X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=PolicyEngineAPI%2Fsrc%2Fmain%2Fjava%2Forg%2Fopenecomp%2Fpolicy%2Fstd%2FStdPolicyEngine.java;h=abe5ee7673e4a8184629623b5e01f515e054d7cb;hb=refs%2Fchanges%2F19%2F3719%2F12;hp=11e4e4f5cd247e9dacd616a0317f5c291abf1c5b;hpb=39fb0f30472777e4b60d6a7ac8aa4eb9773961ff;p=policy%2Fengine.git diff --git a/PolicyEngineAPI/src/main/java/org/openecomp/policy/std/StdPolicyEngine.java b/PolicyEngineAPI/src/main/java/org/openecomp/policy/std/StdPolicyEngine.java index 11e4e4f5c..abe5ee767 100644 --- a/PolicyEngineAPI/src/main/java/org/openecomp/policy/std/StdPolicyEngine.java +++ b/PolicyEngineAPI/src/main/java/org/openecomp/policy/std/StdPolicyEngine.java @@ -21,57 +21,47 @@ package org.openecomp.policy.std; -import java.io.ByteArrayInputStream; -import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; -import java.io.OutputStream; import java.io.StringReader; -import java.net.HttpURLConnection; -import java.net.MalformedURLException; -import java.net.URI; +import java.io.UnsupportedEncodingException; import java.net.URL; import java.net.URLConnection; import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; +import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Arrays; import java.util.Base64; import java.util.Collection; import java.util.Collections; -import java.util.Date; import java.util.HashMap; -import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Properties; import java.util.UUID; import javax.json.Json; -import javax.json.JsonArrayBuilder; import javax.json.JsonObject; -import javax.json.JsonObjectBuilder; import javax.json.JsonReader; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.parsers.ParserConfigurationException; -import org.apache.commons.io.IOUtils; -import org.apache.http.entity.ContentType; -//import org.apache.log4j.Logger; -import org.json.JSONObject; import org.openecomp.policy.api.AttributeType; import org.openecomp.policy.api.ConfigRequestParameters; import org.openecomp.policy.api.DecisionRequestParameters; import org.openecomp.policy.api.DecisionResponse; import org.openecomp.policy.api.DeletePolicyParameters; import org.openecomp.policy.api.DictionaryParameters; +import org.openecomp.policy.api.DictionaryResponse; import org.openecomp.policy.api.EventRequestParameters; import org.openecomp.policy.api.ImportParameters; +import org.openecomp.policy.api.MetricsRequestParameters; +import org.openecomp.policy.api.MetricsResponse; import org.openecomp.policy.api.NotificationHandler; import org.openecomp.policy.api.NotificationScheme; import org.openecomp.policy.api.PDPNotification; @@ -79,45 +69,37 @@ import org.openecomp.policy.api.PolicyChangeResponse; import org.openecomp.policy.api.PolicyClass; import org.openecomp.policy.api.PolicyConfig; import org.openecomp.policy.api.PolicyConfigException; -import org.openecomp.policy.api.PolicyConfigStatus; import org.openecomp.policy.api.PolicyConfigType; -import org.openecomp.policy.api.PolicyDecision; import org.openecomp.policy.api.PolicyDecisionException; import org.openecomp.policy.api.PolicyEngineException; import org.openecomp.policy.api.PolicyEventException; +import org.openecomp.policy.api.PolicyException; import org.openecomp.policy.api.PolicyParameters; import org.openecomp.policy.api.PolicyResponse; -import org.openecomp.policy.api.PolicyResponseStatus; import org.openecomp.policy.api.PolicyType; import org.openecomp.policy.api.PushPolicyParameters; -import org.openecomp.policy.api.RuleProvider; -//import org.openecomp.policy.utils.AAFPolicyClient; -//import org.openecomp.policy.utils.AAFPolicyException; -import org.w3c.dom.Document; -import org.xml.sax.SAXException; - import org.openecomp.policy.common.logging.flexlogger.FlexLogger; import org.openecomp.policy.common.logging.flexlogger.Logger; - -import com.att.research.xacml.api.Advice; -import com.att.research.xacml.api.AttributeAssignment; -import com.att.research.xacml.api.Decision; -import com.att.research.xacml.api.Obligation; -import com.att.research.xacml.api.Request; -import com.att.research.xacml.api.Response; -import com.att.research.xacml.api.Result; +import org.openecomp.policy.models.APIDictionaryResponse; +import org.openecomp.policy.models.APIPolicyConfigResponse; +import org.openecomp.policy.utils.AAFPolicyClient.Environment; +import org.openecomp.policy.utils.PolicyUtils; import org.openecomp.policy.xacml.api.XACMLErrorConstants; -import org.openecomp.policy.xacml.std.pap.StdPAPPolicy; -import org.openecomp.policy.xacml.std.pap.StdPDPPolicy; - -import com.att.research.xacml.api.pap.PAPException; -import com.att.research.xacml.api.pap.PDPPolicy; -import com.att.research.xacml.std.json.JSONRequest; -import com.att.research.xacml.std.json.JSONResponse; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.google.common.base.CharMatcher; - - +import org.springframework.core.io.FileSystemResource; +import org.springframework.http.HttpEntity; +import org.springframework.http.HttpHeaders; +import org.springframework.http.HttpMethod; +import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; +import org.springframework.http.ResponseEntity; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.web.client.HttpClientErrorException; +import org.springframework.web.client.RestTemplate; +import org.xml.sax.InputSource; + +import com.att.aft.dme2.internal.gson.Gson; +import com.att.aft.dme2.internal.gson.GsonBuilder; +import com.fasterxml.jackson.core.JsonProcessingException; /** * PolicyEngine Implementation class @@ -125,61 +107,54 @@ import com.google.common.base.CharMatcher; * @version 1.0 */ public class StdPolicyEngine { - // Change the default Priority value here. - private static final int defaultPriority = 9999; + private static final String ERROR_AUTH_GET_PERM = "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to: "; + private static final String DEFAULT_NOTIFICATION = "websocket"; private String propertyFilePath = null; + private String clientEncoding = null; + private String contentType = null; private static List pdps = null; - private static List paps = null; private static String environment= null; private static String userName = null; private static String pass = null; private static List encoding = null; - private static List encodingPAP = null; - private List pdp_default = null; - private List pap_default = null; - private List type_default = null; + private static boolean junit = false; + private List pdpDefault = null; + private List typeDefault = null; private List notificationType = new ArrayList(); - private List uebURLList = new ArrayList(); + private List notificationURLList = new ArrayList(); private NotificationScheme scheme = null; private NotificationHandler handler = null; - private Matches match = null; - private Boolean decide = false; - private AutoClientUEB UEBClientThread = null; + private AutoClientUEB uebClientThread = null; private Thread registerUEBThread = null; - private boolean UEBThread = false; - private String policyId = null; - private String description = null; - private String pushVersion = null; - private boolean isValid = false; - private int responseCode = 0; - private boolean unique = false; - private boolean junit = false; - //private AAFPolicyClient aafClient = null; - // Backward code. - private String pyPDPClientFile = null; - - final private static String uniqueID = UUID.randomUUID ().toString (); - - private static Logger logger = FlexLogger.getLogger(StdPolicyConfig.class.getName()); + private boolean uebThread = false; + private AutoClientDMAAP dmaapClientThread = null; + private Thread registerDMAAPThread = null; + private boolean dmaapThread = false; + private String topic = null; + private String apiKey = null; + private String apiSecret = null; + + private static final String UNIQUEID = UUID.randomUUID ().toString (); + private static final Logger LOGGER = FlexLogger.getLogger(StdPolicyConfig.class.getName()); /* * Taking the Property file even if it null. */ - public StdPolicyEngine(String propertyFilePath) - throws PolicyEngineException { - setProperty(propertyFilePath); + public StdPolicyEngine(String propertyFilePath, String clientKey) throws PolicyEngineException { + setProperty(propertyFilePath, clientKey); } /* * Taking the Notification Constructor. */ - public StdPolicyEngine(String propertyFilePath, NotificationScheme scheme, - NotificationHandler handler) throws PolicyEngineException { - setProperty(propertyFilePath); + public StdPolicyEngine(String propertyFilePath, + NotificationScheme scheme, + NotificationHandler handler) throws PolicyEngineException { + setProperty(propertyFilePath, null); this.scheme = scheme; this.handler = handler; - if (!notificationType.get(0).equals("ueb")){ + if ((!"ueb".equals(notificationType.get(0)))||(!"dmaap".equals(notificationType.get(0)))){ AutoClientEnd.setAuto(scheme, handler); } notification(scheme, handler); @@ -188,4040 +163,1094 @@ public class StdPolicyEngine { /* * Taking the Notification Constructor. */ - public StdPolicyEngine(String propertyFilePath, NotificationScheme scheme) - throws PolicyEngineException { - setProperty(propertyFilePath); + public StdPolicyEngine(String propertyFilePath, NotificationScheme scheme) throws PolicyEngineException { + setProperty(propertyFilePath, null); this.scheme = scheme; setScheme(scheme); } - // This Call will be used by PyPDP Requests - public StdPolicyEngine(List configURL, List configPapURL, List encodingPAP, List encoding, NotificationScheme scheme, NotificationHandler handler, String environment, String clientProperties, Boolean isTest) { - StdPolicyEngine.pdps = configURL; - StdPolicyEngine.paps = configPapURL; - StdPolicyEngine.encoding = encoding; - StdPolicyEngine.encodingPAP = encodingPAP; - StdPolicyEngine.environment = environment; - Properties props = new Properties(); - props.setProperty("ENVIRONMENT", environment); - //Not Supported for 1610 Open Source - /*try { - aafClient = AAFPolicyClient.getInstance(props); - } catch (AAFPolicyException e) { - logger.error(XACMLErrorConstants.ERROR_UNKNOWN + e.getMessage()); - }*/ - pyPDPClientFile = clientProperties; - // Default Notification Type for PyPDPServers. - notificationType.add("websocket"); - if(!isTest){ - notification(scheme, handler); - } - } - /* * sendEvent API Implementation */ - public Collection event(Map eventAttributes, UUID requestID) - throws PolicyEventException { - Collection policyResponse = null; - policyResponse = event(eventAttributes, requestID, userName, pass); - return policyResponse; + public Collection sendEvent(Map eventAttributes, UUID requestID) throws PolicyEventException { + return sendEventImpl(eventAttributes, requestID); } /* * sendEvent API Implementation for eventRequestParameters */ - public Collection event(EventRequestParameters eventRequestParameters) throws PolicyEventException{ - Collection response = event(eventRequestParameters.getEventAttributes(), eventRequestParameters.getRequestID()); - return response; + public Collection sendEvent(EventRequestParameters eventRequestParameters) throws PolicyEventException{ + if(eventRequestParameters==null){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No event Request Parameters Given. "; + LOGGER.error(message); + throw new PolicyEventException(message); + } + return sendEventImpl(eventRequestParameters.getEventAttributes(), eventRequestParameters.getRequestID()); } /* - * getConfig API Implementation + * getConfig using configRequestParameters Implementation */ - public Collection config(String eCOMPComponentName, - String configName, Map configAttributes, UUID requestID) - throws PolicyConfigException { - Collection policyConfig = null; - policyConfig = config(eCOMPComponentName, configName, configAttributes, requestID, userName, pass); - return policyConfig; + public Collection getConfig(ConfigRequestParameters configRequestParameters) throws PolicyConfigException{ + return getConfigImpl(configRequestParameters); } - + /* - * getConfig API Implementation + * listPolicies using configRequestParameters Implementation */ - public Collection config(String eCOMPComponentName, - String configName, UUID requestID) throws PolicyConfigException { - Collection policyConfig = null; - policyConfig = config(eCOMPComponentName, configName,null, requestID, userName, pass); - return policyConfig; + public Collection listConfig(ConfigRequestParameters listPolicyRequestParameters) throws PolicyConfigException{ + return listConfigImpl(listPolicyRequestParameters); } /* - * getConfig API Implementation + * getDecision using the decision Attributes. */ - public Collection config(String eCOMPComponentName, UUID requestID) - throws PolicyConfigException { - Collection policyConfig = null; - policyConfig = config(eCOMPComponentName, requestID, userName, pass); - return policyConfig; + public DecisionResponse getDecision(String eCOMPComponentName, Map decisionAttributes, UUID requestID) throws PolicyDecisionException { + return getDecisionImpl(eCOMPComponentName, decisionAttributes, requestID); } - + /* - * getConfig using the PolicyFileName Implementation + * getDecision Using decisionRequestParameters. */ - public Collection policyName(String policyName, UUID requestID) - throws PolicyConfigException { - Collection policyConfig = null; - policyConfig = configPolicyName(policyName, requestID, userName, pass); - return policyConfig; + public DecisionResponse getDecision(DecisionRequestParameters decisionRequestParameters) throws PolicyDecisionException{ + if(decisionRequestParameters==null){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Decision Request Parameters Given. "; + LOGGER.error(message); + throw new PolicyDecisionException(message); + } + return getDecisionImpl(decisionRequestParameters.getECOMPComponentName(), decisionRequestParameters.getDecisionAttributes(), decisionRequestParameters.getRequestID()); } /* - * getConfig using configRequestParameters Implementation + * getMetrics using metricsRequestParameters */ - public Collection config(ConfigRequestParameters configRequestParameters) throws PolicyConfigException{ - Collection response = null; - response = configRequest(configRequestParameters, userName, pass); + public MetricsResponse getMetrics(MetricsRequestParameters parameters) throws PolicyException{ + return getMetricsImpl(parameters); + } + + public MetricsResponse getMetricsImpl(MetricsRequestParameters parameters) throws PolicyException{ + StdMetricsResponse response = new StdMetricsResponse(); + String resource = "getMetrics"; + String body = new String(); + + // Create the Request + try { + if (parameters!=null) { + body = PolicyUtils.objectToJsonString(parameters); + } + } catch (JsonProcessingException e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyException(message, e); + } + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.GET, body, String.class); + // Process response + response.setResponseMessage(result.getBody()); + response.setResponseCode(result.getStatusCode().value()); + } catch (PolicyException exception) { + if(exception.getCause()!=null && exception.getCause() instanceof HttpClientErrorException){ + LOGGER.error(exception); + HttpClientErrorException ex = (HttpClientErrorException) exception.getCause(); + response.setResponseCode(ex.getRawStatusCode()); + response.setResponseMessage(exception.getMessage()); + return response; + }else{ + String message = XACMLErrorConstants.ERROR_SYSTEM_ERROR+ "Error while processing results. please check logs."; + LOGGER.error(message, exception); + throw new PolicyException(message, exception); + } + } return response; } /* - * listPolicies using configRequestParameters Implementation + * PushPolicy using pushPolicyParameters. */ - public Collection listConfig(ConfigRequestParameters listPolicyRequestParameters) throws PolicyConfigException{ - Collection policyList = new ArrayList(); - policyList = listConfigRequest(listPolicyRequestParameters, userName, pass); - return policyList; + public PolicyChangeResponse pushPolicy(PushPolicyParameters pushPolicyParameters) throws PolicyException{ + return pushPolicyImpl(pushPolicyParameters); } - + + public PolicyChangeResponse pushPolicyImpl(PushPolicyParameters pushPolicyParameters) throws PolicyException{ + StdPolicyChangeResponse response = new StdPolicyChangeResponse(); + String resource= "pushPolicy"; + String body = new String(); + // Create Request. + try { + body = PolicyUtils.objectToJsonString(pushPolicyParameters); + } catch (JsonProcessingException e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyException(message, e); + } + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.PUT, body, String.class); + // Process response + response.setResponseMessage(result.getBody()); + response.setResponseCode(result.getStatusCode().value()); + } catch (PolicyException exception) { + return processException(exception); + } + return response; + } + /* - * getDecision using the decision Attributes. + * Delete a Policy using deletePolicyParameters */ - public DecisionResponse decide(String eCOMPComponentName, - Map decisionAttributes, UUID requestID) - throws PolicyDecisionException { - DecisionResponse policyDecision = policyDecide(eCOMPComponentName, - decisionAttributes, requestID, userName, pass); - return policyDecision; + public PolicyChangeResponse deletePolicy(DeletePolicyParameters parameters) throws PolicyException { + return deletePolicyImpl(parameters); } + public PolicyChangeResponse deletePolicyImpl(DeletePolicyParameters parameters) throws PolicyException { + StdPolicyChangeResponse response = new StdPolicyChangeResponse(); + String resource= "deletePolicy"; + String body = new String(); + // Create Request. + try { + body = PolicyUtils.objectToJsonString(parameters); + } catch (JsonProcessingException e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyException(message, e); + } + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.DELETE, body, String.class); + // Process response + response.setResponseMessage(result.getBody()); + response.setResponseCode(result.getStatusCode().value()); + } catch (PolicyException exception) { + return processException(exception); + } + return response; + } + /* - * getDecision Using decisionRequestParameters. + * getDictionaryItem Using dictionaryParameters */ - public DecisionResponse decide(DecisionRequestParameters decisionRequestParameters) throws PolicyDecisionException{ - DecisionResponse decision = decide(decisionRequestParameters.getECOMPComponentName(), decisionRequestParameters.getDecisionAttributes(), decisionRequestParameters.getRequestID()); - return decision; + public DictionaryResponse getDictionaryItem(DictionaryParameters parameters) throws PolicyException { + return getDictionaryItemImpl(parameters); + } + + public DictionaryResponse getDictionaryItemImpl(DictionaryParameters parameters) throws PolicyException{ + StdDictionaryResponse response = new StdDictionaryResponse(); + String resource="getDictionaryItems"; + String body = "{}"; + // Create Request. + try { + body = PolicyUtils.objectToJsonString(parameters); + } catch (JsonProcessingException e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyException(message, e); + } + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.POST, body, APIDictionaryResponse.class); + // Process response + response = dictionaryResult(result.getBody()); + } catch (Exception exception) { + if(exception.getCause().getMessage().contains("401")){ + String message = XACMLErrorConstants.ERROR_PERMISSIONS + ERROR_AUTH_GET_PERM + resource; + LOGGER.error(message); + response.setResponseMessage(message); + response.setResponseCode(401); + return response; + }if(exception.getCause().getMessage().contains("400")){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid Data is given."; + response.setResponseMessage(message); + response.setResponseCode(400); + return response; + } + String message = XACMLErrorConstants.ERROR_PERMISSIONS+ "Unable to get valid Response from PDP(s) " + pdps; + LOGGER.error(message, exception); + response.setResponseMessage(message); + response.setResponseCode(500); + return response; + } + return response; + } + + @SuppressWarnings("unchecked") + private StdDictionaryResponse dictionaryResult(APIDictionaryResponse body) { + StdDictionaryResponse response = new StdDictionaryResponse(); + response.setResponseCode(body.getResponseCode()); + response.setResponseMessage(body.getResponseMessage()); + response.setDictionaryData((Map) body.getDictionaryData()); + if(body.getDictionaryJson()!=null){ + Gson objGson = new GsonBuilder().create(); + String mapToJson = objGson.toJson(body.getDictionaryJson()); + JsonReader jsonReader = Json.createReader(new StringReader(mapToJson)); + JsonObject object = jsonReader.readObject(); + jsonReader.close(); + response.setDictionaryJson(object); + } + return response; + } + + /* + * createDictinaryItem Using dictionaryParameters. + */ + public PolicyChangeResponse createDictionaryItem(DictionaryParameters parameters) throws PolicyException{ + return createUpdateDictionaryItemImpl(parameters, false); } /* - * PushPolicy using pushPolicyParameters. + * updateDictinaryItem Using dictionaryParameters. */ - public PolicyChangeResponse pushPolicy(PushPolicyParameters pushPolicyParameters) throws Exception{ - return pushPolicy(pushPolicyParameters, userName, pass); + public PolicyChangeResponse updateDictionaryItem(DictionaryParameters parameters) throws PolicyException{ + return createUpdateDictionaryItemImpl(parameters, true); } - public PolicyChangeResponse pushPolicy(PushPolicyParameters pushPolicyParameters, String userID, String passcode) throws Exception{ + public PolicyChangeResponse createUpdateDictionaryItemImpl(DictionaryParameters parameters, boolean updateFlag) throws PolicyException{ StdPolicyChangeResponse response = new StdPolicyChangeResponse(); - String resource= "pushPolicy"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseMessage(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseCode(401); - return response; - } - String plainName = null; - String scope = null; - try{ - if(pushPolicyParameters.getPolicyName()!=null){ - plainName = pushPolicyParameters.getPolicyName().substring(pushPolicyParameters.getPolicyName().lastIndexOf(".")+1, pushPolicyParameters.getPolicyName().length()); - scope = pushPolicyParameters.getPolicyName().substring(0, pushPolicyParameters.getPolicyName().lastIndexOf(".")); - logger.info("Name is "+ plainName +" scope is "+ scope); - } - }catch(Exception e){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - } - - // check incoming requestID, if null then generate one here so the same id can be used for the multiple transactions for the same Push Policy request (i.e. POST, PUT) - UUID requestID = pushPolicyParameters.getRequestID(); - if (requestID == null) { - requestID = UUID.randomUUID(); - logger.info("Request ID was not provided from input, so sending generated ID: " + requestID.toString()); - } else { - logger.info("Request ID was provided from input: " + requestID.toString()); - } - // now use the local requestID field derived above to pass to the rest of the Push Policy process (below) - // response.setResponseMessage(pushPolicy(scope, plainName, pushPolicyParameters.getPolicyType(), pushPolicyParameters.getPdpGroup(), pushPolicyParameters.getRequestID())); - response.setResponseMessage(pushPolicy(scope, plainName, pushPolicyParameters.getPolicyType(), pushPolicyParameters.getPdpGroup(), requestID)); - response.setResponseCode(responseCode); - return response; + String resource = "createDictionaryItem"; + if(updateFlag){ + resource = "updateDictionaryItem"; + } + String body = new String(); + // Create Request. + try { + body = PolicyUtils.objectToJsonString(parameters); + } catch (JsonProcessingException e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyException(message, e); + } + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.PUT, body, String.class); + // Process response + response.setResponseMessage(result.getBody()); + response.setResponseCode(result.getStatusCode().value()); + } catch (PolicyException exception) { + return processException(exception); + } + return response; } /* - * Delete a Policy using deletePolicyParameters + * PolicyEngine Import */ - public PolicyChangeResponse deletePolicy(DeletePolicyParameters parameters) throws Exception { - return deletePolicy(parameters, userName, pass); + public PolicyChangeResponse policyEngineImport(ImportParameters importParameters) throws PolicyException { + return policyEngineImportImpl(importParameters); } - public PolicyChangeResponse deletePolicy(DeletePolicyParameters parameters, String userID,String passcode) throws Exception { + public PolicyChangeResponse policyEngineImportImpl(ImportParameters importParameters) throws PolicyException { StdPolicyChangeResponse response = new StdPolicyChangeResponse(); - String resource= "deletePolicy"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseMessage(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseCode(401); - return response; - } - if (parameters.getPolicyComponent()!