diff options
Diffstat (limited to 'POLICY-SDK-APP/src/main/java')
-rw-r--r-- | POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyRestController.java | 864 | ||||
-rw-r--r-- | POLICY-SDK-APP/src/main/java/org/onap/policy/admin/RESTfulPAPEngine.java | 845 |
2 files changed, 860 insertions, 849 deletions
diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyRestController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyRestController.java index 8df9d1b89..2eba697cf 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyRestController.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/PolicyRestController.java @@ -78,433 +78,441 @@ import com.fasterxml.jackson.databind.SerializationFeature; @RequestMapping("/") public class PolicyRestController extends RestrictedBaseController{ - private static final Logger policyLogger = FlexLogger.getLogger(PolicyRestController.class); - - private static final String model = "model"; - private static final String importDictionary = "import_dictionary"; - - private static CommonClassDao commonClassDao; - - public PolicyRestController(){ - //default constructor - } - - @Autowired - private PolicyRestController(CommonClassDao commonClassDao){ - PolicyRestController.commonClassDao = commonClassDao; - } - - public static CommonClassDao getCommonClassDao() { - return commonClassDao; - } - - public static void setCommonClassDao(CommonClassDao commonClassDao) { - PolicyRestController.commonClassDao = commonClassDao; - } - - - - @RequestMapping(value={"/policycreation/save_policy"}, method={RequestMethod.POST}) - public void policyCreationController(HttpServletRequest request, HttpServletResponse response) { - String userId = UserUtils.getUserSession(request).getOrgUserId(); - ObjectMapper mapper = new ObjectMapper(); - mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); - try{ - JsonNode root = mapper.readTree(request.getReader()); - - policyLogger.info("****************************************Logging UserID while Create/Update Policy**************************************************"); - policyLogger.info("UserId: " + userId + "Policy Data Object: "+ root.get(PolicyController.getPolicydata()).get("policy").toString()); - policyLogger.info("***********************************************************************************************************************************"); - - PolicyRestAdapter policyData = mapper.readValue(root.get(PolicyController.getPolicydata()).get("policy").toString(), PolicyRestAdapter.class); - - if("file".equals(root.get(PolicyController.getPolicydata()).get(model).get("type").toString().replace("\"", ""))){ - policyData.setEditPolicy(true); - } - if(root.get(PolicyController.getPolicydata()).get(model).get("path").size() != 0){ - String dirName = ""; - for(int i = 0; i < root.get(PolicyController.getPolicydata()).get(model).get("path").size(); i++){ - dirName = dirName.replace("\"", "") + root.get(PolicyController.getPolicydata()).get(model).get("path").get(i).toString().replace("\"", "") + File.separator; - } - if(policyData.isEditPolicy()){ - policyData.setDomainDir(dirName.substring(0, dirName.lastIndexOf(File.separator))); - }else{ - policyData.setDomainDir(dirName + root.get(PolicyController.getPolicydata()).get(model).get("name").toString().replace("\"", "")); - } - }else{ - String domain = root.get(PolicyController.getPolicydata()).get(model).get("name").toString(); - if(domain.contains("/")){ - domain = domain.substring(0, domain.lastIndexOf('/')).replace("/", File.separator); - } - domain = domain.replace("\"", ""); - policyData.setDomainDir(domain); - } - - if(policyData.getConfigPolicyType() != null){ - if("ClosedLoop_Fault".equalsIgnoreCase(policyData.getConfigPolicyType())){ - policyData = new CreateClosedLoopFaultController().setDataToPolicyRestAdapter(policyData, root); - }else if("Firewall Config".equalsIgnoreCase(policyData.getConfigPolicyType())){ - policyData = new CreateFirewallController().setDataToPolicyRestAdapter(policyData); - }else if("Micro Service".equalsIgnoreCase(policyData.getConfigPolicyType())){ - policyData = new CreateDcaeMicroServiceController().setDataToPolicyRestAdapter(policyData, root); - }else if("Optimization".equalsIgnoreCase(policyData.getConfigPolicyType())){ - policyData = new CreateOptimizationController().setDataToPolicyRestAdapter(policyData, root); - } - } - - policyData.setUserId(userId); - - String result; - String body = PolicyUtils.objectToJsonString(policyData); - String uri = request.getRequestURI(); - ResponseEntity<?> responseEntity = sendToPAP(body, uri, HttpMethod.POST); - if(responseEntity != null && responseEntity.getBody().equals(HttpServletResponse.SC_CONFLICT)){ - result = "PolicyExists"; - }else if(responseEntity != null){ - result = responseEntity.getBody().toString(); - String policyName = responseEntity.getHeaders().get("policyName").get(0); - if(policyData.isEditPolicy() && "success".equalsIgnoreCase(result)){ - PolicyNotificationMail email = new PolicyNotificationMail(); - String mode = "EditPolicy"; - String watchPolicyName = policyName.replace(".xml", ""); - String version = watchPolicyName.substring(watchPolicyName.lastIndexOf('.')+1); - watchPolicyName = watchPolicyName.substring(0, watchPolicyName.lastIndexOf('.')).replace(".", File.separator); - String policyVersionName = watchPolicyName.replace(".", File.separator); - watchPolicyName = watchPolicyName + "." + version + ".xml"; - PolicyVersion entityItem = new PolicyVersion(); - entityItem.setPolicyName(policyVersionName); - entityItem.setActiveVersion(Integer.parseInt(version)); - entityItem.setModifiedBy(userId); - email.sendMail(entityItem, watchPolicyName, mode, commonClassDao); - } - }else{ - result = "Response is null from PAP"; - } - - response.setCharacterEncoding(PolicyController.getCharacterencoding()); - response.setContentType(PolicyController.getContenttype()); - request.setCharacterEncoding(PolicyController.getCharacterencoding()); - - PrintWriter out = response.getWriter(); - String responseString = mapper.writeValueAsString(result); - JSONObject j = new JSONObject("{policyData: " + responseString + "}"); - out.write(j.toString()); - }catch(Exception e){ - policyLogger.error("Exception Occured while saving policy" , e); - } - } - - - private ResponseEntity<?> sendToPAP(String body, String requestURI, HttpMethod method){ - String papUrl = PolicyController.getPapUrl(); - String papID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID); - String papPass = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS)); - - Base64.Encoder encoder = Base64.getEncoder(); - String encoding = encoder.encodeToString((papID+":"+papPass).getBytes(StandardCharsets.UTF_8)); - HttpHeaders headers = new HttpHeaders(); - headers.set("Authorization", "Basic " + encoding); - headers.set("Content-Type", PolicyController.getContenttype()); - - RestTemplate restTemplate = new RestTemplate(); - HttpEntity<?> requestEntity = new HttpEntity<>(body, headers); - ResponseEntity<?> result = null; - HttpClientErrorException exception = null; - String uri = requestURI; - if(uri.startsWith("/")){ - uri = uri.substring(uri.indexOf('/')+1); - } - uri = "onap" + uri.substring(uri.indexOf('/')); - try{ - result = restTemplate.exchange(papUrl + uri, method, requestEntity, String.class); - }catch(Exception e){ - policyLogger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while connecting to " + papUrl, e); - exception = new HttpClientErrorException(HttpStatus.INTERNAL_SERVER_ERROR, e.getMessage()); - if("409 Conflict".equals(e.getMessage())){ - return ResponseEntity.ok(HttpServletResponse.SC_CONFLICT); - } - } - if(exception != null && exception.getStatusCode()!