X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fcrud%2Fservice%2FCrudRestService.java;h=3cfc65769d01e69e1f6477357ccc8a63ce229581;hb=3bc6a702f2d3d8710c7aaa94cdc8c0ccf3deb759;hp=da792b5b447a9444ecf523f4a1de60bb0098ff20;hpb=94cbd3286b5fdd2f3f8fa3325835e713d71aac73;p=aai%2Fgizmo.git

diff --git a/src/main/java/org/onap/crud/service/CrudRestService.java b/src/main/java/org/onap/crud/service/CrudRestService.java
index da792b5..3cfc657 100644
--- a/src/main/java/org/onap/crud/service/CrudRestService.java
+++ b/src/main/java/org/onap/crud/service/CrudRestService.java
@@ -1,16 +1,15 @@
 /**
  * ï»¿============LICENSE_START=======================================================
- * Gizmo
+ * org.onap.aai
  * ================================================================================
- * Copyright Â© 2017 AT&T Intellectual Property.
- * Copyright Â© 2017 Amdocs
- * All rights reserved.
+ * Copyright Â© 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright Â© 2017-2018 Amdocs
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
- *    http://www.apache.org/licenses/LICENSE-2.0
+ *       http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
@@ -18,18 +17,16 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  * ============LICENSE_END=========================================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  */
 package org.onap.crud.service;
 
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
-import java.util.Set;
-
 import javax.security.auth.x500.X500Principal;
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.Consumes;
@@ -42,27 +39,33 @@ import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.EntityTag;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
 import javax.ws.rs.core.UriInfo;
-
+import org.apache.commons.lang3.tuple.ImmutablePair;
 import org.apache.cxf.jaxrs.ext.PATCH;
-import org.openecomp.auth.Auth;
 import org.onap.aai.cl.api.Logger;
 import org.onap.aai.cl.eelf.LoggerFactory;
+import org.onap.aaiauth.auth.Auth;
 import org.onap.crud.exception.CrudException;
 import org.onap.crud.logging.CrudServiceMsgs;
 import org.onap.crud.logging.LoggingUtil;
+import org.onap.crud.parser.BulkPayload;
+import org.onap.crud.parser.EdgePayload;
+import org.onap.crud.parser.VertexPayload;
+import org.onap.crud.util.CrudProperties;
 import org.onap.crud.util.CrudServiceConstants;
+import org.onap.crud.util.CrudServiceUtil;
 import org.slf4j.MDC;
-
 import com.google.gson.JsonElement;
 
+@Path("/services/inventory")
 public class CrudRestService {
 
-  private CrudGraphDataService crudGraphDataService;
+  private AbstractGraphDataService graphDataService;
   Logger logger = LoggerFactory.getInstance().getLogger(CrudRestService.class.getName());
   Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(CrudRestService.class.getName());
   private Auth auth;
@@ -70,45 +73,51 @@ public class CrudRestService {
   private String mediaType = MediaType.APPLICATION_JSON;
   public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override";
 
-  public CrudRestService(CrudGraphDataService crudGraphDataService) throws Exception {
-    this.crudGraphDataService = crudGraphDataService;
+  public CrudRestService(AbstractGraphDataService graphDataService) throws Exception {
+    this.graphDataService = graphDataService;
     this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);
   }
 
+  // For unit testing
+  public CrudRestService(AbstractGraphDataService graphDataService, Auth auth) throws Exception {
+    this.graphDataService = graphDataService;
+    this.auth = auth;
+  }
+
   public enum Action {
     POST, GET, PUT, DELETE, PATCH
   }
 
-  ;
-
   public void startup() {
 
   }
 
   @GET
   @Path("/{version}/{type}/{id}")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response getVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
-      @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                            @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
+                            @Context UriInfo uriInfo, @Context HttpServletRequest req) {
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+    Map<String, String> params = addParams ( uriInfo, false, type, version );
 
-      try {
-        String result = crudGraphDataService.getVertex(version, id, type);
-        response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+    try {
+      if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
+          ImmutablePair<EntityTag, String> result = graphDataService.getVertex(version, id, type, params);
+        response = Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -117,33 +126,38 @@ public class CrudRestService {
 