=null) { - if (parameters.getPolicyComponent().equalsIgnoreCase("PAP")) { - response.setResponseMessage(deletePolicyFromPAP(parameters)); - } else if (parameters.getPolicyComponent().equalsIgnoreCase("PDP")) { - response.setResponseMessage(deletePolicyFromPDP(parameters)); - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Policy Component does not exist."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "Policy Component does not exist. Please enter either PAP or PDP to delete the policy from a specified Policy Component."); - } - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Component given."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Component given."); - } - - response.setResponseCode(responseCode); - return response; + String resource= "policyEngineImport"; + LinkedMultiValueMap parameters = new LinkedMultiValueMap(); + // Create Request. + try { + String body = PolicyUtils.objectToJsonString(importParameters); + parameters.set("importParametersJson", body); + parameters.set("file", new FileSystemResource(importParameters.getFilePath())); + } catch (Exception e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyException(message, e); + } + contentType = MediaType.MULTIPART_FORM_DATA_VALUE; + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.POST, parameters, String.class); + // Process response + response.setResponseMessage(result.getBody()); + response.setResponseCode(result.getStatusCode().value()); + } catch (PolicyException exception) { + return processException(exception); + } finally{ + contentType = null; + } + return response; } /* - * createDictionaryItem using dictionaryParameters. + * createPolicy Using policyParameters. */ - public PolicyChangeResponse createDictionaryItem(DictionaryParameters parameters) throws Exception{ - StdPolicyChangeResponse response = new StdPolicyChangeResponse(); - - if(parameters.getDictionaryType()!=null || parameters.getDictionaryType().equals("")){ - if(parameters.getDictionary()!=null || parameters.getDictionary().equals("")){ - if(parameters.getDictionaryFields()!=null){ - logger.info("Parameters are good... start create dictionary item API..."); - - Map dictionaryFields = parameters.getDictionaryFields().get(AttributeType.DICTIONARY); - - StdPAPPolicy newDictionaryItem = new StdPAPPolicy(parameters.getDictionaryType().toString(), parameters.getDictionary(), dictionaryFields); - - String result = (String) callPAP(newDictionaryItem, new String[] {"operation=createDictionary", "apiflag=dictionaryApi"}, parameters.getRequestID(), "dictionaryItem"); - - response.setResponseCode(responseCode); - response.setResponseMessage(result); - - }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Dictionary Fields given."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Dictionary Fields given."); - } - }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Dictionary given."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Dictionary given."); - } - }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Dictionary Type given."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Dictionary Type given."); - } - try{ - - }catch(Exception e){ - - } - - return response; + public PolicyChangeResponse createPolicy(PolicyParameters policyParameters) throws PolicyException{ + return createUpdatePolicyImpl(policyParameters, false); } /* - * createPolicy Using policyParameters. + * updatePolicy using policyParameters. */ - public PolicyChangeResponse createPolicy(PolicyParameters policyParameters) throws Exception{ - return createPolicy(policyParameters, userName, pass); + public PolicyChangeResponse updatePolicy(PolicyParameters policyParameters) throws PolicyException{ + return createUpdatePolicyImpl(policyParameters, true); } - public PolicyChangeResponse createPolicy(PolicyParameters policyParameters, String userID, String passcode) throws Exception{ + public PolicyChangeResponse createUpdatePolicyImpl(PolicyParameters policyParameters, boolean updateFlag) throws PolicyException{ StdPolicyChangeResponse response = new StdPolicyChangeResponse(); String resource= "createPolicy"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseMessage(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseCode(401); - return response; - } - String plainName = null; - String scope = null; - String date = "NA"; - if (policyParameters.getTtlDate()!=null){ - date = ConvertDate(policyParameters.getTtlDate()); + if(updateFlag){ + resource="updatePolicy"; + } + String body = new String(); + // Create Request. + try { + body = PolicyUtils.objectToJsonString(policyParameters); + } catch (JsonProcessingException e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyException(message, e); + } + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.PUT, body, String.class); + // Process response + response.setResponseMessage(result.getBody()); + response.setResponseCode(result.getStatusCode().value()); + } catch (PolicyException exception) { + return processException(exception); + } + return response; + } + + private PolicyChangeResponse processException(PolicyException exception) throws PolicyException { + StdPolicyChangeResponse response = new StdPolicyChangeResponse(); + if(exception.getCause()!=null && exception.getCause() instanceof HttpClientErrorException){ + LOGGER.error(exception); + HttpClientErrorException ex = (HttpClientErrorException) exception.getCause(); + response.setResponseCode(ex.getRawStatusCode()); + response.setResponseMessage(exception.getMessage()); + return response; + }else{ + String message = XACMLErrorConstants.ERROR_SYSTEM_ERROR+ "Error while processing results. please check logs."; + LOGGER.error(message, exception); + throw new PolicyException(message, exception); + } + } + + public DecisionResponse getDecisionImpl(String eCOMPComponentName, + Map decisionAttributes, + UUID requestID) throws PolicyDecisionException { + String resource= "getDecision"; + StdDecisionResponse response = new StdDecisionResponse(); + String body = new String(); + // Create Request. + try { + DecisionRequestParameters decisionRequestParameters = new DecisionRequestParameters(); + decisionRequestParameters.setDecisionAttributes(decisionAttributes); + decisionRequestParameters.setECOMPComponentName(eCOMPComponentName); + decisionRequestParameters.setRequestID(requestID); + body = PolicyUtils.objectToJsonString(decisionRequestParameters); + } catch (JsonProcessingException e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyDecisionException(message, e); + } + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.POST, body, StdDecisionResponse.class); + // Process response + response = result.getBody(); + } catch (Exception exception) { + if(exception.getCause().getMessage().contains("401")){ + String message = XACMLErrorConstants.ERROR_PERMISSIONS + ERROR_AUTH_GET_PERM + resource; + LOGGER.error(message); + throw new PolicyDecisionException(message, exception); + }if(exception.getCause().getMessage().contains("400")){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid Data is given."; + LOGGER.error(message); + throw new PolicyDecisionException(message, exception); + } + String message = XACMLErrorConstants.ERROR_PERMISSIONS+ "Unable to get valid Response from PDP(s) " + pdps; + LOGGER.error(message, exception); + throw new PolicyDecisionException(message, exception); + } + return response; + } + + public Collection getConfigImpl(ConfigRequestParameters configRequestParameters) throws PolicyConfigException{ + String resource= "getConfig"; + ArrayList response = new ArrayList(); + String body = new String(); + // Create Request. + try { + body = PolicyUtils.objectToJsonString(configRequestParameters); + } catch (JsonProcessingException e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyConfigException(message, e); + } + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.POST, body, APIPolicyConfigResponse[].class); + // Process Response + response = configResult(result.getBody()); + } catch (Exception exception) { + if(exception.getCause().getMessage().contains("401")){ + String message = XACMLErrorConstants.ERROR_PERMISSIONS + ERROR_AUTH_GET_PERM + resource; + LOGGER.error(message); + throw new PolicyConfigException(message, exception); + }if(exception.getCause().getMessage().contains("400")){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid Data is given."; + LOGGER.error(message); + throw new PolicyConfigException(message, exception); + } + String message = XACMLErrorConstants.ERROR_PROCESS_FLOW+ "Unable to get valid Response from PDP(s) " + pdps; + LOGGER.error(message, exception); + throw new PolicyConfigException(message, exception); + } + return response; + } + + private ArrayList configResult(APIPolicyConfigResponse[] response) throws PolicyConfigException { + ArrayList result = new ArrayList(); + if(response!=null && response.length>0){ + for(APIPolicyConfigResponse policyConfigResponse: response){ + StdPolicyConfig policyConfig = new StdPolicyConfig(); + policyConfig.setConfigStatus(policyConfigResponse.getPolicyConfigMessage()); + policyConfig.setMatchingConditions(policyConfigResponse.getMatchingConditions()); + policyConfig.setPolicyConfigStatus(policyConfigResponse.getPolicyConfigStatus()); + policyConfig.setPolicyName(policyConfigResponse.getPolicyName()); + policyConfig.setPolicyType(policyConfigResponse.getType()); + policyConfig.setPolicyVersion(policyConfigResponse.getPolicyVersion()); + policyConfig.setResponseAttributes(policyConfigResponse.getResponseAttributes()); + setMatches(policyConfig.getMatchingConditions()); + if(policyConfigResponse.getType()!=null){ + try { + switch (policyConfigResponse.getType()) { + case JSON: + JsonReader jsonReader = Json.createReader(new StringReader(policyConfigResponse.getConfig())); + JsonObject object = jsonReader.readObject(); + jsonReader.close(); + policyConfig.setJsonObject(object); + break; + case OTHER: + policyConfig.setOther(policyConfigResponse.getConfig()); + break; + case PROPERTIES: + Properties props = new Properties(); + props.putAll(policyConfigResponse.getProperty()); + policyConfig.setProperties(props); + break; + case XML: + DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + DocumentBuilder builder; + builder = factory.newDocumentBuilder(); + policyConfig.setDocument(builder.parse(new InputSource(new StringReader(policyConfigResponse.getConfig())))); + break; + } + } catch (Exception e) { + LOGGER.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID+ e); + throw new PolicyConfigException(XACMLErrorConstants.ERROR_SCHEMA_INVALID+ "Unable to parse the config", e); + } + } + result.add(policyConfig); + } + } + return result; + } + + private void setMatches(Map matchingConditions) { + Matches match = new Matches(); + HashMap configAttributes = new HashMap(); + try{ + for(String key: matchingConditions.keySet()){ + if(key.equalsIgnoreCase("ECOMPName")){ + match.setEcompName(matchingConditions.get(key)); + }else if(key.equalsIgnoreCase("ConfigName")){ + match.setConfigName(matchingConditions.get(key)); + }else{ + configAttributes.put(key, matchingConditions.get(key)); + } + } + if(!configAttributes.isEmpty()){ + match.setConfigAttributes(configAttributes); + } + MatchStore.storeMatch(match); + }catch(Exception e){ + LOGGER.info("StoreMatch failed for Ecomp:" + + match.getEcompName() + " Config: " + + match.getConfigName()); + } + } + + /* + * Generic Rest Client to call PDP services. + */ + private ResponseEntity callNewPDP(String resource, + HttpMethod method, Object body, Class responseType) throws PolicyException{ + RestTemplate restTemplate = new RestTemplate(); + HttpEntity requestEntity = new HttpEntity<>(body, getHeaders()); + ResponseEntity result = null; + HttpClientErrorException exception = null; + int pdpsCount = 0; + while(pdpsCount < pdps.size()){ + try{ + result = restTemplate.exchange(pdps.get(0)+"/api/" + resource, method, requestEntity, responseType); + }catch(HttpClientErrorException e){ + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while connecting to " + pdps.get(0), e); + exception = e; + }catch(Exception e){ + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while connecting to " + pdps.get(0), e); + exception = new HttpClientErrorException(HttpStatus.INTERNAL_SERVER_ERROR, e.getMessage()); + } + finally{ + if(result == null){ + Collections.rotate(pdps, -1); + Collections.rotate(encoding, -1); + pdpsCount++; + }else{ + break; + } + } + } + if(exception != null && exception.getStatusCode()!=null){ + if(exception.getStatusCode().equals(HttpStatus.UNAUTHORIZED)){ + String message = XACMLErrorConstants.ERROR_PERMISSIONS +":"+exception.getStatusCode()+":" +ERROR_AUTH_GET_PERM + resource; + LOGGER.error(message); + throw new PolicyException(message, exception); + } + if(exception.getStatusCode().equals(HttpStatus.BAD_REQUEST)){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + ":"+exception.getStatusCode()+":" + exception.getResponseBodyAsString(); + LOGGER.error(message); + throw new PolicyException(message, exception); + } + if(exception.getStatusCode().equals(HttpStatus.NOT_FOUND)){ + String message = XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while connecting to " + pdps + exception; + LOGGER.error(message); + throw new PolicyException(message, exception); + } + String message = XACMLErrorConstants.ERROR_PROCESS_FLOW + ":"+exception.getStatusCode()+":" + exception.getResponseBodyAsString(); + LOGGER.error(message); + throw new PolicyException(message, exception); + } + return result; + } + + private HttpHeaders getHeaders() { + HttpHeaders headers = new HttpHeaders(); + headers.set("ClientAuth", "Basic " + clientEncoding); + headers.set("Authorization", "Basic " + encoding.get(0)); + if(contentType!=null){ + headers.set("Content-Type", contentType.toString()); + }else{ + headers.set("Content-Type", MediaType.APPLICATION_JSON_VALUE); + } + headers.set("Environment", environment); + return headers; + } + + private void setClientEncoding() { + Base64.Encoder encoder = Base64.getEncoder(); + clientEncoding = encoder.encodeToString((userName+":"+pass).getBytes(StandardCharsets.UTF_8)); + } + + public Collection listConfigImpl(ConfigRequestParameters listRequestParameters) throws PolicyConfigException{ + Collection policyList = new ArrayList(); + if (junit){ + policyList.add("Policy Name: listConfigTest"); + return policyList; } - try{ - if(policyParameters.getPolicyName()!=null){ - plainName = policyParameters.getPolicyName().substring(policyParameters.getPolicyName().lastIndexOf(".")+1, policyParameters.getPolicyName().length()); - scope = policyParameters.getPolicyName().substring(0, policyParameters.getPolicyName().lastIndexOf(".")); - logger.info("Name is "+ plainName +" scope is "+ scope); + Collection policyConfig = getConfigImpl(listRequestParameters); + for(PolicyConfig policy : policyConfig){ + if(policy.getPolicyConfigMessage()!=null && policy.getPolicyConfigMessage().contains("PE300")){ + policyList.add(policy.getPolicyConfigMessage()); + } else { + policyList.add("Policy Name: " + policy.getPolicyName()); } - }catch(Exception e){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); } - if(policyParameters.getPolicyConfigType()!=null){ - // This is Config Class Policy. - // Firewall - if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.Firewall)){ - if(policyParameters.getConfigBody()!=null){ - JsonObject json = null; - try{ - json = stringToJsonObject(policyParameters.getConfigBody()); - }catch(Exception e){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + policyParameters.getConfigBody(); - logger.error(message); - throw new Exception(message); + return policyList; + } + + public Collection sendEventImpl(Map eventAttributes, UUID requestID) throws PolicyEventException { + String resource= "sendEvent"; + ArrayList response = new ArrayList(); + String body = new String(); + // Create Request. + try { + // Long way here, can be shortened and will be done. + EventRequestParameters eventRequestParameters = new EventRequestParameters(); + eventRequestParameters.setEventAttributes(eventAttributes); + eventRequestParameters.setRequestID(requestID); + body = PolicyUtils.objectToJsonString(eventRequestParameters); + } catch (JsonProcessingException e) { + String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + e; + LOGGER.error(message); + throw new PolicyEventException(message, e); + } + // Get Response. + try { + ResponseEntity result = callNewPDP(resource, HttpMethod.POST, body, StdPolicyResponse[].class); + // Process Response + response = eventResult(result.getBody()); + } catch (Exception exception) { + if(exception.getCause().getMessage().contains("401")){ + String message = XACMLErrorConstants.ERROR_PERMISSIONS + ERROR_AUTH_GET_PERM + resource; + LOGGER.error(message); + throw new PolicyEventException(message, exception); + }if(exception.getCause().getMessage().contains("400")){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid Data is given."; + LOGGER.error(message); + throw new PolicyEventException(message, exception); + } + String message = XACMLErrorConstants.ERROR_PERMISSIONS+ "Unable to get valid Response from PDP(s) " + pdps; + LOGGER.error(message, exception); + throw new PolicyEventException(message, exception); + } + return response; + } + + private ArrayList eventResult(StdPolicyResponse[] response) throws PolicyEventException{ + ArrayList eventResult = new ArrayList(); + if(response!=null && response.length>0){ + for(StdPolicyResponse policyConfigResponse: response){ + eventResult.add(policyConfigResponse); + } + } + return eventResult; + } + + private void setProperty(String propertyFilePath, String clientKey) + throws PolicyEngineException { + this.propertyFilePath = propertyFilePath; + if (this.propertyFilePath == null) { + throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error NO PropertyFile Path provided"); + } else { + // Adding logic for remote Properties file. + Properties prop = new Properties(); + if (propertyFilePath.startsWith("http")) { + URL configURL; + try { + configURL = new URL(propertyFilePath); + URLConnection connection = null; + connection = configURL.openConnection(); + prop.load(connection.getInputStream()); + } catch (IOException e) { + LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); + throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Maformed property URL "+ e.getMessage()); + } + } else { + Path file = Paths.get(propertyFilePath); + if (Files.notExists(file)) { + throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "File doesn't exist in the specified Path " + file.toString()); + } + if (file.toString().endsWith(".properties")) { + InputStream in; + prop = new Properties(); + try { + in = new FileInputStream(file.toFile()); + prop.load(in); + } catch (IOException e) { + LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e); + throw new PolicyEngineException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Cannot Load the Properties file", e); } - response.setResponseMessage(createConfigFirewallPolicy(plainName, json, scope, policyParameters.getRequestID(), userID, passcode, - policyParameters.getRiskLevel(), policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), date)); - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "No Config Body given."; - logger.error(message); - response.setResponseMessage(message); + } else { + LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file " + propertyFilePath); + throw new PolicyEngineException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file"); } } - //Base - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.Base)){ - if(policyParameters.getConfigBody()!=null) { - if(policyParameters.getConfigBodyType()!=null){ - response.setResponseMessage(createConfigPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getConfigName(), - policyParameters.getAttributes().get(AttributeType.MATCHING), policyParameters.getConfigBodyType().toString(), policyParameters.getConfigBody(), scope, policyParameters.getRequestID(), userID, passcode, - policyParameters.getRiskLevel(), policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), date)); - } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "No Config Body Type given."; - logger.error(message); - response.setResponseMessage(message); - } + // UEB and DMAAP Settings + String check_type = prop.getProperty("NOTIFICATION_TYPE"); + String serverList = prop.getProperty("NOTIFICATION_SERVERS"); + topic = prop.getProperty("NOTIFICATION_TOPIC"); + apiKey = prop.getProperty("UEB_API_KEY"); + apiSecret = prop.getProperty("UEB_API_SECRET"); + + if(check_type==null) { + notificationType.add(DEFAULT_NOTIFICATION); + LOGGER.info("Properties file doesn't have the NOTIFICATION_TYPE parameter system will use defualt websockets"); + }else{ + check_type = check_type.trim(); + if(check_type.contains(",")) { + typeDefault = new ArrayList(Arrays.asList(prop.getProperty("NOTIFICATION_TYPE").split(","))); + notificationType = typeDefault; } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "No Config Body given."; - logger.error(message); - response.setResponseMessage(message); + notificationType = new ArrayList(); + notificationType.add(check_type); } } - //BRMS Raw - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.BRMS_RAW)){ - if(policyParameters.getConfigBody()!=null){ - - /*public String createUpdateBRMSRawPolicy(String policyName, String policyDescription, Map dyanamicFieldConfigAttributes, - * String brmsRawBody, String policyScope, Boolean isEdit, UUID requestID)*/ - response.setResponseMessage(createUpdateBRMSRawPolicy(plainName, policyParameters.getPolicyDescription(),policyParameters.getAttributes(), - policyParameters.getConfigBody(),scope, false, - policyParameters.getRequestID(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), - date)); - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " No Config Body Present"; - logger.error(message); - throw new Exception(message); + if(serverList==null) { + notificationType.clear(); + notificationType.add(DEFAULT_NOTIFICATION); + LOGGER.info("Properties file doesn't have the NOTIFICATION_SERVERS parameter system will use defualt websockets"); + }else{ + serverList = serverList.trim(); + if(serverList.contains(",")) { + notificationURLList = new ArrayList(Arrays.asList(serverList.split(","))); + } else { + notificationURLList = new ArrayList(); + notificationURLList.add(serverList); } } - //BRMS Param - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.BRMS_PARAM)){ - if(policyParameters.getConfigBody()!=null){ - response.setResponseMessage(createUpdateBRMSParamPolicy(plainName, policyParameters.getPolicyDescription(),policyParameters.getAttributes(), - policyParameters.getConfigBody(),scope, false, - policyParameters.getRequestID(),policyParameters.getAttributes(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), - String.valueOf(policyParameters.getGuard()), date)); - }else{ - response.setResponseMessage(createUpdateBRMSParamPolicy(plainName, policyParameters.getPolicyDescription(),policyParameters.getAttributes(), - null,scope, false, - policyParameters.getRequestID(),policyParameters.getAttributes(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), - String.valueOf(policyParameters.getGuard()), date)); - } + if(topic!=null) { + topic = topic.trim(); + } else { + LOGGER.error("Properties file doesn't have the NOTIFICATION_TOPIC parameter."); } - // Micro Services Policy - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.MicroService)){ - if(policyParameters.getConfigBody()!=null){ - JsonObject json = null; - try{ - json = stringToJsonObject(policyParameters.getConfigBody()); - }catch(Exception e){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + policyParameters.getConfigBody(); - logger.error(message); - throw new Exception(message); - } - //call Micro Services Create API here - response.setResponseMessage(createUpdateMicroServicesPolicy(plainName, json, policyParameters.getEcompName(), - scope, false, policyParameters.getRequestID(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), - String.valueOf(policyParameters.getGuard()), date)); - - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " No Micro Service or Attributes Config Body Present"; - logger.error(message); - throw new Exception(message); + + // Client ID Authorization Settings. + String clientID = prop.getProperty("CLIENT_ID"); + if(clientKey==null){ + clientKey = prop.getProperty("CLIENT_KEY"); + try { + clientKey = PolicyUtils.decode(clientKey); + } catch (UnsupportedEncodingException|IllegalArgumentException e) { + LOGGER.error(XACMLErrorConstants.ERROR_PERMISSIONS+" Cannot Decode the given Password Proceeding with given Password!!"); } } - // ClosedLoop_Fault Policy - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.ClosedLoop_Fault)){ - if(policyParameters.getConfigBody()!