2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property.
6 * Copyright © 2017 Amdocs
8 * ================================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 * ============LICENSE_END=========================================================
22 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
25 package org.onap.crud.service;
27 import com.google.gson.JsonElement;
29 import org.apache.cxf.jaxrs.ext.PATCH;
30 import org.onap.aai.cl.api.Logger;
31 import org.onap.aai.cl.eelf.LoggerFactory;
32 import org.onap.aaiauth.auth.Auth;
33 import org.onap.crud.exception.CrudException;
34 import org.onap.crud.logging.CrudServiceMsgs;
35 import org.onap.crud.logging.LoggingUtil;
36 import org.onap.crud.util.CrudProperties;
37 import org.onap.crud.util.CrudServiceConstants;
38 import org.onap.crud.util.CrudServiceUtil;
41 import java.security.cert.X509Certificate;
42 import java.util.ArrayList;
43 import java.util.HashMap;
44 import java.util.HashSet;
45 import java.util.List;
47 import javax.security.auth.x500.X500Principal;
48 import javax.servlet.http.HttpServletRequest;
49 import javax.ws.rs.Consumes;
50 import javax.ws.rs.DELETE;
51 import javax.ws.rs.Encoded;
52 import javax.ws.rs.GET;
53 import javax.ws.rs.POST;
54 import javax.ws.rs.PUT;
55 import javax.ws.rs.Path;
56 import javax.ws.rs.PathParam;
57 import javax.ws.rs.Produces;
58 import javax.ws.rs.core.Context;
59 import javax.ws.rs.core.HttpHeaders;
60 import javax.ws.rs.core.MediaType;
61 import javax.ws.rs.core.Response;
62 import javax.ws.rs.core.Response.Status;
63 import javax.ws.rs.core.UriInfo;
65 public class CrudRestService {
67 private AbstractGraphDataService graphDataService;
68 Logger logger = LoggerFactory.getInstance().getLogger(CrudRestService.class.getName());
69 Logger auditLogger = LoggerFactory.getInstance().getAuditLogger(CrudRestService.class.getName());
72 private String mediaType = MediaType.APPLICATION_JSON;
73 public static final String HTTP_PATCH_METHOD_OVERRIDE = "X-HTTP-Method-Override";
75 public CrudRestService(AbstractGraphDataService graphDataService) throws Exception {
76 this.graphDataService = graphDataService;
77 this.auth = new Auth(CrudServiceConstants.CRD_AUTH_FILE);
81 POST, GET, PUT, DELETE, PATCH
84 public void startup() {
89 @Path("/{version}/{type}/{id}")
90 @Consumes({MediaType.APPLICATION_JSON})
91 @Produces({MediaType.APPLICATION_JSON})
92 public Response getVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
93 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
94 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
95 LoggingUtil.initMdcContext(req, headers);
97 logger.debug("Incoming request..." + content);
98 Response response = null;
102 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
103 String result = graphDataService.getVertex(version, id, type);
104 response = Response.status(Status.OK).entity(result).type(mediaType).build();
106 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
108 } catch (CrudException ce) {
109 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
110 } catch (Exception e) {
111 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
115 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
120 @Path("/{version}/{type}/")
121 @Consumes({MediaType.APPLICATION_JSON})
122 @Produces({MediaType.APPLICATION_JSON})
123 public Response getVertices(String content, @PathParam("version") String version, @PathParam("type") String type,
124 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
125 @Context HttpServletRequest req) {
127 LoggingUtil.initMdcContext(req, headers);
129 logger.debug("Incoming request..." + content);
130 Response response = null;
132 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
133 String propertiesKey = CrudProperties.get(CrudServiceConstants.CRD_COLLECTION_PROPERTIES_KEY);
135 Map<String, String> filter = new HashMap<String, String>();
136 for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
137 filter.put(e.getKey(), e.getValue().get(0));
140 for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
141 if (!e.getKey().equals(propertiesKey)) {
142 filter.put(e.getKey(), e.getValue().get(0));
146 HashSet<String> properties;
147 if (uriInfo.getQueryParameters().containsKey(propertiesKey)) {
148 properties = new HashSet<>(uriInfo.getQueryParameters().get(propertiesKey));
150 properties = new HashSet<>();
153 String result = graphDataService.getVertices(version, type, filter, properties);
154 response = Response.status(Status.OK).entity(result).type(mediaType).build();
156 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
158 } catch (CrudException ce) {
159 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
160 } catch (Exception e) {
161 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
165 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
170 @Path("/relationships/{version}/{type}/{id}")
171 @Consumes({MediaType.APPLICATION_JSON})
172 @Produces({MediaType.APPLICATION_JSON})
173 public Response getEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
174 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
175 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
176 LoggingUtil.initMdcContext(req, headers);
178 logger.debug("Incoming request..." + content);
179 Response response = null;
183 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
185 String result = graphDataService.getEdge(version, id, type);
