diff options
Diffstat (limited to 'ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/PolicyDBDao.java')
| -rw-r--r-- | ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/PolicyDBDao.java | 2505 |
1 files changed, 220 insertions, 2285 deletions
diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/PolicyDBDao.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/PolicyDBDao.java index c9c49720d..ba8057102 100644 --- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/PolicyDBDao.java +++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/components/PolicyDBDao.java @@ -21,51 +21,33 @@ package org.onap.policy.pap.xacml.rest.components; +import com.att.research.xacml.api.pap.PAPException; +import com.att.research.xacml.api.pap.PDPPolicy; +import com.att.research.xacml.util.XACMLProperties; import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.FileWriter; -import java.io.IOException; import java.io.InputStream; -import java.io.StringReader; -import java.net.HttpURLConnection; -import java.net.MalformedURLException; -import java.net.ProtocolException; import java.net.URI; -import java.net.URL; import java.nio.charset.StandardCharsets; import java.nio.file.Files; -import java.nio.file.InvalidPathException; import java.nio.file.Path; import java.nio.file.Paths; -import java.util.Base64; -import java.util.Date; import java.util.HashMap; import java.util.HashSet; -import java.util.Iterator; import java.util.LinkedList; import java.util.List; -import java.util.Map; import java.util.Set; -import java.util.UUID; -import javax.persistence.EntityManager; -import javax.persistence.EntityManagerFactory; -import javax.persistence.LockModeType; import javax.persistence.PersistenceException; -import javax.persistence.Query; -import javax.persistence.RollbackException; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; -import javax.xml.xpath.XPath; -import javax.xml.xpath.XPathFactory; import org.apache.commons.io.FilenameUtils; -import org.apache.commons.io.IOUtils; +import org.hibernate.Criteria; +import org.hibernate.LockMode; +import org.hibernate.Query; +import org.hibernate.Session; +import org.hibernate.SessionFactory; +import org.hibernate.criterion.Restrictions; import org.onap.policy.common.logging.eelf.MessageCodes; import org.onap.policy.common.logging.eelf.PolicyLogger; import org.onap.policy.common.logging.flexlogger.FlexLogger; import org.onap.policy.common.logging.flexlogger.Logger; -import org.onap.policy.pap.xacml.rest.XACMLPapServlet; import org.onap.policy.rest.XACMLRestProperties; import org.onap.policy.rest.adapter.PolicyRestAdapter; import org.onap.policy.rest.dao.PolicyDBException; @@ -77,83 +59,70 @@ import org.onap.policy.rest.jpa.PdpEntity; import org.onap.policy.rest.jpa.PolicyDBDaoEntity; import org.onap.policy.rest.jpa.PolicyEntity; import org.onap.policy.utils.CryptoUtils; +import org.onap.policy.xacml.api.XACMLErrorConstants; import org.onap.policy.xacml.api.pap.OnapPDP; import org.onap.policy.xacml.api.pap.OnapPDPGroup; import org.onap.policy.xacml.api.pap.PAPPolicyEngine; import org.onap.policy.xacml.std.pap.StdPDPGroup; import org.onap.policy.xacml.std.pap.StdPDPPolicy; -import org.onap.policy.xacml.util.XACMLPolicyWriter; -import org.w3c.dom.Document; -import org.xml.sax.InputSource; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicySetType; -import oasis.names.tc.xacml._3_0.core.schema.wd_17.PolicyType; -import com.att.research.xacml.api.pap.PAPException; -import com.att.research.xacml.api.pap.PDP; -import com.att.research.xacml.api.pap.PDPPolicy; -import com.att.research.xacml.util.XACMLProperties; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +@Component public class PolicyDBDao { private static final Logger logger = FlexLogger.getLogger(PolicyDBDao.class); private List<?> otherServers; - private EntityManagerFactory emf; + + public List<?> getOtherServers() { + return otherServers; + } + + public void setOtherServers(List<?> otherServers) { + this.otherServers = otherServers; + } + private static PolicyDBDao currentInstance = null; private PAPPolicyEngine papEngine; - private static final String JSON_CONFIG = "JSON"; - private static final String XML_CONFIG = "XML"; - private static final String PROPERTIES_CONFIG = "PROPERTIES"; - private static final String OTHER_CONFIG = "OTHER"; - - // Declared to static variables which were repeating multiple times across the PolicyDBDao - public static final String config = "Config"; - public static final String action = "Action"; - private static final String groupIdVar = "groupId"; - private static final String deletedVar = "deleted"; - private static final String groupEntitySelectQuery = + public PAPPolicyEngine getPapEngine() { + return papEngine; + } + + public static final String JSON_CONFIG = "JSON"; + public static final String XML_CONFIG = "XML"; + public static final String PROPERTIES_CONFIG = "PROPERTIES"; + public static final String OTHER_CONFIG = "OTHER"; + public static final String AUDIT_USER = "audit"; + + public static final String CONFIG = "Config"; + public static final String ACTION = "Action"; + public static final String GROUP_ID = "groupId"; + public static final String DELETED = "deleted"; + public static final String GROUPENTITY_SELECT = "SELECT g FROM GroupEntity g WHERE g.groupId=:groupId AND g.deleted=:deleted"; - private static final String pdpEntitySelectQuery = + public static final String PDPENTITY_SELECT = "SELECT p FROM PdpEntity p WHERE p.pdpId=:pdpId AND p.deleted=:deleted"; - private static final String groupCannotBeFound = "The group could not be found with id "; - private static final String foundInDBNotDeleted = " were found in the database that are not deleted"; - private static final String moreThanOnePDP = "Somehow, more than one pdp with the same id "; - private static final String deletedStatusFound = " and deleted status were found in the database"; - private static final String duplicateGroupId = "Somehow, more than one group with the same id "; - private static final String pdpIdVariable = "pdpId"; - private static final String queryFailedToCheckExisting = "Query failed trying to check for existing group"; - private static final String queryFailedToGetGroup = "Query failed trying to get group "; - public static final String scope = "scope"; - private static final String policyDBDaoVar = "PolicyDBDao"; - private static final String duplicatePolicyId = "Somehow, more than one policy with the id "; - private static final String foundInDB = " were found in the database"; - private static final String TIMESTAMP = "\n TimeStamp = "; - private static final String CAUGHTEXCEPTIONONNOTIFY = "Caught Exception on notifyOthers("; - - private static boolean isJunit = false; + public static final String GROUP_NOT_FOUND = "The group could not be found with id "; + public static final String FOUND_IN_DB_NOT_DEL = " were found in the database that are not deleted"; + public static final String MORE_THAN_ONE_PDP = "Somehow, more than one pdp with the same id "; + public static final String DELETED_STATUS_FOUND = " and deleted status were found in the database"; + public static final String DUPLICATE_GROUPID = "Somehow, more than one group with the same id "; + public static final String PDP_ID = "pdpId"; + public static final String QUERY_FAILED_FOR_GROUP = "Query failed trying to check for existing group"; + public static final String QUERY_FAILED_GET_GROUP = "Query failed trying to get group "; + public static final String SCOPE = "scope"; + public static final String POLICYDBDAO_VAR = "PolicyDBDao"; + public static final String DUP_POLICYID = "Somehow, more than one policy with the id "; + public static final String FOUND_IN_DB = " were found in the database"; + + + public static boolean isJunit = false; public static void setJunit(boolean isJunit) { PolicyDBDao.isJunit = isJunit; } - /** - * Get an instance of a PolicyDBDao. It creates one if it does not exist. Only one instance is allowed to be created - * per server. - * - * @param emf The EntityFactoryManager to be used for database connections - * @return The new instance of PolicyDBDao or throw exception if the given emf is null. - * @throws IllegalStateException if a PolicyDBDao has already been constructed. Call getPolicyDBDaoInstance() to get - * this. - */ - public static PolicyDBDao getPolicyDBDaoInstance(EntityManagerFactory emf) { - logger.debug("getPolicyDBDaoInstance(EntityManagerFactory emf) as getPolicyDBDaoInstance(" + emf + ") called"); - if (currentInstance == null) { - if (emf != null) { - currentInstance = new PolicyDBDao(emf); - return currentInstance; - } - throw new IllegalStateException("The EntityManagerFactory is Null"); - } - return currentInstance; - } + private static SessionFactory sessionfactory; /** * Gets the current instance of PolicyDBDao. @@ -166,19 +135,26 @@ public class PolicyDBDao { logger.debug("getPolicyDBDaoInstance() as getPolicyDBDaoInstance() called"); if (currentInstance != null) { return currentInstance; + } else { + currentInstance = new PolicyDBDao("init"); } - throw new IllegalStateException( - "The PolicyDBDao.currentInstance is Null. Use getPolicyDBDao(EntityManagerFactory emf)"); + return currentInstance; } public void setPapEngine(PAPPolicyEngine papEngine2) { this.papEngine = papEngine2; } - private PolicyDBDao(EntityManagerFactory emf) { - logger.debug("PolicyDBDao(EntityManagerFactory emf) as PolicyDBDao(" + emf + ") called"); - this.emf = emf; + @Autowired + public PolicyDBDao(SessionFactory sessionFactory) { + PolicyDBDao.sessionfactory = sessionFactory; + } + + public PolicyDBDao() { + // Default Constructor + } + public PolicyDBDao(String init) { // not needed in this release if (!register()) { PolicyLogger @@ -196,29 +172,21 @@ public class PolicyDBDao { // not static because we are going to be using the instance's emf // waitTime in ms to wait for lock, or -1 to wait forever (no) - private void startTransactionSynced(EntityManager entityMgr, int waitTime) { - logger.debug("\n\nstartTransactionSynced(EntityManager entityMgr,int waitTime) as " - + "\n startTransactionSynced(" + entityMgr + "," + waitTime + ") called\n\n"); + @SuppressWarnings("deprecation") + public void startTransactionSynced(Session session, int waitTime) throws InterruptedException { + logger.debug("\n\nstartTransactionSynced(Hibernate Session,int waitTime) as " + "\n startTransactionSynced(" + + session + "," + waitTime + ") called\n\n"); DatabaseLockEntity lock = null; - - entityMgr.setProperty("javax.persistence.query.timeout", waitTime); - entityMgr.getTransaction().begin(); - - if (logger.isDebugEnabled()) { - Map<String, Object> properties = entityMgr.getProperties(); - logger.debug( - "\n\nstartTransactionSynced():" + "\n entityManager.getProperties() = " + properties + "\n\n"); - } + session.beginTransaction(); try { if (logger.isDebugEnabled()) { logger.debug("\n\nstartTransactionSynced():" + "\n ATTEMPT to get the DB lock" + "\n\n"); } - lock = entityMgr.find(DatabaseLockEntity.class, 1, LockModeType.PESSIMISTIC_WRITE); + lock = (DatabaseLockEntity) session.get(DatabaseLockEntity.class, 1, LockMode.PESSIMISTIC_WRITE); if (logger.isDebugEnabled()) { logger.debug("\n\nstartTransactionSynced():" + "\n GOT the DB lock" + "\n\n"); } } catch (Exception e) { - System.out.println("Could not get lock entity"); logger.error("Exception Occured" + e); } if (lock == null) { @@ -236,40 +204,34 @@ public class PolicyDBDao { private List<?> getRemotePolicyDBDaoList() { logger.debug("getRemotePolicyDBDaoList() as getRemotePolicyDBDaoList() called"); List<?