1 /*******************************************************************************
2 * ============LICENSE_START==================================================
4 * * ===========================================================================
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * * ===========================================================================
7 * * Licensed under the Apache License, Version 2.0 (the "License");
8 * * you may not use this file except in compliance with the License.
9 * * You may obtain a copy of the License at
11 * * http://www.apache.org/licenses/LICENSE-2.0
13 * * Unless required by applicable law or agreed to in writing, software
14 * * distributed under the License is distributed on an "AS IS" BASIS,
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * * See the License for the specific language governing permissions and
17 * * limitations under the License.
18 * * ============LICENSE_END====================================================
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
22 ******************************************************************************/
25 package org.onap.dmaap.datarouter.provisioning;
27 import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.sendResponseError;
29 import com.att.eelf.configuration.EELFLogger;
30 import com.att.eelf.configuration.EELFManager;
31 import jakarta.servlet.http.HttpServletRequest;
32 import jakarta.servlet.http.HttpServletResponse;
33 import java.io.IOException;
34 import java.io.InvalidObjectException;
35 import org.json.JSONException;
36 import org.json.JSONObject;
37 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
38 import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
39 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
40 import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs;
45 * This servlet handles provisioning for the <feedURL> which is generated by the provisioning
46 * server to handle a particular feed. It supports DELETE to mark the feed as deleted,
47 * and GET to retrieve information about the feed, and PUT to modify the feed.
52 @SuppressWarnings("serial")
54 public class FeedServlet extends ProxyServlet {
56 private static final EELFLogger eelfLogger = EELFManager.getInstance().getLogger(FeedServlet.class);
59 * Delete the Feed at the address /feed/<feednumber>.
60 * See the <i>Deleting a Feed</i> section in the <b>Provisioning API</b>
61 * document for details on how this method should be invoked.
64 public void doDelete(HttpServletRequest req, HttpServletResponse resp) {
65 setIpFqdnRequestIDandInvocationIDForEelf("doDelete", req);
66 eelfLogger.info(EelfMsgs.ENTRY);
68 eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID,
69 req.getHeader(BEHALF_HEADER),getIdFromPath(req) + "");
70 EventLogRecord elr = new EventLogRecord(req);
71 String message = isAuthorizedForProvisioning(req);
72 if (message != null) {
73 elr.setMessage(message);
74 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
75 eventlogger.error(elr.toString());
76 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
79 if (isProxyServer()) {
80 super.doDelete(req, resp);
83 String bhdr = req.getHeader(BEHALF_HEADER);
85 message = MISSING_ON_BEHALF;
86 elr.setMessage(message);
87 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
88 eventlogger.error(elr.toString());
89 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
92 int feedid = getIdFromPath(req);
94 message = MISSING_FEED;
95 elr.setMessage(message);
96 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
97 eventlogger.error(elr.toString());
98 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
101 Feed feed = Feed.getFeedById(feedid);
102 if (feed == null || feed.isDeleted()) {
103 message = MISSING_FEED;
104 elr.setMessage(message);
105 elr.setResult(HttpServletResponse.SC_NOT_FOUND);
106 eventlogger.error(elr.toString());
107 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);
110 // Delete FEED table entry (set DELETED flag)
111 feed.setDeleted(true);
112 if (doUpdate(feed)) {
115 elr.setResult(HttpServletResponse.SC_NO_CONTENT);
116 eventlogger.info(elr.toString());
117 resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
118 provisioningDataChanged();
120 // Something went wrong with the UPDATE
121 elr.setResult(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
122 eventlogger.error(elr.toString());
123 sendResponseError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, DB_PROBLEM_MSG, eventlogger);
126 eelfLogger.info(EelfMsgs.EXIT);
131 * Get information on the feed at the address /feed/<feednumber>.
132 * See the <i>Retrieving Information about a Feed</i> section in the <b>Provisioning API</b>
133 * document for details on how this method should be invoked.
