2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property.
6 * Copyright © 2017 Amdocs
8 * ================================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 * ============LICENSE_END=========================================================
22 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
24 package org.onap.crud.service;
26 import com.google.gson.JsonElement;
28 import org.apache.cxf.jaxrs.ext.PATCH;
29 import org.onap.aai.cl.api.Logger;
30 import org.onap.aai.cl.eelf.LoggerFactory;
31 import org.onap.aaiauth.auth.Auth;
32 import org.onap.crud.exception.CrudException;
33 import org.onap.crud.logging.CrudServiceMsgs;
34 import org.onap.crud.logging.LoggingUtil;
35 import org.onap.crud.util.CrudProperties;
36 import org.onap.crud.util.CrudServiceConstants;
37 import org.onap.crud.util.CrudServiceUtil;
40 import java.security.cert.X509Certificate;
41 import java.util.ArrayList;
42 import java.util.HashMap;
43 import java.util.HashSet;
44 import java.util.List;
46 import javax.security.auth.x500.X500Principal;
47 import javax.servlet.http.HttpServletRequest;
48 import javax.ws.rs.Consumes;
49 import javax.ws.rs.DELETE;
50 import javax.ws.rs.Encoded;
51 import javax.ws.rs.GET;
52 import javax.ws.rs.POST;
53 import javax.ws.rs.PUT;
54 import javax.ws.rs.Path;
55 import javax.ws.rs.PathParam;
56 import javax.ws.rs.Produces;
57 import javax.ws.rs.core.Context;
58 import javax.ws.rs.core.HttpHeaders;
59 import javax.ws.rs.core.MediaType;
60 import javax.ws.rs.core.Response;
61 import javax.ws.rs.core.Response.Status;
62 import javax.ws.rs.core.UriInfo;
64 public class CrudRestService {
66 private AbstractGraphDataService graphDataService;
67 Logger logger = LoggerFactory.getInstance().getLogger(CrudRestService.class.getName());
68 Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(CrudRestService.class.getName());
71 private String mediaType = MediaType.APPLICATION_JSON;
72 public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override";
74 public CrudRestService(AbstractGraphDataService graphDataService) throws Exception {
75 this.graphDataService = graphDataService;
76 this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);
80 POST, GET, PUT, DELETE, PATCH
83 public void startup() {
88 @Path("/{version}/{type}/{id}")
89 @Consumes({MediaType.APPLICATION_JSON})
90 @Produces({MediaType.APPLICATION_JSON})
91 public Response getVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
92 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
93 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
94 LoggingUtil.initMdcContext(req, headers);
96 logger.debug("Incoming request..." + content);
97 Response response = null;
101 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
102 String result = graphDataService.getVertex(version, id, type);
103 response = Response.status(Status.OK).entity(result).type(mediaType).build();
105 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
107 } catch (CrudException ce) {
108 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
109 } catch (Exception e) {
110 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
114 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
119 @Path("/{version}/{type}/")
120 @Consumes({MediaType.APPLICATION_JSON})
121 @Produces({MediaType.APPLICATION_JSON})
122 public Response getVertices(String content, @PathParam("version") String version, @PathParam("type") String type,
123 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
124 @Context HttpServletRequest req) {
126 LoggingUtil.initMdcContext(req, headers);
128 logger.debug("Incoming request..." + content);
129 Response response = null;
131 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
132 String propertiesKey = CrudProperties.get(CrudServiceConstants.CRD_COLLECTION_PROPERTIES_KEY);
134 Map<String, String> filter = new HashMap<String, String>();
136 for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
137 if (!e.getKey().equals(propertiesKey)) {
138 filter.put(e.getKey(), e.getValue().get(0));
142 HashSet<String> properties;
143 if (uriInfo.getQueryParameters().containsKey(propertiesKey)) {
144 properties = new HashSet<>(uriInfo.getQueryParameters().get(propertiesKey));
146 properties = new HashSet<>();
149 String result = graphDataService.getVertices(version, type, filter, properties);
150 response = Response.status(Status.OK).entity(result).type(mediaType).build();
152 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
154 } catch (CrudException ce) {
155 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
156 } catch (Exception e) {
157 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
161 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
166 @Path("/relationships/{version}/{type}/{id}")
167 @Consumes({MediaType.APPLICATION_JSON})
168 @Produces({MediaType.APPLICATION_JSON})
169 public Response getEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
170 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
171 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
172 LoggingUtil.initMdcContext(req, headers);
174 logger.debug("Incoming request..." + content);
175 Response response = null;
179 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
181 String result = graphDataService.getEdge(version, id, type);