> policyDBDaoEntityList = new LinkedList<>(); - EntityManager em = emf.createEntityManager(); - startTransactionSynced(em, 1000); + Session session = sessionfactory.openSession(); try { - Query getPolicyDBDaoEntityQuery = em.createNamedQuery("PolicyDBDaoEntity.findAll"); - policyDBDaoEntityList = getPolicyDBDaoEntityQuery.getResultList(); - + Criteria cr = session.createCriteria(PolicyDBDaoEntity.class); + policyDBDaoEntityList = cr.list(); } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, POLICYDBDAO_VAR, "Exception querying for other registered PolicyDBDaos"); logger.warn("List of remote PolicyDBDaos will be empty", e); - } - try { - em.getTransaction().commit(); - } catch (Exception e) { - logger.warn("List of remote PolicyDBDaos will be empty", e); + } finally { try { - em.getTransaction().rollback(); - } catch (Exception e2) { - logger.debug("List of remote PolicyDBDaos will be empty", e2); + session.close(); + } catch (Exception e) { + logger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error While Closing Connection/Statement" + e); } } - em.close(); return policyDBDaoEntityList; } public PolicyDBDaoTransaction getNewTransaction() { logger.debug("getNewTransaction() as getNewTransaction() called"); - return new PolicyDBDaoTransactionInstance(); + return new PolicyDbDaoTransactionInstance("init"); } /* - * Because the normal transactions are not used in audits, we can use the same transaction mechanism to get a - * transaction and obtain the emlock and the DB lock. We just need to provide different transaction timeout values - * in ms because the audit will run longer than normal transactions. + * Because the normal transactions are not used in audits, we can use the same transaction + * mechanism to get a transaction and obtain the emlock and the DB lock. We just need to provide + * different transaction timeout values in ms because the audit will run longer than normal + * transactions. */ public PolicyDBDaoTransaction getNewAuditTransaction() { logger.debug("getNewAuditTransaction() as getNewAuditTransaction() called"); @@ -277,17 +239,16 @@ public class PolicyDBDao { int auditWaitMs = Integer.parseInt(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_TRANS_WAIT)); // Use the (extended) audit timeout time in ms int auditTimeoutMs = Integer.parseInt(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_AUDIT_TIMEOUT)); - return new PolicyDBDaoTransactionInstance(auditTimeoutMs, auditWaitMs); + return new PolicyDbDaoTransactionInstance(auditTimeoutMs, auditWaitMs); } - /** * Checks if two strings are equal. Null strings ARE allowed. * * @param one A String or null to compare * @param two A String or null to compare */ - private static boolean stringEquals(String one, String two) { + public static boolean stringEquals(String one, String two) { logger.debug("stringEquals(String one, String two) as stringEquals(" + one + ", " + two + ") called"); if (one == null && two == null) { return true; @@ -299,11 +260,12 @@ public class PolicyDBDao { } /** - * Returns the url of this local pap server, removing the username and password, if they are present + * Returns the url of this local pap server, removing the username and password, if they are + * present * * @return The url of this local pap server */ - private String[] getPapUrlUserPass() { + public String[] getPapUrlUserPass() { logger.debug("getPapUrl() as getPapUrl() called"); String url = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_URL); if (url == null) { @@ -312,7 +274,7 @@ public class PolicyDBDao { return splitPapUrlUserPass(url); } - private String[] splitPapUrlUserPass(String url) { + public String[] splitPapUrlUserPass(String url) { String[] urlUserPass = new String[3]; String[] commaSplit = url.split(","); urlUserPass[0] = commaSplit[0]; @@ -332,7 +294,8 @@ public class PolicyDBDao { urlUserPass[2] = passwordPropertyValue; } } - // if there is no comma, for some reason there is no username and password, so don't try to cut them off + // if there is no comma, for some reason there is no user name and + // password, so don't try to cut them off return urlUserPass; } @@ -348,65 +311,69 @@ public class PolicyDBDao { if (url == null || url.length < 3) { return false; } - EntityManager em = emf.createEntityManager(); + Session session = sessionfactory.openSession(); try { - startTransactionSynced(em, 1000); - } catch (IllegalStateException e) { + startTransactionSynced(session, 1000); + } catch (InterruptedException | IllegalStateException e) { logger.debug("\nPolicyDBDao.register() caught an IllegalStateException: \n" + e + "\n"); DatabaseLockEntity lock; - lock = em.find(DatabaseLockEntity.class, 1); + lock = (DatabaseLockEntity) session.get(DatabaseLockEntity.class, 1); if (lock == null) { lock = new DatabaseLockEntity(); - em.persist(lock); lock.setKey(1); try { - em.flush(); - em.getTransaction().commit(); - em.close(); + session.persist(lock); + session.flush(); + session.getTransaction().commit(); + session.close(); } catch (Exception e2) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e2, policyDBDaoVar, + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e2, POLICYDBDAO_VAR, "COULD NOT CREATE DATABASELOCK ROW. WILL TRY ONE MORE TIME"); } - em = emf.createEntityManager(); + session = sessionfactory.openSession(); try { - startTransactionSynced(em, 1000); + startTransactionSynced(session, 1000); } catch (Exception e3) { String msg = "DATABASE LOCKING NOT WORKING. CONCURRENCY CONTROL NOT WORKING"; - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e3, policyDBDaoVar, msg); + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e3, POLICYDBDAO_VAR, msg); throw new IllegalStateException("msg" + "\n" + e3); } } } logger.debug("\nPolicyDBDao.register. Database locking and concurrency control is initialized\n"); - PolicyDBDaoEntity foundPolicyDBDaoEntity = em.find(PolicyDBDaoEntity.class, url[0]); - Query getPolicyDBDaoEntityQuery = - em.createQuery("SELECT e FROM PolicyDBDaoEntity e WHERE e.policyDBDaoUrl=:url"); - getPolicyDBDaoEntityQuery.setParameter("url", url[0]); + PolicyDBDaoEntity foundPolicyDBDaoEntity = null; + Criteria cr = session.createCriteria(PolicyDBDaoEntity.class); + cr.add(Restrictions.eq("policyDBDaoUrl", url[0])); + List<?> data = cr.list(); + if (!data.isEmpty()) { + foundPolicyDBDaoEntity = (PolicyDBDaoEntity) data.get(0); + } + // encrypt the password String txt = null; try { txt = CryptoUtils.encryptTxt(url[2].getBytes(StandardCharsets.UTF_8)); } catch (Exception e) { logger.debug(e); - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, "Could not encrypt PAP password"); + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, POLICYDBDAO_VAR, "Could not encrypt PAP password"); } if (foundPolicyDBDaoEntity == null) { PolicyDBDaoEntity newPolicyDBDaoEntity = new PolicyDBDaoEntity(); - em.persist(newPolicyDBDaoEntity); newPolicyDBDaoEntity.setPolicyDBDaoUrl(url[0]); newPolicyDBDaoEntity.setDescription("PAP server at " + url[0]); newPolicyDBDaoEntity.setUsername(url[1]); newPolicyDBDaoEntity.setPassword(txt); try { - em.getTransaction().commit(); + session.persist(newPolicyDBDaoEntity); + session.getTransaction().commit(); } catch (Exception e) { logger.debug(e); try { - em.getTransaction().rollback(); + session.getTransaction().rollback(); } catch (Exception e2) { logger.debug(e2); - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e2, policyDBDaoVar, + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e2, POLICYDBDAO_VAR, "Could not add new PolicyDBDao to the database"); } } @@ -420,453 +387,28 @@ public class PolicyDBDao { } foundPolicyDBDaoEntity.preUpdate(); try { - em.getTransaction().commit(); + session.getTransaction().commit(); } catch (Exception e) { logger.debug(e); try { - em.getTransaction().rollback(); + session.getTransaction().rollback(); } catch (Exception e2) { logger.debug(e2); - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e2, policyDBDaoVar, + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e2, POLICYDBDAO_VAR, "Could not update PolicyDBDao in the database"); } } } - em.close(); + session.close(); logger.debug("\nPolicyDBDao.register(). Success!!\n"); return true; } - private class NotifyOtherThread implements Runnable { - public NotifyOtherThread(Object obj, long entityId, String entityType, String newGroupId) { - this.obj = obj; - this.entityId = entityId; - this.entityType = entityType; - this.newGroupId = newGroupId; - } - - private Object obj; - private long entityId; - private String entityType; - private String newGroupId; - - @Override - public void run() { - // naming of 'o' is for backwards compatibility with the rest of the function - PolicyDBDaoEntity dbdEntity = (PolicyDBDaoEntity) obj; - String o = dbdEntity.getPolicyDBDaoUrl(); - String username = dbdEntity.getUsername(); - String txt; - try { - txt = new String(CryptoUtils.decryptTxt(dbdEntity.getPassword()), StandardCharsets.UTF_8); - } catch (Exception e) { - logger.debug(e); - // if we can't decrypt, might as well try it anyway - txt = dbdEntity.getPassword(); - } - Base64.Encoder encoder = Base64.getEncoder(); - String encoding = encoder.encodeToString((username + ":" + txt).getBytes(StandardCharsets.UTF_8)); - HttpURLConnection connection = null; - UUID requestID = UUID.randomUUID(); - URL url; - String papUrl; - try { - String[] papUrlUserPass = getPapUrlUserPass(); - if (papUrlUserPass == null) { - papUrl = "undefined"; - } else { - papUrl = papUrlUserPass[0]; - } - logger.debug("We are going to try to notify " + o); - // is this our own url? - String ourUrl = o; - try { - ourUrl = splitPapUrlUserPass((String) o)[0]; - } catch (Exception e) { - logger.debug(e); - } - if (o == null) { - o = "undefined"; - } - if (papUrl.equals(ourUrl)) { - logger.debug(o + " is our url, skipping notify"); - return; - } - if (newGroupId == null) { - url = new URL( - o + "?policydbdaourl=" + papUrl + "&entityid=" + entityId + "&entitytype=" + entityType); - } else { - url = new URL(o + "?policydbdaourl=" + papUrl + "&entityid=" + entityId + "&entitytype=" - + entityType + "&extradata=" + newGroupId); - } - } catch (MalformedURLException e) { - logger.warn("Caught MalformedURLException on: new URL()", e); - return; - } - // - // Open up the connection - // - logger.info("PolicyDBDao: NotifyOtherThread: notifying other PAPs of an update"); - logger.info("Connecting with url: " + url); - try { - connection = (HttpURLConnection) url.openConnection(); - } catch (Exception e) { - logger.warn("Caught exception on: url.openConnection()", e); - return; - } - // - // Setup our method and headers - // - try { - connection.setRequestMethod("PUT"); - } catch (ProtocolException e) { - // why would this error ever occur? - logger.warn("Caught ProtocolException on connection.setRequestMethod(\"PUT\");", e); - return; - } - connection.setRequestProperty("Authorization", "Basic " + encoding); - connection.setRequestProperty("Accept", "text/x-java-properties"); - connection.setRequestProperty("Content-Type", "text/x-java-properties"); - connection.setRequestProperty("requestID", requestID.toString()); - int readTimeout; - try { - readTimeout = - Integer.parseInt(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_NOTIFY_TIMEOUT)); - } catch (Exception e) { - logger.error("xacml.rest.pap.notify.timeoutms property not set, using a default.", e); - readTimeout = 10000; - } - connection.setReadTimeout(readTimeout); - connection.setConnectTimeout(readTimeout); - connection.setUseCaches(false); - // - // Adding this in. It seems the HttpUrlConnection class does NOT - // properly forward our headers for POST re-direction. It does so - // for a GET re-direction. - // - // So we need to handle this ourselves. - // - connection.setInstanceFollowRedirects(false); - connection.setDoOutput(true); - connection.setDoInput(true); - try { - connection.connect(); - } catch (Exception e) { - logger.warn("Caught exception on: connection.connect()", e); - return; - } - try { - if (connection.getResponseCode() == 200) { - logger.info("PolicyDBDao: NotifyOtherThread received response 200 from pap server on notify"); - } else { - logger.warn("PolicyDBDao: NotifyOtherThread connection response code not 200, received: " - + connection.getResponseCode()); - } - } catch (Exception e) { - logger.warn("Caught Exception on: connection.getResponseCode() ", e); - } - - connection.disconnect(); - } - } - - private static String evaluateXPath(String expression, String xml) { - InputSource source = new InputSource(new StringReader(xml)); - - DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance(); - String description = ""; - try { - DocumentBuilder db = dbf.newDocumentBuilder(); - Document document = db.parse(source); - - XPathFactory xpathFactory = XPathFactory.newInstance(); - XPath xpath = xpathFactory.newXPath(); - - description = xpath.evaluate(expression, document); - } catch (Exception e) { - logger.error("Exception Occured while evaluating path" + e); - } - return description; - } - - private static final String POLICY_NOTIFICATION = "policy"; - private static final String PDP_NOTIFICATION = "pdp"; - private static final String GROUP_NOTIFICATION = "group"; - - public void handleIncomingHttpNotification(String url, String entityId, String entityType, String extraData, - XACMLPapServlet xacmlPapServlet) { - logger.info("DBDao url: " + url + " has reported an update on " + entityType + " entity " + entityId); - PolicyDBDaoTransaction transaction = this.getNewTransaction(); - // although its named retries, this is the total number of tries - int retries; - try { - retries = Integer - .parseInt(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_INCOMINGNOTIFICATION_TRIES)); - } catch (Exception e) { - logger.error("xacml.rest.pap.incomingnotification.tries property not set, using a default of 3." + e); - retries = 3; - } - // if someone sets it to some dumb value, we need to make sure it will try at least once - if (retries < 1) { - retries = 1; - } - int pauseBetweenRetries = 1000; - switch (entityType) { - - case POLICY_NOTIFICATION: - for (int i = 0; i < retries; i++) { - try { - handleIncomingPolicyChange(entityId); - break; - } catch (Exception e) { - logger.debug(e); - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught exception on handleIncomingPolicyChange(" + url + ", " + entityId + ", " - + extraData + ")"); - } - try { - Thread.sleep(pauseBetweenRetries); - } catch (InterruptedException ie) { - Thread.currentThread().interrupt(); - break; - } - } - break; - case PDP_NOTIFICATION: - for (int i = 0; i < retries; i++) { - try { - handleIncomingPdpChange(entityId, transaction); - break; - } catch (Exception e) { - logger.debug(e); - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught exception on handleIncomingPdpChange(" + url + ", " + entityId + ", " - + transaction + ")"); - } - try { - Thread.sleep(pauseBetweenRetries); - } catch (InterruptedException ie) { - Thread.currentThread().interrupt(); - break; - } - } - break; - case GROUP_NOTIFICATION: - for (int i = 0; i < retries; i++) { - try { - handleIncomingGroupChange(entityId, extraData, transaction); - break; - } catch (Exception e) { - logger.debug(e); - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught exception on handleIncomingGroupChange(" + url + ", " + entityId + ", " - + extraData + ", " + transaction + ", " + xacmlPapServlet + ")"); - } - try { - Thread.sleep(pauseBetweenRetries); - } catch (InterruptedException ie) { - Thread.currentThread().interrupt(); - break; - } - } - break; - } - // no changes should be being made in this function, we still need to close - transaction.rollbackTransaction(); - } - - private