136 public void doGet(HttpServletRequest req, HttpServletResponse resp) {
137 setIpFqdnRequestIDandInvocationIDForEelf("doGet", req);
138 eelfLogger.info(EelfMsgs.ENTRY);
140 eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID,
141 req.getHeader(BEHALF_HEADER),getIdFromPath(req) + "");
142 EventLogRecord elr = new EventLogRecord(req);
143 String message = isAuthorizedForProvisioning(req);
144 if (message != null) {
145 elr.setMessage(message);
146 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
147 eventlogger.error(elr.toString());
148 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
151 if (isProxyServer()) {
152 super.doGet(req, resp);
155 String bhdr = req.getHeader(BEHALF_HEADER);
157 message = MISSING_ON_BEHALF;
158 elr.setMessage(message);
159 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
160 eventlogger.error(elr.toString());
161 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
164 int feedid = getIdFromPath(req);
166 message = MISSING_FEED;
167 elr.setMessage(message);
168 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
169 eventlogger.error(elr.toString());
170 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
173 Feed feed = Feed.getFeedById(feedid);
174 if (feed == null || feed.isDeleted()) {
175 message = MISSING_FEED;
176 elr.setMessage(message);
177 elr.setResult(HttpServletResponse.SC_NOT_FOUND);
178 eventlogger.error(elr.toString());
179 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);
182 // Check with the Authorizer
183 AuthorizationResponse aresp = authz.decide(req);
184 if (! aresp.isAuthorized()) {
185 message = POLICY_ENGINE;
186 elr.setMessage(message);
187 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
188 eventlogger.error(elr.toString());
189 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
194 elr.setResult(HttpServletResponse.SC_OK);
195 eventlogger.info(elr.toString());
196 resp.setStatus(HttpServletResponse.SC_OK);
197 resp.setContentType(FEEDFULL_CONTENT_TYPE);
199 resp.getOutputStream().print(feed.asJSONObject(true).toString());
200 } catch (IOException ioe) {
201 eventlogger.error("PROV0101 FeedServlet.doGet: " + ioe.getMessage(), ioe);
204 eelfLogger.info(EelfMsgs.EXIT);
209 * PUT on the <feedURL> for a feed.
210 * See the <i>Modifying a Feed</i> section in the <b>Provisioning API</b>
211 * document for details on how this method should be invoked.
214 public void doPut(HttpServletRequest req, HttpServletResponse resp) {
215 setIpFqdnRequestIDandInvocationIDForEelf("doPut", req);
216 eelfLogger.info(EelfMsgs.ENTRY);
218 eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID,
219 req.getHeader(BEHALF_HEADER),getIdFromPath(req) + "");
220 EventLogRecord elr = new EventLogRecord(req);
221 String message = isAuthorizedForProvisioning(req);
222 if (message != null) {
223 elr.setMessage(message);
224 elr.setResult(HttpServletResponse.SC_FORBIDDEN);
225 eventlogger.error(elr.toString());
226 sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
229 if (isProxyServer()) {
230 super.doPut(req, resp);
233 String bhdr = req.getHeader(BEHALF_HEADER);
235 message = MISSING_ON_BEHALF;
236 elr.setMessage(message);
237 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
238 eventlogger.error(elr.toString());
239 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
242 int feedid = getIdFromPath(req);
244 message = MISSING_FEED;
245 elr.setMessage(message);
246 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
247 eventlogger.error(elr.toString());
248 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
251 Feed oldFeed = Feed.getFeedById(feedid);
252 if (oldFeed == null || oldFeed.isDeleted()) {
253 message = MISSING_FEED;
254 elr.setMessage(message);
255 elr.setResult(HttpServletResponse.SC_NOT_FOUND);
256 eventlogger.error(elr.toString());
257 sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);
260 // check content type is FEED_CONTENT_TYPE, version 1.0
261 ContentHeader ch = getContentHeader(req);
262 String ver = ch.getAttribute("version");
