datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/DRFeedsServlet.java

   1 /*******************************************************************************
   2  * ============LICENSE_START==================================================
   3  * * org.onap.dmaap
   4  * * ===========================================================================
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  * * ===========================================================================
   7  * * Licensed under the Apache License, Version 2.0 (the "License");
   8  * * you may not use this file except in compliance with the License.
   9  * * You may obtain a copy of the License at
  10  * *
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0
  12  * *
  13  *  * Unless required by applicable law or agreed to in writing, software
  14  * * distributed under the License is distributed on an "AS IS" BASIS,
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * * See the License for the specific language governing permissions and
  17  * * limitations under the License.
  18  * * ============LICENSE_END====================================================
  19  * *
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
  21  * *
  22  ******************************************************************************/
  23
  24
  25 package org.onap.dmaap.datarouter.provisioning;
  26
  27 import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
  28
  29 import com.att.eelf.configuration.EELFLogger;
  30 import com.att.eelf.configuration.EELFManager;
  31 import java.io.IOException;
  32 import java.io.InvalidObjectException;
  33 import java.util.List;
  34 import javax.servlet.http.HttpServletRequest;
  35 import javax.servlet.http.HttpServletResponse;
  36 import org.json.JSONObject;
  37
  38 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
  39 import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
  40 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
  41 import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs;
  42 import org.onap.dmaap.datarouter.provisioning.utils.JSONUtilities;
  43
  44
  45
  46 /**
  47  * This servlet handles provisioning for the &lt;drFeedsURL&gt; which is the URL on the provisioning server used to
  48  * create new feeds.  It supports POST to create new feeds, and GET to support the Feeds Collection Query function.
  49  *
  50  * @author Robert Eby
  51  * @version $Id$
  52  */
  53 @SuppressWarnings("serial")
  54 public class DRFeedsServlet extends ProxyServlet {
  55
  56     //Adding EELF Logger Rally:US664892
  57     private static EELFLogger eelfLogger = EELFManager.getInstance()
  58             .getLogger(DRFeedsServlet.class);
  59
  60     /**
  61      * DELETE on the &lt;drFeedsURL&gt; -- not supported.
  62      */
  63     @Override
  64     public void doDelete(HttpServletRequest req, HttpServletResponse resp) {
  65         setIpFqdnRequestIDandInvocationIDForEelf("doDelete", req);
  66         eelfLogger.info(EelfMsgs.ENTRY);
  67         try {
  68             eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID,
  69                     req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");
  70             String message = "DELETE not allowed for the drFeedsURL.";
  71             EventLogRecord elr = new EventLogRecord(req);
  72             elr.setMessage(message);
  73             elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
  74             eventlogger.error(elr.toString());
  75             sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger);
  76         } finally {
  77             eelfLogger.info(EelfMsgs.EXIT);
  78         }
  79     }
  80
  81     /**
  82      * GET on the &lt;drFeedsURL&gt; -- query the list of feeds already existing in the DB. See the <i>Feeds Collection
  83      * Queries</i> section in the <b>Provisioning API</b> document for details on how this method should be invoked.
  84      */
  85     @Override
  86     public void doGet(HttpServletRequest req, HttpServletResponse resp) {
  87         setIpFqdnRequestIDandInvocationIDForEelf("doGet", req);
  88         eelfLogger.info(EelfMsgs.ENTRY);
  89         try {
  90             eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID,
  91                     req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");
  92             EventLogRecord elr = new EventLogRecord(req);
  93             String message = isAuthorizedForProvisioning(req);
  94             if (message != null) {
  95                 elr.setMessage(message);
  96                 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
  97                 eventlogger.error(elr.toString());
  98                 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
  99                 return;
 100             }
 101             if (isProxyServer()) {
 102                 super.doGet(req, resp);
 103                 return;
 104             }
 105             String bhdr = req.getHeader(BEHALF_HEADER);
 106             if (bhdr == null) {
 107                 message = "Missing " + BEHALF_HEADER + " header.";
 108                 elr.setMessage(message);
 109                 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
 110                 eventlogger.error(elr.toString());
 111                 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
 112                 return;
 113             }
 114             // Note: I think this should be getPathInfo(), but that doesn't work (Jetty bug?)
