diff options
10 files changed, 891 insertions, 366 deletions
diff --git a/src/main/java/org/onap/clamp/clds/model/refprop/RefProp.java b/src/main/java/org/onap/clamp/clds/model/refprop/RefProp.java index c81b6a77..3b1f9682 100644 --- a/src/main/java/org/onap/clamp/clds/model/refprop/RefProp.java +++ b/src/main/java/org/onap/clamp/clds/model/refprop/RefProp.java @@ -5,16 +5,16 @@ * Copyright (C) 2017 AT&T Intellectual Property. All rights * reserved. * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END============================================ * =================================================================== @@ -23,34 +23,38 @@ package org.onap.clamp.clds.model.refprop; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.ApplicationContext; -import org.springframework.core.io.Resource; - -import javax.annotation.PostConstruct; import java.io.IOException; import java.util.ArrayList; import java.util.Iterator; import java.util.List; import java.util.Properties; -import java.util.logging.Logger; + +import javax.annotation.PostConstruct; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.ApplicationContext; +import org.springframework.core.io.Resource; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; /** * Holds reference properties. */ public class RefProp { - private static final Logger logger = Logger.getLogger(RefProp.class.getName()); + protected static final EELFLogger logger = EELFManager.getInstance().getLogger(RefProp.class); + protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger(); @Autowired - private ApplicationContext appContext; - - private Properties prop; + private ApplicationContext appContext; + + private Properties prop; @Value("${org.onap.clamp.config.files.cldsReference:'classpath:/clds/clds-reference.properties'}") - private String cldsReferenceValuesFile; + private String cldsReferenceValuesFile; /** * Load reference properties via null constructor @@ -59,9 +63,9 @@ public class RefProp { */ public RefProp() throws IOException { } - + @PostConstruct - public void loadConfig () throws IOException { + public void loadConfig() throws IOException { prop = new Properties(); Resource resource = appContext.getResource(cldsReferenceValuesFile); prop.load(resource.getInputStream()); @@ -78,7 +82,8 @@ public class RefProp { } /** - * get property value for a combo key (key1 + "." + key2). If not found just use key1. + * get property value for a combo key (key1 + "." + key2). If not found just + * use key1. * * @param key1 * @param key2 @@ -105,7 +110,8 @@ public class RefProp { } /** - * Return json as objects that can be updated. First try with combo key (key1 + "." + key2), otherwise default to just key1. + * Return json as objects that can be updated. First try with combo key + * (key1 + "." + key2), otherwise default to just key1. * * @param key1 * @param key2 @@ -118,7 +124,8 @@ public class RefProp { } /** - * Get list of values for a property field containing json and a field/keyword within that json. + * Get list of values for a property field containing json and a + * field/keyword within that json. * * @param fieldName * @param value diff --git a/src/main/java/org/onap/clamp/clds/service/CldsService.java b/src/main/java/org/onap/clamp/clds/service/CldsService.java index a0aadccb..aaeb03f6 100644 --- a/src/main/java/org/onap/clamp/clds/service/CldsService.java +++ b/src/main/java/org/onap/clamp/clds/service/CldsService.java @@ -5,16 +5,16 @@ * Copyright (C) 2017 AT&T Intellectual Property. All rights * reserved. * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END============================================ * =================================================================== @@ -23,87 +23,145 @@ package org.onap.clamp.clds.service; -import com.att.ajsc.common.AjscService; -import com.att.ajsc.filemonitor.AJSCPropertiesMap; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ObjectNode; +import java.io.IOException; +import java.io.InputStream; +import java.sql.SQLException; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Properties; +import java.util.UUID; + +import javax.annotation.PostConstruct; +import javax.ws.rs.Consumes; +import javax.ws.rs.DefaultValue; +import javax.ws.rs.GET; +import javax.ws.rs.NotAuthorizedException; +import javax.ws.rs.POST; +import javax.ws.rs.PUT; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; +import javax.ws.rs.core.MediaType; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; + +import org.apache.commons.lang3.StringUtils; +import org.camunda.bpm.engine.RuntimeService; +import org.camunda.bpm.engine.runtime.ProcessInstance; +import org.jboss.resteasy.spi.BadRequestException; +import org.onap.clamp.clds.client.DcaeDispatcherServices; +import org.onap.clamp.clds.client.DcaeInventoryServices; import org.onap.clamp.clds.client.SdcCatalogServices; import org.onap.clamp.clds.dao.CldsDao; +import org.onap.clamp.clds.model.CldsDBServiceCache; +import org.onap.clamp.clds.model.CldsEvent; +import org.onap.clamp.clds.model.CldsHealthCheck; +import org.onap.clamp.clds.model.CldsInfo; +import org.onap.clamp.clds.model.CldsModel; +import org.onap.clamp.clds.model.CldsSdcResource; +import org.onap.clamp.clds.model.CldsSdcServiceDetail; +import org.onap.clamp.clds.model.CldsSdcServiceInfo; +import org.onap.clamp.clds.model.CldsServiceData; +import org.onap.clamp.clds.model.CldsTemplate; +import org.onap.clamp.clds.model.DcaeEvent; +import org.onap.clamp.clds.model.ValueItem; import org.onap.clamp.clds.model.prop.ModelProperties; import org.onap.clamp.clds.model.refprop.RefProp; import org.onap.clamp.clds.transform.XslTransformer; -import org.apache.commons.lang3.StringUtils; -import org.camunda.bpm.engine.RuntimeService; -import org.camunda.bpm.engine.runtime.ProcessInstance; -import org.jboss.resteasy.spi.BadRequestException; -import org.onap.clamp.clds.model.*; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import org.onap.clamp.clds.util.LoggingUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.ApplicationContext; -import org.springframework.core.io.Resource; -import javax.ws.rs.*; -import javax.ws.rs.core.MediaType; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import java.io.IOException; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Properties; +import com.att.ajsc.common.AjscService; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.node.ObjectNode; + +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; /** * Service to save and retrieve the CLDS model attributes. */ @AjscService +@Api(value = "/clds", description = "Clds operations") @Path("/clds") public class CldsService extends SecureServiceBase { @Autowired - private ApplicationContext appContext; + private ApplicationContext appContext; + + private static final String RESOURCE_NAME = "clds-version.properties"; + + protected static final EELFLogger logger = EELFManager.getInstance().getLogger(CldsService.class); + protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger(); + + @Value("${CLDS_PERMISSION_TYPE_CL:permission-type-cl}") + private String cldsPersmissionTypeCl; + + @Value("${CLDS_PERMISSION_TYPE_CL_MANAGE:permission-type-cl-manage}") + private String cldsPermissionTypeClManage; - private static final Logger logger = LoggerFactory.getLogger(CldsService.class); + @Value("${CLDS_PERMISSION_TYPE_CL_EVENT:permission-type-cl-event}") + private String cldsPermissionTypeClEvent; - @Value("${CLDS_PERMISSION_TYPE_CL:org.onap.clamp.clds.cl}") - private static String CLDS_PERMISSION_TYPE_CL; + @Value("${CLDS_PERMISSION_TYPE_FILTER_VF:permission-type-filter-vf}") + private String cldsPermissionTypeFilterVf; - @Value("${CLDS_PERMISSION_TYPE_CL_MANAGE:org.onap.clamp.clds.cl.manage}") - private static String CLDS_PERMISSION_TYPE_CL_MANAGE; + @Value("${CLDS_PERMISSION_TYPE_TEMPLATE:permission-type-template}") + private String cldsPermissionTypeTemplate; - @Value("${CLDS_PERMISSION_TYPE_CL_EVENT:/META-INF/securityFilterRules.json}") - private static String CLDS_PERMISSION_TYPE_CL_EVENT; + @Value("${CLDS_PERMISSION_INSTANCE:dev}") + private String cldsPermissionInstance; - @Value("${CLDS_PERMISSION_TYPE_FILTER_VF:/META-INF/securityFilterRules.json}") - private static String CLDS_PERMISSION_TYPE_FILTER_VF; + private SecureServicePermission permissionReadCl; - @Value("${CLDS_PERMISSION_INSTANCE:/META-INF/securityFilterRules.json}") - private static String CLDS_PERMISSION_INSTANCE; + private SecureServicePermission permissionUpdateCl; - private static final SecureServicePermission PERMISSION_READ_CL = SecureServicePermission.create(CLDS_PERMISSION_TYPE_CL, CLDS_PERMISSION_INSTANCE, "read"); + private SecureServicePermission permissionReadTemplate; - private static final SecureServicePermission PERMISSION_UPDATE_CL = SecureServicePermission.create(CLDS_PERMISSION_TYPE_CL, CLDS_PERMISSION_INSTANCE, "update"); + private SecureServicePermission permissionUpdateTemplate; - @Value("${org.onap.clamp.config.files.globalClds:classpath:/clds/globalClds.properties}") - private String globalClds; - private Properties globalCldsProperties; + @PostConstruct + private final void afterConstruction() { + permissionReadCl = SecureServicePermission.create(cldsPersmissionTypeCl, cldsPermissionInstance, "read"); + permissionUpdateCl = SecureServicePermission.create(cldsPersmissionTypeCl, cldsPermissionInstance, "update"); + permissionReadTemplate = SecureServicePermission.create(cldsPermissionTypeTemplate, cldsPermissionInstance, + "read"); + permissionUpdateTemplate = SecureServicePermission.create(cldsPermissionTypeTemplate, cldsPermissionInstance, + "update"); + } + + @Value("${org.onap.clamp.config.files.globalClds:'classpath:/clds/globalClds.properties'}") + private String globalClds; + private Properties globalCldsProperties; + + @Autowired + private CldsDao cldsDao; @Autowired - private CldsDao cldsDao; + private RuntimeService runtimeService; @Autowired - private RuntimeService runtimeService; + private XslTransformer cldsBpmnTransformer; + + @Autowired + private RefProp refProp; + @Autowired - private XslTransformer cldsBpmnTransformer; + private SdcCatalogServices sdcCatalogServices; @Autowired - private RefProp refProp; + private DcaeDispatcherServices dcaeDispatcherServices; @Autowired - private SdcCatalogServices asdcCatalogServices; - // + private DcaeInventoryServices dcaeInventoryServices; public CldsService() { } @@ -112,79 +170,186 @@ public class CldsService extends SecureServiceBase { this.refProp = refProp; } + /* + * + * CLDS IFO service will return 3 things 1. User Name 2. CLDS code version + * that is currently installed from pom.xml file 3. User permissions + * + */ + + @GET + @Path("/cldsInfo") + @Produces(MediaType.APPLICATION_JSON) + public CldsInfo getCldsInfo() { + + CldsInfo cldsInfo = new CldsInfo(); + + // Get the user info + cldsInfo.setUserName(getUserName()); + + // Get CLDS application version + String cldsVersion = ""; + Properties props = new Properties(); + InputStream resourceStream = null; + + try { + ClassLoader loader = Thread.currentThread().getContextClassLoader(); + resourceStream = loader.getResourceAsStream(RESOURCE_NAME); + props.load(resourceStream); + cldsVersion = props.getProperty("clds.version"); + } catch (Exception ex) { + ex.printStackTrace(); + } finally { + if (resourceStream != null) { + try { + resourceStream.close(); + } catch (IOException e) { + e.printStackTrace(); + } + } + } + cldsInfo.setCldsVersion(cldsVersion); + + // Get the user list of permissions + cldsInfo.setPermissionReadCl(isAuthorized(permissionReadCl)); + cldsInfo.setPermissionUpdateCl(isAuthorized(permissionUpdateCl)); + cldsInfo.setPermissionReadTemplate(isAuthorized(permissionReadTemplate)); + cldsInfo.setPermissionUpdateTemplate(isAuthorized(permissionUpdateTemplate)); + return cldsInfo; + } + + @GET + @Path("/healthcheck") + @Produces(MediaType.APPLICATION_JSON) + public CldsHealthCheck gethealthcheck() { + + CldsHealthCheck cldsHealthCheck = new CldsHealthCheck(); + + try { + cldsDao.doHealthCheck(); + cldsHealthCheck.setHealthCheckComponent("CLDS-APP"); + cldsHealthCheck.setHealthCheckStatus("UP"); + cldsHealthCheck.setDescription("OK"); + } catch (SQLException e) { + logger.error("CLAMP application DB Error" + e); + cldsHealthCheck.setHealthCheckComponent("CLDS-APP"); + cldsHealthCheck.setHealthCheckStatus("DOWN"); + cldsHealthCheck.setDescription("NOT-OK"); + // return Response.status(500).entity("Database down for CLDS + // application").build(); + } catch (Exception e) { + logger.error("CLAMP application DB Error" + e); + cldsHealthCheck.setHealthCheckComponent("CLDS-APP"); + cldsHealthCheck.setHealthCheckStatus("DOWN"); + cldsHealthCheck.setDescription("NOT-OK"); + // return Response.status(500).entity("Database down for CLDS + // application").build(); + } + + return cldsHealthCheck; + + } + /** * REST service that retrieves BPMN for a CLDS model name from the database. - * This is subset of the json getModel. - * This is only expected to be used for testing purposes, not by the UI. + * This is subset of the json getModel. This is only expected to be used for + * testing purposes, not by the UI. * * @param modelName * @return bpmn xml text - content of bpmn given name */ + @ApiOperation(value = "Retrieves BPMN for a CLDS model name from the database", notes = "This is only expected to be used for testing purposes, not by the UI", response = String.class) @GET @Path("/model/bpmn/{modelName}") @Produces(MediaType.TEXT_XML) public String getBpmnXml(@PathParam("modelName") String modelName) { - isAuthorized(PERMISSION_READ_CL); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: GET model bpmn", getPrincipalName()); + isAuthorized(permissionReadCl); logger.info("GET bpmnText for modelName={}", modelName); CldsModel model = CldsModel.retrieve(cldsDao, modelName, false); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get model bpmn success", this.getClass().getName()); + auditLogger.info("GET model bpmn completed"); return model.getBpmnText(); } /** * REST service that saves BPMN for a CLDS model by name in the database. - * This is subset of the json putModel. - * This is only expected to be used for testing purposes, not by the UI. + * This is subset of the json putModel. This is only expected to be used for + * testing purposes, not by the UI. * * @param modelName */ + @ApiOperation(value = "Saves BPMN for a CLDS model by name in the database", notes = "This is only expected to be used for testing purposes, not by the UI", response = String.class) @PUT @Path("/model/bpmn/{modelName}") @Consumes(MediaType.TEXT_XML) public String putBpmnXml(@PathParam("modelName") String modelName, String bpmnText) { - isAuthorized(PERMISSION_UPDATE_CL); + LoggingUtils.setRequestContext("CldsService: PUT model bpmn", getPrincipalName()); + isAuthorized(permissionUpdateCl); logger.info("PUT bpmnText for modelName={}", modelName); logger.info("PUT bpmnText={}", bpmnText); CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, true); cldsModel.setBpmnText(bpmnText); - cldsModel.save(cldsDao, getUserid()); + cldsModel.save(cldsDao, getUserId()); + // audit log + LoggingUtils.setTimeContext(new Date(), new Date()); + LoggingUtils.setResponseContext("0", "Put model bpmn success", this.getClass().getName()); + auditLogger.info("PUT model bpmn completed"); return "wrote bpmnText for modelName=" + modelName; } /** - * REST service that retrieves image for a CLDS model name from the database. - * This is subset of the json getModel. - * This is only expected to be used for testing purposes, not by the UI. + * REST service that retrieves image for a CLDS model name from the + * database. This is subset of the json getModel. This is only expected to + * be used for testing purposes, not by the UI. * * @param modelName * @return image xml text - content of image given name */ + @ApiOperation(value = "Retrieves image for a CLDS model name from the database", notes = "This is only expected to be used for testing purposes, not by the UI", response = String.class) @GET @Path("/model/image/{modelName}") @Produces(MediaType.TEXT_XML) public String getImageXml(@PathParam("modelName") String modelName) { - isAuthorized(PERMISSION_READ_CL); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: GET model image", getPrincipalName()); + isAuthorized(permissionReadCl); logger.info("GET imageText for modelName={}", modelName); CldsModel model = CldsModel.retrieve(cldsDao, modelName, false); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get model image success", this.getClass().getName()); + auditLogger.info("GET model image completed"); return model.getImageText(); } /** * REST service that saves image for a CLDS model by name in the database. - * This is subset of the json putModel. - * This is only expected to be used for testing purposes, not by the UI. + * This is subset of the json putModel. This is only expected to be used for + * testing purposes, not by the UI. * * @param modelName */ + @ApiOperation(value = "Saves image for a CLDS model by name in the database", notes = "This is only expected to be used for testing purposes, not by the UI", response = String.class) @PUT @Path("/model/image/{modelName}") @Consumes(MediaType.TEXT_XML) public String putImageXml(@PathParam("modelName") String modelName, String imageText) { - isAuthorized(PERMISSION_UPDATE_CL); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: PUT model image", getPrincipalName()); + isAuthorized(permissionUpdateCl); logger.info("PUT iamgeText for modelName={}", modelName); logger.info("PUT imageText={}", imageText); CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, true); cldsModel.setImageText(imageText); - cldsModel.save(cldsDao, getUserid()); + cldsModel.save(cldsDao, getUserId()); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Put model image success", this.getClass().getName()); + auditLogger.info("PUT model image completed"); return "wrote imageText for modelName=" + modelName; } @@ -195,14 +360,38 @@ public class CldsService extends SecureServiceBase { * @return clds model - clds model for the given model name * @throws NotAuthorizedException */ + @ApiOperation(value = "Retrieves a CLDS model by name from the database", notes = "", response = String.class) @GET @Path("/model/{modelName}") @Produces(MediaType.APPLICATION_JSON) public CldsModel getModel(@PathParam("modelName") String modelName) throws NotAuthorizedException { - isAuthorized(PERMISSION_READ_CL); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: GET model", getPrincipalName()); + isAuthorized(permissionReadCl); logger.debug("GET model for modelName={}", modelName); CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, false); isAuthorizedForVf(cldsModel); + cldsModel.setUserAuthorizedToUpdate(isAuthorizedNoException(permissionUpdateCl)); + + /** + * Checking condtion whether our CLDS model can call INventory Method + */ + if (cldsModel.canInventoryCall()) { + try { + /* + * Below is the method to for inventory call and DB insert for + * event methods + */ + dcaeInventoryServices.setEventInventory(cldsModel, getUserId()); + } catch (Exception e) { + LoggingUtils.setErrorContext("900", "Set event inventory error"); + logger.error("getModel set event Inventory error:" + e); + } + } + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get model success", this.getClass().getName()); + auditLogger.info("GET model completed"); return cldsModel; } @@ -213,12 +402,16 @@ public class CldsService extends SecureServiceBase { * @throws TransformerException * @throws TransformerConfigurationException */ + @ApiOperation(value = "Saves a CLDS model by name in the database", notes = "", response = String.class) @PUT @Path("/model/{modelName}") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public CldsModel putModel(@PathParam("modelName") String modelName, CldsModel cldsModel) throws TransformerException { - isAuthorized(PERMISSION_UPDATE_CL); + public CldsModel putModel(@PathParam("modelName") String modelName, CldsModel cldsModel) + throws TransformerException { + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: PUT model", getPrincipalName()); + isAuthorized(permissionUpdateCl); isAuthorizedForVf(cldsModel); logger.info("PUT model for modelName={}", modelName); logger.info("PUT bpmnText={}", cldsModel.getBpmnText()); @@ -234,7 +427,12 @@ public class CldsService extends SecureServiceBase { cldsModel.setDocId(template.getPropId()); } } - cldsModel.save(cldsDao, getUserid()); + cldsModel.save(cldsDao, getUserId()); + cldsModel.save(cldsDao, getUserId()); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Put model success", this.getClass().getName()); + auditLogger.info("PUT model completed"); return cldsModel; } @@ -243,13 +441,21 @@ public class CldsService extends SecureServiceBase { * * @return model names in JSON */ + @ApiOperation(value = "Retrieves a list of CLDS model names", notes = "", response = String.class) @GET @Path("/model-names") @Produces(MediaType.APPLICATION_JSON) public List<ValueItem> getModelNames() { -// isAuthorized(PERMISSION_READ_CL); + // isAuthorized(permissionReadCl); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: GET model names", getPrincipalName()); logger.info("GET list of model names"); - return cldsDao.getBpmnNames(); + List<ValueItem> names = cldsDao.getBpmnNames(); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get model names success", this.getClass().getName()); + auditLogger.info("GET model names completed"); + return names; } /** @@ -260,22 +466,26 @@ public class CldsService extends SecureServiceBase { * @param test * @param model * @return - * @throws TransformerConfigurationException - * @throws TransformerException - * @throws IOException + * @throws Exception * @throws JsonProcessingException * @throws NotAuthorizedException */ + @ApiOperation(value = "Saves and processes an action for a CLDS model by name", notes = "", response = String.class) @PUT @Path("/action/{action}/{modelName}") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public CldsModel putModelAndProcessAction(@PathParam("action") String action, @PathParam("modelName") String modelName, @QueryParam("test") String test, CldsModel model) throws TransformerException, NotAuthorizedException, IOException { + public CldsModel putModelAndProcessAction(@PathParam("action") String action, + @PathParam("modelName") String modelName, @QueryParam("test") String test, CldsModel model) + throws Exception { + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: Process model action", getPrincipalName()); String actionCd = action.toUpperCase(); - SecureServicePermission permisionManage = SecureServicePermission.create(CLDS_PERMISSION_TYPE_CL_MANAGE, CLDS_PERMISSION_INSTANCE, actionCd); + SecureServicePermission permisionManage = SecureServicePermission.create(cldsPermissionTypeClManage, + cldsPermissionInstance, actionCd); isAuthorized(permisionManage); isAuthorizedForVf(model); - String userid = getUserid(); + String userid = getUserId(); String actionStateCd = CldsEvent.ACTION_STATE_INITIATED; String processDefinitionKey = "clds-process-action-wf"; @@ -287,6 +497,8 @@ public class CldsService extends SecureServiceBase { logger.info("PUT bpmnText={}", model.getBpmnText()); logger.info("PUT propText={}", model.getPropText()); logger.info("PUT userid={}", userid); + logger.info("PUT getTypeId={}", model.getTypeId()); + logger.info("PUT deploymentId={}", model.getDeploymentId()); if (model.getTemplateName() != null) { CldsTemplate template = cldsDao.getTemplate(model.getTemplateName()); @@ -298,7 +510,7 @@ public class CldsService extends SecureServiceBase { } // save model to db model.setName(modelName); - model.save(cldsDao, getUserid()); + model.save(cldsDao, getUserId()); // get vars and format if necessary String prop = model.getPropText(); @@ -309,11 +521,14 @@ public class CldsService extends SecureServiceBase { String bpmnJson = cldsBpmnTransformer.doXslTransformToString(bpmn); logger.info("PUT bpmnJson={}", bpmnJson); + // Flag indicates whether it is triggered by Validation Test button from UI boolean isTest = false; if (test != null && test.equalsIgnoreCase("true")) { - isTest = true; + isTest = true; } else { - // if action.test.override is true, then any action will be marked as test=true (even if incoming action request had test=false); otherwise, test flag will be unchanged on the action request + // if action.test.override is true, then any action will be marked + // as test=true (even if incoming action request had test=false); + // otherwise, test flag will be unchanged on the action request String actionTestOverride = refProp.getStringValue("action.test.override"); if (actionTestOverride != null && actionTestOverride.equalsIgnoreCase("true")) { logger.info("PUT actionTestOverride={}", actionTestOverride); @@ -323,7 +538,6 @@ public class CldsService extends SecureServiceBase { } logger.info("PUT isTest={}", isTest); - boolean isInsertTestEvent = false; String insertTestEvent = refProp.getStringValue("action.insert.test.event"); if (insertTestEvent != null && insertTestEvent.equalsIgnoreCase("true")) { @@ -331,30 +545,45 @@ public class CldsService extends SecureServiceBase { } logger.info("PUT isInsertTestEvent={}", isInsertTestEvent); - // determine if requested action is permitted model.validateAction(actionCd); // input variables to camunda process Map<String, Object> variables = new HashMap<>(); variables.put("actionCd", actionCd); - variables.put("modelProp", prop); + variables.put("modelProp", prop.getBytes()); variables.put("modelBpmnProp", bpmnJson); variables.put("modelName", modelName); variables.put("controlName", controlName); - variables.put("docText", docText); + variables.put("docText", docText.getBytes()); variables.put("isTest", isTest); variables.put("userid", userid); variables.put("isInsertTestEvent", isInsertTestEvent); + logger.info("modelProp - " + prop); + logger.info("docText - " + docText); // start camunda process ProcessInstance pi = runtimeService.startProcessInstanceByKey(processDefinitionKey, variables); // log process info - logger.info("Started processDefinitionId={}, processInstanceId={}", pi.getProcessDefinitionId(), pi.getProcessInstanceId()); + logger.info("Started processDefinitionId={}, processInstanceId={}", pi.getProcessDefinitionId(), + pi.getProcessInstanceId()); // refresh model info from db (get fresh event info) - return CldsModel.retrieve(cldsDao, modelName, false); + CldsModel retreivedModel = CldsModel.retrieve(cldsDao, modelName, false); + + if (actionCd.equalsIgnoreCase(CldsEvent.ACTION_SUBMIT) + || actionCd.equalsIgnoreCase(CldsEvent.ACTION_RESUBMIT)) { + // To verify inventory status and modify model status to distribute + dcaeInventoryServices.setEventInventory(retreivedModel, getUserId()); + retreivedModel.save(cldsDao, getUserId()); + } + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Process model action success", this.getClass().getName()); + auditLogger.info("Process model action completed"); + + return retreivedModel; } /** @@ -364,29 +593,37 @@ public class CldsService extends SecureServiceBase { * @param dcaeEvent * @throws BadRequestException */ + @ApiOperation(value = "Accepts events for a model", notes = "", response = String.class) @POST @Path("/dcae/event") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public String postDcaeEvent(@QueryParam("test") String test, DcaeEvent dcaeEvent) throws BadRequestException { + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: Post dcae event", getPrincipalName()); String userid = null; - // TODO: allow auth checking to be turned off by removing the permission type property - if (CLDS_PERMISSION_TYPE_CL_EVENT != null && CLDS_PERMISSION_TYPE_CL_EVENT.length() > 0) { - SecureServicePermission permissionEvent = SecureServicePermission.create(CLDS_PERMISSION_TYPE_CL_EVENT, CLDS_PERMISSION_INSTANCE, dcaeEvent.getEvent()); + // TODO: allow auth checking to be turned off by removing the permission + // type property + if (cldsPermissionTypeClEvent != null && cldsPermissionTypeClEvent.length() > 0) { + SecureServicePermission permissionEvent = SecureServicePermission.create(cldsPermissionTypeClEvent, + cldsPermissionInstance, dcaeEvent.getEvent()); isAuthorized(permissionEvent); - userid = getUserid(); + userid = getUserId(); } + // Flag indicates whether it is triggered by Validation Test button from UI boolean isTest = false; if (test != null && test.equalsIgnoreCase("true")) { - isTest = true; + isTest = true; } int instanceCount = 0; if (dcaeEvent.getInstances() != null) { instanceCount = dcaeEvent.getInstances().size(); } - String msgInfo = "event=" + dcaeEvent.getEvent() + " serviceUUID=" + dcaeEvent.getServiceUUID() + " resourceUUID=" + dcaeEvent.getResourceUUID() + " artifactName=" + dcaeEvent.getArtifactName() + " instance count=" + instanceCount + " isTest=" + isTest; + String msgInfo = "event=" + dcaeEvent.getEvent() + " serviceUUID=" + dcaeEvent.getServiceUUID() + + " resourceUUID=" + dcaeEvent.getResourceUUID() + " artifactName=" + dcaeEvent.getArtifactName() + + " instance count=" + instanceCount + " isTest=" + isTest; logger.info("POST dcae event {}", msgInfo); if (isTest) { @@ -395,38 +632,43 @@ public class CldsService extends SecureServiceBase { if (DcaeEvent.EVENT_DEPLOYMENT.equalsIgnoreCase(dcaeEvent.getEvent())) { CldsModel.insertModelInstance(cldsDao, dcaeEvent, userid); } else { - CldsEvent.insEvent(cldsDao, dcaeEvent.getControlName(), userid, dcaeEvent.getCldsActionCd(), CldsEvent.ACTION_STATE_RECEIVED, null); + CldsEvent.insEvent(cldsDao, dcaeEvent.getControlName(), userid, dcaeEvent.getCldsActionCd(), + CldsEvent.ACTION_STATE_RECEIVED, null); } - // EVENT_UNDEPLOYMENT is defunct - DCAE Proxy will not undeploy individual instances. It will send an empty list of - // deployed instances to indicate all have been removed. Or it will send an updated list to indicate those that - // are still deployed with any not on the list considered undeployed. - //else if(DcaeEvent.EVENT_UNDEPLOYMENT.equalsIgnoreCase(dcaeEvent.getEvent())) - //{ - // CldsModel.removeModelInstance(cldsDao, dcaeEvent); - //} } + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Post dcae event success", this.getClass().getName()); + auditLogger.info("Post dcae event completed"); return msgInfo; } /** - * REST service that retrieves asdc services + * REST service that retrieves sdc services * * @throws Exception */ + @ApiOperation(value = "Retrieves sdc services", notes = "", response = String.class) @GET - @Path("/asdc/services") + @Path("/sdc/services") @Produces(MediaType.APPLICATION_JSON) - public String getAsdcServices() throws Exception { + public String getSdcServices() throws Exception { + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: GET sdc services", getPrincipalName()); String retStr; try { - String responseStr = asdcCatalogServices.getAsdcServicesInformation(null); + String responseStr = sdcCatalogServices.getSdcServicesInformation(null); retStr = createUiServiceFormatJson(responseStr); } catch (Exception e) { logger.info("{} {}", e.getClass().getName(), e.getMessage()); throw e; } - logger.info("value of asdcServices : {}", retStr); + logger.info("value of sdcServices : {}", retStr); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get sdc services success", this.getClass().getName()); + auditLogger.info("GET sdc services completed"); return retStr; } @@ -435,39 +677,51 @@ public class CldsService extends SecureServiceBase { * * @throws Exception */ + @ApiOperation(value = "Retrieves total properties required by UI", notes = "", response = String.class) @GET @Path("/properties") @Produces(MediaType.APPLICATION_JSON) - public String getAsdcProperties() throws Exception { + public String getSdcProperties() throws Exception { return createPropertiesObjectByUUID(getGlobalCldsString(), "{}"); } /** - * REST service that retrieves total properties by using invariantUUID based on refresh and non refresh + * REST service that retrieves total properties by using invariantUUID based + * on refresh and non refresh * * @throws Exception */ + @ApiOperation(value = "Retrieves total properties by using invariantUUID based on refresh and non refresh", notes = "", response = String.class) @GET @Path("/properties/{serviceInvariantUUID}") @Produces(MediaType.APPLICATION_JSON) - public String getAsdcPropertiesByServiceUUIDForRefresh(@PathParam("serviceInvariantUUID") String serviceInvariantUUID, @DefaultValue("false") @QueryParam("refresh") String refresh) throws Exception { + public String getSdcPropertiesByServiceUUIDForRefresh( + @PathParam("serviceInvariantUUID") String serviceInvariantUUID, + @DefaultValue("false") @QueryParam("refresh") String refresh) throws Exception { + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: GET sdc properties by uuid", getPrincipalName()); CldsServiceData cldsServiceData = new CldsServiceData(); cldsServiceData.setServiceInvariantUUID(serviceInvariantUUID); - boolean isCldsAsdcDataExpired = true; - // To getcldsService information from database cache using invariantUUID only when refresh = false + boolean isCldsSdcDataExpired = true; + // To getcldsService information from database cache using invariantUUID + // only when refresh = false if (refresh != null && refresh.equalsIgnoreCase("false")) { cldsServiceData = cldsServiceData.getCldsServiceCache(cldsDao, serviceInvariantUUID); - // If cldsService is available in database Cache , verify is data expired or not + // If cldsService is available in database Cache , verify is data + // expired or not if (cldsServiceData != null) { - isCldsAsdcDataExpired = asdcCatalogServices.isCldsAsdcCacheDataExpired(cldsServiceData); + isCldsSdcDataExpired = sdcCatalogServices.isCldsSdcCacheDataExpired(cldsServiceData); } } - // If user Requested for refresh or database cache expired , get all data from asdc api. - if ((refresh != null && refresh.equalsIgnoreCase("true")) || isCldsAsdcDataExpired) { - cldsServiceData = asdcCatalogServices.getCldsServiceDataWithAlarmConditions(serviceInvariantUUID); - CldsDBServiceCache cldsDBServiceCache = asdcCatalogServices.getCldsDBServiceCacheUsingCldsServiceData(cldsServiceData); - if (cldsDBServiceCache != null && cldsDBServiceCache.getInvariantId() != null && cldsDBServiceCache.getServiceId() != null) { + // If user Requested for refresh or database cache expired , get all + // data from sdc api. + if ((refresh != null && refresh.equalsIgnoreCase("true")) || isCldsSdcDataExpired) { + cldsServiceData = sdcCatalogServices.getCldsServiceDataWithAlarmConditions(serviceInvariantUUID); + CldsDBServiceCache cldsDBServiceCache = sdcCatalogServices + .getCldsDbServiceCacheUsingCldsServiceData(cldsServiceData); + if (cldsDBServiceCache != null && cldsDBServiceCache.getInvariantId() != null + && cldsDBServiceCache.getServiceId() != null) { cldsServiceData.setCldsServiceCache(cldsDao, cldsDBServiceCache); } } @@ -475,31 +729,39 @@ public class CldsService extends SecureServiceBase { // filter out VFs the user is not authorized for cldsServiceData.filterVfs(this); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get sdc properties by uuid success", this.getClass().getName()); + auditLogger.info("GET sdc properties by uuid completed"); + // format retrieved data into properties json - return asdcCatalogServices.createPropertiesObjectByUUID(getGlobalCldsString(), cldsServiceData); + return sdcCatalogServices.createPropertiesObjectByUUID(getGlobalCldsString(), cldsServiceData); } /** - * Determine if the user is authorized for a particular VF by its invariant UUID. + * Determine if the user is authorized for a particular VF by its invariant + * UUID. * * @param vfInvariantUuid * @throws NotAuthorizedException * @return */ public boolean isAuthorizedForVf(String vfInvariantUuid) throws NotAuthorizedException { - if (CLDS_PERMISSION_TYPE_FILTER_VF != null && CLDS_PERMISSION_TYPE_FILTER_VF.length() > 0) { - SecureServicePermission permission = SecureServicePermission.create(CLDS_PERMISSION_TYPE_FILTER_VF, CLDS_PERMISSION_INSTANCE, vfInvariantUuid); + if (cldsPermissionTypeFilterVf != null && cldsPermissionTypeFilterVf.length() > 0) { + SecureServicePermission permission = SecureServicePermission.create(cldsPermissionTypeFilterVf, + cldsPermissionInstance, vfInvariantUuid); return isAuthorized(permission); } else { - // if CLDS_PERMISSION_TYPE_FILTER_VF property is not provided, then VF filtering is turned off + // if CLDS_PERMISSION_TYPE_FILTER_VF property is not provided, then + // VF filtering is turned off logger.warn("VF filtering turned off"); return true; } } /** - * Determine if the user is authorized for a particular VF by its invariant UUID. - * If not authorized, then NotAuthorizedException is thrown. + * Determine if the user is authorized for a particular VF by its invariant + * UUID. If not authorized, then NotAuthorizedException is thrown. * * @param model * @return @@ -519,16 +781,18 @@ public class CldsService extends SecureServiceBase { return ""; } ObjectMapper objectMapper = new ObjectMapper(); - List<CldsAsdcServiceInfo> rawList = objectMapper.readValue(responseStr, objectMapper.getTypeFactory().constructCollectionType(List.class, CldsAsdcServiceInfo.class)); + List<CldsSdcServiceInfo> rawList = objectMapper.readValue(responseStr, + objectMapper.getTypeFactory().constructCollectionType(List.class, CldsSdcServiceInfo.class)); ObjectNode invariantIdServiceNode = objectMapper.createObjectNode(); ObjectNode serviceNode = objectMapper.createObjectNode(); logger.info("value of cldsserviceiNfolist: {}", rawList); if (rawList != null && rawList.size() > 0) { - List<CldsAsdcServiceInfo> cldsAsdcServiceInfoList = asdcCatalogServices.removeDuplicateServices(rawList); + List<CldsSdcServiceInfo> cldsSdcServiceInfoList = sdcCatalogServices.removeDuplicateServices(rawList); - for (CldsAsdcServiceInfo currCldsAsdcServiceInfo : cldsAsdcServiceInfoList) { - if (currCldsAsdcServiceInfo != null) { - invariantIdServiceNode.put(currCldsAsdcServiceInfo.getInvariantUUID(), currCldsAsdcServiceInfo.getName()); + for (CldsSdcServiceInfo currCldsSdcServiceInfo : cldsSdcServiceInfoList) { + if (currCldsSdcServiceInfo != null) { + invariantIdServiceNode.put(currCldsSdcServiceInfo.getInvariantUUID(), + currCldsSdcServiceInfo.getName()); } } serviceNode.putPOJO("service", invariantIdServiceNode); @@ -538,9 +802,9 @@ public class CldsService extends SecureServiceBase { private String createPropertiesObjectByUUID(String globalProps, String cldsResponseStr) throws IOException { ObjectMapper mapper = new ObjectMapper(); - CldsAsdcServiceDetail cldsAsdcServiceDetail = mapper.readValue(cldsResponseStr, CldsAsdcServiceDetail.class); + CldsSdcServiceDetail cldsSdcServiceDetail = mapper.readValue(cldsResponseStr, CldsSdcServiceDetail.class); ObjectNode globalPropsJson = null; - if (cldsAsdcServiceDetail != null && cldsAsdcServiceDetail.getUuid() != null) { + if (cldsSdcServiceDetail != null && cldsSdcServiceDetail.getUuid() != null) { /** * to create json with vf, alarm and locations */ @@ -550,22 +814,22 @@ public class CldsService extends SecureServiceBase { /** * to create json with vf and vfresourceId */ - createVfObjectNode(vfObjectNode, mapper, cldsAsdcServiceDetail.getResources()); - serviceObjectNode.putPOJO(cldsAsdcServiceDetail.getInvariantUUID(), vfObjectNode); + createVfObjectNode(vfObjectNode, mapper, cldsSdcServiceDetail.getResources()); + serviceObjectNode.putPOJO(cldsSdcServiceDetail.getInvariantUUID(), vfObjectNode); ObjectNode byServiceBasicObjetNode = mapper.createObjectNode(); byServiceBasicObjetNode.putPOJO("byService", serviceObjectNode); /** * to create json with VFC Node */ - ObjectNode emptyvfcobjectNode = createByVFCObjectNode(mapper, cldsAsdcServiceDetail.getResources()); + ObjectNode emptyvfcobjectNode = createByVFCObjectNode(mapper, cldsSdcServiceDetail.getResources()); byServiceBasicObjetNode.putPOJO("byVf", emptyvfcobjectNode); globalPropsJson = (ObjectNode) mapper.readValue(globalProps, JsonNode.class); globalPropsJson.putPOJO("shared", byServiceBasicObjetNode); logger.info("valuie of objNode: {}", globalPropsJson); } else { /** - * to create json with total properties when no serviceUUID passed + * to create json with total properties when no serviceUUID passed */ globalPropsJson = (ObjectNode) mapper.readValue(globalProps, JsonNode.class); } @@ -584,19 +848,22 @@ public class CldsService extends SecureServiceBase { return emptyServiceObjectNode; } - private void createVfObjectNode(ObjectNode vfObjectNode2, ObjectMapper mapper, List<CldsAsdcResource> rawCldsAsdcResourceList) throws IOException { + private void createVfObjectNode(ObjectNode vfObjectNode2, ObjectMapper mapper, + List<CldsSdcResource> rawCldsSdcResourceList) throws IOException { ObjectNode vfNode = mapper.createObjectNode(); vfNode.put("", ""); // To remove repeated resource instance name from resourceInstanceList - List<CldsAsdcResource> cldsAsdcResourceList = asdcCatalogServices.removeDuplicateAsdcResourceInstances(rawCldsAsdcResourceList); + List<CldsSdcResource> cldsSdcResourceList = sdcCatalogServices + .removeDuplicateSdcResourceInstances(rawCldsSdcResourceList); /** - * Creating vf resource node using cldsAsdcResource Object + * Creating vf resource node using cldsSdcResource Object */ - if (cldsAsdcResourceList != null && cldsAsdcResourceList.size() > 0) { - for (CldsAsdcResource cldsAsdcResource : cldsAsdcResourceList) { - if (cldsAsdcResource != null && cldsAsdcResource.getResoucreType() != null && cldsAsdcResource.getResoucreType().equalsIgnoreCase("VF")) { - vfNode.put(cldsAsdcResource.getResourceUUID(), cldsAsdcResource.getResourceName()); + if (cldsSdcResourceList != null && cldsSdcResourceList.size() > 0) { + for (CldsSdcResource cldsSdcResource : cldsSdcResourceList) { + if (cldsSdcResource != null && cldsSdcResource.getResoucreType() != null + && cldsSdcResource.getResoucreType().equalsIgnoreCase("VF")) { + vfNode.put(cldsSdcResource.getResourceUUID(), cldsSdcResource.getResourceName()); } } } @@ -605,7 +872,7 @@ public class CldsService extends SecureServiceBase { String alarmStringValue = refProp.getStringValue("ui.alarm.default"); /** - * creating location json object using properties file value + * creating location json object using properties file value */ ObjectNode locationJsonNode = (ObjectNode) mapper.readValue(locationStringValue, JsonNode.class); vfObjectNode2.putPOJO("location", locationJsonNode); @@ -618,29 +885,111 @@ public class CldsService extends SecureServiceBase { vfObjectNode2.putPOJO("alarmCondition", alarmStringJsonNode); } - private ObjectNode createByVFCObjectNode(ObjectMapper mapper, List<CldsAsdcResource> cldsAsdcResourceList) { + private ObjectNode createByVFCObjectNode(ObjectMapper mapper, List<CldsSdcResource> cldsSdcResourceList) { ObjectNode emptyObjectNode = mapper.createObjectNode(); ObjectNode emptyvfcobjectNode = mapper.createObjectNode(); ObjectNode vfCObjectNode = mapper.createObjectNode(); vfCObjectNode.putPOJO("vfC", emptyObjectNode); ObjectNode subVfCObjectNode = mapper.createObjectNode(); subVfCObjectNode.putPOJO("vfc", emptyObjectNode); - if (cldsAsdcResourceList != null && cldsAsdcResourceList.size() > 0) { - for (CldsAsdcResource cldsAsdcResource : cldsAsdcResourceList) { - if (cldsAsdcResource != null && cldsAsdcResource.getResoucreType() != null && cldsAsdcResource.getResoucreType().equalsIgnoreCase("VF")) { - vfCObjectNode.putPOJO(cldsAsdcResource.getResourceUUID(), subVfCObjectNode); + if (cldsSdcResourceList != null && cldsSdcResourceList.size() > 0) { + for (CldsSdcResource cldsSdcResource : cldsSdcResourceList) { + if (cldsSdcResource != null && cldsSdcResource.getResoucreType() != null + && cldsSdcResource.getResoucreType().equalsIgnoreCase("VF")) { + vfCObjectNode.putPOJO(cldsSdcResource.getResourceUUID(), subVfCObjectNode); } } } emptyvfcobjectNode.putPOJO("", vfCObjectNode); return emptyvfcobjectNode; } - + + @PUT + @Path("/deploy/{modelName}") + @Consumes(MediaType.APPLICATION_JSON) + @Produces(MediaType.APPLICATION_JSON) + public CldsModel deployModel(@PathParam("action") String action, @PathParam("modelName") String modelName, + @QueryParam("test") String test, CldsModel model) throws Exception { + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: Deploy model", getPrincipalName()); + String deploymentId = "closedLoop_" + UUID.randomUUID() + "_deploymentId"; + String createNewDeploymentStatusUrl = dcaeDispatcherServices.createNewDeployment(deploymentId, + model.getTypeId()); + String operationStatus = "processing"; + while (operationStatus.equalsIgnoreCase("processing")) { + operationStatus = dcaeDispatcherServices.getOperationStatus(createNewDeploymentStatusUrl); + } + if (operationStatus != null && operationStatus.equalsIgnoreCase("succeeded")) { + String artifactName = model.getControlName(); + if (artifactName != null) { + artifactName = artifactName + ".yml"; + } + DcaeEvent dcaeEvent = new DcaeEvent(); + /* set dcae events */ + dcaeEvent.setArtifactName(artifactName); + dcaeEvent.setEvent(DcaeEvent.EVENT_DEPLOYMENT); + CldsEvent.insEvent(cldsDao, dcaeEvent.getControlName(), getUserId(), dcaeEvent.getCldsActionCd(), + CldsEvent.ACTION_STATE_RECEIVED, null); + model.setDeploymentId(deploymentId); + model.save(cldsDao, getUserId()); + } + else{ + logger.info("Deploy model (" + modelName + ") failed...Operation Status is - " + operationStatus); + throw new Exception("Deploy model (" + modelName + ") failed...Operation Status is - " + operationStatus); + } + logger.info("Deploy model (" + modelName + ") succeeded...Deployment Id is - " + deploymentId); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Deploy model success", this.getClass().getName()); + auditLogger.info("Deploy model completed"); + return model; + } + + @PUT + @Path("/undeploy/{modelName}") + @Consumes(MediaType.APPLICATION_JSON) + @Produces(MediaType.APPLICATION_JSON) + public CldsModel unDeployModel(@PathParam("action") String action, @PathParam("modelName") String modelName, + @QueryParam("test") String test, CldsModel model) throws Exception { + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: Undeploy model", getPrincipalName()); + String operationStatusUndeployUrl = dcaeDispatcherServices.deleteExistingDeployment(model.getDeploymentId(), + model.getTypeId()); + String operationStatus = "processing"; + while (operationStatus.equalsIgnoreCase("processing")) { + operationStatus = dcaeDispatcherServices.getOperationStatus(operationStatusUndeployUrl); + } + if (operationStatus != null && operationStatus.equalsIgnoreCase("succeeded")) { + String artifactName = model.getControlName(); + if (artifactName != null) { + artifactName = artifactName + ".yml"; + } + DcaeEvent dcaeEvent = new DcaeEvent(); + // set dcae events + dcaeEvent.setArtifactName(artifactName); + dcaeEvent.setEvent(DcaeEvent.EVENT_UNDEPLOYMENT); + CldsEvent.insEvent(cldsDao, model.getControlName(), getUserId(), dcaeEvent.getCldsActionCd(), + CldsEvent.ACTION_STATE_RECEIVED, null); + model.setDeploymentId(null); + model.save(cldsDao, getUserId()); + } + else{ + logger.info("Undeploy model (" + modelName + ") failed...Operation Status is - " + operationStatus); + throw new Exception("Undeploy model (" + modelName + ") failed...Operation Status is - " + operationStatus); + } + logger.info("Undeploy model (" + modelName + ") succeeded."); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Undeploy model success", this.getClass().getName()); + auditLogger.info("Undeploy model completed"); + return model; + } + private String getGlobalCldsString() throws Exception { - if (null == globalCldsProperties) { + if (null == globalCldsProperties) { globalCldsProperties = new Properties(); globalCldsProperties.load(appContext.getResource(globalClds).getInputStream()); - } - return (String) globalCldsProperties.get("globalCldsProps"); + } + return (String) globalCldsProperties.get("globalCldsProps"); } } diff --git a/src/main/java/org/onap/clamp/clds/service/CldsTemplateService.java b/src/main/java/org/onap/clamp/clds/service/CldsTemplateService.java index 0ffa955c..07b9bb98 100644 --- a/src/main/java/org/onap/clamp/clds/service/CldsTemplateService.java +++ b/src/main/java/org/onap/clamp/clds/service/CldsTemplateService.java @@ -5,16 +5,16 @@ * Copyright (C) 2017 AT&T Intellectual Property. All rights * reserved. * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END============================================ * =================================================================== @@ -23,32 +23,43 @@ package org.onap.clamp.clds.service; -import com.att.ajsc.common.AjscService; -import com.fasterxml.jackson.core.JsonParseException; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ArrayNode; -import com.fasterxml.jackson.databind.node.ObjectNode; +import java.io.IOException; +import java.util.Date; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import javax.annotation.PostConstruct; +import javax.ws.rs.Consumes; +import javax.ws.rs.GET; +import javax.ws.rs.PUT; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; +import javax.ws.rs.core.MediaType; +import javax.xml.transform.TransformerException; + +import org.camunda.bpm.engine.RuntimeService; import org.onap.clamp.clds.dao.CldsDao; import org.onap.clamp.clds.model.CldsTemplate; import org.onap.clamp.clds.model.ValueItem; import org.onap.clamp.clds.model.prop.ModelBpmn; import org.onap.clamp.clds.transform.XslTransformer; -import org.camunda.bpm.engine.RuntimeService; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import org.onap.clamp.clds.util.LoggingUtils; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; -import javax.ws.rs.*; -import javax.ws.rs.core.MediaType; -import javax.xml.transform.TransformerException; -import java.io.IOException; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; +import com.att.ajsc.common.AjscService; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import com.fasterxml.jackson.core.JsonParseException; +import com.fasterxml.jackson.databind.JsonMappingException; +import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.node.ArrayNode; +import com.fasterxml.jackson.databind.node.ObjectNode; /** * Service to save and retrieve the CLDS model attributes. @@ -57,31 +68,44 @@ import java.util.Map.Entry; @Path("/cldsTempate") public class CldsTemplateService extends SecureServiceBase { - private static final Logger logger = LoggerFactory.getLogger(CldsTemplateService.class); + protected static final EELFLogger logger = EELFManager.getInstance().getLogger(CldsTemplateService.class); + protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger(); + + private static final String collectorKey = "Collector"; + private static final String stringMatchKey = "StringMatch"; + private static final String policyKey = "Policy"; + + @Value("${CLDS_PERMISSION_TYPE_TEMPLATE:permission-type-template}") + private String cldsPermissionTypeTemplate; - private static final String collectorKey = "Collector"; - private static final String stringMatchKey = "StringMatch"; - private static final String policyKey = "Policy"; + @Value("${CLDS_PERMISSION_INSTANCE:dev}") + private String cldsPermissionInstance; - private static final String CLDS_PERMISSION_TYPE_TEMPLATE = System.getProperty("CLDS_PERMISSION_TYPE_TEMPLATE"); - private static final String CLDS_PERMISSION_INSTANCE = System.getProperty("CLDS_PERMISSION_INSTANCE"); + private SecureServicePermission permissionReadTemplate; - private static final SecureServicePermission PERMISSION_READ_TEMPLATE = SecureServicePermission.create(CLDS_PERMISSION_TYPE_TEMPLATE, CLDS_PERMISSION_INSTANCE, "read"); - private static final SecureServicePermission PERMISSION_UPDATE_TEMPLATE = SecureServicePermission.create(CLDS_PERMISSION_TYPE_TEMPLATE, CLDS_PERMISSION_INSTANCE, "update"); + private SecureServicePermission permissionUpdateTemplate; + + @PostConstruct + private final void afterConstruction() { + permissionReadTemplate = SecureServicePermission.create(cldsPermissionTypeTemplate, cldsPermissionInstance, + "read"); + permissionUpdateTemplate = SecureServicePermission.create(cldsPermissionTypeTemplate, cldsPermissionInstance, + "update"); + } @Autowired - private CldsDao cldsDao; + private CldsDao cldsDao; @Autowired private RuntimeService runtimeService; @Autowired private XslTransformer cldsBpmnTransformer; - private static String userid; + private static String userid; /** - * REST service that retrieves BPMN for a CLDS template name from the database. - * This is subset of the json getModel. - * This is only expected to be used for testing purposes, not by the UI. + * REST service that retrieves BPMN for a CLDS template name from the + * database. This is subset of the json getModel. This is only expected to + * be used for testing purposes, not by the UI. * * @param templateName * @return bpmn xml text - content of bpmn given name @@ -90,16 +114,22 @@ public class CldsTemplateService extends SecureServiceBase { @Path("/template/bpmn/{templateName}") @Produces(MediaType.TEXT_XML) public String getBpmnTemplate(@PathParam("templateName") String templateName) { - isAuthorized(PERMISSION_READ_TEMPLATE); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsTemplateService: GET template bpmn", getPrincipalName()); + isAuthorized(permissionReadTemplate); logger.info("GET bpmnText for templateName=" + templateName); CldsTemplate template = CldsTemplate.retrieve(cldsDao, templateName, false); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get template bpmn success", this.getClass().getName()); + auditLogger.info("GET template bpmn completed"); return template.getBpmnText(); } /** * REST service that saves BPMN for a CLDS template by name in the database. - * This is subset of the json putModel. - * This is only expected to be used for testing purposes, not by the UI. + * This is subset of the json putModel. This is only expected to be used for + * testing purposes, not by the UI. * * @param templateName * @param bpmnText @@ -108,19 +138,25 @@ public class CldsTemplateService extends SecureServiceBase { @Path("/template/bpmn/{templateName}") @Consumes(MediaType.TEXT_XML) public String putBpmnTemplateXml(@PathParam("templateName") String templateName, String bpmnText) { - isAuthorized(PERMISSION_UPDATE_TEMPLATE); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsTemplateService: PUT template bpmn", getPrincipalName()); + isAuthorized(permissionUpdateTemplate); logger.info("PUT bpmnText for templateName=" + templateName); logger.info("PUT bpmnText=" + bpmnText); CldsTemplate cldsTemplate = CldsTemplate.retrieve(cldsDao, templateName, true); cldsTemplate.setBpmnText(bpmnText); cldsTemplate.save(cldsDao, userid); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Put template bpmn success", this.getClass().getName()); + auditLogger.info("PUT template bpm completed"); return "wrote bpmnText for templateName=" + templateName; } /** - * REST service that retrieves image for a CLDS template name from the database. - * This is subset of the json getModel. - * This is only expected to be used for testing purposes, not by the UI. + * REST service that retrieves image for a CLDS template name from the + * database. This is subset of the json getModel. This is only expected to + * be used for testing purposes, not by the UI. * * @param templateName * @return image xml text - content of image given name @@ -129,16 +165,22 @@ public class CldsTemplateService extends SecureServiceBase { @Path("/template/image/{templateName}") @Produces(MediaType.TEXT_XML) public String getImageXml(@PathParam("templateName") String templateName) { - isAuthorized(PERMISSION_READ_TEMPLATE); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsTemplateService: GET template image", getPrincipalName()); + isAuthorized(permissionReadTemplate); logger.info("GET imageText for templateName=" + templateName); CldsTemplate template = CldsTemplate.retrieve(cldsDao, templateName, false); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get template image success", this.getClass().getName()); + auditLogger.info("GET template image completed"); return template.getImageText(); } /** - * REST service that saves image for a CLDS template by name in the database. - * This is subset of the json putModel. - * This is only expected to be used for testing purposes, not by the UI. + * REST service that saves image for a CLDS template by name in the + * database. This is subset of the json putModel. This is only expected to + * be used for testing purposes, not by the UI. * * @param templateName * @param imageText @@ -147,12 +189,18 @@ public class CldsTemplateService extends SecureServiceBase { @Path("/template/image/{templateName}") @Consumes(MediaType.TEXT_XML) public String putImageXml(@PathParam("templateName") String templateName, String imageText) { - isAuthorized(PERMISSION_UPDATE_TEMPLATE); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsTemplateService: PUT template image", getPrincipalName()); + isAuthorized(permissionUpdateTemplate); logger.info("PUT iamgeText for modelName=" + templateName); logger.info("PUT imageText=" + imageText); CldsTemplate cldsTemplate = CldsTemplate.retrieve(cldsDao, templateName, true); cldsTemplate.setImageText(imageText); cldsTemplate.save(cldsDao, userid); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Put template image success", this.getClass().getName()); + auditLogger.info("PUT template image completed"); return "wrote imageText for modelName=" + templateName; } @@ -166,9 +214,17 @@ public class CldsTemplateService extends SecureServiceBase { @Path("/template/{templateName}") @Produces(MediaType.APPLICATION_JSON) public CldsTemplate getTemplate(@PathParam("templateName") String templateName) { - isAuthorized(PERMISSION_READ_TEMPLATE); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsTemplateService: GET template", getPrincipalName()); + isAuthorized(permissionReadTemplate); logger.info("GET model for templateName=" + templateName); - return CldsTemplate.retrieve(cldsDao, templateName, false); + CldsTemplate template = CldsTemplate.retrieve(cldsDao, templateName, false); + template.setUserAuthorizedToUpdate(isAuthorizedNoException(permissionUpdateTemplate)); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get template success", this.getClass().getName()); + auditLogger.info("GET template completed"); + return template; } /** @@ -183,8 +239,12 @@ public class CldsTemplateService extends SecureServiceBase { @Path("/template/{templateName}") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public CldsTemplate putTemplate(@PathParam("templateName") String templateName, CldsTemplate cldsTemplate) throws TransformerException, IOException { - isAuthorized(PERMISSION_UPDATE_TEMPLATE); + public CldsTemplate putTemplate(@PathParam("templateName") String templateName, CldsTemplate cldsTemplate) + throws TransformerException, IOException { + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsTemplateService: PUT template", getPrincipalName()); + isAuthorized(permissionUpdateTemplate); + logger.info("PUT Template for templateName=" + templateName); logger.info("PUT bpmnText=" + cldsTemplate.getBpmnText()); logger.info("PUT propText=" + cldsTemplate.getPropText()); @@ -208,6 +268,12 @@ public class CldsTemplateService extends SecureServiceBase { logger.info(" Image Text : " + cldsTemplate.getImageText()); logger.info(" Prop Text : " + cldsTemplate.getPropText()); cldsTemplate.save(cldsDao, userid); + + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Put template success", this.getClass().getName()); + auditLogger.info("PUT template completed"); + return cldsTemplate; } @@ -220,15 +286,22 @@ public class CldsTemplateService extends SecureServiceBase { @Path("/template-names") @Produces(MediaType.APPLICATION_JSON) public List<ValueItem> getTemplateNames() { - isAuthorized(PERMISSION_READ_TEMPLATE); + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsTemplateService: GET template names", getPrincipalName()); + isAuthorized(permissionReadTemplate); logger.info("GET list of template names"); - return cldsDao.getTemplateNames(); + List<ValueItem> names = cldsDao.getTemplateNames(); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get template names success", this.getClass().getName()); + auditLogger.info("GET template names completed"); + return names; } - - private Map<String, String> getNewBpmnIdsMap(String bpmnText, String propText) throws TransformerException, IOException { + private Map<String, String> getNewBpmnIdsMap(String bpmnText, String propText) + throws TransformerException, IOException { /** - * Test sample code start + * Test sample code start */ String bpmnJson = cldsBpmnTransformer.doXslTransformToString(bpmnText); ModelBpmn templateBpmn = ModelBpmn.create(bpmnJson); @@ -247,7 +320,8 @@ public class CldsTemplateService extends SecureServiceBase { for (String currElementId : bpmnElementIds) { if (keyPropName != null && keyPropName.equalsIgnoreCase(currElementId)) { ArrayNode arrayNode = (ArrayNode) entry.getValue(); - // process each id/from object, like: {"id":"Collector_11r50j1", "from":"StartEvent_1"} + // process each id/from object, like: + // {"id":"Collector_11r50j1", "from":"StartEvent_1"} for (JsonNode anArrayNode : arrayNode) { ObjectNode node = (ObjectNode) anArrayNode; String valueNode = node.get("value").asText(); @@ -268,7 +342,7 @@ public class CldsTemplateService extends SecureServiceBase { } logger.info("value of hashmap:" + bpmnIoIdsMap); /** - * Test sample code end + * Test sample code end */ return bpmnIoIdsMap; } diff --git a/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java b/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java index c17af97f..89e6c092 100644 --- a/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java +++ b/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java @@ -5,16 +5,16 @@ * Copyright (C) 2017 AT&T Intellectual Property. All rights * reserved. * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END============================================ * =================================================================== @@ -23,31 +23,48 @@ package org.onap.clamp.clds.service; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import java.security.Principal; import javax.ws.rs.NotAuthorizedException; import javax.ws.rs.core.Context; import