datarouter-prov code clean - remove tabs
[dmaap/datarouter.git] / datarouter-prov / src / main / java / org / onap / dmaap / datarouter / provisioning / FeedServlet.java
1 /*******************************************************************************
2  * ============LICENSE_START==================================================
3  * * org.onap.dmaap
4  * * ===========================================================================
5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6  * * ===========================================================================
7  * * Licensed under the Apache License, Version 2.0 (the "License");
8  * * you may not use this file except in compliance with the License.
9  * * You may obtain a copy of the License at
10  * *
11  *  *      http://www.apache.org/licenses/LICENSE-2.0
12  * *
13  *  * Unless required by applicable law or agreed to in writing, software
14  * * distributed under the License is distributed on an "AS IS" BASIS,
15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * * See the License for the specific language governing permissions and
17  * * limitations under the License.
18  * * ============LICENSE_END====================================================
19  * *
20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
21  * *
22  ******************************************************************************/
23
24
25 package org.onap.dmaap.datarouter.provisioning;
26
27 import java.io.IOException;
28 import java.io.InvalidObjectException;
29
30 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpServletResponse;
32
33 import org.json.JSONObject;
34 import org.onap.dmaap.datarouter.authz.AuthorizationResponse;
35 import org.onap.dmaap.datarouter.provisioning.beans.EventLogRecord;
36 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
37 import org.onap.dmaap.datarouter.provisioning.eelf.EelfMsgs;
38
39 import com.att.eelf.configuration.EELFLogger;
40 import com.att.eelf.configuration.EELFManager;
41
42 /**
43  * This servlet handles provisioning for the <feedURL> which is generated by the provisioning
44  * server to handle a particular feed. It supports DELETE to mark the feed as deleted,
45  * and GET to retrieve information about the feed, and PUT to modify the feed.
46  *
47  * @author Robert Eby
48  * @version $Id$
49  */
50 @SuppressWarnings("serial")
51 public class FeedServlet extends ProxyServlet {
52
53     //Adding EELF Logger Rally:US664892
54     private static EELFLogger eelflogger = EELFManager.getInstance().getLogger("org.onap.dmaap.datarouter.provisioning.FeedServlet");
55
56     /**
57      * Delete the Feed at the address /feed/<feednumber>.
58      * See the <i>Deleting a Feed</i> section in the <b>Provisioning API</b>
59      * document for details on how this method should be invoked.
60      */
61     @Override
62     public void doDelete(HttpServletRequest req, HttpServletResponse resp) throws IOException {
63         setIpAndFqdnForEelf("doDelete");
64         eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(BEHALF_HEADER),getIdFromPath(req)+"");
65         EventLogRecord elr = new EventLogRecord(req);
66         String message = isAuthorizedForProvisioning(req);
67         if (message != null) {
68             elr.setMessage(message);
69             elr.setResult(HttpServletResponse.SC_FORBIDDEN);
70             eventlogger.info(elr);
71             resp.sendError(HttpServletResponse.SC_FORBIDDEN, message);
72             return;
73         }
74         if (isProxyServer()) {
75             super.doDelete(req, resp);
76             return;
77         }
78         String bhdr = req.getHeader(BEHALF_HEADER);
79         if (bhdr == null) {
80             message = "Missing "+BEHALF_HEADER+" header.";
81             elr.setMessage(message);
82             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
83             eventlogger.info(elr);
84             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
85             return;
86         }
87         int feedid = getIdFromPath(req);
88         if (feedid < 0) {
89             message = "Missing or bad feed number.";
90             elr.setMessage(message);
91             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
92             eventlogger.info(elr);
93             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
94             return;
95         }
96         Feed feed = Feed.getFeedById(feedid);
97         if (feed == null || feed.isDeleted()) {
98             message = "Missing or bad feed number.";
99             elr.setMessage(message);
100             elr.setResult(HttpServletResponse.SC_NOT_FOUND);
101             eventlogger.info(elr);
102             resp.sendError(HttpServletResponse.SC_NOT_FOUND, message);
103             return;
104         }
105         // Check with the Authorizer
106         AuthorizationResponse aresp = authz.decide(req);
107         if (! aresp.isAuthorized()) {
108             message = "Policy Engine disallows access.";
109             elr.setMessage(message);
110             elr.setResult(HttpServletResponse.SC_FORBIDDEN);
111             eventlogger.info(elr);
112             resp.sendError(HttpServletResponse.SC_FORBIDDEN, message);
113             return;
114         }
115
116         // Delete FEED table entry (set DELETED flag)
117         feed.setDeleted(true);
118         if (doUpdate(feed)) {
119             active_feeds--;
120             // send response
121             elr.setResult(HttpServletResponse.SC_NO_CONTENT);
122             eventlogger.info(elr);
123             resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
124             provisioningDataChanged();
125         } else {
126             // Something went wrong with the UPDATE
127             elr.setResult(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
128             eventlogger.info(elr);
129             resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, DB_PROBLEM_MSG);
130         }
131     }
132     /**
133      * Get information on the feed at the address /feed/&lt;feednumber&gt;.