 115             String path = req.getRequestURI();
 116             if (path != null && !"/".equals(path)) {
 117                 message = BAD_URL;
 118                 elr.setMessage(message);
 119                 elr.setResult(HttpServletResponse.SC_NOT_FOUND);
 120                 eventlogger.error(elr.toString());
 121                 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);
 122                 return;
 123             }
 124             // Check with the Authorizer
 125             AuthorizationResponse aresp = authz.decide(req);
 126             if (!aresp.isAuthorized()) {
 127                 message = POLICY_ENGINE;
 128                 elr.setMessage(message);
 129                 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
 130                 eventlogger.error(elr.toString());
 131                 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
 132                 return;
 133             }
 134
 135             String name = req.getParameter("name");
 136             String vers = req.getParameter("version");
 137             String publ = req.getParameter("publisher");
 138             String subs = req.getParameter("subscriber");
 139             if (name != null && vers != null) {
 140                 // Display a specific feed
 141                 Feed feed = Feed.getFeedByNameVersion(name, vers);
 142                 if (feed == null || feed.isDeleted()) {
 143                     message = "This feed does not exist in the database.";
 144                     elr.setMessage(message);
 145                     elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
 146                     eventlogger.error(elr.toString());
 147                     sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
 148                 } else {
 149                     // send response
 150                     elr.setResult(HttpServletResponse.SC_OK);
 151                     eventlogger.info(elr.toString());
 152                     resp.setStatus(HttpServletResponse.SC_OK);
 153                     resp.setContentType(FEEDFULL_CONTENT_TYPE);
 154                     try {
 155                         resp.getOutputStream().print(feed.asJSONObject(true).toString());
 156                     } catch (IOException ioe) {
 157                         eventlogger.error("PROV0111 DRFeedServlet.doGet " + ioe.getMessage(), ioe);
 158                     }
 159                 }
 160             } else {
 161                 // Display a list of URLs
 162                 List<String> list = null;
 163                 if (name != null) {
 164                     list = Feed.getFilteredFeedUrlList("name", name);
 165                 } else if (publ != null) {
 166                     list = Feed.getFilteredFeedUrlList("publ", publ);
 167                 } else if (subs != null) {
 168                     list = Feed.getFilteredFeedUrlList("subs", subs);
 169                 } else {
 170                     list = Feed.getFilteredFeedUrlList("all", null);
 171                 }
 172                 String strList = JSONUtilities.createJSONArray(list);
 173                 // send response
 174                 elr.setResult(HttpServletResponse.SC_OK);
 175                 eventlogger.info(elr.toString());
 176                 resp.setStatus(HttpServletResponse.SC_OK);
 177                 resp.setContentType(FEEDLIST_CONTENT_TYPE);
 178                 try {
 179                     resp.getOutputStream().print(strList);
 180                 } catch (IOException ioe) {
 181                     eventlogger.error("PROV0112 DRFeedServlet.doGet " + ioe.getMessage(), ioe);
 182                 }
 183             }
 184         } finally {
 185             eelfLogger.info(EelfMsgs.EXIT);
 186         }
 187     }
 188
 189     /**
 190      * PUT on the &lt;drFeedsURL&gt; -- not supported.
