.datarouter.authz.AuthorizationResponse;\r
* @author Robert Eby\r
* @version $Id$\r
*/\r
-@SuppressWarnings("serial")\r
public class SubscriptionServlet extends ProxyServlet {\r
\r
private static final String SUBCNTRL_CONTENT_TYPE = "application/vnd.dmaap-dr.subscription-control";\r
//Adding EELF Logger Rally:US664892\r
- private static EELFLogger eelfLogger = EELFManager.getInstance()\r
+ private static final EELFLogger eelfLogger = EELFManager.getInstance()\r
.getLogger(SubscriptionServlet.class);\r
\r
-\r
-\r
-\r
-\r
/**\r
* DELETE on the <subscriptionUrl> -- delete a subscription. See the <i>Deleting a Subscription</i> section in\r
* the <b>Provisioning API</b> document for details on how this method should be invoked.\r
sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);\r
return;\r
}\r
- /*\r
- * START - AAF changes\r
- * TDP EPIC US# 307413\r
- * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription\r
- */\r
- String aafInstance = sub.getAafInstance();\r
- if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {\r
- AuthorizationResponse aresp = authz.decide(req);\r
- if (!aresp.isAuthorized()) {\r
- message = POLICY_ENGINE;\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
- eventlogger.error(elr.toString());\r
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
- return;\r
- }\r
- } else {\r
- String permission = getSubscriberPermission(aafInstance, BaseServlet.DELETE_PERMISSION);\r
- eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission);\r
- if (!req.isUserInRole(permission)) {\r
- message = "AAF disallows access to permission - " + permission;\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
- eventlogger.error(elr.toString());\r
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
- return;\r
- }\r
- }\r
- /*\r
- * END - AAF changes\r
- */\r
// Delete Subscription\r
if (doDelete(sub)) {\r
activeSubs--;\r
sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
return;\r
}\r
-\r
- /*\r
- * START - AAF changes\r
- * TDP EPIC US# 307413\r
- * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription\r
- */\r
- String aafInstance = sub.getAafInstance();\r
- if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {\r
- AuthorizationResponse aresp = authz.decide(req);\r
- if (!aresp.isAuthorized()) {\r
- message = POLICY_ENGINE;\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
- eventlogger.error(elr.toString());\r
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
- return;\r
- }\r
- } else {\r
- String permission = getSubscriberPermission(aafInstance, BaseServlet.EDIT_PERMISSION);\r
- eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission);\r
- if (!req.isUserInRole(permission)) {\r
- message = "AAF disallows access to permission - " + permission;\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
- eventlogger.error(elr.toString());\r
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
- return;\r
- }\r
- }\r
- /*\r
- * END - AAF changes\r
- */\r
sub.setSubid(oldsub.getSubid());\r
sub.setFeedid(oldsub.getFeedid());\r
sub.setSubscriber(bhdr); // set from X-DMAAP-DR-ON-BEHALF-OF header\r