javax.ws.rs.core.SecurityContext; -import java.security.Principal; + +import org.onap.clamp.clds.util.LoggingUtils; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; /** - * Base/abstract Service class. - * Implements shared security methods. + * Base/abstract Service class. Implements shared security methods. */ public abstract class SecureServiceBase { - private static final Logger logger = LoggerFactory.getLogger(SecureServiceBase.class); + protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SecureServiceBase.class); + protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger(); + + // By default we'll set it to a default handler + private static UserNameHandler userNameHandler = new DefaultUserNameHandler(); @Context - private SecurityContext securityContext; + private SecurityContext securityContext; /** - * Get the userid + * Get the userId from AAF/CSP. * * @return */ - public String getUserid() { - return getPrincipalName(); + public String getUserId() { + return getUserName(); + } + + /** + * Get the Full name. + * + * @return + */ + public String getUserName() { + String name = userNameHandler.retrieveUserName(securityContext); + logger.debug("userName={}", name); + return name; } /** @@ -56,22 +73,22 @@ public abstract class SecureServiceBase { * @return */ public String getPrincipalName() { - Principal p = securityContext.getUserPrincipal(); + Principal principal = securityContext.getUserPrincipal(); String name = "Not found"; - if (p != null) { - name = p.getName(); + if (principal != null) { + name = principal.getName(); } logger.debug("userPrincipal.getName()={}", name); return name; } /** - * Check if user is authorized for the given the permission. - * Allow matches if user has a permission with an "*" in permission instance - * or permission action even if the permission to check has a specific value - * in those fields. For example: - * if the user has this permission: app-perm-type|*|* - * it will be authorized if the inPermission to check is: app-perm-type|dev|read + * Check if user is authorized for the given the permission. Allow matches + * if user has a permission with an "*" in permission instance or permission + * action even if the permission to check has a specific value in those + * fields. For example: if the user has this permission: app-perm-type|*|* + * it will be authorized if the inPermission to check is: + * app-perm-type|dev|read * * @param inPermission * @return @@ -80,26 +97,79 @@ public abstract class SecureServiceBase { public boolean isAuthorized(SecureServicePermission inPermission) throws NotAuthorizedException { boolean authorized = false; logger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission); - // check if the user has the permission key or the permission key with a combination of all instance and/or all action. + // check if the user has the permission key or the permission key with a + // combination of all instance and/or all action. if (securityContext.isUserInRole(inPermission.getKey())) { logger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey()); authorized = true; - // the rest of these don't seem to be required - isUserInRole method appears to take * as a wildcard + // the rest of these don't seem to be required - isUserInRole method + // appears to take * as a wildcard } else if (securityContext.isUserInRole(inPermission.getKeyAllInstance())) { - logger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(), inPermission.getKey()); + logger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(), + inPermission.getKey()); authorized = true; } else if (securityContext.isUserInRole(inPermission.getKeyAllInstanceAction())) { - logger.info("{} authorized because user has permission with * for instance and * for action: {}", getPrincipalName(), inPermission.getKey()); + logger.info("{} authorized because user has permission with * for instance and * for action: {}", + getPrincipalName(), inPermission.getKey()); authorized = true; } else if (securityContext.isUserInRole(inPermission.getKeyAllAction())) { - logger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(), inPermission.getKey()); + logger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(), + inPermission.getKey()); authorized = true; } else { String msg = getPrincipalName() + " does not have permission: " + inPermission; + LoggingUtils.setErrorContext("100", "Authorization Error"); logger.warn(msg); throw new NotAuthorizedException(msg); } return authorized; } + /** + * Check if user is authorized for the given aaf permission. Allow matches + * if user has a permission with an "*" in permission instance or permission + * action even if the permission to check has a specific value in those + * fields. For example: if the user has this permission: app-perm-type|*|* + * it will be authorized if the inPermission to check is: + * app-perm-type|dev|read + * + * @param aafPermission + * @return + * @throws NotAuthorizedException + */ + public boolean isAuthorizedNoException(SecureServicePermission inPermission) throws NotAuthorizedException { + boolean authorized = false; + logger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission); + // check if the user has the permission key or the permission key with a + // combination of all instance and/or all action. + if (securityContext.isUserInRole(inPermission.getKey())) { + logger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey()); + authorized = true; + // the rest of these don't seem to be required - isUserInRole method + // appears to take * as a wildcard + } else if (securityContext.isUserInRole(inPermission.getKeyAllInstance())) { + logger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(), + inPermission.getKey()); + authorized = true; + } else if (securityContext.isUserInRole(inPermission.getKeyAllInstanceAction())) { + logger.info("{} authorized because user has permission with * for instance and * for action: {}", + getPrincipalName(), inPermission.getKey()); + authorized = true; + } else if (securityContext.isUserInRole(inPermission.getKeyAllAction())) { + logger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(), + inPermission.getKey()); + authorized = true; + } else { + String msg = getPrincipalName() + " does not have permission: " + inPermission; + LoggingUtils.setErrorContext("100", "Authorization Error"); + logger.warn(msg); + } + return authorized; + } + + public static final void setUserNameHandler(UserNameHandler handler) { + if (handler != null) { + userNameHandler = handler; + } + } } diff --git a/src/main/java/org/onap/clamp/clds/service/SecureServicePermission.java b/src/main/java/org/onap/clamp/clds/service/SecureServicePermission.java index a2213f91..fb8c6d2f 100644 --- a/src/main/java/org/onap/clamp/clds/service/SecureServicePermission.java +++ b/src/main/java/org/onap/clamp/clds/service/SecureServicePermission.java @@ -24,14 +24,15 @@ package org.onap.clamp.clds.service; /** - * Permission class that can be instantiated easily using constructor or factory methods. + * Permission class that can be instantiated easily using constructor or factory + * methods. */ public class SecureServicePermission { public final static String ALL = "*"; - private String type; - private String instance; - private String action; + private String type; + private String instance; + private String action; /** * Factory method to create permission given type, instance, and action. @@ -46,24 +47,26 @@ public class SecureServicePermission { } /** - * Factory method to create permission given type and instance. Default action to ALL/*. + * Factory method to create permission given type and instance. Default + * action to ALL/*. * * @param type * @param instance * @return */ public static SecureServicePermission create(String type, String instance) { - return new SecureServicePermission(type, instance); + return new SecureServicePermission(type, instance, ALL); } /** - * Factory method to create permission given type. Default instance and action to ALL/*. + * Factory method to create permission given type. Default instance and + * action to ALL/*. * * @param type * @return */ public static SecureServicePermission create(String type) { - return new SecureServicePermission(type); + return new SecureServicePermission(type, ALL, ALL); } /** @@ -80,37 +83,32 @@ public class SecureServicePermission { } /** - * Instantiate permission given type and instance. Default action to ALL/*. + * Instantiate permission given type from concatenated string * - * @param type - * @param instance - */ - public SecureServicePermission(String type, String instance) { - this.type = type; - this.instance = instance; - this.action = ALL; - } - - /** - * Instantiate permission given type. Default instance and action to ALL/*. - * - * @param type + * @param concatenatedString + * the string type|instance|action, less than 3 params can be + * provided (e.g. "permission-type-cl", "permission-type-cl|dev", + * "permission-type-cl|dev|update" ) */ - public SecureServicePermission(String type) { - this.type = type; - this.instance = ALL; - this.action = ALL; + public SecureServicePermission(String concatenatedString) { + String[] userInfo = concatenatedString.split("[|]"); + // We should have at least 1 string + this.type = userInfo[0]; + this.instance = (userInfo.length > 1 ? userInfo[1] : ALL); + this.action = (userInfo.length > 2 ? userInfo[2] : ALL); } /** * Override toString - return permission in key format */ + @Override public String toString() { return getKey(); } /** - * Return Permission in Key format = type, instance, and action separate by pipe character. + * Return Permission in Key format = type, instance, and action separate by + * pipe character. * * @return */ @@ -119,7 +117,8 @@ public class SecureServicePermission { } /** - * Return Permission in Key format = type, all instance, and action separate by pipe character. + * Return Permission in Key format = type, all instance, and action separate + * by pipe character. * * @return */ @@ -128,7 +127,8 @@ public class SecureServicePermission { } /** - * Return Permission in Key format = type, all instance, and all action separate by pipe character. + * Return Permission in Key format = type, all instance, and all action + * separate by pipe character. * * @return */ @@ -137,7 +137,8 @@ public class SecureServicePermission { } /** - * Return