X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ONAP-PAP-REST%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fpolicy%2Fpap%2Fxacml%2Frest%2FXACMLPapServlet.java;h=1acec1bd91b4764c2a6ca2f366e3f613113341d9;hb=b6d9063e06ab8cdf2d97fc75810792659344e4a8;hp=d6c29873167002fd24afe43a31a2929df745f70a;hpb=fb3cc27605623672fb8971bd9030872f117c7af8;p=policy%2Fengine.git diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/XACMLPapServlet.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/XACMLPapServlet.java index d6c298731..1acec1bd9 100644 --- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/XACMLPapServlet.java +++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/XACMLPapServlet.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP-PAP-REST * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -64,6 +64,7 @@ import org.onap.policy.common.ia.IntegrityAudit; import org.onap.policy.common.im.AdministrativeStateException; import org.onap.policy.common.im.ForwardProgressException; import org.onap.policy.common.im.IntegrityMonitor; +import org.onap.policy.common.im.IntegrityMonitorException; import org.onap.policy.common.im.IntegrityMonitorProperties; import org.onap.policy.common.im.StandbyStatusException; import org.onap.policy.common.logging.ONAPLoggingContext; @@ -81,6 +82,7 @@ import org.onap.policy.pap.xacml.restAuth.CheckPDP; import org.onap.policy.rest.XACMLRest; import org.onap.policy.rest.XACMLRestProperties; import org.onap.policy.rest.dao.PolicyDBException; +import org.onap.policy.utils.CryptoUtils; import org.onap.policy.utils.PolicyUtils; import org.onap.policy.xacml.api.XACMLErrorConstants; import org.onap.policy.xacml.api.pap.ONAPPapEngineFactory; @@ -121,6 +123,11 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList private static final String AUDIT_PAP_PERSISTENCE_UNIT = "auditPapPU"; // Client Headers. private static final String ENVIRONMENT_HEADER = "Environment"; + private static final String ADD_GROUP_ERROR = "addGroupError"; + private static final String PERSISTENCE_JDBC_PWD = "javax.persistence.jdbc.password"; + + private static final String REGEX = "[0-9a-zA-Z._ ]*"; + /* * List of Admin Console URLs. * Used to send notifications when configuration changes. @@ -235,7 +242,6 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList + "\n papDbDriver = " + papDbDriver + "\n papDbUrl = " + papDbUrl + "\n papDbUser = " + papDbUser - + "\n papDbPassword = " + papDbPassword + "\n papTransWait = " + papTransWait + "\n papTransTimeout = " + papTransTimeout + "\n papAuditTimeout = " + papAuditTimeout @@ -267,6 +273,9 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList throw new ServletException(e.getMessage(), e.getCause()); } // Create an IntegrityMonitor + if(properties.getProperty(PERSISTENCE_JDBC_PWD) != null ){ + properties.setProperty(PERSISTENCE_JDBC_PWD, CryptoUtils.decryptTxtNoExStr(properties.getProperty(PERSISTENCE_JDBC_PWD, ""))); + } im = IntegrityMonitor.getInstance(papResourceName,properties); // Create an IntegrityAudit ia = new IntegrityAudit(papResourceName, AUDIT_PAP_PERSISTENCE_UNIT, properties); @@ -434,7 +443,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList throw new PAPException("papDbUser is null"); } setPapDbUser(papDbUser); - papDbPassword = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_DB_PASSWORD); + papDbPassword = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_DB_PASSWORD, "")); if(papDbPassword == null){ PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE,"XACMLPapServlet", " ERROR: Bad papDbPassword property entry"); throw new PAPException("papDbPassword is null"); @@ -530,7 +539,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } catch (AdministrativeStateException ae){ String message = "POST interface called for PAP " + papResourceName + " but it has an Administrative" + " state of " + im.getStateManager().getAdminState() - + "\n Exception Message: " + ae.getMessage(); + + "\n Exception Message: " + PolicyUtils.CATCH_EXCEPTION; LOGGER.error(MessageCodes.ERROR_SYSTEM_ERROR + " " + message, ae); loggingContext.metricEnded(); PolicyLogger.metrics("XACMLPapServlet doPost im startTransaction"); @@ -549,6 +558,16 