X-Git-Url: https://gerrit.onap.org/r/gitweb?p=dmaap%2Fdatarouter.git;a=blobdiff_plain;f=datarouter-prov%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdatarouter%2Fprovisioning%2FSubscribeServlet.java;h=8e70e6934e361531654d758ae0eead5e1513e910;hp=1ab45a986233504f0ef97c2d0d308b24cac479e3;hb=9c6f3aa2db3c3bc632038f69ff680f48b5f28ec2;hpb=585e50efa6503595ae245a8f07ba042d2ba6a3f4 diff --git a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscribeServlet.java b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscribeServlet.java index 1ab45a98..8e70e693 100644 --- a/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscribeServlet.java +++ b/datarouter-prov/src/main/java/org/onap/dmaap/datarouter/provisioning/SubscribeServlet.java @@ -55,22 +55,27 @@ import static org.onap.dmaap.datarouter.provisioning.utils.HttpServletUtils.send public class SubscribeServlet extends ProxyServlet { //Adding EELF Logger Rally:US664892 - private static EELFLogger eelflogger = EELFManager.getInstance() - .getLogger("org.onap.dmaap.datarouter.provisioning.SubscribeServlet"); + private static EELFLogger eelfLogger = EELFManager.getInstance() + .getLogger(SubscribeServlet.class); /** * DELETE on the <subscribeUrl> -- not supported. */ @Override public void doDelete(HttpServletRequest req, HttpServletResponse resp) { - setIpAndFqdnForEelf("doDelete"); - eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + ""); - String message = "DELETE not allowed for the subscribeURL."; - EventLogRecord elr = new EventLogRecord(req); - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger); + setIpFqdnRequestIDandInvocationIDForEelf("doDelete", req); + eelfLogger.info(EelfMsgs.ENTRY); + try { + eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + ""); + String message = "DELETE not allowed for the subscribeURL."; + EventLogRecord elr = new EventLogRecord(req); + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger); + } finally { + eelfLogger.info(EelfMsgs.EXIT); + } } /** @@ -79,72 +84,66 @@ public class SubscribeServlet extends ProxyServlet { */ @Override public void doGet(HttpServletRequest req, HttpServletResponse resp) { - setIpAndFqdnForEelf("doGet"); - eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + ""); - EventLogRecord elr = new EventLogRecord(req); - String message = isAuthorizedForProvisioning(req); - if (message != null) { - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_FORBIDDEN); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); - return; - } - if (isProxyServer()) { - super.doGet(req, resp); - return; - } - String bhdr = req.getHeader(BEHALF_HEADER); - if (bhdr == null) { - message = "Missing " + BEHALF_HEADER + " header."; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_BAD_REQUEST); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); - return; - } - int feedid = getIdFromPath(req); - if (feedid < 0) { - message = "Missing or bad feed number."; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_BAD_REQUEST); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); - return; - } - Feed feed = Feed.getFeedById(feedid); - if (feed == null || feed.isDeleted()) { - message = "Missing or bad feed number."; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_NOT_FOUND); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger); - return; - } - // Check with the Authorizer - AuthorizationResponse aresp = authz.decide(req); - if (!aresp.isAuthorized()) { - message = "Policy Engine disallows access."; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_FORBIDDEN); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); - return; - } - - // Display a list of URLs - Collection list = Subscription.getSubscriptionUrlList(feedid); - String t = JSONUtilities.createJSONArray(list); - - // send response - elr.setResult(HttpServletResponse.SC_OK); - eventlogger.info(elr); - resp.setStatus(HttpServletResponse.SC_OK); - resp.setContentType(SUBLIST_CONTENT_TYPE); + setIpFqdnRequestIDandInvocationIDForEelf("doGet", req); + eelfLogger.info(EelfMsgs.ENTRY); try { - resp.getOutputStream().print(t); - } catch (IOException ioe) { - eventlogger.error("IOException: " + ioe.getMessage()); + eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + ""); + EventLogRecord elr = new EventLogRecord(req); + String message = isAuthorizedForProvisioning(req); + if (message != null) { + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_FORBIDDEN); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); + return; + } + if (isProxyServer()) { + super.doGet(req, resp); + return; + } + String bhdr = req.getHeader(BEHALF_HEADER); + if (bhdr == null) { + message = "Missing " + BEHALF_HEADER + " header."; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_BAD_REQUEST); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); + return; + } + int feedid = getIdFromPath(req); + if (feedid < 0) { + message = MISSING_FEED; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_BAD_REQUEST); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); + return; + } + Feed feed = Feed.getFeedById(feedid); + if (feed == null || feed.isDeleted()) { + message = MISSING_FEED; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_NOT_FOUND); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger); + return; + } + // Display a list of URLs + Collection list = Subscription.getSubscriptionUrlList(feedid); + String t = JSONUtilities.createJSONArray(list); + + // send response + elr.setResult(HttpServletResponse.SC_OK); + eventlogger.info(elr.toString()); + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentType(SUBLIST_CONTENT_TYPE); + try { + resp.getOutputStream().print(t); + } catch (IOException ioe) { + eventlogger.error("PROV0181 SubscribeServlet.doGet: " + ioe.getMessage(), ioe); + } + } finally { + eelfLogger.info(EelfMsgs.EXIT); } } @@ -153,14 +152,19 @@ public class SubscribeServlet extends ProxyServlet { */ @Override public void doPut(HttpServletRequest req, HttpServletResponse resp) { - setIpAndFqdnForEelf("doPut"); - eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + ""); - String message = "PUT not allowed for the subscribeURL."; - EventLogRecord elr = new EventLogRecord(req); - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger); + setIpFqdnRequestIDandInvocationIDForEelf("doPut", req); + eelfLogger.info(EelfMsgs.ENTRY); + try { + eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + ""); + String message = "PUT not allowed for the subscribeURL."; + EventLogRecord elr = new EventLogRecord(req); + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_METHOD_NOT_ALLOWED); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_METHOD_NOT_ALLOWED, message, eventlogger); + } finally { + eelfLogger.info(EelfMsgs.EXIT); + } } /** @@ -169,136 +173,187 @@ public class SubscribeServlet extends ProxyServlet { */ @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) { - setIpAndFqdnForEelf("doPost"); - eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF, req.getHeader(BEHALF_HEADER)); - EventLogRecord elr = new EventLogRecord(req); - String message = isAuthorizedForProvisioning(req); - if (message != null) { - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_FORBIDDEN); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); - return; - } - if (isProxyServer()) { - super.doPost(req, resp); - return; - } - String bhdr = req.getHeader(BEHALF_HEADER); - if (bhdr == null) { - message = "Missing " + BEHALF_HEADER + " header."; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_BAD_REQUEST); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); - return; - } - int feedid = getIdFromPath(req); - if (feedid < 0) { - message = "Missing or bad feed number."; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_BAD_REQUEST); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); - return; - } - Feed feed = Feed.getFeedById(feedid); - if (feed == null || feed.isDeleted()) { - message = "Missing or bad feed number."; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_NOT_FOUND); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger); - return; - } - // Check with the Authorizer - AuthorizationResponse aresp = authz.decide(req); - if (!aresp.isAuthorized()) { - message = "Policy Engine disallows access."; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_FORBIDDEN); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); - return; - } - - // check content type is SUB_CONTENT_TYPE, version 1.0 - ContentHeader ch = getContentHeader(req); - String ver = ch.getAttribute("version"); - if (!ch.getType().equals(SUB_BASECONTENT_TYPE) || !(ver.equals("1.0") || ver.equals("2.0"))) { - intlogger.debug("Content-type is: " + req.getHeader("Content-Type")); - message = "Incorrect content-type"; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE, message, eventlogger); - return; - } - JSONObject jo = getJSONfromInput(req); - if (jo == null) { - message = "Badly formed JSON"; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_BAD_REQUEST); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); - return; - } - if (intlogger.isDebugEnabled()) { - intlogger.debug(jo.toString()); - } - if (++activeSubs > maxSubs) { - activeSubs--; - message = "Cannot create subscription; the maximum number of subscriptions has been configured."; - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_CONFLICT); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_CONFLICT, message, eventlogger); - return; - } - Subscription sub = null; + setIpFqdnRequestIDandInvocationIDForEelf("doPost", req); + eelfLogger.info(EelfMsgs.ENTRY); try { - sub = new Subscription(jo); - } catch (InvalidObjectException e) { - activeSubs--; - message = e.getMessage(); - elr.setMessage(message); - elr.setResult(HttpServletResponse.SC_BAD_REQUEST); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); - return; - } - sub.setFeedid(feedid); - sub.setSubscriber(bhdr); // set from X-ATT-DR-ON-BEHALF-OF header - - // Check if this subscription already exists; not an error (yet), just warn - Subscription sub2 = Subscription.getSubscriptionMatching(sub); - if (sub2 != null) { - intlogger.warn( - "PROV0011 Creating a duplicate subscription: new subid=" + sub.getSubid() + ", old subid=" + sub2 - .getSubid()); - } - - // Create SUBSCRIPTIONS table entries - if (doInsert(sub)) { - // send response - elr.setResult(HttpServletResponse.SC_CREATED); - eventlogger.info(elr); - resp.setStatus(HttpServletResponse.SC_CREATED); - resp.setContentType(SUBFULL_CONTENT_TYPE); - resp.setHeader("Location", sub.getLinks().getSelf()); + eelfLogger.info(EelfMsgs.MESSAGE_WITH_BEHALF, req.getHeader(BEHALF_HEADER)); + EventLogRecord elr = new EventLogRecord(req); + String message = isAuthorizedForProvisioning(req); + if (message != null) { + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_FORBIDDEN); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); + return; + } + if (isProxyServer()) { + super.doPost(req, resp); + return; + } + String bhdr = req.getHeader(BEHALF_HEADER); + if (bhdr == null) { + message = "Missing " + BEHALF_HEADER + " header."; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_BAD_REQUEST); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); + return; + } + int feedid = getIdFromPath(req); + if (feedid < 0) { + message = MISSING_FEED; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_BAD_REQUEST); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); + return; + } + Feed feed = Feed.getFeedById(feedid); + if (feed == null || feed.isDeleted()) { + message = MISSING_FEED; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_NOT_FOUND); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger); + return; + } + // check content type is SUB_CONTENT_TYPE, version 1.0 + ContentHeader ch = getContentHeader(req); + String ver = ch.getAttribute("version"); + if (!ch.getType().equals(SUB_BASECONTENT_TYPE) || !