+++ /dev/null
-/**\r
- * ============LICENSE_START=======================================================\r
- * org.onap.aai\r
- * ================================================================================\r
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.\r
- * Copyright © 2017-2018 Amdocs\r
- * ================================================================================\r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
- *\r
- * http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
- * ============LICENSE_END=========================================================\r
- */\r
-package org.onap.crud.service;\r
-\r
-import java.security.cert.X509Certificate;\r
-import java.util.AbstractMap;\r
-import java.util.Arrays;\r
-import java.util.HashSet;\r
-import java.util.Map;\r
-import java.util.Map.Entry;\r
-import java.util.Set;\r
-import javax.security.auth.x500.X500Principal;\r
-import javax.servlet.http.HttpServletRequest;\r
-import javax.ws.rs.Consumes;\r
-import javax.ws.rs.Encoded;\r
-import javax.ws.rs.POST;\r
-import javax.ws.rs.PUT;\r
-import javax.ws.rs.Path;\r
-import javax.ws.rs.PathParam;\r
-import javax.ws.rs.Produces;\r
-import javax.ws.rs.core.Context;\r
-import javax.ws.rs.core.EntityTag;\r
-import javax.ws.rs.core.HttpHeaders;\r
-import javax.ws.rs.core.MediaType;\r
-import javax.ws.rs.core.Response;\r
-import javax.ws.rs.core.Response.Status;\r
-import javax.ws.rs.core.UriInfo;\r
-import org.apache.commons.lang3.tuple.ImmutablePair;\r
-import org.onap.aai.cl.api.Logger;\r
-import org.onap.aai.cl.eelf.LoggerFactory;\r
-import org.onap.aai.exceptions.AAIException;\r
-import org.onap.aai.serialization.db.EdgeProperty;\r
-import org.onap.aai.serialization.db.EdgeRule;\r
-import org.onap.aai.serialization.db.EdgeRules;\r
-import org.onap.aai.serialization.db.EdgeType;\r
-import org.onap.aaiauth.auth.Auth;\r
-import org.onap.crud.exception.CrudException;\r
-import org.onap.crud.logging.CrudServiceMsgs;\r
-import org.onap.crud.logging.LoggingUtil;\r
-import org.onap.crud.parser.EdgePayload;\r
-import org.onap.crud.parser.util.EdgePayloadUtil;\r
-import org.onap.crud.service.CrudRestService.Action;\r
-import org.onap.crud.util.CrudServiceConstants;\r
-import org.onap.schema.EdgeRulesLoader;\r
-import org.slf4j.MDC;\r
-import com.google.gson.Gson;\r
-import com.google.gson.JsonElement;\r
-import com.google.gson.JsonPrimitive;\r
-\r
-\r
-/**\r
- * This defines a set of REST endpoints which allow clients to create or update graph edges\r
- * where the edge rules defined by the A&AI will be invoked to automatically populate the\r
- * defined edge properties.\r
- */\r
-public class AaiResourceService {\r
-\r
- private String mediaType = MediaType.APPLICATION_JSON;\r
- public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override";\r
-\r
- private Auth auth;\r
- AbstractGraphDataService graphDataService;\r
- Gson gson = new Gson();\r
-\r
- private Logger logger = LoggerFactory.getInstance().getLogger(AaiResourceService.class.getName());\r
- private Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(AaiResourceService.class.getName());\r
-\r
- public AaiResourceService() {}\r
-\r
- /**\r
- * Creates a new instance of the AaiResourceService.\r
- *\r
- * @param crudGraphDataService - Service used for interacting with the graph.\r
- *\r
- * @throws Exception\r
- */\r
- public AaiResourceService(AbstractGraphDataService graphDataService) throws Exception {\r
- this.graphDataService = graphDataService;\r
- this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);\r
- }\r
-\r
- /**\r
- * Perform any one-time initialization required when starting the service.\r
- */\r
- public void startup() {\r
-\r
- if(logger.isDebugEnabled()) {\r
- logger.debug("AaiResourceService started!");\r
