2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property.
6 * Copyright © 2017 Amdocs
8 * ================================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 * ============LICENSE_END=========================================================
22 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
24 package org.onap.crud.service;
26 import com.google.gson.JsonElement;
28 import org.apache.cxf.jaxrs.ext.PATCH;
29 import org.onap.aai.cl.api.Logger;
30 import org.onap.aai.cl.eelf.LoggerFactory;
31 import org.onap.aaiauth.auth.Auth;
32 import org.onap.crud.exception.CrudException;
33 import org.onap.crud.logging.CrudServiceMsgs;
34 import org.onap.crud.logging.LoggingUtil;
35 import org.onap.crud.util.CrudServiceConstants;
36 import org.onap.crud.util.CrudServiceUtil;
39 import java.security.cert.X509Certificate;
40 import java.util.ArrayList;
41 import java.util.HashMap;
42 import java.util.List;
44 import javax.security.auth.x500.X500Principal;
45 import javax.servlet.http.HttpServletRequest;
47 import javax.ws.rs.core.*;
48 import javax.ws.rs.core.Response.Status;
50 public class CrudRestService {
52 private AbstractGraphDataService graphDataService;
53 Logger logger = LoggerFactory.getInstance().getLogger(CrudRestService.class.getName());
54 Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(CrudRestService.class.getName());
57 private String mediaType = MediaType.APPLICATION_JSON;
58 public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override";
60 public CrudRestService(AbstractGraphDataService graphDataService) throws Exception {
61 this.graphDataService = graphDataService;
62 this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);
66 POST, GET, PUT, DELETE, PATCH
69 public void startup() {
74 @Path("/{version}/{type}/{id}")
75 @Consumes({MediaType.APPLICATION_JSON})
76 @Produces({MediaType.APPLICATION_JSON})
77 public Response getVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
78 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
79 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
80 LoggingUtil.initMdcContext(req, headers);
82 logger.debug("Incoming request..." + content);
83 Response response = null;
87 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
88 String result = graphDataService.getVertex(version, id, type);
89 response = Response.status(Status.OK).entity(result).type(mediaType).build();
91 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
93 } catch (CrudException ce) {
94 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
95 } catch (Exception e) {
96 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
100 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
105 @Path("/{version}/{type}/")
106 @Consumes({MediaType.APPLICATION_JSON})
107 @Produces({MediaType.APPLICATION_JSON})
108 public Response getVertices(String content, @PathParam("version") String version, @PathParam("type") String type,
109 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
110 @Context HttpServletRequest req) {
112 LoggingUtil.initMdcContext(req, headers);
114 logger.debug("Incoming request..." + content);
115 Response response = null;
117 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
119 Map<String, String> filter = new HashMap<String, String>();
120 for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
121 filter.put(e.getKey(), e.getValue().get(0));
124 String result = graphDataService.getVertices(version, type, filter);
125 response = Response.status(Status.OK).entity(result).type(mediaType).build();
127 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
129 } catch (CrudException ce) {
130 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
131 } catch (Exception e) {
132 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
136 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
141 @Path("/relationships/{version}/{type}/{id}")
142 @Consumes({MediaType.APPLICATION_JSON})
143 @Produces({MediaType.APPLICATION_JSON})
144 public Response getEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
145 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
146 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
147 LoggingUtil.initMdcContext(req, headers);
149 logger.debug("Incoming request..." + content);
150 Response response = null;
154 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
156 String result = graphDataService.getEdge(version, id, type);
157 response = Response.status(Status.OK).entity(result).type(mediaType).build();
159 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
161 } catch (CrudException ce) {
162 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
163 } catch (Exception e) {
164 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
167 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
172 @Path("/relationships/{version}/{type}/")
173 @Consumes({MediaType.APPLICATION_JSON})
174 @Produces({MediaType.APPLICATION_JSON})
175 public Response getEdges(String content, @PathParam("version") String version, @PathParam("type") String type,
176 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
177 @Context HttpServletRequest req) {
179 LoggingUtil.initMdcContext(req, headers);
181 logger.debug("Incoming request..." + content);
182 Response response = null;
185 Map<String, String> filter = new HashMap<String, String>();
186 for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
187 filter.put(e.getKey(), e.getValue().get(0));
191 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
192 String result = graphDataService.getEdges(version, type, filter);
193 response = Response.status(Status.OK).entity(result).type(mediaType).build();
195 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
197 } catch (CrudException ce) {
198 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
199 } catch (Exception e) {
200 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
203 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
208 @Path("/relationships/{version}/{type}/{id}")
209 @Consumes({MediaType.APPLICATION_JSON})
210 @Produces({MediaType.APPLICATION_JSON})
211 public Response updateEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
212 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
213 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