182 response = Response.status(Status.OK).entity(result).type(mediaType).build();
184 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
186 } catch (CrudException ce) {
187 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
188 } catch (Exception e) {
189 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
192 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
197 @Path("/relationships/{version}/{type}/")
198 @Consumes({MediaType.APPLICATION_JSON})
199 @Produces({MediaType.APPLICATION_JSON})
200 public Response getEdges(String content, @PathParam("version") String version, @PathParam("type") String type,
201 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
202 @Context HttpServletRequest req) {
204 LoggingUtil.initMdcContext(req, headers);
206 logger.debug("Incoming request..." + content);
207 Response response = null;
210 Map<String, String> filter = new HashMap<String, String>();
211 for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
212 filter.put(e.getKey(), e.getValue().get(0));
216 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
217 String result = graphDataService.getEdges(version, type, filter);
218 response = Response.status(Status.OK).entity(result).type(mediaType).build();
220 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
222 } catch (CrudException ce) {
223 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
224 } catch (Exception e) {
225 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
228 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
233 @Path("/relationships/{version}/{type}/{id}")
234 @Consumes({MediaType.APPLICATION_JSON})
235 @Produces({MediaType.APPLICATION_JSON})
236 public Response updateEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
237 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
238 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
240 LoggingUtil.initMdcContext(req, headers);
242 logger.debug("Incoming request..." + content);
243 Response response = null;
247 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
248 EdgePayload payload = EdgePayload.fromJson(content);
249 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
250 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
252 if (payload.getId() != null && !payload.getId().equals(id)) {
253 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
257 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
258 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
259 result = graphDataService.patchEdge(version, id, type, payload);
262 result = graphDataService.updateEdge(version, id, type, payload);
265 response = Response.status(Status.OK).entity(result).type(mediaType).build();
267 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
269 } catch (CrudException ce) {
270 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
271 } catch (Exception e) {
272 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
275 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
280 @Path("/relationships/{version}/{type}/{id}")
281 @Consumes({"application/merge-patch+json"})
282 @Produces({MediaType.APPLICATION_JSON})
283 public Response patchEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
284 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
285 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
287 LoggingUtil.initMdcContext(req, headers);
289 logger.debug("Incoming request..." + content);
290 Response response = null;
293 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
294 EdgePayload payload = EdgePayload.fromJson(content);
295 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
296 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
298 if (payload.getId() != null && !payload.getId().equals(id)) {
299 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
302 String result = graphDataService.patchEdge(version, id, type, payload);
303 response = Response.status(Status.OK).entity(result).type(mediaType).build();
305 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
307 } catch (CrudException ce) {
308 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
309 } catch (Exception e) {
310 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
313 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
318 @Path("/{version}/{type}/{id}")
319 @Consumes({MediaType.APPLICATION_JSON})
320 @Produces({MediaType.APPLICATION_JSON})
321 public Response updateVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
322 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
323 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
325 LoggingUtil.initMdcContext(req, headers);
327 logger.debug("Incoming request..." + content);
328 Response response = null;
332 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
333 VertexPayload payload = VertexPayload.fromJson(content);
334 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
335 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
337 if (payload.getId() != null && !payload.getId().equals(id)) {
338 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
343 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
345 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
346 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