186 response = Response.status(Status.OK).entity(result).type(mediaType).build();
188 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
190 } catch (CrudException ce) {
191 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
192 } catch (Exception e) {
193 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
196 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
201 @Path("/relationships/{version}/{type}/")
202 @Consumes({MediaType.APPLICATION_JSON})
203 @Produces({MediaType.APPLICATION_JSON})
204 public Response getEdges(String content, @PathParam("version") String version, @PathParam("type") String type,
205 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
206 @Context HttpServletRequest req) {
208 LoggingUtil.initMdcContext(req, headers);
210 logger.debug("Incoming request..." + content);
211 Response response = null;
214 Map<String, String> filter = new HashMap<String, String>();
215 for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
216 filter.put(e.getKey(), e.getValue().get(0));
220 if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
221 String result = graphDataService.getEdges(version, type, filter);
222 response = Response.status(Status.OK).entity(result).type(mediaType).build();
224 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
226 } catch (CrudException ce) {
227 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
228 } catch (Exception e) {
229 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
232 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
237 @Path("/relationships/{version}/{type}/{id}")
238 @Consumes({MediaType.APPLICATION_JSON})
239 @Produces({MediaType.APPLICATION_JSON})
240 public Response updateEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
241 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
242 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
244 LoggingUtil.initMdcContext(req, headers);
246 logger.debug("Incoming request..." + content);
247 Response response = null;
251 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
252 EdgePayload payload = EdgePayload.fromJson(content);
253 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
254 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
256 if (payload.getId() != null && !payload.getId().equals(id)) {
257 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
261 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
262 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
263 result = graphDataService.patchEdge(version, id, type, payload);
266 result = graphDataService.updateEdge(version, id, type, payload);
269 response = Response.status(Status.OK).entity(result).type(mediaType).build();
271 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
273 } catch (CrudException ce) {
274 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
275 } catch (Exception e) {
276 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
279 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
284 @Path("/relationships/{version}/{type}/{id}")
285 @Consumes({"application/merge-patch+json"})
286 @Produces({MediaType.APPLICATION_JSON})
287 public Response patchEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
288 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
289 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
291 LoggingUtil.initMdcContext(req, headers);
293 logger.debug("Incoming request..." + content);
294 Response response = null;
297 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
298 EdgePayload payload = EdgePayload.fromJson(content);
299 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
300 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
302 if (payload.getId() != null && !payload.getId().equals(id)) {
303 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
306 String result = graphDataService.patchEdge(version, id, type, payload);
307 response = Response.status(Status.OK).entity(result).type(mediaType).build();
309 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
311 } catch (CrudException ce) {
312 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
313 } catch (Exception e) {
314 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
317 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
322 @Path("/{version}/{type}/{id}")
323 @Consumes({MediaType.APPLICATION_JSON})
324 @Produces({MediaType.APPLICATION_JSON})
325 public Response updateVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
326 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
327 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
329 LoggingUtil.initMdcContext(req, headers);
331 logger.debug("Incoming request..." + content);
332 Response response = null;
336 if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
337 VertexPayload payload = VertexPayload.fromJson(content);
338 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
339 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
341 if (payload.getId() != null && !payload.getId().equals(id)) {
342 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
347 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
349 if (headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE) != null
350 && headers.getRequestHeaders().getFirst(HTTP_PATCH_METHOD_OVERRIDE).equalsIgnoreCase("PATCH")) {
351 result = graphDataService.patchVertex(version, id, type, payload);
354 result = graphDataService.updateVertex(version, id, type, payload);
