summaryrefslogtreecommitdiffstats
path: root/ONAP-REST
diff options
context:
space:
mode:
Diffstat (limited to 'ONAP-REST')
-rw-r--r--ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java339
-rw-r--r--ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java333
2 files changed, 338 insertions, 334 deletions
diff --git a/ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java b/ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java
index 0912515e0..7cced5667 100644
--- a/ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java
+++ b/ONAP-REST/src/main/java/org/onap/policy/rest/XACMLRest.java
@@ -3,6 +3,7 @@
* ONAP-REST
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Modified Copyright (C) 2018 Samsung Electronics Co., Ltd.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -44,174 +45,176 @@ import com.att.research.xacml.util.XACMLProperties;
*
*/
public class XACMLRest {
- private static final Log logger = LogFactory.getLog(XACMLRest.class);
- private static Properties restProperties = new Properties();
+ private static final Log logger = LogFactory.getLog(XACMLRest.class);
+ private static Properties restProperties = new Properties();
- private XACMLRest(){
- // Empty constructor
+ private XACMLRest(){
+ // Empty constructor
+ }
+ /**
+ * This must be called during servlet initialization. It sets up the xacml.?.properties
+ * file as a system property. If the System property is already set, then it does not
+ * do anything. This allows the developer to specify their own xacml.properties file to be
+ * used. They can 1) modify the default properties that comes with the project, or 2) change
+ * the WebInitParam annotation, or 3) specify an alternative path in the web.xml, or 4) set
+ * the Java System property to point to their xacml.properties file.
+ *
+ * The recommended way of overriding the default xacml.properties file is using a Java System
+ * property:
+ *
+ * -Dxacml.properties=/opt/app/xacml/etc/xacml.admin.properties
+ *
+ * This way one does not change any actual code or files in the project and can leave the
+ * defaults alone.
+ *
+ * @param config - The servlet config file passed from the javax servlet init() function
+ */
+ public static void xacmlInit(ServletConfig config) {
+ //
+ // Get the XACML Properties File parameter first
+ //
+ String propFile = config.getInitParameter("XACML_PROPERTIES_NAME");
+ if (propFile != null) {
+ //
+ // Look for system override
+ //
+ String xacmlPropertiesName = System.getProperty(XACMLProperties.XACML_PROPERTIES_NAME);
+ logger.info("\n\n" + xacmlPropertiesName + "\n" + XACMLProperties.XACML_PROPERTIES_NAME);
+ if (xacmlPropertiesName == null) {
+ //
+ // Set it to our servlet default
+ //
+ if (logger.isDebugEnabled()) {
+ logger.debug("Using Servlet Config Property for XACML_PROPERTIES_NAME:" + propFile);
+ }
+ System.setProperty(XACMLProperties.XACML_PROPERTIES_NAME, propFile);
+ } else {
+ if (logger.isDebugEnabled()) {
+ logger.debug("Using System Property for XACML_PROPERTIES_NAME:" + xacmlPropertiesName);
+ }
+ }
+ }
+ //
+ // Setup the remaining properties
+ //
+ Enumeration<String> params = config.getInitParameterNames();
+ while (params.hasMoreElements()) {
+ String param = params.nextElement();
+ if (! "XACML_PROPERTIES_NAME".equals(param)) {
+ String value = config.getInitParameter(param);
+ PolicyLogger.info(param + "=" + config.getInitParameter(param));
+ restProperties.setProperty(param, value);
+ }
+ }
+ }
+
+ /**
+ * Reset's the XACMLProperties internal properties object so we start
+ * in a fresh environment. Then adds back in our Servlet init properties that were
+ * passed in the javax Servlet init() call.
+ *
+ * This function is primarily used when a new configuration is passed in and the
+ * PDP servlet needs to load a new PDP engine instance.