void handleIncomingGroupChange(String groupId, String extraData, PolicyDBDaoTransaction transaction) - throws PAPException, PolicyDBException { - GroupEntity groupRecord = null; - long groupIdLong = -1; - try { - groupIdLong = Long.parseLong(groupId); - } catch (NumberFormatException e) { - throw new IllegalArgumentException("groupId " + groupId + " cannot be parsed into a long"); - } - try { - groupRecord = transaction.getGroup(groupIdLong); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to get pdp group record with transaction.getGroup(" + groupIdLong + ");"); - throw new PAPException("Could not get local group " + groupIdLong); - } - if (groupRecord == null) { - throw new PersistenceException("The group record returned is null"); - } - // compare to local fs - // does group folder exist - OnapPDPGroup localGroup = null; - try { - localGroup = papEngine.getGroup(groupRecord.getGroupId()); - } catch (Exception e) { - logger.warn("Caught PAPException trying to get local pdp group with papEngine.getGroup(" + groupId + ");", - e); - } - if (localGroup == null && extraData != null) { - // here we can try to load an old group id from the extraData - try { - localGroup = papEngine.getGroup(extraData); - } catch (Exception e) { - logger.warn( - "Caught PAPException trying to get local pdp group with papEngine.getGroup(" + extraData + ");", - e); - } - } - if (localGroup != null && groupRecord.isDeleted()) { - OnapPDPGroup newLocalGroup = null; - if (extraData != null) { - try { - newLocalGroup = papEngine.getGroup(extraData); - } catch (PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to get new pdp group with papEngine.getGroup(" + extraData - + ");"); - } - } - try { - papEngine.removeGroup(localGroup, newLocalGroup); - } catch (NullPointerException | PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to get remove pdp group with papEngine.removeGroup(" + localGroup - + ", " + newLocalGroup + ");"); - throw new PAPException("Could not remove group " + groupId); - } - } else if (localGroup == null) { - // creating a new group - try { - papEngine.newGroup(groupRecord.getgroupName(), groupRecord.getDescription()); - } catch (NullPointerException | PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to create pdp group with papEngine.newGroup(groupRecord" - + ".getgroupName(), groupRecord.getDescription());"); - throw new PAPException("Could not create group " + groupRecord); - } - try { - localGroup = papEngine.getGroup(groupRecord.getGroupId()); - } catch (PAPException e1) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e1, policyDBDaoVar, - "Caught PAPException trying to get pdp group we just created with papEngine.getGroup" - + "(groupRecord.getGroupId());\nAny PDPs or policies in the new group may not have been added"); - return; - } - // add possible pdps to group - List<?> pdpsInGroup = transaction.getPdpsInGroup(Long.parseLong(groupRecord.getGroupId())); - for (Object pdpO : pdpsInGroup) { - PdpEntity pdp = (PdpEntity) pdpO; - try { - papEngine.newPDP(pdp.getPdpId(), localGroup, pdp.getPdpName(), pdp.getDescription(), - pdp.getJmxPort()); - } catch (NullPointerException | PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to get create pdp with papEngine.newPDP(pdp.getPdpId(), " - + "localGroup, pdp.getPdpName(), pdp.getDescription(), pdp.getJmxPort());"); - throw new PAPException("Could not create pdp " + pdp); - } - } - // add possible policies to group (filesystem only, apparently) - } else { - if (!(localGroup instanceof StdPDPGroup)) { - throw new PAPException("group is not a StdPDPGroup"); - } - // clone the object - // because it will be comparing the new group to its own version - StdPDPGroup localGroupClone = new StdPDPGroup(localGroup.getId(), localGroup.isDefaultGroup(), - localGroup.getName(), localGroup.getDescription(), ((StdPDPGroup) localGroup).getDirectory()); - localGroupClone.setOnapPdps(localGroup.getOnapPdps()); - localGroupClone.setPipConfigs(localGroup.getPipConfigs()); - localGroupClone.setStatus(localGroup.getStatus()); - // we are updating a group or adding a policy or changing default - // set default if it should be - if (!localGroupClone.isDefaultGroup() && groupRecord.isDefaultGroup()) { - try { - papEngine.setDefaultGroup(localGroup); - return; - } catch (PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to set default group with papEngine.SetDefaultGroup(" - + localGroupClone + ");"); - throw new PAPException("Could not set default group to " + localGroupClone); - } - } - boolean needToUpdate = false; - if (updateGroupPoliciesInFileSystem(localGroupClone, localGroup, groupRecord)) { - needToUpdate = true; - } - if (!stringEquals(localGroupClone.getId(), groupRecord.getGroupId()) - || !stringEquals(localGroupClone.getName(), groupRecord.getgroupName())) { - // changing ids - // we do not want to change the id, the papEngine will do this for us, it needs to know the old id - localGroupClone.setName(groupRecord.getgroupName()); - needToUpdate = true; - } - if (!stringEquals(localGroupClone.getDescription(), groupRecord.getDescription())) { - localGroupClone.setDescription(groupRecord.getDescription()); - needToUpdate = true; - } - if (needToUpdate) { - try { - papEngine.updateGroup(localGroupClone); - } catch (PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to update group with papEngine.updateGroup(" + localGroupClone - + ");"); - throw new PAPException("Could not update group " + localGroupClone); - } - } - } - } - - // this will also handle removes, since incoming pdpGroup has no policies internally, we are just going to add - // them all in from the db - private boolean updateGroupPoliciesInFileSystem(OnapPDPGroup pdpGroup, OnapPDPGroup oldPdpGroup, - GroupEntity groupRecord) throws PAPException, PolicyDBException { - if (!(pdpGroup instanceof StdPDPGroup)) { - throw new PAPException("group is not a StdPDPGroup"); - } - StdPDPGroup group = (StdPDPGroup) pdpGroup; - // this must always be true since we don't explicitly know when a delete is occuring - boolean didUpdate = true; - HashMap<String, PDPPolicy> currentPolicySet = new HashMap<>(oldPdpGroup.getPolicies().size()); - HashSet<PDPPolicy> newPolicySet = new HashSet<>(); - for (PDPPolicy pdpPolicy : oldPdpGroup.getPolicies()) { - currentPolicySet.put(pdpPolicy.getId(), pdpPolicy); - } - for (PolicyEntity policy : groupRecord.getPolicies()) { - String pdpPolicyName = getPdpPolicyName(policy.getPolicyName(), policy.getScope()); - if (group.getPolicy(pdpPolicyName) == null) { - didUpdate = true; - if (currentPolicySet.containsKey(pdpPolicyName)) { - newPolicySet.add(currentPolicySet.get(pdpPolicyName)); - } else { - logger.info( - "PolicyDBDao: Adding the new policy to the PDP group after notification: " + pdpPolicyName); - InputStream policyStream = new ByteArrayInputStream(policy.getPolicyData().getBytes()); - group.copyPolicyToFile(pdpPolicyName, policyStream); - ((StdPDPPolicy) (group.getPolicy(pdpPolicyName))) - .setName(removeExtensionAndVersionFromPolicyName(pdpPolicyName)); - try { - policyStream.close(); - } catch (IOException e) { - didUpdate = false; - PolicyLogger.error(e.getMessage() + e); - } - } - } - } - logger.info("PolicyDBDao: Adding updated policies to group after notification."); - if (didUpdate) { - newPolicySet.addAll(group.getPolicies()); - group.setPolicies(newPolicySet); - } - return didUpdate; - } - /* - * This method is called during all pushPolicy transactions and makes sure the file system group is in sync with the - * database groupentity + * This method is called during all pushPolicy transactions and makes sure the file system group + * is in sync with the database groupentity */ - private StdPDPGroup synchronizeGroupPoliciesInFileSystem(StdPDPGroup pdpGroup, GroupEntity groupentity) + public StdPDPGroup synchronizeGroupPoliciesInFileSystem(StdPDPGroup pdpGroup, GroupEntity groupentity) throws PAPException, PolicyDBException { HashMap<String, PDPPolicy> currentPolicyMap = new HashMap<>(); @@ -895,6 +437,7 @@ public class PolicyDBDao { newPolicy = new StdPDPPolicy(pdpPolicyId, true, removeExtensionAndVersionFromPolicyName(pdpPolicyId), location); newPolicySet.add(newPolicy); + logger.info("Adding new policy to PDPGroup - " + newPolicy.getId() + ", Location - " + location); } catch (Exception e) { logger.debug(e); PolicyLogger @@ -911,8 +454,8 @@ public class PolicyDBDao { } catch (Exception e) { logger.debug(e); PolicyLogger - .error("PolicyDBDao: Exception occurred while attempting to delete the old version of the" - + " policy file from the group. " + e.getMessage()); + .error("PolicyDBDao: Exception occurred while attempting to delete the old version of the policy file from the group. " + + e.getMessage()); } } } @@ -923,7 +466,7 @@ public class PolicyDBDao { return pdpGroup; } - private String removeExtensionAndVersionFromPolicyName(String originalPolicyName) throws PolicyDBException { + public String removeExtensionAndVersionFromPolicyName(String originalPolicyName) throws PolicyDBException { return getPolicyNameAndVersionFromPolicyFileName(originalPolicyName)[0]; } @@ -933,7 +476,7 @@ public class PolicyDBDao { * @param originalPolicyName: a policy file name ex: Config_policy.2.xml * @return An array [0]: The policy name, [1]: the policy version, as a string */ - private String[] getPolicyNameAndVersionFromPolicyFileName(String originalPolicyName) throws PolicyDBException { + public String[] getPolicyNameAndVersionFromPolicyFileName(String originalPolicyName) throws PolicyDBException { String policyName = originalPolicyName; String[] nameAndVersion = new String[2]; try { @@ -958,160 +501,7 @@ public class PolicyDBDao { return nameAndVersion; } - private void handleIncomingPdpChange(String pdpId, PolicyDBDaoTransaction transaction) throws PAPException { - // get pdp - long pdpIdLong = -1; - try { - pdpIdLong = Long.parseLong(pdpId); - } catch (NumberFormatException e) { - throw new IllegalArgumentException("pdpId " + pdpId + " cannot be parsed into a long"); - } - PdpEntity pdpRecord = null; - try { - pdpRecord = transaction.getPdp(pdpIdLong); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to get pdp record with transaction.getPdp(" + pdpIdLong + ");"); - throw new PAPException("Could not get local pdp " + pdpIdLong); - } - if (pdpRecord == null) { - throw new PersistenceException("The pdpRecord returned is null"); - } - PDP localPdp = null; - try { - localPdp = papEngine.getPDP(pdpRecord.getPdpId()); - } catch (PAPException e) { - logger.warn("Caught PAPException trying to get local pdp with papEngine.getPDP(" + pdpId + ");", e); - } - if (localPdp != null && pdpRecord.isDeleted()) { - try { - papEngine.removePDP((OnapPDP) localPdp); - } catch (PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to get remove pdp with papEngine.removePDP(" + localPdp + ");"); - throw new PAPException("Could not remove pdp " + pdpId); - } - } else if (localPdp == null) { - // add new pdp - // get group - OnapPDPGroup localGroup = null; - try { - localGroup = papEngine.getGroup(pdpRecord.getGroup().getGroupId()); - } catch (PAPException e1) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e1, policyDBDaoVar, - "Caught PAPException trying to get local group to add pdp to with papEngine.getGroup" - + "(pdpRecord.getGroup().getGroupId());"); - throw new PAPException("Could not get local group"); - } - try { - papEngine.newPDP(pdpRecord.getPdpId(), localGroup, pdpRecord.getPdpName(), pdpRecord.getDescription(), - pdpRecord.getJmxPort()); - } catch (NullPointerException | PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to create pdp with papEngine.newPDP(" + pdpRecord.getPdpId() + ", " - + localGroup + ", " + pdpRecord.getPdpName() + ", " + pdpRecord.getDescription() + ", " - + pdpRecord.getJmxPort() + ");"); - throw new PAPException("Could not create pdp " + pdpRecord); - } - } else { - boolean needToUpdate = false; - if (!stringEquals(localPdp.getId(), pdpRecord.getPdpId()) - || !stringEquals(localPdp.getName(), pdpRecord.getPdpName())) { - // again, we don't want to change the id, the papEngine will do this - localPdp.setName(pdpRecord.getPdpName()); - needToUpdate = true; - } - if (!stringEquals(localPdp.getDescription(), pdpRecord.getDescription())) { - localPdp.setDescription(pdpRecord.getDescription()); - needToUpdate = true; - } - String localPdpGroupId = null; - try { - localPdpGroupId = papEngine.getPDPGroup((OnapPDP) localPdp).getId(); - } catch (PAPException e) { - // could be null or something, just warn at this point - logger.warn("Caught PAPException trying to get id of local group that pdp is in with localPdpGroupId = " - + "papEngine.getPDPGroup(localPdp).getId();", e); - } - if (!stringEquals(localPdpGroupId, pdpRecord.getGroup().getGroupId())) { - OnapPDPGroup newPdpGroup = null; - try { - newPdpGroup = papEngine.getGroup(pdpRecord.getGroup().getGroupId()); - } catch (PAPException e) { - // ok, now we have an issue. Time to stop things - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to get id of local group to move pdp to with papEngine" - + ".getGroup(pdpRecord.getGroup().getGroupId());"); - throw new PAPException("Could not get local group"); - } - try { - papEngine.movePDP((OnapPDP) localPdp, newPdpGroup); - } catch (PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to move pdp with papEngine.movePDP(localPdp, newPdpGroup);"); - throw new PAPException("Could not move pdp " + localPdp); - } - } - if (((PdpEntity) localPdp).getJmxPort() != pdpRecord.getJmxPort()) { - ((PdpEntity) localPdp).setJmxPort(pdpRecord.getJmxPort()); - needToUpdate = true; - } - if (needToUpdate) { - try { - papEngine.updatePDP((OnapPDP) localPdp); - } catch (PAPException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PAPException trying to update pdp with papEngine.updatePdp(" + localPdp + ");"); - throw new PAPException("Could not update pdp " + localPdp); - } - } - } - // compare to local situation - // call command to update - } - - private void handleIncomingPolicyChange(String policyId) { - String policyName = null; - EntityManager em = emf.createEntityManager(); - Query getPolicyEntityQuery = em.createNamedQuery("PolicyEntity.FindById"); - getPolicyEntityQuery.setParameter("id", Long.valueOf(policyId)); - - @SuppressWarnings("unchecked") - List<PolicyEntity> policies = getPolicyEntityQuery.getResultList(); - PolicyEntity policy = null; - if (!policies.isEmpty()) { - policy = policies.get(0); - } - String action = "unknown action"; - try { - if (policy != null) { - policyName = policy.getPolicyName(); - logger.info("Deleting old Policy Config File for " + policy.getPolicyName()); - action = "delete"; - Path subFile = null; - - if (policy.getConfigurationData() != null) { - subFile = getPolicySubFile(policy.getConfigurationData().getConfigurationName(), config); - } else if (policy.getActionBodyEntity() != null) { - subFile = getPolicySubFile(policy.getActionBodyEntity().getActionBodyName(), action); - } - - if (subFile != null) { - Files.deleteIfExists(subFile); - } - if (policy.getConfigurationData() != null) { - writePolicySubFile(policy, config); - } else if (policy.getActionBodyEntity() != null) { - writePolicySubFile(policy, action); - } - } - } catch (IOException e1) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e1, policyDBDaoVar, - "Error occurred while performing [" + action + "] of Policy File: " + policyName); - } - } - - private String getPdpPolicyName(String name, String scope) { + public String getPdpPolicyName(String name, String scope) { String finalName = ""; finalName += scope; finalName += "."; @@ -1124,109 +514,29 @@ public class PolicyDBDao { return fileName.substring(0, fileName.lastIndexOf('.')); } - private Path getPolicySubFile(String inputFileName, String subFileType) { - String filename = inputFileName; - logger.info("getPolicySubFile(" + filename + ", " + subFileType + ")"); - Path filePath = Paths.get(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_WEBAPPS), subFileType); - File file = null; - - filename = FilenameUtils.removeExtension(filename); - - for (File tmpFile : filePath.toFile().listFiles()) { - if (FilenameUtils.removeExtension(tmpFile.getName()).equals(filename)) { - file = tmpFile; - } - } - - Path finalPath = null; - if (file != null) { - finalPath = Paths.get(file.getAbsolutePath()); - } - - logger.info("end of getPolicySubFile: " + finalPath); - return finalPath; - } - - private boolean writePolicySubFile(PolicyEntity policy, String policyType) { - logger.info("writePolicySubFile with policyName[" + policy.getPolicyName() + "] and policyType[" + policyType - + "]"); - String type = null; - String subTypeName = null; - String subTypeBody = null; - if (config.equalsIgnoreCase(policyType)) { - type = config; - subTypeName = FilenameUtils.removeExtension(policy.getConfigurationData().getConfigurationName()); - subTypeBody = policy.getConfigurationData().getConfigBody(); - - String configType = policy.getConfigurationData().getConfigType(); - - if (configType != null) { - if (configType.equals(JSON_CONFIG)) { - subTypeName = subTypeName + ".json"; - } - if (configType.equals(XML_CONFIG)) { - subTypeName = subTypeName + ".xml"; - } - if (configType.equals(PROPERTIES_CONFIG)) { - subTypeName = subTypeName + ".properties"; - } - if (configType.equals(OTHER_CONFIG)) { - subTypeName = subTypeName + ".txt"; - } - } - } else if (action.equalsIgnoreCase(policyType)) { - type = action; - subTypeName = policy.getActionBodyEntity().getActionBodyName(); - subTypeBody = policy.getActionBodyEntity().getActionBody(); - } - Path filePath = Paths.get(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_WEBAPPS).toString(), type); - - if (subTypeBody == null) { - subTypeBody = ""; - } - boolean success = false; - try { - Files.deleteIfExists(Paths.get(filePath.toString(), subTypeName)); - File file = Paths.get(filePath.toString(), subTypeName).toFile(); - boolean value = file.createNewFile(); - logger.debug("New file created successfully" + value); - try (FileWriter fileWriter = new FileWriter(file, false)) { - // false to overwrite - fileWriter.write(subTypeBody); - fileWriter.close(); - success = true; - } - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Exception occured while creating Configuration File for Policy : " + policy.getPolicyName()); - } - return success; - } - public void auditLocalDatabase(PAPPolicyEngine papEngine2) { logger.debug("PolicyDBDao.auditLocalDatabase() is called"); try { deleteAllGroupTables(); auditGroups(papEngine2); } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, "auditLocalDatabase() error"); + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, POLICYDBDAO_VAR, "auditLocalDatabase() error"); logger.error("Exception Occured" + e); } } - public StdPDPGroup auditLocalFileSystem(StdPDPGroup group) { logger.info("Starting Local File System group audit"); - EntityManager em = emf.createEntityManager(); - em.getTransaction().begin(); + Session session = sessionfactory.openSession(); + session.getTransaction().begin(); StdPDPGroup updatedGroup = null; try { - Query groupQuery = em.createQuery(groupEntitySelectQuery); - groupQuery.setParameter(groupIdVar, group.getId()); - groupQuery.setParameter(deletedVar, false); - List<?> groupQueryList = groupQuery.getResultList(); + Query groupQuery = session.createQuery(GROUPENTITY_SELECT); + groupQuery.setParameter(GROUP_ID, group.getId()); + groupQuery.setParameter(DELETED, false); + List<?> groupQueryList = groupQuery.list(); if (groupQueryList != null && !groupQueryList.isEmpty()) { GroupEntity dbgroup = (GroupEntity) groupQueryList.get(0); updatedGroup = synchronizeGroupPoliciesInFileSystem(group, dbgroup); @@ -1236,39 +546,91 @@ public class PolicyDBDao { logger.error(e); } catch (Exception e) { logger.error(e); - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, POLICYDBDAO_VAR, "Caught Exception trying to check if group exists groupQuery.getResultList()"); throw new PersistenceException("Query failed trying to check if group " + group.getId() + " exists"); } - em.getTransaction().commit(); - em.close(); + session.getTransaction().commit(); + session.close(); return updatedGroup; + } + + /* + * This method is called at startup to recreate config data from DB to the file system. + * + */ + public void synchronizeConfigDataInFileSystem() { + logger.info("Starting Local File System Config data Sync"); + // sync both web apps Config and Action + syncConfigData(ConfigurationDataEntity.class, CONFIG); + syncConfigData(ActionBodyEntity.class, ACTION); + } + + private <T> void syncConfigData(Class<T> cl, String type) { + Session session = sessionfactory.openSession(); + try { + final Criteria configDataQuery = session.createCriteria(cl.getName()); + @SuppressWarnings("unchecked") + final List<T> configDataResult = configDataQuery.list(); + Path webappsPath = Paths.get(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_WEBAPPS), type); + + for (final T configData : configDataResult) { + String configName = null; + byte[] configBody; + try { + if (CONFIG.equalsIgnoreCase(type)) { + configName = ((ConfigurationDataEntity) configData).getConfigurationName(); + configBody = (((ConfigurationDataEntity) configData).getConfigBody() != null) + ? ((ConfigurationDataEntity) configData).getConfigBody() + .getBytes(StandardCharsets.UTF_8) + : "".getBytes(); + } else { + configName = ((ActionBodyEntity) configData).getActionBodyName(); + configBody = (((ActionBodyEntity) configData).getActionBody() != null) + ? ((ActionBodyEntity) configData).getActionBody().getBytes(StandardCharsets.UTF_8) + : "".getBytes(); + } + Path filePath = Paths.get(webappsPath.toString(), configName); + if (!filePath.toFile().exists()) { + Files.write(filePath, configBody); + logger.info("Created Config File from DB - " + filePath.toString()); + } + } catch (Exception e) { + // log and keep going + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, POLICYDBDAO_VAR, + "Exception occured while creating Configuration File - " + configName); + } + } + } catch (final Exception exception) { + logger.error("Unable to synchronizeConfigDataInFileSystem", exception); + } + session.close(); } public void deleteAllGroupTables() { logger.debug("PolicyDBDao.deleteAllGroupTables() called"); - EntityManager em = emf.createEntityManager(); - em.getTransaction().begin(); + Session session = sessionfactory.openSession(); + session.getTransaction().begin(); - Query deletePdpEntityEntityTableUpdate = em.createNamedQuery("PdpEntity.deleteAll"); + Query deletePdpEntityEntityTableUpdate = session.getNamedQuery("PdpEntity.deleteAll"); deletePdpEntityEntityTableUpdate.executeUpdate(); - Query deleteGroupEntityTableUpdate = em.createNamedQuery("GroupEntity.deleteAll"); + Query deleteGroupEntityTableUpdate = session.getNamedQuery("GroupEntity.deleteAll"); deleteGroupEntityTableUpdate.executeUpdate(); - em.getTransaction().commit(); - em.close(); + session.getTransaction().commit(); + session.close(); } @SuppressWarnings("unchecked") public void auditGroups(PAPPolicyEngine papEngine2) { logger.debug("PolicyDBDao.auditGroups() called"); - EntityManager em = emf.createEntityManager(); - em.getTransaction().begin(); + Session session = sessionfactory.openSession(); + session.getTransaction().begin(); final String AUDIT_STR = "Audit"; try { @@ -1277,25 +639,24 @@ public class PolicyDBDao { for (OnapPDPGroup grp : groups) { try { GroupEntity groupEntity = new GroupEntity(); - em.persist(groupEntity); groupEntity.setGroupName(grp.getName()); groupEntity.setDescription(grp.getDescription()); groupEntity.setDefaultGroup(grp.isDefaultGroup()); groupEntity.setCreatedBy(AUDIT_STR); groupEntity.setGroupId(createNewPDPGroupId(grp.getId())); groupEntity.setModifiedBy(AUDIT_STR); + session.persist(groupEntity); Set<OnapPDP> pdps = grp.getOnapPdps(); for (OnapPDP pdp : pdps) { PdpEntity pdpEntity = new PdpEntity(); - em.persist(pdpEntity); pdpEntity.setGroup(groupEntity); pdpEntity.setJmxPort(pdp.getJmxPort()); pdpEntity.setPdpId(pdp.getId()); pdpEntity.setPdpName(pdp.getName()); pdpEntity.setModifiedBy(AUDIT_STR); pdpEntity.setCreatedBy(AUDIT_STR); - + session.persist(pdpEntity); } Set<PDPPolicy> policies = grp.getPolicies(); @@ -1308,11 +669,11 @@ public class PolicyDBDao { "Invalid input - policyID must contain name, scope and version"); } List<PolicyEntity> policyEntityList; - Query getPolicyEntitiesQuery = em.createNamedQuery("PolicyEntity.findByNameAndScope"); + Query getPolicyEntitiesQuery = session.getNamedQuery("PolicyEntity.findByNameAndScope"); getPolicyEntitiesQuery.setParameter("name", stringArray[0]); - getPolicyEntitiesQuery.setParameter(scope, stringArray[1]); + getPolicyEntitiesQuery.setParameter(SCOPE, stringArray[1]); - policyEntityList = getPolicyEntitiesQuery.getResultList(); + policyEntityList = getPolicyEntitiesQuery.list(); PolicyEntity policyEntity = null; if (!policyEntityList.isEmpty()) { policyEntity = policyEntityList.get(0); @@ -1321,28 +682,28 @@ public class PolicyDBDao { groupEntity.addPolicyToGroup(policyEntity); } } catch (Exception e2) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e2, policyDBDaoVar, + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e2, POLICYDBDAO_VAR, "Exception auditGroups inner catch"); } } } catch (Exception e1) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e1, policyDBDaoVar, + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e1, POLICYDBDAO_VAR, "Exception auditGroups middle catch"); } } } catch (Exception e) { - em.getTransaction().rollback(); - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, "Exception auditGroups outer catch"); - em.close(); + session.getTransaction().rollback(); + PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, POLICYDBDAO_VAR, "Exception auditGroups outer catch"); + session.close(); return; } - em.getTransaction().commit(); - em.close(); + session.getTransaction().commit(); + session.close(); } - private String getConfigFile(String filename, PolicyRestAdapter policy) { + public String getConfigFile(String filename, PolicyRestAdapter policy) { if (policy == null) { return getConfigFile(filename, (String) null); } @@ -1352,7 +713,7 @@ public class PolicyDBDao { // copied from ConfigPolicy.java and modified // Here we are adding the extension for the configurations file based on the // config type selection for saving. - private String getConfigFile(String inputFilename, String configType) { + public String getConfigFile(String inputFilename, String configType) { String filename = inputFilename; logger.debug("getConfigFile(String filename, String scope, String configType) as getConfigFile(" + filename + ", " + configType + ") called"); @@ -1376,7 +737,7 @@ public class PolicyDBDao { return filename; } - private String[] getNameScopeAndVersionFromPdpPolicy(String fileName) { + public String[] getNameScopeAndVersionFromPdpPolicy(String fileName) { String[] splitByDots = fileName.split("\\."); if (splitByDots.length < 3) { return null; @@ -1401,7 +762,8 @@ public class PolicyDBDao { public static String createNewPDPGroupId(String name) { String id = name; - // replace "bad" characters with sequences that will be ok for file names and properties keys. + // replace "bad" characters