356 response = Response.status(Status.OK).entity(result).type(mediaType).build();
358 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
360 } catch (CrudException ce) {
361 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
362 } catch (Exception e) {
363 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
366 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
371 @Path("/{version}/{type}/{id}")
372 @Consumes({"application/merge-patch+json"})
373 @Produces({MediaType.APPLICATION_JSON})
374 public Response patchVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
375 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
376 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
378 LoggingUtil.initMdcContext(req, headers);
380 logger.debug("Incoming request..." + content);
381 Response response = null;
384 if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
385 VertexPayload payload = VertexPayload.fromJson(content);
386 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
387 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
389 if (payload.getId() != null && !payload.getId().equals(id)) {
390 throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
393 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
395 String result = graphDataService.patchVertex(version, id, type, payload);
396 response = Response.status(Status.OK).entity(result).type(mediaType).build();
398 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
400 } catch (CrudException ce) {
401 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
402 } catch (Exception e) {
403 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
406 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
411 @Path("/{version}/{type}/")
412 @Consumes({MediaType.APPLICATION_JSON})
413 @Produces({MediaType.APPLICATION_JSON})
414 public Response addVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
415 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
416 @Context HttpServletRequest req) {
418 LoggingUtil.initMdcContext(req, headers);
420 logger.debug("Incoming request..." + content);
421 Response response = null;
425 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
426 VertexPayload payload = VertexPayload.fromJson(content);
427 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
428 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
430 if (payload.getId() != null) {
431 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
434 if (payload.getType() != null && !payload.getType().equals(type)) {
435 throw new CrudException("Vertex Type mismatch", Status.BAD_REQUEST);
438 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
440 String result = graphDataService.addVertex(version, type, payload);
441 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
443 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
445 } catch (CrudException ce) {
446 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
447 } catch (Exception e) {
448 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
451 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
455 private void validateBulkPayload(BulkPayload payload) throws CrudException {
456 List<String> vertices = new ArrayList<String>();
457 List<String> edges = new ArrayList<String>();
459 for (JsonElement v : payload.getObjects()) {
460 List<Map.Entry<String, JsonElement>> entries = new ArrayList<Map.Entry<String, JsonElement>>(
461 v.getAsJsonObject().entrySet());
463 if (entries.size() != 2) {
464 throw new CrudException("", Status.BAD_REQUEST);
466 Map.Entry<String, JsonElement> opr = entries.get(0);
467 Map.Entry<String, JsonElement> item = entries.get(1);
469 if (vertices.contains(item.getKey())) {
470 throw new CrudException("duplicate vertex in payload: " + item.getKey(), Status.BAD_REQUEST);
472 VertexPayload vertexPayload = VertexPayload.fromJson(item.getValue().getAsJsonObject().toString());
473 if (vertexPayload.getType() == null) {
474 throw new CrudException("Vertex Type cannot be null for: " + item.getKey(), Status.BAD_REQUEST);
477 if (!opr.getKey().equalsIgnoreCase("operation")) {
478 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
481 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
482 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
483 && !opr.getValue().getAsString().equalsIgnoreCase("patch")
484 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
485 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
487 // check if ID is populate for modify/patch/delete operation
488 if ((opr.getValue().getAsString().equalsIgnoreCase("modify")
489 || opr.getValue().getAsString().equalsIgnoreCase("patch")
490 || opr.getValue().getAsString().equalsIgnoreCase("delete")) && (vertexPayload.getId() == null)) {
492 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
496 vertices.add(item.getKey());
499 for (JsonElement v : payload.getRelationships()) {
500 List<Map.Entry<String, JsonElement>> entries = new ArrayList<Map.Entry<String, JsonElement>>(
501 v.getAsJsonObject().entrySet());
503 if (entries.size() != 2) {
504 throw new CrudException("", Status.BAD_REQUEST);
506 Map.Entry<String, JsonElement> opr = entries.get(0);
507 Map.Entry<String, JsonElement> item = entries.get(1);
509 if (edges.contains(item.getKey())) {
510 throw new CrudException("duplicate Edge in payload: " + item.getKey(), Status.BAD_REQUEST);