=null){ - JsonObject json = null; - try{ - if(validateNONASCIICharactersAndAllowSpaces(policyParameters.getConfigBody())){ - json = stringToJsonObject(policyParameters.getConfigBody()); - } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "The ClosedLoop JSON Contains Non ASCII Characters."; - logger.error(message); - response.setResponseCode(400); - response.setResponseMessage(message); - return response; - } - - }catch(Exception e){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + policyParameters.getConfigBody(); - logger.error(message); - response.setResponseCode(400); - response.setResponseMessage(message); - return response; - - } - //call ClosedLoop_Fault Create API here - response.setResponseMessage(createUpdateClosedLoopPolicy(plainName, json, policyParameters.getPolicyDescription(), - scope, false, policyParameters.getRequestID(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), - String.valueOf(policyParameters.getGuard()), date)); - - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " No Config Body Present"; - logger.error(message); - response.setResponseMessage(message); - response.setResponseCode(400); - return response; - } + if(clientID ==null || clientKey == null || clientID.isEmpty() || clientKey.isEmpty()){ + LOGGER.error(XACMLErrorConstants.ERROR_PERMISSIONS+" Cannot proceed without the CLIENT_KEY and CLIENT_ID values !!"); + throw new PolicyEngineException(XACMLErrorConstants.ERROR_PERMISSIONS+ " Cannot proceed without the CLIENT_KEY and CLIENT_ID values !!"); + }else{ + userName = clientID.trim(); + pass = clientKey.trim(); + } + setClientEncoding(); + environment = prop.getProperty("ENVIRONMENT", Environment.DEVL.toString()); + if(environment.equalsIgnoreCase(Environment.TEST.toString())){ + environment = Environment.TEST.toString(); + }else if(environment.equalsIgnoreCase(Environment.PROD.toString())){ + environment = Environment.PROD.toString(); + }else{ + environment = Environment.DEVL.toString(); } - // ClosedLoop_PM Policy - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.ClosedLoop_PM)){ - if(policyParameters.getConfigBody()!=null){ - JsonObject json = null; - try{ - if(validateNONASCIICharactersAndAllowSpaces(policyParameters.getConfigBody())){ - json = stringToJsonObject(policyParameters.getConfigBody()); - } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "The ClosedLoop PM JSON Contains Non ASCII Characters."; - logger.error(message); - response.setResponseMessage(message); - response.setResponseCode(400); - return response; - + // Initializing the values. + pdps = new ArrayList(); + encoding = new ArrayList(); + // Check the Keys for PDP_URLs + Collection unsorted = prop.keySet(); + @SuppressWarnings({ "rawtypes", "unchecked" }) + List sorted = new ArrayList(unsorted); + Collections.sort(sorted); + for (String propKey : sorted) { + if (propKey.startsWith("PDP_URL")) { + String check_val = prop.getProperty(propKey); + if (check_val == null) { + throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Properties file doesn't have the PDP_URL parameter"); + } + if (check_val.contains(";")) { + pdpDefault = new ArrayList(Arrays.asList(check_val.split("\\s*;\\s*"))); + int pdpCount = 0; + while (pdpCount < pdpDefault.size()) { + String pdpVal = pdpDefault.get(pdpCount); + readPDPParam(pdpVal); + pdpCount++; } - - }catch(Exception e){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + policyParameters.getConfigBody(); - logger.error(message); - response.setResponseMessage(message); - response.setResponseCode(400); - return response; - + } else { + readPDPParam(check_val); } - //call ClosedLoop_Fault Create API here - response.setResponseMessage(createUpdateClosedLoopPmPolicy(plainName, json, policyParameters.getPolicyDescription(), - scope, false, policyParameters.getRequestID(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), - String.valueOf(policyParameters.getGuard()), date)); - - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " No Config Body Present"; - logger.error(message); - response.setResponseMessage(message); - response.setResponseCode(400); - return response; - } } + if (pdps == null || pdps.isEmpty()) { + LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed without PDP_URLs"); + throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed without PDP_URLs"); + } - } else if (policyParameters.getPolicyClass()!=null){ - if(policyParameters.getPolicyClass().equals(PolicyClass.Action)){ - // call Action Create API here. - response.setResponseMessage(createUpdateActionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getAttributes().get(AttributeType.MATCHING), - policyParameters.getDynamicRuleAlgorithmLabels(), policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - policyParameters.getActionPerformer(), policyParameters.getActionAttribute(), scope, false, policyParameters.getRequestID())); - }else if(policyParameters.getPolicyClass().equals(PolicyClass.Decision)){ - // Call Decision Create API here. - if (policyParameters.getAttributes()!=null && policyParameters.getAttributes().containsKey(AttributeType.MATCHING) && policyParameters.getAttributes().containsKey(AttributeType.SETTINGS)) { - response.setResponseMessage(createUpdateDecisionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getRuleProvider(), - policyParameters.getAttributes().get(AttributeType.MATCHING), policyParameters.getAttributes().get(AttributeType.SETTINGS), policyParameters.getDynamicRuleAlgorithmLabels(), - policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - scope, false, policyParameters.getRequestID())); - }else if(policyParameters.getAttributes()!=null && !policyParameters.getAttributes().containsKey(AttributeType.MATCHING) && policyParameters.getAttributes().containsKey(AttributeType.SETTINGS)){ - response.setResponseMessage(createUpdateDecisionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getRuleProvider(), - null, policyParameters.getAttributes().get(AttributeType.SETTINGS), policyParameters.getDynamicRuleAlgorithmLabels(), - policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - scope, false, policyParameters.getRequestID())); - }else if(policyParameters.getAttributes()!=null && policyParameters.getAttributes().containsKey(AttributeType.MATCHING) && !policyParameters.getAttributes().containsKey(AttributeType.SETTINGS)){ - response.setResponseMessage(createUpdateDecisionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getRuleProvider(), - policyParameters.getAttributes().get(AttributeType.MATCHING), null, policyParameters.getDynamicRuleAlgorithmLabels(), - policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - scope, false, policyParameters.getRequestID())); - }else{ - response.setResponseMessage(createUpdateDecisionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getRuleProvider(), - null, null, policyParameters.getDynamicRuleAlgorithmLabels(), - policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - scope, false, policyParameters.getRequestID())); + // Get JUNIT property from properties file when running tests + String junit = prop.getProperty("JUNIT"); + if(junit == null || junit.isEmpty()){ + LOGGER.info("No JUNIT property provided, this will not be executed as a test."); + }else{ + if(junit.equalsIgnoreCase("test")){ + StdPolicyEngine.junit = true; + } else { + StdPolicyEngine.junit = false; } } - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Class found."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Class found."); } - response.setResponseCode(responseCode); - return response; } /* - * updatePolicy using policyParameters. + * Read the PDP_URL parameter */ - public PolicyChangeResponse updatePolicy(PolicyParameters policyParameters) throws Exception{ - return updatePolicy(policyParameters, userName, pass); - } - - public PolicyChangeResponse updatePolicy(PolicyParameters policyParameters,String userID, String passcode) throws Exception{ - StdPolicyChangeResponse response = new StdPolicyChangeResponse(); - String resource= "updatePolicy"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseMessage(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseCode(401); - return response; - } - String plainName = null; - String scope = null; - String date = "NA"; - if (policyParameters.getTtlDate()!=null){ - date = ConvertDate(policyParameters.getTtlDate()); - } - try{ - if(policyParameters.getPolicyName()!=null){ - plainName = policyParameters.getPolicyName().substring(policyParameters.getPolicyName().lastIndexOf(".")+1, policyParameters.getPolicyName().length()); - scope = policyParameters.getPolicyName().substring(0, policyParameters.getPolicyName().lastIndexOf(".")); - logger.info("Name is "+ plainName +" scope is "+ scope); + private void readPDPParam(String pdpVal) throws PolicyEngineException{ + if(pdpVal.contains(",")){ + List pdpValues = new ArrayList(Arrays.asList(pdpVal.split("\\s*,\\s*"))); + if(pdpValues.size()==3){ + // 0 - PDPURL + pdps.add(pdpValues.get(0)); + // 1:2 will be UserID:Password + String userID = pdpValues.get(1); + String pass = pdpValues.get(2); + Base64.Encoder encoder = Base64.getEncoder(); + encoding.add(encoder.encodeToString((userID+":"+pass).getBytes(StandardCharsets.UTF_8))); + }else{ + LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Credentials to send Request: " + pdpValues); + throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No enough Credentials to send Request. " + pdpValues); } - }catch(Exception e){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); + }else{ + LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "PDP value is improper/missing required values: " + pdpVal); + throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "PDP value is improper/missing required values."); } - if(policyParameters.getPolicyConfigType()!=null){ - // This is Config Class Policy. - //Firewall - if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.Firewall)){ - if(policyParameters.getConfigBody()!=null){ - JsonObject json = null; - try{ - json = stringToJsonObject(policyParameters.getConfigBody()); - }catch(Exception e){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + policyParameters.getConfigBody(); - logger.error(message); - throw new Exception(message); - } - response.setResponseMessage(updateConfigFirewallPolicy(plainName, json, scope, policyParameters.getRequestID(), userID, passcode,policyParameters.getRiskLevel(), - policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), date)); - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "No Config Body given."; - logger.error(message); - response.setResponseMessage(message); - } + } + /* + * Allowing changes to the scheme and Handler. + */ + public void notification(NotificationScheme scheme, NotificationHandler handler) { + this.scheme = scheme; + this.handler = handler; + LOGGER.debug("Scheme is : " + scheme.toString()); + LOGGER.debug("Handler is : " + handler.getClass().getName()); + + if (notificationType.get(0).equals("ueb")){ + if (this.uebThread) { + uebClientThread.setAuto(scheme, handler); + this.uebThread = registerUEBThread.isAlive(); } - //Base Policy - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.Base)){ - if(policyParameters.getConfigBody()!=null) { - if(policyParameters.getConfigBodyType()!=null){ - response.setResponseMessage(updateConfigPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getConfigName(), - policyParameters.getAttributes().get(AttributeType.MATCHING), policyParameters.getConfigBodyType().toString(), policyParameters.getConfigBody(), scope, - policyParameters.getRequestID(), userID, passcode, policyParameters.getRiskLevel(), policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), date)); - } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "No Config Body Type given."; - logger.error(message); - response.setResponseMessage(message); - } - } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "No Config Body given."; - logger.error(message); - response.setResponseMessage(message); - } + } else if (notificationType.get(0).equals("dmaap")){ + if (this.dmaapThread) { + dmaapClientThread.setAuto(scheme, handler); + this.dmaapThread = registerDMAAPThread.isAlive(); } - //BRMS Raw - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.BRMS_RAW)){ - if(policyParameters.getConfigBody()!=null){ - /*public String createUpdateBRMSRawPolicy(String policyName, String policyDescription, Map dyanamicFieldConfigAttributes, - * String brmsRawBody, String policyScope, Boolean isEdit, UUID requestID)*/ - response.setResponseMessage(createUpdateBRMSRawPolicy(plainName, policyParameters.getPolicyDescription(),policyParameters.getAttributes(), - policyParameters.getConfigBody(),scope, true, - policyParameters.getRequestID(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), date)); - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " No Config Body Present"; - logger.error(message); - throw new Exception(message); + } else { + AutoClientEnd.setAuto(scheme, handler); + } + + if(junit){ + return; + } + + if(pdps!=null){ + if (notificationType.get(0).equals("ueb") && !this.uebThread){ + this.uebClientThread = new AutoClientUEB(pdps.get(0), notificationURLList, apiKey, apiSecret); + this.uebClientThread.setAuto(scheme, handler); + this.registerUEBThread = new Thread(this.uebClientThread); + this.registerUEBThread.start(); + this.uebThread = true; + }else if (notificationType.get(0).equals("dmaap") && !this.dmaapThread){ + this.dmaapClientThread = new AutoClientDMAAP(notificationURLList,topic,userName,pass); + this.dmaapClientThread.setAuto(scheme, handler); + this.registerDMAAPThread = new Thread(this.dmaapClientThread); + this.registerDMAAPThread.start(); + this.dmaapThread = true; + }else{ + if(pdps.get(0)!=null){ + if(AutoClientEnd.getURL()==null){ + AutoClientEnd.start(pdps.get(0)); + }else { + AutoClientEnd.stop(); + AutoClientEnd.start(pdps.get(0)); + } } } - //BRMS Param - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.BRMS_PARAM)){ - if(policyParameters.getConfigBody()!=null){ - - /* public String createUpdateBRMSParamPolicy(String policyName, String policyDescription, Map> dyanamicFieldConfigAttributes, - String brmsRawBody, String policyScope, Boolean isEdit, - UUID requestID,Map drlRuleAndUIParams)*/ - response.setResponseMessage(createUpdateBRMSParamPolicy(plainName, policyParameters.getPolicyDescription(),policyParameters.getAttributes(), - policyParameters.getConfigBody(),scope, true, - policyParameters.getRequestID(),policyParameters.getAttributes(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), date)); - }else{ - response.setResponseMessage(createUpdateBRMSParamPolicy(plainName, policyParameters.getPolicyDescription(),policyParameters.getAttributes(), - null,scope, true, - policyParameters.getRequestID(),policyParameters.getAttributes(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), date)); - } - } - // Micro Services Policy - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.MicroService)){ - if(policyParameters.getConfigBody()!=null){ - JsonObject json = null; - try{ - json = stringToJsonObject(policyParameters.getConfigBody()); - }catch(Exception e){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + policyParameters.getConfigBody(); - logger.error(message); - throw new Exception(message); - } - //call Micro Services Create API here - response.setResponseMessage(createUpdateMicroServicesPolicy(plainName, json, policyParameters.getEcompName(), - scope, true, policyParameters.getRequestID(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), date)); - - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " No Micro Service or Attributes Config Body Present"; - logger.error(message); - throw new Exception(message); - } - } - // ClosedLoop_Fault Policy - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.ClosedLoop_Fault)){ - if(policyParameters.getConfigBody()!=null){ - JsonObject json = null; - try{ - if(validateNONASCIICharactersAndAllowSpaces(policyParameters.getConfigBody())){ - json = stringToJsonObject(policyParameters.getConfigBody()); - } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "The ClosedLoop JSON Contains Non ASCII Characters."; - logger.error(message); - response.setResponseMessage(message); - return response; - } - - }catch(Exception e){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + policyParameters.getConfigBody(); - logger.error(message); - response.setResponseMessage(message); - return response; - } - //call ClosedLoop_Fault Create API here - response.setResponseMessage(createUpdateClosedLoopPolicy(plainName, json, policyParameters.getPolicyDescription(), - scope, true, policyParameters.getRequestID(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), String.valueOf(policyParameters.getGuard()), date)); - - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " No Config Body Present"; - logger.error(message); - response.setResponseMessage(message); - } - } - // ClosedLoop_PM Policy - else if(policyParameters.getPolicyConfigType().equals(PolicyConfigType.ClosedLoop_PM)){ - if(policyParameters.getConfigBody()!=null){ - JsonObject json = null; - try{ - if(validateNONASCIICharactersAndAllowSpaces(policyParameters.getConfigBody())){ - json = stringToJsonObject(policyParameters.getConfigBody()); - } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ "The ClosedLoop PM JSON Contains Non ASCII Characters."; - logger.error(message); - response.setResponseMessage(message); - return response; - } - - }catch(Exception e){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + policyParameters.getConfigBody(); - logger.error(message); - response.setResponseMessage(message); - return response; - } - //call ClosedLoop_Fault Create API here - response.setResponseMessage(createUpdateClosedLoopPmPolicy(plainName, json, policyParameters.getPolicyDescription(), - scope, true, policyParameters.getRequestID(),policyParameters.getRiskLevel(), policyParameters.getRiskType(), - String.valueOf(policyParameters.getGuard()), date)); - - }else{ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " No Config Body Present"; - logger.error(message); - response.setResponseMessage(message); - } - } - - }else{ - - if(policyParameters.getPolicyClass().equals(PolicyClass.Action)){ - // call Action Update API here. - response.setResponseMessage(createUpdateActionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getAttributes().get(AttributeType.MATCHING), - policyParameters.getDynamicRuleAlgorithmLabels(), policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - policyParameters.getActionPerformer(), policyParameters.getActionAttribute(), scope, true, policyParameters.getRequestID())); - - }else if(policyParameters.getPolicyClass().equals(PolicyClass.Decision)){ - // Call Decision Create API here. - if (policyParameters.getAttributes()!=null && policyParameters.getAttributes().containsKey(AttributeType.MATCHING) && policyParameters.getAttributes().containsKey(AttributeType.SETTINGS)) { - response.setResponseMessage(createUpdateDecisionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getRuleProvider(), - policyParameters.getAttributes().get(AttributeType.MATCHING), policyParameters.getAttributes().get(AttributeType.SETTINGS), policyParameters.getDynamicRuleAlgorithmLabels(), - policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - scope, true, policyParameters.getRequestID())); - }else if(policyParameters.getAttributes()!=null && !policyParameters.getAttributes().containsKey(AttributeType.MATCHING) && policyParameters.getAttributes().containsKey(AttributeType.SETTINGS)){ - response.setResponseMessage(createUpdateDecisionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getRuleProvider(), - null, policyParameters.getAttributes().get(AttributeType.SETTINGS), policyParameters.getDynamicRuleAlgorithmLabels(), - policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - scope, true, policyParameters.getRequestID())); - }else if(policyParameters.getAttributes()!=null && policyParameters.getAttributes().containsKey(AttributeType.MATCHING) && !policyParameters.getAttributes().containsKey(AttributeType.SETTINGS)){ - response.setResponseMessage(createUpdateDecisionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getRuleProvider(), - policyParameters.getAttributes().get(AttributeType.MATCHING), null, policyParameters.getDynamicRuleAlgorithmLabels(), - policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - scope, true, policyParameters.getRequestID())); - }else{ - response.setResponseMessage(createUpdateDecisionPolicy(plainName, policyParameters.getPolicyDescription(), policyParameters.getEcompName(), policyParameters.getRuleProvider(), - null, null, policyParameters.getDynamicRuleAlgorithmLabels(), - policyParameters.getDynamicRuleAlgorithmField1(), policyParameters.getDynamicRuleAlgorithmFunctions(), policyParameters.getDynamicRuleAlgorithmField2(), - scope, true, policyParameters.getRequestID())); - } - } - } - response.setResponseCode(responseCode); - return response; - } - - public DecisionResponse policyDecide(String eCOMPComponentName, - Map decisionAttributes, UUID requestID, String userID, String passcode) - throws PolicyDecisionException { - String resource= "getDecision"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - throw new PolicyDecisionException(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - } - DecisionResponse policyDecision; - if (eCOMPComponentName == null || eCOMPComponentName.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No eCOMPComponentName given : " + eCOMPComponentName); - throw new PolicyDecisionException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No eCOMPComponentName given."); - } - if (decisionAttributes != null && !decisionAttributes.isEmpty()) { - JsonArrayBuilder resourceArray = Json.createArrayBuilder(); - for (String key : decisionAttributes.keySet()) { - if (key.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot have an Empty Key"); - throw new PolicyDecisionException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot have an empty Key"); - } - JsonObjectBuilder resourceBuilder = Json.createObjectBuilder(); - if (decisionAttributes.get(key).matches("[0-9]+")) { - int val = Integer.parseInt(decisionAttributes.get(key)); - resourceBuilder.add("Value", val); - } else { - resourceBuilder.add("Value", decisionAttributes.get(key)); - } - resourceBuilder.add("AttributeId", key); - resourceArray.add(resourceBuilder); - } - JsonObject model = Json - .createObjectBuilder() - .add("Request", - Json.createObjectBuilder() - .add("AccessSubject", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - eCOMPComponentName) - .add("AttributeId", - "ECOMPName"))) - .add("Resource", - Json.createObjectBuilder().add( - "Attribute", resourceArray)) - .add("Action", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "DECIDE") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:action:action-id")))) - .build(); - try { - decide = true; - policyDecision = decisionResult(generateRequest(model - .toString(), requestID)); - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - decide = false; - throw new PolicyDecisionException(e); - } - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Decision Attributes Given. "); - throw new PolicyDecisionException(XACMLErrorConstants.ERROR_DATA_ISSUE +"No DecisionAttributes Given."); - } - decide = false; - return policyDecision; - } - - public Collection configPolicyName(String policyName, UUID requestID, String userID, String passcode) - throws PolicyConfigException { - String resource= "getConfigByPolicyName"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - } - Collection policyConfig = null; - if (policyName == null || policyName.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE+ "No Policy FileName specified!! : " + policyName); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE+"No Policy FileName specified!!"); - } - if(policyName!= null && !policyName.trim().equals("") && !policyName.endsWith("xml")){ - policyName = policyName + ".[\\d].*"; - } - JsonObject model = Json - .createObjectBuilder() - .add("Request", - Json.createObjectBuilder() - .add("AccessSubject", - Json.createObjectBuilder().add( - "Attribute", - Json.createObjectBuilder() - .add("Value", - policyName) - .add("AttributeId", - "PolicyName"))) - .add("Action", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "ACCESS") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:action:action-id"))) - .add("Resource", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "Config") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:resource:resource-id")))) - .build(); - try { - policyConfig = configResult(generateRequest(model.toString(), requestID)); - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +e); - } - return policyConfig; - } - - public Collection config(String eCOMPComponentName, UUID requestID, String userID, String passcode) - throws PolicyConfigException { - String resource= "getConfig"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - } - Collection policyConfig = null; - if (eCOMPComponentName == null || eCOMPComponentName.