+ *
+ * @param pipProperties - PIP configuration properties
+ * @param policyProperties - Policy configuration properties
+ */
+ public static void loadXacmlProperties(Properties policyProperties, Properties pipProperties) {
+ try {
+ //
+ // Start fresh
+ //
+ XACMLProperties.reloadProperties();
+ //
+ // Now load our init properties
+ //
+ XACMLProperties.getProperties().putAll(XACMLRest.restProperties);
+ //
+ // Load our policy properties
+ //
+ if (policyProperties != null) {
+ XACMLProperties.getProperties().putAll(policyProperties);
+ }
+ //
+ // Load our pip config properties
+ //
+ if (pipProperties != null) {
+ XACMLProperties.getProperties().putAll(pipProperties);
+ }
+ } catch (IOException e) {
+ PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "Failed to put init properties into Xacml properties");
+ }
+ //
+ // Dump them
+ //
+ if (logger.isDebugEnabled()) {
+ try {
+ logger.debug(XACMLProperties.getProperties().toString());
+ } catch (IOException e) {
+ PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "Cannot dump properties");
+ }
+ }
+ }
+
+ /**
+ * Helper routine to dump the HTTP servlet request being serviced. Primarily for debugging.
+ *
+ * @param request - Servlet request (from a POST/GET/PUT/etc.)
+ */
+ public static void dumpRequest(HttpServletRequest request) {
+ if (!logger.isDebugEnabled()) {
+ return;
+ }
+
+ // special-case for receiving heartbeat - don't need to repeatedly output all of the information in multiple lines
+ if ("GET".equals(request.getMethod()) && "hb".equals(request.getParameter("type")) ) {
+ PolicyLogger.debug("GET type=hb : heartbeat received");
+ return;
+ }
+ logger.debug(request.getMethod() + ":" + request.getRemoteAddr() + " " + request.getRemoteHost() + " " + request.getRemotePort());
+ logger.debug(request.getLocalAddr() + " " + request.getLocalName() + " " + request.getLocalPort());
+ Enumeration<String> en = request.getHeaderNames();
+ logger.debug("Headers:");
+ while (en.hasMoreElements()) {
+ String element = en.nextElement();
+ Enumeration<String> values = request.getHeaders(element);
+ while (values.hasMoreElements()) {
+ String value = values.nextElement();
+ logger.debug(element + ":" + value);
+ }
+ }
+ logger.debug("Attributes:");
+ en = request.getAttributeNames();
+ while (en.hasMoreElements()) {
+ String element = en.nextElement();
+ logger.debug(element + ":" + request.getAttribute(element));
+ }
+ logger.debug("ContextPath: " + request.getContextPath());
+ if ("PUT".equals(request.getMethod()) || "POST".equals(request.getMethod())) {
+ // POST and PUT are allowed to have parameters in the content, but in our usage the parameters are always in the Query string.
+ // More importantly, there are cases where the POST and PUT content is NOT parameters (e.g. it might contain a Policy file).
+ // Unfortunately the request.getParameterMap method reads the content to see if there are any parameters,
+ // and once the content is read it cannot be read again.
+ // Thus for PUT and POST we must avoid reading the content here so that the main code can read it.
+ logger.debug("Query String:" + request.getQueryString());
+ try {
+ if (request.getInputStream() == null) {
+ logger.debug("Content: No content inputStream");
+ } else {
+ logger.debug("Content available: " + request.getInputStream().available());
+ }
+ } catch (Exception e) {
+ logger.debug("Content: inputStream exception: " + e.getMessage() + "; (May not be relevant)" +e);
+ }
+ } else {
+ logger.debug("Parameters:");
+ Map<String, String[]> params = request.getParameterMap();
+ Set<String> keys = params.keySet();
+ for (String key : keys) {
+ String[] values = params.get(key);
+ logger.debug(key + "(" + values.length + "): " + (values.length > 0 ? values[0] : ""));
+ }
+ }
+ logger.debug("Request URL:" + request.getRequestURL());
}
- /**
- * This must be called during servlet initialization. It sets up the xacml.?.properties
- * file as a system property. If the System property is already set, then it does not
- * do anything. This allows the developer to specify their own xacml.properties file to be
- * used. They can 1) modify the default properties that comes with the project, or 2) change
- * the WebInitParam annotation, or 3) specify an alternative path in the web.xml, or 4) set
- * the Java System property to point to their xacml.properties file.