 191      */
 192     @Override
 193     public void doPut(HttpServletRequest req, HttpServletResponse resp) {
 194         setIpFqdnRequestIDandInvocationIDForEelf("doPut", req);
 195         eelfLogger.info(EelfMsgs.ENTRY);
 196         try {
 197             eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID,
 198                     req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");
 199             String message = "PUT not allowed for the drFeedsURL.";
 200             EventLogRecord elr = new EventLogRecord(req);
 201             elr.setMessage(message);
 202             elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
 203             eventlogger.error(elr.toString());
 204             sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger);
 205         } finally {
 206             eelfLogger.info(EelfMsgs.EXIT);
 207         }
 208     }
 209
 210     /**
 211      * POST on the &lt;drFeedsURL&gt; -- create a new feed. See the <i>Creating a Feed</i> section in the
 212      * <b>Provisioning API</b> document for details on how this method should be invoked.
 213      */
 214     @Override
 215     public void doPost(HttpServletRequest req, HttpServletResponse resp) {
 216         setIpFqdnRequestIDandInvocationIDForEelf("doPost", req);
 217         eelfLogger.info(EelfMsgs.ENTRY);
 218         try {
 219             eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF, req.getHeader(BEHALF_HEADER));
 220             EventLogRecord elr = new EventLogRecord(req);
 221             String message = isAuthorizedForProvisioning(req);
 222             if (message != null) {
 223                 elr.setMessage(message);
 224                 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
 225                 eventlogger.error(elr.toString());
 226                 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
 227                 return;
 228             }
 229             if (isProxyServer()) {
 230                 super.doPost(req, resp);
 231                 return;
 232             }
 233             String bhdr = req.getHeader(BEHALF_HEADER);
 234             if (bhdr == null) {
 235                 message = "Missing " + BEHALF_HEADER + " header.";
 236                 elr.setMessage(message);
 237                 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
 238                 eventlogger.error(elr.toString());
 239                 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
 240                 return;
 241             }
 242             // Note: I think this should be getPathInfo(), but that doesn't work (Jetty bug?)
 243             String path = req.getRequestURI();
 244             if (path != null && !"/".equals(path)) {
 245                 message = BAD_URL;
 246                 elr.setMessage(message);
 247                 elr.setResult(HttpServletResponse.SC_NOT_FOUND);
 248                 eventlogger.error(elr.toString());
 249                 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);
 250                 return;
 251             }
 252             // check content type is FEED_CONTENT_TYPE, version 1.0
 253             ContentHeader ch = getContentHeader(req);
 254             String ver = ch.getAttribute("version");
 255             if (!ch.getType().equals(FEED_BASECONTENT_TYPE) || !("1.0".equals(ver) || "2.0".equals(ver))) {
 256                 message = "Incorrect content-type";
 257                 elr.setMessage(message);
 258                 elr.setResult(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE);
 259                 eventlogger.error(elr.toString());
 260                 sendResponseError(resp, HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE, message, eventlogger);
 261                 return;
 262             }
 263             JSONObject jo = getJSONfromInput(req);
 264             if (jo == null) {
 265                 message = BAD_JSON;
 266                 elr.setMessage(message);
 267                 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
 268                 eventlogger.error(elr.toString());
 269                 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
 270                 return;
 271             }
 272             if (intlogger.isDebugEnabled()) {
 273                 intlogger.debug(jo.toString());
 274             }
 275             if (++activeFeeds > maxFeeds) {
 276                 activeFeeds--;
 277                 message = "Cannot create feed; the maximum number of feeds has been configured.";
 278                 elr.setMessage(message);
 279                 elr.setResult(HttpServletResponse.SC_CONFLICT);
 280                 eventlogger.error(elr.toString());
 281                 sendResponseError(resp, HttpServletResponse.SC_CONFLICT, message, eventlogger);
 282                 return;
 283             }
 284             Feed feed;
 285             try {
 286                 feed = new Feed(jo);
 287             } catch (InvalidObjectException e) {
 288                 message = e.getMessage();
 289                 elr.setMessage(message);
 290                 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
 291                 eventlogger.error(elr.toString(), e);