- }\r
- }\r
-\r
-\r
- /**\r
- * Creates a new relationship in the graph, automatically populating the edge\r
- * properties based on the A&AI edge rules.\r
- *\r
- * @param content - Json structure describing the relationship to create.\r
- * @param type - Relationship type supplied as a URI parameter.\r
- * @param uri - Http request uri\r
- * @param headers - Http request headers\r
- * @param uriInfo - Http URI info field\r
- * @param req - Http request structure.\r
- *\r
- * @return - Standard HTTP response.\r
- */\r
- @POST\r
- @Path("/relationships/{type}/")\r
- @Consumes({MediaType.APPLICATION_JSON})\r
- @Produces({MediaType.APPLICATION_JSON})\r
- public Response createRelationship(String content,\r
- @PathParam("type") String type,\r
- @PathParam("uri") @Encoded String uri,\r
- @Context HttpHeaders headers,\r
- @Context UriInfo uriInfo,\r
- @Context HttpServletRequest req) {\r
-\r
- LoggingUtil.initMdcContext(req, headers);\r
-\r
- if(logger.isDebugEnabled()) {\r
- logger.debug("Incoming request..." + content);\r
- }\r
-\r
- Response response = null;\r
-\r
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {\r
-\r
- try {\r
-\r
- // Extract the edge payload from the request.\r
- EdgePayload payload = EdgePayload.fromJson(content);\r
-\r
- // Do some basic validation on the payload.\r
- if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {\r
- throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);\r
- }\r
- if (payload.getId() != null) {\r
- throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);\r
- }\r
- if (payload.getType() != null && !payload.getType().equals(type)) {\r
- throw new CrudException("Edge Type mismatch", Status.BAD_REQUEST);\r
- }\r
-\r
- // Apply the edge rules to our edge.\r
- payload = applyEdgeRulesToPayload(payload);\r
-\r
- if(logger.isDebugEnabled()) {\r
- logger.debug("Creating AAI edge using version " + EdgeRulesLoader.getLatestSchemaVersion() );\r
- }\r
-\r
- // Now, create our edge in the graph store.\r
- ImmutablePair<EntityTag, String> result = graphDataService.addEdge(EdgeRulesLoader.getLatestSchemaVersion(), type, payload);\r
- response = Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();\r
-\r
- } catch (CrudException ce) {\r
- response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();\r
- } catch (Exception e) {\r
- response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();\r
- }\r
- }\r
-\r
- LoggingUtil.logRestRequest(logger, auditLogger, req, response);\r
- return response;\r
- }\r
-\r
-\r
- /**\r
- * Creates a new relationship in the graph, automatically populating the edge\r
- * properties based on the A&AI edge rules.\r
- *\r
- * @param content - Json structure describing the relationship to create.\r
- * @param uri - Http request uri\r
- * @param headers - Http request headers\r
- * @param uriInfo - Http URI info field\r
- * @param req - Http request structure.\r
- *\r
- * @return - Standard HTTP response.\r
- *\r
- */\r
- @POST\r
- @Path("/relationships/")\r
- @Consumes({MediaType.APPLICATION_JSON})\r
- @Produces({MediaType.APPLICATION_JSON})\r
- public Response createRelationship(String content,\r
- @PathParam("uri") @Encoded String uri,\r
- @Context HttpHeaders headers,\r
- @Context UriInfo uriInfo,\r
- @Context HttpServletRequest req) {\r
-\r
- LoggingUtil.initMdcContext(req, headers);\r
-\r
- logger.debug("Incoming request..." + content);\r
- Response response = null;\r
-\r
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {\r
-\r
- try {\r
-\r
- // Extract the edge payload from the request.\r
- EdgePayload payload = EdgePayload.fromJson(content);\r
-\r
- // Do some basic validation on the payload.\r
- if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {\r
- throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);\r