- *
- * The recommended way of overriding the default xacml.properties file is using a Java System
- * property:
- *
- * -Dxacml.properties=/opt/app/xacml/etc/xacml.admin.properties
- *
- * This way one does not change any actual code or files in the project and can leave the
- * defaults alone.
- *
- * @param config - The servlet config file passed from the javax servlet init() function
- */
- public static void xacmlInit(ServletConfig config) {
- //
- // Get the XACML Properties File parameter first
- //
- String propFile = config.getInitParameter("XACML_PROPERTIES_NAME");
- if (propFile != null) {
- //
- // Look for system override
- //
- String xacmlPropertiesName = System.getProperty(XACMLProperties.XACML_PROPERTIES_NAME);
- logger.info("\n\n" + xacmlPropertiesName + "\n" + XACMLProperties.XACML_PROPERTIES_NAME);
- if (xacmlPropertiesName == null) {
- //
- // Set it to our servlet default
- //
- if (logger.isDebugEnabled()) {
- logger.debug("Using Servlet Config Property for XACML_PROPERTIES_NAME:" + propFile);
- }
- System.setProperty(XACMLProperties.XACML_PROPERTIES_NAME, propFile);
- } else {
- if (logger.isDebugEnabled()) {
- logger.debug("Using System Property for XACML_PROPERTIES_NAME:" + xacmlPropertiesName);
- }
- }
- }
- //
- // Setup the remaining properties
- //
- Enumeration<String> params = config.getInitParameterNames();
- while (params.hasMoreElements()) {
- String param = params.nextElement();
- if (! "XACML_PROPERTIES_NAME".equals(param)) {
- String value = config.getInitParameter(param);
- PolicyLogger.info(param + "=" + config.getInitParameter(param));
- restProperties.setProperty(param, value);
- }
- }
- }
-
- /**
- * Reset's the XACMLProperties internal properties object so we start
- * in a fresh environment. Then adds back in our Servlet init properties that were
- * passed in the javax Servlet init() call.
- *
- * This function is primarily used when a new configuration is passed in and the
- * PDP servlet needs to load a new PDP engine instance.
- *
- * @param pipProperties - PIP configuration properties
- * @param policyProperties - Policy configuration properties
- */
- public static void loadXacmlProperties(Properties policyProperties, Properties pipProperties) {
- try {
- //
- // Start fresh
- //
- XACMLProperties.reloadProperties();
- //
- // Now load our init properties
- //
- XACMLProperties.getProperties().putAll(XACMLRest.restProperties);
- //
- // Load our policy properties
- //
- if (policyProperties != null) {
- XACMLProperties.getProperties().putAll(policyProperties);
- }
- //
- // Load our pip config properties
- //
- if (pipProperties != null) {
- XACMLProperties.getProperties().putAll(pipProperties);
- }
- } catch (IOException e) {
- PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "Failed to put init properties into Xacml properties");
- }
- //
- // Dump them
- //
- if (logger.isDebugEnabled()) {
- try {
- logger.debug(XACMLProperties.getProperties().toString());
- } catch (IOException e) {
- PolicyLogger.error(MessageCodes.ERROR_PROCESS_FLOW, e, "Cannot dump properties");
- }
- }
- }
-
- /**
- * Helper routine to dump the HTTP servlet request being serviced. Primarily for debugging.
- *
- * @param request - Servlet request (from a POST/GET/PUT/etc.)