513 EdgePayload edgePayload = EdgePayload.fromJson(item.getValue().getAsJsonObject().toString());
515 if (edgePayload.getType() == null) {
516 throw new CrudException("Edge Type cannot be null for: " + item.getKey(), Status.BAD_REQUEST);
519 if (!opr.getKey().equalsIgnoreCase("operation")) {
520 throw new CrudException("operation missing in item: " + item.getKey(), Status.BAD_REQUEST);
523 if (!opr.getValue().getAsString().equalsIgnoreCase("add")
524 && !opr.getValue().getAsString().equalsIgnoreCase("modify")
525 && !opr.getValue().getAsString().equalsIgnoreCase("patch")
526 && !opr.getValue().getAsString().equalsIgnoreCase("delete")) {
527 throw new CrudException("Invalid operation at item: " + item.getKey(), Status.BAD_REQUEST);
529 // check if ID is populate for modify/patch/delete operation
530 if ((edgePayload.getId() == null) && (opr.getValue().getAsString().equalsIgnoreCase("modify")
531 || opr.getValue().getAsString().equalsIgnoreCase("patch")
532 || opr.getValue().getAsString().equalsIgnoreCase("delete"))) {
534 throw new CrudException("Mising ID at item: " + item.getKey(), Status.BAD_REQUEST);
537 if (opr.getValue().getAsString().equalsIgnoreCase("add")) {
538 if (edgePayload.getSource() == null || edgePayload.getTarget() == null) {
539 throw new CrudException("Source/Target cannot be null for edge: " + item.getKey(), Status.BAD_REQUEST);
541 if (edgePayload.getSource().startsWith("$") && !vertices.contains(edgePayload.getSource().substring(1))) {
542 throw new CrudException(
543 "Source Vertex " + edgePayload.getSource().substring(1) + " not found for Edge: " + item.getKey(),
547 if (edgePayload.getTarget().startsWith("$") && !vertices.contains(edgePayload.getTarget().substring(1))) {
548 throw new CrudException(
549 "Target Vertex " + edgePayload.getSource().substring(1) + " not found for Edge: " + item.getKey(),
553 edges.add(item.getKey());
560 @Path("/{version}/bulk/")
561 @Consumes({MediaType.APPLICATION_JSON})
562 @Produces({MediaType.APPLICATION_JSON})
563 public Response addBulk(String content, @PathParam("version") String version, @PathParam("type") String type,
564 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
565 @Context HttpServletRequest req) {
567 LoggingUtil.initMdcContext(req, headers);
569 logger.debug("Incoming request..." + content);
570 Response response = null;
574 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
575 BulkPayload payload = BulkPayload.fromJson(content);
576 if ((payload.getObjects() == null && payload.getRelationships() == null)
577 || (payload.getObjects() != null && payload.getObjects().isEmpty() && payload.getRelationships() != null
578 && payload.getRelationships().isEmpty())) {
579 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
582 validateBulkPayload(payload);
583 String result = graphDataService.addBulk(version, payload, headers);
584 response = Response.status(Status.OK).entity(result).type(mediaType).build();
586 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
588 } catch (CrudException ce) {
589 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
590 } catch (Exception e) {
591 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
594 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
600 @Consumes({MediaType.APPLICATION_JSON})
601 @Produces({MediaType.APPLICATION_JSON})
602 public Response addVertex(String content, @PathParam("version") String version, @PathParam("uri") @Encoded String uri,
603 @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
605 LoggingUtil.initMdcContext(req, headers);
607 logger.debug("Incoming request..." + content);
608 Response response = null;
612 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
613 VertexPayload payload = VertexPayload.fromJson(content);
614 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
615 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
617 if (payload.getId() != null) {
618 throw new CrudException("ID specified , use Http PUT to update Vertex", Status.BAD_REQUEST);
621 if (payload.getType() == null || payload.getType().isEmpty()) {
622 throw new CrudException("Missing Vertex Type ", Status.BAD_REQUEST);
625 payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, true));
627 String result = graphDataService.addVertex(version, payload.getType(), payload);
628 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
630 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
632 } catch (CrudException ce) {
633 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
634 } catch (Exception e) {
635 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
638 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
643 @Path("/relationships/{version}/{type}/")
644 @Consumes({MediaType.APPLICATION_JSON})
645 @Produces({MediaType.APPLICATION_JSON})
646 public Response addEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
647 @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers, @Context UriInfo uriInfo,
648 @Context HttpServletRequest req) {
650 LoggingUtil.initMdcContext(req, headers);
652 logger.debug("Incoming request..." + content);
653 Response response = null;
657 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
658 EdgePayload payload = EdgePayload.fromJson(content);
659 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
660 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
662 if (payload.getId() != null) {
663 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
