logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
String result = graphDataService.getVertex(version, id, type);
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
Map<String, String> filter = new HashMap<String, String>();
for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.GET, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
Map<String, String> filter = new HashMap<String, String>();
for (Map.Entry<String, List<String>> e : uriInfo.getQueryParameters().entrySet()) {
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
EdgePayload payload = EdgePayload.fromJson(content);
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
EdgePayload payload = EdgePayload.fromJson(content);
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.PUT, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
VertexPayload payload = VertexPayload.fromJson(content);
if (payload.getId() != null && !payload.getId().equals(id)) {
throw new CrudException("ID Mismatch", Status.BAD_REQUEST);
}
+
String result;
payload.setProperties(CrudServiceUtil.mergeHeaderInFoToPayload(payload.getProperties(), headers, false));
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.PATCH, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
VertexPayload payload = VertexPayload.fromJson(content);
if (payload.getProperties() == null || payload.getProperties().isJsonNull()) {
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
VertexPayload payload = VertexPayload.fromJson(content);
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
BulkPayload payload = BulkPayload.fromJson(content);
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
VertexPayload payload = VertexPayload.fromJson(content);
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
EdgePayload payload = EdgePayload.fromJson(content);
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.POST, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
EdgePayload payload = EdgePayload.fromJson(content);
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
String result = graphDataService.deleteVertex(version, id, type);
logger.debug("Incoming request..." + content);
Response response = null;
- if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME)) {
+ if (validateRequest(req, uri, content, Action.DELETE, CrudServiceConstants.CRD_AUTH_POLICY_NAME, headers)) {
try {
String result = graphDataService.deleteEdge(version, id, type);
}
protected boolean validateRequest(HttpServletRequest req, String uri, String content, Action action,
- String authPolicyFunctionName) {
- try {
+ String authPolicyFunctionName, HttpHeaders headers) {
+ boolean isValid = false;
+ try {
String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
String authUser = null;
if (cipherSuite != null) {
X500Principal subjectDn = clientCert.getSubjectX500Principal();
authUser = subjectDn.toString();
}
- return this.auth.validateRequest(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
+ isValid = this.auth.validateRequest(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName);
+
+ String sourceOfTruth = null;
+ if(headers.getRequestHeaders().containsKey("X-FromAppId"))
+ sourceOfTruth = headers.getRequestHeaders().getFirst("X-FromAppId");
+
+ if(sourceOfTruth == null || sourceOfTruth.trim() == "")
+ throw new CrudException("Invalid request, Missing X-FromAppId header", Status.BAD_REQUEST);
+
+ return isValid;
} catch (Exception e) {
logResult(action, uri, e);
return false;