- */
- public static void dumpRequest(HttpServletRequest request) {
- if (logger.isDebugEnabled()) {
- // special-case for receiving heartbeat - don't need to repeatedly output all of the information in multiple lines
- if ("GET".equals(request.getMethod()) && "hb".equals(request.getParameter("type")) ) {
- PolicyLogger.debug("GET type=hb : heartbeat received");
- return;
- }
- logger.debug(request.getMethod() + ":" + request.getRemoteAddr() + " " + request.getRemoteHost() + " " + request.getRemotePort());
- logger.debug(request.getLocalAddr() + " " + request.getLocalName() + " " + request.getLocalPort());
- Enumeration<String> en = request.getHeaderNames();
- logger.debug("Headers:");
- while (en.hasMoreElements()) {
- String element = en.nextElement();
- Enumeration<String> values = request.getHeaders(element);
- while (values.hasMoreElements()) {
- String value = values.nextElement();
- logger.debug(element + ":" + value);
- }
- }
- logger.debug("Attributes:");
- en = request.getAttributeNames();
- while (en.hasMoreElements()) {
- String element = en.nextElement();
- logger.debug(element + ":" + request.getAttribute(element));
- }
- logger.debug("ContextPath: " + request.getContextPath());
- if ("PUT".equals(request.getMethod()) || "POST".equals(request.getMethod())) {
- // POST and PUT are allowed to have parameters in the content, but in our usage the parameters are always in the Query string.
- // More importantly, there are cases where the POST and PUT content is NOT parameters (e.g. it might contain a Policy file).
- // Unfortunately the request.getParameterMap method reads the content to see if there are any parameters,
- // and once the content is read it cannot be read again.
- // Thus for PUT and POST we must avoid reading the content here so that the main code can read it.
- logger.debug("Query String:" + request.getQueryString());
- try {
- if (request.getInputStream() == null) {
- logger.debug("Content: No content inputStream");
- } else {
- logger.debug("Content available: " + request.getInputStream().available());
- }
- } catch (Exception e) {
- logger.debug("Content: inputStream exception: " + e.getMessage() + "; (May not be relevant)" +e);
- }
- } else {
- logger.debug("Parameters:");
- Map<String, String[]> params = request.getParameterMap();
- Set<String> keys = params.keySet();
- for (String key : keys) {
- String[] values = params.get(key);
- logger.debug(key + "(" + values.length + "): " + (values.length > 0 ? values[0] : ""));
- }
- }
- logger.debug("Request URL:" + request.getRequestURL());
- }
- }
}
diff --git a/ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java b/ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java
index 275b03e5a..f3874a480 100644
--- a/ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java
+++ b/ONAP-REST/src/main/java/org/onap/policy/rest/jpa/Category.java
@@ -3,6 +3,7 @@
* ONAP-REST
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Modified Copyright (C) 2018 Samsung Electronics Co., Ltd.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -48,171 +49,171 @@ import com.fasterxml.jackson.annotation.JsonBackReference;
@Table(name="Category")
@NamedQuery(name="Category.findAll", query="SELECT c FROM Category c")
public class Category implements Serializable {
- private static final long serialVersionUID = 1L;
-
- public static final char STANDARD = 'S';
- public static final char CUSTOM = 'C';
-
- @Id
- @GeneratedValue(strategy = GenerationType.AUTO)
- @Column(name="id")
- private int id;
-
- @Column(name="grouping", nullable=false, length=64)