=null){ - if(exception.getStatusCode().equals(HttpStatus.UNAUTHORIZED)){ - String message = XACMLErrorConstants.ERROR_PERMISSIONS +":"+exception.getStatusCode()+":" + "ERROR_AUTH_GET_PERM" ; - policyLogger.error(message); - } - if(exception.getStatusCode().equals(HttpStatus.BAD_REQUEST)){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE + ":"+exception.getStatusCode()+":" + exception.getResponseBodyAsString(); - policyLogger.error(message); - } - if(exception.getStatusCode().equals(HttpStatus.NOT_FOUND)){ - String message = XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while connecting to " + papUrl + exception; - policyLogger.error(message); - } - String message = XACMLErrorConstants.ERROR_PROCESS_FLOW + ":"+exception.getStatusCode()+":" + exception.getResponseBodyAsString(); - policyLogger.error(message); - } - return result; - } - - private String callPAP(HttpServletRequest request , String method, String uriValue){ - String uri = uriValue; - String boundary = null; - String papUrl = PolicyController.getPapUrl(); - String papID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID); - String papPass = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS)); - - Base64.Encoder encoder = Base64.getEncoder(); - String encoding = encoder.encodeToString((papID+":"+papPass).getBytes(StandardCharsets.UTF_8)); - HttpHeaders headers = new HttpHeaders(); - headers.set("Authorization", "Basic " + encoding); - headers.set("Content-Type", PolicyController.getContenttype()); - - - HttpURLConnection connection = null; - List<FileItem> items; - FileItem item = null; - File file = null; - if(uri.contains(importDictionary)){ - try { - items = new ServletFileUpload(new DiskFileItemFactory()).parseRequest(request); - item = items.get(0); - file = new File(item.getName()); - String newFile = file.toString(); - uri = uri +"&dictionaryName="+newFile; - } catch (Exception e2) { - policyLogger.error("Exception Occured while calling PAP with import dictionary request"+e2); - } - } - - try { - URL url = new URL(papUrl + uri); - connection = (HttpURLConnection)url.openConnection(); - connection.setRequestMethod(method); - connection.setUseCaches(false); - connection.setInstanceFollowRedirects(false); - connection.setRequestProperty("Authorization", "Basic " + encoding); - connection.setDoOutput(true); - connection.setDoInput(true); - - if(!uri.contains("searchPolicy?action=delete&")){ - - if(!(uri.endsWith("set_BRMSParamData") || uri.contains(importDictionary))){ - connection.setRequestProperty("Content-Type",PolicyController.getContenttype()); - ObjectMapper mapper = new ObjectMapper(); - mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); - JsonNode root = null; - try { - root = mapper.readTree(request.getReader()); - }catch (Exception e1) { - policyLogger.error("Exception Occured while calling PAP"+e1); - } - - ObjectMapper mapper1 = new ObjectMapper(); - mapper1.configure(SerializationFeature.ORDER_MAP_ENTRIES_BY_KEYS, true); - - Object obj = mapper1.treeToValue(root, Object.class); - String json = mapper1.writeValueAsString(obj); - - Object content = new ByteArrayInputStream(json.getBytes()); - - if (content instanceof InputStream) { - // send current configuration - try (OutputStream os = connection.getOutputStream()) { - int count = IOUtils.copy((InputStream) content, os); - if (policyLogger.isDebugEnabled()) { - policyLogger.debug("copied to output, bytes=" + count); - } - } - } - }else{ - if(uri.endsWith("set_BRMSParamData")){ - connection.setRequestProperty("Content-Type",PolicyController.getContenttype()); - try (OutputStream os = connection.getOutputStream()) { - IOUtils.copy((InputStream) request.getInputStream(), os); - } - }else{ - boundary = "===" + System.currentTimeMillis() + "==="; - connection.setRequestProperty("Content-Type","multipart/form-data; boundary=" + boundary); - try (OutputStream os = connection.getOutputStream()) { - if(item != null){ - IOUtils.copy((InputStream) item.getInputStream(), os); - } - } - } - } - } - - connection.connect(); - - int responseCode = connection.getResponseCode(); - if(responseCode == 200){ - // get the response content into a String - String responseJson = null; - // read the inputStream into a buffer (trick found online scans entire input looking for end-of-file) - java.util.Scanner scanner = new java.util.Scanner(connection.getInputStream()); - scanner.useDelimiter("\\A"); - responseJson = scanner.hasNext() ? scanner.next() : ""; - scanner.close(); - policyLogger.info("JSON response from PAP: " + responseJson); - return responseJson; - } - - } catch (Exception e) { - policyLogger.error("Exception Occured"+e); - }finally{ - if(file != null && file.exists() && file.delete()){ - policyLogger.info("File Deleted Successfully"); - } - if (connection != null) { - try { - // For some reason trying to get the inputStream from the connection - // throws an exception rather than returning null when the InputStream does not exist. - InputStream is = connection.getInputStream(); - if (is != null) { - is.close(); - } - } catch (IOException ex) { - policyLogger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Failed to close connection: " + ex, ex); - } - connection.disconnect(); - } - } - return null; - } - - @RequestMapping(value={"/getDictionary/*"}, method={RequestMethod.GET}) - public void getDictionaryController(HttpServletRequest request, HttpServletResponse response){ - String uri = request.getRequestURI().replace("/getDictionary", ""); - String body; - ResponseEntity<?> responseEntity = sendToPAP(null, uri, HttpMethod.GET); - if(responseEntity != null){ - body = responseEntity.getBody().toString(); - }else{ - body = ""; - } - try { - response.getWriter().write(body); - } catch (IOException e) { - policyLogger.error("Exception occured while getting Dictionary entries", e); - } - } - - @RequestMapping(value={"/saveDictionary/*/*"}, method={RequestMethod.POST}) - public void saveDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException{ - String userId = ""; - String uri = request.getRequestURI().replace("/saveDictionary", ""); - if(uri.startsWith("/")){ - uri = uri.substring(uri.indexOf('/')+1); - } - uri = "/onap" + uri.substring(uri.indexOf('/')); - if(uri.contains(importDictionary)){ - userId = UserUtils.getUserSession(request).getOrgUserId(); - uri = uri+ "?userId=" +userId; - } - - policyLogger.info("****************************************Logging UserID while Saving Dictionary*****************************************************"); - policyLogger.info("UserId: " + userId); - policyLogger.info("***********************************************************************************************************************************"); - - String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim()); - if(body != null && !body.isEmpty()){ - response.getWriter().write(body); - }else{ - response.getWriter().write("Failed"); - } - } - - @RequestMapping(value={"/deleteDictionary/*/*"}, method={RequestMethod.POST}) - public void deletetDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException { - String uri = request.getRequestURI().replace("/deleteDictionary", ""); - if(uri.startsWith("/")){ - uri = uri.substring(uri.indexOf('/')+1); - } - uri = "/onap" + uri.substring(uri.indexOf('/')); - - String userId = UserUtils.getUserSession(request).getOrgUserId(); - policyLogger.info("****************************************Logging UserID while Deleting Dictionary*****************************************************"); - policyLogger.info("UserId: " + userId); - policyLogger.info("*************************************************************************************************************************************"); - - String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim()); - if(body != null && !body.isEmpty()){ - response.getWriter().write(body); - }else{ - response.getWriter().write("Failed"); - } - } - - @RequestMapping(value={"/searchDictionary"}, method={RequestMethod.POST}) - public ModelAndView searchDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException { - Object resultList; - String uri = request.getRequestURI(); - if(uri.startsWith("/")){ - uri = uri.substring(uri.indexOf('/')+1); - } - uri = "/onap" + uri.substring(uri.indexOf('/')); - try{ - String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim()); - if(body.contains("CouldNotConnectException")){ - List<String> data = new ArrayList<>(); - data.add("Elastic Search Server is down"); - resultList = data; - }else{ - JSONObject json = new JSONObject(body); - resultList = json.get("policyresult"); - } - }catch(Exception e){ - policyLogger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Exception Occured while querying Elastic Search: " + e); - List<String> data = new ArrayList<>(); - data.add("Elastic Search Server is down"); - resultList = data; - } - - response.setCharacterEncoding(PolicyController.getCharacterencoding()); - response.setContentType(PolicyController.getContenttype()); - PrintWriter out = response.getWriter(); - JSONObject j = new JSONObject("{result: " + resultList + "}"); - out.write(j.toString()); - return null; - } - - @RequestMapping(value={"/searchPolicy"}, method={RequestMethod.POST}) - public ModelAndView searchPolicy(HttpServletRequest request, HttpServletResponse response) throws IOException{ - Object resultList; - String uri = request.getRequestURI()+"?action=search"; - if(uri.startsWith("/")){ - uri = uri.substring(uri.indexOf('/')+1); - } - uri = "/onap" + uri.substring(uri.indexOf('/')); - String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim()); - - JSONObject json = new JSONObject(body); - try{ - resultList = json.get("policyresult"); - }catch(Exception e){ - List<String> data = new ArrayList<>(); - resultList = json.get("data"); - data.add("Exception"); - data.add(resultList.toString()); - resultList = data; - policyLogger.error("Exception Occured while searching for Policy in Elastic Database" +e); - } - - response.setCharacterEncoding("UTF-8"); - response.setContentType("application / json"); - request.setCharacterEncoding("UTF-8"); - - PrintWriter out = response.getWriter(); - JSONObject j = new JSONObject("{result: " + resultList + "}"); - out.write(j.toString()); - return null; - } - - public void deleteElasticData(String fileName){ - String uri = "searchPolicy?action=delete&policyName='"+fileName+"'"; - callPAP(null, "POST", uri.trim()); - } - - public String notifyOtherPAPSToUpdateConfigurations(String mode, String newName, String oldName){ - String uri = "onap/notifyOtherPAPs?action="+mode+"&newPolicyName="+newName+"&oldPolicyName="+oldName+""; - return callPAP(null, "POST", uri.trim()); - } + private static final Logger policyLogger = FlexLogger.getLogger(PolicyRestController.class); + + private static final String model = "model"; + private static final String importDictionary = "import_dictionary"; + + private static CommonClassDao commonClassDao; + + public PolicyRestController(){ + //default constructor + } + + @Autowired + private PolicyRestController(CommonClassDao commonClassDao){ + PolicyRestController.commonClassDao = commonClassDao; + } + + public static CommonClassDao getCommonClassDao() { + return commonClassDao; + } + + public static void setCommonClassDao(CommonClassDao commonClassDao) { + PolicyRestController.commonClassDao = commonClassDao; + } + + + + @RequestMapping(value={"/policycreation/save_policy"}, method={RequestMethod.POST}) + public void policyCreationController(HttpServletRequest request, HttpServletResponse response) { + String userId = UserUtils.getUserSession(request).getOrgUserId(); + ObjectMapper mapper = new ObjectMapper(); + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + try{ + JsonNode root = mapper.readTree(request.getReader()); + + policyLogger.info("****************************************Logging UserID while Create/Update Policy**************************************************"); + policyLogger.info("UserId: " + userId + "Policy Data Object: "+ root.get(PolicyController.getPolicydata()).get("policy").toString()); + policyLogger.info("***********************************************************************************************************************************"); + + PolicyRestAdapter policyData = mapper.readValue(root.get(PolicyController.getPolicydata()).get("policy").toString(), PolicyRestAdapter.class); + + if("file".equals(root.get(PolicyController.getPolicydata()).get(model).get("type").toString().replace("\"", ""))){ + policyData.setEditPolicy(true); + } + if(root.get(PolicyController.getPolicydata()).get(model).get("path").size() != 0){ + String dirName = ""; + for(int i = 0; i < root.get(PolicyController.getPolicydata()).get(model).get("path").size(); i++){ + dirName = dirName.replace("\"", "") + root.get(PolicyController.getPolicydata()).get(model).get("path").get(i).toString().replace("\"", "") + File.separator; + } + if(policyData.isEditPolicy()){ + policyData.setDomainDir(dirName.substring(0, dirName.lastIndexOf(File.separator))); + }else{ + policyData.setDomainDir(dirName + root.get(PolicyController.getPolicydata()).get(model).get("name").toString().replace("\"", "")); + } + }else{ + String domain = root.get(PolicyController.getPolicydata()).get(model).get("name").toString(); + if(domain.contains("/")){ + domain = domain.substring(0, domain.lastIndexOf('/')).replace("/", File.separator); + } + domain = domain.replace("\"", ""); + policyData.setDomainDir(domain); + } + + if(policyData.getConfigPolicyType() != null){ + if("ClosedLoop_Fault".equalsIgnoreCase(policyData.getConfigPolicyType())){ + policyData = new CreateClosedLoopFaultController().setDataToPolicyRestAdapter(policyData, root); + }else if("Firewall Config".equalsIgnoreCase(policyData.getConfigPolicyType())){ + policyData = new CreateFirewallController().setDataToPolicyRestAdapter(policyData); + }else if("Micro Service".equalsIgnoreCase(policyData.getConfigPolicyType())){ + policyData = new CreateDcaeMicroServiceController().setDataToPolicyRestAdapter(policyData, root); + }else if("Optimization".equalsIgnoreCase(policyData.getConfigPolicyType())){ + policyData = new CreateOptimizationController().setDataToPolicyRestAdapter(policyData, root); + } + } + + policyData.setUserId(userId); + + String result; + String body = PolicyUtils.objectToJsonString(policyData); + String uri = request.getRequestURI(); + ResponseEntity<?> responseEntity = sendToPAP(body, uri, HttpMethod.POST); + if(responseEntity != null && responseEntity.getBody().equals(HttpServletResponse.SC_CONFLICT)){ + result = "PolicyExists"; + }else if(responseEntity != null){ + result = responseEntity.getBody().toString(); + String policyName = responseEntity.getHeaders().get("policyName").get(0); + if(policyData.isEditPolicy() && "success".equalsIgnoreCase(result)){ + PolicyNotificationMail email = new PolicyNotificationMail(); + String mode = "EditPolicy"; + String watchPolicyName = policyName.replace(".xml", ""); + String version = watchPolicyName.substring(watchPolicyName.lastIndexOf('.')+1); + watchPolicyName = watchPolicyName.substring(0, watchPolicyName.lastIndexOf('.')).replace(".", File.separator); + String policyVersionName = watchPolicyName.replace(".", File.separator); + watchPolicyName = watchPolicyName + "." + version + ".xml"; + PolicyVersion entityItem = new PolicyVersion(); + entityItem.setPolicyName(policyVersionName); + entityItem.setActiveVersion(Integer.parseInt(version)); + entityItem.setModifiedBy(userId); + email.sendMail(entityItem, watchPolicyName, mode, commonClassDao); + } + }else{ + result = "Response is null from PAP"; + } + + response.setCharacterEncoding(PolicyController.getCharacterencoding()); + response.setContentType(PolicyController.getContenttype()); + request.setCharacterEncoding(PolicyController.getCharacterencoding()); + + PrintWriter out = response.getWriter(); + String responseString = mapper.writeValueAsString(result); + JSONObject j = new JSONObject("{policyData: " + responseString + "}"); + out.write(j.toString()); + }catch(Exception e){ + policyLogger.error("Exception Occured while saving policy" , e); + } + } + + + private ResponseEntity<?> sendToPAP(String body, String requestURI, HttpMethod method){ + String papUrl = PolicyController.getPapUrl(); + String papID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID); + String papPass = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS)); + + Base64.Encoder encoder = Base64.getEncoder(); + String encoding = encoder.encodeToString((papID+":"+papPass).getBytes(StandardCharsets.UTF_8)); + HttpHeaders headers = new HttpHeaders(); + headers.set("Authorization", "Basic " + encoding); + headers.set("Content-Type", PolicyController.getContenttype()); + + RestTemplate restTemplate = new RestTemplate(); + HttpEntity<?> requestEntity = new HttpEntity<>(body, headers); + ResponseEntity<?> result = null; + HttpClientErrorException exception = null; + String uri = requestURI; + if(uri.startsWith("/")){ + uri = uri.substring(uri.indexOf('/')+1); + } + uri = "onap" + uri.substring(uri.indexOf('/')); + try{ + result = restTemplate.exchange(papUrl + uri, method, requestEntity, String.class); + }catch(Exception e){ + policyLogger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while connecting to " + papUrl, e); + exception = new HttpClientErrorException(HttpStatus.INTERNAL_SERVER_ERROR, e.getMessage()); + if("409 Conflict".equals(e.getMessage())){ + return ResponseEntity.ok(HttpServletResponse.SC_CONFLICT); + } + } + if(exception != null && exception.getStatusCode()!