X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ECOMP-PAP-REST%2Fsrc%2Fmain%2Fjava%2Forg%2Fopenecomp%2Fpolicy%2Fpap%2Fxacml%2Frest%2FXACMLPapServlet.java;h=4ceae062b15243ca7fc1bb342ed6ce6f2d4824d4;hb=685ed1545ed28b777a3ba6e7d315b78f355154cb;hp=5e7e2436f8d413aff04a45e795bd842127f9713d;hpb=87c95be02a8a4d77e165dede90777e811b59dcae;p=policy%2Fengine.git diff --git a/ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/rest/XACMLPapServlet.java b/ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/rest/XACMLPapServlet.java index 5e7e2436f..4ceae062b 100644 --- a/ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/rest/XACMLPapServlet.java +++ b/ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/rest/XACMLPapServlet.java @@ -152,10 +152,10 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList * These are the parameters needed for DB access from the PAP */ private static int papIntegrityAuditPeriodSeconds = -1; - public static String papDbDriver = null; - public static String papDbUrl = null; - public static String papDbUser = null; - public static String papDbPassword = null; + private static String papDbDriver = null; + private static String papDbUrl = null; + private static String papDbUser = null; + private static String papDbPassword = null; private static Integer papTransWait = null; private static Integer papTransTimeout = null; private static Integer papAuditTimeout = null; @@ -179,8 +179,8 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList private IntegrityAudit ia; //MicroService Model Properties - public static String msEcompName; - public static String msPolicyName; + private static String msEcompName; + private static String msPolicyName; /* * This thread may be invoked upon startup to initiate sending PDP policy/pip configuration when * this servlet starts. Its configurable by the admin. @@ -224,21 +224,25 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE,"XACMLPapServlet", " ERROR: Bad papDbDriver property entry"); throw new PAPException("papDbDriver is null"); } + setPapDbDriver(papDbDriver); papDbUrl = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_DB_URL); if(papDbUrl == null){ PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE,"XACMLPapServlet", " ERROR: Bad papDbUrl property entry"); throw new PAPException("papDbUrl is null"); } + setPapDbUrl(papDbUrl); papDbUser = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_DB_USER); if(papDbUser == null){ PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE,"XACMLPapServlet", " ERROR: Bad papDbUser property entry"); throw new PAPException("papDbUser is null"); } + setPapDbUser(papDbUser); papDbPassword = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_DB_PASSWORD); if(papDbPassword == null){ PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE,"XACMLPapServlet", " ERROR: Bad papDbPassword property entry"); throw new PAPException("papDbPassword is null"); } + setPapDbPassword(papDbPassword); papResourceName = XACMLProperties.getProperty(XACMLRestProperties.PAP_RESOURCE_NAME); if(papResourceName == null){ PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE,"XACMLPapServlet", " ERROR: Bad papResourceName property entry"); @@ -350,7 +354,9 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } //Micro Service Properties msEcompName=properties.getProperty("xacml.policy.msEcompName"); + setMsEcompName(msEcompName); msPolicyName=properties.getProperty("xacml.policy.msPolicyName"); + setMsPolicyName(msPolicyName); // PDPId File location XACMLPapServlet.pdpFile = XACMLProperties.getProperty(XACMLRestProperties.PROP_PDP_IDFILE); if (XACMLPapServlet.pdpFile == null) { @@ -397,6 +403,15 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } } policyDBDao.setPapEngine((PAPPolicyEngine) XACMLPapServlet.papEngine); + //boolean performFileToDatabaseAudit = false; + if (Boolean.parseBoolean(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_RUN_AUDIT_FLAG))){ + //get an AuditTransaction to lock out all other transactions + PolicyDBDaoTransaction auditTrans = policyDBDao.getNewAuditTransaction(); + policyDBDao.auditLocalDatabase(XACMLPapServlet.papEngine); + //release the transaction lock + auditTrans.close(); + } + // Sanity check for URL. if (XACMLPapServlet.papURL == null) { throw new PAPException("The property " + XACMLRestProperties.PROP_PAP_URL + " is not valid: " + XACMLPapServlet.papURL); @@ -850,7 +865,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList String message = "PUT interface called for PAP " + papResourceName + " but it has an Administrative" + " state of " + im.getStateManager().getAdminState() + "\n Exception Message: " + ae.getMessage(); - LOGGER.info(message); + LOGGER.info(message +ae); PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR + " " + message); loggingContext.transactionEnded(); PolicyLogger.audit("Transaction Failed - See Error.log"); @@ -860,7 +875,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList String message = "PUT interface called for PAP " + papResourceName + " but it has a Standby Status" + " of " + im.getStateManager().getStandbyStatus() + "\n Exception Message: " + se.getMessage(); - LOGGER.info(message); + LOGGER.info(message +se); PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR + " " + message); loggingContext.transactionEnded(); PolicyLogger.audit("Transaction Failed - See Error.log"); @@ -891,69 +906,6 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList im.endTransaction(); return; } - //This would occur if we received a notification of a policy creation or update - String policyToCreateUpdate = request.getParameter("policyToCreateUpdate"); - if(policyToCreateUpdate != null){ - if(LOGGER.isDebugEnabled()){ - LOGGER.debug("\nXACMLPapServlet.doPut() - before decoding" - + "\npolicyToCreateUpdate = " + policyToCreateUpdate); - } - //decode it - try{ - policyToCreateUpdate = URLDecoder.decode(policyToCreateUpdate, "UTF-8"); - if(LOGGER.isDebugEnabled()){ - LOGGER.debug("\nXACMLPapServlet.doPut() - after decoding" - + "\npolicyToCreateUpdate = " + policyToCreateUpdate); - } - } catch(UnsupportedEncodingException e){ - PolicyLogger.error("\nXACMLPapServlet.doPut() - Unsupported URL encoding of policyToCreateUpdate (UTF-8)" - + "\npolicyToCreateUpdate = " + policyToCreateUpdate); - response.sendError(500,"policyToCreateUpdate encoding not supported" - + "\nfailure with the following exception: " + e); - loggingContext.transactionEnded(); - PolicyLogger.audit("Transaction Failed - See error.log"); - im.endTransaction(); - return; - } - //send it to PolicyDBDao - PolicyDBDaoTransaction createUpdateTransaction = policyDBDao.getNewTransaction(); - try{ - createUpdateTransaction.createPolicy(policyToCreateUpdate, "XACMLPapServlet.doPut"); - }catch(Exception e){ - createUpdateTransaction.rollbackTransaction(); - response.sendError(500,"createUpdateTransaction.createPolicy(policyToCreateUpdate, XACMLPapServlet.doPut) " - + "\nfailure with the following exception: " + e); - loggingContext.transactionEnded(); - PolicyLogger.audit("Transaction Failed - See error.log"); - im.endTransaction(); - return; - } - createUpdateTransaction.commitTransaction(); - // Before sending Ok. Lets call AutoPush. - if(autoPushFlag){ - Set changedGroups = autoPushPolicy.checkGroupsToPush(policyToCreateUpdate, XACMLPapServlet.papEngine); - if(!changedGroups.isEmpty()){ - for(StdPDPGroup group: changedGroups){ - try{ - papEngine.updateGroup(group); - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("Group '" + group.getId() + "' updated"); - } - notifyAC(); - // Group changed, which might include changing the policies - groupChanged(group); - }catch(Exception e){ - PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW + " Failed to Push policy. "); - } - } - } - } - response.setStatus(HttpServletResponse.SC_OK); - loggingContext.transactionEnded(); - PolicyLogger.audit("Transaction Ended Successfully"); - im.endTransaction(); - return; - } /* * Request for ImportService */ @@ -1337,7 +1289,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList loggingContext.transactionEnded(); auditLogger.info("Success"); - if ((policy.getId().contains("Config_MS_")) || (policy.getId().contains("BRMS_Param"))) { + if (policy != null && ((policy.getId().contains("Config_MS_")) || (policy.getId().contains("BRMS_Param")))) { PushPolicyHandler pushPolicyHandler = PushPolicyHandler.getInstance(); if (pushPolicyHandler.preSafetyCheck(policy, CONFIG_HOME)) { LOGGER.debug("Precheck Successful."); @@ -1792,42 +1744,53 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList response.sendError(500, "Bad input, pdpid="+pdpId+" object="+objectFromJSON); } StdPDP