From c5d97e8a9a6bea71f3be329a2e44bdbe5fe50882 Mon Sep 17 00:00:00 2001 From: Michael Mokry Date: Mon, 5 Feb 2018 09:48:59 -0600 Subject: MS Model Input Validation - Provides validation for MS policy input content body that matches the GUI validations when create/update MS policy from API - Added changes to satisfy review comments and updated copywright headers for modified and new files Change-Id: I02bfa639bffb48520badd0e4fa34eb36418547ae Issue-ID: POLICY-377 Signed-off-by: Michael Mokry --- .../services/CreateUpdatePolicyServiceImpl.java | 16 +++++++++---- .../pdp/rest/api/services/DeletePolicyService.java | 20 ++++++++-------- .../pdp/rest/api/services/NotificationService.java | 5 ++-- .../policy/pdp/rest/api/services/PAPServices.java | 27 ++++++++++++---------- 4 files changed, 40 insertions(+), 28 deletions(-) (limited to 'ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services') diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/CreateUpdatePolicyServiceImpl.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/CreateUpdatePolicyServiceImpl.java index f91f6e2f2..62b850370 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/CreateUpdatePolicyServiceImpl.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/CreateUpdatePolicyServiceImpl.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP-PDP-REST * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -177,7 +177,7 @@ public class CreateUpdatePolicyServiceImpl implements CreateUpdatePolicyService response = microServicesPolicyService.getResult(updateFlag); break; default: - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " Invalid Config Type Present"; + message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " Invalid Config Type Present"; LOGGER.error(message); status = HttpStatus.BAD_REQUEST; return message; @@ -208,7 +208,7 @@ public class CreateUpdatePolicyServiceImpl implements CreateUpdatePolicyService break; } }else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Class found."; + message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Class found."; LOGGER.error(message); status = HttpStatus.BAD_REQUEST; response = message; @@ -254,7 +254,12 @@ public class CreateUpdatePolicyServiceImpl implements CreateUpdatePolicyService try { PolicyValidationRequestWrapper wrapper = new PolicyValidationRequestWrapper(); PolicyRestAdapter policyData = wrapper.populateRequestParameters(policyParameters); - responseString = validation.validatePolicy(policyData); + if(policyData!=null) { + responseString = validation.validatePolicy(policyData); + } else { + message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + policyParameters.getConfigBody(); + return false; + } } catch (Exception e) { LOGGER.error("Exception Occured during Policy Validation" +e); if(e.getMessage()!=null){ @@ -277,7 +282,8 @@ public class CreateUpdatePolicyServiceImpl implements CreateUpdatePolicyService } if (responseString!=null){ - if("success".equals(responseString.toString())||"success@#".equals(responseString.toString())){ + String response = responseString.toString().substring(0, 7); + if("success".equals(response)) { return true; } else { message = XACMLErrorConstants.ERROR_DATA_ISSUE + PolicyApiUtils.formatResponse(responseString); diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/DeletePolicyService.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/DeletePolicyService.java index 01670a5fd..144d3a48d 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/DeletePolicyService.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/DeletePolicyService.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP-PDP-REST * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -75,13 +75,15 @@ public class DeletePolicyService { return; } if (deleteResult.contains("BAD REQUEST")||deleteResult.contains("PE300")||deleteResult.contains("PE200")||deleteResult.contains("not exist")||deleteResult.contains("Invalid policyName")) { - status = HttpStatus.BAD_REQUEST; + if(deleteResult.contains("groupId")) { + status = HttpStatus.NOT_FOUND; + } else { + status = HttpStatus.BAD_REQUEST; + } } else if (deleteResult.contains("locked down")){ status = HttpStatus.ACCEPTED; } else if (deleteResult.contains("not Authorized")) { status = HttpStatus.FORBIDDEN; - } else if (deleteResult.contains("groupId")) { - status = HttpStatus.NOT_FOUND; } else if (deleteResult.contains("JPAUtils")||deleteResult.contains("database")||deleteResult.contains("policy file")|| deleteResult.contains("unknown")||deleteResult.contains("configuration")) { status = HttpStatus.INTERNAL_SERVER_ERROR; @@ -148,7 +150,7 @@ public class DeletePolicyService { if ("PAP".equalsIgnoreCase(deletePolicyParameters.getPolicyComponent())) { if (deletePolicyParameters.getDeleteCondition()==null||deletePolicyParameters.getDeleteCondition().toString().trim().isEmpty()){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Delete Condition given."; + message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Delete Condition given."; LOGGER.error(message); return message; } @@ -158,14 +160,14 @@ public class DeletePolicyService { response = (String) papServices.callPAP(deletePapPolicy, new String[] {"groupId="+pdpGroup, "apiflag=deletePapApi", "operation=delete" }, deletePolicyParameters.getRequestID(), clientScope); } else if ("PDP".equalsIgnoreCase(deletePolicyParameters.getPolicyComponent())) { if (deletePolicyParameters.getPdpGroup()==null||deletePolicyParameters.getPdpGroup().trim().isEmpty()){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No PDP Group given."; + message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No PDP Group given."; LOGGER.error(message); return message; } //send JSON object to PAP