=null){ + if(exception.getStatusCode().equals(HttpStatus.UNAUTHORIZED)){ + String message = XACMLErrorConstants.ERROR_PERMISSIONS +":"+exception.getStatusCode()+":" + "ERROR_AUTH_GET_PERM" ; + policyLogger.error(message); + } + if(exception.getStatusCode().equals(HttpStatus.BAD_REQUEST)){ + String message = XACMLErrorConstants.ERROR_DATA_ISSUE + ":"+exception.getStatusCode()+":" + exception.getResponseBodyAsString(); + policyLogger.error(message); + } + if(exception.getStatusCode().equals(HttpStatus.NOT_FOUND)){ + String message = XACMLErrorConstants.ERROR_PROCESS_FLOW + "Error while connecting to " + papUrl + exception; + policyLogger.error(message); + } + String message = XACMLErrorConstants.ERROR_PROCESS_FLOW + ":"+exception.getStatusCode()+":" + exception.getResponseBodyAsString(); + policyLogger.error(message); + } + return result; + } + + private String callPAP(HttpServletRequest request , String method, String uriValue){ + String uri = uriValue; + String boundary = null; + String papUrl = PolicyController.getPapUrl(); + String papID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID); + String papPass = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS)); + + Base64.Encoder encoder = Base64.getEncoder(); + String encoding = encoder.encodeToString((papID+":"+papPass).getBytes(StandardCharsets.UTF_8)); + HttpHeaders headers = new HttpHeaders(); + headers.set("Authorization", "Basic " + encoding); + headers.set("Content-Type", PolicyController.getContenttype()); + + + HttpURLConnection connection = null; + List<FileItem> items; + FileItem item = null; + File file = null; + if(uri.contains(importDictionary)){ + try { + items = new ServletFileUpload(new DiskFileItemFactory()).parseRequest(request); + item = items.get(0); + file = new File(item.getName()); + String newFile = file.toString(); + uri = uri +"&dictionaryName="+newFile; + } catch (Exception e2) { + policyLogger.error("Exception Occured while calling PAP with import dictionary request"+e2); + } + } + + try { + URL url = new URL(papUrl + uri); + connection = (HttpURLConnection)url.openConnection(); + connection.setRequestMethod(method); + connection.setUseCaches(false); + connection.setInstanceFollowRedirects(false); + connection.setRequestProperty("Authorization", "Basic " + encoding); + connection.setDoOutput(true); + connection.setDoInput(true); + + if(!uri.contains("searchPolicy?action=delete&")){ + + if(!(uri.endsWith("set_BRMSParamData") || uri.contains(importDictionary))){ + connection.setRequestProperty("Content-Type",PolicyController.getContenttype()); + ObjectMapper mapper = new ObjectMapper(); + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + JsonNode root = null; + try { + root = mapper.readTree(request.getReader()); + }catch (Exception e1) { + policyLogger.error("Exception Occured while calling PAP"+e1); + } + + ObjectMapper mapper1 = new ObjectMapper(); + mapper1.configure(SerializationFeature.ORDER_MAP_ENTRIES_BY_KEYS, true); + + Object obj = mapper1.treeToValue(root, Object.class); + String json = mapper1.writeValueAsString(obj); + + Object content = new ByteArrayInputStream(json.getBytes()); + + if (content instanceof InputStream) { + // send current configuration + try (OutputStream os = connection.getOutputStream()) { + int count = IOUtils.copy((InputStream) content, os); + if (policyLogger.isDebugEnabled()) { + policyLogger.debug("copied to output, bytes=" + count); + } + } + } + }else{ + if(uri.endsWith("set_BRMSParamData")){ + connection.setRequestProperty("Content-Type",PolicyController.getContenttype()); + try (OutputStream os = connection.getOutputStream()) { + IOUtils.copy((InputStream) request.getInputStream(), os); + } + }else{ + boundary = "===" + System.currentTimeMillis() + "==="; + connection.setRequestProperty("Content-Type","multipart/form-data; boundary=" + boundary); + try (OutputStream os = connection.getOutputStream()) { + if(item != null){ + IOUtils.copy((InputStream) item.getInputStream(), os); + } + } + } + } + } + + connection.connect(); + + int responseCode = connection.getResponseCode(); + if(responseCode == 200){ + // get the response content into a String + String responseJson = null; + // read the inputStream into a buffer (trick found online scans entire input looking for end-of-file) + try(java.util.Scanner scanner = new java.util.Scanner(connection.getInputStream())) { + scanner.useDelimiter("\\A"); + responseJson = scanner.hasNext() ? scanner.next() : ""; + } catch (Exception e){ + //Reason for rethrowing the exception is if any exception occurs during reading of inputsteam + //then the exception handling is done by the outer block without returning the response immediately + //Also finally block is existing only in outer block and not here so all exception handling is + //done in only one place + policyLogger.error("Exception Occured"+e); + throw e; + } + + policyLogger.info("JSON response from PAP: " + responseJson); + return responseJson; + } + + } catch (Exception e) { + policyLogger.error("Exception Occured"+e); + }finally{ + if(file != null && file.exists() && file.delete()){ + policyLogger.info("File Deleted Successfully"); + } + if (connection != null) { + try { + // For some reason trying to get the inputStream from the connection + // throws an exception rather than returning null when the InputStream does not exist. + InputStream is = connection.getInputStream(); + if (is != null) { + is.close(); + } + } catch (IOException ex) { + policyLogger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Failed to close connection: " + ex, ex); + } + connection.disconnect(); + } + } + return null; + } + + @RequestMapping(value={"/getDictionary/*"}, method={RequestMethod.GET}) + public void getDictionaryController(HttpServletRequest request, HttpServletResponse response){ + String uri = request.getRequestURI().replace("/getDictionary", ""); + String body; + ResponseEntity<?> responseEntity = sendToPAP(null, uri, HttpMethod.GET); + if(responseEntity != null){ + body = responseEntity.getBody().toString(); + }else{ + body = ""; + } + try { + response.getWriter().write(body); + } catch (IOException e) { + policyLogger.error("Exception occured while getting Dictionary entries", e); + } + } + + @RequestMapping(value={"/saveDictionary/*/*"}, method={RequestMethod.POST}) + public void saveDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException{ + String userId = ""; + String uri = request.getRequestURI().replace("/saveDictionary", ""); + if(uri.startsWith("/")){ + uri = uri.substring(uri.indexOf('/')+1); + } + uri = "/onap" + uri.substring(uri.indexOf('/')); + if(uri.contains(importDictionary)){ + userId = UserUtils.getUserSession(request).getOrgUserId(); + uri = uri+ "?userId=" +userId; + } + + policyLogger.info("****************************************Logging UserID while Saving Dictionary*****************************************************"); + policyLogger.info("UserId: " + userId); + policyLogger.info("***********************************************************************************************************************************"); + + String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim()); + if(body != null && !body.isEmpty()){ + response.getWriter().write(body); + }else{ + response.getWriter().write("Failed"); + } + } + + @RequestMapping(value={"/deleteDictionary/*/*"}, method={RequestMethod.POST}) + public void deletetDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException { + String uri = request.getRequestURI().replace("/deleteDictionary", ""); + if(uri.startsWith("/")){ + uri = uri.substring(uri.indexOf('/')+1); + } + uri = "/onap" + uri.substring(uri.indexOf('/')); + + String userId = UserUtils.getUserSession(request).getOrgUserId(); + policyLogger.info("****************************************Logging UserID while Deleting Dictionary*****************************************************"); + policyLogger.info("UserId: " + userId); + policyLogger.info("*************************************************************************************************************************************"); + + String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim()); + if(body != null && !body.isEmpty()){ + response.getWriter().write(body); + }else{ + response.getWriter().write("Failed"); + } + } + + @RequestMapping(value={"/searchDictionary"}, method={RequestMethod.POST}) + public ModelAndView searchDictionaryController(HttpServletRequest request, HttpServletResponse response) throws IOException { + Object resultList; + String uri = request.getRequestURI(); + if(uri.startsWith("/")){ + uri = uri.substring(uri.indexOf('/')+1); + } + uri = "/onap" + uri.substring(uri.indexOf('/')); + try{ + String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim()); + if(body.contains("CouldNotConnectException")){ + List<String> data = new ArrayList<>(); + data.add("Elastic Search Server is down"); + resultList = data; + }else{ + JSONObject json = new JSONObject(body); + resultList = json.get("policyresult"); + } + }catch(Exception e){ + policyLogger.