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No eCOMPComponentName given : " + eCOMPComponentName); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No eCOMPComponentName given."); - } - JsonObject model = Json - .createObjectBuilder() - .add("Request", - Json.createObjectBuilder() - .add("AccessSubject", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - eCOMPComponentName) - .add("AttributeId", - "ECOMPName"))) - .add("Action", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "ACCESS") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:action:action-id"))) - .add("Resource", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "Config") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:resource:resource-id")))) - .build(); - try { - policyConfig = configResult(generateRequest(model.toString(), requestID)); - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +e); - } - return policyConfig; - } - - public Collection config(String eCOMPComponentName, - String configName, UUID requestID, String userID, String passcode) throws PolicyConfigException { - String resource= "getConfig"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - } - Collection policyConfig = null; - if (eCOMPComponentName == null || eCOMPComponentName.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No eCOMPComponentName given : " + eCOMPComponentName); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No eCOMPComponentName given."); - } - if (configName == null || configName.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No configName given : " + configName); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +"No configName given."); - } - JsonObject model = Json - .createObjectBuilder() - .add("Request", - Json.createObjectBuilder() - .add("AccessSubject", - Json.createObjectBuilder() - .add("Attribute", - Json.createArrayBuilder() - .add(Json - .createObjectBuilder() - .add("Value", - eCOMPComponentName) - .add("AttributeId", - "ECOMPName")) - .add(Json - .createObjectBuilder() - .add("Value", - configName) - .add("AttributeId", - "ConfigName")))) - .add("Action", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "ACCESS") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:action:action-id"))) - .add("Resource", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "Config") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:resource:resource-id")))) - .build(); - try { - policyConfig = configResult(generateRequest(model.toString(), requestID)); - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +e); - } - - return policyConfig; - } - - public Collection config(String eCOMPComponentName, - String configName, Map configAttributes, UUID requestID, String userID, String passcode) - throws PolicyConfigException { - String resource= "getConfig"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - } - Collection policyConfig = null; - if (eCOMPComponentName == null || eCOMPComponentName.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No eCOMPComponentName given : " + eCOMPComponentName); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No eCOMPComponentName given."); - } - if (configName == null || configName.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No configName given : " + configName); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +"No configName given."); - } - if (configAttributes != null && !configAttributes.isEmpty()) { - if(!configAttributes.containsKey("RiskType")){ - configAttributes.put("RiskType", ".*"); - } - if(!configAttributes.containsKey("RiskLevel")){ - configAttributes.put("RiskLevel", ".*"); - } - if(!configAttributes.containsKey("guard")){ - configAttributes.put("guard", ".*"); - } - if(!configAttributes.containsKey("TTLDate")){ - configAttributes.put("TTLDate", ".*"); - } - }else{ - // ConfigAttributes is Null. So add basic values. - configAttributes = new HashMap(); - configAttributes.put("RiskType", ".*"); - configAttributes.put("RiskLevel", ".*"); - configAttributes.put("guard", ".*"); - configAttributes.put("TTLDate", ".*"); - } - JsonArrayBuilder resourceArray = Json.createArrayBuilder(); - for (String key : configAttributes.keySet()) { - if (key.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot have an empty Key"); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +"Cannot have an empty Key"); - } - JsonObjectBuilder resourceBuilder = Json.createObjectBuilder(); - /*if (configAttributes.get(key).matches("[0-9]+")) { - int val = Integer.parseInt(configAttributes.get(key)); - resourceBuilder.add("Value", val); - } else {*/ - resourceBuilder.add("Value", configAttributes.get(key)); - resourceBuilder.add("AttributeId", key); - resourceArray.add(resourceBuilder); - } - JsonObject model = Json - .createObjectBuilder() - .add("Request", - Json.createObjectBuilder() - .add("AccessSubject", - Json.createObjectBuilder() - .add("Attribute", - Json.createArrayBuilder() - .add(Json - .createObjectBuilder() - .add("Value", - eCOMPComponentName) - .add("AttributeId", - "ECOMPName")) - .add(Json - .createObjectBuilder() - .add("Value", - configName) - .add("AttributeId", - "ConfigName")))) - .add("Action", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "ACCESS") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:action:action-id"))) - .add("Resource", - Json.createObjectBuilder() - .add("Attribute", - resourceArray - .add(Json.createObjectBuilder() - .add("Value", - "Config") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:resource:resource-id"))))) - .build(); - try { - policyConfig = configResult(generateRequest(model.toString(), requestID)); - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +e); - } - return policyConfig; - } - - public Collection configRequest(ConfigRequestParameters configRequestParameters, String userID, String passcode) throws PolicyConfigException{ - String resource= "getConfig"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - } - Collection policyConfig = null; - unique = false; - if(configRequestParameters==null){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No config Request Parameters given "); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No config Request Parameters given."); - } - if(configRequestParameters.getEcompName() == null && configRequestParameters.getPolicyName() == null){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot proceed without eCOMPComponentName or PolicyName"); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No eCOMPComponentName or PolicyName given."); - } - String policyName = configRequestParameters.getPolicyName(); - if(policyName!= null && !policyName.trim().equals("") && !policyName.endsWith("xml")){ - policyName = policyName + ".[\\d].*"; - } - JsonArrayBuilder subjectArray = Json.createArrayBuilder(); - JsonArrayBuilder resourceArray = Json.createArrayBuilder(); - if(configRequestParameters.getPolicyName()!=null){ - JsonObjectBuilder subjectBuilder = Json.createObjectBuilder(); - subjectBuilder.add("Value", policyName); - subjectBuilder.add("AttributeId", "PolicyName"); - subjectArray.add(subjectBuilder); - }else{ - logger.info("PolicyName values are not given. "); - } - if(configRequestParameters.getEcompName()!=null){ - JsonObjectBuilder subjectBuilder = Json.createObjectBuilder(); - subjectBuilder.add("Value", configRequestParameters.getEcompName()); - subjectBuilder.add("AttributeId", "ECOMPName"); - subjectArray.add(subjectBuilder); - if(configRequestParameters.getConfigName()!=null){ - subjectBuilder = Json.createObjectBuilder(); - subjectBuilder.add("Value", configRequestParameters.getConfigName()); - subjectBuilder.add("AttributeId", "ConfigName"); - subjectArray.add(subjectBuilder); - Map configAttributes = configRequestParameters.getConfigAttributes(); - if (configAttributes != null && !configAttributes.isEmpty()) { - if(!configAttributes.containsKey("RiskType")){ - configAttributes.put("RiskType", ".*"); - } - if(!configAttributes.containsKey("RiskLevel")){ - configAttributes.put("RiskLevel", ".*"); - } - if(!configAttributes.containsKey("guard")){ - configAttributes.put("guard", ".*"); - } - if(!configAttributes.containsKey("TTLDate")){ - configAttributes.put("TTLDate", ".*"); - } - }else{ - // ConfigAttributes is Null. So add basic values. - configAttributes = new HashMap(); - configAttributes.put("RiskType", ".*"); - configAttributes.put("RiskLevel", ".*"); - configAttributes.put("guard", ".*"); - configAttributes.put("TTLDate", ".*"); - } - for (String key : configAttributes.keySet()) { - if (key.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot have an empty Key"); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +"Cannot have an empty Key"); - } - JsonObjectBuilder resourceBuilder = Json.createObjectBuilder(); - /*if (configAttributes.get(key).matches("[0-9]+")) { - int val = Integer.parseInt(configAttributes.get(key)); - resourceBuilder.add("Value", val); - } else {*/ - resourceBuilder.add("Value", configAttributes.get(key)); - resourceBuilder.add("AttributeId", key); - resourceArray.add(resourceBuilder); - } - }else{ - logger.info("Config Name is not given. "); - } - }else{ - logger.info("Ecomp Name is not given. "); - } - JsonObject model = Json - .createObjectBuilder() - .add("Request", - Json.createObjectBuilder() - .add("AccessSubject", - Json.createObjectBuilder() - .add("Attribute",subjectArray)) - .add("Action", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "ACCESS") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:action:action-id"))) - .add("Resource", - Json.createObjectBuilder() - .add("Attribute", - resourceArray - .add(Json - .createObjectBuilder() - .add("Value", - "Config") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:resource:resource-id"))))) - .build(); - logger.debug("Generated JSON Request is: " + model.toString()); - if(configRequestParameters.getUnique()){ - logger.info("Requested for Unique Result only. "); - unique = true; - } - try { - policyConfig = configResult(generateRequest(model.toString(), configRequestParameters.getRequestID())); - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +e); - } - return policyConfig; - } - - public Collection listConfigRequest(ConfigRequestParameters listRequestParameters, String userID, String passcode) throws PolicyConfigException{ - String resource= "listConfig"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - } - Collection policyConfig = null; - Collection policyList = new ArrayList(); - - unique = false; - if(listRequestParameters==null){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Request Parameters given "); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Request Parameters given."); - } - - if (junit){ - policyList.add("Policy Name: listConfigTest"); - return policyList; - } - - String policyName = listRequestParameters.getPolicyName(); - if(policyName!= null && !policyName.trim().equals("") && !policyName.endsWith("xml")){ - policyName = policyName + ".[\\d].*"; - } - JsonArrayBuilder subjectArray = Json.createArrayBuilder(); - JsonArrayBuilder resourceArray = Json.createArrayBuilder(); - if(listRequestParameters.getPolicyName()!=null){ - JsonObjectBuilder subjectBuilder = Json.createObjectBuilder(); - subjectBuilder.add("Value", policyName); - subjectBuilder.add("AttributeId", "PolicyName"); - subjectArray.add(subjectBuilder); - }else{ - logger.info("PolicyName values are not given. "); - } - if(listRequestParameters.getEcompName()!=null){ - JsonObjectBuilder subjectBuilder = Json.createObjectBuilder(); - subjectBuilder.add("Value", listRequestParameters.getEcompName()); - subjectBuilder.add("AttributeId", "ECOMPName"); - subjectArray.add(subjectBuilder); - if(listRequestParameters.getConfigName()!=null){ - subjectBuilder = Json.createObjectBuilder(); - subjectBuilder.add("Value", listRequestParameters.getConfigName()); - subjectBuilder.add("AttributeId", "ConfigName"); - subjectArray.add(subjectBuilder); - Map configAttributes = listRequestParameters.getConfigAttributes(); - if (configAttributes != null && !configAttributes.isEmpty()) { - if(!configAttributes.containsKey("RiskType")){ - configAttributes.put("RiskType", ".*"); - } - if(!configAttributes.containsKey("RiskLevel")){ - configAttributes.put("RiskLevel", ".*"); - } - if(!configAttributes.containsKey("guard")){ - configAttributes.put("guard", ".*"); - } - if(!configAttributes.containsKey("TTLDate")){ - configAttributes.put("TTLDate", ".*"); - } - }else{ - // ConfigAttributes is Null. So add basic values. - configAttributes = new HashMap(); - configAttributes.put("RiskType", ".*"); - configAttributes.put("RiskLevel", ".*"); - configAttributes.put("guard", ".*"); - configAttributes.put("TTLDate", ".*"); - } - for (String key : configAttributes.keySet()) { - if (key.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot have an empty Key"); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +"Cannot have an empty Key"); - } - JsonObjectBuilder resourceBuilder = Json.createObjectBuilder(); - /*if (configAttributes.get(key).matches("[0-9]+")) { - int val = Integer.parseInt(configAttributes.get(key)); - resourceBuilder.add("Value", val); - } else {*/ - resourceBuilder.add("Value", configAttributes.get(key)); - resourceBuilder.add("AttributeId", key); - resourceArray.add(resourceBuilder); - } - }else{ - logger.info("Config Name is not given. "); - } - }else{ - logger.info("Ecomp Name is not given. "); - } - JsonObject model = Json - .createObjectBuilder() - .add("Request", - Json.createObjectBuilder() - .add("AccessSubject", - Json.createObjectBuilder() - .add("Attribute",subjectArray)) - .add("Action", - Json.createObjectBuilder() - .add("Attribute", - Json.createObjectBuilder() - .add("Value", - "ACCESS") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:action:action-id"))) - .add("Resource", - Json.createObjectBuilder() - .add("Attribute", - resourceArray - .add(Json - .createObjectBuilder() - .add("Value", - "Config") - .add("AttributeId", - "urn:oasis:names:tc:xacml:1.0:resource:resource-id"))))) - .build(); - logger.debug("Generated JSON Request is: " + model.toString()); - if(listRequestParameters.getUnique()){ - logger.info("Requested for Unique Result only. "); - unique = true; - } - try { - policyConfig = configResult(generateRequest(model.toString(), listRequestParameters.getRequestID())); - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new PolicyConfigException(XACMLErrorConstants.ERROR_DATA_ISSUE +e); - } - for(PolicyConfig policy : policyConfig){ - if(policy.getPolicyConfigMessage()!=null && policy.getPolicyConfigMessage().contains("PE300")){ - policyList.add(policy.getPolicyConfigMessage()); - } else { - policyList.add("Policy Name: " + policy.getPolicyName()); - } - } - return policyList; - } - - - - public Collection event(Map eventAttributes, UUID requestID, String userID, String passcode) - throws PolicyEventException { - String resource= "sendEvent"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - throw new PolicyEventException(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - } - Collection policyResponse = null; - if (eventAttributes != null && !eventAttributes.isEmpty()) { - JsonArrayBuilder resourceArray = Json.createArrayBuilder(); - for (String key : eventAttributes.keySet()) { - if (key.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot have an Empty Key"); - throw new PolicyEventException(XACMLErrorConstants.ERROR_DATA_ISSUE +"Cannot have an empty Key"); - } - JsonObjectBuilder resourceBuilder = Json.createObjectBuilder(); - if (eventAttributes.get(key).matches("[0-9]+")) { - int val = Integer.parseInt(eventAttributes.get(key)); - resourceBuilder.add("Value", val); - } else { - resourceBuilder.add("Value", eventAttributes.get(key)); - } - resourceBuilder.add("AttributeId", key); - resourceArray.add(resourceBuilder); - } - JsonObject model = Json - .createObjectBuilder() - .add("Request", - Json.createObjectBuilder().add( - "Resource", - Json.createObjectBuilder().add("Attribute", - resourceArray))).build(); - // Removed Part can be Useful in Future. - /* - * .add("AccessSubject",Json.createObjectBuilder() .add("Attribute", - * subjectArray)) .add("Action", Json.createObjectBuilder() - * .add("Attribute", actionArray)) - */ - // System.out.println(model.toString()); - try { - // StdPolicyResponse stdPolicyResponse = - // generateRequest(model.toString()); - // stdPolicyResponse.setRequestAttributes(eventAttributes); - policyResponse = eventResult(generateRequest(model.toString(), requestID), - eventAttributes); - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new PolicyEventException(XACMLErrorConstants.ERROR_DATA_ISSUE +e); - } - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No event Attributes Given. "); - throw new PolicyEventException(XACMLErrorConstants.ERROR_DATA_ISSUE +"No EventAttributes Given."); - } - return policyResponse; - } - - private Collection generateRequest(String Json, UUID requestID) throws Exception { - Collection results = null; - - Response response = null; - // Create Request. We need XACML API here. - try { - Request request = JSONRequest.load(Json); - String jRequest = JSONRequest.toString(request); - - // Call the PDP - logger.debug("--- Generating Request: ---\n" + jRequest ); - response = callPDP(new ByteArrayInputStream(jRequest.getBytes()), requestID); - - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID + e); - StdStatus stdStatus = new StdStatus(); - results = new HashSet(); - stdStatus.setStatus("Unable to Call PDP. Error with the URL", - PolicyResponseStatus.NO_ACTION_REQUIRED, - PolicyConfigStatus.CONFIG_NOT_FOUND); - results.add(stdStatus); - throw new Exception(e); - } - - if(this.UEBThread){ - this.UEBThread = registerUEBThread.isAlive(); - } - if (response != null) { - results = checkResponse(response); - // TODO Starting Auto Client Here. - if (notificationType.get(0).equals("ueb") && !this.UEBThread){ - this.UEBClientThread = new AutoClientUEB(pdps.get(0), uebURLList); - this.registerUEBThread = new Thread(this.UEBClientThread); - this.registerUEBThread.start(); - this.UEBThread = true; - - }else { - if(AutoClientEnd.getURL()==null){ - AutoClientEnd.start(pdps.get(0)); - }else if(AutoClientEnd.getURL()!=pdps.get(0)){ - AutoClientEnd.stop(); - AutoClientEnd.start(pdps.get(0)); - } - } - } else { - logger.debug("No Response Received from PDP"); - StdStatus stdStatus = new StdStatus(); - results = new HashSet(); - stdStatus.setStatus("No Response Received", - PolicyResponseStatus.NO_ACTION_REQUIRED, - PolicyConfigStatus.CONFIG_NOT_FOUND); - results.add(stdStatus); - } - - return results; - } - - private Response callPDP(ByteArrayInputStream input, UUID requestID) throws Exception { - Response response = null; - HttpURLConnection connection = null; - responseCode = 0; - // Checking for the available PDPs is done during the first Request and - // the List is going to have the connected PDP as first element. - // This makes it Real-Time to change the list depending on their - // availability. - if (pdps == null || pdps.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "PDPs List is Empty."); - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"PDPs List is empty."); - } else { - int pdpsCount = 0; - boolean connected = false; - while (pdpsCount < pdps.size()) { - input.reset(); - try { - String urlValue = pdps.get(0); - URL url = new URL(urlValue); - logger.debug("--- Sending Request to PDP : "+ url.toString() + " ---"); - connection = (HttpURLConnection) url.openConnection(); - // Setting Content-Type - connection.setRequestProperty("Content-Type","application/json"); - // Adding Authorization - connection.setRequestProperty("Authorization", "Basic " + encoding.get(0)); - // Adding Environment. - connection.setRequestProperty("Environment", environment); - // Adding RequestID - if (requestID == null) { - requestID = UUID.randomUUID(); - logger.info("No request ID provided, sending generated ID: " + requestID.toString()); - } else { - logger.info("Using provided request ID: " + requestID.toString()); - } - connection.setRequestProperty("X-ECOMP-RequestID", requestID.toString()); - // Setting up connection method and headers. - connection.setRequestMethod("POST"); - connection.setUseCaches(false); - connection.setInstanceFollowRedirects(false); - connection.setDoOutput(true); - connection.setDoInput(true); - OutputStream os = connection.getOutputStream(); - IOUtils.copy(input, os); - - - connection.connect(); - responseCode = connection.getResponseCode(); - // If Connected to a PDP Then break from the loop and - // continue with the Request. - if (connection.getResponseCode() == 200 || junit) { - connected = true; - break; - } else { - logger.debug(XACMLErrorConstants.ERROR_PERMISSIONS+ "PDP Response Code : " + connection.getResponseCode()); - Collections.rotate(pdps, -1); - Collections.rotate(encoding, -1); - } - } catch (Exception e) { - // This means that the PDP is not working and needs to - // Re-Order our List and Connect to the next one. - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PDP connection Error : " + e); - Collections.rotate(pdps, -1); - Collections.rotate(encoding, -1); - } - pdpsCount++; - } - if (connected) { - // Read the Response - // System.out.println("connected to PDP : " + pdps.get(0)); - logger.debug("connected to PDP : " + pdps.get(0)); - logger.debug("--- Response: ---"); - Map> headers = connection.getHeaderFields(); - for(String key : headers.keySet()){ - logger.debug("Header : " + key + " Value: " + headers.get(key)); - } - try { - if (connection.getResponseCode() == 200 || junit) { - // Read the Response - ContentType contentType = null; - try { - contentType = ContentType.parse(connection - .getContentType()); - if (contentType.getMimeType().equalsIgnoreCase( - ContentType.APPLICATION_JSON.getMimeType())) { - if(junit){ - response = JSONResponse.load(getJsonResponseString()); - } else { - response = JSONResponse.load(connection.getInputStream()); - } - logger.debug(response + "\n---"); - } else { - logger.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID + "Unknown Content-Type: " - + contentType); - throw new Exception(XACMLErrorConstants.ERROR_SCHEMA_INVALID + "Unknown Content-Type: " - + contentType); - } - } catch (Exception e) { - String message = XACMLErrorConstants.ERROR_SCHEMA_INVALID + "Parsing Content-Type: " - + connection.getContentType() + ", error=" - + e; - logger.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID + e); - throw new Exception(message, e); - } - } else { - throw new Exception(XACMLErrorConstants.ERROR_PERMISSIONS+ "ERROR response code of the URL " + pdps.get(0) + " is " - + connection.getResponseCode()); - } - } catch (IOException e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"Error in Connecting to the PDP ", e); - } - return response; - } else { - if(junit){ - response = JSONResponse.load(getJsonResponseString()); - return response; - } - throw new Exception(XACMLErrorConstants.ERROR_PERMISSIONS+ "Unable to get valid Response from PDP(s) " + pdps); - } - } - } - - private Collection checkResponse(Response response) - throws Exception { - - String pdpConfigURL = null; - - Collection combinedResult = new HashSet(); - int priority = defaultPriority; - Map uniqueResult = new HashMap(); - for (Result result : response.getResults()) { - if (!result.getDecision().equals(Decision.PERMIT)) { - logger.debug("Decision not a Permit. " + result.getDecision().toString()); - StdStatus stdStatus = new StdStatus(); - if (decide) { - stdStatus.setDecision(PolicyDecision.DENY); - for(Advice advice: result.getAssociatedAdvice()){ - for(AttributeAssignment attribute: advice.getAttributeAssignments()){ - stdStatus.setDetails(attribute.getAttributeValue().getValue().toString()); - break; - } - } - combinedResult.add(stdStatus); - return combinedResult; - } - stdStatus.setStatus(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Params passed: Decision not a Permit.",PolicyResponseStatus.NO_ACTION_REQUIRED,PolicyConfigStatus.CONFIG_NOT_FOUND); - combinedResult.add(stdStatus); - return combinedResult; - } else { - if (decide) { - // check for Decision for decision based calls. - StdStatus stdStatus = new StdStatus(); - stdStatus.setDecision(PolicyDecision.PERMIT); - stdStatus.setDetails("Decision Permit. OK!"); - combinedResult.add(stdStatus); - return combinedResult; - } - if (!result.getAssociatedAdvice().isEmpty()) { - // @ TODO Add advice actions - // Configurations should be in advice. + Also PDP took - // actions could be here. - for (Advice advice : result.getAssociatedAdvice()) { - int config = 0, uri = 0; - String configURL = null; - String policyName = null; - String policyVersion = null; - Map matchingConditions = new HashMap(); - match = new Matches(); - Map configAttributes = new HashMap(); - Map responseAttributes = new HashMap(); - Map actionTaken = new HashMap(); - StdStatus stdStatus = new StdStatus(); - Map adviseAttributes = new HashMap(); - for (AttributeAssignment attribute : advice.getAttributeAssignments()) { - adviseAttributes.put(attribute.getAttributeId().stringValue(), attribute.getAttributeValue().getValue().toString()); - if (attribute.getAttributeValue().getValue().toString().equalsIgnoreCase("CONFIGURATION")) { - config++; - } else if (attribute.getDataTypeId().stringValue().endsWith("anyURI")) { - uri++; - if (uri == 1) { - configURL = attribute.getAttributeValue().getValue().toString(); - String currentUsedPDP = pdps.get(0); - int pos = (pdps.get(0)).lastIndexOf("/"); - String configURLPath = currentUsedPDP.substring(0, pos); - int pos1 = configURLPath.lastIndexOf("/"); - String pdpConfigURLPath = configURLPath.substring(0, pos1 + 1); - pdpConfigURL = configURL.replace("$URL", pdpConfigURLPath); - } else { - if (!