   @GET
   @Path("/{version}/{type}/")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response getVertices(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
-      @Context HttpServletRequest req) {
+                              @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
+                              @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
-    if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+    try {
+      if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
+        String propertiesKey = CrudProperties.get(CrudServiceConstants.CRD_COLLECTION_PROPERTIES_KEY);
+        Map<String, String> filter = addParams ( uriInfo, true, type, version );
 
-      Map<String, String> filter = new HashMap<String, String>();
-      for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
-        filter.put(e.getKey(), e.getValue().get(0));
-      }
+        HashSet<String> properties;
+        if (uriInfo.getQueryParameters().containsKey(propertiesKey)) {
+          properties = new HashSet<>(uriInfo.getQueryParameters().get(propertiesKey));
+        } else {
+          properties = new HashSet<>();
+        }
 
-      try {
-        String result = crudGraphDataService.getVertices(version, type, filter);
-        response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+        ImmutablePair<EntityTag, String> result = graphDataService.getVertices(version, type, filter, properties);
+        response = Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -152,29 +166,30 @@ public class CrudRestService {
 
   @GET
   @Path("/relationships/{version}/{type}/{id}")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response getEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
-      @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                          @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
+                          @Context UriInfo uriInfo, @Context HttpServletRequest req) {
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+    Map<String, String> params = addParams ( uriInfo, false, type, version );
 
-      try {
+    try {
+      if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
 
-        String result = crudGraphDataService.getEdge(version, id, type);
-        response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+        ImmutablePair<EntityTag, String> result = graphDataService.getEdge(version, id, type, params);
+        response = Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -183,35 +198,29 @@ public class CrudRestService {
 
   @GET
   @Path("/relationships/{version}/{type}/")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response getEdges(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
-      @Context HttpServletRequest req) {
+                           @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
+                           @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
+    Map<String, String> filter = addParams ( uriInfo, true, type, version );
 
-    if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
-
-      Map<String, String> filter = new HashMap<String, String>();
-      for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
-        filter.put(e.getKey(), e.getValue().get(0));
-      }
-
-      try {
-        String result = crudGraphDataService.getEdges(version, type, filter);
-        response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+    try {
+      if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
+          ImmutablePair<EntityTag, String> result = graphDataService.getEdges(version, type, filter);
+          response = Response.status(Status.OK).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
-
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -220,20 +229,20 @@ public class CrudRestService {
 
   @PUT
   @Path("/relationships/{version}/{type}/{id}")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response updateEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
-      @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                             @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
+                             @Context UriInfo uriInfo, @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
 
-      try {
+    try {
+      if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
         EdgePayload payload = EdgePayload.fromJson(content);
         if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
           throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
@@ -241,25 +250,23 @@ public class CrudRestService {
         if (payload.getId() != null && !payload.getId().equals(id)) {
           throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
         }
-        String result;
-
+        ImmutablePair<EntityTag, String> result;
         if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
             && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
-          result = crudGraphDataService.patchEdge(version, id, type, payload);
+          result = graphDataService.patchEdge(version, id, type, payload);
+          response = Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey()).build();
         } else {
-
-          result = crudGraphDataService.updateEdge(version, id, type, payload);
+          result = graphDataService.updateEdge(version, id, type, payload);
+          response = Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey()).build();
         }
-
-        response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+        
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
-
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -268,19 +275,19 @@ public class CrudRestService {
 
   @PATCH
   @Path("/relationships/{version}/{type}/{id}")
-  @Consumes({ "application/merge-patch+json" })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({"application/merge-patch+json"})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response patchEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
-      @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                            @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
+                            @Context UriInfo uriInfo, @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
-    if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
 
-      try {
+    try {
+      if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
         EdgePayload payload = EdgePayload.fromJson(content);
         if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
           throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
@@ -289,15 +296,15 @@ public class CrudRestService {
           throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
         }
 
-        String result = crudGraphDataService.patchEdge(version, id, type, payload);
-        response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+        ImmutablePair<EntityTag, String> result = graphDataService.patchEdge(version, id, type, payload);
+        response = Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey()).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -306,20 +313,19 @@ public class CrudRestService {
 