666 if (payload.getType() != null && !payload.getType().equals(type)) {
667 throw new CrudException("Edge Type mismatch", Status.BAD_REQUEST);
669 String result = graphDataService.addEdge(version, type, payload);
670 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
672 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
674 } catch (CrudException ce) {
675 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
676 } catch (Exception e) {
677 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
680 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
685 @Path("/relationships/{version}/")
686 @Consumes({MediaType.APPLICATION_JSON})
687 @Produces({MediaType.APPLICATION_JSON})
688 public Response addEdge(String content, @PathParam("version") String version, @PathParam("uri") @Encoded String uri,
689 @Context HttpHeaders headers, @Context UriInfo uriInfo, @Context HttpServletRequest req) {
691 LoggingUtil.initMdcContext(req, headers);
693 logger.debug("Incoming request..." + content);
694 Response response = null;
698 if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
699 EdgePayload payload = EdgePayload.fromJson(content);
700 if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
701 throw new CrudException("Invalid request Payload", Status.BAD_REQUEST);
703 if (payload.getId() != null) {
704 throw new CrudException("ID specified , use Http PUT to update Edge", Status.BAD_REQUEST);
707 if (payload.getType() == null || payload.getType().isEmpty()) {
708 throw new CrudException("Missing Edge Type ", Status.BAD_REQUEST);
710 String result = graphDataService.addEdge(version, payload.getType(), payload);
712 response = Response.status(Status.CREATED).entity(result).type(mediaType).build();
714 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
716 } catch (CrudException ce) {
717 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
718 } catch (Exception e) {
719 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
722 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
727 @Path("/{version}/{type}/{id}")
728 @Consumes({MediaType.APPLICATION_JSON})
729 @Produces({MediaType.APPLICATION_JSON})
730 public Response deleteVertex(String content, @PathParam("version") String version, @PathParam("type") String type,
731 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
732 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
734 LoggingUtil.initMdcContext(req, headers);
736 logger.debug("Incoming request..." + content);
737 Response response = null;
741 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
742 String result = graphDataService.deleteVertex(version, id, type);
743 response = Response.status(Status.OK).entity(result).type(mediaType).build();
745 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
747 } catch (CrudException ce) {
748 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
749 } catch (Exception e) {
750 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
753 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
758 @Path("/relationships/{version}/{type}/{id}")
759 @Consumes({MediaType.APPLICATION_JSON})
760 @Produces({MediaType.APPLICATION_JSON})
761 public Response deleteEdge(String content, @PathParam("version") String version, @PathParam("type") String type,
762 @PathParam("id") String id, @PathParam("uri") @Encoded String uri, @Context HttpHeaders headers,
763 @Context UriInfo uriInfo, @Context HttpServletRequest req) {
765 LoggingUtil.initMdcContext(req, headers);
767 logger.debug("Incoming request..." + content);
768 Response response = null;
771 if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
772 String result = graphDataService.deleteEdge(version, id, type);
773 response = Response.status(Status.OK).entity(result).type(mediaType).build();
775 response = Response.status(Status.FORBIDDEN).entity(content).type(MediaType.APPLICATION_JSON).build();
777 } catch (CrudException ce) {
778 response = Response.status(ce.getHttpStatus()).entity(ce.getMessage()).build();
779 } catch (Exception e) {
780 response = Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
783 LoggingUtil.logRestRequest(logger, auditLogger, req, response);
787 protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action,
788 String authPolicyFunctionName, HttpHeaders headers) throws CrudException {
789 boolean isValid = false;
791 String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
792 String authUser = null;
793 if (cipherSuite != null) {
794 X509Certificate[] certChain = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
795 X509Certificate clientCert = certChain[0];
796 X500Principal subjectDn = clientCert.getSubjectX500Principal();
797 authUser = subjectDn.toString();
799 isValid = this.auth.validateRequest(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
800 } catch (Exception e) {
801 logResult(action, uri, e);
805 String sourceOfTruth = null;
806 if (headers.getRequestHeaders().containsKey("X-FromAppId")) {
807 sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId");
810 if (sourceOfTruth == null || sourceOfTruth.trim() == "") {
811 throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST);
817 void logResult(Action op, String uri, Exception e) {
819 logger.error(CrudServiceMsgs.EXCEPTION_DURING_METHOD_CALL, op.toString(), uri, e.getStackTrace().toString());
821 // Clear the MDC context so that no other transaction inadvertently
822 // uses our transaction id.