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList PolicyLogger.audit("Transaction Failed - See Error.log"); setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, message); return; + } catch (IntegrityMonitorException e) { + String message = "POST interface called for PAP " + papResourceName + " but an exception occurred" + + "\n Exception Message: " + e.getMessage(); + LOGGER.error(MessageCodes.ERROR_SYSTEM_ERROR + " " + message, e); + loggingContext.metricEnded(); + PolicyLogger.metrics("XACMLPapServlet doPost im startTransaction"); + loggingContext.transactionEnded(); + PolicyLogger.audit("Transaction Failed - See Error.log"); + setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, message); + return; } try { loggingContext.metricStarted(); @@ -750,7 +769,9 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList private void setResponseError(HttpServletResponse response,int responseCode, String message) { try { - response.sendError(responseCode, message); + if(message != null && !message.isEmpty()){ + response.sendError(responseCode, message); + } } catch (IOException e) { LOGGER.error("Error setting Error response Header ", e); } @@ -771,7 +792,6 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } else { PolicyLogger.info("requestID was provided in call to XACMLPapSrvlet (doGet)"); } - try { loggingContext.metricStarted(); XACMLRest.dumpRequest(request); loggingContext.metricEnded(); @@ -815,6 +835,15 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList PolicyLogger.audit("Transaction Failed - See Error.log"); setResponseError(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, message); return; + } catch (IntegrityMonitorException e) { + String message = "GET interface called for PAP " + papResourceName + " but an exception occurred" + + "\n Exception Message: " + e.getMessage(); + LOGGER.info(message, e); + PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR + " " + message); + loggingContext.transactionEnded(); + PolicyLogger.audit("Transaction Failed - See Error.log"); + setResponseError(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, message); + return; } // Request from the API to get the gitPath String apiflag = request.getParameter("apiflag"); @@ -877,7 +906,18 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList request.getRemoteHost().equals(request.getLocalAddr())) { // Return status information - basically all the groups loggingContext.setServiceName("PAP.getGroups"); - Set groups = papEngine.getOnapPDPGroups(); + Set groups = null; + try { + groups = papEngine.getOnapPDPGroups(); + } catch(PAPException e) { + LOGGER.debug(e); + PolicyLogger.error(MessageCodes.ERROR_UNKNOWN, e, "XACMLPapServlet", " GET exception"); + loggingContext.transactionEnded(); + PolicyLogger.audit("Transaction Failed - See Error.log"); + setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); + im.endTransaction(); + return; + } // convert response object to JSON and include in the response mapperWriteValue(new ObjectMapper(), response, groups); response.setHeader("content-type", "application/json"); @@ -954,15 +994,6 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList PolicyLogger.audit("Transaction Failed - See Error.log"); setResponseError(response,HttpServletResponse.SC_NOT_FOUND, message); } - } catch (PAPException e) { - LOGGER.debug(e); - PolicyLogger.error(MessageCodes.ERROR_UNKNOWN, e, "XACMLPapServlet", " GET exception"); - loggingContext.transactionEnded(); - PolicyLogger.audit("Transaction Failed - See Error.log"); - setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); - im.endTransaction(); - return; - } loggingContext.transactionEnded(); PolicyLogger.audit("Transaction Ended"); im.endTransaction(); @@ -987,7 +1018,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList im.startTransaction(); loggingContext.metricEnded(); PolicyLogger.metrics("XACMLPapServlet doPut im startTransaction"); - } catch (AdministrativeStateException | StandbyStatusException e) { + } catch (IntegrityMonitorException e) { String message = "PUT interface called for PAP " + papResourceName; if (e instanceof AdministrativeStateException) { message += " but it has an Administrative state