134      * See the <i>Retrieving Information about a Feed</i> section in the <b>Provisioning API</b>
135      * document for details on how this method should be invoked.
136      */
137     @Override
138     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
139         setIpAndFqdnForEelf("doGet");
140         eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(BEHALF_HEADER),getIdFromPath(req)+"");
141         EventLogRecord elr = new EventLogRecord(req);
142         String message = isAuthorizedForProvisioning(req);
143         if (message != null) {
144             elr.setMessage(message);
145             elr.setResult(HttpServletResponse.SC_FORBIDDEN);
146             eventlogger.info(elr);
147             resp.sendError(HttpServletResponse.SC_FORBIDDEN, message);
148             return;
149         }
150         if (isProxyServer()) {
151             super.doGet(req, resp);
152             return;
153         }
154         String bhdr = req.getHeader(BEHALF_HEADER);
155         if (bhdr == null) {
156             message = "Missing "+BEHALF_HEADER+" header.";
157             elr.setMessage(message);
158             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
159             eventlogger.info(elr);
160             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
161             return;
162         }
163         int feedid = getIdFromPath(req);
164         if (feedid < 0) {
165             message = "Missing or bad feed number.";
166             elr.setMessage(message);
167             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
168             eventlogger.info(elr);
169             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
170             return;
171         }
172         Feed feed = Feed.getFeedById(feedid);
173         if (feed == null || feed.isDeleted()) {
174             message = "Missing or bad feed number.";
175             elr.setMessage(message);
176             elr.setResult(HttpServletResponse.SC_NOT_FOUND);
177             eventlogger.info(elr);
178             resp.sendError(HttpServletResponse.SC_NOT_FOUND, message);
179             return;
180         }
181         // Check with the Authorizer
182         AuthorizationResponse aresp = authz.decide(req);
183         if (! aresp.isAuthorized()) {
184             message = "Policy Engine disallows access.";
185             elr.setMessage(message);
186             elr.setResult(HttpServletResponse.SC_FORBIDDEN);
187             eventlogger.info(elr);
188             resp.sendError(HttpServletResponse.SC_FORBIDDEN, message);
189             return;
190         }
191
192         // send response
193         elr.setResult(HttpServletResponse.SC_OK);
194         eventlogger.info(elr);
195         resp.setStatus(HttpServletResponse.SC_OK);
196         resp.setContentType(FEEDFULL_CONTENT_TYPE);
197         resp.getOutputStream().print(feed.asJSONObject(true).toString());
198     }
199     /**
200      * PUT on the &lt;feedURL&gt; for a feed.
201      * See the <i>Modifying a Feed</i> section in the <b>Provisioning API</b>
202      * document for details on how this method should be invoked.