(attribute.getIssuer().equalsIgnoreCase("PDP"))) { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error having multiple URI in the Policy"); - } - } - } else if (attribute.getAttributeId().stringValue() - .equalsIgnoreCase("PolicyName")) { - policyName = attribute.getAttributeValue() - .getValue().toString(); - } else if (attribute.getAttributeId().stringValue() - .equalsIgnoreCase("VersionNumber")) { - policyVersion = attribute.getAttributeValue() - .getValue().toString(); - } else if (attribute.getAttributeId().stringValue().equalsIgnoreCase("Priority")){ - try{ - priority = Integer.parseInt(attribute.getAttributeValue().getValue().toString()); - } catch(Exception e){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE+ "Unable to Parse Integer for Priority. Setting to default value"); - priority = defaultPriority; - } - } else if (attribute.getAttributeId().stringValue() - .startsWith("matching")) { - matchingConditions.put(attribute - .getAttributeId().stringValue() - .replaceFirst("(matching).", ""), - attribute.getAttributeValue() - .getValue().toString()); - if (attribute.getAttributeId().stringValue() - .replaceFirst("(matching).", "") - .equals("ECOMPName")) { - match.setEcompName(attribute - .getAttributeValue().getValue() - .toString()); - } else if (attribute.getAttributeId() - .stringValue() - .replaceFirst("(matching).", "") - .equals("ConfigName")) { - match.setConfigName(attribute - .getAttributeValue().getValue() - .toString()); - } else { - configAttributes.put(attribute - .getAttributeId().stringValue() - .replaceFirst("(matching).", ""), - attribute.getAttributeValue() - .getValue().toString()); - } - } else if (attribute.getAttributeId().stringValue().startsWith("key:")) { - responseAttributes.put(attribute - .getAttributeId().stringValue() - .replaceFirst("(key).", ""), - attribute.getAttributeValue() - .getValue().toString()); - } - } - if (!configAttributes.isEmpty()) { - match.setConfigAttributes(configAttributes); - } - if ((config == 1) && (uri == 1)) { - // If there is a configuration. - try { - logger.debug("Configuration Call to : " - + configURL); - stdStatus = ConfigCall(pdpConfigURL); - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW+ e); - stdStatus - .setStatus( - "Error in Calling the Configuration URL " - + e, - PolicyResponseStatus.NO_ACTION_REQUIRED, - PolicyConfigStatus.CONFIG_NOT_FOUND); - } - stdStatus.setPolicyName(policyName); - stdStatus.setPolicyVersion(policyVersion); - stdStatus.setMatchingConditions(matchingConditions); - stdStatus.setResposneAttributes(responseAttributes); - if(!unique){ - combinedResult.add(stdStatus); - }else{ - if(!uniqueResult.isEmpty()){ - if(uniqueResult.containsKey(priority)){ - // Not any more unique, check the matching conditions size - int oldSize = uniqueResult.get(priority).getMatchingConditions().size(); - int newSize = matchingConditions.size(); - if(oldSize < newSize){ - uniqueResult.put(priority, stdStatus); - }else if(oldSize == newSize){ - stdStatus = new StdStatus(); - stdStatus.setStatus("Two/more Policies have Same Priority and matching conditions, Please correct your policies.", PolicyResponseStatus.NO_ACTION_REQUIRED, - PolicyConfigStatus.CONFIG_NOT_FOUND); - combinedResult.add(stdStatus); - unique = false; - return combinedResult; - } - }else{ - uniqueResult.put(priority, stdStatus); - } - }else{ - uniqueResult.put(priority, stdStatus); - } - } - } else { - // Else it is Action Taken. - logger.info("Action Taken by PDP. "); - actionTaken.putAll(adviseAttributes); - stdStatus.setActionTaken(actionTaken); - stdStatus.setPolicyResponseStatus( - "Action Taken by the PDP", - PolicyResponseStatus.ACTION_TAKEN); - combinedResult.add(stdStatus); - } - } - } - if (!result.getObligations().isEmpty()) { - // @ TODO add Obligation actions - // Action advised should be in obligations. - for (Obligation obligation : result.getObligations()) { - Map actionAdvised = new HashMap(); - StdStatus stdStatus = new StdStatus(); - for (AttributeAssignment attribute : obligation - .getAttributeAssignments()) { - actionAdvised.put(attribute.getAttributeId() - .stringValue(), attribute - .getAttributeValue().getValue().toString()); - } - stdStatus.setActionAdvised(actionAdvised); - stdStatus.setPolicyResponseStatus( - "Action has been Advised ", - PolicyResponseStatus.ACTION_ADVISED); - combinedResult.add(stdStatus); - } - } - } - } - if(unique){ - // Select Unique policy. - int minNum = defaultPriority; - for(int num: uniqueResult.keySet()){ - if(num < minNum){ - minNum = num; - } - } - combinedResult.add(uniqueResult.get(minNum)); - // Turn off Unique - unique = false; - } - - return combinedResult; - } - - private StdStatus ConfigCall(String stringURL) throws Exception { - StdStatus stdStatus = new StdStatus(); - try { - URL configURL = new URL(stringURL); - URLConnection connection = null; - try { - connection = configURL.openConnection(); - if (stringURL.endsWith("json")) { - stdStatus.setPolicyType(PolicyType.JSON); - JsonReader jsonReader = Json.createReader(connection - .getInputStream()); - stdStatus.setJsonObject(jsonReader.readObject()); - jsonReader.close(); - logger.info("config Retrieved "); - stdStatus.setStatus("Config Retrieved from: " + configURL, - PolicyResponseStatus.NO_ACTION_REQUIRED, - PolicyConfigStatus.CONFIG_RETRIEVED); - try { - MatchStore.storeMatch(match); - } catch (Exception e) { - logger.info("StoreMatch failed for Ecomp:" - + match.getEcompName() + " Config: " - + match.getConfigName()); - } - return stdStatus; - } else if (stringURL.endsWith("xml")) { - stdStatus.setPolicyType(PolicyType.XML); - DocumentBuilderFactory dbf = DocumentBuilderFactory - .newInstance(); - DocumentBuilder db = null; - try { - db = dbf.newDocumentBuilder(); - Document config = db.parse(connection.getInputStream()); - stdStatus.setDocument(config); - } catch (ParserConfigurationException e) { - logger.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID + e); - throw new Exception(XACMLErrorConstants.ERROR_SCHEMA_INVALID + "Unable to create Document Object", - e); - } catch (SAXException e) { - logger.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID+ e); - throw new Exception(XACMLErrorConstants.ERROR_SCHEMA_INVALID+ "Unable to parse the XML config", e); - } - logger.info("config Retrieved "); - stdStatus.setStatus("Config Retrieved from: " + configURL, - PolicyResponseStatus.NO_ACTION_REQUIRED, - PolicyConfigStatus.CONFIG_RETRIEVED); - try { - MatchStore.storeMatch(match); - } catch (Exception e) { - logger.info("StoreMatch failed for Ecomp:" - + match.getEcompName() + " Config: " - + match.getConfigName()); - } - return stdStatus; - } else if (stringURL.endsWith("properties")) { - stdStatus.setPolicyType(PolicyType.PROPERTIES); - Properties configProp = new Properties(); - configProp.load(connection.getInputStream()); - stdStatus.setProperties(configProp); - logger.info("config Retrieved "); - stdStatus.setStatus("Config Retrieved from: " + configURL, - PolicyResponseStatus.NO_ACTION_REQUIRED, - PolicyConfigStatus.CONFIG_RETRIEVED); - try { - MatchStore.storeMatch(match); - } catch (Exception e) { - logger.info("StoreMatch failed for Ecomp:" - + match.getEcompName() + " Config: " - + match.getConfigName()); - } - return stdStatus; - } else if (stringURL.endsWith("txt")) { - stdStatus.setPolicyType(PolicyType.OTHER); - InputStream in = connection.getInputStream(); - String other = IOUtils.toString(in); - IOUtils.closeQuietly(in); - stdStatus.setOther(other); - logger.info("config Retrieved "); - stdStatus.setStatus("Config Retrieved from: " + configURL, - PolicyResponseStatus.NO_ACTION_REQUIRED, - PolicyConfigStatus.CONFIG_RETRIEVED); - try { - MatchStore.storeMatch(match); - } catch (Exception e) { - logger.info("StoreMatch failed for Ecomp:" - + match.getEcompName() + " Config: " - + match.getConfigName()); - } - return stdStatus; - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Config Not Found"); - stdStatus - .setPolicyConfigStatus(PolicyConfigStatus.CONFIG_NOT_FOUND); - stdStatus - .setConfigStatus("Illegal form of Configuration Type Found."); - return stdStatus; - } - } catch (IOException e) { - logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + e); - throw new Exception(XACMLErrorConstants.ERROR_PROCESS_FLOW + - "Cannot open a connection to the configURL", e); - } - } catch (MalformedURLException e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error in ConfigURL", e); - } - } - - private void setProperty(String propertyFilePath) - throws PolicyEngineException { - this.propertyFilePath = propertyFilePath; - if (this.propertyFilePath == null) { - // This is only for testing purpose. Or We will add a default PDP - // address here. - // url_default = "http://localhost:8080/pdp/"; - // The General Error Message is Below. - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error NO PropertyFile Path provided"); - } else { - // Adding logic for remote Properties file. - Properties prop = new Properties(); - if (propertyFilePath.startsWith("http")) { - URL configURL; - try { - configURL = new URL(propertyFilePath); - URLConnection connection = null; - connection = configURL.openConnection(); - prop.load(connection.getInputStream()); - } catch (IOException e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Maformed property URL "+ e.getMessage()); - } - } else { - Path file = Paths.get(propertyFilePath); - if (Files.notExists(file)) { - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "File doesn't exist in the specified Path " + file.toString()); - } - if (file.toString().endsWith(".properties")) { - InputStream in; - prop = new Properties(); - try { - in = new FileInputStream(file.toFile()); - prop.load(in); - } catch (IOException e) { - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Cannot Load the Properties file", e); - } - } else { - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file " + propertyFilePath); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file"); - } - } - // UEB Settings - String check_type = prop.getProperty("NOTIFICATION_TYPE"); - String serverList = prop.getProperty("NOTIFICATION_UEB_SERVERS"); - if(check_type==null) { - notificationType.add("websocket"); - logger.info("Properties file doesn't have the NOTIFICATION_TYPE parameter system will use defualt websockets"); - }else{ - if(check_type.contains(",")) { - type_default = new ArrayList(Arrays.asList(prop.getProperty("NOTIFICATION_TYPE").split(","))); - notificationType = type_default; - } else { - notificationType = new ArrayList(); - notificationType.add(check_type); - } - } - if(serverList==null) { - notificationType.clear(); - notificationType.add("websocket"); - logger.info("Properties file doesn't have the NOTIFICATION_UEB_SERVERS parameter system will use defualt websockets"); - }else{ - if(serverList.contains(",")) { - uebURLList = new ArrayList(Arrays.asList(prop.getProperty("NOTIFICATION_UEB_SERVERS").split(","))); - } else { - uebURLList = new ArrayList(); - uebURLList.add(serverList); - } - } - // Client ID Authorization Settings. - String clientID = prop.getProperty("CLIENT_ID"); - String clientKey = prop.getProperty("CLIENT_KEY"); - userName = clientID; - pass = clientKey; - pyPDPClientFile = prop.getProperty("CLIENT_FILE"); - environment = prop.getProperty("ENVIRONMENT", "DEVL"); - /*try { - aafClient = AAFPolicyClient.getInstance(prop); - } catch (AAFPolicyException e) { - logger.error(XACMLErrorConstants.ERROR_UNKNOWN + e.getMessage()); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_UNKNOWN + e); - }*/ - // Initializing the values. - pdps = new ArrayList(); - paps = new ArrayList(); - encoding = new ArrayList(); - encodingPAP = new ArrayList(); - // Check the Keys for PDP_URLs - Collection unsorted = prop.keySet(); - @SuppressWarnings({ "rawtypes", "unchecked" }) - List sorted = new ArrayList(unsorted); - Collections.sort(sorted); - for (String propKey : sorted) { - if (propKey.startsWith("PDP_URL")) { - String check_val = prop.getProperty(propKey); - if (check_val == null) { - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Properties file doesn't have the PDP_URL parameter"); - } - if (check_val.contains(";")) { - pdp_default = new ArrayList(Arrays.asList(check_val.split("\\s*;\\s*"))); - int pdpCount = 0; - while (pdpCount < pdp_default.size()) { - String pdpVal = pdp_default.get(pdpCount); - readPDPParam(pdpVal); - pdpCount++; - } - } else { - readPDPParam(check_val); - } - } else if (propKey.startsWith("PAP_URL")) { - String check_val = prop.getProperty(propKey); - if (check_val == null) { - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Properties file doesn't have the PAP_URL parameter"); - } - if (check_val.contains(";")) { - pap_default = new ArrayList(Arrays.asList(check_val.split("\\s*;\\s*"))); - int papCount = 0; - while (papCount < pap_default.size()) { - String papVal = pap_default.get(papCount); - readPAPParam(papVal); - papCount++; - } - } else { - readPAPParam(check_val); - } - } - } - if (pdps == null || pdps.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed without PDP_URLs"); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed without PDP_URLs"); - } - - if (paps == null || paps.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed without PAP_URLs"); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed with out PAP_URLs"); - } - - // Get JUNIT property from properties file when running tests - String junit = prop.getProperty("JUNIT"); - if(junit == null || junit.isEmpty()){ - logger.info("No JUNIT property provided, this will not be executed as a test."); - }else{ - if(junit.equals("test")){ - this.junit = true; - } else { - this.junit = false; - } - } - } - } - - /* - * Read the PDP_URL parameter - */ - private void readPDPParam(String pdpVal) throws PolicyEngineException{ - if(pdpVal.contains(",")){ - List pdpValues = new ArrayList(Arrays.asList(pdpVal.split("\\s*,\\s*"))); - if(pdpValues.size()==3){ - // 0 - PDPURL - pdps.add(pdpValues.get(0)); - // 1:2 will be UserID:Password - String userID = pdpValues.get(1); - String pass = pdpValues.get(2); - Base64.Encoder encoder = Base64.getEncoder(); - encoding.add(encoder.encodeToString((userID+":"+pass).getBytes(StandardCharsets.UTF_8))); - }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Credentials to send Request: " + pdpValues); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No enough Credentials to send Request. " + pdpValues); - } - }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "PDP value is improper/missing required values: " + pdpVal); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "PDP value is improper/missing required values."); - } - } - - /* - * Read the PAP_URL parameter - */ - private void readPAPParam(String papVal) throws PolicyEngineException{ - if(papVal.contains(",")){ - List papValues = new ArrayList(Arrays.asList(papVal.split("\\s*,\\s*"))); - if(papValues.size()==3){ - // 0 - PAPURL - paps.add(papValues.get(0)); - // 1:2 will be UserID:Password - String userID = papValues.get(1); - String pass = papValues.get(2); - Base64.Encoder encoder = Base64.getEncoder(); - encodingPAP.add(encoder.encodeToString((userID+":"+pass).getBytes(StandardCharsets.UTF_8))); - }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Credentials to send Request: " + papValues); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No enough Credentials to send Request. " + papValues); - } - }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Credentials to send Request: " + papVal); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No enough Credentials to send Request."); - } - } - /* - * Allowing changes to the scheme and Handler. - */ - public void notification(NotificationScheme scheme, NotificationHandler handler) { - this.scheme = scheme; - this.handler = handler; - logger.debug("Scheme is : " + scheme.toString()); - logger.debug("Handler is : " + handler.getClass().getName()); - if (!notificationType.get(0).equals("ueb")){ - AutoClientEnd.setAuto(scheme, handler); - }else { - if (this.UEBThread){ - UEBClientThread.setAuto(scheme, handler); - this.UEBThread = registerUEBThread.isAlive(); - } - } - - //TODO This could also be a Start point for Auto Notifications.. - if(pdps!=null){ - if (notificationType.get(0).equals("ueb") && !this.UEBThread){ - this.UEBClientThread = new AutoClientUEB(pdps.get(0), uebURLList); - this.UEBClientThread.setAuto(scheme, handler); - this.registerUEBThread = new Thread(this.UEBClientThread); - this.registerUEBThread.start(); - this.UEBThread = true; - } - if (!notificationType.get(0).equals("ueb")){ - if(pdps.get(0)!=null){ - if(AutoClientEnd.getURL()==null){ - AutoClientEnd.start(pdps.get(0)); - }else { - AutoClientEnd.stop(); - AutoClientEnd.start(pdps.get(0)); - } - } - } - } - } - - /* - * Gets the Notification if one exists. Used only for Manual Polling - * purposes. - */ - public PDPNotification getNotification(){ - //TODO manual Polling - //Check if there is proper scheme.. - PDPNotification notification = null; - if(this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS) || this.scheme.equals(NotificationScheme.MANUAL_NOTIFICATIONS)) { - if (notificationType.get(0).equals("ueb")){ - ManualClientEndUEB.start(pdps.get(0), uebURLList, uniqueID); - notification = ManualClientEndUEB.result(scheme); - }else{ - ManualClientEnd.start(pdps.get(0)); - logger.debug("manual notification requested.. : " + scheme.toString()); - notification = ManualClientEnd.result(scheme); - } - - if (notification == null){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Notification yet.."); - return null; - } else { - return notification; - } - - }else { - return null; - } - } - - /* - * Setting the Scheme. - */ - public void setScheme(NotificationScheme scheme) { - this.scheme = scheme; - if (notificationType.get(0).equals("ueb")){ - AutoClientUEB.setScheme(this.scheme); - if (this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS)){ - ManualClientEndUEB.createTopic(pdps.get(0), uniqueID, uebURLList); - } - }else{ - AutoClientEnd.setScheme(this.scheme); - } - } - - /* - * Returns the Scheme - */ - public NotificationScheme getScheme() { - return this.scheme; - } - - /* - * Returns the NotificationHandler - */ - public NotificationHandler getNotificationHandler() { - return this.handler; - } - - private Collection configResult( - Collection generateRequest) { - Collection result = new HashSet(); - if (generateRequest == null) { - return null; - } - if (!generateRequest.isEmpty()) { - for (StdStatus stdStatus : generateRequest) { - PolicyConfig policyConfig = new StdPolicyConfig(); - policyConfig = stdStatus; - result.add(policyConfig); - } - } - return result; - } - - private Collection eventResult( - Collection generateRequest, - Map eventAttributes) { - Collection result = new HashSet(); - if (generateRequest == null) { - return null; - } - if (!generateRequest.isEmpty()) { - for (StdStatus stdStatus : generateRequest) { - StdPolicyResponse policyResponse = new StdPolicyResponse(); - policyResponse = stdStatus; - policyResponse.setRequestAttributes(eventAttributes); - result.add(policyResponse); - } - } - return result; - } - - private DecisionResponse decisionResult(Collection generateRequest) { - StdDecisionResponse policyDecision = new StdDecisionResponse(); - if (generateRequest == null) { - return policyDecision; - } - if (!generateRequest.isEmpty()) { - for (StdStatus stdStatus : generateRequest) { - policyDecision.setDecision(stdStatus.getDecision()); - policyDecision.setDetails(stdStatus.getDetails()); - } - } - return policyDecision; - } - - /* - * Stop the Notification Service if its running. - */ - public void stopNotification() { - if (this.scheme != null && this.handler != null) { - if (this.scheme.equals(NotificationScheme.AUTO_ALL_NOTIFICATIONS) - || this.scheme - .equals(NotificationScheme.AUTO_NOTIFICATIONS)) { - logger.info("Clear Notification called.. "); - if (notificationType.get(0).equals("ueb")){ - this.UEBClientThread.terminate(); - this.UEBThread = false; - }else{ - AutoClientEnd.stop(); - } - } - } - } - - /* - * Create Config Policy API Implementation - */ - public String createConfigPolicy(String policyName, String policyDescription, String ecompName, String configName, - Map configAttributes, String configType, String body, String policyScope, UUID requestID, - String riskLevel, String riskType, String guard, String ttlDate) throws Exception { - return createConfigPolicy(policyName,policyDescription, ecompName, configName, - configAttributes, configType, body, policyScope, requestID, userName , pass, riskLevel, riskType, guard, ttlDate); - } - - public String createConfigPolicy(String policyName, String policyDescription, String ecompName, String configName, - Map configAttributes, String configType, String body, String policyScope, UUID requestID, String userID, String passcode, - String riskLevel, String riskType, String guard, String ttlDate) throws Exception { - - String response = null; - String configBody = null; - String resource= "createPolicy"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response = XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource; - return response; - } - - //check body for JSON form and remove single quotes if present - if (configType.equalsIgnoreCase("JSON")) { - if (body.contains("'")) { - configBody = body.replace("'", "\""); - } else { - configBody = body; - } - } else { - configBody = body; - } - - boolean levelCheck = isNumeric(riskLevel); - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (ecompName==null||ecompName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No ECOMP Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No ECOMP Name given."; - } else if (configName==null||configName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Config Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Config Name given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if (!levelCheck){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."; - }else { - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy("Base", policyName, policyDescription, ecompName, configName, configAttributes, configType, - configBody, false, policyScope,0, riskLevel, riskType, guard, ttlDate); - - //send JSON object to PAP - response = (String) callPAP(newPAPPolicy, new String[] {"operation=create", "apiflag=api", "policyType=Config"}, requestID, "Config"); - } - return response; - - } - - /* - * Create Config Policy API Implementation - */ - public String updateConfigPolicy(String policyName, String policyDescription, String ecompName, String configName, - Map configAttributes, String configType, String body, String policyScope, UUID requestID, - String riskLevel, String riskType, String guard, String ttlDate) throws Exception { - return updateConfigPolicy(policyName, policyDescription, ecompName, configName, - configAttributes, configType, body, policyScope, requestID, userName, pass, riskLevel, riskType, guard, ttlDate); - } - - public String updateConfigPolicy(String policyName, String policyDescription, String ecompName, String configName, - Map configAttributes, String configType, String body, String policyScope, - UUID requestID, String userID, String passcode,String riskLevel, String riskType, String guard, - String ttlDate) throws Exception { - - String response = null; - String configBody = null; - String resource= "updatePolicy"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response = XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource; - return response; - } - //check body for JSON form and remove single quotes if present - if (configType.equalsIgnoreCase("JSON")) { - if (body.contains("'")) { - configBody = body.replace("'", "\""); - } else { - configBody = body; - } - } else { - configBody = body; - } - - boolean levelCheck = isNumeric(riskLevel); - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (ecompName==null||ecompName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No ECOMP Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No ECOMP Name given."; - } else if (configName==null||configName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Config Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Config Name given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if (!levelCheck){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."; - } else { - - //set values for basic policy information - String policyType = "Config"; - String configPolicyType = "base"; - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy(configPolicyType, policyName, policyDescription, ecompName, configName, configAttributes, configType, - configBody, true, policyScope,0, riskLevel, riskType, guard, ttlDate); - - //send JSON object to PAP - response = (String) callPAP(newPAPPolicy, new String[] {"operation=update", "apiflag=api", "policyType=" + policyType}, requestID, "Config"); - - } - return response; - - } - - - /* - * Create Config Firewall Policy API implementation - */ - public String createConfigFirewallPolicy(String policyName, JsonObject firewallJson, String policyScope, UUID requestID, - String riskLevel, String riskType, String guard, String ttlDate) throws Exception { - return createConfigFirewallPolicy(policyName, firewallJson, policyScope, requestID, userName, pass, riskLevel, riskType, guard, ttlDate); - } - - public String createConfigFirewallPolicy(String policyName, JsonObject firewallJson, String policyScope, UUID requestID, String userID, String passcode, - String riskLevel, String riskType, String guard, String ttlDate) throws Exception { - - String response = null; - String resource= "createPolicy"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response = XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource; - return response; - } - - //set values for basic policy information - String configName = firewallJson.get("configName").toString(); - //String configDescription = firewallJson.get("configDescription").toString(); - String configDescription = ""; - String json = firewallJson.toString(); - - boolean levelCheck = isNumeric(riskLevel); - - if (!isJSONValid(json)) { - logger.error(XACMLErrorConstants.ERROR_SCHEMA_INVALID + "Invalid JSON for firewallJson: " + json); - throw new PolicyDecisionException(XACMLErrorConstants.ERROR_SCHEMA_INVALID + "Invalid JSON for firewallJson: " + json); - } - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if (!levelCheck){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."; - } else { - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy("Firewall Config", policyName, configDescription, configName, false, policyScope, json, 0, - riskLevel, riskType, guard, ttlDate); - - //send JSON object to PAP - response = (String) callPAP(newPAPPolicy, new String[] {"operation=create", "apiflag=api", "policyType=Config"}, requestID, "ConfigFirewall"); - } - - return response; - } - - /* - * Update Config Firewall Policy API implementation - */ - public String updateConfigFirewallPolicy(String policyName, JsonObject firewallJson, String policyScope, UUID requestID, String riskLevel, String riskType, - String guard, String ttlDate) throws Exception { - return updateConfigFirewallPolicy(policyName, firewallJson, policyScope, requestID, userName, pass, riskLevel, riskType, guard, ttlDate); - } - - public String updateConfigFirewallPolicy(String policyName, JsonObject firewallJson, String policyScope, UUID requestID, String userID, String passcode, - String riskLevel, String riskType, String guard, String ttlDate) throws Exception { - - String response = null; - String resource= "updatePolicy"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response = XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource; - return response; - } - String configName = firewallJson.get("configName").toString(); - //String configDescription = firewallJson.get("configDescription").toString(); - String configDescription = ""; //ASK Lak about this...