- private String grouping;
-
- @Column(name="is_standard", nullable=false)
- private char isStandard;
-
- @Column(name="xacml_id", nullable=false, unique=true, length=255)
- private String xacmlId;
-
- @Column(name="short_name", nullable=false, length=64)
- private String shortName;
-
- //bi-directional many-to-one association to Attribute
- @OneToMany(mappedBy="categoryBean")
- @JsonBackReference
- private Set<Attribute> attributes = new HashSet<>();
-
- public Category() {
- this.xacmlId = XACML3.ID_SUBJECT_CATEGORY_ACCESS_SUBJECT.stringValue();
- this.grouping = "subject";
- this.isStandard = Category.STANDARD;
- this.shortName = "subject";
- }
-
- public Category(Identifier cat, String grouping, char isStandard) {
- if (cat != null) {
- this.xacmlId = cat.stringValue();
- }
- this.isStandard = isStandard;
- if (grouping != null) {
- this.grouping = grouping;
- } else {
- this.grouping = Category.extractGrouping(this.xacmlId);
- }
- }
-
- public Category(Identifier cat, String grouping) {
- this(cat, grouping, Category.STANDARD);
- }
-
- public Category(Identifier cat, char standard) {
- this(cat, null, standard);
- }
-
- public Category(Identifier cat) {
- this(cat, Category.STANDARD);
- }
-
- public int getId() {
- return this.id;
- }
-
- public void setId(int id) {
- this.id = id;
- }
-
- public String getGrouping() {
- return this.grouping;
- }
-
- public void setGrouping(String grouping) {
- this.grouping = grouping;
- }
-
- public char getIsStandard() {
- return this.isStandard;
- }
-
- public void setIsStandard(char isStandard) {
- this.isStandard = isStandard;
- }
-
- public String getXacmlId() {
- return this.xacmlId;
- }
-
- public void setXacmlId(String xacmlId) {
- this.xacmlId = xacmlId;
- }
-
- public String getShortName() {
- return this.shortName;
- }
-
- public void setShortName(String shortName) {
- this.shortName = shortName;
- }
-
- public Set<Attribute> getAttributes() {
- return this.attributes;
- }
-
- public void setAttributes(Set<Attribute> attributes) {
- this.attributes = attributes;
- }
-
- public Attribute addAttribute(Attribute attribute) {
- getAttributes().add(attribute);
- attribute.setCategoryBean(this);
-
- return attribute;
- }
-
- public Attribute removeAttribute(Attribute attribute) {
- getAttributes().remove(attribute);
- attribute.setCategoryBean(null);
-
- return attribute;
- }
-
- @Transient
- public boolean isStandard() {
- return this.isStandard == Category.STANDARD;
- }
-
- @Transient
- public boolean isCustom() {
- return this.isStandard == Category.CUSTOM;
- }
-
- @Transient
- public static String extractGrouping(String xacmlId) {
- if (xacmlId == null) {
- return null;
- }
- if (xacmlId.matches(".*:attribute\\-category:.*")) {
- String[] parts = xacmlId.split("[:]");
- if (parts != null && parts.length > 0) {
- return parts[parts.length - 1];
- }
- } else if (xacmlId.matches(".*:[a-zA-Z]+[\\-]category:.*")) {
- String[] parts = xacmlId.split("[:]");
- if (parts != null && parts.length > 0) {
- for (String part : parts) {
- int index = part.indexOf("-category");
- if (index > 0) {
- return part.substring(0, index);
- }
- }
- }
- }
- return null;
- }
-
- @Transient
- public Identifier getIdentifer() {
- return new IdentifierImpl(this.xacmlId);
- }
-
- @Transient
- @Override
- public String toString() {
- return "Category [id=" + id + ", grouping=" + grouping
- + ", isStandard=" + isStandard + ", xacmlId=" + xacmlId
- + ", attributes=" + attributes + "]";
- }
+ private static final long serialVersionUID = 1L;
+
+ public static final char STANDARD = 'S';
+ public static final char CUSTOM = 'C';