- }\r
- if (payload.getId() != null) {\r
- throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);\r
- }\r
- if (payload.getType() == null || payload.getType().isEmpty()) {\r
- throw new CrudException("Missing Edge Type ", Status.BAD_REQUEST);\r
- }\r
-\r
- // Apply the edge rules to our edge.\r
- payload = applyEdgeRulesToPayload(payload);\r
-\r
- // Now, create our edge in the graph store.\r
- ImmutablePair<EntityTag, String> result = graphDataService.addEdge(EdgeRulesLoader.getLatestSchemaVersion(), payload.getType(), payload);\r
- response = Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();\r
-\r
- } catch (CrudException ce) {\r
- response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();\r
- } catch (Exception e) {\r
- response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();\r
- }\r
- } else {\r
- response = Response.status(Status.FORBIDDEN).entity(content)\r
- .type(MediaType.APPLICATION_JSON).build();\r
- }\r
-\r
- LoggingUtil.logRestRequest(logger, auditLogger, req, response);\r
- return response;\r
- }\r
-\r
-\r
-\r
- /**\r
- * Upserts a relationship into the graph, automatically populating the edge properties\r
- * based on the A&AI edge rules. The behaviour is as follows:\r
- * <p>\r
- * <li>If no relationship with the supplied identifier already exists, then a new relationship\r
- * is created with that id.<br>\r
- * <li>If a relationship with the supplied id DOES exist, then it is replaced with the supplied\r
- * content.\r
- *\r
- * @param content - Json structure describing the relationship to create.\r
- * @param type - Relationship type supplied as a URI parameter.\r
- * @param id - Edge identifier.\r
- * @param uri - Http request uri\r
- * @param headers - Http request headers\r
- * @param uriInfo - Http URI info field\r
- * @param req - Http request structure.\r
- *\r
- * @return - Standard HTTP response.\r
- */\r
- @PUT\r
- @Path("/relationships/{type}/{id}")\r
- @Consumes({MediaType.APPLICATION_JSON})\r
- @Produces({MediaType.APPLICATION_JSON})\r
- public Response upsertEdge(String content,\r
- @PathParam("type") String type,\r
- @PathParam("id") String id,\r
- @PathParam("uri") @Encoded String uri,\r
- @Context HttpHeaders headers,\r
- @Context UriInfo uriInfo,\r
- @Context HttpServletRequest req) {\r
- LoggingUtil.initMdcContext(req, headers);\r
-\r
- logger.debug("Incoming request..." + content);\r
- Response response = null;\r
-\r
- if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {\r
-\r
- try {\r
-\r
- // Extract the edge payload from the request.\r
- EdgePayload payload = EdgePayload.fromJson(content);\r
-\r
- // Do some basic validation on the payload.\r
- if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {\r
- throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);\r
- }\r
- if (payload.getId() != null && !payload.getId().equals(id)) {\r
- throw new CrudException("ID Mismatch", Status.BAD_REQUEST);\r
- }\r
-\r
- // Apply the edge rules to our edge.\r
- payload = applyEdgeRulesToPayload(payload);\r
- ImmutablePair<EntityTag, String> result;\r
- if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null &&\r
- headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {\r
- result = graphDataService.patchEdge(EdgeRulesLoader.getLatestSchemaVersion(), id, type, payload);\r
- response = Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey()).build();\r
- } else {\r
- result = graphDataService.updateEdge(EdgeRulesLoader.getLatestSchemaVersion(), id, type, payload);\r
- response = Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey()).build();\r
- }\r
-\r
- } catch (CrudException ce) {\r
- response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();\r
- } catch (Exception e) {\r
- response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();\r