**** - String json = firewallJson.toString(); - boolean levelCheck = isNumeric(riskLevel); - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if (!levelCheck){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."; - } else { - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy("Firewall Config", policyName, configDescription, configName, true, policyScope, json, 0, - riskLevel, riskType, guard, ttlDate); - - //send JSON object to PAP - response = (String) callPAP(newPAPPolicy, new String[] {"operation=update", "apiflag=api", "policyType=Config"}, requestID, "ConfigFirewall"); - } - - return response; - } - - /* - * Create or Update BRMS Raw Config Policy API implementation - */ - public String createUpdateBRMSRawPolicy(String policyName, - String policyDescription, - Map> dyanamicFieldConfigAttributes, - String brmsRawBody, - String policyScope, - Boolean isEdit, - UUID requestID, - String riskLevel, - String riskType, - String guard, - String ttlDate) { - - String response = null; - String operation = null; - - - if (isEdit){ - operation = "update"; - } else { - operation = "create"; - } - - boolean levelCheck = isNumeric(riskLevel); - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if(policyDescription==null || policyDescription.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No policyDescription given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No policyDescription given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if (brmsRawBody==null ||brmsRawBody.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No rule body given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No rule body given."; - } else if (!levelCheck){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."; - } else { - /*String configPolicyType, String policyName, String description, - String configName, Boolean editPolicy, String domain, - Map dyanamicFieldConfigAttributes, Integer highestVersion, String eCompName, - String configBodyData*/ - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy("BRMS_Raw",policyName,policyDescription, - "BRMS_RAW_RULE",isEdit,policyScope, - dyanamicFieldConfigAttributes.get(AttributeType.RULE), 0, "DROOLS", - brmsRawBody, riskLevel, riskType, guard, ttlDate); - - //send JSON object to PAP - try { - response = (String) callPAP(newPAPPolicy, new String[] {"operation="+operation, "apiflag=api", "policyType=Config"}, requestID, "ConfigBrmsRaw"); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - return response; - } - - /* - * Create or Update BRMS Param Config Policy API implementation - */ - public String createUpdateBRMSParamPolicy(String policyName, - String policyDescription, - Map> dyanamicFieldConfigAttributes, - String brmsRawBody, - String policyScope, - Boolean isEdit, - UUID requestID, - Map> drlRuleAndUIParams, - String riskLevel, String riskType, String guard, String ttlDate) { - - String response = null; - String operation = null; - - - if (isEdit){ - operation = "update"; - } else { - operation = "create"; - } - - boolean levelCheck = isNumeric(riskLevel); - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if(policyDescription==null || policyDescription.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No policyDescription given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No policyDescription given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if ((dyanamicFieldConfigAttributes==null)){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Rule Attributes given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Rule Attributes given."; - } else if (!levelCheck){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."; - }else { - /*public StdPAPPolicy (String configPolicyType, String policyName, String description, - String configName, Boolean editPolicy, String domain, - Map dyanamicFieldConfigAttributes, Integer highestVersion, String eCompName, - String configBodyData,Map drlRuleAndUIParams) */ - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy("BRMS_Param",policyName,policyDescription, - "BRMS_PARAM_RULE",isEdit,policyScope, - drlRuleAndUIParams.get(AttributeType.MATCHING), 0, "DROOLS", - brmsRawBody, drlRuleAndUIParams.get(AttributeType.RULE), riskLevel, riskType, guard, ttlDate); - - //send JSON object to PAP - try { - response = (String) callPAP(newPAPPolicy, new String[] {"operation="+operation, "apiflag=api", "policyType=Config"}, requestID, "ConfigBrmsParam"); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - return response; - } - - /* - * Create or Update Action Policy API implementation - */ - public String createUpdateActionPolicy(String policyName, String policyDescription, Map componentAttributes, List dynamicRuleAlgorithmLabels, - List dynamicRuleAlgorithmField1, List dynamicRuleAlgorithmFunctions, List dynamicRuleAlgorithmField2, - String actionPerformer, String actionAttribute, String policyScope, Boolean isEdit, UUID requestID) { - - String response = null; - String operation = null; - - if (isEdit){ - operation = "update"; - } else { - operation = "create"; - } - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - return response; - } else if (componentAttributes==null||componentAttributes.equals("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Component Attributes given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Component Attributes given."; - return response; - } else if (actionAttribute==null||actionAttribute.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Action Attribute given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Action Attribute given."; - return response; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - return response; - } else if (actionPerformer==null||actionPerformer.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Action Performer given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Action Performer given."; - return response; - } else if (!actionPerformer.equals("PEP")) { - if (!actionPerformer.equals("PDP")) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid Action Performer given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid Action Performer given."; - return response; - } - } - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy(policyName, policyDescription, componentAttributes, dynamicRuleAlgorithmLabels, dynamicRuleAlgorithmFunctions, - dynamicRuleAlgorithmField1, dynamicRuleAlgorithmField2, actionPerformer, actionAttribute, isEdit, policyScope, 0); - - //send JSON object to PAP - try { - response = (String) callPAP(newPAPPolicy, new String[] {"operation="+operation, "apiflag=api", "policyType=Action"}, requestID, "Action"); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - return response; - - } - - /* - * Create or Update Decision Policy implementation - */ - private String createUpdateDecisionPolicy(String policyName, String policyDescription, String ecompName, RuleProvider ruleProvider, Map componentAttributes, Map settings, - List dynamicRuleAlgorithmLabels, List dynamicRuleAlgorithmField1, List dynamicRuleAlgorithmFunctions, List dynamicRuleAlgorithmField2, - String policyScope, Boolean isEdit, UUID requestID) { - - String response = null; - String operation = null; - - if (isEdit){ - operation = "update"; - } else { - operation = "create"; - } - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (ecompName==null||ecompName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No ECOMP Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No ECOMP Name given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else { - - if (ruleProvider==null) { - ruleProvider = RuleProvider.CUSTOM ; - } - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy(policyName, policyDescription, ecompName, ruleProvider.toString(), componentAttributes, settings, dynamicRuleAlgorithmLabels, dynamicRuleAlgorithmFunctions, - dynamicRuleAlgorithmField1, dynamicRuleAlgorithmField2, null, null, null, isEdit, policyScope, 0); - - //send JSON object to PAP - try { - response = (String) callPAP(newPAPPolicy, new String[] {"operation="+operation, "apiflag=api", "policyType=Decision"}, requestID, "Decision"); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - return response; - } - - /* - * Create or Update ClosedLoop_Fault policy implementation - */ - private String createUpdateClosedLoopPolicy(String policyName, JsonObject configBody, String policyDescription, String policyScope, Boolean isEdit, - UUID requestID,String riskLevel, String riskType, String guard, String ttlDate) { - - String response = null; - String operation = null; - String oldPolicyName = null; - - if (isEdit){ - operation = "update"; - if (policyName.endsWith("_Draft")) { - oldPolicyName = policyName + "_Draft.1"; - } - } else { - operation = "create"; - } - - boolean levelCheck = isNumeric(riskLevel); - - // get values and attributes from the JsonObject - String ecompName = configBody.get("ecompname").toString().replace("\"", ""); - String jsonBody = configBody.toString(); - - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (ecompName==null||ecompName.equals("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Ecomp Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Ecomp Name given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if (!levelCheck){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."; - } else { - - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy("ClosedLoop_Fault", policyName, policyDescription, ecompName, - jsonBody, false, oldPolicyName, null, isEdit, policyScope, 0, riskLevel, riskType, guard, ttlDate); - - //send JSON object to PAP - try { - response = (String) callPAP(newPAPPolicy, new String[] {"operation="+operation, "apiflag=api", "policyType=Config"}, requestID, "ConfigClosedLoop"); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - return response; - - } - - private String createUpdateClosedLoopPmPolicy(String policyName, JsonObject configBody, String policyDescription, String policyScope, Boolean isEdit, - UUID requestID, String riskLevel, String riskType, String guard, String ttlDate) { - - String response = null; - String operation = null; - String oldPolicyName = null; - - if (isEdit){ - operation = "update"; - } else { - operation = "create"; - } - - boolean levelCheck = isNumeric(riskLevel); - - // get values and attributes from the JsonObject - String ecompName = configBody.get("ecompname").toString().replace("\"", ""); - String serviceType = configBody.get("serviceTypePolicyName").toString().replace("\"", ""); - String jsonBody = configBody.toString(); - - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (ecompName==null||ecompName.equals("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Ecomp Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Ecomp Name given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if (!levelCheck){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."; - } else { - - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy("ClosedLoop_PM", policyName, policyDescription, ecompName, - jsonBody, false, oldPolicyName, serviceType, isEdit, policyScope, 0, riskLevel, riskType, guard, ttlDate); - - //send JSON object to PAP - try { - response = (String) callPAP(newPAPPolicy, new String[] {"operation="+operation, "apiflag=api", "policyType=Config"}, requestID, "ConfigClosedLoop"); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - return response; - - } - - public Boolean validateNONASCIICharactersAndAllowSpaces(Object json){ - Boolean isValidForm = false; - if (json instanceof String) { - String jsonString = (String)json; - if (jsonString.isEmpty()) { - logger.info("JSON String is empty so cannot validate NON ACSII Characters."); - } else { - if(CharMatcher.ASCII.matchesAllOf((CharSequence) jsonString)){ - logger.info("The Value does not contain ASCII Characters"); - isValidForm = true; - }else{ - logger.error("The Value Contains Non ASCII Characters"); - isValidForm = false; - } - } - } else if (json instanceof JsonObject) { - JsonObject jsonObj = (JsonObject)json; - if (jsonObj.isEmpty()){ - logger.info("JSON object is empty so cannot validate NON ACSII Characters."); - } else { - if(CharMatcher.ASCII.matchesAllOf((CharSequence) jsonObj.toString())){ - logger.info("The Value does not contain ASCII Characters"); - isValidForm = true; - }else{ - logger.error("The Value Contains Non ASCII Characters"); - isValidForm = false; - } - } - - } - - return isValidForm; - } - - private String createUpdateMicroServicesPolicy(String policyName, JsonObject microServiceAttributes, String ecompName, String policyScope, Boolean isEdit, UUID requestID, - String riskLevel, String riskType, String guard, String ttlDate) { - - String response = null; - String operation = null; - - if (isEdit){ - operation = "update"; - } else { - operation = "create"; - } - - boolean levelCheck = isNumeric(riskLevel); - - // get values and attributes from the JsonObject - String microService = microServiceAttributes.get("service").toString().replace("\"", ""); - String uuid = microServiceAttributes.get("uuid").toString().replace("\"", ""); - String msLocation = microServiceAttributes.get("location").toString().replace("\"", "");; - String policyDescription = microServiceAttributes.get("description").toString().replace("\"", ""); - String configName = microServiceAttributes.get("configName").toString().replace("\"", ""); - String priority = microServiceAttributes.get("priority").toString().replace("\"", ""); - String version = microServiceAttributes.get("version").toString().replace("\"", ""); - - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (ecompName==null||ecompName.equals("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Ecomp Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Ecomp Name given."; - } else if (configName==null||configName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Configuration Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Configuration Name given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if (!levelCheck){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect Risk Level given."; - } else { - - - StdPAPPolicy newPAPPolicy = new StdPAPPolicy("DCAE Micro Service", policyName, policyDescription, ecompName, - configName, microService, uuid, msLocation, microServiceAttributes.toString(), priority, - version, isEdit, policyScope, 0, riskLevel, riskType, guard, ttlDate); - - //send JSON object to PAP - try { - response = (String) callPAP(newPAPPolicy, new String[] {"operation="+operation, "apiflag=api", "policyType=Config"}, requestID, "ConfigMS"); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - return response; - - } - - - /* - * Push a policy to the PDP API implementation - */ - public String pushPolicy(String policyScope, String policyName, String policyType, String pdpGroup, UUID requestID) throws Exception { - return pushPolicy(policyScope, policyName, policyType, pdpGroup, requestID, userName, pass); - } - - public String pushPolicy(String policyScope, String policyName, String policyType, String pdpGroup, UUID requestID, String userID, String passcode) throws Exception { - String resource= "pushPolicy"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - return (XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - } - String response = null; - String filePrefix = null; - String clientScope = null; - String activeVersion = null; - - //get the client scope based policy type - if (policyType.equalsIgnoreCase("Firewall")){ - clientScope = "ConfigFirewall"; - filePrefix = "Config_FW_"; - } else if (policyType.equalsIgnoreCase("Action")) { - clientScope = "Action"; - filePrefix = "Action_"; - } else if (policyType.equalsIgnoreCase("Decision")){ - clientScope = "Decision"; - filePrefix = "Decision_"; - } else if (policyType.equalsIgnoreCase("Base")){ - clientScope = "Config"; - filePrefix = "Config_"; - } else if (policyType.equalsIgnoreCase("ClosedLoop_Fault")){ - clientScope = "ConfigClosedLoop"; - filePrefix = "Config_Fault_"; - } else if (policyType.equalsIgnoreCase("ClosedLoop_PM")){ - clientScope = "ConfigClosedLoop"; - filePrefix = "Config_PM_"; - } else if (policyType.equalsIgnoreCase("MicroService")) { - clientScope = "ConfigMS"; - filePrefix = "Config_MS_"; - }else if (policyType.equalsIgnoreCase("BRMS_RAW")){ - clientScope = "ConfigBrmsRaw"; - filePrefix = "Config_BRMS_Raw_"; - } else if (policyType.equalsIgnoreCase("BRMS_PARAM")){ - clientScope = "ConfigBrmsParam"; - filePrefix = "Config_BRMS_Param_"; - } else { - clientScope = null; - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + policyType + " is not a valid Policy Type."); - return XACMLErrorConstants.ERROR_DATA_ISSUE + policyType + " is not a valid Policy Type."; - } - - logger.debug("clientScope is " + clientScope); - logger.debug("filePrefix is " + filePrefix); - - if (pdpGroup == null) { - pdpGroup = "default"; - } - - if (policyName==null||policyName.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (policyScope==null||policyScope.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; - } else if (policyType==null||policyType.equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Type given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Type given."; - } else { - // requestID null check. - if(requestID==null){ - requestID = UUID.randomUUID(); - logger.debug("Request ID not provided. Generating request ID " + requestID.toString()); - } - - // change call to getActiveVersion to pass requestID for PAP to receive on the GET process so PAP won't generate another - // activeVersion = getActiveVersion(policyScope, filePrefix, policyName, clientScope); - activeVersion = getActiveVersion(policyScope, filePrefix, policyName, clientScope, requestID); - logger.debug("The active version of " + policyScope + File.separator + filePrefix + policyName + " is " + activeVersion); - - String id = null; - if (activeVersion.equalsIgnoreCase("pe100")) { - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "response code of the URL is 403. PEP is not Authorized for making this Request!! " - + "\n Contact Administrator for this Scope. "); - return XACMLErrorConstants.ERROR_PERMISSIONS + "response code of the URL is 403. PEP is not Authorized for making this Request!! " - + "Contact Administrator for this Scope. "; - - } else if (activeVersion.equalsIgnoreCase("pe300")) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "response code of the URL is 404. " - + "This indicates a problem with getting the version from the PAP or the policy does not exist."); - return XACMLErrorConstants.ERROR_DATA_ISSUE + "response code of the URL is 404. " - + "This indicates a problem with getting the version from the PAP or the policy does not exist."; - } - - - if (!activeVersion.equalsIgnoreCase("0")) { - id = policyScope + "." + filePrefix + policyName + "." + activeVersion + ".xml"; - logger.debug("The policyId is " + id); - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "could not retrieve the activeVersion for this policy. " - + "This indicates the policy does not exist, please verify the policy exists."); - return XACMLErrorConstants.ERROR_DATA_ISSUE + "could not retrieve the activeVersion for this policy. could not retrieve the activeVersion for this policy. " - + "This indicates the policy does not exist, please verify the policy exists."; - } - - // change call to getgitPath to pass requestID for PAP to receive on the GET process so PAP won't generate another - // String gitPath = getGitPath(policyScope, filePrefix, policyName, activeVersion, clientScope); - String gitPath = getGitPath(policyScope, filePrefix, policyName, activeVersion, clientScope, requestID); - logger.debug("Full gitPath policy xml file: " + gitPath); - - // change call to getSelectedURI to pass requestID for PAP to receive on the GET process so PAP won't generate another - // URI selectedURI = getSelectedURI(gitPath, clientScope); - URI selectedURI = getSelectedURI(gitPath, clientScope, requestID); - - logger.debug("The selectedURI is : " + selectedURI.toString()); - String name = filePrefix+policyName; - - StdPDPPolicy selectedPolicy = new StdPDPPolicy(id, true, name, selectedURI, isValid, policyId, description, pushVersion); - - logger.debug("StdPDPPolicy object contains: " + selectedPolicy.getId() + ", " + selectedPolicy.getName() + ", " + selectedPolicy.getLocation().toString()); - - response = copyPolicy(selectedPolicy, pdpGroup, clientScope, requestID); - - logger.debug("copyPolicy response: " + response); - - if(response.contains("successfully")){ - response = (String) callPAP(selectedPolicy, new String[]{"groupId=" + pdpGroup, "policyId="+id, "apiflag=addPolicyToGroup", "operation=PUT"}, requestID, clientScope); - } - - logger.debug("Final API response: " + response); - } - - return response; - - } - - private String deletePolicyFromPAP(DeletePolicyParameters parameters) { - String response = null; - String clientScope = null; - String pdpGroup = parameters.getPdpGroup(); - - if (pdpGroup==null){ - pdpGroup="NA"; - } - - //get the client scope based policy type - if (parameters.getPolicyName().contains("Config_FW")){ - clientScope = "ConfigFirewall"; - } else if (parameters.getPolicyName().contains("Action")) { - clientScope = "Action"; - } else if (parameters.getPolicyName().contains("Decision")){ - clientScope = "Decision"; - } else if (parameters.getPolicyName().contains("Config_Fault")){ - clientScope = "ConfigClosedLoop"; - } else if (parameters.getPolicyName().contains("Config_PM")){ - clientScope = "ConfigClosedLoop"; - } else if (parameters.getPolicyName().contains("Config_MS")){ - clientScope = "ConfigMS"; - } else if (parameters.getPolicyName().contains("Config_BRMS_Raw")){ - clientScope = "ConfigBrmsRaw"; - } else if (parameters.getPolicyName().contains("Config_BRMS_Param")){ - clientScope = "ConfigBrmsParam"; - } else { - clientScope = "Config"; - } - - logger.debug("clientScope is " + clientScope); - - if (clientScope==null||clientScope.equals("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + parameters.getPolicyName() + " is not a valid Policy Name."); - return XACMLErrorConstants.ERROR_DATA_ISSUE + parameters.getPolicyName() + " is not a valid Policy Name."; - } - - if (parameters.getPolicyName()==null||parameters.getPolicyName().equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (parameters.getDeleteCondition()==null||parameters.getDeleteCondition().equals("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Delete Condition given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Delete Condition given."; - } else { - - StdPAPPolicy deletePapPolicy = new StdPAPPolicy(parameters.getPolicyName(), parameters.getDeleteCondition().toString()); - - //send JSON object to PAP - try { - response = (String) callPAP(deletePapPolicy, new String[] {"groupId="+pdpGroup, "apiflag=deletePapApi", "operation=delete" }, parameters.getRequestID(), clientScope); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - } - - return response; - } - - private String deletePolicyFromPDP(DeletePolicyParameters parameters) { - String response = null; - String clientScope = null; - String pdpGroup = parameters.getPdpGroup(); - - if (pdpGroup==null){ - pdpGroup="NA"; - } - - //get the client scope based policy type - if (parameters.getPolicyName().contains("Config_FW")){ - clientScope = "ConfigFirewall"; - } else if (parameters.getPolicyName().contains("Action")) { - clientScope = "Action"; - } else if (parameters.getPolicyName().contains("Decision")){ - clientScope = "Decision"; - } else if (parameters.getPolicyName().contains("Config_Fault")){ - clientScope = "ConfigClosedLoop"; - } else if (parameters.getPolicyName().contains("Config_PM")){ - clientScope = "ConfigClosedLoop"; - } else if (parameters.getPolicyName().contains("Config_MS")){ - clientScope = "ConfigMS"; - }else if (parameters.getPolicyName().contains("Config_BRMS_Raw")){ - clientScope = "ConfigBrmsRaw"; - } else if (parameters.getPolicyName().contains("Config_BRMS_Param")){ - clientScope = "ConfigBrmsParam"; - } else { - clientScope = "Config"; - } - - logger.debug("clientScope is " + clientScope); - - if (clientScope==null||clientScope.equals("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + parameters.getPolicyName() + " is not a valid Policy Name."); - return XACMLErrorConstants.ERROR_DATA_ISSUE + parameters.getPolicyName() + " is not a valid Policy Name."; - } - - if (parameters.getPolicyName()==null||parameters.getPolicyName().equalsIgnoreCase("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; - } else if (parameters.getPdpGroup()==null||parameters.getPdpGroup().equals("")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No PDP Group given."