347 result = graphDataService.patchVertex(version, id, type, payload);
350 result = graphDataService.updateVertex(version, id, type, payload);
352 response = Response.status(Status.OK).entity(result).type(mediaType).build();
354 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
356 } catch (CrudException ce) {
357 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
358 } catch (Exception e) {
359 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
362 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
367 @Path("/{version}/{type}/{id}")
368 @Consumes({"application/merge-patch+json"})
369 @Produces({MediaType.APPLICATION_JSON})
370 public Response patchVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
371 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
372 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
374 LoggingUtil.initMdcContext(req, headers);
376 logger.debug("Incoming request..." + content);
377 Response response = null;
380 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
381 VertexPayload payload = VertexPayload.fromJson(content);
382 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
383 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
385 if (payload.getId() != null && !payload.getId().equals(id)) {
386 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
389 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
391 String result = graphDataService.patchVertex(version, id, type, payload);
392 response = Response.status(Status.OK).entity(result).type(mediaType).build();
394 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
396 } catch (CrudException ce) {
397 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
398 } catch (Exception e) {
399 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
402 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
407 @Path("/{version}/{type}/")
408 @Consumes({MediaType.APPLICATION_JSON})
409 @Produces({MediaType.APPLICATION_JSON})
410 public Response addVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
411 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
412 @Context HttpServletRequest req) {
414 LoggingUtil.initMdcContext(req, headers);
416 logger.debug("Incoming request..." + content);
417 Response response = null;
421 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
422 VertexPayload payload = VertexPayload.fromJson(content);
423 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
424 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
426 if (payload.getId() != null) {
427 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
430 if (payload.getType() != null && !payload.getType().equals(type)) {
431 throw new CrudException("Vertex Type mismatch", Status.BAD_REQUEST);
434 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
436 String result = graphDataService.addVertex(version, type, payload);
437 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
439 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
441 } catch (CrudException ce) {
442 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
443 } catch (Exception e) {
444 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
447 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
451 private void validateBulkPayload(BulkPayload payload) throws CrudException {
452 List<String> vertices = new ArrayList<String>();
453 List<String> edges = new ArrayList<String>();
455 for (JsonElement v : payload.getObjects()) {
456 List<Map.Entry<String, JsonElement>> entries = new ArrayList<Map.Entry<String, JsonElement>>(
457 v.getAsJsonObject().entrySet());
459 if (entries.size() != 2) {
460 throw new CrudException("", Status.BAD_REQUEST);
462 Map.Entry<String, JsonElement> opr = entries.get(0);
463 Map.Entry<String, JsonElement> item = entries.get(1);
465 if (vertices.contains(item.getKey())) {
466 throw new CrudException("duplicate vertex in payload: " + item.getKey(), Status.BAD_REQUEST);
468 VertexPayload vertexPayload = VertexPayload.fromJson(item.getValue().getAsJsonObject().toString());
469 if (vertexPayload.getType() == null) {
470 throw new CrudException("Vertex Type cannot be null for: " + item.getKey(), Status.BAD_REQUEST);
473 if (!opr.getKey().equalsIgnoreCase("operation")) {
474 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
477 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
478 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
479 && !opr.getValue().getAsString().equalsIgnoreCase("patch")
480 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
481 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
483 // check if ID is populate for modify/patch/delete operation
484 if ((opr.getValue().getAsString().equalsIgnoreCase("modify")
485 || opr.getValue().getAsString().equalsIgnoreCase("patch")
486 || opr.getValue().getAsString().equalsIgnoreCase("delete")) && (vertexPayload.getId() == null)) {
488 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
492 vertices.add(item.getKey());
495 for (JsonElement v : payload.getRelationships()) {
496 List<Map.Entry<String, JsonElement>> entries = new ArrayList<Map.Entry<String, JsonElement>>(
497 v.getAsJsonObject().entrySet());
499 if (entries.size() != 2) {
500 throw new CrudException("", Status.BAD_REQUEST);