with sequences that will be ok for file + // names and properties keys. id = id.replace(" ", "_sp_"); id = id.replace("\t", "_tab_"); id = id.replace("\\", "_bksl_"); @@ -1435,1429 +797,6 @@ public class PolicyDBDao { return false; } - - private class PolicyDBDaoTransactionInstance implements PolicyDBDaoTransaction { - private EntityManager em; - private final Object emLock = new Object(); - long policyId; - long groupId; - long pdpId; - String newGroupId; - private boolean operationRun = false; - private final Thread transactionTimer; - - private PolicyDBDaoTransactionInstance() { - // call the constructor with arguments - this(Integer.parseInt(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_TRANS_TIMEOUT)), - Integer.parseInt(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_TRANS_WAIT))); - } - - // timeout is how long the transaction can sit before rolling back - // wait time is how long to wait for the transaction to start before throwing an exception - private PolicyDBDaoTransactionInstance(int transactionTimeout, int transactionWaitTime) { - if (logger.isDebugEnabled()) { - logger.debug("\n\nPolicyDBDaoTransactionInstance() as PolicyDBDaoTransactionInstance() called:" - + "\n transactionTimeout = " + transactionTimeout + "\n transactionWaitTime = " - + transactionWaitTime + "\n\n"); - } - this.em = emf.createEntityManager(); - policyId = -1; - groupId = -1; - pdpId = -1; - newGroupId = null; - synchronized (emLock) { - try { - startTransactionSynced(this.em, transactionWaitTime); - } catch (Exception e) { - logger.debug(e); - throw new PersistenceException( - "Could not lock transaction within " + transactionWaitTime + " milliseconds"); - } - } - class TransactionTimer implements Runnable { - - private int sleepTime; - - public TransactionTimer(int timeout) { - this.sleepTime = timeout; - } - - @Override - public void run() { - if (logger.isDebugEnabled()) { - Date date = new java.util.Date(); - logger.debug("\n\nTransactionTimer.run() - SLEEPING: " + "\n sleepTime (ms) = " + sleepTime - + TIMESTAMP + date.getTime() + "\n\n"); - } - try { - Thread.sleep(sleepTime); - } catch (InterruptedException e) { - // probably, the transaction was completed, the last thing we want to do is roll back - if (logger.isDebugEnabled()) { - Date date = new java.util.Date(); - logger.debug("\n\nTransactionTimer.run() - WAKE Interrupt: " + TIMESTAMP - + date.getTime() + "\n\n"); - } - Thread.currentThread().interrupt(); - return; - } - if (logger.isDebugEnabled()) { - Date date = new java.util.Date(); - logger.debug("\n\nTransactionTimer.run() - WAKE Timeout: " + TIMESTAMP - + date.getTime() + "\n\n"); - } - rollbackTransaction(); - } - - } - - transactionTimer = new Thread(new TransactionTimer(transactionTimeout), "transactionTimerThread"); - transactionTimer.start(); - - - } - - private void checkBeforeOperationRun() { - checkBeforeOperationRun(false); - } - - private void checkBeforeOperationRun(boolean justCheckOpen) { - if (!isTransactionOpen()) { - PolicyLogger.error("There is no transaction currently open"); - throw new IllegalStateException("There is no transaction currently open"); - } - if (operationRun && !justCheckOpen) { - PolicyLogger.error( - "An operation has already been performed and the current transaction should be " + "committed"); - throw new IllegalStateException( - "An operation has already been performed and the current transaction should be committed"); - } - operationRun = true; - } - - @Override - public void commitTransaction() { - synchronized (emLock) { - logger.debug("commitTransaction() as commitTransaction() called"); - if (!isTransactionOpen()) { - logger.warn("There is no open transaction to commit"); - try { - em.close(); - } catch (Exception e) { - logger.error("Exception Occured" + e); - } - return; - } - try { - em.getTransaction().commit(); - } catch (RollbackException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught RollbackException on em.getTransaction().commit()"); - throw new PersistenceException("The commit failed. Message:\n" + e.getMessage()); - } - em.close(); - // need to revisit - if (policyId >= 0) { - if (newGroupId != null) { - try { - notifyOthers(policyId, POLICY_NOTIFICATION, newGroupId); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - CAUGHTEXCEPTIONONNOTIFY + policyId + "," + POLICY_NOTIFICATION + "," - + newGroupId + ")"); - } - } else { - try { - notifyOthers(policyId, POLICY_NOTIFICATION); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - CAUGHTEXCEPTIONONNOTIFY + policyId + "," + POLICY_NOTIFICATION + ")"); - } - } - } - if (groupId >= 0) { - // we don't want commit to fail just because this does - if (newGroupId != null) { - try { - notifyOthers(groupId, GROUP_NOTIFICATION, newGroupId); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - CAUGHTEXCEPTIONONNOTIFY + groupId + "," + GROUP_NOTIFICATION + "," - + newGroupId + ")"); - } - } else { - try { - notifyOthers(groupId, GROUP_NOTIFICATION); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - CAUGHTEXCEPTIONONNOTIFY + groupId + "," + GROUP_NOTIFICATION + ")"); - } - } - } - if (pdpId >= 0) { - // we don't want commit to fail just because this does - try { - notifyOthers(pdpId, PDP_NOTIFICATION); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - CAUGHTEXCEPTIONONNOTIFY + pdpId + "," + PDP_NOTIFICATION + ")"); - } - } - } - if (transactionTimer != null) { - transactionTimer.interrupt(); - } - } - - @Override - public void rollbackTransaction() { - logger.debug("rollbackTransaction() as rollbackTransaction() called"); - synchronized (emLock) { - if (isTransactionOpen()) { - - try { - em.getTransaction().rollback(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Could not rollback transaction"); - } - try { - em.close(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Could not close EntityManager"); - } - - } else { - try { - em.close(); - } catch (Exception e) { - logger.warn("Could not close already closed transaction", e); - } - } - - } - if (transactionTimer != null) { - transactionTimer.interrupt(); - } - } - - private void createPolicy(PolicyRestAdapter policy, String username, String policyScope, String inputPolicyName, - String policyDataString) { - String policyName = inputPolicyName; - logger.debug( - "createPolicy(PolicyRestAdapter policy, String username, String policyScope, String policyName, " - + "String policyDataString) as createPolicy(" + policy + ", " + username + ", " - + policyScope + ", " + policyName + ", " + policyDataString + ") called"); - synchronized (emLock) { - checkBeforeOperationRun(); - String configName = policyName; - if (policyName.contains("Config_")) { - policyName = policyName.replace(".Config_", ":Config_"); - } else if (policyName.contains("Action_")) { - policyName = policyName.replace(".Action_", ":Action_"); - } else if (policyName.contains("Decision_")) { - policyName = policyName.replace(".Decision_", ":Decision_"); - } - policyName = policyName.split(":")[1]; - Query createPolicyQuery = em - .createQuery("SELECT p FROM PolicyEntity p WHERE p.scope=:scope AND p.policyName=:policyName"); - createPolicyQuery.setParameter(scope, policyScope); - createPolicyQuery.setParameter("policyName", policyName); - List<?> createPolicyQueryList = createPolicyQuery.getResultList(); - PolicyEntity newPolicyEntity; - boolean update; - if (createPolicyQueryList.isEmpty()) { - newPolicyEntity = new PolicyEntity(); - update = false; - } else if (createPolicyQueryList.size() > 1) { - PolicyLogger - .error("Somehow, more than one policy with the same scope, name, and deleted status were " - + "found in the database"); - throw new PersistenceException( - "Somehow, more than one policy with the same scope, name, and deleted status were found " - + "in the database"); - } else { - newPolicyEntity = (PolicyEntity) createPolicyQueryList.get(0); - update = true; - } - - ActionBodyEntity newActionBodyEntity = null; - if (policy.getPolicyType().equals(action)) { - boolean abupdate = false; - if (newPolicyEntity.getActionBodyEntity() == null) { - newActionBodyEntity = new ActionBodyEntity(); - } else { - newActionBodyEntity = em.find(ActionBodyEntity.class, - newPolicyEntity.getActionBodyEntity().getActionBodyId()); - abupdate = true; - } - - if (newActionBodyEntity != null) { - if (!abupdate) { - em.persist(newActionBodyEntity); - } - // build the file path - // trim the .xml off the end - String policyNameClean = FilenameUtils.removeExtension(configName); - String actionBodyName = policyNameClean + ".json"; - - // get the action body - String actionBodyString = policy.getActionBody(); - if (actionBodyString == null) { - actionBodyString = "{}"; - } - newActionBodyEntity.setActionBody(actionBodyString); - newActionBodyEntity.setActionBodyName(actionBodyName); - newActionBodyEntity.setModifiedBy("PolicyDBDao.createPolicy()"); - newActionBodyEntity.setDeleted(false); - if (!abupdate) { - newActionBodyEntity.setCreatedBy("PolicyDBDao.createPolicy()"); - } - if (logger.isDebugEnabled()) { - logger.debug("\nPolicyDBDao.createPolicy" + "\n newActionBodyEntity.getActionBody() = " - + newActionBodyEntity.getActionBody() - + "\n newActionBodyEntity.getActionBodyName() = " - + newActionBodyEntity.getActionBodyName() - + "\n newActionBodyEntity.getModifiedBy() = " - + newActionBodyEntity.getModifiedBy() + "\n newActionBodyEntity.getCreatedBy() = " - + newActionBodyEntity.getCreatedBy() + "\n newActionBodyEntity.isDeleted() = " - + newActionBodyEntity.isDeleted() + "\n FLUSHING to DB"); - } - // push the actionBodyEntity to the DB - em.flush(); - } else { - // newActionBodyEntity == null - // We have a actionBody in the policy but we found no actionBody in the DB - String msg = "\n\nPolicyDBDao.createPolicy - Incoming Action policy had an " - + "actionBody, but it could not be found in the DB for update." + "\n policyScope = " - + policyScope + "\n policyName = " + policyName + "\n\n"; - PolicyLogger - .error("PolicyDBDao.createPolicy - Incoming Action policy had an actionBody, but it " - + "could not be found in the DB for update: policyName = " + policyName); - throw new IllegalArgumentException(msg); - } - } - - ConfigurationDataEntity newConfigurationDataEntity; - if (policy.getPolicyType().equals(config)) { - boolean configUpdate; - if (newPolicyEntity.getConfigurationData() == null) { - newConfigurationDataEntity = new ConfigurationDataEntity(); - configUpdate = false; - } else { - newConfigurationDataEntity = em.find(ConfigurationDataEntity.class, - newPolicyEntity.getConfigurationData().getConfigurationDataId()); - configUpdate = true; - } - - if (newConfigurationDataEntity != null) { - if (!configUpdate) { - em.persist(newConfigurationDataEntity); - } - if (!stringEquals(newConfigurationDataEntity.getConfigurationName(), - getConfigFile(configName, policy))) { - newConfigurationDataEntity.setConfigurationName(getConfigFile(configName, policy)); - } - if (newConfigurationDataEntity.getConfigType() == null - || !newConfigurationDataEntity.getConfigType().equals(policy.getConfigType())) { - newConfigurationDataEntity.setConfigType(policy.getConfigType()); - } - if (!configUpdate) { - newConfigurationDataEntity.setCreatedBy(username); - } - if (newConfigurationDataEntity.getModifiedBy() == null - || !newConfigurationDataEntity.getModifiedBy().equals(username)) { - newConfigurationDataEntity.setModifiedBy(username); - } - if (newConfigurationDataEntity.getDescription() == null - || !"".equals(newConfigurationDataEntity.getDescription())) { - newConfigurationDataEntity.setDescription(""); - } - if (newConfigurationDataEntity.getConfigBody() == null - || newConfigurationDataEntity.getConfigBody().isEmpty() - || (!newConfigurationDataEntity.getConfigBody().equals(policy.getConfigBodyData()))) { - // hopefully one of these won't be null - if (policy.getConfigBodyData() == null || policy.getConfigBodyData().isEmpty()) { - newConfigurationDataEntity.setConfigBody(policy.getJsonBody()); - } else { - newConfigurationDataEntity.setConfigBody(policy.getConfigBodyData()); - } - } - if (newConfigurationDataEntity.isDeleted()) { - newConfigurationDataEntity.setDeleted(false); - } - - em.flush(); - } else { - // We have a configurationData body in the policy but we found no configurationData body in - // the DB - String msg = "\n\nPolicyDBDao.createPolicy - Incoming Config policy had a " - + "configurationData body, but it could not be found in the DB for update." - + "\n policyScope = " + policyScope + "\n policyName = " + policyName + "\n\n"; - PolicyLogger.error("PolicyDBDao.createPolicy - Incoming Config policy had a configurationData " - + "body, but it could not be found in the DB for update: policyName = " + policyName); - throw new IllegalArgumentException(msg); - } - - } else { - newConfigurationDataEntity = null; - } - if (!update) { - em.persist(newPolicyEntity); - } - - policyId = newPolicyEntity.getPolicyId(); - - if (!stringEquals(newPolicyEntity.getPolicyName(), policyName)) { - newPolicyEntity.setPolicyName(policyName); - } - if (!stringEquals(newPolicyEntity.getCreatedBy(), username)) { - newPolicyEntity.setCreatedBy(username); - } - if (!stringEquals(newPolicyEntity.getDescription(), policy.getPolicyDescription())) { - newPolicyEntity.setDescription(policy.getPolicyDescription()); - } - if (!stringEquals(newPolicyEntity.getModifiedBy(), username)) { - newPolicyEntity.setModifiedBy(username); - } - if (!stringEquals(newPolicyEntity.getPolicyData(), policyDataString)) { - newPolicyEntity.setPolicyData(policyDataString); - } - if (!stringEquals(newPolicyEntity.getScope(), policyScope)) { - newPolicyEntity.setScope(policyScope); - } - if (newPolicyEntity.isDeleted() == true) { - newPolicyEntity.setDeleted(false); - } - newPolicyEntity.setConfigurationData(newConfigurationDataEntity); - newPolicyEntity.setActionBodyEntity(newActionBodyEntity); - - em.flush(); - this.policyId = newPolicyEntity.getPolicyId(); - } - } - - @SuppressWarnings("unused") - public PolicyEntity getPolicy(int policyID) { - return getPolicy(policyID, null, null); - } - - public PolicyEntity getPolicy(String policyName, String scope) { - return getPolicy(-1, policyName, scope); - } - - private PolicyEntity getPolicy(int policyID, String policyName, String scope) { - logger.debug("getPolicy(int policyId, String policyName) as getPolicy(" + policyID + "," + policyName - + ") called"); - if (policyID < 0 && isNullOrEmpty(policyName, scope)) { - throw new IllegalArgumentException( - "policyID must be at least 0 or policyName must be not null or blank"); - } - - synchronized (emLock) { - checkBeforeOperationRun(true); - // check if group exists - String policyId; - Query policyQuery; - if (!isNullOrEmpty(policyName, scope)) { - policyId = policyName; - policyQuery = - em.createQuery("SELECT p FROM PolicyEntity p WHERE p.policyName=:name AND p.scope=:scope"); - policyQuery.setParameter("name", policyId); - policyQuery.setParameter("scope", scope); - } else { - policyId = String.valueOf(policyID); - policyQuery = em.createNamedQuery("PolicyEntity.FindById"); - policyQuery.setParameter("id", policyId); - } - List<?