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Exception Occured while querying Elastic Search: " + e); + List<String> data = new ArrayList<>(); + data.add("Elastic Search Server is down"); + resultList = data; + } + + response.setCharacterEncoding(PolicyController.getCharacterencoding()); + response.setContentType(PolicyController.getContenttype()); + PrintWriter out = response.getWriter(); + JSONObject j = new JSONObject("{result: " + resultList + "}"); + out.write(j.toString()); + return null; + } + + @RequestMapping(value={"/searchPolicy"}, method={RequestMethod.POST}) + public ModelAndView searchPolicy(HttpServletRequest request, HttpServletResponse response) throws IOException{ + Object resultList; + String uri = request.getRequestURI()+"?action=search"; + if(uri.startsWith("/")){ + uri = uri.substring(uri.indexOf('/')+1); + } + uri = "/onap" + uri.substring(uri.indexOf('/')); + String body = callPAP(request, "POST", uri.replaceFirst("/", "").trim()); + + JSONObject json = new JSONObject(body); + try{ + resultList = json.get("policyresult"); + }catch(Exception e){ + List<String> data = new ArrayList<>(); + resultList = json.get("data"); + data.add("Exception"); + data.add(resultList.toString()); + resultList = data; + policyLogger.error("Exception Occured while searching for Policy in Elastic Database" +e); + } + + response.setCharacterEncoding("UTF-8"); + response.setContentType("application / json"); + request.setCharacterEncoding("UTF-8"); + + PrintWriter out = response.getWriter(); + JSONObject j = new JSONObject("{result: " + resultList + "}"); + out.write(j.toString()); + return null; + } + + public void deleteElasticData(String fileName){ + String uri = "searchPolicy?action=delete&policyName='"+fileName+"'"; + callPAP(null, "POST", uri.trim()); + } + + public String notifyOtherPAPSToUpdateConfigurations(String mode, String newName, String oldName){ + String uri = "onap/notifyOtherPAPs?action="+mode+"&newPolicyName="+newName+"&oldPolicyName="+oldName+""; + return callPAP(null, "POST", uri.trim()); + } } diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/RESTfulPAPEngine.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/RESTfulPAPEngine.java index a8831eaaf..53be0999d 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/RESTfulPAPEngine.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/RESTfulPAPEngine.java @@ -71,324 +71,324 @@ import org.onap.policy.common.logging.flexlogger.Logger; * */ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAPPolicyEngine { - private static final Logger LOGGER = FlexLogger.getLogger(RESTfulPAPEngine.class); - - private static final String groupID = "groupId="; - - // - // URL of the PAP Servlet that this Admin Console talks to - // - private String papServletURLString; - - /** - * Set up link with PAP Servlet and get our initial set of Groups - * @throws Exception - */ - public RESTfulPAPEngine (String myURLString) throws PAPException { - // - // Get our URL to the PAP servlet - // - this.papServletURLString = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_URL); - if (this.papServletURLString == null || this.papServletURLString.length() == 0) { - String message = "The property 'POLICYENGINE_ADMIN_ACTIVE' was not set during installation. Admin Console cannot call PAP."; - LOGGER.error(message); - throw new PAPException(message); - } - - // - // register this Admin Console with the PAP Servlet to get updates - // - Object newURL = sendToPAP("PUT", null, null, null, "adminConsoleURL=" + myURLString); - if (newURL != null) { - // assume this was a re-direct and try again - LOGGER.warn("Redirecting to '" + newURL + "'"); - this.papServletURLString = (String)newURL; - newURL = sendToPAP("PUT", null, null, null, "adminConsoleURL=" + myURLString); - if (newURL != null) { - LOGGER.error("Failed to redirect to " + this.papServletURLString); - throw new PAPException("Failed to register with PAP"); - } - } - } - - - // - // High-level commands used by the Admin Console code through the PAPEngine Interface - // - - @Override - public OnapPDPGroup getDefaultGroup() throws PAPException { - return (OnapPDPGroup)sendToPAP("GET", null, null, StdPDPGroup.class, groupID, "default="); - } - - @Override - public void setDefaultGroup(OnapPDPGroup group) throws PAPException { - sendToPAP("POST", null, null, null, groupID + group.getId(), "default=true"); - } - - @SuppressWarnings("unchecked") - @Override - public Set<OnapPDPGroup> getOnapPDPGroups() throws PAPException { - Set<OnapPDPGroup> newGroupSet; - newGroupSet = (Set<OnapPDPGroup>) this.sendToPAP("GET", null, Set.class, StdPDPGroup.class, groupID); - return Collections.unmodifiableSet(newGroupSet); - } - - - @Override - public OnapPDPGroup getGroup(String id) throws PAPException { - return (OnapPDPGroup)sendToPAP("GET", null, null, StdPDPGroup.class, groupID + id); - } - - @Override - public void newGroup(String name, String description) - throws PAPException { - String escapedName = null; - String escapedDescription = null; - try { - escapedName = URLEncoder.encode(name, "UTF-8"); - escapedDescription = URLEncoder.encode(description, "UTF-8"); - } catch (UnsupportedEncodingException e) { - throw new PAPException("Unable to send name or description to PAP: " + e.getMessage() +e); - } - - this.sendToPAP("POST", null, null, null, groupID, "groupName="+escapedName, "groupDescription=" + escapedDescription); - } - - - /** - * Update the configuration on the PAP for a single Group. - * - * @param group - * @return - * @throws PAPException - */ - @Override - public void updateGroup(OnapPDPGroup group) throws PAPException { - - try { - - // - // ASSUME that all of the policies mentioned in this group are already located in the correct directory on the PAP! - // - // Whenever a Policy is added to the group, that file must be automatically copied to the PAP from the Workspace. - // - - - // Copy all policies from the local machine's workspace to the PAP's PDPGroup directory. - // This is not efficient since most of the policies will already exist there. - // However, the policy files are (probably!) not too huge, and this is a good way to ensure that any corrupted files on the PAP get refreshed. - - - // now update the group object on the PAP - - sendToPAP("PUT", group, null, null, groupID + group.getId()); - } catch (Exception e) { - String message = "Unable to PUT policy '" + group.getId() + "', e:" + e; - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message, e); - throw new PAPException(message); - } - } - - - @Override - public void removeGroup(OnapPDPGroup group, OnapPDPGroup newGroup) - throws PAPException { - String moveToGroupString = null; - if (newGroup != null) { - moveToGroupString = "movePDPsToGroupId=" + newGroup.getId(); - } - sendToPAP("DELETE", null, null, null, groupID + group.getId(), moveToGroupString); - } - - @Override - public OnapPDPGroup getPDPGroup(OnapPDP pdp) throws PAPException { - return getPDPGroup(pdp.getId()); - } - - - public OnapPDPGroup getPDPGroup(String pdpId) throws PAPException { - return (OnapPDPGroup)sendToPAP("GET", null, null, StdPDPGroup.class, groupID, "pdpId=" + pdpId, "getPDPGroup="); - } - - @Override - public OnapPDP getPDP(String pdpId) throws PAPException { - return (OnapPDP)sendToPAP("GET", null, null, StdPDP.class, groupID, "pdpId=" + pdpId); - } - - @Override - public void newPDP(String id, OnapPDPGroup group, String name, String description, int jmxport) throws PAPException { - StdPDP newPDP = new StdPDP(id, name, description, jmxport); - sendToPAP("PUT", newPDP, null, null, groupID + group.getId(), "pdpId=" + id); - return; - } - - @Override - public void movePDP(OnapPDP pdp, OnapPDPGroup newGroup) throws PAPException { - sendToPAP("POST", null, null, null, groupID + newGroup.getId(), "pdpId=" + pdp.getId()); - return; - } - - @Override - public void updatePDP(OnapPDP pdp) throws PAPException { - OnapPDPGroup group = getPDPGroup(pdp); - sendToPAP("PUT", pdp, null, null, groupID + group.getId(), "pdpId=" + pdp.getId()); - return; - } - - @Override - public void removePDP(OnapPDP pdp) throws PAPException { - OnapPDPGroup group = getPDPGroup(pdp); - sendToPAP("DELETE", null, null, null, groupID + group.getId(), "pdpId=" + pdp.getId()); - return; - } - - //Validate the Policy Data - public boolean validatePolicyRequest(PolicyRestAdapter policyAdapter, String policyType) throws PAPException { - StdPAPPolicy newPAPPolicy = new StdPAPPolicy(policyAdapter.getPolicyName(), policyAdapter.getConfigBodyData(), policyAdapter.getConfigType(), "Base"); - - //send JSON object to PAP - return (Boolean) sendToPAP("PUT", newPAPPolicy, null, null, "operation=validate", "apiflag=admin", "policyType=" + policyType); - } - - - - @Override - public void publishPolicy(String id, String name, boolean isRoot, - InputStream policy, OnapPDPGroup group) throws PAPException { - - - // copy the (one) file into the target directory on the PAP servlet - copyFile(id, group, policy); - - // adjust the local copy of the group to include the new policy - PDPPolicy pdpPolicy = new StdPDPPolicy(id, isRoot, name); - group.getPolicies().add(pdpPolicy); - - // tell the PAP servlet to include the policy in the configuration - updateGroup(group); - - return; - } - - /** - * Copy a single Policy file from the input stream to the PAP Servlet. - * Either this works (silently) or it throws an exception. - * - * @param policyId - * @param group - * @param policy - * @return - * @throws PAPException - */ - public void copyFile(String policyId, OnapPDPGroup group, InputStream policy) throws PAPException { - // send the policy file to the PAP Servlet - try { - sendToPAP("POST", policy, null, null, groupID + group.getId(), "policyId="+policyId); - } catch (Exception e) { - String message = "Unable to PUT policy '" + policyId + "', e:" + e; - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message, e); - throw new PAPException(message); - } - } - - - @Override - public void copyPolicy(PDPPolicy policy, OnapPDPGroup group) throws PAPException { - if (policy == null || group == null) { - throw new PAPException("Null input policy="+policy+" group="+group); - } - try (InputStream is = new FileInputStream(new File(policy.getLocation())) ) { - copyFile(policy.getId(), group, is ); - } catch (Exception e) { - String message = "Unable to PUT policy '" + policy.getId() + "', e:" + e; - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message, e); - throw new PAPException(message); - } - } - - @Override - public void removePolicy(PDPPolicy policy, OnapPDPGroup group) throws PAPException { - throw new PAPException("NOT IMPLEMENTED"); - - } - - - /** - * Special operation - Similar to the normal PAP operations but this one contacts the PDP directly - * to get detailed status info. - * - * @param pdp - * @return - * @throws PAPException - */ - @Override - public PDPStatus getStatus(OnapPDP pdp) throws PAPException { - return (StdPDPStatus)sendToPAP("GET", pdp, null, StdPDPStatus.class); - } - - - // - // Internal Operations called by the PAPEngine Interface methods - // - - /** - * Send a request to the PAP Servlet and get the response. - * - * The content is either an InputStream to be copied to the Request OutputStream - * OR it is an object that is to be encoded into JSON and pushed into the Request OutputStream. - * - * The Request parameters may be encoded in multiple "name=value" sets, or parameters may be combined by the caller. - * - * @param method - * @param content - EITHER an InputStream OR an Object to be encoded in JSON - * @param collectionTypeClass - * @param responseContentClass - * @param parameters - * @return - * @throws Exception - */ - @SuppressWarnings({ "rawtypes", "unchecked" }) - private Object sendToPAP(String method, Object content, Class collectionTypeClass, Class responseContentClass, String... parameters ) throws PAPException { - HttpURLConnection connection = null; - String papID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID); - LOGGER.info("User Id is " + papID); - String papPass = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS)); - Base64.Encoder encoder = Base64.getEncoder(); - String encoding = encoder.encodeToString((papID+":"+papPass).getBytes(StandardCharsets.UTF_8)); - Object contentObj = content; - LOGGER.info("Encoding for the PAP is: " + encoding); - try { - String fullURL = papServletURLString; - if (parameters != null && parameters.length > 0) { - StringBuilder queryString = new StringBuilder(); - for (String p : parameters) { - queryString.append("&" + p); - } - fullURL += "?" + queryString.substring(1); - } - - // special case - Status (actually the detailed status) comes from the PDP directly, not the PAP - if ("GET".equals(method) && (contentObj instanceof OnapPDP) && responseContentClass == StdPDPStatus.class) { - // Adjust the url and properties appropriately - String pdpID =((OnapPDP)contentObj).getId(); - fullURL = pdpID + "?type=Status"; - contentObj = null; - if(CheckPDP.validateID(pdpID)){ - encoding = CheckPDP.getEncoding(pdpID); - } - } - - - URL url = new URL(fullURL); - - // - // Open up the connection - // - connection = (HttpURLConnection)url.openConnection(); - // - // Setup our method and headers - // + private static final Logger LOGGER = FlexLogger.getLogger(RESTfulPAPEngine.class); + + private static final String groupID = "groupId="; + + // + // URL of the PAP Servlet that this Admin Console talks to + // + private String papServletURLString; + + /** + * Set up link with PAP Servlet and get our initial set of Groups + * @throws Exception + */ + public RESTfulPAPEngine (String myURLString) throws PAPException { + // + // Get our URL to the PAP servlet + // + this.papServletURLString = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_URL); + if (this.papServletURLString == null || this.papServletURLString.length() == 0) { + String message = "The property 'POLICYENGINE_ADMIN_ACTIVE' was not set during installation. Admin Console cannot call PAP."; + LOGGER.error(message); + throw new PAPException(message); + } + + // + // register this Admin Console with the PAP Servlet to get updates + // + Object newURL = sendToPAP("PUT", null, null, null, "adminConsoleURL=" + myURLString); + if (newURL != null) { + // assume this was a re-direct and try again + LOGGER.warn("Redirecting to '" + newURL + "'"); + this.papServletURLString = (String)newURL; + newURL = sendToPAP("PUT", null, null, null, "adminConsoleURL=" + myURLString); + if (newURL != null) { + LOGGER.error("Failed to redirect to " + this.papServletURLString); + throw new PAPException("Failed to register with PAP"); + } + } + } + + + // + // High-level commands used by the Admin Console code through the PAPEngine Interface + // + + @Override + public OnapPDPGroup getDefaultGroup() throws PAPException { + return (OnapPDPGroup)sendToPAP("GET", null, null, StdPDPGroup.class, groupID, "default="); + } + + @Override + public void setDefaultGroup(OnapPDPGroup group) throws PAPException { + sendToPAP("POST", null, null, null, groupID + group.getId(), "default=true"); + } + + @SuppressWarnings("unchecked") + @Override + public Set<OnapPDPGroup> getOnapPDPGroups() throws PAPException { + Set<OnapPDPGroup> newGroupSet; + newGroupSet = (Set<OnapPDPGroup>) this.sendToPAP("GET", null, Set.class, StdPDPGroup.class, groupID); + return Collections.unmodifiableSet(newGroupSet); + } + + + @Override + public OnapPDPGroup getGroup(String id) throws PAPException { + return (OnapPDPGroup)sendToPAP("GET", null, null, StdPDPGroup.class, groupID + id); + } + + @Override + public void newGroup(String name, String description) + throws PAPException { + String escapedName = null; + String escapedDescription = null; + try { + escapedName = URLEncoder.encode(name, "UTF-8"); + escapedDescription = URLEncoder.encode(description, "UTF-8"); + } catch (UnsupportedEncodingException e) { + throw new PAPException("Unable to send name or description to PAP: " + e.getMessage() +e); + } + + this.sendToPAP("POST", null, null, null, groupID, "groupName="+escapedName, "groupDescription=" + escapedDescription); + } + + + /** + * Update the configuration on the PAP for a single Group. + * + * @param group + * @return + * @throws PAPException + */ + @Override + public void updateGroup(OnapPDPGroup group) throws PAPException { + + try { + + // + // ASSUME that all of the policies mentioned in this group are already located in the correct directory on the PAP! + // + // Whenever a Policy is added to the group, that file must be automatically copied to the PAP from the Workspace. + // + + + // Copy all policies from the local machine's workspace to the PAP's PDPGroup directory. + // This is not efficient since most of the policies will already exist there. + // However, the policy files are (probably!) not too huge, and this is a good way to ensure that any corrupted files on the PAP get refreshed. + + + // now update the group object on the PAP + + sendToPAP("PUT", group, null, null, groupID + group.getId()); + } catch (Exception e) { + String message = "Unable to PUT policy '" + group.getId() + "', e:" + e; + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message, e); + throw new PAPException(message); + } + } + + + @Override + public void removeGroup(OnapPDPGroup group, OnapPDPGroup newGroup) + throws PAPException { + String moveToGroupString = null; + if (newGroup != null) { + moveToGroupString = "movePDPsToGroupId=" + newGroup.getId(); + } + sendToPAP("DELETE", null, null, null, groupID + group.getId(), moveToGroupString); + } + + @Override + public OnapPDPGroup getPDPGroup(OnapPDP pdp) throws PAPException { + return getPDPGroup(pdp.getId()); + } + + + public OnapPDPGroup getPDPGroup(String pdpId) throws PAPException { + return (OnapPDPGroup)sendToPAP("GET", null, null, StdPDPGroup.class, groupID, "pdpId=" + pdpId, "getPDPGroup="); + } + + @Override + public OnapPDP getPDP(String pdpId) throws PAPException { + return (OnapPDP)sendToPAP("GET", null, null, StdPDP.class, groupID, "pdpId=" + pdpId); + } + + @Override + public void newPDP(String id, OnapPDPGroup group, String name, String description, int jmxport) throws PAPException { + StdPDP newPDP = new StdPDP(id, name, description, jmxport); + sendToPAP("PUT", newPDP, null, null, groupID + group.getId(), "pdpId=" + id); + return; + } + + @Override + public void movePDP(OnapPDP pdp, OnapPDPGroup newGroup) throws PAPException { + sendToPAP("POST", null, null, null, groupID + newGroup.getId(), "pdpId=" + pdp.getId()); + return; + } + + @Override + public void updatePDP(OnapPDP pdp) throws PAPException { + OnapPDPGroup group = getPDPGroup(pdp); + sendToPAP("PUT", pdp, null, null, groupID + group.getId(), "pdpId=" + pdp.getId()); + return; + } + + @Override + public void removePDP(OnapPDP pdp) throws PAPException { + OnapPDPGroup group = getPDPGroup(pdp); + sendToPAP("DELETE", null, null, null, groupID + group.getId(), "pdpId=" + pdp.getId()); + return; + } + + //Validate the Policy Data + public boolean validatePolicyRequest(PolicyRestAdapter policyAdapter, String policyType) throws PAPException { + StdPAPPolicy newPAPPolicy = new StdPAPPolicy(policyAdapter.getPolicyName(), policyAdapter.getConfigBodyData(), policyAdapter.getConfigType(), "Base"); + + //send JSON object to PAP + return (Boolean) sendToPAP("PUT", newPAPPolicy, null, null, "operation=validate", "apiflag=admin", "policyType=" + policyType); + } + + + + @Override + public void publishPolicy(String id, String name, boolean isRoot, + InputStream policy, OnapPDPGroup group) throws PAPException { + + + // copy the (one) file into the target directory on the PAP servlet + copyFile(id, group, policy); + + // adjust the local copy of the group to include the new policy + PDPPolicy pdpPolicy = new StdPDPPolicy(id, isRoot, name); + group.getPolicies().add(pdpPolicy); + + // tell the PAP servlet to include the policy in the configuration + updateGroup(group); + + return; + } + + /** + * Copy a single Policy file from the input stream to the PAP Servlet. + * Either this works (silently) or it throws an exception. + * + * @param policyId + * @param group + * @param policy + * @return + * @throws PAPException + */ + public void copyFile(String policyId, OnapPDPGroup group, InputStream policy) throws PAPException { + // send the policy file to the PAP Servlet + try { + sendToPAP("POST", policy, null, null, groupID + group.getId(), "policyId="+policyId); + } catch (Exception e) { + String message = "Unable to PUT policy '" + policyId + "', e:" + e; + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message, e); + throw new PAPException(message); + } + } + + + @Override + public void copyPolicy(PDPPolicy policy, OnapPDPGroup group) throws PAPException { + if (policy == null || group == null) { + throw new PAPException("Null input policy="+policy+" group="+group); + } + try (InputStream is = new FileInputStream(new File(policy.getLocation())) ) { + copyFile(policy.getId(), group, is ); + } catch (Exception e) { + String message = "Unable to PUT policy '" + policy.getId() + "', e:" + e; + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + message, e); + throw new PAPException(message); + } + } + + @Override + public void removePolicy(PDPPolicy policy, OnapPDPGroup group) throws PAPException { + throw new PAPException("NOT IMPLEMENTED"); + + } + + + /** + * Special operation - Similar to the normal PAP operations but this one contacts the PDP directly + * to get detailed status info. + * + * @param pdp + * @return + * @throws PAPException + */ + @Override + public PDPStatus getStatus(OnapPDP pdp) throws PAPException { + return (StdPDPStatus)sendToPAP("GET", pdp, null, StdPDPStatus.class); + } + + + // + // Internal Operations called by the PAPEngine Interface methods + // + + /** + * Send a request to the PAP Servlet and get the response. + * + * The content is either an InputStream to be copied to the Request OutputStream + * OR it is an object that is to be encoded into JSON and pushed into the Request OutputStream. + * + * The Request parameters may be encoded in multiple "name=value" sets, or parameters may be combined by the caller. + * + * @param method + * @param content - EITHER an InputStream OR an Object to be encoded in JSON + * @param collectionTypeClass + * @param responseContentClass + * @param parameters + * @return + * @throws Exception + */ + @SuppressWarnings({ "rawtypes", "unchecked" }) + private Object sendToPAP(String method, Object content, Class collectionTypeClass, Class responseContentClass, String... parameters ) throws PAPException { + HttpURLConnection connection = null; + String papID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID); + LOGGER.info("User Id is " + papID); + String papPass = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS)); + Base64.Encoder encoder = Base64.getEncoder(); + String encoding = encoder.encodeToString((papID+":"+papPass).getBytes(StandardCharsets.UTF_8)); + Object contentObj = content; + LOGGER.info("Encoding for the PAP is: " + encoding); + try { + String fullURL = papServletURLString; + if (parameters != null && parameters.length > 0) { + StringBuilder queryString = new StringBuilder(); + for (String p : parameters) { + queryString.append("&" + p); + } + fullURL += "?" + queryString.substring(1); + } + + // special case - Status (actually the detailed status) comes from the PDP directly, not the PAP + if ("GET".equals(method) && (contentObj instanceof OnapPDP) && responseContentClass == StdPDPStatus.class) { + // Adjust the url and properties appropriately + String pdpID =((OnapPDP)contentObj).getId(); + fullURL = pdpID + "?type=Status"; + contentObj = null; + if(CheckPDP.validateID(pdpID)){ + encoding = CheckPDP.getEncoding(pdpID); + } + } + + + URL url = new URL(fullURL); + + // + // Open up the connection + // + connection = (HttpURLConnection)url.openConnection(); + // + // Setup our method and headers + // connection.setRequestMethod(method); connection.setUseCaches(false); // @@ -400,118 +400,121 @@ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAP // connection.setInstanceFollowRedirects(false); connection.setRequestProperty("Authorization", "Basic " + encoding); - connection.setDoOutput(true); - connection.setDoInput(true); - - if (contentObj != null) { - if (contentObj instanceof InputStream) { - try { - // - // Send our current policy configuration - // - try (OutputStream os = connection.getOutputStream()) { - int count = IOUtils.copy((InputStream)contentObj, os); - if (LOGGER.isDebugEnabled()) { - LOGGER.debug("copied to output, bytes="+count); - } - } - } catch (Exception e) { - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Failed to write content in '" + method + "'", e); - } - } else { - // The contentObj is an object to be encoded in JSON - ObjectMapper mapper = new ObjectMapper(); - mapper.writeValue(connection.getOutputStream(), contentObj); - } - } + connection.setDoOutput(true); + connection.setDoInput(true); + + if (contentObj != null) { + if (contentObj instanceof InputStream) { + try { + // + // Send our current policy configuration + // + try (OutputStream os = connection.getOutputStream()) { + int count = IOUtils.copy((InputStream)contentObj, os); + if (LOGGER.isDebugEnabled()) { + LOGGER.debug("copied to output, bytes="+count); + } + } + } catch (Exception e) { + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Failed to write content in '" + method + "'", e); + } + } else { + // The contentObj is an object to be encoded in JSON + ObjectMapper mapper = new ObjectMapper(); + mapper.writeValue(connection.getOutputStream(), contentObj); + } + } // // Do the connect // connection.connect(); if (connection.getResponseCode() == 204) { - LOGGER.info("Success - no content."); - return null; + LOGGER.info("Success - no content."); + return null; } else if (connection.getResponseCode() == 200) { - LOGGER.info("Success. We have a return object."); - String isValidData = connection.getHeaderField("isValidData"); - String isSuccess = connection.getHeaderField("successMapKey"); - Map<String, String> successMap = new HashMap<>(); - if (isValidData != null && "true".equalsIgnoreCase(isValidData)){ - LOGGER.info("Policy Data is valid."); - return true; - } else if (isValidData != null && "false".equalsIgnoreCase(isValidData)) { - LOGGER.info("Policy Data is invalid."); - return false; - } else if (isSuccess != null && "success".equalsIgnoreCase(isSuccess)) { - LOGGER.info("Policy Created Successfully!" ); - String finalPolicyPath = connection.getHeaderField("finalPolicyPath"); - successMap.put("success", finalPolicyPath); - return successMap; - } else if (isSuccess != null && "error".equalsIgnoreCase(isSuccess)) { - LOGGER.info("There was an error while creating the policy!"); - successMap.put("error", "error"); - return successMap; - } else { - // get the response content into a String - String json = null; - // read the inputStream into a buffer (trick found online scans entire input looking for end-of-file) - java.util.Scanner scanner = new java.util.Scanner(connection.getInputStream()); - scanner.useDelimiter("\\A"); - json = scanner.hasNext() ? scanner.next() : ""; - scanner.close(); - LOGGER.info("JSON response from PAP: " + json); - - // convert Object sent as JSON into local object - ObjectMapper mapper = new ObjectMapper(); - mapper.disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES); - if (collectionTypeClass != null) { - // collection of objects expected - final CollectionType javaType = - mapper.getTypeFactory().constructCollectionType(collectionTypeClass, responseContentClass); - - return mapper.readValue(json, javaType); - } else { - // single value object expected - return mapper.readValue(json, responseContentClass); - } - } + LOGGER.info("Success. We have a return object."); + String isValidData = connection.getHeaderField("isValidData"); + String isSuccess = connection.getHeaderField("successMapKey"); + Map<String, String> successMap = new HashMap<>(); + if (isValidData != null && "true".equalsIgnoreCase(isValidData)){ + LOGGER.info("Policy Data is valid."); + return true; + } else if (isValidData != null && "false".equalsIgnoreCase(isValidData)) { + LOGGER.info("Policy Data is invalid."); + return false; + } else if (isSuccess != null && "success".equalsIgnoreCase(isSuccess)) { + LOGGER.info("Policy Created Successfully!" ); + String finalPolicyPath = connection.getHeaderField("finalPolicyPath"); + successMap.put("success", finalPolicyPath); + return successMap; + } else if (isSuccess != null && "error".equalsIgnoreCase(isSuccess)) { + LOGGER.info("There was an error while creating the policy!"); + successMap.put("error", "error"); + return successMap; + } else { + // get the response content into a String + String json = null; + // read the inputStream into a buffer (trick found online scans entire input looking for end-of-file) + try(java.util.Scanner scanner = new java.util.Scanner(connection.getInputStream())) { + scanner.useDelimiter("\\A"); + json = scanner.hasNext() ? scanner.next() : ""; + } catch (Exception e){ + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Failed to read inputStream from connection: " + e, e); + throw e; + } + LOGGER.info("JSON response from PAP: " + json); + + // convert Object sent as JSON into local object + ObjectMapper mapper = new ObjectMapper(); + mapper.disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES); + if (collectionTypeClass != null) { + // collection of objects expected + final CollectionType javaType = + mapper.getTypeFactory().constructCollectionType(collectionTypeClass, responseContentClass); + + return mapper.readValue(json, javaType); + } else { + // single value object expected + return mapper.readValue(json, responseContentClass); + } + } } else if (connection.getResponseCode() >= 300 && connection.getResponseCode() <= 399) { - // redirection - String newURL = connection.getHeaderField("Location"); - if (newURL == null) { - LOGGER.error("No Location header to redirect to when response code="+connection.getResponseCode()); - throw new IOException("No redirect Location header when response code="+connection.getResponseCode()); - } - int qIndex = newURL.indexOf('?'); - if (qIndex > 0) { - newURL = newURL.substring(0, qIndex); - } - LOGGER.info("Redirect seen. Redirecting " + fullURL + " to " + newURL); - return newURL; + // redirection + String newURL = connection.getHeaderField("Location"); + if (newURL == null) { + LOGGER.error("No Location header to redirect to when response code="+connection.getResponseCode()); + throw new IOException("No redirect Location header when response code="+connection.getResponseCode()); + } + int qIndex = newURL.indexOf('?'); + if (qIndex > 0) { + newURL = newURL.substring(0, qIndex); + } + LOGGER.info("Redirect seen. Redirecting " + fullURL + " to " + newURL); + return newURL; } else { - LOGGER.warn("Unexpected response code: " + connection.getResponseCode() + " message: " + connection.getResponseMessage()); - throw new IOException("Server Response: " + connection.getResponseCode() + ": " + connection.getResponseMessage()); + LOGGER.warn("Unexpected response code: " + connection.getResponseCode() + " message: " + connection.getResponseMessage()); + throw new IOException("Server Response: " + connection.getResponseCode() + ": " + connection.getResponseMessage()); } - } catch (Exception e) { - LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "HTTP Request/Response to PAP: " + e,e); - throw new PAPException("Request/Response threw :" + e); - } finally { - // cleanup the connection - if (connection != null) { - try { - // For some reason trying to get the inputStream from the connection - // throws an exception rather than returning null when the InputStream does not exist. - InputStream is = connection.getInputStream(); - if (is != null) { - is.close(); - } - } catch (IOException ex) { - LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Failed to close connection: " + ex, ex); - } - connection.disconnect(); - } - } - } + } catch (Exception e) { + LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "HTTP Request/Response to PAP: " + e,e); + throw new PAPException("Request/Response threw :" + e); + } finally { + // cleanup the connection + if (connection != null) { + try { + // For some reason trying to get the inputStream from the connection + // throws an exception rather than returning null when the InputStream does not exist. + InputStream is = connection.getInputStream(); + if (is != null) { + is.close(); + } + } catch (IOException ex) { + LOGGER.error(XACMLErrorConstants.ERROR_PROCESS_FLOW + "Failed to close connection: " + ex, ex); + } + connection.disconnect(); + } + } + } } |