("1.0".equals(ver) || "2.0".equals(ver))) { + intlogger.debug("Content-type is: " + req.getHeader("Content-Type")); + message = "Incorrect content-type"; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE, message, eventlogger); + return; + } + JSONObject jo = getJSONfromInput(req); + if (jo == null) { + message = BAD_JSON; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_BAD_REQUEST); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); + return; + } + if (intlogger.isDebugEnabled()) { + intlogger.debug(jo.toString()); + } + if (++activeSubs > maxSubs) { + activeSubs--; + message = "Cannot create subscription; the maximum number of subscriptions has been configured."; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_CONFLICT); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_CONFLICT, message, eventlogger); + return; + } + Subscription sub; try { - resp.getOutputStream().print(sub.asLimitedJSONObject().toString()); - } catch (IOException ioe) { - eventlogger.error("IOException: " + ioe.getMessage()); + sub = new Subscription(jo); + } catch (InvalidObjectException e) { + activeSubs--; + message = e.getMessage(); + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_BAD_REQUEST); + eventlogger.error(elr.toString(), e); + sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger); + return; + } + sub.setFeedid(feedid); + sub.setSubscriber(bhdr); // set from X-DMAAP-DR-ON-BEHALF-OF header + /* + * START - AAF changes + * TDP EPIC US# 307413 + * CADI code - check on permissions based on Legacy/AAF users to allow to create/add subscription + */ + String feedAafInstance = feed.getAafInstance(); + String subAafInstance = sub.getAafInstance(); + boolean subAafLegacyEmptyOrNull = (subAafInstance == null || "".equals(subAafInstance) || "legacy".equalsIgnoreCase(subAafInstance)); + + // This extra check added to verify AAF feed with AAF subscriber having empty aaf instance check + if (feedAafInstance == null || "".equals(feedAafInstance) || "legacy".equalsIgnoreCase(feedAafInstance)) { + if (subAafLegacyEmptyOrNull) { + AuthorizationResponse aresp = authz.decide(req); + if (!aresp.isAuthorized()) { + message = POLICY_ENGINE; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_FORBIDDEN); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); + return; + } + } else { + //If Legacy Feed and AAF instance provided in Subscriber JSON + message = "AAF Subscriber can not be added to legacy Feed- " + feedid; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_FORBIDDEN); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); + return; + } + } else { + //New AAF Requirement to add legacy subscriber to AAF Feed + if (subAafLegacyEmptyOrNull) { + AuthorizationResponse aresp = authz.decide(req); + if (!aresp.isAuthorized()) { + message = POLICY_ENGINE; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_FORBIDDEN); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); + return; + } + } else { + //New AAF Requirement to add subscriber by publisher on publisher approval only + String permission = getSubscriberPermission(subAafInstance, BaseServlet.APPROVE_SUB_PERMISSION); + eventlogger.info("SubscribeServlet.doPost().. Permission String - " + permission); + if (!req.isUserInRole(permission)) { + message = "AAF disallows access to permission - " + permission; + elr.setMessage(message); + elr.setResult(HttpServletResponse.SC_FORBIDDEN); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger); + return; + } + } + } + /* + * END - AAF changes + */ + // Check if this subscription already exists; not an error (yet), just warn + Subscription sub2 = Subscription.getSubscriptionMatching(sub); + if (sub2 != null) { + intlogger.warn( + "PROV0011 Creating a duplicate subscription: new subid=" + sub.getSubid() + ", old subid=" + sub2.getSubid()); } - provisioningDataChanged(); - } else { - // Something went wrong with the INSERT - activeSubs--; - elr.setResult(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - eventlogger.info(elr); - sendResponseError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, DB_PROBLEM_MSG, eventlogger); + // Create SUBSCRIPTIONS table entries + if (doInsert(sub)) { + // send response + elr.setResult(HttpServletResponse.SC_CREATED); + eventlogger.info(elr.toString()); + resp.setStatus(HttpServletResponse.SC_CREATED); + resp.setContentType(SUBFULL_CONTENT_TYPE); + resp.setHeader("Location", sub.getLinks().getSelf()); + try { + resp.getOutputStream().print(sub.asLimitedJSONObject().toString()); + } catch (IOException ioe) { + eventlogger.error("PROV0182 SubscribeServlet.doPost: " + ioe.getMessage(), ioe); + } + + provisioningDataChanged(); + } else { + // Something went wrong with the INSERT + activeSubs--; + elr.setResult(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + eventlogger.error(elr.toString()); + sendResponseError(resp, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, DB_PROBLEM_MSG, eventlogger); + } + } finally { + eelfLogger.info(EelfMsgs.EXIT); } } }