215 LoggingUtil.initMdcContext(req, headers);
217 logger.debug("Incoming request..." + content);
218 Response response = null;
222 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
223 EdgePayload payload = EdgePayload.fromJson(content);
224 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
225 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
227 if (payload.getId() != null && !payload.getId().equals(id)) {
228 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
232 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
233 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
234 result = graphDataService.patchEdge(version, id, type, payload);
237 result = graphDataService.updateEdge(version, id, type, payload);
240 response = Response.status(Status.OK).entity(result).type(mediaType).build();
242 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
244 } catch (CrudException ce) {
245 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
246 } catch (Exception e) {
247 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
250 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
255 @Path("/relationships/{version}/{type}/{id}")
256 @Consumes({"application/merge-patch+json"})
257 @Produces({MediaType.APPLICATION_JSON})
258 public Response patchEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
259 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
260 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
262 LoggingUtil.initMdcContext(req, headers);
264 logger.debug("Incoming request..." + content);
265 Response response = null;
268 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
269 EdgePayload payload = EdgePayload.fromJson(content);
270 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
271 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
273 if (payload.getId() != null && !payload.getId().equals(id)) {
274 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
277 String result = graphDataService.patchEdge(version, id, type, payload);
278 response = Response.status(Status.OK).entity(result).type(mediaType).build();
280 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
282 } catch (CrudException ce) {
283 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
284 } catch (Exception e) {
285 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
288 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
293 @Path("/{version}/{type}/{id}")
294 @Consumes({MediaType.APPLICATION_JSON})
295 @Produces({MediaType.APPLICATION_JSON})
296 public Response updateVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
297 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
298 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
300 LoggingUtil.initMdcContext(req, headers);
302 logger.debug("Incoming request..." + content);
303 Response response = null;
307 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
308 VertexPayload payload = VertexPayload.fromJson(content);
309 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
310 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
312 if (payload.getId() != null && !payload.getId().equals(id)) {
313 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
318 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
320 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
321 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
322 result = graphDataService.patchVertex(version, id, type, payload);
325 result = graphDataService.updateVertex(version, id, type, payload);
327 response = Response.status(Status.OK).entity(result).type(mediaType).build();
329 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
331 } catch (CrudException ce) {
332 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
333 } catch (Exception e) {
334 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
337 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
342 @Path("/{version}/{type}/{id}")
343 @Consumes({"application/merge-patch+json"})
344 @Produces({MediaType.APPLICATION_JSON})
345 public Response patchVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
346 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
347 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
349 LoggingUtil.initMdcContext(req, headers);
351 logger.debug("Incoming request..." + content);
352 Response response = null;
355 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
356 VertexPayload payload = VertexPayload.fromJson(content);
357 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
358 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
360 if (payload.getId() != null && !payload.getId().equals(id)) {
361 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
364 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
366 String result = graphDataService.patchVertex(version, id, type, payload);
367 response = Response.status(Status.OK).entity(result).type(mediaType).build();
369 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
371 } catch (CrudException ce) {
372 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
373 } catch (Exception e) {
374 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
377 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
382 @Path("/{version}/{type}/")
383 @Consumes({MediaType.APPLICATION_JSON})
384 @Produces({MediaType.APPLICATION_JSON})
385 public Response addVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
386 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
387 @Context HttpServletRequest req) {
389 LoggingUtil.initMdcContext(req, headers);
391 logger.debug("Incoming request..." + content);
392 Response response = null;
396 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
397 VertexPayload payload = VertexPayload.fromJson(content);
398 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
399 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
401 if (payload.getId() != null) {
402 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
405 if (payload.getType() != null && !payload.getType().equals(type)) {
406 throw new CrudException("Vertex Type mismatch", Status.BAD_REQUEST);
409 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
411 String result = graphDataService.addVertex(version, type, payload);
412 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
