diff options
Diffstat (limited to 'ONAP-REST')
-rw-r--r-- | ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java | 339 | ||||
-rw-r--r-- | ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java | 333 |
2 files changed, 338 insertions, 334 deletions
diff --git a/ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java b/ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java index 0912515e0..7cced5667 100644 --- a/ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java +++ b/ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java @@ -3,6 +3,7 @@ * ONAP-REST * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Modified Copyright (C) 2018 Samsung Electronics Co., Ltd. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,174 +45,176 @@ import com.att.research.xacml.util.XACMLProperties; * */ public class XACMLRest { - private static final Log logger = LogFactory.getLog(XACMLRest.class); - private static Properties restProperties = new Properties(); + private static final Log logger = LogFactory.getLog(XACMLRest.class); + private static Properties restProperties = new Properties(); - private XACMLRest(){ - // Empty constructor + private XACMLRest(){ + // Empty constructor + } + /** + * This must be called during servlet initialization. It sets up the xacml.?.properties + * file as a system property. If the System property is already set, then it does not + * do anything. This allows the developer to specify their own xacml.properties file to be + * used. They can 1) modify the default properties that comes with the project, or 2) change + * the WebInitParam annotation, or 3) specify an alternative path in the web.xml, or 4) set + * the Java System property to point to their xacml.properties file. + * + * The recommended way of overriding the default xacml.properties file is using a Java System + * property: + * + * -Dxacml.properties=/opt/app/xacml/etc/xacml.admin.properties + * + * This way one does not change any actual code or files in the project and can leave the + * defaults alone. + * + * @param config - The servlet config file passed from the javax servlet init() function + */ + public static void xacmlInit(ServletConfig config) { + // + // Get the XACML Properties File parameter first + // + String propFile = config.getInitParameter("XACML_PROPERTIES_NAME"); + if (propFile != null) { + // + // Look for system override + // + String xacmlPropertiesName = System.getProperty(XACMLProperties.XACML_PROPERTIES_NAME); + logger.info("\n\n" + xacmlPropertiesName + "\n" + XACMLProperties.XACML_PROPERTIES_NAME); + if (xacmlPropertiesName == null) { + // + // Set it to our servlet default + // + if (logger.isDebugEnabled()) { + logger.debug("Using Servlet Config Property for XACML_PROPERTIES_NAME:" + propFile); + } + System.setProperty(XACMLProperties.XACML_PROPERTIES_NAME, propFile); + } else { + if (logger.isDebugEnabled()) { + logger.debug("Using System Property for XACML_PROPERTIES_NAME:" + xacmlPropertiesName); + } + } + } + // + // Setup the remaining properties + // + Enumeration<String> params = config.getInitParameterNames(); + while (params.hasMoreElements()) { + String param = params.nextElement(); + if (! "XACML_PROPERTIES_NAME".equals(param)) { + String value = config.getInitParameter(param); + PolicyLogger.info(param + "=" + config.getInitParameter(param)); + restProperties.setProperty(param, value); + } + } + } + + /** + * Reset's the XACMLProperties internal properties object so we start + * in a fresh environment. Then adds back in our Servlet init properties that were + * passed in the javax Servlet init() call. + * + * This function is primarily used when a new configuration is passed in and the + * PDP servlet needs to load a new PDP engine instance. + * + * @param pipProperties - PIP configuration properties + * @param policyProperties - Policy configuration properties + */ + public static void loadXacmlProperties(Properties policyProperties, Properties pipProperties) { + try { + // + // Start fresh + // + XACMLProperties.reloadProperties(); + // + // Now load our init properties + // + XACMLProperties.getProperties().putAll(XACMLRest.restProperties); + // + // Load our policy properties + // + if (policyProperties != null) { + XACMLProperties.getProperties().putAll(policyProperties); + } + // + // Load our pip config properties + // + if (pipProperties != null) { + XACMLProperties.getProperties().putAll(pipProperties); + } + } catch (IOException e) { + PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "Failed to put init properties into Xacml properties"); + } + // + // Dump them + // + if (logger.isDebugEnabled()) { + try { + logger.debug(XACMLProperties.getProperties().toString()); + } catch (IOException e) { + PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "Cannot dump properties"); + } + } + } + + /** + * Helper routine to dump the HTTP servlet request being serviced. Primarily for debugging. + * + * @param request - Servlet request (from a POST/GET/PUT/etc.) + */ + public static void dumpRequest(HttpServletRequest request) { + if (!logger.isDebugEnabled()) { + return; + } + + // special-case for receiving heartbeat - don't need to repeatedly output all of the information in multiple lines + if ("GET".equals(request.getMethod()) && "hb".equals(request.getParameter("type")) ) { + PolicyLogger.debug("GET type=hb : heartbeat received"); + return; + } + logger.debug(request.getMethod() + ":" + request.getRemoteAddr() + " " + request.getRemoteHost() + " " + request.getRemotePort()); + logger.debug(request.getLocalAddr() + " " + request.getLocalName() + " " + request.getLocalPort()); + Enumeration<String> en = request.getHeaderNames(); + logger.debug("Headers:"); + while (en.hasMoreElements()) { + String element = en.nextElement(); + Enumeration<String> values = request.getHeaders(element); + while (values.hasMoreElements()) { + String value = values.nextElement(); + logger.debug(element + ":" + value); + } + } + logger.debug("Attributes:"); + en = request.getAttributeNames(); + while (en.hasMoreElements()) { + String element = en.nextElement(); + logger.debug(element + ":" + request.getAttribute(element)); + } + logger.debug("ContextPath: " + request.getContextPath()); + if ("PUT".equals(request.getMethod()) || "POST".equals(request.getMethod())) { + // POST and PUT are allowed to have parameters in the content, but in our usage the parameters are always in the Query string. + // More importantly, there are cases where the POST and PUT content is NOT parameters (e.g. it might contain a Policy file). + // Unfortunately the request.getParameterMap method reads the content to see if there are any parameters, + // and once the content is read it cannot be read again. + // Thus for PUT and POST we must avoid reading the content here so that the main code can read it. + logger.debug("Query String:" + request.getQueryString()); + try { + if (request.getInputStream() == null) { + logger.debug("Content: No content inputStream"); + } else { + logger.debug("Content available: " + request.getInputStream().available()); + } + } catch (Exception e) { + logger.debug("Content: inputStream exception: " + e.getMessage() + "; (May not be relevant)" +e); + } + } else { + logger.debug("Parameters:"); + Map<String, String[]> params = request.getParameterMap(); + Set<String> keys = params.keySet(); + for (String key : keys) { + String[] values = params.get(key); + logger.debug(key + "(" + values.length + "): " + (values.length > 0 ? values[0] : "")); + } + } + logger.debug("Request URL:" + request.getRequestURL()); } - /** - * This must be called during servlet initialization. It sets up the xacml.?.properties - * file as a system property. If the System property is already set, then it does not - * do anything. This allows the developer to specify their own xacml.properties file to be - * used. They can 1) modify the default properties that comes with the project, or 2) change - * the WebInitParam annotation, or 3) specify an alternative path in the web.xml, or 4) set - * the Java System property to point to their xacml.properties file. - * - * The recommended way of overriding the default xacml.properties file is using a Java System - * property: - * - * -Dxacml.properties=/opt/app/xacml/etc/xacml.admin.properties - * - * This way one does not change any actual code or files in the project and can leave the - * defaults alone. - * - * @param config - The servlet config file passed from the javax servlet init() function - */ - public static void xacmlInit(ServletConfig config) { - // - // Get the XACML Properties File parameter first - // - String propFile = config.getInitParameter("XACML_PROPERTIES_NAME"); - if (propFile != null) { - // - // Look for system override - // - String xacmlPropertiesName = System.getProperty(XACMLProperties.XACML_PROPERTIES_NAME); - logger.info("\n\n" + xacmlPropertiesName + "\n" + XACMLProperties.XACML_PROPERTIES_NAME); - if (xacmlPropertiesName == null) { - // - // Set it to our servlet default - // - if (logger.isDebugEnabled()) { - logger.debug("Using Servlet Config Property for XACML_PROPERTIES_NAME:" + propFile); - } - System.setProperty(XACMLProperties.XACML_PROPERTIES_NAME, propFile); - } else { - if (logger.isDebugEnabled()) { - logger.debug("Using System Property for XACML_PROPERTIES_NAME:" + xacmlPropertiesName); - } - } - } - // - // Setup the remaining properties - // - Enumeration<String> params = config.getInitParameterNames(); - while (params.hasMoreElements()) { - String param = params.nextElement(); - if (! "XACML_PROPERTIES_NAME".equals(param)) { - String value = config.getInitParameter(param); - PolicyLogger.info(param + "=" + config.getInitParameter(param)); - restProperties.setProperty(param, value); - } - } - } - - /** - * Reset's the XACMLProperties internal properties object so we start - * in a fresh environment. Then adds back in our Servlet init properties that were - * passed in the javax Servlet init() call. - * - * This function is primarily used when a new configuration is passed in and the - * PDP servlet needs to load a new PDP engine instance. - * - * @param pipProperties - PIP configuration properties - * @param policyProperties - Policy configuration properties - */ - public static void loadXacmlProperties(Properties policyProperties, Properties pipProperties) { - try { - // - // Start fresh - // - XACMLProperties.reloadProperties(); - // - // Now load our init properties - // - XACMLProperties.getProperties().putAll(XACMLRest.restProperties); - // - // Load our policy properties - // - if (policyProperties != null) { - XACMLProperties.getProperties().putAll(policyProperties); - } - // - // Load our pip config properties - // - if (pipProperties != null) { - XACMLProperties.getProperties().putAll(pipProperties); - } - } catch (IOException e) { - PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "Failed to put init properties into Xacml properties"); - } - // - // Dump them - // - if (logger.isDebugEnabled()) { - try { - logger.debug(XACMLProperties.getProperties().toString()); - } catch (IOException e) { - PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "Cannot dump properties"); - } - } - } - - /** - * Helper routine to dump the HTTP servlet request being serviced. Primarily for debugging. - * - * @param request - Servlet request (from a POST/GET/PUT/etc.) - */ - public static void dumpRequest(HttpServletRequest request) { - if (logger.isDebugEnabled()) { - // special-case for receiving heartbeat - don't need to repeatedly output all of the information in multiple lines - if ("GET".equals(request.getMethod()) && "hb".equals(request.getParameter("type")) ) { - PolicyLogger.debug("GET type=hb : heartbeat received"); - return; - } - logger.debug(request.getMethod() + ":" + request.getRemoteAddr() + " " + request.getRemoteHost() + " " + request.getRemotePort()); - logger.debug(request.getLocalAddr() + " " + request.getLocalName() + " " + request.getLocalPort()); - Enumeration<String> en = request.getHeaderNames(); - logger.debug("Headers:"); - while (en.hasMoreElements()) { - String element = en.nextElement(); - Enumeration<String> values = request.getHeaders(element); - while (values.hasMoreElements()) { - String value = values.nextElement(); - logger.debug(element + ":" + value); - } - } - logger.debug("Attributes:"); - en = request.getAttributeNames(); - while (en.hasMoreElements()) { - String element = en.nextElement(); - logger.debug(element + ":" + request.getAttribute(element)); - } - logger.debug("ContextPath: " + request.getContextPath()); - if ("PUT".equals(request.getMethod()) || "POST".equals(request.getMethod())) { - // POST and PUT are allowed to have parameters in the content, but in our usage the parameters are always in the Query string. - // More importantly, there are cases where the POST and PUT content is NOT parameters (e.g. it might contain a Policy file). - // Unfortunately the request.getParameterMap method reads the content to see if there are any parameters, - // and once the content is read it cannot be read again. - // Thus for PUT and POST we must avoid reading the content here so that the main code can read it. - logger.debug("Query String:" + request.getQueryString()); - try { - if (request.getInputStream() == null) { - logger.debug("Content: No content inputStream"); - } else { - logger.debug("Content available: " + request.getInputStream().available()); - } - } catch (Exception e) { - logger.debug("Content: inputStream exception: " + e.getMessage() + "; (May not be relevant)" +e); - } - } else { - logger.debug("Parameters:"); - Map<String, String[]> params = request.getParameterMap(); - Set<String> keys = params.keySet(); - for (String key : keys) { - String[] values = params.get(key); - logger.debug(key + "(" + values.length + "): " + (values.length > 0 ? values[0] : "")); - } - } - logger.debug("Request URL:" + request.getRequestURL()); - } - } } diff --git a/ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java b/ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java index 275b03e5a..f3874a480 100644 --- a/ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java +++ b/ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java @@ -3,6 +3,7 @@ * ONAP-REST * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Modified Copyright (C) 2018 Samsung Electronics Co., Ltd. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -48,171 +49,171 @@ import com.fasterxml.jackson.annotation.JsonBackReference; @Table(name="Category") @NamedQuery(name="Category.findAll", query="SELECT c FROM Category c") public class Category implements Serializable { - private static final long serialVersionUID = 1L; - - public static final char STANDARD = 'S'; - public static final char CUSTOM = 'C'; - - @Id - @GeneratedValue(strategy = GenerationType.AUTO) - @Column(name="id") - private int id; - - @Column(name="grouping", nullable=false, length=64) - private String grouping; - - @Column(name="is_standard", nullable=false) - private char isStandard; - - @Column(name="xacml_id", nullable=false, unique=true, length=255) - private String xacmlId; - - @Column(name="short_name", nullable=false, length=64) - private String shortName; - - //bi-directional many-to-one association to Attribute - @OneToMany(mappedBy="categoryBean") - @JsonBackReference - private Set<Attribute> attributes = new HashSet<>(); - - public Category() { - this.xacmlId = XACML3.ID_SUBJECT_CATEGORY_ACCESS_SUBJECT.stringValue(); - this.grouping = "subject"; - this.isStandard = Category.STANDARD; - this.shortName = "subject"; - } - - public Category(Identifier cat, String grouping, char isStandard) { - if (cat != null) { - this.xacmlId = cat.stringValue(); - } - this.isStandard = isStandard; - if (grouping != null) { - this.grouping = grouping; - } else { - this.grouping = Category.extractGrouping(this.xacmlId); - } - } - - public Category(Identifier cat, String grouping) { - this(cat, grouping, Category.STANDARD); - } - - public Category(Identifier cat, char standard) { - this(cat, null, standard); - } - - public Category(Identifier cat) { - this(cat, Category.STANDARD); - } - - public int getId() { - return this.id; - } - - public void setId(int id) { - this.id = id; - } - - public String getGrouping() { - return this.grouping; - } - - public void setGrouping(String grouping) { - this.grouping = grouping; - } - - public char getIsStandard() { - return this.isStandard; - } - - public void setIsStandard(char isStandard) { - this.isStandard = isStandard; - } - - public String getXacmlId() { - return this.xacmlId; - } - - public void setXacmlId(String xacmlId) { - this.xacmlId = xacmlId; - } - - public String getShortName() { - return this.shortName; - } - - public void setShortName(String shortName) { - this.shortName = shortName; - } - - public Set<Attribute> getAttributes() { - return this.attributes; - } - - public void setAttributes(Set<Attribute> attributes) { - this.attributes = attributes; - } - - public Attribute addAttribute(Attribute attribute) { - getAttributes().add(attribute); - attribute.setCategoryBean(this); - - return attribute; - } - - public Attribute removeAttribute(Attribute attribute) { - getAttributes().remove(attribute); - attribute.setCategoryBean(null); - - return attribute; - } - - @Transient - public boolean isStandard() { - return this.isStandard == Category.STANDARD; - } - - @Transient - public boolean isCustom() { - return this.isStandard == Category.CUSTOM; - } - - @Transient - public static String extractGrouping(String xacmlId) { - if (xacmlId == null) { - return null; - } - if (xacmlId.matches(".*:attribute\\-category:.