+
+ @Id
+ @GeneratedValue(strategy = GenerationType.AUTO)
+ @Column(name="id")
+ private int id;
+
+ @Column(name="grouping", nullable=false, length=64)
+ private String grouping;
+
+ @Column(name="is_standard", nullable=false)
+ private char isStandard;
+
+ @Column(name="xacml_id", nullable=false, unique=true, length=255)
+ private String xacmlId;
+
+ @Column(name="short_name", nullable=false, length=64)
+ private String shortName;
+
+ //bi-directional many-to-one association to Attribute
+ @OneToMany(mappedBy="categoryBean")
+ @JsonBackReference
+ private Set<Attribute> attributes = new HashSet<>();
+
+ public Category() {
+ this.xacmlId = XACML3.ID_SUBJECT_CATEGORY_ACCESS_SUBJECT.stringValue();
+ this.grouping = "subject";
+ this.isStandard = Category.STANDARD;
+ this.shortName = "subject";
+ }
+
+ public Category(Identifier cat, String grouping, char isStandard) {
+ if (cat != null) {
+ this.xacmlId = cat.stringValue();
+ }
+ this.isStandard = isStandard;
+ if (grouping != null) {
+ this.grouping = grouping;
+ } else {
+ this.grouping = Category.extractGrouping(this.xacmlId);
+ }
+ }
+
+ public Category(Identifier cat, String grouping) {
+ this(cat, grouping, Category.STANDARD);
+ }
+
+ public Category(Identifier cat, char standard) {
+ this(cat, null, standard);
+ }
+
+ public Category(Identifier cat) {
+ this(cat, Category.STANDARD);
+ }
+
+ public int getId() {
+ return this.id;
+ }
+
+ public void setId(int id) {
+ this.id = id;
+ }
+
+ public String getGrouping() {
+ return this.grouping;
+ }
+
+ public void setGrouping(String grouping) {
+ this.grouping = grouping;
+ }
+
+ public char getIsStandard() {
+ return this.isStandard;
+ }
+
+ public void setIsStandard(char isStandard) {
+ this.isStandard = isStandard;
+ }
+
+ public String getXacmlId() {
+ return this.xacmlId;
+ }
+
+ public void setXacmlId(String xacmlId) {
+ this.xacmlId = xacmlId;
+ }
+
+ public String getShortName() {
+ return this.shortName;
+ }
+
+ public void setShortName(String shortName) {
+ this.shortName = shortName;
+ }
+
+ public Set<Attribute> getAttributes() {
+ return this.attributes;
+ }
+
+ public void setAttributes(Set<Attribute> attributes) {
+ this.attributes = attributes;
+ }
+
+ public Attribute addAttribute(Attribute attribute) {
+ getAttributes().add(attribute);
+ attribute.setCategoryBean(this);
+
+ return attribute;
+ }
+
+ public Attribute removeAttribute(Attribute attribute) {
+ getAttributes().remove(attribute);
+ attribute.setCategoryBean(null);
+
+ return attribute;
+ }
+
+ @Transient
+ public boolean isStandard() {
+ return this.isStandard == Category.STANDARD;
+ }
+
+ @Transient
+ public boolean isCustom() {
+ return this.isStandard == Category.CUSTOM;
+ }
+
+ @Transient
+ public static String extractGrouping(String xacmlId) {
+ if (xacmlId == null) {
+ return null;
+ }
+ String[] parts = xacmlId.split("[:]");
+ if (xacmlId.matches(".*:attribute\\-category:.*")) {
+ if (parts.length > 0) {
+ return parts[parts.length - 1];
+ }
+ } else if (xacmlId.matches(".*:[a-zA-Z]+[\\-]category:.*")) {
+ if (parts.length <= 0) {
+ return null;
+ }
+ for (String part : parts) {
+ int index = part.indexOf("-category");
+ if (index > 0) {
+ return part.substring(0, index);
+ }
+ }
+ }
+ return null;
+ }
+
+ @Transient
+ public Identifier getIdentifer() {
+ return new IdentifierImpl(this.xacmlId);
+ }
+
+ @Transient
+ @Override
+ public String toString() {
+ return "Category [id=" + id + ", grouping=" + grouping
+ + ", isStandard=" + isStandard + ", xacmlId=" + xacmlId
+ + ", attributes=" + attributes + "]";
+ }
}