From c5d97e8a9a6bea71f3be329a2e44bdbe5fe50882 Mon Sep 17 00:00:00 2001 From: Michael Mokry Date: Mon, 5 Feb 2018 09:48:59 -0600 Subject: MS Model Input Validation - Provides validation for MS policy input content body that matches the GUI validations when create/update MS policy from API - Added changes to satisfy review comments and updated copywright headers for modified and new files Change-Id: I02bfa639bffb48520badd0e4fa34eb36418547ae Issue-ID: POLICY-377 Signed-off-by: Michael Mokry --- .../onap/policy/rest/util/PolicyValidation.java | 95 ++++++++++++---------- .../rest/util/PolicyValidationRequestWrapper.java | 32 ++++---- 2 files changed, 71 insertions(+), 56 deletions(-) (limited to 'ONAP-REST/src/main/java/org/onap') diff --git a/ONAP-REST/src/main/java/org/onap/policy/rest/util/PolicyValidation.java b/ONAP-REST/src/main/java/org/onap/policy/rest/util/PolicyValidation.java index 446073d40..47291cf7f 100644 --- a/ONAP-REST/src/main/java/org/onap/policy/rest/util/PolicyValidation.java +++ b/ONAP-REST/src/main/java/org/onap/policy/rest/util/PolicyValidation.java @@ -515,7 +515,7 @@ public class PolicyValidation { if (MICROSERVICES.equals(policyData.getConfigPolicyType())){ if(!Strings.isNullOrEmpty(policyData.getServiceType())){ - modelRequiredFieldsList = new ArrayList<>(); + modelRequiredFieldsList.clear(); pullJsonKeyPairs((JsonNode) policyData.getPolicyJSON()); String service; @@ -570,7 +570,7 @@ public class PolicyValidation { } } else { // Validate for configName, location, uuid, and policyScope if no annotations exist for this model - if(Strings.isNullOrEmpty(policyData.getMsLocation())){ + if(Strings.isNullOrEmpty(policyData.getLocation())){ responseString.append("Micro Service Model: location is required for this model" + HTML_ITALICS_LNBREAK); valid = false; } @@ -591,51 +591,64 @@ public class PolicyValidation { } } - // get list of required fields from the sub_Attributes of the Model - if(!Strings.isNullOrEmpty(subAttributes)) { - JsonObject subAttributesJson = stringToJsonObject(subAttributes); - findRequiredFields(subAttributesJson); - } - - // get list of required fields from the attributes of the Model - if (!Strings.isNullOrEmpty(modelAttributes)) { - Map modelAttributesMap = Splitter.on(",").withKeyValueSeparator("=").split(modelAttributes); - String json = new ObjectMapper().writeValueAsString(modelAttributesMap); - findRequiredFields(stringToJsonObject(json)); - } - - // get list of required fields from the ref_Attributes of the Model - if (!Strings.isNullOrEmpty(refAttributes)) { - Map refAttributesMap = Splitter.on(",").withKeyValueSeparator("=").split(refAttributes); - String json = new ObjectMapper().writeValueAsString(refAttributesMap); - findRequiredFields(stringToJsonObject(json)); - } - - // Validate Required Fields in the Micro Service Model - if (modelRequiredFieldsList!=null || !modelRequiredFieldsList.isEmpty()) { - // create jsonRequestMap with all json keys and values from request - JsonNode rootNode = (JsonNode) policyData.getPolicyJSON(); - pullModelJsonKeyPairs(rootNode); + // If request comes from the API we need to validate required fields in the Micro Service Model + // GUI request are already validated from the SDK-APP + if("API".equals(policyData.getApiflag())){ + // get list of required fields from the sub_Attributes of the Model + if(!Strings.isNullOrEmpty(subAttributes)) { + JsonObject subAttributesJson = stringToJsonObject(subAttributes); + findRequiredFields(subAttributesJson); + } + + // get list of required fields from the attributes of the Model + if (!Strings.isNullOrEmpty(modelAttributes)) { + Map modelAttributesMap = null; + if (",".equals(modelAttributes.substring(modelAttributes.length()-1))) { + String