of " @@ -995,6 +1026,8 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } else if (e instanceof StandbyStatusException) { message += " but it has a Standby Status of " + im.getStateManager().getStandbyStatus(); + } else { + message += " but an exception occurred"; } message += "\n Exception Message: " + e.getMessage(); @@ -1016,6 +1049,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList //This would occur if a PolicyDBDao notification was received String policyDBDaoRequestUrl = request.getParameter("policydbdaourl"); if(policyDBDaoRequestUrl != null){ + LOGGER.info("XACMLPapServlet: PolicyDBDao Notification received." ); String policyDBDaoRequestEntityId = request.getParameter("entityid"); String policyDBDaoRequestEntityType = request.getParameter("entitytype"); String policyDBDaoRequestExtraData = request.getParameter("extradata"); @@ -1026,7 +1060,8 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList im.endTransaction(); return; } - loggingContext.metricStarted(); + loggingContext.metricStarted(); + LOGGER.info("XACMLPapServlet: Calling PolicyDBDao to handlIncomingHttpNotification"); policyDBDao.handleIncomingHttpNotification(policyDBDaoRequestUrl,policyDBDaoRequestEntityId,policyDBDaoRequestEntityType,policyDBDaoRequestExtraData,this); loggingContext.metricEnded(); PolicyLogger.metrics("XACMLPapServlet doPut handle incoming http notification"); @@ -1062,55 +1097,6 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList return; } } - //This would occur if we received a notification of a policy rename from AC - String oldPolicyName = request.getParameter("oldPolicyName"); - String newPolicyName = request.getParameter("newPolicyName"); - if(oldPolicyName != null && newPolicyName != null){ - if(LOGGER.isDebugEnabled()){ - LOGGER.debug("\nXACMLPapServlet.doPut() - before decoding" - + "\npolicyToCreateUpdate = " + " "); - } - //decode it - try{ - oldPolicyName = URLDecoder.decode(oldPolicyName, "UTF-8"); - newPolicyName = URLDecoder.decode(newPolicyName, "UTF-8"); - if(LOGGER.isDebugEnabled()){ - LOGGER.debug("\nXACMLPapServlet.doPut() - after decoding" - + "\npolicyToCreateUpdate = " + " "); - } - } catch(UnsupportedEncodingException e){ - PolicyLogger.error("\nXACMLPapServlet.doPut() - Unsupported URL encoding of policyToCreateUpdate (UTF-8)" - + "\npolicyToCreateUpdate = " + " "); - setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR,"policyToCreateUpdate encoding not supported" - + "\nfailure with the following exception: " + e); - loggingContext.transactionEnded(); - PolicyLogger.audit("Transaction Failed - See error.log"); - im.endTransaction(); - return; - } - //send it to PolicyDBDao - PolicyDBDaoTransaction renameTransaction = policyDBDao.getNewTransaction(); - try{ - renameTransaction.renamePolicy(oldPolicyName,newPolicyName, "XACMLPapServlet.doPut"); - }catch(Exception e){ - renameTransaction.rollbackTransaction(); - setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR,"createUpdateTransaction.createPolicy(policyToCreateUpdate, XACMLPapServlet.doPut) " - + "\nfailure with the following exception: " + e); - loggingContext.transactionEnded(); - PolicyLogger.audit("Transaction Failed - See error.log"); - im.endTransaction(); - return; - } - loggingContext.metricStarted(); - renameTransaction.commitTransaction(); - loggingContext.metricEnded(); - PolicyLogger.metrics("XACMLPapServlet goPut commitTransaction"); - response.setStatus(HttpServletResponse.SC_OK); - loggingContext.transactionEnded(); - PolicyLogger.audit("Transaction Ended Successfully"); - im.endTransaction(); - return; - } // // See if this is Admin Console registering itself with us // @@ -1191,7 +1177,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList PolicyLogger.audit("Transaction Ended Successfully"); im.endTransaction(); return; - } else if (apiflag != null && apiflag.equalsIgnoreCase("api")) { + } else if (apiflag != null && "api".equalsIgnoreCase(apiflag)) { // this request is from the Policy Creation API if(authorizeRequest(request)){ APIRequestHandler apiRequestHandler = new APIRequestHandler(); @@ -1267,6 +1253,15 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList PolicyLogger.audit("Transaction