263 if (!ch.getType().equals(FEED_BASECONTENT_TYPE) || !("1.0".equals(ver) || "2.0".equals(ver))) {
264 message = "Incorrect content-type";
265 elr.setMessage(message);
266 elr.setResult(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE);
267 eventlogger.error(elr.toString());
268 sendResponseError(resp, HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE, message, eventlogger);
271 JSONObject jo = getJSONfromInput(req);
274 elr.setMessage(message);
275 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
276 eventlogger.error(elr.toString());
277 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
283 } catch (InvalidObjectException e) {
284 message = e.getMessage();
285 elr.setMessage(message);
286 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
287 eventlogger.error(elr.toString(), e);
288 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
291 feed.setFeedid(feedid);
292 feed.setPublisher(bhdr); // set from X-DMAAP-DR-ON-BEHALF-OF header
294 //Adding for group feature:Rally US708115
295 String subjectgroup = (req.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP"));
296 if (!oldFeed.getPublisher().equals(feed.getPublisher()) && subjectgroup == null) {
297 message = "This feed must be modified by the same publisher that created it.";
298 elr.setMessage(message);
299 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
300 eventlogger.error(elr.toString());
301 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
304 if (!oldFeed.getName().equals(feed.getName())) {
305 message = "The name of the feed may not be updated.";
306 elr.setMessage(message);
307 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
308 eventlogger.error(elr.toString());
309 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
312 // US DSCDR-19 for DCAE if version is not null, version can't be changed
313 if ((oldFeed.getVersion() != null) && (feed.getVersion() != null)
314 && !oldFeed.getVersion().equals(feed.getVersion())) {
315 message = "The version of the feed may not be updated.";
316 elr.setMessage(message);
317 elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
318 eventlogger.error(elr.toString());
319 sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
323 // Update FEEDS table entries
324 if (doUpdate(feed)) {
326 elr.setResult(HttpServletResponse.SC_OK);
327 eventlogger.info(elr.toString());
328 resp.setStatus(HttpServletResponse.SC_OK);
329 resp.setContentType(FEEDFULL_CONTENT_TYPE);
331 resp.getOutputStream().print(feed.asLimitedJSONObject().toString());
332 } catch (IOException ioe) {
333 eventlogger.error("PROV0102 FeedServlet.doPut: " + ioe.getMessage(), ioe);
337 /**Change Owner ship of Feed //Adding for group feature. :Rally US708115*/
338 if (jo.has("changeowner") && subjectgroup != null) {
340 Boolean changeowner = (Boolean) jo.get("changeowner");
341 if (changeowner != null && changeowner.equals(true)) {
342 feed.setPublisher(req.getHeader(BEHALF_HEADER));
343 feed.changeOwnerShip();
345 } catch (JSONException je) {
346 eventlogger.error("PROV0103 FeedServlet.doPut: " + je.getMessage(), je);
349 /***End of change ownership.*/
351 provisioningDataChanged();
353 // Something went wrong with the UPDATE
354 elr.setResult(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
355 eventlogger.error(elr.toString());
356 sendResponseError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, DB_PROBLEM_MSG, eventlogger);
359 eelfLogger.info(EelfMsgs.EXIT);
364 * POST on the <feedURL> -- not supported.
367 public void doPost(HttpServletRequest req, HttpServletResponse resp) {
368 setIpFqdnRequestIDandInvocationIDForEelf("doPost", req);
369 eelfLogger.info(EelfMsgs.ENTRY);
371 eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF, req.getHeader(BEHALF_HEADER));
372 String message = "POST not allowed for the feedURL.";
373 EventLogRecord elr = new EventLogRecord(req);
374 elr.setMessage(message);
375 elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
376 eventlogger.error(elr.toString());
377 sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger);
379 eelfLogger.info(EelfMsgs.EXIT);