> policyQueryList; - try { - policyQueryList = policyQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to get policy with policyQuery.getResultList()"); - throw new PersistenceException("Query failed trying to get policy " + policyId); - } - if (policyQueryList.isEmpty()) { - PolicyLogger.error("Policy does not exist with id " + policyId); - throw new PersistenceException("Group policy is being added to does not exist with id " + policyId); - } else if (policyQueryList.size() > 1) { - PolicyLogger.error(duplicatePolicyId + policyId + foundInDB); - throw new PersistenceException(duplicatePolicyId + policyId + foundInDB); - } - return (PolicyEntity) policyQueryList.get(0); - } - } - - @Override - public GroupEntity getGroup(long groupKey) { - logger.debug("getGroup(int groupKey) as getGroup(" + groupKey + ") called"); - if (groupKey < 0) { - throw new IllegalArgumentException("groupKey must be at least 0"); - } - synchronized (emLock) { - checkBeforeOperationRun(true); - // check if group exists - Query groupQuery = em.createQuery("SELECT g FROM GroupEntity g WHERE g.groupKey=:groupKey"); - groupQuery.setParameter("groupKey", groupKey); - List<?> groupQueryList; - try { - groupQueryList = groupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to get group with groupQuery.getResultList()"); - throw new PersistenceException(queryFailedToGetGroup + groupKey); - } - if (groupQueryList.isEmpty()) { - PolicyLogger.error("Group does not exist with groupKey " + groupKey); - throw new PersistenceException("Group does not exist with groupKey " + groupKey); - } else if (groupQueryList.size() > 1) { - PolicyLogger.error("Somehow, more than one group with the groupKey " + groupKey + foundInDB); - throw new PersistenceException( - "Somehow, more than one group with the groupKey " + groupKey + foundInDB); - } - return (GroupEntity) groupQueryList.get(0); - } - } - - @Override - public GroupEntity getGroup(String groupId) { - logger.debug("getGroup(String groupId) as getGroup(" + groupId + ") called"); - if (isNullOrEmpty(groupId)) { - throw new IllegalArgumentException("groupId must not be null or empty"); - } - synchronized (emLock) { - checkBeforeOperationRun(true); - // check if group exists - Query groupQuery = em.createQuery("SELECT g FROM GroupEntity g WHERE g.groupId=:groupId"); - groupQuery.setParameter(groupIdVar, groupId); - List<?> groupQueryList; - try { - groupQueryList = groupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to get group with groupQuery.getResultList()"); - throw new PersistenceException(queryFailedToGetGroup + groupId); - } - if (groupQueryList.isEmpty()) { - PolicyLogger.error("Group does not exist with id " + groupId); - throw new PersistenceException("Group does not exist with id " + groupId); - } else if (groupQueryList.size() > 1) { - PolicyLogger.error(duplicateGroupId + groupId + foundInDB); - throw new PersistenceException(duplicateGroupId + groupId + foundInDB); - } - return (GroupEntity) groupQueryList.get(0); - } - } - - @Override - public List<?> getPdpsInGroup(long groupKey) { - logger.debug("getPdpsInGroup(int groupKey) as getPdpsInGroup(" + groupKey + ") called"); - if (groupKey < 0) { - throw new IllegalArgumentException("groupId must not be < 0"); - } - synchronized (emLock) { - checkBeforeOperationRun(true); - Query pdpsQuery = em.createQuery("SELECT p FROM PdpEntity p WHERE p.groupEntity=:group"); - pdpsQuery.setParameter("group", getGroup(groupKey)); - return pdpsQuery.getResultList(); - } - } - - @Override - public PdpEntity getPdp(long pdpKey) { - logger.debug("getPdp(int pdpKey) as getPdp(" + pdpKey + ") called"); - if (pdpKey < 0) { - throw new IllegalArgumentException("pdpKey must be at least 0"); - } - synchronized (emLock) { - checkBeforeOperationRun(true); - // check if group exists - Query pdpQuery = em.createQuery("SELECT p FROM PdpEntity p WHERE p.pdpKey=:pdpKey"); - pdpQuery.setParameter("pdpKey", pdpKey); - List<?> pdpQueryList; - try { - pdpQueryList = pdpQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to get pdp with pdpQuery.getResultList()"); - throw new PersistenceException("Query failed trying to get pdp " + pdpKey); - } - if (pdpQueryList.isEmpty()) { - PolicyLogger.error("Pdp does not exist with pdpKey " + pdpKey); - throw new PersistenceException("Pdp does not exist with pdpKey " + pdpKey); - } else if (pdpQueryList.size() > 1) { - PolicyLogger.error("Somehow, more than one pdp with the pdpKey " + pdpKey + foundInDB); - throw new PersistenceException("Somehow, more than one pdp with the pdpKey " + pdpKey + foundInDB); - } - return (PdpEntity) pdpQueryList.get(0); - } - } - - @Override - public boolean isTransactionOpen() { - logger.debug("isTransactionOpen() as isTransactionOpen() called"); - synchronized (emLock) { - return em.isOpen() && em.getTransaction().isActive(); - } - } - - private String processConfigPath(String inputConfigPath) { - String configPath = inputConfigPath; - String webappsPath = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_WEBAPPS); - if (webappsPath == null) { - logger.error("Webapps property does not exist"); - throw new IllegalArgumentException("Webapps property does not exist"); - } - configPath = configPath.replace("$URL", webappsPath); - // make sure the correct slashes are in - try { - configPath = Paths.get(configPath).toString(); - } catch (InvalidPathException e) { - logger.error("Invalid config path: " + configPath, e); - throw new IllegalArgumentException("Invalid config path: " + configPath); - } - return configPath; - } - - private String readConfigFile(String configPath) { - String configDataString = null; - try (InputStream configContentStream = new FileInputStream(configPath);) { - configDataString = IOUtils.toString(configContentStream); - } catch (FileNotFoundException e) { - logger.error("Caught FileNotFoundException on new FileInputStream(" + configPath + ")", e); - throw new IllegalArgumentException("The config file path does not exist"); - } catch (IOException e2) { - logger.error("Caught IOException on newIOUtils.toString(configContentStream)", e2); - throw new IllegalArgumentException("The config file path cannot be read"); - } - if (configDataString == null) { - throw new IllegalArgumentException("The config file path cannot be read"); - } - return configDataString; - } - - @Override - public void createPolicy(Policy policy, String username) { - - try { - logger.debug("createPolicy(PolicyRestAdapter policy, String username) as createPolicy(" + policy + "," - + username + ") called"); - String policyScope = policy.policyAdapter.getDomainDir().replace(File.separator, "."); - // Does not need to be XACMLPolicyWriterWithPapNotify since it is already in the PAP - // and this transaction is intercepted up stream. - - String policyDataString = getPolicyDataString(policy); - if (isJunit) { - // Using parentPath object to set policy data. - policyDataString = policy.policyAdapter.getParentPath(); - } - String configPath = ""; - if (policy.policyAdapter.getPolicyType().equalsIgnoreCase(config)) { - configPath = evaluateXPath( - "/Policy/Rule/AdviceExpressions/AdviceExpression[contains(@AdviceId,'ID')" - + "]/AttributeAssignmentExpression[@AttributeId='URLID']/AttributeValue/text()", - policyDataString); - } else if (policy.policyAdapter.getPolicyType().equalsIgnoreCase(action)) { - configPath = evaluateXPath( - "/Policy/Rule/ObligationExpressions/ObligationExpression[contains(@ObligationId, " - + policy.policyAdapter.getActionAttribute() - + ")]/AttributeAssignmentExpression[@AttributeId='body']/AttributeValue/text()", - policyDataString); - } - - String prefix = null; - if (policy.policyAdapter.getPolicyType().equalsIgnoreCase(config)) { - - prefix = configPath.substring( - configPath.indexOf(policyScope + ".") + policyScope.concat(".").length(), - configPath.lastIndexOf(policy.policyAdapter.getPolicyName())); - if (isNullOrEmpty(policy.policyAdapter.getConfigBodyData())) { - policy.policyAdapter.setConfigBodyData(getConfigData(configPath)); - } - } else if (action.equalsIgnoreCase(policy.policyAdapter.getPolicyType())) { - prefix = "Action_"; - } else if ("Decision".equalsIgnoreCase(policy.policyAdapter.getPolicyType())) { - prefix = "Decision_"; - } - - if (!(policy.policyAdapter.getData() instanceof PolicyType) - && !(policy.policyAdapter.getData() instanceof PolicySetType)) { - PolicyLogger.error("The data field is not an instance of PolicyType or PolicySetType"); - throw new IllegalArgumentException( - "The data field is not an instance of PolicyType or PolicySetType"); - } - String finalName = policyScope + "." + prefix + policy.policyAdapter.getPolicyName() + "." - + policy.policyAdapter.getHighestVersion() + ".xml"; - if (policy.policyAdapter.getConfigType() == null || "".equals(policy.policyAdapter.getConfigType())) { - // get the config file extension - String ext = ""; - if (configPath != null && !"".equalsIgnoreCase(configPath)) { - ext = configPath.substring(configPath.lastIndexOf('.'), configPath.length());; - } - - if (ext.contains("txt")) { - policy.policyAdapter.setConfigType(OTHER_CONFIG); - } else if (ext.contains("json")) { - policy.policyAdapter.setConfigType(JSON_CONFIG); - } else if (ext.contains("xml")) { - policy.policyAdapter.setConfigType(XML_CONFIG); - } else if (ext.contains("properties")) { - policy.policyAdapter.setConfigType(PROPERTIES_CONFIG); - } else { - if (policy.policyAdapter.getPolicyType().equalsIgnoreCase(action)) { - policy.policyAdapter.setConfigType(JSON_CONFIG); - } - } - } - createPolicy(policy.policyAdapter, username, policyScope, finalName, policyDataString); - } catch (Exception e) { - logger.error("Could not create policy for " + policy, e); - throw e; - } - } - - private String getConfigData(String configPath) { - String configData = ""; - try { - configData = getConfigPath(configPath); - } catch (Exception e) { - logger.error("Could not read config body data for " + configPath, e); - } - return configData; - } - - private String getConfigPath(String configPath) { - try { - String newConfigPath = processConfigPath(configPath); - return readConfigFile(newConfigPath); - } catch (IllegalArgumentException e2) { - logger.error("Could not process config path: " + configPath, e2); - } - return ""; - } - - - /** - * @param policy input policy Object. - * @return read the stream and return policy xml data. - */ - private String getPolicyDataString(Policy policy) { - try (InputStream policyXmlStream = - XACMLPolicyWriter.getXmlAsInputStream(policy.getCorrectPolicyDataObject())) { - return IOUtils.toString(policyXmlStream); - } catch (IOException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught IOException on reading Policy Data."); - throw new IllegalArgumentException("Cannot parse the policy xml from the PolicyRestAdapter."); - } - } - - @Override - public void close() { - synchronized (emLock) { - if (em.isOpen()) { - if (em.getTransaction().isActive()) { - em.getTransaction().rollback(); - } - em.close(); - } - if (transactionTimer != null) { - transactionTimer.interrupt(); - } - } - } - - @Override - public void createGroup(String groupId, String groupName, String inputGroupDescription, String username) { - String groupDescription = inputGroupDescription; - logger.debug("deletePolicy(String policyToDeletes) as createGroup(" + groupId + ", " + groupName + ", " - + groupDescription + ") called"); - if (isNullOrEmpty(groupId, groupName, username)) { - throw new IllegalArgumentException("groupId, groupName, and username must not be null or empty"); - } - if (groupDescription == null) { - groupDescription = ""; - } - - synchronized (emLock) { - checkBeforeOperationRun(); - Query checkGroupQuery = em.createQuery(groupEntitySelectQuery); - checkGroupQuery.setParameter(groupIdVar, groupId); - checkGroupQuery.setParameter(deletedVar, false); - List<?