Failed - See Error.log"); setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, message); return; + } catch (IntegrityMonitorException e) { + String message = "PUT interface called for PAP " + papResourceName + " but an exception occurred" + + "\n Exception Message: " + e.getMessage(); + LOGGER.info(message, e); + PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR + " " + message); + loggingContext.transactionEnded(); + PolicyLogger.audit("Transaction Failed - See Error.log"); + setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, message); + return; } loggingContext.metricStarted(); XACMLRest.dumpRequest(request); @@ -1438,11 +1433,16 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList LOGGER.info("Calling updatGroup() with new group"); papEngine.updateGroup(group); - String policyId = "empty"; - if(policy!=null){ + if(policy !=null && policy.getId() != null){ policyId = policy.getId(); } + if(!policyId.matches(REGEX) ){ + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + response.addHeader("error",ADD_GROUP_ERROR); + response.addHeader("message", "Policy Id is not valid"); + return; + } response.setStatus(HttpServletResponse.SC_NO_CONTENT); response.addHeader("operation", "push"); response.addHeader("policyId", policyId); @@ -1481,7 +1481,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList String message = XACMLErrorConstants.ERROR_PROCESS_FLOW + "Exception in request to update group from API - See Error.log on on the PAP."; setResponseError(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - response.addHeader("error","addGroupError"); + response.addHeader("error",ADD_GROUP_ERROR); response.addHeader("message", message); return; } @@ -1555,6 +1555,13 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } if (group == null) { String message = "Unknown groupId '" + groupId + "'"; + //for fixing Header Manipulation of Fortify issue + if(!message.matches(REGEX)){ + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + response.addHeader("error",ADD_GROUP_ERROR); + response.addHeader("message", "GroupId Id is not valid"); + return; + } PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + " " + message); loggingContext.transactionEnded(); PolicyLogger.audit("Transaction Failed - See Error.log"); @@ -1574,8 +1581,10 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList if(apiflag!=null){ loggingContext.setServiceName("PolicyEngineAPI:PAP.postPolicy"); + LOGGER.info("PushPolicy Request From The API"); } else { loggingContext.setServiceName("AC:PAP.postPolicy"); + LOGGER.info("PushPolicy Request From The AC"); } String policyId = request.getParameter("policyId"); @@ -1594,6 +1603,13 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } catch (Exception e) { addPolicyToGroupTransaction.rollbackTransaction(); String message = "Policy '" + policyId + "' not copied to group '" + groupId +"': " + e; + //for fixing Header Manipulation of Fortify issue + if(!message.matches(REGEX)){ + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + response.addHeader("error",ADD_GROUP_ERROR); + response.addHeader("message", "Policy Id is not valid"); + return; + } PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW + " " + message); loggingContext.transactionEnded(); PolicyLogger.audit("Transaction Failed - See Error.log"); @@ -1607,27 +1623,28 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList return; } - // Get new transaction to perform updateGroup() - PolicyDBDaoTransaction acPutTransaction = policyDBDao.getNewTransaction(); - try { + if(apiflag != null){ /* * If request comes from the API we need to run the PolicyDBDao updateGroup() to notify other paps of the change. * The GUI does this from the POLICY-SDK-APP code. */ - if(apiflag != null){ - - // read the inputStream into a buffer + + // Get new transaction to perform updateGroup() + PolicyDBDaoTransaction acPutTransaction = policyDBDao.getNewTransaction(); + try { + // get the request content into a String and read the inputStream into a buffer java.util.Scanner scanner = new java.util.Scanner(request.getInputStream()); scanner.useDelimiter("\\A"); String json = scanner.hasNext() ? scanner.next() : ""; scanner.close(); - LOGGER.info("PushPolicy