   @PUT
   @Path("/{version}/{type}/{id}")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response updateVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
-      @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                               @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
+                               @Context UriInfo uriInfo, @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
-
-      try {
+    try {
+      if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
         VertexPayload payload = VertexPayload.fromJson(content);
         if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
           throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
@@ -327,22 +333,26 @@ public class CrudRestService {
         if (payload.getId() != null && !payload.getId().equals(id)) {
           throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
         }
-        String result;
+
+        payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
+
+        ImmutablePair<EntityTag, String> result;
         if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
             && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
-          result = crudGraphDataService.patchVertex(version, id, type, payload);
+          result = graphDataService.patchVertex(version, id, type, payload);
+          response = Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey()).build();
         } else {
-
-          result = crudGraphDataService.updateVertex(version, id, type, payload);
+          result = graphDataService.updateVertex(version, id, type, payload);
+          response = Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey()).build();
         }
-        response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+        
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -351,19 +361,19 @@ public class CrudRestService {
 
   @PATCH
   @Path("/{version}/{type}/{id}")
-  @Consumes({ "application/merge-patch+json" })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({"application/merge-patch+json"})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response patchVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
-      @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                              @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
+                              @Context UriInfo uriInfo, @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
-      try {
+    try {
+      if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
         VertexPayload payload = VertexPayload.fromJson(content);
         if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
           throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
@@ -372,15 +382,17 @@ public class CrudRestService {
           throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
         }
 
-        String result = crudGraphDataService.patchVertex(version, id, type, payload);
-        response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+        payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
+
+        ImmutablePair<EntityTag, String> result = graphDataService.patchVertex(version, id, type, payload);
+        response = Response.status(Status.OK).entity(result.getValue()).type(mediaType).tag(result.getKey()).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -389,20 +401,20 @@ public class CrudRestService {
 
   @POST
   @Path("/{version}/{type}/")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response addVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
-      @Context HttpServletRequest req) {
+                            @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
+                            @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
 
-      try {
+    try {
+      if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
         VertexPayload payload = VertexPayload.fromJson(content);
         if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
           throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
@@ -415,15 +427,17 @@ public class CrudRestService {
           throw new CrudException("Vertex Type mismatch", Status.BAD_REQUEST);
         }
 
-        String result = crudGraphDataService.addVertex(version, type, payload);
-        response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+        payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
+
+        ImmutablePair<EntityTag, String> result = graphDataService.addVertex(version, type, payload);
+        response = Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -458,11 +472,13 @@ public class CrudRestService {
 
       if (!opr.getValue().getAsString().equalsIgnoreCase("add")
           && !opr.getValue().getAsString().equalsIgnoreCase("modify")
+          && !opr.getValue().getAsString().equalsIgnoreCase("patch")
           && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
         throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
       }
-      // check if ID is populate for modify/delete operation
+      // check if ID is populate for modify/patch/delete operation
       if ((opr.getValue().getAsString().equalsIgnoreCase("modify")
+          || opr.getValue().getAsString().equalsIgnoreCase("patch")
           || opr.getValue().getAsString().equalsIgnoreCase("delete")) && (vertexPayload.getId() == null)) {
 
         throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
@@ -488,21 +504,19 @@ public class CrudRestService {
 
       EdgePayload edgePayload = EdgePayload.fromJson(item.getValue().getAsJsonObject().toString());
 
-      if (edgePayload.getType() == null) {
-        throw new CrudException("Edge Type cannot be null for: " + item.getKey(), Status.BAD_REQUEST);
-      }
-
       if (!opr.getKey().equalsIgnoreCase("operation")) {
         throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
       }
 
       if (!opr.getValue().getAsString().equalsIgnoreCase("add")
           && !opr.getValue().getAsString().equalsIgnoreCase("modify")
+          && !opr.getValue().getAsString().equalsIgnoreCase("patch")
           && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
         throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
       }
-      // check if ID is populate for modify/delete operation
+      // check if ID is populate for modify/patch/delete operation
       if ((edgePayload.getId() == null) && (opr.getValue().getAsString().equalsIgnoreCase("modify")
+          || opr.getValue().getAsString().equalsIgnoreCase("patch")
           || opr.getValue().getAsString().equalsIgnoreCase("delete"))) {
 
         throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
@@ -532,37 +546,37 @@ public class CrudRestService {
 