attributeString = modelAttributes.substring(0, modelAttributes.length()-1); + modelAttributesMap = Splitter.on(",").withKeyValueSeparator("=").split(attributeString); + } else { + modelAttributesMap = Splitter.on(",").withKeyValueSeparator("=").split(modelAttributes); + } + String json = new ObjectMapper().writeValueAsString(modelAttributesMap); + findRequiredFields(stringToJsonObject(json)); + } - // validate if the requiredFields are in the request - for(String requiredField : modelRequiredFieldsList) { - if (jsonRequestMap.containsKey(requiredField)) { - String value = jsonRequestMap.get(requiredField); - if(Strings.isNullOrEmpty(jsonRequestMap.get(requiredField)) || - "\"\"".equals(value) || - "".equals(jsonRequestMap.get(requiredField))){ + // get list of required fields from the ref_Attributes of the Model + if (!Strings.isNullOrEmpty(refAttributes)) { + Map refAttributesMap = null; + if (",".equals(refAttributes.substring(refAttributes.length()-1))) { + String attributesString = refAttributes.substring(0, refAttributes.length()-1); + refAttributesMap = Splitter.on(",").withKeyValueSeparator("=").split(attributesString); + } else { + refAttributesMap = Splitter.on(",").withKeyValueSeparator("=").split(modelAttributes); + } + String json = new ObjectMapper().writeValueAsString(refAttributesMap); + findRequiredFields(stringToJsonObject(json)); + } + + if (modelRequiredFieldsList!=null || !modelRequiredFieldsList.isEmpty()) { + // create jsonRequestMap with all json keys and values from request + JsonNode rootNode = (JsonNode) policyData.getPolicyJSON(); + jsonRequestMap.clear(); + pullModelJsonKeyPairs(rootNode); + + // validate if the requiredFields are in the request + for(String requiredField : modelRequiredFieldsList) { + if (jsonRequestMap.containsKey(requiredField)) { + String value = jsonRequestMap.get(requiredField); + if(Strings.isNullOrEmpty(jsonRequestMap.get(requiredField)) || + "\"\"".equals(value) || + "".equals(jsonRequestMap.get(requiredField))){ + responseString.append("Micro Service Model: " + requiredField + " is required" + HTML_ITALICS_LNBREAK); + valid = false; + } + } else { responseString.append("Micro Service Model: " + requiredField + " is required" + HTML_ITALICS_LNBREAK); valid = false; } - } else { - responseString.append("Micro Service Model: " + requiredField + " is required" + HTML_ITALICS_LNBREAK); - valid = false; } } - } - - - + } } else { responseString.append("Micro Service Model: Invalid Model. The model name, " + service + " of version, " + version + " was not found in the dictionary" + HTML_ITALICS_LNBREAK); diff --git a/ONAP-REST/src/main/java/org/onap/policy/rest/util/PolicyValidationRequestWrapper.java b/ONAP-REST/src/main/java/org/onap/policy/rest/util/PolicyValidationRequestWrapper.java index f19773964..76584e7c7 100644 --- a/ONAP-REST/src/main/java/org/onap/policy/rest/util/PolicyValidationRequestWrapper.java +++ b/ONAP-REST/src/main/java/org/onap/policy/rest/util/PolicyValidationRequestWrapper.java @@ -52,6 +52,9 @@ public class PolicyValidationRequestWrapper { private static final Logger LOGGER = FlexLogger.getLogger(PolicyValidationRequestWrapper.class); public static final String CONFIG_NAME="configName"; + public static final String INVALIDJSON = " improper JSON format: "; + public static final String ONAPNAME = "onapname"; + public static final String SERVICETYPE_POLICY_NAME = "serviceTypePolicyName"; public PolicyRestAdapter populateRequestParameters(HttpServletRequest request) { @@ -107,6 +110,7 @@ public class PolicyValidationRequestWrapper { policyData.setRiskLevel(parameters.getRiskLevel());//Safe parameters Attributes policyData.setGuard(String.valueOf(parameters.getGuard()));//Safe