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "No PDP Group given."; - } else { - - //send JSON object to PAP - try { - response = (String) callPAP(null, new String[] {"policyName="+parameters.getPolicyName(), "groupId="+pdpGroup, "apiflag=deletePdpApi", "operation=delete" }, parameters.getRequestID(), clientScope); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - } - - return response; - } - - /* - * Copy a single Policy file from the input stream to the PAP Servlet. - * Either this works (silently) or it throws an exception. - * - */ - public String copyFile(String policyId, String group, StdPAPPolicy location, String clientScope, UUID requestID) throws PAPException { - String response = null; - //String clientScope = null; - - // send the policy file to the PAP Servlet - try { - response = (String) callPAP(location, new String[] {"groupId=" + group, "policyId="+policyId, "apiflag=api", "operation=post"}, requestID, clientScope); - } catch (Exception e) { - String message = "Unable to PUT policy '" + policyId + "', e:" + e; - logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message, e); - throw new PAPException(message); - } - - return response; - } - - public String copyPolicy(PDPPolicy policy, String group, String policyType, UUID requestID) throws PAPException { - String response = null; - - if (policy == null || group == null) { - throw new PAPException("Null input policy="+policy+" group="+group); } - try { - StdPAPPolicy location = new StdPAPPolicy(policy.getLocation()); - response = copyFile(policy.getId(), group, location, policyType, requestID); - } catch (Exception e) { - String message = "Unable to PUT policy '" + policy.getId() + "', e:" + e; - logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message, e); - throw new PAPException(message); - } - - return response; } - public Object callPAP(Object content, String[] parameters, UUID requestID, String clientScope) throws Exception { - String response = null; - HttpURLConnection connection = null; - String requestMethod = null; - String operation = null; - responseCode = 0; - // Checking for the available PDPs is done during the first Request and the List is going to have the connected PDP as first element. - // This makes it Real-Time to change the list depending on their availability. - if (paps == null || paps.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "PAPs List is Empty."); - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"PAPs List is empty."); - }else { - int papsCount = 0; - boolean connected = false; - while (papsCount < paps.size()) { - try { - String fullURL = paps.get(0); - if (parameters != null && parameters.length > 0) { - String queryString = ""; - for (String p : parameters) { - queryString += "&" + p; - if (p.equalsIgnoreCase("operation=post")){ - requestMethod = "POST"; - } else if (p.equalsIgnoreCase("operation=delete")){ - requestMethod = "DELETE"; - operation = "delete"; - } else { - requestMethod = "PUT"; - if (p.equalsIgnoreCase("operation=create")){ - operation = "create"; - } else if (p.equalsIgnoreCase("operation=update")){ - operation = "update"; - } else if (p.equalsIgnoreCase("operation=createDictionary")){ - operation = "createDictionary"; - } - } - } - fullURL += "?" + queryString.substring(1); - } - - URL url = new URL (fullURL); - - //Open the connection - connection = (HttpURLConnection)url.openConnection(); - - // Setting Content-Type - connection.setRequestProperty("Content-Type", - "application/json"); - - // Adding Authorization - connection.setRequestProperty("Authorization", "Basic " - + encodingPAP.get(0)); - - connection.setRequestProperty("Environment", environment); - connection.setRequestProperty("ClientScope", clientScope); - - //set the method and headers - connection.setRequestMethod(requestMethod); - connection.setUseCaches(false); - connection.setInstanceFollowRedirects(false); - connection.setDoOutput(true); - connection.setDoInput(true); - // Adding RequestID - if (requestID == null) { - requestID = UUID.randomUUID(); - logger.info("No request ID provided, sending generated ID: " + requestID.toString()); - } else { - logger.info("Using provided request ID: " + requestID.toString()); - } - connection.setRequestProperty("X-ECOMP-RequestID", requestID.toString()); - - if (content != null) { - if (content instanceof InputStream) { - try { - //send current configuration - try (OutputStream os = connection.getOutputStream()) { - int count = IOUtils.copy((InputStream)content, os); - if (logger.isDebugEnabled()) { - logger.debug("copied to output, bytes=" + count); - } - } - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Failed to write content in 'PUT'", e); - throw e; - } - } else { - // the content is an object to be encoded in JSON - ObjectMapper mapper = new ObjectMapper(); - if(!junit){ - mapper.writeValue(connection.getOutputStream(), content); - } - } - } - - //DO the connect - connection.connect(); - responseCode = connection.getResponseCode(); - // If Connected to PAP then break from the loop and continue with the Request - if (connection.getResponseCode() > 0 || junit) { - connected = true; - break; - - } else { - logger.debug(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAP connection Error"); - } - } catch (Exception e) { - // This means that the PAP is not working - if (junit) { - connected = true; - break; - } - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAP connection Error : " + e); - } - papsCount++; + /* + * Gets the Notification if one exists. Used only for Manual Polling + * purposes. + */ + public PDPNotification getNotification(){ + //Check if there is proper scheme.. + PDPNotification notification = null; + if(this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS) || this.scheme.equals(NotificationScheme.MANUAL_NOTIFICATIONS)) { + if (notificationType.get(0).equals("ueb")){ + ManualClientEndUEB.start(pdps.get(0), notificationURLList, UNIQUEID); + notification = ManualClientEndUEB.result(scheme); + }else if (notificationType.get(0).equals("dmaap")){ + ManualClientEndDMAAP.start(notificationURLList, topic, UNIQUEID, userName, pass); + notification = ManualClientEndDMAAP.result(scheme); + }else{ + ManualClientEnd.start(pdps.get(0)); + LOGGER.debug("manual notification requested.. : " + scheme.toString()); + notification = ManualClientEnd.result(scheme); } - - if (connected) { - //Read the Response - logger.debug("connected to the PAP : " + paps.get(0)); - logger.debug("--- Response: ---"); - Map> headers = connection.getHeaderFields(); - for (String key : headers.keySet()) { - logger.debug("Header :" + key + " Value: " + headers.get(key)); - } - try { - if (responseCode == 200 || junit) { - - // Check for successful creation of policy - String isSuccess = null; - if(!junit){ //is this a junit test? - isSuccess = connection.getHeaderField("successMapKey"); - operation = connection.getHeaderField("operation"); - } else { - isSuccess = "success"; - } - - if (isSuccess.equals("success")) { - if (operation.equals("update")) { - logger.info("Transaction ID: " + requestID + " --Policy Updated Successfully!" ); - response = "Transaction ID: " + requestID + " --Policy with the name " + connection.getHeaderField("policyName") + " was successfully updated."; - } else if (operation.equals("delete")) { - logger.info("Transaction ID: " + requestID + " --Policy Deleted Successfully!"); - response = "Transaction ID: " + requestID + " --The policy was successfully deleted."; - } else if (operation.equals("import")) { - logger.info("Transaction ID: " + requestID + " --Policy Engine Import Successful!"); - response = "Transaction ID: " + requestID + " --The policy engine import for " + connection.getHeaderField("service") + " was successfull."; - }else { - logger.info("Transaction ID: " + requestID + " --Policy Created Successfully!" ); - response = "Transaction ID: " + requestID + " --Policy with the name " + connection.getHeaderField("policyName") + " was successfully created."; - } - - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Unable to Create/Update the Policy!"); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Unable to Create/Update the Policy!"; - } - } else if (connection.getResponseCode() == 202) { - if (connection.getHeaderField("operation")!=null && connection.getHeaderField("operation").equalsIgnoreCase("delete")){ - if (connection.getHeaderField("lockdown")!=null && connection.getHeaderField("lockdown").equals("true")){ - logger.warn("Transaction ID: " + requestID + "Policies are locked down."); - response = "Transaction ID: " + requestID + " --Policies are locked down, please try again later."; - } - } - } else if (connection.getResponseCode() == 204) { - if (connection.getHeaderField("operation")!=null && connection.getHeaderField("operation").equals("push")){ - logger.info("Transaction ID: " + requestID + " --Policy '" + connection.getHeaderField("policyId") + - "' was successfully pushed to the PDP group '" + connection.getHeaderField("groupId") + "'."); - response = "Transaction ID: " + requestID + " --Policy '" + connection.getHeaderField("policyId") + - "' was successfully pushed to the PDP group '" + connection.getHeaderField("groupId") + "'."; - } - } else if (connection.getResponseCode() == 400 && connection.getHeaderField("error")!=null){ - if (connection.getHeaderField("error").equals("noPolicyExist")) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Policy does not exist on the PDP."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Policy does not exist on the PDP."; - } else if (connection.getHeaderField("error").equals("invalidPolicyName")) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid policyName... " - + "policyName must be the full name of the file to be deleted including version and extension"); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid policyName... " - + "policyName must be the full name of the file to be deleted including version and extension"; - } else if (connection.getHeaderField("error").equals("actionPolicyDB")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Could not find " + connection.getHeaderField("actionAttribute") + " in the ActionPolicyDict table."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid actionAttribute given."; - } else if (connection.getHeaderField("error").equals("serviceModelDB")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid Service or Version. The Service Model, " - + connection.getHeaderField("modelName") + " of version " + connection.getHeaderField("modelVersion") - + " was not found in the dictionary."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Invalid Service or Version. The Service Model, " - + connection.getHeaderField("modelName") + " of version " + connection.getHeaderField("modelVersion") - + " was not found in the dictionary."; - } else if (connection.getHeaderField("error").equals("FWDBError")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error when inserting Firewall ConfigBody data into database."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Error when inserting Firewall ConfigBody data into the database."; - } else if (connection.getHeaderField("error").equals("savePolicy")){ - logger.error(connection.getHeaderField("message")); - response = connection.getHeaderField("message"); - } - } else if (connection.getResponseCode() == 403) { - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "response code of the URL is " - + connection.getResponseCode() + ". PEP is not Authorized for making this Request!! \n Contact Administrator for this Scope. "); - response = XACMLErrorConstants.ERROR_PERMISSIONS + "response code of the URL is " - + connection.getResponseCode() + ". PEP is not Authorized for making this Request!! \n Contact Administrator for this Scope. "; - } else if (connection.getResponseCode() == 404 && connection.getHeaderField("error")!=null) { - if (connection.getHeaderField("error").equals("unknownGroupId")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + connection.getHeaderField("message")); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + connection.getHeaderField("message") + - " Please check the pdpGroup you are requesting to move the policy to."; - } - } else if (connection.getResponseCode() == 409 && connection.getHeaderField("error")!=null) { - if (connection.getHeaderField("error").equals("modelExistsDB")) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Import Value Exist Error"); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Import Value Exist Error: The import value "+connection.getHeaderField("service")+" already exist on the PAP. " - + "Please create a new import value."; - }else if (connection.getHeaderField("error").equals("policyExists")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Policy Exist Error"); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Policy Exist Error: The Policy "+connection.getHeaderField("policyName")+" already exist on the PAP. " - + "Please create a new policy or use the update API to modify the existing one."; - } - } else if (connection.getResponseCode() == 500 && connection.getHeaderField("error")!=null) { - if (connection.getHeaderField("error").equals("jpautils")){ - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Could not create JPAUtils instance on the PAP"); - response = XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Could not create JPAUtils instance on the PAP"; - } else if (connection.getHeaderField("error").equals("deleteDB")){ - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Failed to delete Policy from database."); - response = XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Failed to delete Policy from database."; - } else if (connection.getHeaderField("error").equals("deleteFile")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot delete the policy file."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot delete the policy file"; - } else if (connection.getHeaderField("error").equals("groupUpdate")){ - logger.error(connection.getHeaderField("message")); - response = connection.getHeaderField("message"); - }else if (connection.getHeaderField("error").equals("unknown")){ - logger.error(XACMLErrorConstants.ERROR_UNKNOWN + "Failed to delete the policy for an unknown reason. Check the file system and other logs for further information."); - response = XACMLErrorConstants.ERROR_UNKNOWN + "Failed to delete the policy for an unknown reason. Check the file system and other logs for further information."; - } else if (connection.getHeaderField("error").equals("deleteConfig")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot delete the configuration or action body file in specified location"); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot delete the configuration or action body file in specified location."; - }else if (connection.getHeaderField("error").equals("missing")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Failed to create value in database because service does match a value in file"); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Failed to create value in database because service does match a value in file"; - }else if (connection.getHeaderField("error").equals("importDB")){ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Database errors during policy engine import"); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Database errors during policy engine import"; - }else if (connection.getHeaderField("error").equals("policyCopyError")){ - logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + connection.getHeaderField("message")); - response = XACMLErrorConstants.ERROR_PROCESS_FLOW + connection.getHeaderField("message"); - }else if (connection.getHeaderField("error").equals("addGroupError")){ - logger.error(connection.getHeaderField("message")); - response = connection.getHeaderField("message"); - }else if (connection.getHeaderField("error").equals("error")){ - logger.error(XACMLErrorConstants.ERROR_UNKNOWN + "Could not create or update the policy for and unknown reason"); - response = XACMLErrorConstants.ERROR_UNKNOWN + "Could not create or update the policy for and unknown reason"; - } - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "BAD REQUEST: Error occured while attempting perform this operation.. the request may be incorrect."); - response = XACMLErrorConstants.ERROR_DATA_ISSUE + "BAD REQUEST: Error occured while attempting perform this operation.. the request may be incorrect."; - } - } catch (IOException e) { - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e); - response = XACMLErrorConstants.ERROR_SYSTEM_ERROR + e; - throw new Exception(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"ERROR in connecting to the PAP ", e); - } - - if (junit){ - response = "success"; - } - return response; - + if (notification == null){ + LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Notification yet.."); + return null; } else { - response = XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Unable to get valid response from PAP(s) " + paps; - return response; - } - } - - } - - // change getSelectedURI method to receive requestID to be used to send to PAP on the GET request so PAP won't generate another - // private URI getSelectedURI(String gitPath, String clientScope){ - private URI getSelectedURI(String gitPath, String clientScope, UUID requestID){ - //Connect to the PAP - URI selectedURI = null; - HttpURLConnection connection = null; - String [] parameters = {"apiflag=uri", "gitPath="+gitPath}; - - - // Checking for the available PDPs is done during the first Request and the List is going to have the connected PDP as first element. - // This makes it Real-Time to change the list depending on their availability. - if (paps == null || paps.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "PAPs List is Empty."); - try { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"PAPs List is empty."); - } catch (Exception e) { - logger.error(e.getMessage()); - } - }else { - int papsCount = 0; - boolean connected = false; - while (papsCount < paps.size()) { - try { - String fullURL = paps.get(0); - if (parameters != null && parameters.length > 0) { - String queryString = ""; - for (String p : parameters) { - queryString += "&" + p; - } - fullURL += "?" + queryString.substring(1); - } - - URL url = new URL (fullURL); - - //Open the connection - connection = (HttpURLConnection)url.openConnection(); - - // Setting Content-Type - connection.setRequestProperty("Content-Type", - "application/json"); - - // Adding Authorization - connection.setRequestProperty("Authorization", "Basic " - + encodingPAP.get(0)); - - connection.setRequestProperty("Environment", environment); - connection.setRequestProperty("ClientScope", clientScope); - - //set the method and headers - connection.setRequestMethod("GET"); - connection.setUseCaches(false); - connection.setInstanceFollowRedirects(false); - connection.setDoOutput(true); - connection.setDoInput(true); - - // set requestID in header properties to be used to send to PAP on the GET request so PAP won't generate another - connection.setRequestProperty("X-ECOMP-RequestID", requestID.toString()); - - //DO the connect - connection.connect(); - responseCode = connection.getResponseCode(); - // If Connected to PAP then break from the loop and continue with the Request - if (connection.getResponseCode() > 0) { - connected = true; - break; - - } else { - logger.debug(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAP connection Error"); - } - } catch (Exception e) { - // This means that the PAP is not working - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAP connection Error : " + e); - } - papsCount++; + return notification; } - - if (connected) { - //Read the Response - logger.debug("connected to the PAP : " + paps.get(0)); - logger.debug("--- Response: ---"); - Map> headers = connection.getHeaderFields(); - for (String key : headers.keySet()) { - logger.debug("Header :" + key + " Value: " + headers.get(key)); - } - try { - if (connection.getResponseCode() == 200) { - // Check for successful creation of policy - String uri = connection.getHeaderField("selectedURI"); - logger.debug("URI from Header: " + uri); - if (uri != null && !uri.equalsIgnoreCase("")) { - selectedURI = URI.create(uri); - return selectedURI; - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "could not retrieve the gitPath from the PAP"); - } - } else if (connection.getResponseCode() == 404) { - logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "response code of the URL is " - + connection.getResponseCode() + ". This indicates a problem with getting the gitPath from the PAP"); - } else { - logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "BAD REQUEST: Error occured while getting the gitPath from the PAP. The request may be incorrect."); - } - } catch (IOException e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - try { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"ERROR in connecting to the PAP ", e); - } catch (Exception e1) { - logger.error(e1.getMessage()); - } - } - - } else { - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Unable to get valid response from PAP(s) " + paps); - try { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"ERROR in connecting to the PAP "); - } catch (Exception e) { - logger.error(e.getMessage()); - } - } - } - return selectedURI; - - } - - // Make a call to the PAP to get the gitPath - // change getGitPath method to receive requestID to be used to send to PAP on the GET request so PAP won't generate another - // private String getGitPath(String policyScope, String filePrefix, String policyName, String activeVersion, String clientScope){ - private String getGitPath(String policyScope, String filePrefix, String policyName, String activeVersion, String clientScope, UUID requestID){ - - //Connect to the PAP - String gitPath = null; - HttpURLConnection connection = null; - String [] parameters = {"apiflag=gitPath", "policyScope="+policyScope, "filePrefix="+filePrefix, - "policyName="+policyName, "activeVersion="+activeVersion}; - - - // Checking for the available PDPs is done during the first Request and the List is going to have the connected PDP as first element. - // This makes it Real-Time to change the list depending on their availability. - if (paps == null || paps.