pdp = (StdPDP) objectFromJSON; - if (papEngine.getPDP(pdpId) == null) { - // this is a request to create a new PDP object - try{ - acPutTransaction.addPdpToGroup(pdp.getId(), group.getId(), pdp.getName(), pdp.getDescription(), pdp.getJmxPort(),"XACMLPapServlet.doACPut"); - } catch(Exception e){ - PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "XACMLPapServlet", " Error while adding pdp to group in the database: " - +"pdp="+pdp.getId()+",to group="+group.getId()); - throw new PAPException(e.getMessage()); + if(pdp != null){ + if (papEngine.getPDP(pdpId) == null) { + // this is a request to create a new PDP object + try{ + acPutTransaction.addPdpToGroup(pdp == null ? "PDP is null" : pdp.getId(), group.getId(), pdp.getName(), + pdp.getDescription(), pdp.getJmxPort(),"XACMLPapServlet.doACPut"); + } catch(Exception e){ + PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "XACMLPapServlet", " Error while adding pdp to group in the database: " + +"pdp="+ (pdp == null ? "PDP is null" : pdp.getId()) +",to group="+group.getId()); + throw new PAPException(e.getMessage()); + } + papEngine.newPDP(pdp.getId(), group, pdp.getName(), pdp.getDescription(), pdp.getJmxPort()); + } else { + try{ + acPutTransaction.updatePdp(pdp, "XACMLPapServlet.doACPut"); + } catch(Exception e){ + PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "XACMLPapServlet", " Error while updating pdp in the database: " + +"pdp="+ pdp.getId()); + throw new PAPException(e.getMessage()); + } + // this is a request to update the pdp + papEngine.updatePDP(pdp); } - papEngine.newPDP(pdp.getId(), group, pdp.getName(), pdp.getDescription(), pdp.getJmxPort()); - } else { + response.setStatus(HttpServletResponse.SC_NO_CONTENT); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("PDP '" + pdpId + "' created/updated"); + } + // adjust the group's state including the new PDP + ((StdPDPGroup)group).resetStatus(); + // tell the Admin Consoles there is a change + notifyAC(); + // this might affect the PDP, so notify it of the change + pdpChanged(pdp); + acPutTransaction.commitTransaction(); + loggingContext.transactionEnded(); + auditLogger.info("Success"); + PolicyLogger.audit("Transaction Ended Successfully"); + return; + }else{ try{ - acPutTransaction.updatePdp(pdp, "XACMLPapServlet.doACPut"); + PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, "XACMLPapServlet", " Error while adding pdp to group in the database: " + +"pdp=null" + ",to group="+group.getId()); + throw new PAPException("PDP is null"); } catch(Exception e){ - PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "XACMLPapServlet", " Error while updating pdp in the database: " - +"pdp="+pdp.getId()); - throw new PAPException(e.getMessage()); + throw new PAPException("PDP is null" + e.getMessage() +e); } - // this is a request to update the pdp - papEngine.updatePDP(pdp); - } - response.setStatus(HttpServletResponse.SC_NO_CONTENT); - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("PDP '" + pdpId + "' created/updated"); } - // adjust the group's state including the new PDP - ((StdPDPGroup)group).resetStatus(); - // tell the Admin Consoles there is a change - notifyAC(); - // this might affect the PDP, so notify it of the change - pdpChanged(pdp); - acPutTransaction.commitTransaction(); - loggingContext.transactionEnded(); - auditLogger.info("Success"); - PolicyLogger.audit("Transaction Ended Successfully"); - return; } else if (request.getParameter("pipId") != null) { // group= pipId= contents=pip properties <= add a PIP to pip config, or replace it if it already exists (lenient operation) loggingContext.setServiceName("AC:PAP.putPIP"); @@ -1861,7 +1824,9 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList // The Path on the PAP side is not carried on the RESTful interface with the AC // (because it is local to the PAP) // so we need to fill that in before submitting the group for update - ((StdPDPGroup)objectFromJSON).setDirectory(((StdPDPGroup)group).getDirectory()); + if(objectFromJSON != null){ + ((StdPDPGroup)objectFromJSON).setDirectory(((StdPDPGroup)group).getDirectory()); + } try{ acPutTransaction.updateGroup((StdPDPGroup)objectFromJSON, "XACMLPapServlet.doACPut"); } catch(Exception e){ @@ -2132,26 +2097,28 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList HttpURLConnection connection = null; try { // Open up the connection - connection = (HttpURLConnection)pdpURL.openConnection(); - // Setup our method and headers - connection.setRequestMethod("GET"); - connection.setConnectTimeout(heartbeatTimeout); - // Authentication - String encoding = CheckPDP.getEncoding(pdp.getId()); - if(encoding !