- }\r
-\r
- } else {\r
-\r
- response = Response.status(Status.FORBIDDEN).entity(content)\r
- .type(MediaType.APPLICATION_JSON).build();\r
- }\r
-\r
- LoggingUtil.logRestRequest(logger, auditLogger, req, response);\r
- return response;\r
- }\r
-\r
-\r
- /**\r
- * Retrieves the properties defined in the edge rules for a relationship between the\r
- * supplied vertex types.\r
- *\r
- * @param sourceVertexType - Type of source vertex for the relationship.\r
- * @param targetVertexType - Type of target vertex for the relationship.\r
- *\r
- * @return - The defined properties for the relationship type.\r
- *\r
- * @throws CrudException\r
- */\r
- private Map<EdgeProperty, String> getEdgeRuleProperties(String sourceVertexType, String targetVertexType) throws CrudException {\r
-\r
- if(logger.isDebugEnabled()) {\r
- logger.debug("Lookup db edge rules for " + sourceVertexType + " -> " + targetVertexType);\r
- }\r
-\r
- EdgeRules rules = EdgeRules.getInstance();\r
- EdgeRule rule;\r
- try {\r
-\r
- if(logger.isDebugEnabled()) {\r
- logger.debug("Lookup by edge type TREE");\r
- }\r
-\r
- // We have no way of knowing in advance whether our relationship is considered to\r
- // be a tree or cousing relationship, so try looking it up as a tree type first.\r
- rule = rules.getEdgeRule(EdgeType.TREE, sourceVertexType, targetVertexType);\r
-\r
- } catch (AAIException e) {\r
- try {\r
-\r
- if(logger.isDebugEnabled()) {\r
- logger.debug("Lookup by edge type COUSIN");\r
- }\r
-\r
- // If we are here, then our lookup by 'tree' type failed, so try looking it up\r
- // as a 'cousin' relationship.\r
- rule = rules.getEdgeRule(EdgeType.COUSIN, sourceVertexType, targetVertexType);\r
-\r
- } catch (AAIException e1) {\r
-\r
- // If we're here then we failed to find edge rules for this relationship. Time to\r
- // give up...\r
- throw new CrudException("No edge rules for " + sourceVertexType + " -> " + targetVertexType, Status.NOT_FOUND);\r
- }\r
- } catch (Exception e) {\r
-\r
- throw new CrudException("General failure getting edge rule properties - " +\r
- e.getMessage(), Status.INTERNAL_SERVER_ERROR);\r
- }\r
-\r
- return rule.getEdgeProperties();\r
- }\r
-\r
-\r
- /**\r
- * This method takes an inbound edge request payload, looks up the edge rules for the\r
- * sort of relationship defined in the payload, and automatically applies the defined\r
- * edge properties to it.\r
- *\r
- * @param payload - The original edge request payload\r
- *\r
- * @return - An updated edge request payload, with the properties defined in the edge\r
- * rules automatically populated.\r
- *\r
- * @throws CrudException\r
- */\r
- public EdgePayload applyEdgeRulesToPayload(EdgePayload payload) throws CrudException {\r
-\r
- // Extract the types for both the source and target vertices.\r
- String srcType = EdgePayloadUtil.getVertexNodeType(payload.getSource());\r
- String tgtType = EdgePayloadUtil.getVertexNodeType(payload.getTarget());\r
-\r
- // Now, get the default properties for this edge based on the edge rules definition...\r
- Map<EdgeProperty, String> props = getEdgeRuleProperties(srcType, tgtType);\r
-\r
- // ...and merge them with any custom properties provided in the request.\r
- JsonElement mergedProperties = mergeProperties(payload.getProperties(), props);\r
- payload.setProperties(mergedProperties);\r
-\r
- if(logger.isDebugEnabled()) {\r
- logger.debug("Edge properties after applying rules for '" + srcType + " -> " + tgtType + "': " + mergedProperties);\r
- }\r
-\r
- return payload;\r
- }\r
-\r
-\r
- /**\r
- * Given a set of edge properties extracted from an edge request payload and a set of properties\r
- * taken from the db edge rules, this method merges them into one set of properties.\r
- * <p>\r