502 Map.Entry<String, JsonElement> opr = entries.get(0);
503 Map.Entry<String, JsonElement> item = entries.get(1);
505 if (edges.contains(item.getKey())) {
506 throw new CrudException("duplicate Edge in payload: " + item.getKey(), Status.BAD_REQUEST);
509 EdgePayload edgePayload = EdgePayload.fromJson(item.getValue().getAsJsonObject().toString());
511 if (edgePayload.getType() == null) {
512 throw new CrudException("Edge Type cannot be null for: " + item.getKey(), Status.BAD_REQUEST);
515 if (!opr.getKey().equalsIgnoreCase("operation")) {
516 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
519 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
520 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
521 && !opr.getValue().getAsString().equalsIgnoreCase("patch")
522 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
523 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
525 // check if ID is populate for modify/patch/delete operation
526 if ((edgePayload.getId() == null) && (opr.getValue().getAsString().equalsIgnoreCase("modify")
527 || opr.getValue().getAsString().equalsIgnoreCase("patch")
528 || opr.getValue().getAsString().equalsIgnoreCase("delete"))) {
530 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
533 if (opr.getValue().getAsString().equalsIgnoreCase("add")) {
534 if (edgePayload.getSource() == null || edgePayload.getTarget() == null) {
535 throw new CrudException("Source/Target cannot be null for edge: " + item.getKey(), Status.BAD_REQUEST);
537 if (edgePayload.getSource().startsWith("$") && !vertices.contains(edgePayload.getSource().substring(1))) {
538 throw new CrudException(
539 "Source Vertex " + edgePayload.getSource().substring(1) + " not found for Edge: " + item.getKey(),
543 if (edgePayload.getTarget().startsWith("$") && !vertices.contains(edgePayload.getTarget().substring(1))) {
544 throw new CrudException(
545 "Target Vertex " + edgePayload.getSource().substring(1) + " not found for Edge: " + item.getKey(),
549 edges.add(item.getKey());
556 @Path("/{version}/bulk/")
557 @Consumes({MediaType.APPLICATION_JSON})
558 @Produces({MediaType.APPLICATION_JSON})
559 public Response addBulk(String content, @PathParam("version") String version, @PathParam("type") String type,
560 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
561 @Context HttpServletRequest req) {
563 LoggingUtil.initMdcContext(req, headers);
565 logger.debug("Incoming request..." + content);
566 Response response = null;
570 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
571 BulkPayload payload = BulkPayload.fromJson(content);
572 if ((payload.getObjects() == null && payload.getRelationships() == null)
573 || (payload.getObjects() != null && payload.getObjects().isEmpty() && payload.getRelationships() != null
574 && payload.getRelationships().isEmpty())) {
575 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
578 validateBulkPayload(payload);
579 String result = graphDataService.addBulk(version, payload, headers);
580 response = Response.status(Status.OK).entity(result).type(mediaType).build();
582 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
584 } catch (CrudException ce) {
585 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
586 } catch (Exception e) {
587 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
590 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
596 @Consumes({MediaType.APPLICATION_JSON})
597 @Produces({MediaType.APPLICATION_JSON})
598 public Response addVertex(String content, @PathParam("version") String version, @PathParam("uri") @Encoded String uri,
599 @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
601 LoggingUtil.initMdcContext(req, headers);
603 logger.debug("Incoming request..." + content);
604 Response response = null;
608 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
609 VertexPayload payload = VertexPayload.fromJson(content);
610 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
611 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
613 if (payload.getId() != null) {
614 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
617 if (payload.getType() == null || payload.getType().isEmpty()) {
618 throw new CrudException("Missing Vertex Type ", Status.BAD_REQUEST);
621 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
623 String result = graphDataService.addVertex(version, payload.getType(), payload);
624 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
626 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
628 } catch (CrudException ce) {
629 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
630 } catch (Exception e) {
631 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
634 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
639 @Path("/relationships/{version}/{type}/")
640 @Consumes({MediaType.APPLICATION_JSON})
641 @Produces({MediaType.APPLICATION_JSON})
642 public Response addEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
643 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
644 @Context HttpServletRequest req) {
646 LoggingUtil.initMdcContext(req, headers);
648 logger.debug("Incoming request..." + content);
649 Response response = null;
653 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
654 EdgePayload payload = EdgePayload.fromJson(content);