203      */
204     @Override
205     public void doPut(HttpServletRequest req, HttpServletResponse resp) throws IOException {
206         setIpAndFqdnForEelf("doPut");
207         eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_FEEDID, req.getHeader(BEHALF_HEADER),getIdFromPath(req)+"");
208         EventLogRecord elr = new EventLogRecord(req);
209         String message = isAuthorizedForProvisioning(req);
210         if (message != null) {
211             elr.setMessage(message);
212             elr.setResult(HttpServletResponse.SC_FORBIDDEN);
213             eventlogger.info(elr);
214             resp.sendError(HttpServletResponse.SC_FORBIDDEN, message);
215             return;
216         }
217         if (isProxyServer()) {
218             super.doPut(req, resp);
219             return;
220         }
221         String bhdr = req.getHeader(BEHALF_HEADER);
222         if (bhdr == null) {
223             message = "Missing "+BEHALF_HEADER+" header.";
224             elr.setMessage(message);
225             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
226             eventlogger.info(elr);
227             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
228             return;
229         }
230         int feedid = getIdFromPath(req);
231         if (feedid < 0) {
232             message = "Missing or bad feed number.";
233             elr.setMessage(message);
234             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
235             eventlogger.info(elr);
236             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
237             return;
238         }
239         Feed oldFeed = Feed.getFeedById(feedid);
240         if (oldFeed == null || oldFeed.isDeleted()) {
241             message = "Missing or bad feed number.";
242             elr.setMessage(message);
243             elr.setResult(HttpServletResponse.SC_NOT_FOUND);
244             eventlogger.info(elr);
245             resp.sendError(HttpServletResponse.SC_NOT_FOUND, message);
246             return;
247         }
248         // check content type is FEED_CONTENT_TYPE, version 1.0
249         ContentHeader ch = getContentHeader(req);
250         String ver = ch.getAttribute("version");
251         if (!ch.getType().equals(FEED_BASECONTENT_TYPE) || !(ver.equals("1.0") || ver.equals("2.0"))) {
252             message = "Incorrect content-type";
253             elr.setMessage(message);
254             elr.setResult(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE);
255             eventlogger.info(elr);
256             resp.sendError(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE, message);
257             return;
258         }
259         JSONObject jo = getJSONfromInput(req);
260         if (jo == null) {
261             message = "Badly formed JSON";
262             elr.setMessage(message);
263             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
264             eventlogger.info(elr);
265             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
266             return;
267         }
268         if (intlogger.isDebugEnabled())
269             intlogger.debug(jo.toString());
270         Feed feed = null;
271         try {
272             feed = new Feed(jo);
273         } catch (InvalidObjectException e) {
274             message = e.getMessage();
275             elr.setMessage(message);
276             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
277             eventlogger.info(elr);
278             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
279             return;
280         }
281         feed.setFeedid(feedid);
282         feed.setPublisher(bhdr);    // set from X-ATT-DR-ON-BEHALF-OF header
283
284         String subjectgroup = (req.getHeader("X-ATT-DR-ON-BEHALF-OF-GROUP"));  //Adding for group feature:Rally US708115
285         if (!oldFeed.getPublisher().equals(feed.getPublisher()) && subjectgroup == null) {
286             message = "This feed must be modified by the same publisher that created it.";
287             elr.setMessage(message);
288             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
289             eventlogger.info(elr);
290             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
291             return;
292         }
293         if (!oldFeed.getName().equals(feed.getName())) {
294             message = "The name of the feed may not be updated.";
295             elr.setMessage(message);
296             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
297             eventlogger.info(elr);
298             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
299             return;
300         }
301         if (!oldFeed.getVersion().equals(feed.getVersion())) {
302             message = "The version of the feed may not be updated.";
303             elr.setMessage(message);
304             elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
305             eventlogger.info(elr);
306             resp.sendError(HttpServletResponse.SC_BAD_REQUEST, message);
307             return;
308         }
309         // Check with the Authorizer
310         AuthorizationResponse aresp = authz.decide(req);
311         if (! aresp.isAuthorized()) {
312             message = "Policy Engine disallows access.";
313             elr.setMessage(message);
314             elr.setResult(HttpServletResponse.SC_FORBIDDEN);
315             eventlogger.info(elr);
316             resp.sendError(HttpServletResponse.SC_FORBIDDEN, message);
317             return;
318         }
319
320         // Update FEEDS table entries
321         if (doUpdate(feed)) {
322             // send response
323             elr.setResult(HttpServletResponse.SC_OK);
324             eventlogger.info(elr);
325             resp.setStatus(HttpServletResponse.SC_OK);
326             resp.setContentType(FEEDFULL_CONTENT_TYPE);
327             resp.getOutputStream().print(feed.asLimitedJSONObject().toString());
328
329
330             /**Change Owner ship of Feed //Adding for group feature:Rally US708115*/
331             if (jo.has("changeowner") && subjectgroup != null) {
332                 Boolean changeowner = (Boolean) jo.get("changeowner");
333                 if (changeowner != null && changeowner.equals(true)) {
334                     feed.setPublisher(req.getHeader(BEHALF_HEADER));
335                     feed.changeOwnerShip();
336                 }
337             }
338             /***End of change ownership*/
339
340             provisioningDataChanged();
341         } else {
342             // Something went wrong with the UPDATE
343             elr.setResult(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
344             eventlogger.info(elr);
345             resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, DB_PROBLEM_MSG);
346         }
347     }
348     /**
349      * POST on the &lt;feedURL&gt; -- not supported.
350      */
351     @Override
352     public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
353         setIpAndFqdnForEelf("doPost");
354         eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF, req.getHeader(BEHALF_HEADER));
355         String message = "POST not allowed for the feedURL.";
356         EventLogRecord elr = new EventLogRecord(req);
357         elr.setMessage(message);
358         elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
359         eventlogger.info(elr);
360         resp.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, message);
361     }
362 }