response = (String) papServices.callPAP(null, new String[] {"policyName="+fullPolicyName, "groupId="+pdpGroup, "apiflag=deletePdpApi", "operation=delete" }, deletePolicyParameters.getRequestID(), clientScope); } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "Policy Component does not exist. Please enter either PAP or PDP to delete the policy from a specified Policy Component."; + message = XACMLErrorConstants.ERROR_DATA_ISSUE + "Policy Component does not exist. Please enter either PAP or PDP to delete the policy from a specified Policy Component."; LOGGER.error(message); response = message; } @@ -181,9 +183,9 @@ public class DeletePolicyService { if (!deletePolicyParameters.getPolicyName().contains("xml")) { if (deletePolicyParameters.getPolicyName() != null && deletePolicyParameters.getPolicyName().contains(".")) { - policyName = deletePolicyParameters.getPolicyName().substring(deletePolicyParameters.getPolicyName().lastIndexOf(".") + 1, + policyName = deletePolicyParameters.getPolicyName().substring(deletePolicyParameters.getPolicyName().lastIndexOf('.') + 1, deletePolicyParameters.getPolicyName().length()); - policyScope = deletePolicyParameters.getPolicyName().substring(0,deletePolicyParameters.getPolicyName().lastIndexOf(".")); + policyScope = deletePolicyParameters.getPolicyName().substring(0,deletePolicyParameters.getPolicyName().lastIndexOf('.')); LOGGER.info("Name is " + policyName + " scope is " + policyScope); } else { message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given."; diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/NotificationService.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/NotificationService.java index bba51965b..3806d26d9 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/NotificationService.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/NotificationService.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP-PDP-REST * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -304,8 +304,9 @@ public class NotificationService { aafLogin, aafPassword); // Sending notification through DMaaP Message Router + logger.info("NotificationService: send DMaaP Message. "); publisher.send( "MyPartitionKey", notification); - logger.debug("Message Published on DMaaP :" + dmaapList.get(0) + "for Topic: " + topic); + logger.info("Message Published on DMaaP :" + dmaapList.get(0) + "for Topic: " + topic); publisher.close(); } diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java index 72d8fdeec..57a80b5d1 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/api/services/PAPServices.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * ONAP-PDP-REST * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -111,7 +111,7 @@ public class PAPServices { // This makes it Real-Time to change the list depending on their // availability. if (paps == null || paps.isEmpty()) { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "PAPs List is Empty."; + String message = XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAPs List is Empty."; LOGGER.error(message); throw new PolicyException(message); } @@ -215,7 +215,7 @@ public class PAPServices { } return response; } else { - response = XACMLErrorConstants.ERROR_SYSTEM_ERROR + response = XACMLErrorConstants.ERROR_DATA_ISSUE + "Unable to get valid response from PAP(s) " + paps; return response; } @@ -415,10 +415,10 @@ public class PAPServices { + ". PEP is not Authorized for making this Request!! \n Contact Administrator for this Scope. "; LOGGER.error(response); } else if (connection.getResponseCode() == 404 && connection.getHeaderField("error") != null) { - if ("unknownGroupId".equals(connection.getHeaderField("error"))) { + if ("UnknownGroup".equals(connection.getHeaderField("error"))) { response = XACMLErrorConstants.ERROR_DATA_ISSUE + connection.getHeaderField("message") - + " Please check the pdpGroup you are requesting to move the policy to."; + + " Please check the pdpGroup you are requesting to push the policy to."; LOGGER.error(response); } else if ("policyNotAvailableForEdit".equals(connection.getHeaderField("error"))) { response = XACMLErrorConstants.ERROR_DATA_ISSUE @@ -490,13 +490,16 @@ public class PAPServices { response = XACMLErrorConstants.ERROR_UNKNOWN + "Could not create or update the policy for and unknown reason"; }else{ - response = XACMLErrorConstants.ERROR_DATA_ISSUE - + "BAD REQUEST: Error occured while attempting perform this operation.. the request may be incorrect. " + connection.getHeaderField("error"); + response = XACMLErrorConstants.ERROR_SYSTEM_ERROR + + "Error occured while attempting perform this operation.. " + + "the request may be incorrect or the PAP is unreachable. " + + connection.getHeaderField("error"); } LOGGER.error(response); } else { - response = XACMLErrorConstants.ERROR_DATA_ISSUE - + "BAD REQUEST: Error occured while attempting perform this operation.. the request may be incorrect."; + response = XACMLErrorConstants.ERROR_SYSTEM_ERROR + + "Error occured while attempting perform this operation.. " + + "the request may be incorrect or the PAP is unreachable."; LOGGER.error(response); } return response; @@ -544,11 +547,11 @@ public class PAPServices { + "\"policyName\": \""+policyName+"\"," + "\"clientScope\": \""+clientScope+"\"," + "\"pdpGroup\": \""+pdpGroup+"\"}"; - //String response = null; - HttpURLConnection connection = null; + + HttpURLConnection connection = null; responseCode = 0; if (paps == null || paps.isEmpty()) { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "PAPs List is Empty."; + String message = XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PAPs List is Empty."; LOGGER.error(message); throw new PolicyException(message); } -- cgit 1.2.3-korg