Merge "Tried to Fix Some Vulnerability Issues"

[holmes/rule-management.git] / rulemgt / src / main / java / org / onap / holmes / rulemgt / resources / RuleMgtResources.java

/**\r
 * Copyright 2017-2020 ZTE Corporation.\r
 *\r
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except\r
 * in compliance with the License. You may obtain a copy of the License at\r
 *\r
 * http://www.apache.org/licenses/LICENSE-2.0\r
 *\r
 * Unless required by applicable law or agreed to in writing, software distributed under the License\r
 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express\r
 * or implied. See the License for the specific language governing permissions and limitations under\r
 * the License.\r
 */\r
package org.onap.holmes.rulemgt.resources;\r
\r
import com.codahale.metrics.annotation.Timed;\r
import io.swagger.annotations.Api;\r
import io.swagger.annotations.ApiOperation;\r
import io.swagger.annotations.ApiParam;\r
import io.swagger.annotations.SwaggerDefinition;\r
import lombok.extern.slf4j.Slf4j;\r
import org.jvnet.hk2.annotations.Service;\r
import org.onap.holmes.common.exception.CorrelationException;\r
import org.onap.holmes.common.utils.ExceptionUtil;\r
import org.onap.holmes.common.utils.GsonUtil;\r
import org.onap.holmes.common.utils.LanguageUtil;\r
import org.onap.holmes.common.utils.UserUtil;\r
import org.onap.holmes.rulemgt.bean.request.RuleCreateRequest;\r
import org.onap.holmes.rulemgt.bean.request.RuleDeleteRequest;\r
import org.onap.holmes.rulemgt.bean.request.RuleQueryCondition;\r
import org.onap.holmes.rulemgt.bean.request.RuleUpdateRequest;\r
import org.onap.holmes.rulemgt.bean.response.RuleAddAndUpdateResponse;\r
import org.onap.holmes.rulemgt.bean.response.RuleQueryListResponse;\r
import org.onap.holmes.rulemgt.constant.RuleMgtConstant;\r
import org.onap.holmes.rulemgt.wrapper.RuleMgtWrapper;\r
\r
import javax.inject.Inject;\r
import javax.servlet.http.HttpServletRequest;\r
import javax.ws.rs.*;\r
import javax.ws.rs.core.Context;\r
import javax.ws.rs.core.MediaType;\r
import java.util.Locale;\r
\r
@Service\r
@SwaggerDefinition\r
@Path("/rule")\r
@Api(tags = {"Holmes Rule Management"})\r
@Produces(MediaType.APPLICATION_JSON)\r
@Slf4j\r
public class RuleMgtResources {\r
\r
    @Inject\r
    private RuleMgtWrapper ruleMgtWrapper;\r
\r
    @PUT\r
    @Produces(MediaType.APPLICATION_JSON)\r
    @ApiOperation(value = "Save a rule into the database; deploy it to the Drools engine if it is enabled.",\r
            response = RuleAddAndUpdateResponse.class)\r
    @Timed\r
    public RuleAddAndUpdateResponse addCorrelationRule(@Context HttpServletRequest request,\r
            @ApiParam(value =\r
                    "The request entity of the HTTP call, which comprises \"ruleName\"(required), "\r
                            + "\"loopControlName\"(required), \"content\"(required), \"enabled\"(required) "\r
                            + "and \"description\"(optional)", required = true)\r
                    RuleCreateRequest ruleCreateRequest) {\r
        Locale locale = LanguageUtil.getLocale(request);\r
        RuleAddAndUpdateResponse ruleChangeResponse;\r
        try {\r
            ruleChangeResponse = ruleMgtWrapper\r
                    .addCorrelationRule(UserUtil.getUserName(request), ruleCreateRequest);\r
            log.info("create rule:" + ruleCreateRequest.getRuleName() + " success.");\r
            return ruleChangeResponse;\r
        } catch (CorrelationException e) {\r
            log.error("create rule:" + ruleCreateRequest.getRuleName() + " failed", e);\r
            throw ExceptionUtil.buildExceptionResponse(e.getMessage());\r
        }\r
    }\r
\r
    @POST\r
    @Produces(MediaType.APPLICATION_JSON)\r
    @ApiOperation(value = "Update an existing rule; deploy it to the Drools engine if it is enabled.", response = RuleAddAndUpdateResponse.class)\r
    @Timed\r
    public RuleAddAndUpdateResponse updateCorrelationRule(@Context HttpServletRequest request,\r