655 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
656 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
658 if (payload.getId() != null) {
659 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
662 if (payload.getType() != null && !payload.getType().equals(type)) {
663 throw new CrudException("Edge Type mismatch", Status.BAD_REQUEST);
665 String result = graphDataService.addEdge(version, type, payload);
666 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
668 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
670 } catch (CrudException ce) {
671 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
672 } catch (Exception e) {
673 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
676 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
681 @Path("/relationships/{version}/")
682 @Consumes({MediaType.APPLICATION_JSON})
683 @Produces({MediaType.APPLICATION_JSON})
684 public Response addEdge(String content, @PathParam("version") String version, @PathParam("uri") @Encoded String uri,
685 @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
687 LoggingUtil.initMdcContext(req, headers);
689 logger.debug("Incoming request..." + content);
690 Response response = null;
694 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
695 EdgePayload payload = EdgePayload.fromJson(content);
696 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
697 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
699 if (payload.getId() != null) {
700 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
703 if (payload.getType() == null || payload.getType().isEmpty()) {
704 throw new CrudException("Missing Edge Type ", Status.BAD_REQUEST);
706 String result = graphDataService.addEdge(version, payload.getType(), payload);
708 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
710 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
712 } catch (CrudException ce) {
713 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
714 } catch (Exception e) {
715 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
718 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
723 @Path("/{version}/{type}/{id}")
724 @Consumes({MediaType.APPLICATION_JSON})
725 @Produces({MediaType.APPLICATION_JSON})
726 public Response deleteVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
727 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
728 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
730 LoggingUtil.initMdcContext(req, headers);
732 logger.debug("Incoming request..." + content);
733 Response response = null;
737 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
738 String result = graphDataService.deleteVertex(version, id, type);
739 response = Response.status(Status.OK).entity(result).type(mediaType).build();
741 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
743 } catch (CrudException ce) {
744 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
745 } catch (Exception e) {
746 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
749 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
754 @Path("/relationships/{version}/{type}/{id}")
755 @Consumes({MediaType.APPLICATION_JSON})
756 @Produces({MediaType.APPLICATION_JSON})
757 public Response deleteEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
758 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
759 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
761 LoggingUtil.initMdcContext(req, headers);
763 logger.debug("Incoming request..." + content);
764 Response response = null;
767 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
768 String result = graphDataService.deleteEdge(version, id, type);
769 response = Response.status(Status.OK).entity(result).type(mediaType).build();
771 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
773 } catch (CrudException ce) {
774 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
775 } catch (Exception e) {
776 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
779 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
783 protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action,
784 String authPolicyFunctionName, HttpHeaders headers) throws CrudException {
785 boolean isValid = false;
787 String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
788 String authUser = null;
789 if (cipherSuite != null) {
790 X509Certificate[] certChain = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
791 X509Certificate clientCert = certChain[0];
792 X500Principal subjectDn = clientCert.getSubjectX500Principal();
793 authUser = subjectDn.toString();
795 isValid = this.auth.validateRequest(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
796 } catch (Exception e) {
797 logResult(action, uri, e);
801 String sourceOfTruth = null;
802 if (headers.getRequestHeaders().containsKey("X-FromAppId")) {
803 sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId");
806 if (sourceOfTruth == null || sourceOfTruth.trim() == "") {
807 throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST);
813 void logResult(Action op, String uri, Exception e) {
815 logger.error(CrudServiceMsgs.EXCEPTION_DURING_METHOD_CALL, op.toString(), uri, e.getStackTrace().toString());
817 // Clear the MDC context so that no other transaction inadvertently
818 // uses our transaction id.