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "PAPs List is Empty."); - try { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"PAPs List is empty."); - } catch (Exception e) { - logger.error(e.getMessage()); - } }else { - int papsCount = 0; - boolean connected = false; - while (papsCount < paps.size()) { - try { - String fullURL = paps.get(0); - if (parameters != null && parameters.length > 0) { - String queryString = ""; - for (String p : parameters) { - queryString += "&" + p; - } - fullURL += "?" + queryString.substring(1); - } - - URL url = new URL (fullURL); - - //Open the connection - connection = (HttpURLConnection)url.openConnection(); - - // Setting Content-Type - connection.setRequestProperty("Content-Type", - "application/json"); - - // Adding Authorization - connection.setRequestProperty("Authorization", "Basic " - + encodingPAP.get(0)); - - connection.setRequestProperty("Environment", environment); - connection.setRequestProperty("ClientScope", clientScope); - - //set the method and headers - connection.setRequestMethod("GET"); - connection.setUseCaches(false); - connection.setInstanceFollowRedirects(false); - connection.setDoOutput(true); - connection.setDoInput(true); - - // set requestID in header properties to be used to send to PAP on the GET request so PAP won't generate another - connection.setRequestProperty("X-ECOMP-RequestID", requestID.toString()); - - //DO the connect - connection.connect(); - - // If Connected to PAP then break from the loop and continue with the Request - if (connection.getResponseCode() > 0) { - connected = true; - break; - - } else { - logger.debug(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAP connection Error"); - } - } catch (Exception e) { - // This means that the PAP is not working - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAP connection Error : " + e); - } - papsCount++; - } - - if (connected) { - //Read the Response - logger.debug("connected to the PAP : " + paps.get(0)); - logger.debug("--- Response: ---"); - Map> headers = connection.getHeaderFields(); - for (String key : headers.keySet()) { - logger.debug("Header :" + key + " Value: " + headers.get(key)); - } - try { - if (connection.getResponseCode() == 200) { - // Check for successful creation of policy - gitPath = connection.getHeaderField("gitPath"); - this.policyId = connection.getHeaderField("policyId"); - this.description = connection.getHeaderField("description"); - this.pushVersion = connection.getHeaderField("version"); - String isValid = connection.getHeaderField("isValid"); - this.isValid = Boolean.parseBoolean(isValid); - - logger.debug("GitPath from Header: " + gitPath); - logger.debug("policyId from Header: " + policyId); - logger.debug("description from Header: " + description); - logger.debug("version from Header: " + pushVersion); - logger.debug("isValid from Header: " + isValid); - - if (gitPath != null && !gitPath.equalsIgnoreCase("")) { - return gitPath; - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "could not retrieve the gitPath from the PAP"); - } - } else if (connection.getResponseCode() == 404) { - logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "response code of the URL is " - + connection.getResponseCode() + ". This indicates a problem with getting the gitPath from the PAP"); - } else { - logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "BAD REQUEST: Error occured while getting the gitPath from the PAP. The request may be incorrect."); - } - } catch (IOException e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - try { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"ERROR in connecting to the PAP ", e); - } catch (Exception e1) { - logger.error(e1.getMessage()); - } - } - - } else { - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Unable to get valid response from PAP(s) " + paps); - try { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"ERROR in connecting to the PAP "); - } catch (Exception e) { - logger.error(e.getMessage()); - } - } + return null; } - return gitPath; - } - // change getActiveVersion method to receive requestID to be used to send to PAP on the GET request so PAP won't generate another -// private String getActiveVersion(String policyScope, String filePrefix, String policyName, String clientScope) { - private String getActiveVersion(String policyScope, String filePrefix, String policyName, String clientScope, UUID requestID) { - - //Connect to the PAP - String version = null; - HttpURLConnection connection = null; - String [] parameters = {"apiflag=version","policyScope="+policyScope, "filePrefix="+filePrefix, "policyName="+policyName}; - - - // Checking for the available PDPs is done during the first Request and the List is going to have the connected PDP as first element. - // This makes it Real-Time to change the list depending on their availability. - if (paps == null || paps.isEmpty()) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "PAPs List is Empty."); - try { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"PAPs List is empty."); - } catch (Exception e) { - logger.error(e.getMessage()); - } - }else { - int papsCount = 0; - boolean connected = false; - while (papsCount < paps.size()) { - try { - String fullURL = paps.get(0); - if (parameters != null && parameters.length > 0) { - String queryString = ""; - for (String p : parameters) { - queryString += "&" + p; - } - fullURL += "?" + queryString.substring(1); - } - - URL url = new URL (fullURL); - - //Open the connection - connection = (HttpURLConnection)url.openConnection(); - - // Setting Content-Type - connection.setRequestProperty("Content-Type", - "application/json"); - - // Adding Authorization - connection.setRequestProperty("Authorization", "Basic " - + encodingPAP.get(0)); - - connection.setRequestProperty("Environment", environment); - connection.setRequestProperty("ClientScope", clientScope); - - - //set the method and headers - connection.setRequestMethod("GET"); - connection.setUseCaches(false); - connection.setInstanceFollowRedirects(false); - connection.setDoOutput(true); - connection.setDoInput(true); - - // set requestID in header properties to be used to send to PAP on the GET request so PAP won't generate another - connection.setRequestProperty("X-ECOMP-RequestID", requestID.toString()); - - //DO the connect - connection.connect(); - - // If Connected to PAP then break from the loop and continue with the Request - if (connection.getResponseCode() > 0) { - connected = true; - break; - - } else { - logger.debug(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAP connection Error"); - } - } catch (Exception e) { - // This means that the PAP is not working - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAP connection Error : " + e); - } - papsCount++; + /* + * Setting the Scheme. + */ + public void setScheme(NotificationScheme scheme) { + this.scheme = scheme; + if (notificationType.get(0).equals("ueb")){ + AutoClientUEB.setScheme(this.scheme); + if (this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS)){ + ManualClientEndUEB.createTopic(pdps.get(0), UNIQUEID, notificationURLList); } - - if (connected) { - //Read the Response - logger.debug("connected to the PAP : " + paps.get(0)); - logger.debug("--- Response: ---"); - Map> headers = connection.getHeaderFields(); - for (String key : headers.keySet()) { - logger.debug("Header :" + key + " Value: " + headers.get(key)); - } - try { - if (connection.getResponseCode() == 200) { - // Check for successful creation of policy - version = connection.getHeaderField("version"); - logger.debug("ActiveVersion from the Header: " + version); - } else if (connection.getResponseCode() == 403) { - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "response code of the URL is " - + connection.getResponseCode() + ". PEP is not Authorized for making this Request!! \n Contact Administrator for this Scope. "); - version = "pe100"; - } else if (connection.getResponseCode() == 404) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "response code of the URL is " - + connection.getResponseCode() + ". This indicates a problem with getting the version from the PAP"); - version = "pe300"; - } else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "BAD REQUEST: Error occured while getting the version from the PAP. The request may be incorrect."); - } - } catch (IOException e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e); - try { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"ERROR in connecting to the PAP ", e); - } catch (Exception e1) { - logger.error(e1.getMessage()); - } - } - - } else { - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Unable to get valid response from PAP(s) " + paps); - try { - throw new Exception(XACMLErrorConstants.ERROR_DATA_ISSUE +"ERROR in connecting to the PAP "); - } catch (Exception e) { - logger.error(e.getMessage()); - } - } - } - return version; - } - - // Validation for json inputs - public static boolean isJSONValid(String data) { - try { - new JSONObject(data); - InputStream stream = new ByteArrayInputStream(data.getBytes(StandardCharsets.UTF_8)); - JsonReader jsonReader = Json.createReader(stream); - logger.debug("Json Value is: " + jsonReader.read().toString() ); - } catch (Exception e) { - return false; - } - return true; + }else if (notificationType.get(0).equals("dmaap")){ + AutoClientDMAAP.setScheme(this.scheme); + if (this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS)){ + ManualClientEndDMAAP.createTopic(topic, UNIQUEID, notificationURLList, userName, pass); + } + }else{ + AutoClientEnd.setScheme(this.scheme); + } } - + /* - * Rotate the PDP list upon WEBsocket Failures + * Returns the Scheme */ - public static void rotateList() { - Collections.rotate(pdps, -1); - Collections.rotate(encoding, -1); - /* not required for 1510. //TODO uncomment when PAP API has been implemented - * This Broke the PyPDP :( Since there is no PAP LIST yet. - Collections.rotate(paps, -1); - Collections.rotate(encodingPAP, -1); - */ + public NotificationScheme getScheme() { + return this.scheme; } /* - * Get the latest PDP + * Returns the NotificationHandler */ - public static String getPDPURL() { - return pdps.get(0); + public NotificationHandler getNotificationHandler() { + return this.handler; } - + /* - * Get the latest PAP + * Stop the Notification Service if its running. */ - public static String getPAPURL() { - return paps.get(0); - } - - private JsonObject stringToJsonObject(String value) throws Exception{ - JsonReader jsonReader = Json.createReader(new StringReader(value)); - JsonObject object = jsonReader.readObject(); - jsonReader.close(); - return object; - } - - private String getJsonResponseString() { - String jsonString = "{\"Response\":[{\"Status\":{\"StatusCode\":{\"Value\":\"urn:oasis:names:tc:xacml:1.0:status:ok\"}}," - + "\"AssociatedAdvice\":[{\"AttributeAssignment\":[{\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\"," - + "\"Issuer\":\"\",\"AttributeId\":\"type\",\"Value\":\"Configuration\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\"}," - + "{\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"Issuer\":\"\",\"AttributeId\":\"URLID\",\"Value\":" - + "\"$URL/Config/JunitTest.Config_testing.1.json\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#anyURI\"},{\"Category\":" - + "\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"Issuer\":\"\",\"AttributeId\":\"PolicyName\",\"Value\":" - + "\"JunitTest.Config_testing.1.xml\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\"},{\"Category\":" - + "\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"Issuer\":\"\",\"AttributeId\":\"VersionNumber\",\"Value\":" - + "\"1\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\"},{\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\"," - + "\"Issuer\":\"\",\"AttributeId\":\"matching:ECOMPName\",\"Value\":\"test\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\"}," - + "{\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"Issuer\":\"\",\"AttributeId\":\"matching:ConfigName\"," - + "\"Value\":\"TestName\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\"},{\"Category\":" - + "\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"Issuer\":\"\",\"AttributeId\":\"matching:service\"," - + "\"Value\":\"ControllerServiceOpendcaeCapsuleServiceInstance\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\"}," - + "{\"Category\":\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"Issuer\":\"\",\"AttributeId\":\"matching:uuid\"," - + "\"Value\":\"TestUUID\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\"},{\"Category\":" - + "\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"Issuer\":\"\",\"AttributeId\":\"matching:Location\"," - + "\"Value\":\"Edge\",\"DataType\":\"http://www.w3.org/2001/XMLSchema#string\"},{\"Category\":" - + "\"urn:oasis:names:tc:xacml:3.0:attribute-category:resource\",\"Issuer\":\"\",\"AttributeId\":\"Priority\",\"Value\":\"1\",\"DataType\":" - + "\"http://www.w3.org/2001/XMLSchema#string\"}],\"Id\":\"MSID\"}],\"Decision\":\"Permit\"}]}"; - - return jsonString; - } - - public PolicyChangeResponse policyEngineImport(ImportParameters importParameters) throws Exception { - return policyEngineImport(importParameters, userName, pass); - } - - public PolicyChangeResponse policyEngineImport(ImportParameters importParameters, String userID, String passcode) throws Exception { - StdPolicyChangeResponse response = new StdPolicyChangeResponse(); - String resource= "policyEngineImport"; - if(!checkPermissions(userID, passcode, resource)){ - logger.error(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseMessage(XACMLErrorConstants.ERROR_PERMISSIONS + "You are not allowed to Make this Request. Please contact PolicyAdmin to give access to:" + resource); - response.setResponseCode(401); - return response; - } - InputStream targetStream = null; - if(importParameters.getServiceName()!=null && importParameters.getVersion()!=null && importParameters.getServiceType()!=null){ - // This is Config Class Policy. - if(importParameters.getFilePath()!=null){ - File input = new File(importParameters.getFilePath()); - if (input.getName().endsWith(".xmi") || input.getName().endsWith(".zip")){ - try { - if (input.exists()){ - targetStream = new FileInputStream(input); - }else { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "File provided in ImportParameters does not exists."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "File provided in ImportParameters does not exist."); - return response; - } - } catch (Exception e) { - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error reading in File"); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error in reading in the file provided"); - } + public void stopNotification() { + if (this.scheme != null && this.handler != null) { + if (this.scheme.equals(NotificationScheme.AUTO_ALL_NOTIFICATIONS) + || this.scheme + .equals(NotificationScheme.AUTO_NOTIFICATIONS)) { + LOGGER.info("Clear Notification called.. "); + if (notificationType.get(0).equals("ueb")){ + this.uebClientThread.terminate(); + this.uebThread = false; + }else if (notificationType.get(0).equals("dmaap")){ + this.dmaapClientThread.terminate(); + this.dmaapThread = false; }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect File Data type."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "Incorrect File Type Given. Please use a file of type .xmi or .zip."); - return response; + AutoClientEnd.stop(); } - String[] parameters = new String[] {"importService=" + importParameters.getServiceType(), "serviceName=" - + importParameters.getServiceName(), "fileName=" + input.getName(), "version=" + importParameters.getVersion()}; - String responseMessage = (String) callPAP(targetStream, parameters, importParameters.getRequestID(), "importMS"); - response.setResponseMessage(responseMessage); - }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Missing required ImportParameters value."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "Missing required ImportParameters value."); } - }else{ - logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Missing required ImportParameters value."); - response.setResponseMessage(XACMLErrorConstants.ERROR_DATA_ISSUE + "Missing required ImportParameters value."); - } - return response; + } } /* - * Give userID, Passcode and the Resoruce they are requesting for. + * Push a policy to the PDP API implementation */ - private boolean checkPermissions(String userID, String passcode, String resource){ - Boolean result = false; - if(pyPDPClientFile!=null){ - // Backward compatible pyPDP called us. So validate the user names and scope. - Path clientPath = Paths.get(pyPDPClientFile); - if (Files.notExists(clientPath)) { - result = false; - }else if(clientPath.toString().endsWith(".properties")) { - try { - HashMap> clientMap = readProps(clientPath); - if (clientMap.containsKey(userID) && clientMap.get(userID).get(0).equals(passcode)) { - result= true; - } - } catch (Exception e) { - result = false; - } - } - }else{ - //Allowing Every Client who ever don't have access for AAF and Backup Client file - result = true; - } - return result; + public String pushPolicy(String policyScope, String policyName, String policyType, String pdpGroup, UUID requestID) throws PolicyException { + PushPolicyParameters pushPolicyParameters = new PushPolicyParameters(); + if(policyScope==null|| policyScope.trim().isEmpty()){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; + LOGGER.error(message); + throw new PolicyException(message); + } + if(policyName==null|| policyName.trim().isEmpty()){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; + LOGGER.error(message); + throw new PolicyException(message); + } + pushPolicyParameters.setPolicyName(policyScope+"."+policyName); + pushPolicyParameters.setPolicyType(policyType); + pushPolicyParameters.setPdpGroup(pdpGroup); + pushPolicyParameters.setRequestID(requestID); + return pushPolicyImpl(pushPolicyParameters).getResponseMessage(); + } + + public String createUpdateConfigPolicy(String policyName, String policyDescription, String ecompName, String configName, + Map configAttributes, String configType, String body, String policyScope, UUID requestID, + String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag) throws PolicyException { + return createUpdateConfigPolicyImpl(policyName, policyDescription, ecompName, configName, + configAttributes, configType, body, policyScope, requestID, + riskLevel, riskType, guard, ttlDate, updateFlag); } - private HashMap> readProps(Path clientPath) throws Exception{ - InputStream in; - Properties clientProp = new Properties(); + /* + * Create Config Policy API Implementation + */ + public String createUpdateConfigPolicyImpl(String policyName, String policyDescription, String ecompName, String configName, + Map configAttributes, String configType, String body, String policyScope, UUID requestID, + String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag) throws PolicyException { + PolicyParameters policyParameters = new PolicyParameters(); + policyParameters.setPolicyClass(PolicyClass.Config); + policyParameters.setPolicyConfigType(PolicyConfigType.Base); + if(policyScope==null|| policyScope.trim().isEmpty()){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; + LOGGER.error(message); + throw new PolicyException(message); + } + if(policyName==null|| policyName.trim().isEmpty()){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; + LOGGER.error(message); + throw new PolicyException(message); + } + policyParameters.setPolicyName(policyScope+"."+policyName); + policyParameters.setPolicyDescription(policyDescription); + policyParameters.setEcompName(ecompName); + policyParameters.setConfigName(configName); + Map> attributes = new HashMap>(); + attributes.put(AttributeType.MATCHING, configAttributes); + policyParameters.setAttributes(attributes); + policyParameters.setConfigBodyType(PolicyType.valueOf(configType)); + policyParameters.setConfigBody(body); + policyParameters.setRequestID(requestID); + policyParameters.setRiskLevel(riskLevel); + policyParameters.setRiskType(riskType); + policyParameters.setGuard(Boolean.parseBoolean(guard)); try { - in = new FileInputStream(clientPath.toFile()); - clientProp.load(in); - } catch (IOException e) { - logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e); - throw new Exception(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"Cannot Load the Properties file", e); - } - // Read the Properties and Load the Clients and their scopes. - HashMap>clientMap = new HashMap>(); - // - for (Object propKey : clientProp.keySet()) { - String clientID = (String)propKey; - String clientValue = clientProp.getProperty(clientID); - if (clientValue != null) { - if (clientValue.contains(",")) { - ArrayList clientValues = new ArrayList(Arrays.asList(clientValue.split("\\s*,\\s*"))); - if(clientValues.get(0)!=null || clientValues.get(1)!=null || clientValues.get(0).isEmpty() || clientValues.get(1).isEmpty()){ - clientMap.put(clientID, clientValues); - } - } - } + policyParameters.setTtlDate(new SimpleDateFormat("dd-MM-yyyy").parse(ttlDate)); + } catch (ParseException e) { + LOGGER.warn("Error Parsing date given " + ttlDate); + policyParameters.setTtlDate(null); } - if (clientMap == null || clientMap.isEmpty()) { - logger.debug(XACMLErrorConstants.ERROR_PERMISSIONS + "No Clients ID , Client Key and Scopes are available. Cannot serve any Clients !!"); - throw new Exception("Empty Client file"); - } - return clientMap; + return createUpdatePolicyImpl(policyParameters, updateFlag).getResponseMessage(); + } + + public String createUpdateConfigFirewallPolicy(String policyName, JsonObject firewallJson, String policyScope, UUID requestID, + String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag) throws PolicyException { + return createUpdateConfigFirewallPolicyImpl(policyName, firewallJson, policyScope, requestID, + riskLevel, riskType, guard, ttlDate, updateFlag); } - protected boolean isNumeric(String str) - { - for (char c : str.toCharArray()) - { - if (!Character.isDigit(c)) return false; + /* + * Create Update Config Firewall Policy API implementation + */ + public String createUpdateConfigFirewallPolicyImpl(String policyName, JsonObject firewallJson, String policyScope, UUID requestID, + String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag) throws PolicyException { + PolicyParameters policyParameters = new PolicyParameters(); + policyParameters.setPolicyClass(PolicyClass.Config); + policyParameters.setPolicyConfigType(PolicyConfigType.Firewall); + if(policyScope==null|| policyScope.trim().isEmpty()){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; + LOGGER.error(message); + throw new PolicyException(message); + } + if(policyName==null|| policyName.trim().isEmpty()){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given."; + LOGGER.error(message); + throw new PolicyException(message); + } + policyParameters.setPolicyName(policyScope+"."+policyName); + policyParameters.setConfigBody(firewallJson.toString()); + policyParameters.setRequestID(requestID); + policyParameters.setRiskLevel(riskLevel); + policyParameters.setRiskType(riskType); + policyParameters.setGuard(Boolean.parseBoolean(guard)); + try { + policyParameters.setTtlDate(new SimpleDateFormat("dd-MM-yyyy").parse(ttlDate)); + } catch (NullPointerException | ParseException e) { + LOGGER.warn("Error Parsing date given " + ttlDate); + policyParameters.setTtlDate(null); } - return true; - } + return createUpdatePolicyImpl(policyParameters, updateFlag).getResponseMessage(); + } - private String ConvertDate(Date date){ - String strDate = null; - if (date!=null) - { - SimpleDateFormat dateformatJava = new SimpleDateFormat("dd-MM-yyyy"); - strDate = dateformatJava.format(date); + public void setClientKey(String clientKey){ + if(clientKey!=null && !clientKey.isEmpty()){ + StdPolicyEngine.pass = clientKey; + setClientEncoding(); } - - return strDate; } -} + /* + * Get the Environment. + */ + public static String getEnvironment() { + return environment; + } + /* + * Rotate the PDP list upon WEBsocket Failures + */ + public static void rotatePDPList() { + Collections.rotate(pdps, -1); + Collections.rotate(encoding, -1); + } + /* + * Get the latest PDP + */ + public static String getPDPURL() { + return pdps.get(0); + } +} \ No newline at end of file