API request: " + json); // convert Object sent as JSON into local object ObjectMapper mapper = new ObjectMapper(); Object objectFromJSON = mapper.readValue(json, StdPDPPolicy.class); StdPDPPolicy policy = (StdPDPPolicy) objectFromJSON; + LOGGER.info("Request JSON Payload: " + json); + // Assume that this is an update of an existing PDP Group loggingContext.setServiceName("PolicyEngineAPI:PAP.updateGroup"); try{ @@ -1667,27 +1684,23 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } //delete temporary policy file from the bin directory - if(policy != null) { - Files.deleteIfExists(Paths.get(policy.getId())); - } - + Files.deleteIfExists(Paths.get(policy.getId())); + + } catch (Exception e) { + acPutTransaction.rollbackTransaction(); + PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "XACMLPapServlet", " API PUT exception"); + loggingContext.transactionEnded(); + PolicyLogger.audit("Transaction Failed - See Error.log"); + String message = XACMLErrorConstants.ERROR_PROCESS_FLOW + "Exception occurred when updating the group from API."; + LOGGER.error(message); + setResponseError(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + response.addHeader("error",ADD_GROUP_ERROR); + response.addHeader("message", message); + return; } - } catch (Exception e) { - acPutTransaction.rollbackTransaction(); - PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "XACMLPapServlet", " API PUT exception"); - loggingContext.transactionEnded(); - PolicyLogger.audit("Transaction Failed - See Error.log"); - String message = XACMLErrorConstants.ERROR_PROCESS_FLOW + "Exception occurred when updating the group from API."; - LOGGER.error(message); - setResponseError(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); - response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - response.addHeader("error","addGroupError"); - response.addHeader("message", message); - return; } - - // policy file copied ok and the Group was updated on the PDP response.setStatus(HttpServletResponse.SC_NO_CONTENT); response.addHeader("operation", "push"); @@ -1882,7 +1895,16 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } else { // request is for top-level properties about all groups loggingContext.setServiceName("AC:PAP.getAllGroups"); - Set groups = papEngine.getOnapPDPGroups(); + Set groups = null; + try { + groups = papEngine.getOnapPDPGroups(); + } catch(PAPException e) { + PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "XACMLPapServlet", " AC Get exception"); + loggingContext.transactionEnded(); + PolicyLogger.audit("Transaction Failed - See Error.log"); + setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); + return; + } // convert response object to JSON and include in the response mapperWriteValue(new ObjectMapper(), response, groups); if (LOGGER.isDebugEnabled()) { @@ -1910,6 +1932,13 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } if (group == null) { String message = "Unknown groupId '" + groupId + "'"; + //for fixing Header Manipulation of Fortify issue + if(!message.matches(REGEX)){ + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + response.addHeader("error",ADD_GROUP_ERROR); + response.addHeader("message", "Group Id is not valid"); + return; + } PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + " " + message); loggingContext.transactionEnded(); PolicyLogger.audit("Transaction Failed - See Error.log"); @@ -2022,7 +2051,12 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList LOGGER.info("JSON request from AC: " + json); // convert Object sent as JSON into local object ObjectMapper mapper = new ObjectMapper(); - Object objectFromJSON = mapper.readValue(json, StdPDP.class); + Object objectFromJSON = null; + try { + objectFromJSON = mapper.readValue(json, StdPDP.class); + } catch(Exception e) { + LOGGER.error(e); + } if (pdpId == null || objectFromJSON == null || ! (objectFromJSON instanceof StdPDP) || @@ -2031,7 +2065,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + " PDP new/update had bad input. pdpId=" + pdpId + " objectFromJSON="+objectFromJSON); loggingContext.transactionEnded(); PolicyLogger.audit("Transaction Failed - See