=null){ - connection.setRequestProperty("Authorization", "Basic " + encoding); - } - // Do the connect - connection.connect(); - if (connection.getResponseCode() == 204) { - newStatus = connection.getHeaderField(XACMLRestProperties.PROP_PDP_HTTP_HEADER_HB); - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("Heartbeat '" + pdp.getId() + "' status='" + newStatus + "'"); + if(pdpURL != null){ + connection = (HttpURLConnection)pdpURL.openConnection(); + // Setup our method and headers + connection.setRequestMethod("GET"); + connection.setConnectTimeout(heartbeatTimeout); + // Authentication + String encoding = CheckPDP.getEncoding(pdp.getId()); + if(encoding !=null){ + connection.setRequestProperty("Authorization", "Basic " + encoding); } - } else { - // anything else is an unexpected result - newStatus = PDPStatus.Status.UNKNOWN.toString(); - PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR + " Heartbeat connect response code " + connection.getResponseCode() + ": " + pdp.getId()); + // Do the connect + connection.connect(); + if (connection.getResponseCode() == 204) { + newStatus = connection.getHeaderField(XACMLRestProperties.PROP_PDP_HTTP_HEADER_HB); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("Heartbeat '" + pdp.getId() + "' status='" + newStatus + "'"); + } + } else { + // anything else is an unexpected result + newStatus = PDPStatus.Status.UNKNOWN.toString(); + PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR + " Heartbeat connect response code " + connection.getResponseCode() + ": " + pdp.getId()); + } } } catch (UnknownHostException e) { newStatus = PDPStatus.Status.NO_SUCH_HOST.toString(); @@ -2167,7 +2134,8 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, e, "XACMLPapServlet", "Heartbeat '" + pdp.getId() + "' connect exception"); } finally { // cleanup the connection - connection.disconnect(); + if(connection != null) + connection.disconnect(); } if ( ! pdp.getStatus().getStatus().toString().equals(newStatus)) { if (LOGGER.isDebugEnabled()) { @@ -2366,7 +2334,9 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } } finally { // cleanup the connection - connection.disconnect(); + if(connection != null){ + connection.disconnect(); + } // tell the AC to update it's status info notifyAC(); } @@ -2430,7 +2400,8 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList disconnectedACs.add(acURL); } finally { // cleanup the connection - connection.disconnect(); + if(connection != null) + connection.disconnect(); } } // remove any ACs that are no longer connected @@ -2579,6 +2550,10 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList return emf; } + public IntegrityAudit getIa() { + return ia; + } + public static String getPDPFile(){ return XACMLPapServlet.pdpFile; } @@ -2594,4 +2569,51 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList public static PolicyDBDaoTransaction getDbDaoTransaction(){ return policyDBDao.getNewTransaction(); } + public static String getPapDbDriver() { + return papDbDriver; + } + + public static void setPapDbDriver(String papDbDriver) { + XACMLPapServlet.papDbDriver = papDbDriver; + } + + public static String getPapDbUrl() { + return papDbUrl; + } + + public static void setPapDbUrl(String papDbUrl) { + XACMLPapServlet.papDbUrl = papDbUrl; + } + + public static String getPapDbUser() { + return papDbUser; + } + + public static void setPapDbUser(String papDbUser) { + XACMLPapServlet.papDbUser = papDbUser; + } + + public static String getPapDbPassword() { + return papDbPassword; + } + + public static void setPapDbPassword(String papDbPassword) { + XACMLPapServlet.papDbPassword = papDbPassword; + } + + public static String getMsEcompName() { + return msEcompName; + } + + public static void setMsEcompName(String msEcompName) { + XACMLPapServlet.msEcompName = msEcompName; + } + + public static String getMsPolicyName() { + return msPolicyName; + } + + public static void setMsPolicyName(String msPolicyName) { + XACMLPapServlet.msPolicyName = msPolicyName; + } }