import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.Set;
import javax.security.auth.x500.X500Principal;
import javax.servlet.http.HttpServletRequest;
import org.onap.crud.logging.CrudServiceMsgs;
import org.onap.crud.logging.LoggingUtil;
import org.onap.crud.util.CrudServiceConstants;
+import org.onap.crud.util.CrudServiceUtil;
import org.slf4j.MDC;
import com.google.gson.JsonElement;
public class CrudRestService {
- private CrudGraphDataService crudGraphDataService;
+ private AbstractGraphDataService graphDataService;
Logger logger = LoggerFactory.getInstance().getLogger(CrudRestService.class.getName());
Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(CrudRestService.class.getName());
private Auth auth;
private String mediaType = MediaType.APPLICATION_JSON;
public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override";
- public CrudRestService(CrudGraphDataService crudGraphDataService) throws Exception {
- this.crudGraphDataService = crudGraphDataService;
+ public CrudRestService(AbstractGraphDataService graphDataService) throws Exception {
+ this.graphDataService = graphDataService;
this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);
}
POST, GET, PUT, DELETE, PATCH
}
- ;
-
public void startup() {
}
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
- String result = crudGraphDataService.getVertex(version, id, type);
+ String result = graphDataService.getVertex(version, id, type);
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
Map<String, String> filter = new HashMap<String, String>();
for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
}
try {
- String result = crudGraphDataService.getVertices(version, type, filter);
+ String result = graphDataService.getVertices(version, type, filter);
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
- String result = crudGraphDataService.getEdge(version, id, type);
+ String result = graphDataService.getEdge(version, id, type);
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
Map<String, String> filter = new HashMap<String, String>();
for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
}
try {
- String result = crudGraphDataService.getEdges(version, type, filter);
+ String result = graphDataService.getEdges(version, type, filter);
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
EdgePayload payload = EdgePayload.fromJson(content);
if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
&& headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
- result = crudGraphDataService.patchEdge(version, id, type, payload);
+ result = graphDataService.patchEdge(version, id, type, payload);
} else {
- result = crudGraphDataService.updateEdge(version, id, type, payload);
+ result = graphDataService.updateEdge(version, id, type, payload);
}
response = Response.status(Status.OK).entity(result).type(mediaType).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
EdgePayload payload = EdgePayload.fromJson(content);
throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
}
- String result = crudGraphDataService.patchEdge(version, id, type, payload);
+ String result = graphDataService.patchEdge(version, id, type, payload);
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
VertexPayload payload = VertexPayload.fromJson(content);
if (payload.getId() != null && !payload.getId().equals(id)) {
throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
}
+
String result;
+
+ payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
+
if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
&& headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
- result = crudGraphDataService.patchVertex(version, id, type, payload);
+ result = graphDataService.patchVertex(version, id, type, payload);
} else {
- result = crudGraphDataService.updateVertex(version, id, type, payload);
+ result = graphDataService.updateVertex(version, id, type, payload);
}
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
VertexPayload payload = VertexPayload.fromJson(content);
if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
}
- String result = crudGraphDataService.patchVertex(version, id, type, payload);
+ payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
+
+ String result = graphDataService.patchVertex(version, id, type, payload);
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
VertexPayload payload = VertexPayload.fromJson(content);
throw new CrudException("Vertex Type mismatch", Status.BAD_REQUEST);
}
- String result = crudGraphDataService.addVertex(version, type, payload);
+ payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
+
+ String result = graphDataService.addVertex(version, type, payload);
response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
BulkPayload payload = BulkPayload.fromJson(content);
}
validateBulkPayload(payload);
- String result = crudGraphDataService.addBulk(version, payload);
+ String result = graphDataService.addBulk(version, payload, headers);
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
VertexPayload payload = VertexPayload.fromJson(content);
if (payload.getType() == null || payload.getType().isEmpty()) {
throw new CrudException("Missing Vertex Type ", Status.BAD_REQUEST);
}
- String result = crudGraphDataService.addVertex(version, payload.getType(), payload);
+
+ payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
+
+ String result = graphDataService.addVertex(version, payload.getType(), payload);
response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
EdgePayload payload = EdgePayload.fromJson(content);
if (payload.getType() != null && !payload.getType().equals(type)) {
throw new CrudException("Edge Type mismatch", Status.BAD_REQUEST);
}
- String result = crudGraphDataService.addEdge(version, type, payload);
+ String result = graphDataService.addEdge(version, type, payload);
response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
EdgePayload payload = EdgePayload.fromJson(content);
if (payload.getType() == null || payload.getType().isEmpty()) {
throw new CrudException("Missing Edge Type ", Status.BAD_REQUEST);
}
- String result = crudGraphDataService.addEdge(version, payload.getType(), payload);
+ String result = graphDataService.addEdge(version, payload.getType(), payload);
response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
} catch (CrudException ce) {
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
- String result = crudGraphDataService.deleteVertex(version, id, type);
+ String result = graphDataService.deleteVertex(version, id, type);
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
- String result = crudGraphDataService.deleteEdge(version, id, type);
+ String result = graphDataService.deleteEdge(version, id, type);
response = Response.status(Status.OK).entity(result).type(mediaType).build();
} catch (CrudException ce) {
response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
}
protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action,
- String authPolicyFunctionName) {
- try {
+ String authPolicyFunctionName, HttpHeaders headers) {
+ boolean isValid = false;
+ try {
String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
String authUser = null;
if (cipherSuite != null) {
X500Principal subjectDn = clientCert.getSubjectX500Principal();
authUser = subjectDn.toString();
}
- return this.auth.validateRequest(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
+ isValid = this.auth.validateRequest(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
+
+ String sourceOfTruth = null;
+ if(headers.getRequestHeaders().containsKey("X-FromAppId"))
+ sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId");
+
+ if(sourceOfTruth == null || sourceOfTruth.trim() == "")
+ throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST);
+
+ return isValid;
} catch (Exception e) {
logResult(action, uri, e);
return false;
Code Review / aai / gizmo.git / blobdiff