*")) { - String[] parts = xacmlId.split("[:]"); - if (parts != null && parts.length > 0) { - return parts[parts.length - 1]; - } - } else if (xacmlId.matches(".*:[a-zA-Z]+[\\-]category:.*")) { - String[] parts = xacmlId.split("[:]"); - if (parts != null && parts.length > 0) { - for (String part : parts) { - int index = part.indexOf("-category"); - if (index > 0) { - return part.substring(0, index); - } - } - } - } - return null; - } - - @Transient - public Identifier getIdentifer() { - return new IdentifierImpl(this.xacmlId); - } - - @Transient - @Override - public String toString() { - return "Category [id=" + id + ", grouping=" + grouping - + ", isStandard=" + isStandard + ", xacmlId=" + xacmlId - + ", attributes=" + attributes + "]"; - } + private static final long serialVersionUID = 1L; + + public static final char STANDARD = 'S'; + public static final char CUSTOM = 'C'; + + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + @Column(name="id") + private int id; + + @Column(name="grouping", nullable=false, length=64) + private String grouping; + + @Column(name="is_standard", nullable=false) + private char isStandard; + + @Column(name="xacml_id", nullable=false, unique=true, length=255) + private String xacmlId; + + @Column(name="short_name", nullable=false, length=64) + private String shortName; + + //bi-directional many-to-one association to Attribute + @OneToMany(mappedBy="categoryBean") + @JsonBackReference + private Set<Attribute> attributes = new HashSet<>(); + + public Category() { + this.xacmlId = XACML3.ID_SUBJECT_CATEGORY_ACCESS_SUBJECT.stringValue(); + this.grouping = "subject"; + this.isStandard = Category.STANDARD; + this.shortName = "subject"; + } + + public Category(Identifier cat, String grouping, char isStandard) { + if (cat != null) { + this.xacmlId = cat.stringValue(); + } + this.isStandard = isStandard; + if (grouping != null) { + this.grouping = grouping; + } else { + this.grouping = Category.extractGrouping(this.xacmlId); + } + } + + public Category(Identifier cat, String grouping) { + this(cat, grouping, Category.STANDARD); + } + + public Category(Identifier cat, char standard) { + this(cat, null, standard); + } + + public Category(Identifier cat) { + this(cat, Category.STANDARD); + } + + public int getId() { + return this.id; + } + + public void setId(int id) { + this.id = id; + } + + public String getGrouping() { + return this.grouping; + } + + public void setGrouping(String grouping) { + this.grouping = grouping; + } + + public char getIsStandard() { + return this.isStandard; + } + + public void setIsStandard(char isStandard) { + this.isStandard = isStandard; + } + + public String getXacmlId() { + return this.xacmlId; + } + + public void setXacmlId(String xacmlId) { + this.xacmlId = xacmlId; + } + + public String getShortName() { + return this.shortName; + } + + public void setShortName(String shortName) { + this.shortName = shortName; + } + + public Set<Attribute> getAttributes() { + return this.attributes; + } + + public void setAttributes(Set<Attribute> attributes) { + this.attributes = attributes; + } + + public Attribute addAttribute(Attribute attribute) { + getAttributes().add(attribute); + attribute.setCategoryBean(this); + + return attribute; + } + + public Attribute removeAttribute(Attribute attribute) { + getAttributes().remove(attribute); + attribute.setCategoryBean(null); + + return attribute; + } + + @Transient + public boolean isStandard() { + return this.isStandard == Category.STANDARD; + } + + @Transient + public boolean isCustom() { + return this.isStandard == Category.CUSTOM; + } + + @Transient + public static String extractGrouping(String xacmlId) { + if (xacmlId == null) { + return null; + } + String[] parts = xacmlId.split("[:]"); + if (xacmlId.matches(".*:attribute\\-category:.*")) { + if (parts.length > 0) { + return parts[parts.length - 1]; + } + } else if (xacmlId.matches(".*:[a-zA-Z]+[\\-]category:.*")) { + if (parts.length <= 0) { + return null; + } + for (String part : parts) { + int index = part.indexOf("-category"); + if (index > 0) { + return part.substring(0, index); + } + } + } + return null; + } + + @Transient + public Identifier getIdentifer() { + return new IdentifierImpl(this.xacmlId); + } + + @Transient + @Override + public String toString() { + return "Category [id=" + id + ", grouping=" + grouping + + ", isStandard=" + isStandard + ", xacmlId=" + xacmlId + + ", attributes=" + attributes + "]"; + } } |