414 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
416 } catch (CrudException ce) {
417 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
418 } catch (Exception e) {
419 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
422 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
426 private void validateBulkPayload(BulkPayload payload) throws CrudException {
427 List<String> vertices = new ArrayList<String>();
428 List<String> edges = new ArrayList<String>();
430 for (JsonElement v : payload.getObjects()) {
431 List<Map.Entry<String, JsonElement>> entries = new ArrayList<Map.Entry<String, JsonElement>>(
432 v.getAsJsonObject().entrySet());
434 if (entries.size() != 2) {
435 throw new CrudException("", Status.BAD_REQUEST);
437 Map.Entry<String, JsonElement> opr = entries.get(0);
438 Map.Entry<String, JsonElement> item = entries.get(1);
440 if (vertices.contains(item.getKey())) {
441 throw new CrudException("duplicate vertex in payload: " + item.getKey(), Status.BAD_REQUEST);
443 VertexPayload vertexPayload = VertexPayload.fromJson(item.getValue().getAsJsonObject().toString());
444 if (vertexPayload.getType() == null) {
445 throw new CrudException("Vertex Type cannot be null for: " + item.getKey(), Status.BAD_REQUEST);
448 if (!opr.getKey().equalsIgnoreCase("operation")) {
449 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
452 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
453 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
454 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
455 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
457 // check if ID is populate for modify/delete operation
458 if ((opr.getValue().getAsString().equalsIgnoreCase("modify")
459 || opr.getValue().getAsString().equalsIgnoreCase("delete")) && (vertexPayload.getId() == null)) {
461 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
465 vertices.add(item.getKey());
468 for (JsonElement v : payload.getRelationships()) {
469 List<Map.Entry<String, JsonElement>> entries = new ArrayList<Map.Entry<String, JsonElement>>(
470 v.getAsJsonObject().entrySet());
472 if (entries.size() != 2) {
473 throw new CrudException("", Status.BAD_REQUEST);
475 Map.Entry<String, JsonElement> opr = entries.get(0);
476 Map.Entry<String, JsonElement> item = entries.get(1);
478 if (edges.contains(item.getKey())) {
479 throw new CrudException("duplicate Edge in payload: " + item.getKey(), Status.BAD_REQUEST);
482 EdgePayload edgePayload = EdgePayload.fromJson(item.getValue().getAsJsonObject().toString());
484 if (edgePayload.getType() == null) {
485 throw new CrudException("Edge Type cannot be null for: " + item.getKey(), Status.BAD_REQUEST);
488 if (!opr.getKey().equalsIgnoreCase("operation")) {
489 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
492 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
493 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
494 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
495 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
497 // check if ID is populate for modify/delete operation
498 if ((edgePayload.getId() == null) && (opr.getValue().getAsString().equalsIgnoreCase("modify")
499 || opr.getValue().getAsString().equalsIgnoreCase("delete"))) {
501 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
504 if (opr.getValue().getAsString().equalsIgnoreCase("add")) {
505 if (edgePayload.getSource() == null || edgePayload.getTarget() == null) {
506 throw new CrudException("Source/Target cannot be null for edge: " + item.getKey(), Status.BAD_REQUEST);
508 if (edgePayload.getSource().startsWith("$") && !vertices.contains(edgePayload.getSource().substring(1))) {
509 throw new CrudException(
510 "Source Vertex " + edgePayload.getSource().substring(1) + " not found for Edge: " + item.getKey(),
514 if (edgePayload.getTarget().startsWith("$") && !vertices.contains(edgePayload.getTarget().substring(1))) {
515 throw new CrudException(
516 "Target Vertex " + edgePayload.getSource().substring(1) + " not found for Edge: " + item.getKey(),
520 edges.add(item.getKey());
527 @Path("/{version}/bulk/")
528 @Consumes({MediaType.APPLICATION_JSON})
529 @Produces({MediaType.APPLICATION_JSON})
530 public Response addBulk(String content, @PathParam("version") String version, @PathParam("type") String type,
531 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
532 @Context HttpServletRequest req) {
534 LoggingUtil.initMdcContext(req, headers);
536 logger.debug("Incoming request..." + content);
537 Response response = null;
541 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
542 BulkPayload payload = BulkPayload.fromJson(content);
543 if ((payload.getObjects() == null && payload.getRelationships() == null)
544 || (payload.getObjects() != null && payload.getObjects().isEmpty() && payload.getRelationships() != null
545 && payload.getRelationships().isEmpty())) {
546 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
549 validateBulkPayload(payload);
550 String result = graphDataService.addBulk(version, payload, headers);
551 response = Response.status(Status.OK).entity(result).type(mediaType).build();
553 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
555 } catch (CrudException ce) {
556 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
557 } catch (Exception e) {
558 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
561 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
567 @Consumes({MediaType.APPLICATION_JSON})
568 @Produces({MediaType.APPLICATION_JSON})
569 public Response addVertex(String content, @PathParam("version") String version, @PathParam("uri") @Encoded String uri,
570 @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
572 LoggingUtil.initMdcContext(req, headers);
574 logger.debug("Incoming request..." + content);
575 Response response = null;
579 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
580 VertexPayload payload = VertexPayload.fromJson(content);
581 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
582 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
584 if (payload.getId() != null) {
585 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
588 if (payload.getType() == null || payload.getType().isEmpty()) {
589 throw new CrudException("Missing Vertex Type ", Status.BAD_REQUEST);
592 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