   @POST
   @Path("/{version}/bulk/")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response addBulk(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
-      @Context HttpServletRequest req) {
+                          @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
+                          @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
 
-      try {
+    try {
+      if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
         BulkPayload payload = BulkPayload.fromJson(content);
         if ((payload.getObjects() == null && payload.getRelationships() == null)
             || (payload.getObjects() != null && payload.getObjects().isEmpty() && payload.getRelationships() != null
-                && payload.getRelationships().isEmpty())) {
+            && payload.getRelationships().isEmpty())) {
           throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
         }
 
         validateBulkPayload(payload);
-        String result = crudGraphDataService.addBulk(version, payload);
+        String result = graphDataService.addBulk(version, payload, headers);
         response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -571,19 +585,19 @@ public class CrudRestService {
 
   @POST
   @Path("/{version}/")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response addVertex(String content, @PathParam("version") String version, @PathParam("uri") @Encoded String uri,
-      @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                            @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
-      try {
+    try {
 
+      if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
         VertexPayload payload = VertexPayload.fromJson(content);
         if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
           throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
@@ -595,15 +609,18 @@ public class CrudRestService {
         if (payload.getType() == null || payload.getType().isEmpty()) {
           throw new CrudException("Missing Vertex Type ", Status.BAD_REQUEST);
         }
-        String result = crudGraphDataService.addVertex(version, payload.getType(), payload);
-        response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+
+        payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
+
+        ImmutablePair<EntityTag, String> result = graphDataService.addVertex(version, payload.getType(), payload);
+        response = Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -612,20 +629,20 @@ public class CrudRestService {
 
   @POST
   @Path("/relationships/{version}/{type}/")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response addEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
-      @Context HttpServletRequest req) {
+                          @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
+                          @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
 
-      try {
+    try {
+      if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
         EdgePayload payload = EdgePayload.fromJson(content);
         if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
           throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
@@ -637,15 +654,15 @@ public class CrudRestService {
         if (payload.getType() != null && !payload.getType().equals(type)) {
           throw new CrudException("Edge Type mismatch", Status.BAD_REQUEST);
         }
-        String result = crudGraphDataService.addEdge(version, type, payload);
-        response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+        ImmutablePair<EntityTag, String> result = graphDataService.addEdge(version, type, payload);
+        response = Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -654,19 +671,19 @@ public class CrudRestService {
 
   @POST
   @Path("/relationships/{version}/")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response addEdge(String content, @PathParam("version") String version, @PathParam("uri") @Encoded String uri,
-      @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                          @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
 
-      try {
+    try {
+      if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
         EdgePayload payload = EdgePayload.fromJson(content);
         if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
           throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
@@ -676,18 +693,18 @@ public class CrudRestService {
         }
 
         if (payload.getType() == null || payload.getType().isEmpty()) {
-          throw new CrudException("Missing Edge Type ", Status.BAD_REQUEST);
+          payload.setType(CrudServiceUtil.determineEdgeType(payload, version));
         }
-        String result = crudGraphDataService.addEdge(version, payload.getType(), payload);
-
-        response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+        
+        ImmutablePair<EntityTag, String> result = graphDataService.addEdge(version, payload.getType(), payload);
+        response = Response.status(Status.CREATED).entity(result.getValue()).tag(result.getKey()).type(mediaType).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -696,29 +713,29 @@ public class CrudRestService {
 
   @DELETE
   @Path("/{version}/{type}/{id}")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response deleteVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
-      @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                               @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
+                               @Context UriInfo uriInfo, @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
 
-    if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
 
-      try {
-        String result = crudGraphDataService.deleteVertex(version, id, type);
+    try {
+      if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
+        String result = graphDataService.deleteVertex(version, id, type);
         response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -727,28 +744,28 @@ public class CrudRestService {
 