 292                 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
 293                 return;
 294             }
 295
 296             /*
 297              * START - AAF changes
 298              * TDP EPIC US# 307413
 299              * CADI code - No legacy user check as all new users will be AAF users
 300              */
 301             String aafInstance = feed.getAafInstance();
 302             if (Boolean.parseBoolean(isCadiEnabled)) {
 303                 if ((aafInstance == null || "".equals(aafInstance) || ("legacy".equalsIgnoreCase(aafInstance))
 304                      && "true".equalsIgnoreCase(req.getHeader(EXCLUDE_AAF_HEADER)))) {
 305                     // Check with the Authorizer
 306                     AuthorizationResponse aresp = authz.decide(req);
 307                     if (!aresp.isAuthorized()) {
 308                         message = POLICY_ENGINE;
 309                         elr.setMessage(message);
 310                         elr.setResult(HttpServletResponse.SC_FORBIDDEN);
 311                         eventlogger.error(elr.toString());
 312                         sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
 313                         return;
 314                     }
 315                 } else {
 316                     if ("true".equalsIgnoreCase(req.getHeader(EXCLUDE_AAF_HEADER))) {
 317                         message = "DRFeedsServlet.doPost() -Invalid request exclude_AAF should not be true if passing "
 318                                           + "AAF_Instance value= " + aafInstance;
 319                         elr.setMessage(message);
 320                         elr.setResult(HttpServletResponse.SC_FORBIDDEN);
 321                         eventlogger.error(elr.toString());
 322                         sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
 323                         return;
 324                     }
 325                     String permission = getFeedPermission(aafInstance, BaseServlet.CREATE_PERMISSION);
 326                     eventlogger.info("DRFeedsServlet.doPost().. Permission String - " + permission);
 327                     if (!req.isUserInRole(permission)) {
 328                         message = "AAF disallows access to permission - " + permission;
 329                         elr.setMessage(message);
 330                         elr.setResult(HttpServletResponse.SC_FORBIDDEN);
 331                         eventlogger.error(elr.toString());
 332                         sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
 333                         return;
 334                     }
 335                 }
 336             } else {
 337                 AuthorizationResponse aresp = authz.decide(req);
 338                 if (!aresp.isAuthorized()) {
 339                     message = POLICY_ENGINE;
 340                     elr.setMessage(message);
 341                     elr.setResult(HttpServletResponse.SC_FORBIDDEN);
 342                     eventlogger.error(elr.toString());
 343                     sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
 344                     return;
 345                 }
 346             }
 347             /*
 348              * END - AAF changes
 349              */
 350
 351             feed.setPublisher(bhdr);    // set from X-DMAAP-DR-ON-BEHALF-OF header
 352
 353             // Check if this feed already exists
 354             Feed feed2 = Feed.getFeedByNameVersion(feed.getName(), feed.getVersion());
 355             if (feed2 != null) {
 356                 message = "This feed already exists in the database.";
 357                 elr.setMessage(message);
 358                 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
 359                 eventlogger.error(elr.toString());
 360                 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
 361                 return;
 362             }
 363
 364             // Create FEED table entries
 365             if (doInsert(feed)) {
 366                 // send response
 367                 elr.setResult(HttpServletResponse.SC_CREATED);
 368                 eventlogger.info(elr.toString());
 369                 resp.setStatus(HttpServletResponse.SC_CREATED);
 370                 resp.setContentType(FEEDFULL_CONTENT_TYPE);
 371                 resp.setHeader("Location", feed.getLinks().getSelf());
 372                 try {
 373                     resp.getOutputStream().print(feed.asLimitedJSONObject().toString());
 374                 } catch (IOException ioe) {
 375                     eventlogger.error("PROV0113 DRFeedServlet.doPost " + ioe.getMessage(), ioe);
 376                 }
 377                 provisioningDataChanged();
 378             } else {
 379                 // Something went wrong with the INSERT
 380                 elr.setResult(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
 381                 eventlogger.error(elr.toString());
 382                 sendResponseError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, DB_PROBLEM_MSG, eventlogger);
 383             }
 384         } finally {
 385             eelfLogger.info(EelfMsgs.EXIT);
 386         }
 387     }
 388 }