> checkGroupQueryList; - try { - checkGroupQueryList = checkGroupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception on checkGroupQuery.getResultList()"); - throw new PersistenceException(queryFailedToCheckExisting); - } - if (!checkGroupQueryList.isEmpty()) { - PolicyLogger.error("The group being added already exists with id " + groupId); - throw new PersistenceException("The group being added already exists with id " + groupId); - } - GroupEntity newGroup = new GroupEntity(); - em.persist(newGroup); - newGroup.setCreatedBy(username); - newGroup.setModifiedBy(username); - newGroup.setGroupName(groupName); - newGroup.setGroupId(groupId); - newGroup.setDescription(groupDescription); - - em.flush(); - this.groupId = newGroup.getGroupKey(); - } - } - - @Override - public void updateGroup(OnapPDPGroup group, String username) { - logger.info( - "PolicyDBDao: updateGroup(PDPGroup group) as updateGroup(" + group + "," + username + ") called"); - if (group == null) { - throw new IllegalArgumentException("PDPGroup group must not be null"); - } - if (isNullOrEmpty(group.getId(), username)) { - throw new IllegalArgumentException("group.getId() and username must not be null or empty"); - } - - synchronized (emLock) { - checkBeforeOperationRun(); - Query getGroupQuery = em.createQuery(groupEntitySelectQuery); - getGroupQuery.setParameter(groupIdVar, group.getId()); - getGroupQuery.setParameter(deletedVar, false); - List<?> getGroupQueryList; - try { - getGroupQueryList = getGroupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception on getGroupQuery.getResultList()"); - throw new PersistenceException(queryFailedToGetGroup + group.getId() + " for editing"); - } - if (getGroupQueryList.isEmpty()) { - PolicyLogger.error("The group cannot be found to update with id " + group.getId()); - throw new PersistenceException("The group cannot be found to update with id " + group.getId()); - } else if (getGroupQueryList.size() > 1) { - PolicyLogger.error(duplicateGroupId + group.getId() + deletedStatusFound); - throw new PersistenceException(duplicateGroupId + group.getId() + deletedStatusFound); - } - GroupEntity groupToUpdateInDB = (GroupEntity) getGroupQueryList.get(0); - if (!stringEquals(groupToUpdateInDB.getModifiedBy(), username)) { - groupToUpdateInDB.setModifiedBy(username); - } - if (group.getDescription() != null - && !stringEquals(group.getDescription(), groupToUpdateInDB.getDescription())) { - groupToUpdateInDB.setDescription(group.getDescription()); - } - // let's find out what policies have been deleted - StdPDPGroup oldGroup = null; - try { - oldGroup = (StdPDPGroup) papEngine.getGroup(group.getId()); - } catch (PAPException e1) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e1, policyDBDaoVar, - "We cannot get the group from the papEngine to delete policies"); - } - if (oldGroup == null) { - PolicyLogger.error("We cannot get the group from the papEngine to delete policies"); - } else { - Set<String> newPolicySet = new HashSet<>(group.getPolicies().size()); - // a multiple of n runtime is faster than n^2, so I am using a hashset to do the comparison - for (PDPPolicy pol : group.getPolicies()) { - newPolicySet.add(pol.getId()); - } - for (PDPPolicy pol : oldGroup.getPolicies()) { - // should be fast since getPolicies uses a HashSet in StdPDPGroup - if (!newPolicySet.contains(pol.getId())) { - String[] scopeAndName = getNameScopeAndVersionFromPdpPolicy(pol.getId()); - deletePolicyInScope(username, groupToUpdateInDB, pol, scopeAndName); - } - } - } - - if (group.getName() != null && !stringEquals(group.getName(), groupToUpdateInDB.getgroupName())) { - // we need to check if the new id exists in the database - String newGroupId = createNewPDPGroupId(group.getName()); - Query checkGroupQuery = em.createQuery(groupEntitySelectQuery); - checkGroupQuery.setParameter(groupIdVar, newGroupId); - checkGroupQuery.setParameter(deletedVar, false); - List<?> checkGroupQueryList; - try { - checkGroupQueryList = checkGroupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception on checkGroupQuery.getResultList()"); - throw new PersistenceException(queryFailedToCheckExisting); - } - if (!checkGroupQueryList.isEmpty()) { - PolicyLogger.error("The new group name already exists, group id " + newGroupId); - throw new PersistenceException("The new group name already exists, group id " + newGroupId); - } - groupToUpdateInDB.setGroupId(newGroupId); - groupToUpdateInDB.setGroupName(group.getName()); - this.newGroupId = group.getId(); - } - em.flush(); - this.groupId = groupToUpdateInDB.getGroupKey(); - } - } - - private void deletePolicyInScope(String username, GroupEntity groupToUpdateInDB, PDPPolicy pol, - String[] scopeAndName) { - PolicyEntity policyToDelete; - if (scopeAndName == null) { - return; - } - try { - policyToDelete = getPolicy(scopeAndName[0], scopeAndName[1]); - if ("XACMLPapServlet.doDelete".equals(username)) { - Iterator<PolicyEntity> dbPolicyIt = groupToUpdateInDB.getPolicies().iterator(); - String policyName = getPolicyNameAndVersionFromPolicyFileName(policyToDelete.getPolicyName())[0]; - - logger.info("PolicyDBDao: delete policy from GroupEntity"); - deletePolicyFromGroupEntity(groupToUpdateInDB, policyToDelete, dbPolicyIt, policyName); - } - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Could not get policy to remove: " + pol.getId()); - throw new PersistenceException("Could not get policy to remove: " + pol.getId()); - } - } - - private void deletePolicyFromGroupEntity(GroupEntity groupToUpdateInDB, PolicyEntity policyToDelete, - Iterator<PolicyEntity> dbPolicyIt, String policyName) { - try { - while (dbPolicyIt.hasNext()) { - PolicyEntity dbpolicy = dbPolicyIt.next(); - if (policyToDelete.getScope().equals(dbpolicy.getScope()) - && getPolicyNameAndVersionFromPolicyFileName(dbpolicy.getPolicyName())[0] - .equals(policyName)) { - dbPolicyIt.remove(); - - logger.info("PolicyDBDao: deleting policy from the existing group:\n " + "policyName is " - + policyToDelete.getScope() + "." + policyToDelete.getPolicyName() + "\n" + "group is " - + groupToUpdateInDB.getGroupId()); - } - } - } catch (Exception e) { - logger.debug(e); - PolicyLogger.error("Could not delete policy with name: " + policyToDelete.getScope() + "." - + policyToDelete.getPolicyName() + "\n ID: " + policyToDelete.getPolicyId()); - } - } - - @Override - public void addPdpToGroup(String pdpID, String groupID, String pdpName, String pdpDescription, int pdpJmxPort, - String username) { - logger.debug("addPdpToGroup(String pdpID, String groupID, String pdpName, String pdpDescription, int " - + "pdpJmxPort, String username) as addPdpToGroup(" + pdpID + ", " + groupID + ", " + pdpName + ", " - + pdpDescription + ", " + pdpJmxPort + ", " + username + ") called"); - if (isNullOrEmpty(pdpID, groupID, pdpName, username)) { - throw new IllegalArgumentException("pdpID, groupID, pdpName, and username must not be null or empty"); - } - synchronized (emLock) { - checkBeforeOperationRun(); - Query checkGroupQuery = em.createQuery(groupEntitySelectQuery); - checkGroupQuery.setParameter(groupIdVar, groupID); - checkGroupQuery.setParameter(deletedVar, false); - List<?> checkGroupQueryList; - try { - checkGroupQueryList = checkGroupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to check for existing group on checkGroupQuery.getResultList()"); - throw new PersistenceException(queryFailedToCheckExisting); - } - if (checkGroupQueryList.size() != 1) { - PolicyLogger.error("The group does not exist"); - throw new PersistenceException("The group does not exist"); - } - Query checkDuplicateQuery = em.createQuery(pdpEntitySelectQuery); - checkDuplicateQuery.setParameter(pdpIdVariable, pdpID); - checkDuplicateQuery.setParameter(deletedVar, false); - List<?> checkDuplicateList; - try { - checkDuplicateList = checkDuplicateQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to check for duplicate PDP " + pdpID - + " on checkDuplicateQuery.getResultList()"); - throw new PersistenceException("Query failed trying to check for duplicate PDP " + pdpID); - } - PdpEntity newPdp; - if (!checkDuplicateList.isEmpty()) { - logger.warn("PDP already exists with id " + pdpID); - newPdp = (PdpEntity) checkDuplicateList.get(0); - } else { - newPdp = new PdpEntity(); - em.persist(newPdp); - } - - newPdp.setCreatedBy(username); - newPdp.setDeleted(false); - newPdp.setDescription(pdpDescription); - newPdp.setGroup((GroupEntity) checkGroupQueryList.get(0)); - newPdp.setJmxPort(pdpJmxPort); - newPdp.setModifiedBy(username); - newPdp.setPdpId(pdpID); - newPdp.setPdpName(pdpName); - - em.flush(); - this.pdpId = newPdp.getPdpKey(); - } - } - - - @Override - public void updatePdp(OnapPDP pdp, String username) { - logger.debug("updatePdp(PDP pdp, String username) as updatePdp(" + pdp + "," + username + ") called"); - if (pdp == null) { - throw new IllegalArgumentException("PDP pdp must not be null"); - } - if (isNullOrEmpty(pdp.getId(), username)) { - throw new IllegalArgumentException("pdp.getId() and username must not be null or empty"); - } - - synchronized (emLock) { - checkBeforeOperationRun(); - Query getPdpQuery = em.createQuery(pdpEntitySelectQuery); - getPdpQuery.setParameter(pdpIdVariable, pdp.getId()); - getPdpQuery.setParameter(deletedVar, false); - List<?> getPdpQueryList; - try { - getPdpQueryList = getPdpQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception on getPdpQuery.getResultList()"); - throw new PersistenceException("Query failed trying to get PDP " + pdp.getId()); - } - if (getPdpQueryList.isEmpty()) { - PolicyLogger.error("The pdp cannot be found to update with id " + pdp.getId()); - throw new PersistenceException("The pdp cannot be found to update with id " + pdp.getId()); - } else if (getPdpQueryList.size() > 1) { - PolicyLogger.error(moreThanOnePDP + pdp.getId() + deletedStatusFound); - throw new PersistenceException(moreThanOnePDP + pdp.getId() + deletedStatusFound); - } - PdpEntity pdpToUpdate = (PdpEntity) getPdpQueryList.get(0); - if (!stringEquals(pdpToUpdate.getModifiedBy(), username)) { - pdpToUpdate.setModifiedBy(username); - } - if (pdp.getDescription() != null && !stringEquals(pdp.getDescription(), pdpToUpdate.getDescription())) { - pdpToUpdate.setDescription(pdp.getDescription()); - } - if (pdp.getName() != null && !stringEquals(pdp.getName(), pdpToUpdate.getPdpName())) { - pdpToUpdate.setPdpName(pdp.getName()); - } - if (pdp.getJmxPort() != null && !pdp.getJmxPort().equals(pdpToUpdate.getJmxPort())) { - pdpToUpdate.setJmxPort(pdp.getJmxPort()); - } - - em.flush(); - this.pdpId = pdpToUpdate.getPdpKey(); - } - } - - @Override - public void movePdp(OnapPDP pdp, OnapPDPGroup group, String username) { - logger.debug("movePdp(PDP pdp, PDPGroup group, String username) as movePdp(" + pdp + "," + group + "," - + username + ") called"); - if (pdp == null || group == null) { - throw new IllegalArgumentException("PDP pdp and PDPGroup group must not be null"); - } - if (isNullOrEmpty(username, pdp.getId(), group.getId())) { - throw new IllegalArgumentException( - "pdp.getId(), group.getId(), and username must not be null or empty"); - } - - synchronized (emLock) { - checkBeforeOperationRun(); - // check if pdp exists - Query getPdpQuery = em.createQuery(pdpEntitySelectQuery); - getPdpQuery.setParameter(pdpIdVariable, pdp.getId()); - getPdpQuery.setParameter(deletedVar, false); - List<?> getPdpQueryList; - try { - getPdpQueryList = getPdpQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception on getPdpQuery.getResultList()"); - throw new PersistenceException("Query failed trying to get pdp to move with id " + pdp.getId()); - } - if (getPdpQueryList.isEmpty()) { - PolicyLogger.error("The pdp cannot be found to move with id " + pdp.getId()); - throw new PersistenceException("The pdp cannot be found to move with id " + pdp.getId()); - } else if (getPdpQueryList.size() > 1) { - PolicyLogger.error(moreThanOnePDP + pdp.getId() + deletedStatusFound); - throw new PersistenceException(moreThanOnePDP + pdp.getId() + deletedStatusFound); - } - - // check if new group exists - Query checkGroupQuery = em.createQuery(groupEntitySelectQuery); - checkGroupQuery.setParameter(groupIdVar, group.getId()); - checkGroupQuery.setParameter(deletedVar, false); - List<?> checkGroupQueryList; - try { - checkGroupQueryList = checkGroupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to get group on checkGroupQuery.getResultList()"); - throw new PersistenceException("Query failed trying to get new group " + group.getId()); - } - if (checkGroupQueryList.size() != 1) { - PolicyLogger.error("The group " + group.getId() + " does not exist"); - throw new PersistenceException("The group " + group.getId() + " does not exist"); - } - GroupEntity groupToMoveInto = (GroupEntity) checkGroupQueryList.get(0); - PdpEntity pdpToUpdate = (PdpEntity) getPdpQueryList.get(0); - pdpToUpdate.setGroup(groupToMoveInto); - if (!stringEquals(pdpToUpdate.getModifiedBy(), username)) { - pdpToUpdate.setModifiedBy(username); - } - - em.flush(); - this.pdpId = pdpToUpdate.getPdpKey(); - } - } - - @Override - public void changeDefaultGroup(OnapPDPGroup group, String username) { - logger.debug("changeDefaultGroup(PDPGroup group, String username) as changeDefaultGroup(" + group + "," - + username + ") called"); - if (group == null) { - throw new IllegalArgumentException("PDPGroup group must not be null"); - } - if (isNullOrEmpty(group.getId(), username)) { - throw new IllegalArgumentException("group.getId() and username must not be null or empty"); - } - - synchronized (emLock) { - checkBeforeOperationRun(); - Query getGroupQuery = em.createQuery(groupEntitySelectQuery); - getGroupQuery.setParameter(groupIdVar, group.getId()); - getGroupQuery.setParameter(deletedVar, false); - List<?