parameters Attributes policyData.setTtlDate(convertDate(parameters.getTtlDate()));//Safe parameters Attributes + policyData.setApiflag("API"); //Some policies require jsonObject conversion from String for configBody (i.e. MicroService and Firewall) JsonObject json = null; @@ -115,7 +119,7 @@ public class PolicyValidationRequestWrapper { json = stringToJsonObject(parameters.getConfigBody()); } } catch(JsonException| IllegalStateException e){ - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + parameters.getConfigBody(); + String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ INVALIDJSON + parameters.getConfigBody(); LOGGER.error(message, e); return null; } @@ -284,7 +288,7 @@ public class PolicyValidationRequestWrapper { try { policyJSON = mapper.readTree(content); } catch (IOException e) { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + parameters.getConfigBody(); + String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ INVALIDJSON + parameters.getConfigBody(); LOGGER.error(message, e); return null; } @@ -300,7 +304,7 @@ public class PolicyValidationRequestWrapper { } if (json.containsKey("location")){ String msLocation = json.get("location").toString().replace("\"", ""); - policyData.setMsLocation(msLocation); + policyData.setLocation(msLocation); } if (json.containsKey(CONFIG_NAME)){ String configName = json.get(CONFIG_NAME).toString().replace("\"", ""); @@ -331,7 +335,7 @@ public class PolicyValidationRequestWrapper { policyData.setGuard(guard); } } else { - String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ " improper JSON object : " + parameters.getConfigBody(); + String message = XACMLErrorConstants.ERROR_DATA_ISSUE+ INVALIDJSON + parameters.getConfigBody(); LOGGER.error(message); return null; } @@ -339,12 +343,11 @@ public class PolicyValidationRequestWrapper { } else if("Fault".equals(parameters.getPolicyConfigType().toString())){ policyData.setConfigPolicyType("ClosedLoop_Fault"); - policyData.setApiflag("API"); if(json != null){ policyData.setJsonBody(json.toString()); - if (json.get("onapname")!=null){ - String onapName = json.get("onapname").toString().replace("\"", ""); + if (json.get(ONAPNAME)!=null){ + String onapName = json.get(ONAPNAME).toString().replace("\"", ""); policyData.setOnapName(onapName); } } @@ -355,14 +358,14 @@ public class PolicyValidationRequestWrapper { if(json != null){ policyData.setJsonBody(json.toString()); - if (json.get("onapname")!=null){ - String onapName = json.get("onapname").toString().replace("\"", ""); + if (json.get(ONAPNAME)!=null){ + String onapName = json.get(ONAPNAME).toString().replace("\"", ""); policyData.setOnapName(onapName); } - if (json.get("serviceTypePolicyName")!=null){ - String serviceType = json.get("serviceTypePolicyName").toString().replace("\"", ""); + if (json.get(SERVICETYPE_POLICY_NAME)!=null){ + String serviceType = json.get(SERVICETYPE_POLICY_NAME).toString().replace("\"", ""); LinkedHashMap serviceTypePolicyName = new LinkedHashMap<>(); - serviceTypePolicyName.put("serviceTypePolicyName", serviceType); + serviceTypePolicyName.put(SERVICETYPE_POLICY_NAME, serviceType); policyData.setServiceTypePolicyName(serviceTypePolicyName); } } @@ -377,11 +380,10 @@ public class PolicyValidationRequestWrapper { return policyData; } - + private JsonObject stringToJsonObject(String value) { - try(JsonReader jsonReader = Json.createReader(new StringReader(value))){ - return jsonReader.readObject(); + return jsonReader.readObject(); } catch(JsonException| IllegalStateException e){ LOGGER.info(XACMLErrorConstants.ERROR_DATA_ISSUE+ "Improper JSON format... may or may not cause issues in validating the policy: " + value, e); return null; -- cgit 1.2.3-korg