            @ApiParam(value =\r
                    "The request entity of the HTTP call, which comprises \"ruleId\"(required), "\r
                            + "\"content\"(required), \"enabled\"(required) and \"description\"(optional)", required = true)\r
                    RuleUpdateRequest ruleUpdateRequest) {\r
        Locale locale = LanguageUtil.getLocale(request);\r
        RuleAddAndUpdateResponse ruleChangeResponse;\r
        try {\r
            ruleChangeResponse = ruleMgtWrapper\r
                    .updateCorrelationRule(UserUtil.getUserName(request), ruleUpdateRequest);\r
            log.info("update rule:" + ruleUpdateRequest.getRuleId() + " successful");\r
            return ruleChangeResponse;\r
        } catch (CorrelationException e) {\r
            log.error("update rule:" + ruleUpdateRequest.getContent() + " failed", e);\r
            throw ExceptionUtil.buildExceptionResponse(e.getMessage());\r
        }\r
    }\r
\r
    @DELETE\r
    @Produces(MediaType.APPLICATION_JSON)\r
    @ApiOperation(value = "Remove a rule from Holmes.")\r
    @Timed\r
    @Path("/{ruleid}")\r
    public boolean deleteCorrelationRule(@Context HttpServletRequest request,\r
            @PathParam("ruleid") String ruleId) {\r
        Locale locale = LanguageUtil.getLocale(request);\r
        try {\r
            ruleMgtWrapper.deleteCorrelationRule(new RuleDeleteRequest(ruleId));\r
            log.info("delete rule:" + ruleId + " successful");\r
            return true;\r
        } catch (CorrelationException e) {\r
            log.error("delete rule:" + ruleId + " failed", e);\r
            throw ExceptionUtil.buildExceptionResponse(e.getMessage());\r
        }\r
    }\r
\r
    @GET\r
    @Produces(MediaType.APPLICATION_JSON)\r
    @ApiOperation(value = "Query rules using certain criteria.", response = RuleQueryListResponse.class)\r
    @Timed\r
    public RuleQueryListResponse getCorrelationRules(@Context HttpServletRequest request,\r
            @ApiParam(value =\r
                    "A JSON string used as a query parameter, which comprises \"ruleid\"(optional), "\r
                            + "\"rulename\"(optional), \"creator\"(optional), "\r
                            + "\"modifier\"(optional) and \"enabled\"(optional). E.g. {\"ruleid\":\"rule_1484727187317\"}",\r
                    required = false) @QueryParam("queryrequest") String ruleQueryRequest) {\r
        Locale locale = LanguageUtil.getLocale(request);\r
        RuleQueryListResponse ruleQueryListResponse;\r
\r
        RuleQueryCondition ruleQueryCondition = getRuleQueryCondition(ruleQueryRequest, request);\r
        try {\r
            ruleQueryListResponse = ruleMgtWrapper\r
                    .getCorrelationRuleByCondition(ruleQueryCondition);\r
            log.info("query rule successful by condition:" + ruleQueryCondition);\r
            return ruleQueryListResponse;\r
        } catch (CorrelationException e) {\r
            log.error("query rule failed,cause query condition conversion failure", e);\r
            throw ExceptionUtil.buildExceptionResponse(e.getMessage());\r
        }\r
    }\r
\r
    private RuleQueryCondition getRuleQueryCondition(String queryRequest,\r
            HttpServletRequest request) {\r
        Locale locale = LanguageUtil.getLocale(request);\r
        RuleQueryCondition ruleQueryCondition = GsonUtil\r
                .jsonToBean(queryRequest, RuleQueryCondition.class);\r
        if (queryRequest == null) {\r
            if (ruleQueryCondition == null) {\r
                ruleQueryCondition = new RuleQueryCondition();\r
            }\r
            ruleQueryCondition.setEnabled(RuleMgtConstant.STATUS_RULE_ALL);\r
        } else if (queryRequest.indexOf("enabled") == -1) {\r
            ruleQueryCondition.setEnabled(RuleMgtConstant.STATUS_RULE_ALL);\r
        }\r
        return ruleQueryCondition;\r
    }\r
}\r