Error.log"); - setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Bad input, pdpid="+pdpId+" object="+objectFromJSON); + setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Bad input pdpid for object:"+objectFromJSON); } StdPDP pdp = (StdPDP) objectFromJSON; if(pdp != null){ @@ -2127,13 +2161,18 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList LOGGER.info("JSON request from AC: " + json); // convert Object sent as JSON into local object ObjectMapper mapper = new ObjectMapper(); - Object objectFromJSON = mapper.readValue(json, StdPDPGroup.class); + Object objectFromJSON = null; + try { + objectFromJSON = mapper.readValue(json, StdPDPGroup.class); + } catch(Exception e) { + LOGGER.error(e); + } if (objectFromJSON == null || ! (objectFromJSON instanceof StdPDPGroup) || ! ((StdPDPGroup)objectFromJSON).getId().equals(group.getId())) { PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + " Group update had bad input. id=" + group.getId() + " objectFromJSON="+objectFromJSON); loggingContext.transactionEnded(); PolicyLogger.audit("Transaction Failed - See Error.log"); - setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Bad input, id="+group.getId() +" object="+objectFromJSON); + setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Bad input id for object:"+objectFromJSON); } // The Path on the PAP side is not carried on the RESTful interface with the AC // (because it is local to the PAP) @@ -2142,7 +2181,11 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList ((StdPDPGroup)objectFromJSON).setDirectory(((StdPDPGroup)group).getDirectory()); } try{ - acPutTransaction.updateGroup((StdPDPGroup)objectFromJSON, "XACMLPapServlet.doACPut"); + if("delete".equals(((StdPDPGroup)objectFromJSON).getOperation())){ + acPutTransaction.updateGroup((StdPDPGroup)objectFromJSON, "XACMLPapServlet.doDelete"); + } else { + acPutTransaction.updateGroup((StdPDPGroup)objectFromJSON, "XACMLPapServlet.doACPut"); + } } catch(Exception e){ PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW + " Error while updating group in the database: " +"group="+group.getId()); @@ -2202,33 +2245,6 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList * @throws IOException */ private void doACDelete(HttpServletRequest request, HttpServletResponse response, String groupId, ONAPLoggingContext loggingContext) throws IOException { - //This code is to allow deletes to propagate to the database since delete is not implemented - String isDeleteNotify = request.getParameter("isDeleteNotify"); - if(isDeleteNotify != null){ - String policyToDelete = request.getParameter("policyToDelete"); - try{ - policyToDelete = URLDecoder.decode(policyToDelete,"UTF-8"); - } catch(UnsupportedEncodingException e){ - LOGGER.error("Unsupported URL encoding of policyToDelete (UTF-8", e); - setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR,"policyToDelete encoding not supported"); - return; - } - PolicyDBDaoTransaction deleteTransaction = policyDBDao.getNewTransaction(); - try{ - deleteTransaction.deletePolicy(policyToDelete); - } catch(Exception e){ - deleteTransaction.rollbackTransaction(); - setResponseError(response,HttpServletResponse.SC_INTERNAL_SERVER_ERROR,"deleteTransaction.deleteTransaction(policyToDelete) " - + "\nfailure with the following exception: " + e); - return; - } - loggingContext.metricStarted(); - deleteTransaction.commitTransaction(); - loggingContext.metricEnded(); - PolicyLogger.metrics("XACMLPapServlet doACPut commitTransaction"); - response.setStatus(HttpServletResponse.SC_OK); - return; - } PolicyDBDaoTransaction removePdpOrGroupTransaction = policyDBDao.getNewTransaction(); try { // for all DELETE operations the group must exist before the operation can be done @@ -2809,7 +2825,7 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList } } // remove any ACs that are no longer connected - if (disconnectedACs.size() > 0) { + if (!disconnectedACs.isEmpty()) { adminConsoleURLStringList.removeAll(disconnectedACs); } } @@ -3018,4 +3034,4 @@ public class XACMLPapServlet extends HttpServlet implements StdItemSetChangeList public static void setMsPolicyName(String msPolicyName) { XACMLPapServlet.msPolicyName = msPolicyName; } -} +} \ No newline at end of file