> getGroupQueryList; - try { - getGroupQueryList = getGroupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception on getGroupQuery.getResultList()"); - throw new PersistenceException(queryFailedToGetGroup + group.getId()); - } - if (getGroupQueryList.isEmpty()) { - PolicyLogger.error("The group cannot be found to set default with id " + group.getId()); - throw new PersistenceException("The group cannot be found to set default with id " + group.getId()); - } else if (getGroupQueryList.size() > 1) { - PolicyLogger.error(duplicateGroupId + group.getId() + deletedStatusFound); - throw new PersistenceException(duplicateGroupId + group.getId() + deletedStatusFound); - } - GroupEntity newDefaultGroup = (GroupEntity) getGroupQueryList.get(0); - newDefaultGroup.setDefaultGroup(true); - if (!stringEquals(newDefaultGroup.getModifiedBy(), username)) { - newDefaultGroup.setModifiedBy(username); - } - - em.flush(); - this.groupId = newDefaultGroup.getGroupKey(); - Query setAllGroupsNotDefault = em.createQuery( - "UPDATE GroupEntity g SET g.defaultGroup=:defaultGroup WHERE g.deleted=:deleted AND g" - + ".groupKey<>:groupKey"); - // not going to set modified by for all groups - setAllGroupsNotDefault.setParameter("defaultGroup", false); - setAllGroupsNotDefault.setParameter(deletedVar, false); - setAllGroupsNotDefault.setParameter("groupKey", newDefaultGroup.getGroupKey()); - try { - logger.info("set " + setAllGroupsNotDefault.executeUpdate() + " groups as not default"); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception on setAllGroupsNotDefault.executeUpdate()"); - throw new PersistenceException("Could not set all other groups default to false"); - } - em.flush(); - } - } - - - @Override - public void deleteGroup(OnapPDPGroup group, OnapPDPGroup moveToGroup, String username) - throws PolicyDBException { - logger.debug("deleteGroup(PDPGroup group, PDPGroup moveToGroup, String username) as deleteGroup(" + group - + ", " + moveToGroup + "," + username + ") called"); - if (group == null) { - throw new IllegalArgumentException("PDPGroup group cannot be null"); - } - if (isNullOrEmpty(username, group.getId())) { - throw new IllegalArgumentException("group.getId() and and username must not be null or empty"); - } - - if (group.isDefaultGroup()) { - PolicyLogger - .error("The default group " + group.getId() + " was attempted to be deleted. It cannot be."); - throw new PolicyDBException("You cannot delete the default group."); - } - synchronized (emLock) { - checkBeforeOperationRun(); - Query deleteGroupQuery = em.createQuery(groupEntitySelectQuery); - deleteGroupQuery.setParameter(groupIdVar, group.getId()); - deleteGroupQuery.setParameter(deletedVar, false); - List<?> deleteGroupQueryList; - try { - deleteGroupQueryList = deleteGroupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to check if group exists deleteGroupQuery.getResultList()"); - throw new PersistenceException("Query failed trying to check if group exists"); - } - if (deleteGroupQueryList.isEmpty()) { - logger.warn(groupCannotBeFound + group.getId()); - return; - } else if (deleteGroupQueryList.size() > 1) { - PolicyLogger.error(duplicateGroupId + group.getId() + foundInDBNotDeleted); - throw new PersistenceException(duplicateGroupId + group.getId() + foundInDBNotDeleted); - } - - Query pdpsInGroupQuery = - em.createQuery("SELECT p FROM PdpEntity p WHERE p.groupEntity=:group and p.deleted=:deleted"); - pdpsInGroupQuery.setParameter("group", ((GroupEntity) deleteGroupQueryList.get(0))); - pdpsInGroupQuery.setParameter(deletedVar, false); - List<?> pdpsInGroupList; - try { - pdpsInGroupList = pdpsInGroupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to get PDPs in group on pdpsInGroupQuery.getResultList()"); - throw new PersistenceException("Query failed trying to get PDPs in group"); - } - if (!pdpsInGroupList.isEmpty()) { - if (moveToGroup != null) { - Query checkMoveToGroupQuery = em.createQuery( - "SELECT o FROM GroupEntity o WHERE o.groupId=:groupId AND o.deleted=:deleted"); - checkMoveToGroupQuery.setParameter(groupIdVar, moveToGroup.getId()); - checkMoveToGroupQuery.setParameter(deletedVar, false); - List<?> checkMoveToGroupList; - try { - checkMoveToGroupList = checkMoveToGroupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to check if group exists checkMoveToGroupQuery" - + ".getResultList()"); - throw new PersistenceException("Query failed trying to check if group exists"); - } - if (checkMoveToGroupList.isEmpty()) { - PolicyLogger.error(groupCannotBeFound + moveToGroup.getId()); - throw new PersistenceException(groupCannotBeFound + moveToGroup.getId()); - } else if (checkMoveToGroupList.size() > 1) { - PolicyLogger.error(duplicateGroupId + moveToGroup.getId() + foundInDBNotDeleted); - throw new PersistenceException( - duplicateGroupId + moveToGroup.getId() + foundInDBNotDeleted); - } else { - GroupEntity newGroup = (GroupEntity) checkMoveToGroupList.get(0); - for (Object pdpObject : pdpsInGroupList) { - PdpEntity pdp = (PdpEntity) pdpObject; - pdp.setGroup(newGroup); - if (!stringEquals(pdp.getModifiedBy(), username)) { - pdp.setModifiedBy(username); - } - try { - em.flush(); - this.newGroupId = newGroup.getGroupId(); - } catch (PersistenceException e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught PersistenceException trying to set pdp group to null on em.flush" - + "()"); - throw new PersistenceException("Query failed trying to set pdp group to "); - } - } - } - } else { - PolicyLogger.error("Group " + group.getId() - + " is trying to be delted with PDPs. No group was provided to move them to"); - throw new PolicyDBException("Group has PDPs. Must provide a group for them to move to"); - } - } - - // delete group here - GroupEntity groupToDelete = (GroupEntity) deleteGroupQueryList.get(0); - groupToDelete.setDeleted(true); - if (!stringEquals(groupToDelete.getModifiedBy(), username)) { - groupToDelete.setModifiedBy(username); - } - em.flush(); - this.groupId = groupToDelete.getGroupKey(); - } - } - - @Override - public StdPDPGroup addPolicyToGroup(String groupID, String policyID, String username) throws PolicyDBException { - logger.info("PolicyDBDao: addPolicyToGroup(String groupID, String policyID, String username) as " - + "addPolicyToGroup(" + groupID + ", " + policyID + "," + username + ") called"); - if (isNullOrEmpty(groupID, policyID, username)) { - throw new IllegalArgumentException("groupID, policyID, and username must not be null or empty"); - } - synchronized (emLock) { - checkBeforeOperationRun(); - // check if group exists - Query groupQuery = em.createQuery(groupEntitySelectQuery); - groupQuery.setParameter(groupIdVar, groupID); - groupQuery.setParameter(deletedVar, false); - List<?> groupQueryList; - try { - groupQueryList = groupQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to check if group exists groupQuery.getResultList()"); - throw new PersistenceException("Query failed trying to check if group " + groupID + " exists"); - } - if (groupQueryList.isEmpty()) { - PolicyLogger.error("Group policy is being added to does not exist with id " + groupID); - throw new PersistenceException("Group policy is being added to does not exist with id " + groupID); - } else if (groupQueryList.size() > 1) { - PolicyLogger.error(duplicateGroupId + groupID + foundInDBNotDeleted); - throw new PersistenceException(duplicateGroupId + groupID + foundInDBNotDeleted); - } - - // we need to convert the form of the policy id that is used groups into the form that is used - // for the database. (com.Config_mypol.1.xml) to (Config_mypol.xml) - String[] policyNameScopeAndVersion = getNameScopeAndVersionFromPdpPolicy(policyID); - if (policyNameScopeAndVersion == null) { - throw new IllegalArgumentException("Invalid input - policyID must contain name, scope and version"); - } - Query policyQuery = em.createQuery( - "SELECT p FROM PolicyEntity p WHERE p.policyName=:policyName AND p.scope=:scope AND p" - + ".deleted=:deleted"); - policyQuery.setParameter("policyName", policyNameScopeAndVersion[0]); - policyQuery.setParameter(scope, policyNameScopeAndVersion[1]); - policyQuery.setParameter(deletedVar, false); - List<?> policyQueryList; - try { - policyQueryList = policyQuery.getResultList(); - } catch (Exception e) { - logger.debug(e); - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to check if policy exists policyQuery.getResultList()"); - throw new PersistenceException( - "Query failed trying to check if policy " + policyNameScopeAndVersion[0] + " exists"); - } - if (policyQueryList.isEmpty()) { - PolicyLogger.error("Policy being added to the group does not exist with policy id " - + policyNameScopeAndVersion[0]); - throw new PersistenceException("Policy being added to the group does not exist with policy id " - + policyNameScopeAndVersion[0]); - } else if (policyQueryList.size() > 1) { - PolicyLogger.error(duplicatePolicyId + policyNameScopeAndVersion[0] + foundInDBNotDeleted); - throw new PersistenceException( - duplicateGroupId + policyNameScopeAndVersion[0] + foundInDBNotDeleted); - } - logger.info("PolicyDBDao: Getting group and policy from database"); - GroupEntity group = (GroupEntity) groupQueryList.get(0); - PolicyEntity policy = (PolicyEntity) policyQueryList.get(0); - Iterator<PolicyEntity> policyIt = group.getPolicies().iterator(); - String policyName = getPolicyNameAndVersionFromPolicyFileName(policy.getPolicyName())[0]; - - logger.info("PolicyDBDao: policyName retrieved is " + policyName); - try { - while (policyIt.hasNext()) { - PolicyEntity pol = policyIt.next(); - if (policy.getScope().equals(pol.getScope()) - && getPolicyNameAndVersionFromPolicyFileName(pol.getPolicyName())[0] - .equals(policyName)) { - policyIt.remove(); - } - } - } catch (Exception e) { - logger.debug(e); - PolicyLogger.error("Could not delete old versions for policy " + policy.getPolicyName() + ", ID: " - + policy.getPolicyId()); - } - group.addPolicyToGroup(policy); - em.flush(); - - // After adding policy to the db group we need to make sure the filesytem group is in sync with the db - // group - try { - StdPDPGroup pdpGroup = (StdPDPGroup) papEngine.getGroup(group.getGroupId()); - return synchronizeGroupPoliciesInFileSystem(pdpGroup, group); - } catch (PAPException e) { - logger.debug(e); - PolicyLogger - .error("PolicyDBDao: Could not synchronize the filesystem group with the database group. " - + e.getMessage()); - } - return null; - } - } - - // this means delete pdp not just remove from group - @Override - public void removePdpFromGroup(String pdpID, String username) { - logger.debug("removePdpFromGroup(String pdpID, String username) as removePdpFromGroup(" + pdpID + "," - + username + ") called"); - if (isNullOrEmpty(pdpID, username)) { - throw new IllegalArgumentException("pdpID and username must not be null or empty"); - } - synchronized (emLock) { - checkBeforeOperationRun(); - Query pdpQuery = em.createQuery(pdpEntitySelectQuery); - pdpQuery.setParameter(pdpIdVariable, pdpID); - pdpQuery.setParameter(deletedVar, false); - List<?> pdpList; - try { - pdpList = pdpQuery.getResultList(); - } catch (Exception e) { - PolicyLogger.error(MessageCodes.EXCEPTION_ERROR, e, policyDBDaoVar, - "Caught Exception trying to check if pdp exists pdpQuery.getResultList()"); - throw new PersistenceException("Query failed trying to check if pdp " + pdpID + " exists"); - } - if (pdpList.size() > 1) { - PolicyLogger.error("Somehow, more than one pdp with the id " + pdpID + foundInDBNotDeleted); - throw new PersistenceException( - "Somehow, more than one pdp with the id " + pdpID + foundInDBNotDeleted); - } else if (pdpList.isEmpty()) { - PolicyLogger.error("Pdp being removed does not exist with id " + pdpID); - return; - } - PdpEntity pdp = (PdpEntity) pdpList.get(0); - pdp.setGroup(null); - if (!stringEquals(pdp.getModifiedBy(), username)) { - pdp.setModifiedBy(username); - } - pdp.setDeleted(true); - - em.flush(); - this.pdpId = pdp.getPdpKey(); - } - } - - private void notifyOthers(long entityId, String entityType) { - notifyOthers(entityId, entityType, null); - } - - private void notifyOthers(long entityId, String entityType, String newGroupId) { - logger.debug("notifyOthers(long entityId, String entityType, long newGroupId) as notifyOthers(" + entityId - + "," + entityType + "," + newGroupId + ") called"); - LinkedList<Thread> notifyThreads = new LinkedList<>(); - - // we're going to run notifications in parallel threads to speed things up - for (Object obj : otherServers) { - Thread newNotifyThread = new Thread(new NotifyOtherThread(obj, entityId, entityType, newGroupId)); - newNotifyThread.start(); - notifyThreads.add(newNotifyThread); - } - // we want to wait for all notifications to complete or timeout before we unlock the interface and allow - // more changes - for (Thread t : notifyThreads) { - try { - t.join(); - } catch (Exception e) { - logger.warn("Could not join a notifcation thread" + e); - } - } - } - } - - private PolicyDBDao() { - // empty constructor - } - public static PolicyDBDaoTestClass getPolicyDBDaoTestClass() { return new PolicyDBDao().new PolicyDBDaoTestClass(); } @@ -2870,18 +809,14 @@ public class PolicyDBDao { String[] getPolicyNameAndVersionFromPolicyFileName(String originalPolicyName) throws PolicyDBException { return PolicyDBDao.this.getPolicyNameAndVersionFromPolicyFileName(originalPolicyName); } - + String[] getNameScopeAndVersionFromPdpPolicy(String fileName) { return PolicyDBDao.this.getNameScopeAndVersionFromPdpPolicy(fileName); } - + String getPdpPolicyName(String name, String scope) { return PolicyDBDao.this.getPdpPolicyName(name, scope); } - - Path getPolicySubFile(String inputFileName, String subFileType) { - return PolicyDBDao.this.getPolicySubFile(inputFileName, subFileType); - } } } |