594 String result = graphDataService.addVertex(version, payload.getType(), payload);
595 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
597 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
599 } catch (CrudException ce) {
600 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
601 } catch (Exception e) {
602 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
605 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
610 @Path("/relationships/{version}/{type}/")
611 @Consumes({MediaType.APPLICATION_JSON})
612 @Produces({MediaType.APPLICATION_JSON})
613 public Response addEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
614 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
615 @Context HttpServletRequest req) {
617 LoggingUtil.initMdcContext(req, headers);
619 logger.debug("Incoming request..." + content);
620 Response response = null;
624 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
625 EdgePayload payload = EdgePayload.fromJson(content);
626 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
627 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
629 if (payload.getId() != null) {
630 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
633 if (payload.getType() != null && !payload.getType().equals(type)) {
634 throw new CrudException("Edge Type mismatch", Status.BAD_REQUEST);
636 String result = graphDataService.addEdge(version, type, payload);
637 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
639 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
641 } catch (CrudException ce) {
642 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
643 } catch (Exception e) {
644 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
647 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
652 @Path("/relationships/{version}/")
653 @Consumes({MediaType.APPLICATION_JSON})
654 @Produces({MediaType.APPLICATION_JSON})
655 public Response addEdge(String content, @PathParam("version") String version, @PathParam("uri") @Encoded String uri,
656 @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
658 LoggingUtil.initMdcContext(req, headers);
660 logger.debug("Incoming request..." + content);
661 Response response = null;
665 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
666 EdgePayload payload = EdgePayload.fromJson(content);
667 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
668 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
670 if (payload.getId() != null) {
671 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
674 if (payload.getType() == null || payload.getType().isEmpty()) {
675 throw new CrudException("Missing Edge Type ", Status.BAD_REQUEST);
677 String result = graphDataService.addEdge(version, payload.getType(), payload);
679 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
681 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
683 } catch (CrudException ce) {
684 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
685 } catch (Exception e) {
686 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
689 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
694 @Path("/{version}/{type}/{id}")
695 @Consumes({MediaType.APPLICATION_JSON})
696 @Produces({MediaType.APPLICATION_JSON})
697 public Response deleteVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
698 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
699 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
701 LoggingUtil.initMdcContext(req, headers);
703 logger.debug("Incoming request..." + content);
704 Response response = null;
708 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
709 String result = graphDataService.deleteVertex(version, id, type);
710 response = Response.status(Status.OK).entity(result).type(mediaType).build();
712 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
714 } catch (CrudException ce) {
715 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
716 } catch (Exception e) {
717 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
720 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
725 @Path("/relationships/{version}/{type}/{id}")
726 @Consumes({MediaType.APPLICATION_JSON})
727 @Produces({MediaType.APPLICATION_JSON})
728 public Response deleteEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
729 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
730 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
732 LoggingUtil.initMdcContext(req, headers);
734 logger.debug("Incoming request..." + content);
735 Response response = null;
738 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
739 String result = graphDataService.deleteEdge(version, id, type);
740 response = Response.status(Status.OK).entity(result).type(mediaType).build();
742 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
744 } catch (CrudException ce) {
745 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
746 } catch (Exception e) {
747 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
750 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
754 protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action,
755 String authPolicyFunctionName, HttpHeaders headers) throws CrudException {
756 boolean isValid = false;
758 String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
759 String authUser = null;
760 if (cipherSuite != null) {
761 X509Certificate[] certChain = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
762 X509Certificate clientCert = certChain[0];
763 X500Principal subjectDn = clientCert.getSubjectX500Principal();
764 authUser = subjectDn.toString();
766 isValid = this.auth.validateRequest(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
767 } catch (Exception e) {
768 logResult(action, uri, e);
772 String sourceOfTruth = null;
773 if (headers.getRequestHeaders().containsKey("X-FromAppId")) {
774 sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId");
777 if (sourceOfTruth == null || sourceOfTruth.trim() == "") {
778 throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST);
784 void logResult(Action op, String uri, Exception e) {
786 logger.error(CrudServiceMsgs.EXCEPTION_DURING_METHOD_CALL, op.toString(), uri, e.getStackTrace().toString());
788 // Clear the MDC context so that no other transaction inadvertently
789 // uses our transaction id.