Permission in Key format = type, instance, and all action separate by pipe character. + * Return Permission in Key format = type, instance, and all action separate + * by pipe character. * * @return */ @@ -153,7 +154,8 @@ public class SecureServicePermission { } /** - * @param type the type to set + * @param type + * the type to set */ public void setType(String type) { this.type = type; @@ -167,7 +169,8 @@ public class SecureServicePermission { } /** - * @param instance the instance to set + * @param instance + * the instance to set */ public void setInstance(String instance) { this.instance = instance; @@ -181,7 +184,8 @@ public class SecureServicePermission { } /** - * @param action the action to set + * @param action + * the action to set */ public void setAction(String action) { this.action = action; diff --git a/src/main/java/org/onap/clamp/clds/transform/TransformUtil.java b/src/main/java/org/onap/clamp/clds/transform/TransformUtil.java index 2c666db0..2c152c5a 100644 --- a/src/main/java/org/onap/clamp/clds/transform/TransformUtil.java +++ b/src/main/java/org/onap/clamp/clds/transform/TransformUtil.java @@ -38,11 +38,9 @@ public class TransformUtil { * @return resource - resource as stream */ public static InputStream getResourceAsStream(String name) { - InputStream is = Thread.currentThread().getContextClassLoader() - .getResourceAsStream(name); + InputStream is = Thread.currentThread().getContextClassLoader().getResourceAsStream(name); if (is == null) { - throw new IllegalArgumentException("Unable to find resource: " - + name); + throw new IllegalArgumentException("Unable to find resource: " + name); } return is; } @@ -56,9 +54,9 @@ public class TransformUtil { public static String getResourceAsString(String name) throws IOException { InputStream is = getResourceAsStream(name); java.util.Scanner scanner = new java.util.Scanner(is); - java.util.Scanner s = scanner.useDelimiter("\\A"); - String text = s.hasNext() ? s.next() : ""; - s.close(); + java.util.Scanner delimitedScanner = scanner.useDelimiter("\\A"); + String text = delimitedScanner.hasNext() ? delimitedScanner.next() : ""; + delimitedScanner.close(); scanner.close(); is.close(); return text; diff --git a/src/main/java/org/onap/clamp/clds/transform/XslTransformer.java b/src/main/java/org/onap/clamp/clds/transform/XslTransformer.java index 7d003160..d15f67c7 100644 --- a/src/main/java/org/onap/clamp/clds/transform/XslTransformer.java +++ b/src/main/java/org/onap/clamp/clds/transform/XslTransformer.java @@ -23,12 +23,17 @@ package org.onap.clamp.clds.transform; -import javax.xml.transform.*; -import javax.xml.transform.stream.StreamResult; -import javax.xml.transform.stream.StreamSource; import java.io.StringReader; import java.io.StringWriter; +import javax.xml.transform.Templates; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.stream.StreamResult; +import javax.xml.transform.stream.StreamSource; + /** * XSL Transformer. */ @@ -51,8 +56,7 @@ public class XslTransformer { StringWriter output = new StringWriter(4000); Transformer transformer = templates.newTransformer(); - transformer.transform(new StreamSource(new StringReader(xml)), - new StreamResult(output)); + transformer.transform(new StreamSource(new StringReader(xml)), new StreamResult(output)); return output.toString(); } diff --git a/src/main/java/org/onap/clamp/clds/workflow/LogMessageDelegate.java b/src/main/java/org/onap/clamp/clds/workflow/LogMessageDelegate.java index 693b334e..3c507632 100644 --- a/src/main/java/org/onap/clamp/clds/workflow/LogMessageDelegate.java +++ b/src/main/java/org/onap/clamp/clds/workflow/LogMessageDelegate.java @@ -5,16 +5,16 @@ * Copyright (C) 2017 AT&T Intellectual Property. All rights * reserved. * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END============================================ * =================================================================== @@ -26,21 +26,29 @@ package org.onap.clamp.clds.workflow; import org.camunda.bpm.engine.delegate.DelegateExecution; import org.camunda.bpm.engine.delegate.JavaDelegate; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; + /** - * Log message. - * Invoked by the log-message-wf example Camunda workflow/bpmn. + * Log message. Invoked by the log-message-wf example Camunda workflow/bpmn. */ public class LogMessageDelegate implements JavaDelegate { + protected static final EELFLogger logger = EELFManager.getInstance().getLogger(LogMessageDelegate.class); + protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger(); /** - * Perform activity. Log message from running process and set a variable in the running process. + * Perform activity. Log message from running process and set a variable in + * the running process. * * @param execution */ + @Override public void execute(DelegateExecution execution) throws Exception { String logMessageText = (String) execution.getVariable("logMessageText"); - System.out.println("Invoked from processDefinitionId=" + execution.getProcessDefinitionId() + ", processInstanceId=" + execution.getProcessInstanceId() + ", activityInstanceId=" + execution.getActivityInstanceId() + ": logMessageText=" + logMessageText); + logger.info("Invoked from processDefinitionId=" + execution.getProcessDefinitionId() + ", processInstanceId=" + + execution.getProcessInstanceId() + ", activityInstanceId=" + execution.getActivityInstanceId() + + ": logMessageText=" + logMessageText); execution.setVariable("isMessageLogComplete", true); } } diff --git a/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java b/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java index 32449642..19bdcaf9 100644 --- a/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java +++ b/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java @@ -5,16 +5,16 @@ * Copyright (C) 2017 AT&T Intellectual Property. All rights * reserved. * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END============================================ * =================================================================== @@ -33,22 +33,24 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.onap.clamp.clds.workflow; +package org.onap.clamp.clds.workflow; import org.camunda.bpm.engine.delegate.DelegateExecution; import org.camunda.bpm.engine.delegate.JavaDelegate; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.stereotype.Component; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; @Component public class ProcessRequestDelegate implements JavaDelegate { - private static final Logger logger = LoggerFactory.getLogger(ProcessRequestDelegate.class); + protected static final EELFLogger logger = EELFManager.getInstance().getLogger(ProcessRequestDelegate.class); + protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger(); - //@Override + // @Override + @Override public void execute(DelegateExecution execution) throws Exception { logger.info("Processing request by '" + execution.getVariable("customerId") + "'..."); logger.info("Processing request by '" + execution.getVariable("amount") + "'..."); diff --git a/src/main/java/org/onap/clamp/clds/workflow/RestMessageDelegate.java b/src/main/java/org/onap/clamp/clds/workflow/RestMessageDelegate.java index 0eda2dec..e273b0e2 100644 --- a/src/main/java/org/onap/clamp/clds/workflow/RestMessageDelegate.java +++ b/src/main/java/org/onap/clamp/clds/workflow/RestMessageDelegate.java @@ -5,16 +5,16 @@ * Copyright (C) 2017 AT&T Intellectual Property. All rights * reserved. * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END============================================ * =================================================================== @@ -23,36 +23,45 @@ package org.onap.clamp.clds.workflow; +import java.util.HashMap; +import java.util.Map; + import org.camunda.bpm.engine.delegate.DelegateExecution; import org.camunda.bpm.engine.delegate.JavaDelegate; import org.springframework.http.ResponseEntity; import org.springframework.web.client.RestTemplate; -import java.util.HashMap; -import java.util.Map; -import java.util.logging.Logger; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; /** - * Log message. - * Invoked by the log-message-wf example Camunda workflow/bpmn. + * Log message. Invoked by the log-message-wf example Camunda workflow/bpmn. */ public class RestMessageDelegate implements JavaDelegate { - private static final Logger logger = Logger.getLogger(RestMessageDelegate.class.getName()); + protected static final EELFLogger logger = EELFManager.getInstance().getLogger(RestMessageDelegate.class); + protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger(); /** - * Perform activity. Log message from running process and set a variable in the running process. + * Perform activity. Log message from running process and set a variable in + * the running process. * * @param execution */ + @Override public void execute(DelegateExecution execution) throws Exception { String logMessageText = (String) execution.getVariable("logMessageText"); RestTemplate restTemplate = new RestTemplate(); Map<String, String> restValues = new HashMap<>(); restValues.put("procInstId", execution.getProcessInstanceId()); - logger.info("Invoked from processDefinitionId=" + execution.getProcessDefinitionId() + ", processInstanceId=" + execution.getProcessInstanceId() + ", activityInstanceId=" + execution.getActivityInstanceId() + ": logMessageText=" + logMessageText); - // TODO: this should be fixed - put in temporary solution with existing sysprop and vars - why are we calling our own service? + logger.info("Invoked from processDefinitionId=" + execution.getProcessDefinitionId() + ", processInstanceId=" + + execution.getProcessInstanceId() + ", activityInstanceId=" + execution.getActivityInstanceId() + + ": logMessageText=" + logMessageText); + // TODO: this should be fixed - put in temporary solution with existing + // sysprop and vars - why are we calling our own service? String port = System.getProperty("server.port"); - ResponseEntity<String> resp = restTemplate.getForEntity("http://localhost:" + port + "/services/CamundaExample/v1/jaxrsExample/log/histLog/{procInstId}", String.class, restValues); + ResponseEntity<String> resp = restTemplate.getForEntity( + "http://localhost:" + port + "/services/CamundaExample/v1/jaxrsExample/log/histLog/{procInstId}", + String.class, restValues); logger.info("value of resp:" + resp); execution.setVariable("isMessageLogComplete", true); } |