- * If the client has attempted to override the defined value for a property in the db edge rules\r
- * then the request will be rejected as invalid.\r
- *\r
- * @param propertiesFromRequest - Set of properties from the edge request.\r
- * @param propertyDefaults - Set of properties from the db edge rules.\r
- *\r
- * @return - A merged set of properties.\r
- *\r
- * @throws CrudException\r
- */\r
- @SuppressWarnings("unchecked")\r
- public JsonElement mergeProperties(JsonElement propertiesFromRequest, Map<EdgeProperty, String> propertyDefaults) throws CrudException {\r
-\r
- // Convert the properties from the edge payload into something we can\r
- // manipulate.\r
- Set<Map.Entry<String, JsonElement>> properties = new HashSet<Map.Entry<String, JsonElement>>();\r
- properties.addAll(propertiesFromRequest.getAsJsonObject().entrySet());\r
-\r
- Set<String> propertyKeys = new HashSet<String>();\r
- for(Map.Entry<String, JsonElement> property : properties) {\r
- propertyKeys.add(property.getKey());\r
- }\r
-\r
- // Now, merge in the properties specified in the Db Edge Rules.\r
- for(EdgeProperty defProperty : propertyDefaults.keySet()) {\r
-\r
- // If the edge rules property was explicitly specified by the\r
- // client then we will reject the request...\r
- if(!propertyKeys.contains(defProperty.toString())) {\r
- properties.add(new AbstractMap.SimpleEntry<String, JsonElement>(defProperty.toString(),\r
- (new JsonPrimitive(propertyDefaults.get(defProperty)))));\r
-\r
- } else {\r
- throw new CrudException("Property " + defProperty + " defined in db edge rules can not be overriden by the client.",\r
- Status.BAD_REQUEST);\r
- }\r
- }\r
-\r
- Object[] propArray = properties.toArray();\r
- StringBuilder sb = new StringBuilder();\r
- sb.append("{");\r
- boolean first=true;\r
- for(int i=0; i<propArray.length; i++) {\r
-\r
- Map.Entry<String, JsonElement> entry = (Entry<String, JsonElement>) propArray[i];\r
- if(!first) {\r
- sb.append(",");\r
- }\r
- sb.append("\"").append(entry.getKey()).append("\"").append(":").append(entry.getValue());\r
- first=false;\r
- }\r
- sb.append("}");\r
-\r
- // We're done. Return the result as a JsonElement.\r
- return gson.fromJson(sb.toString(), JsonElement.class);\r
- }\r
-\r
-\r
- /**\r
- * Invokes authentication validation on an incoming HTTP request.\r
- *\r
- * @param req - The HTTP request.\r
- * @param uri - HTTP URI\r
- * @param content - Payload of the HTTP request.\r
- * @param action - What HTTP action is being performed (GET/PUT/POST/PATCH/DELETE)\r
- * @param authPolicyFunctionName - Policy function being invoked.\r
- *\r
- * @return true - if the request passes validation,\r
- * false - otherwise.\r
- */\r
- protected boolean validateRequest(HttpServletRequest req,\r
- String uri,\r
- String content,\r
- Action action,\r
- String authPolicyFunctionName) {\r
- try {\r
- String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");\r
- String authUser = null;\r
- if (cipherSuite != null) {\r
-\r
- X509Certificate[] certChain = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");\r
- X509Certificate clientCert = certChain[0];\r
- X500Principal subjectDn = clientCert.getSubjectX500Principal();\r
- authUser = subjectDn.toString();\r
- }\r
-\r
- return this.auth.validateRequest(authUser!=null ? authUser.toLowerCase():"", action.toString() + ":" + authPolicyFunctionName);\r
-\r
- } catch (Exception e) {\r
- logResult(action, uri, e);\r
- return false;\r
- }\r
- }\r
-\r
- protected void logResult(Action op, String uri, Exception e) {\r
-\r
- logger.error(CrudServiceMsgs.EXCEPTION_DURING_METHOD_CALL,\r
- op.toString(),\r
- uri, Arrays.toString(e.getStackTrace()));\r
-\r
- // Clear the MDC context so that no other transaction inadvertently\r
- // uses our transaction id.\r
- MDC.clear();\r
- }\r
-}\r