   @DELETE
   @Path("/relationships/{version}/{type}/{id}")
-  @Consumes({ MediaType.APPLICATION_JSON })
-  @Produces({ MediaType.APPLICATION_JSON })
+  @Consumes({MediaType.APPLICATION_JSON})
+  @Produces({MediaType.APPLICATION_JSON})
   public Response deleteEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
-      @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
-      @Context UriInfo uriInfo, @Context HttpServletRequest req) {
+                             @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
+                             @Context UriInfo uriInfo, @Context HttpServletRequest req) {
 
     LoggingUtil.initMdcContext(req, headers);
 
     logger.debug("Incoming request..." + content);
     Response response = null;
-    if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
 
-      try {
-        String result = crudGraphDataService.deleteEdge(version, id, type);
+    try {
+      if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
+        String result = graphDataService.deleteEdge(version, id, type);
         response = Response.status(Status.OK).entity(result).type(mediaType).build();
-      } catch (CrudException ce) {
-        response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
-      } catch (Exception e) {
-        response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
+      } else {
+        response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
       }
-    } else {
-      response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
+    } catch (CrudException ce) {
+      response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
+    } catch (Exception e) {
+      response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
     }
 
     LoggingUtil.logRestRequest(logger, auditLogger, req, response);
@@ -756,7 +773,8 @@ public class CrudRestService {
   }
 
   protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action,
-      String authPolicyFunctionName) {
+                                    String authPolicyFunctionName, HttpHeaders headers) throws CrudException {
+    boolean isValid = false;
     try {
       String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
       String authUser = null;
@@ -766,19 +784,64 @@ public class CrudRestService {
         X500Principal subjectDn = clientCert.getSubjectX500Principal();
         authUser = subjectDn.toString();
       }
-      return this.auth.validateRequest(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
+      if(null != authUser) {
+        isValid = this.auth.validateRequest(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
+      }
     } catch (Exception e) {
       logResult(action, uri, e);
       return false;
     }
+
+    validateRequestHeader(headers);
+    
+    return isValid;
+  }
+  
+  public void validateRequestHeader(HttpHeaders headers) throws CrudException {
+      String sourceOfTruth = null;
+      if (headers.getRequestHeaders().containsKey("X-FromAppId")) {
+        sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId");
+      }
+
+      if (sourceOfTruth == null || sourceOfTruth.trim() == "") {
+        throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST);
+      }
+      
+      String transId = null;
+      if (headers.getRequestHeaders().containsKey("X-TransactionId")) {
+          transId = headers.getRequestHeaders().getFirst("X-TransactionId");
+      }
+
+      if (transId == null || transId.trim() == "") {
+        throw new CrudException("Invalid request, Missing X-TransactionId header", Status.BAD_REQUEST);
+      }
   }
 
   void logResult(Action op, String uri, Exception e) {
 
-    logger.error(CrudServiceMsgs.EXCEPTION_DURING_METHOD_CALL, op.toString(), uri, e.getStackTrace().toString());
+    logger.error(CrudServiceMsgs.EXCEPTION_DURING_METHOD_CALL, op.toString(), uri, Arrays.toString(e.getStackTrace()));
 
     // Clear the MDC context so that no other transaction inadvertently
     // uses our transaction id.
     MDC.clear();
   }
+
+  private Map<String, String> addParams ( UriInfo info, boolean filter, String type, String version ) {
+    String propertiesKey = CrudProperties.get ( CrudServiceConstants.CRD_COLLECTION_PROPERTIES_KEY );
+    Map<String, String> params = new HashMap<String, String> ();
+    params.put ( CrudServiceConstants.CRD_RESERVED_VERSION, version );
+    params.put ( CrudServiceConstants.CRD_RESERVED_NODE_TYPE, type );
+    if (filter) {
+      for (Map.Entry<String, List<String>> e : info.getQueryParameters ().entrySet ()) {
+        if (!e.getKey ().equals ( propertiesKey )) {
+          params.put ( e.getKey (), e.getValue ().get ( 0 ) );
+        }
+      }
+    } else {
+      for (Map.Entry<String, List<String>> e : info.getQueryParameters ().entrySet ()) {
+        params.put ( e.getKey (), e.getValue ().get ( 0 ) );
+      }
+    }
+    return params;
+  }
 }